Mutual Authentication in Body Area Networks (BANs) Using Multi-Biometric and Physiological Signal-Based Key Agreement

Abstract

The development of wireless technology has had a major impact on the wireless body area networks (WBANs) especially in the medical field where a small wireless sensor is installed in, on, or around the patient’s body for real-time health monitoring and personalized medical treatment. However, the data is collected by the sensors and transmitted via wireless channels. This could make the channel vulnerable to being accessed and falsified by an unauthorized user and may put the lives of the patient at risk and might give a false alarm. Therefore, a secure authentication and data encryption scheme in BANs is needed in a device to establish the interaction. The asymmetric cryptosystems that function in BANs can cause a Man-in-the-Middle attack because the initial requirement in BAN requires the user to configure a master key or password. The impersonation attack may also involve BAN where other individual pretends to be the owner of the devices and lastly Eavesdropping attack where the attack eavesdrops on transmission to unlock devices. With the existing schemes, mutual authentication using the biometric features (fingerprint) and the physiological signal from the electrocardiogram database is used to make sure the authentication is more secure, reliable, and accurate. In this paper, we proposed a new multifactor authentication scheme on biometric authentication which is the retina scan. We proposed the retina scan because the retina of the human eye is unique, remains the same, and cannot be obtained from anywhere which makes it difficult to forge. We also added a new device which is a smart watch to receive a key agreement message from the fingerprint to double confirm the same identification. This is to make sure high security is obtained and offered simplicity, efficiency, and precision scheme for the authentication.