772 IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY IN BIOMEDICINE, VOL. 12, NO.

6, NOVEMBER 2008

Using the Timing Information of Heartbeats as an

Entity Identifier to Secure Body Sensor Network
Shu-Di Bao, Student Member, IEEE, Carmen C. Y. Poon, Student Member, IEEE,
Yuan-Ting Zhang, Fellow, IEEE, and Lian-Feng Shen

Abstract—Security of the emerging body sensor network (BSN)

in telemedicine applications is a crucial problem because personal
medical information must be protected against flaws and misdeeds.
The solution is, however, nontrivial because lightweight mecha-
nisms have to be deployed to meet the stringent resource con-
straints of these networks. It has been suggested that the inherent
ability of human body to transfer information is a unique and
resource-saving method to secure wireless communications within
a BSN. For example, physiological characteristics can be captured
by individual sensors of a BSN to generate entity identifiers (EIs)
for identifying nodes and even securing keying materials, i.e., by
a biometric approach. This study demonstrates the performance
analysis of such a biometric trait, i.e., the interpulse intervals (IPIs)
of heartbeats that were calculated from electrocardiogram and
photoplethysmogram of 99 subjects. Based on the characteristics
of IPIs, a lightweight generation scheme of EIs is proposed. Indi-
vidual randomness and group similarity of the generated EIs are
then evaluated. False acceptance rate and false rejection rate are
also calculated to measure the effectiveness of the proposed iden-
tification system. The results suggest that the readily available IPI
information can be a good source for generating EIs among BSN
nodes.
Index Terms—Biometrics, body sensor network (BSN), entity
identifier (EI), interpulse interval (IPI), security.
I. INTRODUCTION
ODY SENSOR network (BSN) is emerging as one of the
B main research trends to facilitate the joint processing of bi-
ological data, which can be collected from different parts of the
body at different times, for resource optimization and systematic
health monitoring and diagnosis [1], [2]. For the ease of data
collection and user convenience, RF technology has been widely
adopted to interconnect in-body and on-body sensors. Fig. 1 il-
lustrates a simplified example of using BSNs in a telemedicine
Manuscript received October 25, 2006. First published May 30, 2008; current
version published November 5, 2008. This work was supported in part by Hong
Kong Innovation and Technology Fund (ITF).
S.-D. Bao was with the National Mobile Communications Research Labora-
tory, Southeast University, Nanjing 210096, China, and also with the Joint Re-
search Centre for Biomedical Engineering, Chinese University of Hong Kong,
Shatin N.T., Hong Kong. She is now with Agilent Technologies Singapore,
Singapore 768923, Singapore (e-mail: sdbao@ieee.org).
C. C. Y. Poon is with the Joint Research Centre for Biomedical Engi-
neering, Chinese University of Hong Kong, Shatin N.T., Hong Kong (e-mail:
cpoon@ee.cuhk.edu.hk).
Y.-T. Zhang is with the Joint Research Centre for Biomedical Engi-
neering, Chinese University of Hong Kong, Shatin N.T., Hong Kong, and
also with the Key Laboratory of Biomedical Informatics and Health En-
gineering, Chinese Academy of Sciences, Beijing 518067 China (e-mail:
ytzhang@ee.cuhk.edu.hk).
L.-F. Shen is with the National Mobile Communications Research Labora-
tory, Southeast University, Nanjing 210096 China (e-mail: lfshen@seu.edu.cn).
Color versions of one or more of the figures in this paper are available online
at http://ieeexplore.ieee.org.
Digital Object Identifier 10.1109/TITB.2008.926434
1089-7771/$25.00 © 2008 IEEE
Fig. 1. Integration of personalized BSN in a telemedicine system.
system. Each BSN connects all sensors that are placed on or
in a person’s body, and each sensor being connected to a mi-
croprocessor, wireless transceiver, and battery forms a “BSN
node complex” capable of seamlessly integrating with outside
environments via various wireless access technologies. Wire-
less BSN is preferred for monitoring patients in environments
where medical professionals are not available, such as at homes
and workplaces. It may also be applied to in-hospital patients
and even those in the intensive care unit (ICU) environments,
provided that the RF technology used is compliant with existing
regulations.
Considering that the scale of BSN is quite small and di-
rect communications between each pair of sensors may not be
necessary, star topologies are often preferred. For this type of
topology, the intelligence of the system is concentrated in a
central node (master) that is superior to other nodes (slaves) in
terms of processing, memory, and power resources. Not only
does the master act as a gateway to the outside world, but it
is also configured to perform a variety of tasks, such as data
fusion, abnormity detection and assessment, and danger alert in
emergency situations.
Issues and concerns related to the safe and effective use of
RF technology in medical devices, including their function per-
formance, wireless coexistence, electromagnetic compatibility,
and data security, have been addressed in [3]. Besides, social,
legal, and ethical concerns are also evoked based on a variety of
factors, such as fears about the centralization of information and
the potential misuse of data. Among these problems, data secu-
rity should be a key concern in the use of wireless RF technology
because it opens up an opportunity for unauthorized parties to
eavesdrop on and even tamper with medical data. As mandated
by privacy laws and regulations, such as the Health Information
and Portability Accountability Act (HIPAA) [4] and the Euro-
pean Union Directive 2002/58/EC [5], wireless standards with
medical applications have to have a high level of reliability to
guarantee the quality of patient care and the privacy of healthcare
BAO et al.: USING THE TIMING INFORMATION OF HEARTBEATS AS AN ENTITY IDENTIFIER TO SECURE BODY SENSOR NETWORK 773

history. Therefore, security mechanisms must be incorporated chip, the protocol was able to generate a pair of 163-bit private
to build a secure BSN ensuring data confidentiality, integrity, and public keys and a piece of a shared secret between two nodes
and freshness, as well as nonrepudiation of origin, delivery, and within 34 s. Because asymmetric cryptography requires compu-
receipt. It is however a nontrivial task because limited by the tationally expensive or energy-intensive operations, it is often
targeted size and cost, most sensor nodes are subject to stringent ruled out as the infrastructure for authentication, integrity, and
resource constraints. security in sensor networks [12], [13], particularly in wireless
To address the security issue in BSN, we proposed in [6] BSNs.
that since the body itself can form an inherently secure com-
munication pathway, a novel biometrics method, which uses A. Key Predistribution Solutions
the intrinsic characteristics of the human body to generate the
As wireless BSN works within the body area, using a base
entity identifier (EI) of each BSN node for identifying nodes
station to distribute a network-wide initial key to each sensor
and protecting the transmission of keying materials, can be used
before deployment is a straightforward scheme. The process of
to secure intra-BSN communications. Since the interpulse in-
distribution of initial keys must be carried out in a secure envi-
terval (IPI) of heartbeats can be readily available in various
ronment, which the intruders cannot access by any means. The
cardiovascular signals, it was used as an example of the in-
main disadvantage of this scheme is that whenever there is a
trinsic characteristic to illustrate the feasibility of the proposed
need to add or change a body sensor, the user has to configure
biometrics method. Preliminary experimental results of the IPI
a new initial key to ensure that the new sensor can securely
based system performance was presented in [6].
communicate with the existing sensors. This obviously discour-
In this paper, the performance of IPIs as a biometric trait
ages people, such as family members, to share sensors (mainly
for such security purposes will be evaluated. Furthermore, a
wearable sensors) between themselves. Furthermore, thorough
lightweight scheme for generating EI from IPI information is
key updates are also discouraged.
proposed and analyzed.
Recently, a family of random-key predistribution protocols
The rest of this paper is organized as follows. Section II in-
was developed for large-scale sensor networks [14], [15]. The
troduces existing solutions of authenticated key distribution that
basic idea of random-key predistributions was first proposed by
may be applicable to BSNs, with an emphasis on the newly pro-
Eschenauer et al. [16], in which a large pool of symmetric keys
posed biometrics method. The performance of IPIs calculated
S is generated and a random subset m is distributed to each node.
from different cardiovascular signals is studied in terms of indi-
The number of keys in the key-pool, i.e., |S|, is chosen such that
vidual randomness and group similarity in Section III. Then, the
two random subsets, each of size |m|, will share at least one key
lightweight generation scheme of EI based on IPI information is
with certain probability. After the deployment, a network-wide
proposed in Section IV. In Section V, the performance analysis
key-setup phase is performed. Each node first performs a key-
of such generated EIs is elaborated in terms of individual ran-
discovery procedure to find out with which of its neighbors it
domness, group similarity, as well as false acceptance/rejection
shares at least a key. A mutual verification is then carried out
evaluation. Finally, conclusions are given in Section VI.
through a challenge-response protocol. The shared key becomes
the key for that link.
II. BACKGROUND AND RELATED WORKS To further improve the performance, other key predistribution
techniques have also been proposed, including the threshold-
Since wireless BSN nodes are usually subjected to severely
based key predistribution [17], [18] that aimed to improve
constrained resources, asymmetric cryptography is too expen-
the resilience of sensor networks against node compromises
sive in terms of system overhead. Thus, a promising approach
and the group-based key pre-distribution [19] that aimed to re-
is to use more efficient symmetric cryptographic alternatives.
move the dependency on expected sensor locations, and thus,
Nevertheless, symmetric cryptography is not as versatile as
simplify the deployment.
asymmetric cryptographic techniques, and thus, complicates
A major disadvantage of applying the aforementioned tech-
the design of secure applications. Prior to using any encryp-
niques in wireless BSNs is that if there is a need to add any
tion, communicating parties must possess a shared secret key,
new sensor, the same key pool must be used to generate a key
which theoretically requires a secure channel for distribution.
subset, and the key predistribution for the new sensor must be
Such a secure channel is, however, often not available in most
taken place in a secure environment. As mentioned before, the
cases, and thus, key distribution is always vulnerable to man-in-
predistribution process will unavoidably cause inconvenience to
the-middle attacks. To prevent such attacks, a variety of authen-
BSN users. To this end, a new family of solutions without an
ticated key distribution protocols have been developed, as the
initial deployment is desirable for wireless BSNs.
means of gaining confidence that an entity is what it claims to
be and at the same time distributing a shared secret key between
communicating entities [7]–[10]. B. Biometric Security Model
Typically, authenticated key distribution protocols can be de- Conventionally, biometrics refers to the automatic recogni-
signed using symmetric or asymmetric cryptography. Regarding tion of individuals based on their physiological and/or behav-
the use of asymmetric cryptography to secure sensor networks, ioral characteristics [20], [21]. The biometrics method discussed
Malan et al. [11] implemented the elliptic curve cryptography in this study is, however, different from the conventional one.
on MICA2 mote with TinyOS. When tested on a fully loaded The concept behind this new approach to use biometrics is to
774 IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY IN BIOMEDICINE, VOL. 12, NO. 6, NOVEMBER 2008
make use of the communication channels already available on
or in the human body, i.e., the biochannels, for securing wireless
communications in BSN. Cherukuri et al. [22] proposed using
a group of similar random numbers generated from properties
obtained from different human body parts to protect the trans-
mission of symmetric keys between communicating parties. The
transmitting node binds a cryptographic key with a locally cap-
tured biometric trait. At the receiving node, a binding-off pro-
cess is preceded using the biometric trait captured by its own to
recovery the cryptographic key.
Since the biometric trait captured at different locations of the
body should have slight variations, a fuzzy commitment scheme
[23] is employed to ensure that differences between biometric
values captured at different locations are tolerable to a certain
degree. The cryptographic key used in the fuzzy commitment
scheme needs to be constructed as an error-correcting code.
Let the function g : M → C represent a one-to-one mapping
of messages to codewords, where M = {0, 1}k represent the
space of messages and C = {0, 1}n represent the corresponding
error-correcting codeword. Conversely, g −1 is used to retrieve
the transmitted message from a reconstructed codeword. The
error-correcting function f : {0, 1}n → C ∪ {φ} is used to map
arbitrary n-bit strings to codewords. When successful, f maps
a given n-bit string to the nearest codeword in C. Otherwise, f
fails and outputs φ. We say that f has a correction threshold of
size t if it can correct any set of up to t bit errors.
Let K ∈ {0, 1}k and K̂ ∈ {0, 1}n represent a cryptographic
key and the corresponding error-correcting codeword, respec-
tively, b ∈ {0, 1}n represent the biometric value (also called
the original encrypting witness) used to protect cryptographic
keys, and h : {0, 1}n → {0, 1}l be a one-way hash func-
tion. The fuzzy commitment scheme is defined as F (K̂, b) =
(h(K̂), K̂ ⊕ b), where ⊕ is the bitwise XOR operation. To de-
commit F (K̂, b) using a witness b , the receiver computes
K̂  = f (b ⊕ (K̂ ⊕ b)) = f (K̂ ⊕ (b ⊕ b)). If h(K̂  ) = h(K̂),
then the decommitment is successful and the result of g −1 (K̂)
is the correct key K. Otherwise, b is an incorrect witness that is
not close enough to the original encrypting witness in a suitable
metric.
It was discussed in [6] that biometric traits used in such a
security model must be: 1) distinctive, i.e., the trait should be
sufficiently different on any two individuals when copies of it
are captured simultaneously, even if the copies are captured by
different types of sensors and at different locations of the body
and 2) time-variant but invulnerable, i.e., the trait should change
with time and have a high degree of randomness so that copies
of it captured at different times would not match even if they are
obtained from the same individual. More importantly, from a
cryptographic perspective, devices outside of a particular BSN
have neither access to, nor can they reliably predict a particular
period record of such a biometric trait.
C. Protocol Design Based on the Biometric Security Model
Based on the biometric security model, an authenticated key
distribution protocol can be carefully designed for BSN nodes to
securely share session keys for later uses. The key K, described
in the security model, can be regarded as an initial key generated
by any BSN node that wants to initiate a secure conversion with
other nodes.
Before the protocol is initiated, each BSN node has to gen-
erate a binary sequence b from a biometric trait. As the binary
biometric sequence is used for a BSN node to judge whether a re-
questing node is in the same BSN as itself, we name the binary
biometric sequence EI to emphasize its outstanding commit-
ment. Let EIT = {ITi ∈ {0, 1}n |1 ≤ i ≤ N } represent a set of
EIs, where N is the size of the network and T is a synchronized
time period during which the binary biometric sequence is gen-
erated. Similar to the biometric traits, EIT should satisfy the
following requirements: 1) each EI (ITi ) should possess a sig-
nificant degree of randomness and 2) any pair of EIs (ITi , ITj )
should have high similarity. The first property implies that each
bit of ITi should theoretically contain one bit of entropy. On
the other hand, the distance between any pair should be small
enough for any two nodes in the same BSN to accept each other.
After sharing the initial key K among BSN nodes by using
the fuzzy similar EIs, session keys can be subsequently estab-
lished. Besides, it is noted that a practical protocol should be
robust against a variety of potential threats, including tampering
attacks, replay attacks, and reflection attacks.
III. ANALYSIS ON TIMING INFORMATION OF HEARTBEATS
A. Experimental Data
We used data collected from two experiments, the original
purpose of which was to simultaneously capture ECG and pho-
toplethysmogram (PPG) for the estimation of blood pressure.
In one experiment (Exp. I), 14 healthy subjects were recruited.
ECG was captured from the three fingers of the subjects and
two channels of PPG were captured from the index fingers of
the two hands, respectively. For each subject, the three signals
were captured simultaneously for 2–3 min. In another experi-
ment (Exp. II), 85 clinical subjects were recruited, and within a
two-month period, a PPG and ECG were captured for 40 s on
three or four days. A 12-bit A/D converter sampling at 1 kHz
was deployed to get the digital signals. Fig. 2 depicts a segment
of simultaneously captured ECG and PPG. Peak-to-peak inter-
vals of ECG and foot-to-foot intervals of PPG were calculated.
In order not to extend effects of detection errors in bad signal
segments, a segmentation mechanism was introduced to divide
the signals into segments consisting of consecutive 16 IPIs.
B. Multi-IPI Versus Individual IPI
As mentioned earlier, EIs generated from time-variable bio-
metric traits should meet two requirements, i.e., individual ran-
domness and group similarity. To achieve better performances
of EIs from a given number of IPIs, multi-IPI is examined as
compared to individual IPI for its capability of EI generation.
Given L = 16 consecutive individual IPIs, a series of multi-IPIs
can be obtained as follows:


i
mIPIi = IPIl |1 ≤ i ≤ L . (1)
l=1
BAO et al.: USING THE TIMING INFORMATION OF HEARTBEATS AS AN ENTITY IDENTIFIER TO SECURE BODY SENSOR NETWORK
Fig. 2. Segment of simultaneously captured ECG and PPG from Exp. I.
To randomize the monotonically increasing multi-IPIs, a
modulo operation is further introduced to get the modulus of di-
viding mIPIi by 2p , i.e., (mIPIi )mod(2p ), where p is a positive
integer referred to as the modulo parameter. Noted that a smaller
p will result in a more uniformly distributed (mIPIi )mod(2p ) in
the range of [0, 2p −1].
C. Analysis of Individual Randomness
Entropy that measures the degree of randomness of observed
sequences is commonly used to analyze the chaotic character-
istics of heart rate variability in patients with heart diseases. In
this study, a recently developed sample entropy (SampEn) [24],
which is a measure similar to but less biased than the popular
approximate entropy (ApEn) [25], was employed to quantify
information in IPIs. SampEn(m, r, M) is precisely the negative
natural logarithm of the conditional probability that a dataset
of length M, having repeated itself within a tolerance r for m
points, will also repeat itself for m+1 points, without allow-
ing self-matches. A larger value of SampEn indicates that the
observed data have a relatively higher degree of randomness.
One advantage of using SampEn is that it is relatively con-
sistent where ApEn is not [26]. That is, if SampEn(m1 ,r1 ) of U
is not larger than SampEn(m1 , r1 ) of V, then it is expected that
SampEn(m2 , r2 ) of U is also not larger than SampEn(m2 , r2 )
of V, where U and V are records with the same data length.
Since SampEn shows relative consistency, we can use it to
compare the randomness of sequences of individual IPI and
(mIPIi )mod(2p ), though there is no golden guideline for se-
lecting an optimal pair of m and r. We chose m and r to be 3
and 0.2, respectively, in accordance with some previous studies
on heart rate and its variability [26], and set M to be the num-
ber of IPIs in each trial. For random numbers with a uniform
distribution, the theoretical predicted value of SampEn (3,0.2)
is about 2.2. Table I shows the mean SampEn of individual
IPI and (mIPIi )mod(2p ). It can be seen that the randomness
of individual IPIs from 14 healthy subjects is better than that
from 85 clinical subjects, which is consistent with previous stud-
ies [27], [28], while SampEn results of ( mIPIi )mod(2p ) from
the two experimental groups show a smaller difference. Fur-
thermore, the randomness of (mIPIi )mod(2p ) depends heavily
775
TABLE I
NUMERIC RESULTS OF SAMPEN (3, 0.2, M)
Fig. 3. Histogram of the mean Euclidean distance between true pairs of IPIs
(comparison of individual IPI and multi-IPI). (a) Exp. I. (b) Exp. II.
Fig. 4. Histogram of the mean Euclidean distance between true pairs of mIPIi
mod 2 p . (a) p = 9. (b) p = 8. (c) p = 7.
on the value of p. A smaller p results in a relatively higher degree
of randomness.
D. Analysis of Group Similarity
Group similarity is analyzed by calculating the mean value
of the Euclidean distance (MED) between IPI sequences simul-
taneously detected from the same individual, i.e.,
1 
L
d= |xl − xl | (2)
L
l=1
where xl and xl can represent a pair of individual IPIs, multi-
IPIs, or modulo results of multi-IPIs, respectively. Fig. 3 depicts
the distance distributions calculated from the experimental data.
As can be seen in Fig. 3, though the results from multi-IPIs
exhibit a little bit worse performance of similarity than those
from individual IPIs, most of the distances are smaller than
16 ms.
After a modulo operation of multi-IPI, most of the distances
fall onto the two ends of the range of [0, 2p −1]. Fig. 4 depicts
the distributions of the MEDs for (mIPIi )mod(2p ), where p is
set to 9, 8, and 7, respectively. As can be seen, a larger value of
p results in a better performance of similarity.
776 IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY IN BIOMEDICINE, VOL. 12, NO. 6, NOVEMBER 2008
Fig. 5. Generation scheme of binary entity identifiers from IPIs.
For the case of (mIPIi )mod(2p ), it is also observed that there
is a tradeoff between individual randomness and group similar-
ity while selecting the value of p. To achieve better performance
of group similarity, a relatively large value of p is desirable,
which will, however, reduce the degree of randomness.
IV. GENERATION OF IPI-BASED ENTITY IDENTIFIER
A. Generation Scheme
The generation scheme of network-wide EIs is depicted in
Fig. 5. To begin with, a node in BSN, usually the master node
with less resource constraint, sends out a synchronization signal
indicating the beginning of network-wide EI generation. Upon
receiving the synchronization signal, other nodes in the same
BSN begin to record at least one cardiovascular signal. The ini-
tiating node also begins the signal recording at the same time.
Each node calculates a series of IPIs from its own recorded car-
diovascular signal, which can be denoted as {IPIi |1 ≤ i ≤ L}.
Afterwards, an accumulation operation is performed to
the series of IPIs followed by the modulo operation, i.e.,
(mIPIi )mod(2p ). To compensate measurement differences
among different BSN nodes, the modulo result is further
transformed into a smaller integer by a contraction mapping
fˆ : [0, 2p ) → [0, 2q ), i.e.,
 m 
fˆ(m) = (p−q ) (3)
2
where p > q and · returns the largest integer less than or equal
to m/2(p−q ) . In the following analysis, we will refer to 2(p−q ) as
the mapping parameter. Finally, to increase the noise margin of
measurements, the classical binary reflected Gray code scheme
is employed to get binary EIs.
The generated EI can be expressed as EI = I1 ||I2 · · ·
||IL −1 ||IL , where || is a concatenation operation. Each block
of EI, i.e., Ii , is generated from a corresponding mIPIi . The bit
length of Ii is q, and thus, the bit length of EI is L · q.
B. Computational Complexity
Assume that the signal detection and IPI calculation are basic
functions of body sensors. In this section, the computational
complexity of the proposed generation scheme will be analyzed
by transforming all operations in the scheme into an equivalent
number of addition operations. For the accumulation operation,
the equivalent number of addition operations is (1/2)(L − 1)L.
The computational complexity of modulo operation can be
ignored because given the multi-IPI, which is represented as
(mIPIi )10 = (b15 b14 · · · b0 )2 with two-byte coding space, the
modulo operation can be easily performed by simply read-
ing p least significant bits of the multi-IPI, i.e., [(mIPIi ) mod
(2p )]10 = (bp−1 bp−2 · · · b0 )2 . The contraction mapping can also
be done by reading q most significant bits of the result of mod-
ulo operation, i.e., (bp−1 bp−2 · · · bp−q )2 . Rewrite the mapping
results as (Bq −1 Bq −2 · · · B0 )2 . The corresponding Gray code
(Gq −1 Gq −2 · · · G0 )2 is constructed as follows:

Gq −1 = Bq −1
Gi = Bi+1 ⊕ Bi , i = 0, 1, . . . , q − 2.
It can be seen that the Gray coding only needs (q − 1)
bitwise addition operations for each mapping result. Thus,
the number of bitwise addition operations for the Gray cod-
ing is (q − 1)L. Since bitwise operations are slightly faster
compared to addition operations, a bitwise addition opera-
tion can be regarded as a fraction of an addition operation,
denoted as α(0 < α < 1). To this end, the order of computa-
tional complexity of the generation scheme can be expressed as
O[(1/2)(L − 1)L + α(q − 1)L] = O(L2 ) in terms of addition
operations. It shows that the generation scheme only increases
a little complexity to each sensor node.
C. Matching of Entity Identifiers
Because the biometric traits are time-variant, they should be
captured synchronously at different sensor nodes in the same
BSN. However, there might exist one-IPI nonsynchronization
due to the time delay of cardiovascular pulses and the trans-
mission delay of the synchronization signal. Therefore, an error
toleration mechanism needs to be introduced to make the match-
ing of EIs robust against such errors.
Let x = I1 ||I2 · · · ||IL −1 ||IL and x = I1 ||I2 · · · ||IL −1 ||IL
be the EIs of a judging node and a requesting node that wants
to start a protocol involving identification (e.g. authenticated
key distribution), respectively, and let H denote the Hamming
distance between two binary sequences. With a preset decision
threshold δ, the judging node first carries out a full match to
see
Lif the distance between their identifiers is small enough, i.e.,

H(I , I )) ≤ δ. If it is true, the judging node will accept
k =1 k k
the requesting node. Otherwise, a shift matching will be conse-
quently taking place, i.e., Lk=2 H(Ik , Ik −1 ) ≤ (L − 1)/Lδ
 −1
or Lk =1 H(Ik , Ik +1 ) ≤ (L − 1)/Lδ. If either of these two
inequalities is true, the judging node will also accept the re-
questing node; otherwise, it will reject the request.
V. PERFORMANCE EVALUATION OF IPI-BASED
ENTITY IDENTIFIER
For the performance evaluation of EIs, we will focus on ana-
lyzing the effects of the mapping parameter 2(p−q ) on the per-
formance of EIs, while setting the value of p to 8 according to
the analysis in Section III.
A. Randomness Evaluation
The randomness performance of binary sequences can be
evaluated using a variety of randomness tests. Because of the
length limitation in the generated binary EIs from each subject,
we selected several tests from the National Institute of Stan-
dards and Technology (NIST) standards to do the randomness
BAO et al.: USING THE TIMING INFORMATION OF HEARTBEATS AS AN ENTITY IDENTIFIER TO SECURE BODY SENSOR NETWORK
Fig. 6. Similarity analysis with the Hamming distance (p = 8, L = 16). (a)
q = 5. (b) q = 4. (c) q = 3 and (d) q = 2.
Fig. 7. FA–FR curves of EIs under different q values (p = 8, L = 16). (a) q =
5. (b) q = 4. (c) q = 3 and (d) q = 2.
evaluation, including frequency (monobit) test, frequency test
within a block, cumulative sums test, runs test, and discrete
Fourier transform test [29]. All bit streams passed the selected
tests, and thus, showed an acceptable degree of randomness.
B. Similarity Analysis
The similarity between any pair of EIs generated by sensors
on the same individual can be analyzed with the Hamming
distance. Fig. 6 depicts the Hamming distance distribution of
EIs under different mapping parameters.
C. False Acceptance–False Rejection Performance
False acceptance (FA, also known as false match) and false re-
jection (FR, also known as false nonmatch) were used to charac-
terize the two aspects of EIs. Fig. 7 depicts the FA-FR curves of
EIs generated with different q values, where false rejection rate
(FRR) was the rate at which two EIs generated from the same
person during the same period of time were unmatched, and false
acceptance rate (FAR) was the rate at which two EIs generated
from a different person or at a different time were matched.
Table II shows the error rates of the IPI based biometric system,
777
TABLE II
ERROR RATES ASSOCIATED WITH IPI BIOMETRIC SYSTEMS
(p = 8; q = 2, 3, 4, 5; L = 16)
including the lowest FRR for FAR ≤ 0.1% as well as the min-
imum half total error rate (HTER) that equals (FRR+FAR)/2.
It can be seen from Table II that although larger q values result
in EIs with longer bit lengths, the minimum HTERs are also
generally higher. The parameter δ is the corresponding decision
threshold while the minimum HTER is achieved. Besides, an ef-
ficiency parameter, i.e., η = (n − δ)/n, where n is the bit length
of EI, is used to evaluate the efficiency of the generated EIs. In
practical use, the threshold δ can be set to a smaller value com-
pared to the one corresponding to the minimum HTER, because
a lower FAR is desirable for a more secure system at the expense
of a higher FRR. Moreover, consider the error-correcting coding
scheme (n, k, t) of secret keys described in Section II, where n
is the bit length of codewords, k is the number of information
bits, and t is the error-correcting ability. Since t is often set
equal to the decision-making threshold of the EI, a smaller
threshold is also desirable to get a higher coding rate, i.e., k/n.
As long as the EIs of sensor nodes in the same BSN are
similar enough, the identification process will succeed with a
high probability. Although there are diseases that can cause
abnormal heartbeat signals, all cardiovascular signals captured
by nodes of the same BSN will be undergoing the same kind
of changes in the heart functions. Therefore, the EIs generated
from IPI information by nodes of the same BSN will still have
a high similarity and the proposed method still holds. In fact, in
Exp. II, over two-thirds of subjects were old unhealthy people
with various kinds of cardiovascular diseases. Nevertheless, the
results still show a good FA–FR performance compared with
Exp. I where only young healthy subjects were involved. We
found that the quality of the ECG and PPG signals of Exp.
II were not as good as those recorded in Exp. I, resulting in
higher FRRs. In the future, more tests should be carried out on
specific kinds of patients to study whether the proposed trait and
biometric method are applicable to them.
Compared to one of our previous studies [6] that used the
same set of raw data, this study was able to achieve a lower
778 IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY IN BIOMEDICINE, VOL. 12, NO. 6, NOVEMBER 2008
minimum HTER with fewer IPIs. For example, the error rate
with 64-bit EIs generated from 16 IPIs is 2.83%, while the
previous one was 6.98% using 34 IPIs. In consideration of
resource efficiency, the improved algorithm can use fewer IPIs
to generate EIs of the same bit length, and at the same time,
yield a better FA–FR performance.
On the other hand, the FA–FR performance of conventional
biometric systems can be used as a reference while not a
benchmark for this specific biometric system because of quite
different application scenarios. At the Fingerprint Verification
Competition 2006, state-of-art fingerprint technologies were
able to achieve an averaged equal error rate (i.e., when
FAR = FRR) of 2.16% and lowest averaged FRR for FAR
≤ 0.1% of 4.22% on four databases, each consisting of 150
subjects (http://bias.csr.unibo.it/fvc2006/, 2008). Our system
can achieve minimum HTERs of less than 1.46% and 3.19%
on 14 and 85 subjects, respectively. Moreover, as shown in
Table II, the lowest FRR for FAR ≤ 0.1% that our proposed
system can achieve were 1.65% and 5.03% for 14 and 85
subjects, respectively. The results indicate that the proposed
technology is a promising technique.
VI. CONCLUSION
In this study, we have demonstrated the performance of using
IPIs of heartbeats to generate binary EIs, which allow sensor
nodes on the same person to recognize each other. The proposed
generation scheme of binary EIs based on IPI information is
applicable to any biometric trait that satisfies the requirements
for securing wireless BSNs; however, the modulo parameter and
mapping parameter may vary according to the characteristics of
the underlying biometric trait.
REFERENCES
[1] R. S. H. Istepanian, E. Jovanov, and Y. T. Zhang, “Guest editorial in-
troduction to the special section on m-health: Beyond seamless mobility
and global wireless health-care connectivity,” IEEE Trans. Inf. Technol.
Biomed., vol. 8, no. 4, pp. 405–414, Dec. 2004.
[2] G. Z. Yang, Body Sensor Networks. London: Springer-Verlag, 2006,
pp. 4–13.
[3] Food and Drug Administration (FDA). (2007, Jan.) Radio frequency wire-
less technology in medical devices—Draft guidance for industry and
FDA staff. [Online]. Available: http://www.fda.gov/cdrh/osel/guidance/
1618.html
[4] J. Hash, P. Bowen, A. Johnson, C. D. Smith, and D. I. Steinberg, “An intro-
ductory resource guide for implementing the health insurance portability
and accountability act (HIPAA) security rule,” Nat. Inst. Stand. Technol.,
NIST Spec. Publ. 800-66, Gaithersburg, MD, Mar. 2005.
[5] The European Parliament and the Council of The European Union, “Di-
rective 2002/58/EC concerning the processing of personal data and the
protection of privacy in the electronic communications sector,” Official
J. Eur. Communities, pp. L201/37–47, Jul. 2002.
[6] C. Poon, Y. T. Zhang, and S. D. Bao, “A novel biometrics method to secure
wireless body area sensor networks for telemedicine and m-health,” IEEE
Commun. Mag., vol. 44, no. 4, pp. 73–81, Apr. 2006.
[7] M. Bellare and P. Rogaway, “Entity authentication and key distribution,”
in Proc. 13th Annu. Int. Cryptol. Conf., Santa Barbara, CA, pp. 232– 249,
Aug. 1993.
[8] Information Technology—Security Techniques—Entity Authentication—
Part 1: General, ISO/IEC Standard 9798-1:1997.
[9] Information Technology—Security Techniques—Key Management—
Part 1: Framework, ISO/IEC Standard 11770-1:1996.
[10] Information Technology—Security Techniques—Key Management—Part
1: Mechanisms Using Symmetric Techniques, ISO/IEC Standard 11770-
2:1996.
[11] D. J. Malan, M. Welsh, and M. D. Smith, “A public-key infrastructure for
key distribution in TinyOS based on elliptic curve cryptography,” in Proc.
1st IEEE Int. Conf. Sens. Ad Hoc Commun. Netw., Oct. 2004, pp. 71–80.
[12] A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. E. Culler, “SPINS:
Security protocols for sensor networks,” Wireless Netw., vol. 8, no. 5,
pp. 521–534, Sep. 2002.
[13] C. Karlof, N. Sastry, and D. Wagner, “TinySec: A link layer security archi-
tecture for wireless sensor networks,” in Proc. 2nd Int. Conf. Embedded
Netw. Sens. Syst., Baltimore, MD, 2004, pp. 162–175.
[14] H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes
for sensor networks,” in Proc. IEEE Symp. Sec. Privacy, Oakland, CA,
May 2003, pp. 197–213.
[15] O. G. Morchon, H. Baldus, and D. S. Sanchez, “Resource-efficient security
for medical body sensor networks,” in Proc. Int. Workshop Wearable
Implantable Body Sens. Netw., Cambridge, MA, Apr. 2006, pp. 80–83.
[16] L. Eschenauer and V. Gligor, “A key-management scheme for distributed
sensor networks,” in Proc. 9th ACM Conf. Comput. Commun. Sec.,
Washington, DC, Nov. 2002, pp. 41–47.
[17] D. Liu, P. Ning, and R. Li, “Establishing pairwise keys in distributed
sensor networks,” ACM Trans. Inf. Syst. Sec., vol. 8, no. 1, pp. 41–77,
Feb. 2005.
[18] W. Du, J. Deng, Y. S. Han, P. K. Varshney, J. Katz, and A. Khalili, “A
pairwise key predistribution scheme for wireless sensor networks,” ACM
Trans. Inf. Syst. Sec., vol. 8, no. 2, pp. 228–258, May 2005.
[19] D. Liu, P. Ning, and W. Du, “Group-based key pre-distribution in wireless
sensor networks,” in Proc. 4th ACM Workshop Wireless Sec., Cologne,
Germany, Sep. 2005, pp. 11–20.
[20] A. K. Jain, A. Ross, and S. Prabhakar, “An introduction to biometric
recognition,” IEEE Trans. Circ. Syst. Video Technol., vol. 14, no. 1,
pp. 4–20, Jan. 2004.
[21] P. Reid, Biometrics for Network Security. Englewood Cliffs, NJ:
Prentice-Hall, 2004, pp. 4–5.
[22] S. Cherukuri, K. K. Venkatasubramanian, and S. K. S. Gupta, “BioSec:
A biometric based approach for securing communication in wireless net-
works of biosensors implanted in the human body,” in Proc. IEEE Int.
Conf. Parallel Process. Workshops, 2003, pp. 432–439.
[23] A. Juels and M. Wattenberg, “A fuzzy commitment scheme,” in Proc. 6th
ACM Conf. Comput. Commum. Sec., 1999, pp. 28–36.
[24] J. S. Richman and J. R. Moorman, “Physiological time-series analysis
using approximate entropy and sample entropy,” Am. J. Physiol., vol. 278,
no. 6, pp. H2039–H2049, 2000.
[25] A. L. Rukhin, “Approximate entropy for testing randomness,” J. Appl.
Probab., vol. 37, no. 1, pp. 88–100, Mar. 2000.
[26] D. E. Lake, J. S. Richman, M. P. Griffin, and J. R. Moorman, “Sample
entropy analysis of neonatal heart rate variability,” Am. J. Physiol. Regul.
Integr. Comp. Physiol., vol. 283, no. 3, pp. R789–R797, 2002.
[27] M. G. Signorini, F. Marchetti, and S. Cerutti, “Applying nonlinear noise
reduction in the analysis of heart rate variability,” IEEE Eng. Med. Biol.
Mag., vol. 20, no. 2, pp. 59–68, Mar./Apr. 2001.
[28] R. Yulmetyev, P. Hanggi, and F. Gafarov, “Quantification of heart rate vari-
ability by discrete nonstationary non-Markov stochastic process,” Phys.
Rev. E, vol. 65, pp. 046107-1–046107-15, 2002.
[29] A. Rukhin et al., “A statistical test suite for random and pseudoran-
dom number generators for cryptographic applications,” Nat. Inst. Stand.
Technol., NIST Special Publication 800-22, Gaithersburg, MD, 2001.
Shu-Di Bao (S’03–M’08) received the B.S. degree
from Ningbo University, Ningbo, China, in 1999,
and the M.S. and Ph.D. degrees from the Southeast
University, Nanjing, China, in 2003 and 2007,
respectively, all in communications and information
systems.
She was a Research Assistant at the Joint Research
Centre for Biomedical Engineering, Chinese Univer-
sity of Hong Kong, Shatin N.T., Hong Kong. She is
currently an R&D Engineer at Agilent Technologies
Singapore, Singapore. Her previous research interests
included information retrieval, security and fault tolerance, efficient communi-
cations for body sensor networks, and telemedicine systems.
Dr. Bao won the Young Investigator Award (YIA) and the YIA Best Pre-
sentation Award at the 6th Asian-Pacific Conference on Medical and Biological
Engineering in 2005 and the Second Prize of the International Federation for
Medical and Biological Engineering (IFMBE) Outstanding Chinese Student
Award at the 27th Annual International Conference of the IEEE Engineering in
Medicine and Biology Society in 2005.
BAO et al.: USING THE TIMING INFORMATION OF HEARTBEATS AS AN ENTITY IDENTIFIER TO SECURE BODY SENSOR NETWORK
Carmen C. Y. Poon (S’05–M’08) received the
B.A.Sc. degree in engineering science (Biomedical
Option) and the M.A.Sc. degree in biomedical engi-
neering from the University of Toronto, ON, Canada,
and the Ph.D. degree from Chinese University of
Hong Kong, Shatin N.T., Hong Kong.
She was a Postdoctoral Fellow at Chinese Uni-
versity of Hong Kong. She is currently with the
Joint Research Centre for Biomedical Engineering,
Chinese University of Hong Kong. Her current re-
search interests include biosignal processing, biosys-
tem modeling, and development of wearable medical devices for telemedicine
and m-Health.
Dr. Poon was awarded the First Prize of the International Federation for
Medical and Biological Engineering (IFMBE) Outstanding Chinese Student
Award at the 27th Annual International Conference of the IEEE Engineering in
Medicine and Biology Society in 2005.
Yuan-Ting Zhang (M’90–SM’93–F’06) received
the Master’s degree from Shandong University, Jinan,
China, and the Ph.D. degree from the University of
New Brunswick, Fredericton, NB, Canada, in 1990.
From 1989 to 1994, he was a Research Associate
and an Adjunct Assistant Professor at the University
of Calgary, Calgary, AB, Canada. During 1996–1997
and 2000–2001, he was the Chair of the Biomedical
Division, Hong Kong Institution of Engineers. He
is currently the Head of the Division of Biomedical
Engineering and the Director of the Joint Research
Centre for Biomedical Engineering, Chinese University of Hong Kong, Shatin
N.T., Hong Kong. He is also the Director of the Key Laboratory of Biomedical
Informatics and Health Engineering, Chinese Academy of Sciences, and the
Chairman (Adjunct) of the Department of Biomedical Engineering, Sun Yat-
sen Medical School, Sun Yat-Sen University, Guangzhou, China. His current
research interests include neural engineering, terahertz (THz) imaging, wearable
medical devices, and body sensor networks particularly for mobile health and
telemedicine. He is the author or coauthor of more than 300 scientific articles
in the area of biomedical engineering.
779
Dr. Zhang has been active in the IEEE Engineering in Medicine and Biology
Society (EMBS). He was the Technical Program Chair of the 20th Annual In-
ternational Conference in 1998 and the General Conference Chair of the 27th
Annual International Conference in 2005. He was the Technical Programme
Committee (TPC) Chair of the IEEE-EMBS Summer School and Symposium
on Medical Devices and Biosensors (ISSS-MDBS) in 2006. He was elected as
an AdCom member in 1999 and served as the Vice President (Conferences)
in 2000. He was also an Associate Editor for the IEEE TRANSACTIONS ON
BIOMEDICAL ENGINEERING and the IEEE TRANSACTIONS ON MOBILE COMPUT-
ING. He was also the Guest Editor of the IEEE COMMUNICATION MAGAZINE
and IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY IN BIOMEDICINE. He
has been selected as the Editor-in-Chief of the IEEE TRANSACTIONS ON IN-
FORMATION TECHNOLOGY IN BIOMEDICINE. He is currently a member of the
Editorial Board of the Book Series of Biomedical Engineering (IEEE Press),
the IEEE-EMBS Technical Committee of Wearable Systems and Sensors, the
Editorial Committee of China Medical Device Information, and an Associate
Editor of the International Journal of NeuroEngineering and Rehabilitation.
He is an honorary advisor of the Hong Kong Medical and Healthcare Device
Manufacture Association. He has received numerous awards and recognitions
that include the Fellow of the International Academy of Medical and Biological
Engineering, the Fellow of the American Institute for Medical and Biological
Engineering, and the 2006 recipient of the IEEE-EMBS Service Award.
Lian-Feng Shen received the B.S. degree in radio
technology and the M.S. degree in radio communica-
tions from the Southeast University, Nanjing, China,
in 1978 and 1982, respectively.
Since 1997, he has been a Professor at the Na-
tional Mobile Communications Research Laboratory,
Southeast University. His current research interests
include information theory and technologies, coding
theory, and wireless and mobile communications. He
has been recently focusing on the broadband mobile
communications including wireless Internet technol-
ogy, broadband wireless access systems, intelligent home networks, wireless
sensor networks, and broadband wireless multimedia communications.