research-article

Gait-Key: A Gait-Based Shared Secret Key Generation Protocol for Wearable Devices

Authors:
Weitao Xu

University of Queensland

University of Queensland
View Profile

,
Chitra Javali

University of New South Wales, Sydney, Australia

University of New South Wales, Sydney, Australia
View Profile

,
Girish Revadigar

University of New South Wales, Sydney, Australia

University of New South Wales, Sydney, Australia
View Profile

,
Chengwen Luo

Shenzhen University, Guangdong, P.R. China

Shenzhen University, Guangdong, P.R. China
View Profile

,
Neil Bergmann

University of Queensland, QLD, Australia

University of Queensland, QLD, Australia
View Profile

,
Wen Hu

University of New South Wales, Sydney, Australia

University of New South Wales, Sydney, Australia
View Profile

Authors Info & Claims

ACM Transactions on Sensor Networks Volume 13 Issue 1Article No.: 6pp 1–27https://doi.org/10.1145/3023954

Published:26 January 2017Publication History

ACM Transactions on Sensor Networks

Abstract

Recent years have witnessed a remarkable growth in the number of smart wearable devices. For many of these devices, an important security issue is to establish an authenticated communication channel between legitimate devices to protect the subsequent communications. Due to the wireless nature of the communication and the extreme resource constraints of sensor devices, providing secure, efficient, and user-friendly device pairing is a challenging task. Traditional solutions for device pairing mostly depend on key predistribution, which is unsuitable for wearable devices in many ways. In this article, we design Gait-Key, a shared secret key generation scheme that allows two legitimate devices to establish a common cryptographic key by exploiting users’ walking characteristics (gait). The intuition is that the sensors on different locations on the same body experience similar accelerometer signals when the user is walking. However, one main challenge is that the accelerometer also captures motion signals produced by other body parts (e.g., swinging arms). We address this issue by using the blind source separation technique to extract the informative signal produced by the unique gait patterns. Our experimental results show that Gait-Key can generate a common 128-bit key for two legitimate devices with 98.3% probability. To demonstrate the feasibility, the proposed key generation scheme is implemented on modern smartphones. The evaluation results show that the proposed scheme can run in real time on modern mobile devices and incurs low system overhead.

References

Louis Atallah, Omer Aziz, Benny Lo, and Guang-Zhong Yang. 2009. Detecting walking gait impairment with an ear-worn sensor. In Proceedings of the BSN Conference (BSN’09). IEEE, Los Alamitos, CA, 175--180. Google ScholarDigital Library
Charles H. Bennett, Gilles Brassard, and Jean-Marc Robert. 1988. Privacy amplification by public discussion. SIAM Journal on Computing 17, 2, 210--229. Google ScholarDigital Library
Daniel Bichler, Guido Stromberg, Mario Huemer, and Manuel Löw. 2007. Key Generation Based on Acceleration Data of Shaking Processes. Springer. Google ScholarCross Ref
Vince D. Calhoun, Jingyu Liu, and Tülay Adali. 2009. A review of group ICA for fMRI data and ICA for joint inference of imaging, genetic, and ERP data. Neuroimage 45, 1, S163--S172. Google ScholarCross Ref
Brent Carrara and Carlisle Adams. 2010. You are the key: Generating cryptographic keys from voice biometrics. In Proceedings of the PST Conference (PST’10). IEEE, Los Alamitos, CA, 213--222. Google ScholarCross Ref
Jianyong Chen, Guihua Wu, and Zhen Ji. 2011. Secure interoperation of identity managements among different circles of trust. Computer Standards and Interfaces 33, 6, 533--540. Google ScholarDigital Library
George C. Clark Jr. and J. Bibb Cain. 2013. Error-Correction Coding for Digital Communications. Springer Science 8 Business Media.Google Scholar
Cory T. Cornelius and David F. Kotz. 2012. Recognizing whether sensors are on the same body. Pervasive and Mobile Computing 8, 6, 822--836. Google ScholarDigital Library
B. De Moor, P. De Gersem, B. De Schutter, and W. Favoreel. 1997. DAISY: A database for identification of systems. Journal A 38, 3, 4--5.Google Scholar
Arnaud Delorme and Scott Makeig. 2004. EEGLAB: An open source toolbox for analysis of single-trial EEG dynamics including independent component analysis. Journal of Neuroscience Methods 134, 1, 9--21. Google ScholarCross Ref
Whitfield Diffie and Martin E. Hellman. 1976. New directions in cryptography. IEEE Transactions on Information Theory 22, 6, 644--654. Google ScholarDigital Library
Ken Hinckley. 2003. Synchronous gestures for multiple persons and computers. In Proceedings of the the UIST Conference (UIST’03). ACM, New York, NY, 149--158. Google ScholarDigital Library
Thang Hoang and Deokjai Choi. 2014. Secure and privacy enhanced gait authentication on smart phone. Scientific World Journal 2014, Article No. 438254. Google ScholarCross Ref
Lars Erik Holmquist, Friedemann Mattern, Bernt Schiele, Petteri Alahuhta, Michael Beigl, and Hans-W. Gellersen. 2001. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In Proceedings of Ubicomp (Ubicomp’01). 116--122. Google ScholarCross Ref
Aapo Hyvärinen. 1999. Fast and robust fixed-point algorithms for independent component analysis. IEEE Transactions on Neural Networks 10, 3, 626--634. Google ScholarDigital Library
Aapo Hyvärinen, Juha Karhunen, and Erkki Oja. 2004. Independent Component Analysis. Vol. 46. John Wiley 8 Sons.Google Scholar
Anil K. Jain, Karthik Nandakumar, and Abhishek Nagar. 2008. Biometric template security. EURASIP Journal on Advances in Signal Processing 2008, 113. Google ScholarDigital Library
Chitra Javali, Girish Revadigar, Lavy Libman, and Sanjay Jha. 2014. SeAK: Secure authentication and key generation protocol based on dual antennas for wireless body area networks. In Proceedings of the RFID Workshop (RFIDsec’14). Google ScholarCross Ref
Ari Juels and Martin Wattenberg. 1999. A fuzzy commitment scheme. In Proceedings of the CCS Conference (CCS’99). ACM, New York, NY, 28--36. Google ScholarDigital Library
Jonathan Lester, Blake Hannaford, and Gaetano Borriello. 2004. “Are you with me?”—using accelerometers to determine if two devices are carried by the same person. In Pervasive Computing. Lecture Notes in Computer Science, Vol. 3001. Springer, 33--50. Google ScholarCross Ref
Peng Li, Xin Yang, Hua Qiao, Kai Cao, Eryun Liu, and Jie Tian. 2012. An effective biometric cryptosystem combining fingerprints with error correction codes. Expert Systems with Applications 39, 7, 6562--6574. Google ScholarDigital Library
Yang Lin, Wang Wei, and Zhang Qian. 2017. Secret from muscle: Enabling secure pairing with electromyography. In Proceedings of the Sensys Conference (Sensys’17). ACM, New York, NY.Google Scholar
Junliang Liu, Fengqin Yu, and Ying Chen. 2014. Speech separation based on improved fast ICA with kurtosis maximization of wavelet packet coefficients. In New Perspectives in Information Systems and Technologies. Vol. 1. Springer, 43--50. Google ScholarCross Ref
Benny Lo, Fani Deligianni, and Guang-Zhong Yang. 2006. Source recovery for body sensor network. In Proceedings of the BSN Conference (BSN’06). IEEE, Los Alamitos, CA, 1--4. Google ScholarDigital Library
Chengwen Luo, Long Cheng, Mun Choon Chan, Yu Gu, Jianqiang Li, and Zhong Ming. 2016a. Pallas: Self-bootstrapping fine-grained passive indoor localization using WiFi monitors. IEEE Transactions on Mobile Computing PP, 99, 1--14. Google ScholarCross Ref
Chengwen Luo, Hande Hong, Long Cheng, Mun Choon Chan, Jianqiang Li, and Zhong Ming. 2016b. Accuracy-aware wireless indoor localization: Feasibility and applications. Journal of Network and Computer Applications 62, 128--136. Google ScholarDigital Library
Emanuele Maiorana. 2010. Biometric cryptosystem using function based on-line signature recognition. Expert Systems with Applications 37, 4, 3454--3461. Google ScholarDigital Library
R. Alvarez Marino, F. Hernandez Alvarez, and L. Hernandez Encinas. 2012. A crypto-biometric scheme based on iris-templates with fuzzy extractors. Information Sciences 195, 91--102. Google ScholarDigital Library
Suhas Mathur, Robert Miller, Alexander Varshavsky, Wade Trappe, and Narayan Mandayam. 2011. Proximate: Proximity-based secure pairing using ambient wireless signals. In Proceedings of the MobiSys Conference (MobiSys’11). ACM, New York, NY, 211--224. Google ScholarDigital Library
Suhas Mathur, Wade Trappe, Narayan Mandayam, Chunxuan Ye, and Alex Reznik. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the MobiCom Conference (MobiCom’08). ACM, New York, NY, 128--139. Google ScholarDigital Library
Rene Mayrhofer and Hans Gellersen. 2009. Shake well before use: Intuitive and secure pairing of mobile devices. IEEE Transactions on Mobile Computing 8, 6, 792--806. Google ScholarDigital Library
Martin J. McKeown and Terrence J. Sejnowski. 1998. Independent component analysis of fMRI data: Examining the assumptions. Human Brain Mapping 6, 5--6, 368--372. Google ScholarCross Ref
Peter Middleton, Peter Kjeldsen, and Jim Tully. 2013. Forecast: The Internet of Things, worldwide, 2013. Retrieved December 20, 2016, from https://www.gartner.com/doc/2625419/forecast-internet-things-worldwideGoogle Scholar
Nesma Mohssen, Rana Momtaz, Heba Aly, and Moustafa Youssef. 2014. It’s the human that matters: Accurate user orientation estimation for mobile computing applications. In Proceedings of the MobiQuitous Conference (MobiQuitous’14). 70--79. Google ScholarDigital Library
M. Pat Murray. 1967. Gait as a total pattern of movement: Including a bibliography on gait. American Journal of Physical Medicine and Rehabilitation 46, 1, 290--333.Google Scholar
Gita Pendharkar, Ganesh R. Naik, and Hung T. Nguyen. 2014. Using blind source separation on accelerometry data to analyze and distinguish the toe walking gait from normal gait in ITW children. Biomedical Signal Processing and Control 13, 41--49. Google ScholarCross Ref
Girish Revadigar, Chitra Javali, Hassan Asghar, Kasper Rasmussen, and Sanjay Jha. 2015a. Mobility independent secret key generation for wearable health-care devices. In Proceedings of the BodyNets Conference (BodyNets’15). Google ScholarDigital Library
Girish Revadigar, Chitra Javali, Hassan Asghar, Kasper Rasmussen, and Sanjay Jha. 2015b. Secret Key Generation for Body-Worn Devices by Inducing Artificial Randomness in the Channel. nical Report UNSW-CSE-TR-201506. UNSW, Australia.Google Scholar
Girish Revadigar, Chitra Javali, Wen Hu, and Sanjay Jha. 2015c. DLINK: Dual link based radio frequency fingerprinting for wearable devices. In Proceedings of the LCN Conference (LCN’15). Google ScholarDigital Library
Girish Revadigar, Chitra Javali, Weitao Xu, Wen Hu, and Sanjay Jha. 2016. Secure key generation and distribution protocol for wearable devices. In Proceedings of the PerCom Workshop (PerCom Workshops’16). IEEE, Los Alamitos, CA, 1--4. Google ScholarCross Ref
Masoud Rostami, Ari Juels, and Farinaz Koushanfar. 2013. Heart-to-heart (H2H): Authentication for implanted medical devices. In Proceedings of the CCS Conference (CCS’13). ACM, New York, NY, 1099--1112. Google ScholarDigital Library
Nirupam Roy, He Wang, and Romit Roy Choudhury. 2014. I am a smartphone and I can tell my user’s walking direction. In Proceedings of the MobiSys Conference (MobiSys’14). ACM, New York, NY, 329--342. Google ScholarDigital Library
Andrew Rukhin, Juan Soto, James Nechvatal, Miles Smid, and Elaine Barker. 2001. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. Technical Report. DTIC Document.Google Scholar
Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, and Colleen M. Swanson. 2014. SoK: Security and privacy in implantable medical devices and body area networks. In Proceedings of the SP Symposium (SP’14). IEEE, Los Alamitos, CA, 524--539. Google ScholarDigital Library
Mikkel N. Schmidt and Rasmus Kongsgaard Olsson. 2006. Single-channel speech separation using sparse non-negative matrix factorization. In Proceedings of the INTERSPEECH Conference (INTERSPEECH’06).Google Scholar
Lu Shi, Jiawei Yuan, Shucheng Yu, and Ming Li. 2013. ASK-BAN: Authenticated secret key extraction utilizing channel characteristics for body area networks. In Proceedings of the WiSec Conference (WiSec’13). Google ScholarDigital Library
G. Srivastava, S. Crottaz-Herbette, K. M. Lau, G. H. Glover, and V. Menon. 2005. ICA-based procedures for removing ballistocardiogram artifacts from EEG data acquired in the MRI scanner. Neuroimage 24, 1, 50--60. Google ScholarCross Ref
Weitao Xu, Guohao Lan, Qi Lin, Sara Khalifa, Neil Bergmann, Mahbub Hassan, and Hu Wen. 2017. KEH-Gait: Towards a mobile healthcare user authentication system by kinetic energy harvesting. In Proceedings of the NDSS Conference (NDSS’17).Google ScholarCross Ref
Weitao Xu, Girish Revadigar, Chengwen Luo, Neil Bergmann, and Wen Hu. 2016a. Walkie-Talkie: Motion-assisted automatic key generation for secure on-body device communication. In Proceedings of the IPSN Conference (IPSN’16). IEEE, Los Alamitos, CA, 1--12. Google ScholarCross Ref
Weitao Xu, Yiran Shen, Neil Bergmann, and Wen Hu. 2016b. Sensor-assisted face recognition system on smart glass via multi-view sparse representation classification. In Proceedings of the IPSN Conference (IPSN’16). IEEE, Los Alamitos, CA, 1--12. Google ScholarCross Ref
Kai Zeng, Daniel Wu, An Chan, and Prasant Mohapatra. 2010. Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In Proceedings of the IEEE INFOCOM Conference (INFOCOM’10). IEEE, Los Alamitos, CA, 1--9. Google ScholarCross Ref
Hongying Zheng, Quan Yuan, and Jianyong Chen. 2015. A framework for protecting personal information and privacy. Security and Communication Networks 8, 16, 2867--2874. Google ScholarDigital Library

Index Terms

Gait-Key: A Gait-Based Shared Secret Key Generation Protocol for Wearable Devices
1. Human-centered computing
  1. Ubiquitous and mobile computing
2. Security and privacy
  1. Cryptography

Recommendations

Auto-Key: Using Autoencoder to Speed Up Gait-based Key Generation in Body Area Networks

With the rising popularity of wearable devices and sensors, shielding Body Area Networks (BANs) from eavesdroppers has become an urgent problem to solve. Since the conventional key distribution systems are too onerous for resource-constrained wearable ...
Read More
Walkie-Talkie: motion-assisted automatic key generation for secure on-body device communication
IPSN '16: Proceedings of the 15th International Conference on Information Processing in Sensor Networks

The ubiquity of wearable and implantable devices has sparked a new set of mobile computing applications that leverage the abundant information from sensors. For many of these applications, ensuring the security of communication between legitimate ...
Read More
Secure ad hoc trust initialization and key management in wireless body area networks

The body area network (BAN) is a key enabling technology in e-healthcare. An important security issue is to establish initial trust relationships among the BAN devices before they are actually deployed and generate necessary shared secret keys to ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Sensor Networks Volume 13, Issue 1
February 2017
242 pages
ISSN:1550-4859
EISSN:1550-4867
DOI:10.1145/3027492
Editor:
Chenyang Lu
Department of Computer Science and Engineering / School of Engineering and Applied Sciences / Washington University / 1 Brookings Drive / St. Louis, MO 63130
Issue’s Table of Contents
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States

Journal Family
ACM Journals for the Design of Smart and Connected Systems
Publication History
- Published: 26 January 2017
- Accepted: 1 November 2016
- Revised: 1 October 2016
- Received: 1 July 2016
Published in tosn Volume 13, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Device pairing
IMU sensors
secret key generation
source separation
wearable devices
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 46
  Total Citations
  View Citations
- 669
  Total Downloads
- Downloads (Last 12 months)54
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Gait-Key: A Gait-Based Shared Secret Key Generation Protocol for Wearable Devices

ACM Transactions on Sensor Networks

Abstract

References

Cited By

Index Terms

Recommendations

Auto-Key: Using Autoencoder to Speed Up Gait-based Key Generation in Body Area Networks

Walkie-Talkie: motion-assisted automatic key generation for secure on-body device communication

Secure ad hoc trust initialization and key management in wireless body area networks