DOI QR코드

DOI QR Code

A Lightweight Integrity Authentication Scheme based on Reversible Watermark for Wireless Body Area Networks

  • Liu, Xiyao (The Communication and Information Security Lab, Institute of Big Data Technologies, Shenzhen Graduate School Peking University) ;
  • Ge, Yu (Institute for Infocomm Research) ;
  • Zhu, Yuesheng (The Communication and Information Security Lab, Institute of Big Data Technologies, Shenzhen Graduate School Peking University) ;
  • Wu, Dajun (Institute for Infocomm Research)
  • Received : 2014.04.28
  • Accepted : 2014.10.22
  • Published : 2014.12.31

Abstract

Integrity authentication of biometric data in Wireless Body Area Network (WBAN) is a critical issue because the sensitive data transmitted over broadcast wireless channels could be attacked easily. However, traditional cryptograph-based integrity authentication schemes are not suitable for WBAN as they consume much computational resource on the sensor nodes with limited memory, computational capability and power. To address this problem, a novel lightweight integrity authentication scheme based on reversible watermark is proposed for WBAN and implemented on a TinyOS-based WBAN test bed in this paper. In the proposed scheme, the data is divided into groups with a fixed size to improve grouping efficiency; the histogram shifting technique is adopted to avoid possible underflow or overflow; local maps are generated to restore the shifted data; and the watermarks are generated and embedded in a chaining way for integrity authentication. Our analytic and experimental results demonstrate that the integrity of biometric data can be reliably authenticated with low cost, and the data can be entirely recovered for healthcare applications by using our proposed scheme.

Keywords

1. Introduction

In general, a Wireless Body Area Network (WBAN) consists of several small wearable or implantable sensors on/near/in a human body and a data aggregator to collect and process the sensor data. By collecting a person’s biometric data, the continuous, real-time and ubiquitous health monitoring system with a WBAN can improve the quality of healthcare services [1-5]. However, the sensitive biometric data transmitted over the broadcast wireless channels in WBAN could be attacked easily, therefore how to ensure the integrity of data is one of the major security issues in WBAN [6-7]. Cryptography-based integrity authentication schemes [8-11], although ensuring the data integrity, are not suitable for the resource-constrained WBAN, due to their high demanding of memory, computational capability and power [12, 16-17].

By contrast, watermark-based schemes are lightweight solutions for integrity authentication [13-17]. In these schemes, the streaming data is divided into different groups; the watermarks are subsequently generated from the data groups and finally embedded into them in a chaining way. These watermarks will be damaged if there is any modification, insertion or deletion in the streaming data, thus the integrity of the streaming data can be verified by checking the watermarks. Most of the watermark-based schemes [13-16] introduce certain irreversible modifications to the streaming data. These slight modifications do not significantly affect the information expression and might be acceptable for non-critical applications. However, they cannot be applied directly to healthcare applications in WBAN because the biometric data is extremely sensitive that any inaccuracies can lead to incorrect medical assessments and potential serious consequences.

Recently, an integrity authentication scheme based on reversible fragile watermarking method for Wireless Sensor Network (WSN) was proposed by Shi et al [17]. This heuristic scheme is designed to avoid the modifications introduced by the watermark embedding. However, the hash values for each data element need to be calculated individually in its dynamic grouping method with variable group sizes. As a result, its computational complexity is much higher than that of the static grouping method with a fixed group size [16] in which only one hash value of the whole group is calculated. Considering the constraint of limited computational resources on a sensor node, the static grouping method is more suitable for WBAN. More importantly, the underflows and overflows may be caused by expanding of prediction errors during its watermark embedding process, which would cause errors in the recovered data and should be completely prevented.

For image authentication, the histogram shifting was adopted to avoid the risks of underflows and overflows in Tai’s reversible watermarking scheme [18]. In this scheme, a local map is generated to restore the pixels changed by the histogram shifting and compressed in a lossless manner by using the run-length coding algorithm. The watermark is then generated by concatenating the compressed local map with the copyright information and embedded by expanding the difference of adjacent pixels. However, when this scheme is directly applied to authenticate the streaming data in WBAN, its watermarking procedure cannot chain the data groups together to check the insertions or deletions of groups; it also introduces additional cost for compressing the local map by using the run-length coding algorithm.

In this paper, a novel integrity authentication scheme based on reversible watermark for WBAN is proposed to solve the aforementioned problems. The key points of the proposed scheme are as follows:

1) A static grouping method is applied to improve resource efficiency, which is different from Shi’s scheme.

2) In our scheme, each data group is considered similar to one image in Tai’s scheme [18]: the histogram distribution of the data elements in one group is shifted to avoid possible underflow or overflow; the local maps of different groups are generated to restore the shifted data and embedded as a part of watermark to save the transmission overhead for recording them; and a watermark is embedded by expanding the difference of adjacent data elements in one group for data restoring. Unlike Tai’s scheme, the watermark embedded in the current group is generated by concatenating the hash values of the former group and the local map of the current group. In this manner, different groups are chained together, which is crucial to authenticate the integrity of streaming data. In addition, the run-length coding algorithm for compressing the local maps is not used to save the computational resource.

3) Unlike other watermark-based authentication schemes, the proposed scheme is implemented on a TinyOS-based WBAN test bed to validate its feasibility and effectiveness.

Our security analysis and experimental results demonstrate that the proposed scheme can detect any modification, insertion or deletion on biometric data reliably, without any underflow or overflow during the watermarking processes, and the original data can be entirely recovered after the watermark extraction. The computational complexity of our schemes is much lower compared to that of the Shi’s scheme [17]. Lastly, the transmission overhead in the proposed scheme is insignificant.

The rest of the paper is organized as follows. The detailed description of our proposed scheme is provided in Section 2. The security analysis and experimental results are discussed in Section 3 and Section 4 respectively. Finally, the conclusions are drawn in Section 5 draws the conclusions.

The notations used in our paper are listed in Table 1.

Table 1.Notations

 

2. Proposed Integrity Authentication Scheme

2.1 System Model

The system model of the proposed integrity authentication scheme is shown in Fig. 1. In this system, the watermarks are generated from the collected biometric data and embedded into it at the sensor mote, and then the watermarked biometric data is sent to the base station through WBAN. At the base station, the watermarks are extracted for integrity authentication and the original data is restored for further healthcare applications. The detailed procedures of integrity authentication scheme will be described in the following sections.

Fig. 1.System model

2.2 Encoding Phase

The encoding phase is executed on the sensor mote, where the collected biometric data is divided to a series of groups. For each group, the histogram distribution of its data elements is shifted and a local map is obtained. The watermark is generated from the hash value of the former group and the local map of current group, and then embedded into the current group by expanding the difference of adjacent data elements. The detailed procedures are shown in Fig. 2 and described below.

Fig. 2.Block diagram of encoding phase

1) Data grouping

The biometric data is collected continuously in real time by the wearable sensor mote, and then divided into a series of groups with a fixed size in a similar manner to the method in literature [16]. Without loss of generality, it is assumed that each group contains N data elements, and N is usually a large number to ensure the watermark embedding capacity. Due to the limitation of packet payload size in WBAN, each group is needed to be further divided into several packets consisting of several data elements for transmission. To help the receiver to identify which group is attacked and count how many group insertions or deletions occur, a SN is generated and attached to the packet. The SN is an ascending number from 0 to 2m− 1. Once SN reaches to 2m− 1, it is reset to 0 to prevent the indefinitely increasing. In addition, a DF is generated for the packet to identify when a group ends. It is set to 1 when a group ends and set to 0 otherwise. Both of the SN and DF are designed for individual packet rather than for a group in our grouping method, which is different from the method adopted in the literature [16]. The overhead caused by the design of SN and DF is (m+1)/8 bytes per packet. It is expected to be negligible when the packet size is sufficiently large, which will be described in detail in Section 4.2.3. Fig. 3 shows an example of data grouping.

Fig. 3.Example of data grouping

2) Histogram shifting and local map generation

In general, the differences between two adjacent data elements collected by sensor mote are usually small since the sampling rate of sensor mote is quite high for healthcare applications in WBAN. This situation is similar to that of two adjacent pixels in one image. Therefore, a data group in our scheme is considered similar to an image in Tai’s scheme [18]. For each group, the histogram distribution of data elements is narrowed down by 2L units from both sides, and a local map is generated to distinguish the data elements changed by histogram shifting from the unchanged ones according to the following rule: for a data element with the original value in the range [0, 2L-1] or [2S -2L, 2S-1], 1 is assigned in the local map; for a data element with the original value is in the range [2L, 2L+1-1] or [2S -2L+1, 2S -2L-1], 0 is assigned in the local map. L is determined by the payload size of the copyright information.

3) Hash calculation

For Gi, hi is computed for generating the watermark as shown in Eq. (1). If Gi is attacked, the calculated hi’ will be totally different from its original value. In our scheme, SHA-1 is adopted as the hash function to get an output with a fixed length.

4) Watermark generation

The Wi is generated as shown in Eq. (2) and the run-length coding algorithm for compressing the local map is not used to save the computational resource, which is different from Tai’s scheme [18].

By adopting the watermarks generated in this manner, different groups are chained together as shown in the Fig. 4, and no transmission overhead is introduced to record the Mi.

Fig. 4.Example of the chaining groups

5) Watermark embedding

Calculate the differences between the adjacent data elements in Gi as shown in Eq. (3).

where Xj denotes the original value of the j th data element in Gi , Xj∈Z, Xj∈[0, 2S-1], 1 ≤ j ≤ N, and Dj is the original difference between the j th data element and the j-1 th data element in Gi.

Expand these differences to embed Wi as shown in Eq. (4).

where Yj is the value of the j th data element after watermark embedding, w is the embedded bit value of Wi, Dj is the original difference between the j th data element and the j-1 th data element in Gi, and D’j is the expanded difference between them.

It is noted that the value of a data element is modified by at most 2L units during the watermark embedding procedure. Therefore, underflow and overflow can be entirely avoided by the histogram shifting described in step 2.

The ECi is then calculated. If ECi is larger than the size of Wi, the Mi and the whole hi-1 are embedded. Otherwise, the Mi and only the lowest ECi-Oi bits of hi-1 are embedded.

6) Data transmission

After watermark embedding, the Gi’ is transmitted packet by packet through the WBAN.

2.3 Decoding Phase

The decoding phase is executed on the base station, where the watermark is extracted and the watermarked data is recovered to its original value when one group of watermarked data has been entirely received; then the watermark extracted from the received group is compared with the hash value of its former group to authenticate the data integrity of the former group. The detailed procedures are shown in Fig. 5 and described below.

Fig. 5.Block diagram of the decoding phase

Without loss of generality, we assume that the received group is G’i+1. The detailed procedures of the decoding phase to authenticate the integrity of Gi are described as follows.

1) Data receiving

Receive the packet and check its DF. If DF is 0, the received packet is not the end of G’i+1, then the packet is stored in a buffer, and the base station continues to receive the next packet; otherwise the packet is the end of G’i+1, then the packet is put into the buffer, and watermark extraction is conducted.

2) Watermark extraction

Calculate the difference between the adjacent data elements in G’i+1. If |Yj-Zj-1|<2L+1, extract the W’i+1 in Eq. (5).

where Yj is the value of the j th data element in G’i+1, Zj-1 is the restored value of Yj-1, and w is the extracted bit value of W’i+1.

3) Data difference shrinking

Shrink the difference between two adjacent data elements as shown in Eq. (6).

where Yj is the value of the j th data element in G’i+1, Zj is the restored value of Yj, Dj is the recovered difference between the j th data element and the j-1 th data element in G’i+1, and D’j is the expanded difference between them.

Continue step 2 and step 3 until W’i+1 is entirely extracted, and then the EC’i+1 is record.

4) Histogram restoring

Count the number of the restored data elements with the value in the range [2L, 2L+1-1] or [2S -2L+1, 2S -2L-1] and denote it as O’i+1. The first O’i+1 bits of W’i+1 are obtained as M’i+1, which should be the same with Mi+1 if no attack or packet drop happens. For the data element with the value in the range [2L, 2L+1-1] or [2S -2L+1, 2S -2L-1], its assigned bit of M’i+1 is checked: if value 1 is assigned, the data element is shifted to its original state by 2L; otherwise, no change is required. After the histogram restoring, Gi+1 can be completely recovered.

5) Hash calculation

Obtain the Gi, which is recovered during the previous procedures for authenticating the integrity of Gi-1, from the buffer and calculate hi as shown in Eq. (1).

6) Integrity authentication

Get Wp ’i+1 by excluding M’i+1 from W’i+1. If the EC’i+1- O’i+1 is larger than 160 bits, compare Wp ’i+1 with hi, otherwise, compare the Wp ’i+1 with the lowest EC’i+1- O’i+1 bits of the hi. If they are the same, the integrity of the stored Gi is authenticated and Gi is sent into the database; otherwise, Gi will be rejected by the base station.

7) Buffer updating

Finally, Gi and G’i+1 are cleared from the buffer, and recovered Gi+1 is stored in the buffer for further integrity authentication.

In our scheme, a (S×N)/8 bytes buffer is needed on sensor mote to cache the data elements of the current group before watermark embedding, and another (S×N)/4 bytes buffer is needed on base station to record data elements of both the current and the former groups. Delays will also be caused by buffering data elements of the current group before watermark embedding. The delays for different data elements are different and the longest one is (N-1)/F s. The values of the two buffer sizes and the longest delay are given in Section 4.2.2.

 

3. Security Analysis

The scenarios discussed below generally occur independently. If two or more scenarios occur concurrently, security analysis can be derived from the corresponding individual scenarios.

3.1 Modification

Without loss of generality, the security analysis assumes that only the content of Gi’ is modified. The influences and authentication results in different scenarios of modifications are shown in Table 2.

Table 2.Influences and authentication results in different scenarios of modifications

3.2 Insertion

The influences and authentication results in different scenarios of insertions are shown in Table 3.

Table 3.Influences and authentication results in different scenarios of insertions

3.3 Deletion

The influences and authentication results in different scenarios of deletions are shown in Table 4.

Table 4.Influences and authentication results in different scenarios of deletions

3.4 Packet Loss

Although packet loss is not an active attack, it still poses challenges in data integrity and may cause incorrect medical assessment in healthcare applications using WBAN. In our scheme, packet loss can be identified as shown in Table 5.

Table 5.Influences and authentication results in different scenarios of packet loss

The above analyses have proved that our proposed scheme is able to robustly and reliably identify the three major types of attacks in WBAN, i.e., modification, insertion and deletion, as well as packet loss situation. It indicates the effectiveness of the proposed scheme.

 

4. Experimental Results

4.1 Configurations of Experiments

We implemented the proposed scheme on a WBAN test bed based on TinyOS 2.x using the nesC programming language. A MicaZ sensor node, developed by Crossbow Technology [19], is adopted as the sensor mote on an adult body. The sensor node consists of an ATmega128L microcontroller, a 2.4GHz CC2420 RF transceiver, a 4KB RAM and a 128KB ROM. We use a pulse sensor in our experiments, which is developed by Sparkfun [20]. A gateway node is adopted as the base station to receive the data from the sensor node and is connected to a PC for data visualization and analysis. The encoding phase is executed in the on-body sensor node while the decoding phase is carried out at the gateway.

In our implementation, the size of data element is 16-bits, which consists of 10-bits collected raw pulse data and 6-bits heart rate data calculated from the pulse data for further healthcare applications. The pulse data is chosen as the watermark carrier. The watermark is generated from the local map of the pulse data and the hash value of the whole data group. In each packet, there are 16-bits Node ID, 7-bits SN and 1-bit DF. The structure of one packet is shown as Fig. 6.

Fig. 6.Structure of one packet

4.2 Experiment A: Selection of Experimental Parameters

In this section, experiments and analyses are carried out to determine the critical parameters, including L, F, N and P. The selection criteria include EC, resource cost and transmission overhead.

4.2.1 Selection of L

L affects the EC and the variation of watermarked pulse data. Different from the image applications, we only use the restored pulse data after the watermark extraction for further healthcare applications. Therefore, the variation of watermarked pulse data is not the main issue of consideration. On the contrary, it is preferable that the ECp is greater than 160 bits. Otherwise, the possibility of the hash collision will increase since the length of the SHA-1 hashed value is fixed to 160 bits. In such a case, the performances of integrity authentication will be degraded. In our experiment, EC, ECp and O are calculated under different values of L in different situations. For each situation, 100 groups of data are collected, and their mean values are calculated. The experiment results are shown in Fig. 7.

Fig. 7.EC under different L in different situations: (a) F=100, N=250 (b) F=100, N=275 (c) F=100, N=300 (d) F=50, N=250 (e) F=50, N=275 (f) F=50, N=300.

It is observed from Fig. 7 that as L increases, the ECp increases firstly and decreases thereafter, which can be explained theoretically. Since we only embed a watermark bit when the difference between two adjacent data elements is smaller than 2L, it is obvious that the EC will increase when L increases. On the other hand, O will also increase when L increases since the local map is designed for data elements in the range [0, 2L+1-1] or [1024 -2L+1, 1023]. In addition, since the data elements are rarely near value 0 or 1023, the increment of O is very little when L is small whilst O will grow rapidly when L is large.

The ECp is given in Eq. (7), as:

Thus, if L is small, the ECp will increase when L increases due to the increment of EC; otherwise, it will decrease when L increases due to increment of O.

In the latter experiments, L is set to 5 according to Fig. 7 to maximize the ECp.

4.2.2 Selection of F and N

Since both F and N can affect the EC and resource cost, those two parameters should be chosen collectively. When F increases, EC will increase but the power consumption will increase; while when N increases, EC will increase but the buffer size will increase, resulting in the increase of memory consumption. In this experiment, the mean value of ECp of 100 groups of pulse data for different F and N are calculated in Table 6.

Table 6.Note: a: the category 1, b: the category 2, c: the category 3.

As shown in Table 6, there are three categories in which the mean values of ECp are greater than 160 bits. On one hand, since the mean values of ECp in the category 1 are slightly greater than 160 bits, many individual values of ECp in this category will be still smaller than 160 bits. Therefore, we do not consider the category 1. On the other hand, since larger F and N will lead to higher power and memory consumption, the category 3 is not adopted. Due to the above considerations, the category 2 is chosen to ensure sufficient ECp as well as save costs. By default, F is set to 50 Hz, and N is set to 300 in our latter experiments to achieve a trade-off between ECp, power consumption and memory consumption. In this manner, the sizes of the buffers on the sensor mote and the base station are 16×N/8=600 bytes and 16×N/4=1200 bytes, respectively, which can be provided by the current embedded devices. The longest delay for data elements is (N-1)/F =5.98s, which can satisfy the real-time requirements of majority of health monitoring systems.

4.2.3 Selection of P

The data group is transmitted packet by packet in our scheme, thus N should be divisible by P to maximize the utilization of the payload of packet. In addition, each packet contains the 16-bits Node ID, 7-bits SN and 1-bit DF, which are also considered as the transmission overhead. To minimize the rate of such overheads, P should be set as large as possible. However, the allowed maximum packet size is limited according to TinyOS specification. Due to overall consideration of the above aspects, P is set to 50 and the packet size is 103 bytes. In this scenario, the rate of transmission overhead of Node ID is 2/103 (1.94%), and the rate of transmission overhead of SN and DF is 1/103 (0.97%). Both of them are insignificant.

4.3 Experiment B: Performances of Watermark Embedding

Watermark embedding is one core procedure for integrity authentication in the proposed scheme. As mentioned in Section 4.2.1, it is better that ECp is greater than 160 bits. In this experiment, the EC of different groups for a single person and the EC for different persons are tested.

4.3.1 EC of Different Groups

The EC of 100 different groups for a single person are shown in Fig. 8.

Fig. 8EC of 100 Different Groups.

Fig. 8 shows that the ECp of only one group among these 100 groups is smaller than 160 bits. In addition, the ECp is 155 bits, which is very close to 160 bits. It demonstrates that the ECp in our scheme is sufficient to ensure the reliability of the integrity authentication.

4.3.2 EC for Different Persons

All the experiments described above are based on the pulse data collected from the same person. Since the pulse data of different persons are not identical, the EC for 12 different persons are obtained to better illustrate the watermark embedding performances of our scheme. For each person, 100 groups of pulse data are collected, and the results are shown in Table 7.

Table 7.EC for different persons

Table 7 shows that all the mean ECp of the 12 different persons are much greater than 160 bits and the minimum ECp are larger than or close to 160 bits, which further demonstrates the sufficient EC in our proposed scheme under different situations.

4.4 Experiment C: Performance of Integrity Authentication

In this section, 13 types of different attacks are performed in the WBAN, including randomly modifying one bit of data element, SN or DF; randomly inserting one data element, SN, DF, packet or group; randomly deleting one data element, SN, DF, packet or group. The performances of integrity authentication under the 13 types of attacks as well as the packet loss situation are tested. Similar to Kamel’s scheme [16], the integrity authentication is considered a failure if the attack is not detected by the base station in our paper. For each type of attack as well as the packet loss situation, 5000 attacked or packet-lost samples are checked and the testing results are listed in the Table 8.

Table 8.Performance of integrity authentication

Table 8 shows that the number of failure checking is zero under most situations, and only 1 of 5000 tested samples failed to be checked out under the modification on data element, which is considered to be caused by the possible hash collision. The average successful rate of integrity authentication is as high as 99.998% under all the designed situations. This result is consistent with our analysis given in Section 3 and indicates that integrity of the data can be authenticated robustly and reliably in our proposed scheme.

4.5 Experiment D: Comparative Tests

4.5.1 Comparison of Underflow and Overflow with Shi’s Scheme

Since underflow and overflow would cause the errors in watermark extraction and data restoration, they need to be completely prevented. In Shi’s scheme [17], they expanded the prediction errors to embed the watermark. However, they did not employ any mechanisms to prevent underflows and overflows caused by expanding of prediction errors. Although the prediction errors in their approach are usually very small, as mentioned in their literature, underflow or overflow are still possible to occur in practical operations. In fact, if a collected pulse data is close to either 0 or 1023, underflow or overflow may happen even when the prediction error is very small. In the experiment, 100 groups of pulse data, i.e, 30000 data elements are used to test the rates of underflow and overflow in the proposed scheme and Shi’s scheme. The results are shown in Table 9.

Table 9.Comparison of the rates of underflow and overflow

Table 9 shows that though the occurrence of underflow and overflow are low, there still exist some underflows and overflows when Shi’s scheme is adopted for the pulse data. In contrast, there is no underflow or overflow when our proposed scheme is adopted. Therefore, the proposed scheme is more robust than Shi’s scheme in terms of preventing overflows and underflows.

4.5.2 Comparison of Efficiency with Shi’s Scheme

The execution time for the hash calculation is the primary component of the time used in both the encoding and decoding phases. As mentioned above, the static grouping method is adopted in our scheme, thus only the hash value of the whole group needs to be calculated. In contrast, the dynamic grouping is used in Shi’s scheme, so that all the hash values of individual data elements have to be calculated. As a result, the proposed scheme is more efficient.

The execution times of encoding and decoding phases in the two schemes are compared in Table 10. Without loss of fairness in the comparison, we assume that the group size used in Shi’s dynamic grouping method is 300, which is the same as that in the proposed scheme.

Table 10.Comparison of the execution time

Table 10 shows that the execution times for the encoding phase and the decoding phase in Shi’s scheme are about 25 times longer than those in the proposed scheme, which supports our aforementioned analysis.

4.5.3 Comparison of Memory Consumption with Shi’s Scheme

The memory consumptions in the two schemes are compared in Table 11. Without loss of fairness in the comparison, we assume that the group size used in Shi’s dynamic grouping method is 300.

Table 11.Comparison of the memory consumption

On the sensor mote, our proposed scheme consumes slightly more RAM space (676 bytes) than Shi’s scheme, and the ROM consumptions of the two schemes are almost the same. The difference of memory consumptions between the two schemes is mainly caused by the buffer used in our proposed scheme to cache the data elements of current group. Although the RAM consumption in our proposed scheme is a little more, it is merely around 55% of the RAM capacity. On the base station, since the buffer to cache two groups of data elements is needed in both of the two schemes, their memory consumptions are almost the same, which are around 61% of the RAM capacity and 19% of the ROM capacity. These results indicate the memory consumptions of our implementation can satisfy the memory constraint of WBAN.

4.5.4 Comparison with Other Watermark Based Schemes

A qualitative comparison between the proposed scheme with other watermark based data integrity authentication schemes [13, 16-17] is shown in Table 12.

Table 12.Comparison with other watermark based schemes

Table 12 shows that the proposed scheme is reversible compared with Guo’s and Kamel’s scheme. Furthermore, compared with Shi’s scheme, there is no underflow or overflow in the proposed scheme and the computational complexity of the proposed scheme is much lower.

 

5. Conclusion

In this paper, a novel integrity authentication scheme based on reversible watermark for WBAN is proposed and implemented on a TinyOS-based WBAN. Our analysis and experimental results have demonstrated that our scheme has important advantages over other existing schemes. The integrity authentication of biometric data is robust and reliable under different attacks. The watermarking procedure is reversible, which outperforms Guo’s and Kamel’s schemes [13, 16]. Underflow and overflow will not occur in the watermark procedure, which outperforms Shi’s scheme [17]. The integrity authentication scheme is lightweight and more efficient than Shi’s scheme in terms of computational complexity. Lastly, no transmission overhead is introduced by the generated local map, and the transmission overhead in the proposed scheme is also insignificant.

References

  1. H. Cao, V. Leung, C. Chow and H. Chan, "Enabling technologies for wireless body area networks: A survey and outlook," IEEE Communications Magazine, vol. 47, no. 12, pp. 84-93, December, 2009.
  2. C. Otto, A. Milenkovic, C. Sanders and E. Jovanov, "System architecture of a wireless body area sensor network for ubiquitous health monitoring," Journal of Mobile Multimedia, vol. 1, no. 4, pp.307-326, January, 2006.
  3. M. A. Hanson, H. C. Powell Jr, A. T. Barth, K. Ringgenberg, B. H. Calhoun, J. H. Aylor and J. Lach, "Body area sensor networks: Challenges and opportunities," Computer, vol. 42, no. 1, pp.58-65, January, 2009.
  4. S. Lim and H. Lee, "Factors affecting medical incident care on WBAN," KSII Transactions on Internet and Information Systems (TIIS), vol. 7, no. 5, pp. 1058-1076, May, 2013. https://doi.org/10.3837/tiis.2013.05.007
  5. Y. O. Mohammed, U. A. Baroudi, "Partially observable Markov decision processes (POMDPS) and wireless body area networks (WBAN)," KSII Transactions on Internet and Information Systems (TIIS), vol. 7, no. 5, pp. 1036-1057, May, 2013. https://doi.org/10.3837/tiis.2013.05.006
  6. M. A. Ameen, J. Liu and K. Kwak, "Security and privacy issues in wireless sensor networks for healthcare applications," Journal of medical systems, vol. 36, no. 1, pp. 93-101, February, 2012. https://doi.org/10.1007/s10916-010-9449-4
  7. M. Li, W. Lou and K. Ren, "Data security and privacy in wireless body area networks," Wireless Communications, IEEE, vol. 17, no. 1, pp. 51-58, February, 2010. https://doi.org/10.1109/MWC.2010.5416350
  8. A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen and D. E. Culler, "SPINS: Security protocols for sensor networks," Wireless networks, vol. 8, no. 5, pp. 521-534, September, 2002. https://doi.org/10.1023/A:1016598314198
  9. C. Karlof, N. Sastry, and D. Wagner, "TinySec: a link layer security architecture for wireless sensor networks," in Proc. of the 2nd Int. Conf. on Embedded networked sensor systems, ACM, pp.162-175, November, 2004.
  10. B. Przydatek, D. Song and A. Perrig, "SIA: Secure information aggregation in sensor networks," in Proc. of the 1st Int. Conf. on Embedded networked sensor systems, ACM, pp. 255-265, November 5-7, 2003.
  11. X. Ren and H. Yu, "Security mechanisms for wireless sensor networks," IJCSNS International Journal of Computer Science and Network Security, vol. 6, no. 3, pp. 155-156, March, 2006.
  12. S. S. Iyengar, A. Durresi, V. Paruchuri and R. Kannan, "Data integrity protocol for sensor networks," International Journal of Distributed Sensor Networks, vol. 1, no. 2, pp. 205-214, 2005. https://doi.org/10.1080/15501320590966459
  13. H. Guo, Y. Li and S. Jajodia, "Chaining watermarks for detecting malicious modifications to streaming data," Information Sciences, vol. 177, no. 1, pp. 281-298, January, 2007. https://doi.org/10.1016/j.ins.2006.03.014
  14. H. Juma, I. Kamel and L. Kaya, "Watermarking sensor data for protecting the integrity," in Proc. of IEEE Conf. on Innovations in Information Technology, pp. 598-602, December 16-18, 2008.
  15. I. Kamel and H. Juma, "Simplified watermarking scheme for sensor networks," International Journal of Internet Protocol Technology, vol. 5, no. 1, pp. 101-111, April, 2010. https://doi.org/10.1504/IJIPT.2010.032619
  16. I. Kamel and H. Juma, "A lightweight data integrity scheme for sensor networks," Sensors, vol. 11, no. 4, pp. 4118-4136, April, 2011. https://doi.org/10.3390/s110404118
  17. X. Shi and D. Xiao, "A reversible watermarking authentication scheme for wireless sensor networks," Information Sciences, vol. 240, no. 10, pp. 173-183, August, 2013. https://doi.org/10.1016/j.ins.2013.03.031
  18. W. L. Tai, C. M. Yeh and C. C. Chang, "Reversible data hiding based on histogram modification of pixel differences," IEEE Transactions on Circuits and Systems for Video Technology, vol. 19, no.6, pp. 906-910, June, 2009. https://doi.org/10.1109/TCSVT.2009.2017409
  19. CrossBow, "MICAZ datasheet." 2010.
  20. Sparkfun, "Pulse Sensor SEN-11574."

Cited by

  1. A Secure Medical Information Management System for Wireless Body Area Networks vol.10, pp.1, 2014, https://doi.org/10.3837/tiis.2016.01.013
  2. Data Authentication for Wireless Sensor Networks with High Detection Efficiency Based on Reversible Watermarking vol.2021, pp.None, 2014, https://doi.org/10.1155/2021/6651137