Feasibility analysis of Inter-Pulse Intervals based solutions for cryptographic token generation by two electrocardiogram sensors☆
Introduction
Interest in biometrics has gained momentum in the last years mostly due to the massive use of daily life devices like smartwatches, smartphones and laptops [1], [2]. This technology identifies and authenticates people in an automatic way based on biological and behavioral traits [3]. This interest is not temporary. According to a recently published report, global biometric market revenues will reach $34.6 billion annually in 2020, especially in mobile devices [4].
From a technical point of view, biometrics can be classified into two main groups depending on whether they use physiological or behavioral signals. Examples of physiological signals include fingerprints, iris, retina, heart and brain signals, whereas voice, signature analysis or keystroke dynamics are behavioral signals. The main reason why such signals can be easily included in authentication systems is because they exhibit a number of desirable features: they are universal, collectible, unobtrusive, permanent, unique, and difficult to circumvent [5].
The research outcome in this area is that most gadgets, such as smartphones, tablets, wearables and Implantable Medical Devices (IMDs), have been equipped with one or more embedded sensors with the ability to measure biometric parameters from the bearer. Besides having biometrics sensors, most (if not all) of these devices are enhanced with some wireless communication technology, e.g., Bluetooth, WiFi or Radio Frequency (RF), allowing them to share data and to perform remote reconfiguration [6]. All the above has given birth to the so-called Wireless Body Area Network (WBAN).
In the last years, several works have focused on using the heart signal as part of either authentication protocols [8], [9], [10], human identification [11], [12], or as a key generation algorithm [13], [14], [15], [16] to enable secure communications. More concretely, authors use the Electrocardiogram (ECG) to extract the time difference between two consecutive heartbeats (R-peaks). These time intervals are referred to as Inter-Pulse Intervals (IPIs) or RR-intervals and have been shown to contain some degree of entropy after applying a quantization algorithm (see Section 3.2.1). This makes the IPI values an ideal candidate to generate tokens to be used in cryptographic solutions (e.g., [8], [10], [17], [18], [19]).
In order to obtain a biometric signature based on the heart signal, different sensors such as ECG, Photoplethysmographic (PPG) or Blood Pressure (BP) can be used. The ECG signal is measured using electrodes usually placed on the chest which detect the tiny electrical changes in the heart and generate a complex digital signal. The PPG detects the pulse of the heart by measuring the amount of light which is reflected in the skin to a photodiode. As a light source, most of the commercial gadgets have a LED on them, e.g., smartwatches and sport wrists. As an example on how these advances may be used for new purposes, some researchers have recently used a BP sensor to get the bearer’s heart signal [10]: this sensor can measure the pressure in large arteries in the systemic circulation, so the signal reflects the up and down fluctuation of the arterial pressure which is related to each heartbeat.
Using these sensors is not trivial though, as there are some technical difficulties due to different factors. For example, even when two similar sensors – from the same manufacturer, having the same brand, and with the same capabilities – are measuring the same heart signal in the same part of the body, the resulting signal would likely be different in both sensors due to the noise of the signals, missed data during the gathering phase, delays, or simply because of the bearer’s movements [20].
Along the same lines, it has been reported in [21] that both Heart-Rate Variability (HRV) and Inter-Sensor Variability (VAR) measurements directly affect the processing of the heart signal and, in particular, the peak detection procedure. These issues become crucial when a cryptographic protocol entirely relies on biometric data acquisition to generate random tokens, e.g., random seeds or fresh nonces, to be used for key generation [22] or in authentication procedures [8].
In particular, the problem of signal synchronization is quite relevant in the health sector where expensive medical electrodes are used. Let us consider a real example of measuring ECGs using two different sensors. Fig. 1 shows two ECG signals, channel 1 (ECG) and channel 2 (ECG), taken from the public database svdb [7]. This database is composed of 78 half-hour ECG recordings of supraventricular arrhythmias. The beats per minute (bpm) in both signals are the same, or, in the worst case, show a difference of a few bpm. However, at low level, the time differences between two consecutive heartbeats (R-peaks), are slightly different in ECG and ECG. Thus, despite sensing the same ECG from the same patient, both channels have different signals, and it is easy to see that even by shifting any of the signals it could not be possible to fully synchronize them.
Authors are somehow aware of this problem and for instance in [20], a miss-detection algorithm is proposed that given two ECGs, authors “manually” add a peak in the place where it was supposed to be whenever it is detected that a peak was missing in order to generate the same token in different devices. Some years later, in [23], authors propose a key-exchange protocol among a Programmer1 and an IMD where both devices generate the same key from the heart signal. After gathering the same signal, authors apply a Bose-Chaudhuri-Hocquenghem (BCH), which is an Error Correcting Code (ECC), to the generated keys in both devices to finally get the same value.
No matter if authentication protocols for WBAN were published [8], [11], [24], if key distribution schemes based on the heart signals were proposed [9], [23] or whether authors assumed that there is a secure communication channel and a shared key is derived from the heart signal to be used afterwards in a cryptographic protocol [10], [13], [20], [25], all these proposals rely on the same assumption: there are two sensors measuring the heart signal and they can derive the same cryptographic token under an IPI-based approach and after applying an ECC algorithm like BCH. Unfortunately, after an in depth analysis (19 databases), we show that the above claim does not hold when only an ECC algorithm is used to correct errors between the two generated tokens.
Motivated by this, we carry out an analysis on the (open) question concerning the generation of a cryptographic token based on the analysis of IPI values from different ECG devices that are sensing the same heart signal. Our analysis is based on the use of a run-time monitor, extracted from a formal model, i.e., a timed automaton, that is verified against predefined properties, combined with a fuzzy extractor (i.e., an ECC) to improve the final result. We show that it is impossible, in general, to correct the differences between the two captured signals when using only the fuzzy extractor, thus being impossible to corroborate previous claims on the feasibility of the approach.
Our proposed method can successfully synchronize two heart signals through IPI values and extract a common token that can be used afterwords as part of a cryptographic protocol, as one more security check in order to proof that both devices are attached to the same body by proving that they are listening to the same heart signal, i.e., they are attached to the same body.
To the best of our knowledge, this is the first work to use a run-time monitor in combination with a fuzzy extractor. In addition, to demonstrate the validity of our approach, we provide a large-scale evaluation of the proposed method over 19 public databases containing heart signals. However, we do not evaluate how good or bad the IPI-based generated random tokens are from a cryptographic point of view; we urge the reader to consult [26] for an in-depth analysis of this issue.
After applying our proposed solution to public databases containing at least two measurements of heart signals (ECG and ECG), we conclude that a fuzzy extractor (or another error correction technique) is not enough to correct the synchronization errors between the IPI values derived from two ECG signals captured via two sensors placed on different positions (Section 3). In particular, we show that a pre-processing of the heart signal must be performed before the fuzzy extractor is applied.
In summary, our contributions are:
- •
We perform an in-depth analysis of the problem of how to synchronize two cryptographic tokens generated by two different ECG sensors that record the same heart signal and use the IPIs as the basics for generating the mentioned tokens. We show how an initial signal pre-processing step is necessary for the error correction algorithm (e.g., fuzzy extractor) to work properly. Our results show that it is not possible to assume that two sensors can derive a common token just by applying an error correction algorithm without having previously synchronized both signals. In summary, this first result gives evidence that the assumptions under which previous IPI-based solutions operate are not correct and does not guarantee that the same token can be extracted from two ECGs sensors (Section 3.2).
- •
In order to perform the synchronization (at IPI values level) between two ECGs sensors, we have generated a run-time monitor from a timed automaton, which has been verified correct with respect to predefined timing properties. We compare our results before and after applying a fuzzy extractor and demonstrate our improvement in performance (Section 3.3).
- •
We modified our timed automaton and the monitor in order to extract a token with a given accuracy (namely 32, 64 and 128 bits), in order to gather statistical information on how long it would take (median) to get a token with the requested accuracy. We found that to generate a 32, 64 and 128 bits tokens, a sensor should wait on median 13, 28 and 56.5 s, respectively (for individual with a heart rate of 80 beats-per-minute), instead of 6, 12, and 24 s as reported in previous works, i.e., [8], [11], [27], [28] (Section 3.3.2).
- •
We have developed a proof-of-concept implementation of an ECG-based token generator by using a BITalino shield2 (Section 4). This shield has two ECG channels connected using wires and the pre-processing is executed before the token generation (IPI-based approach in our particular case) takes place. The purpose of this proof-of-concept is to shed further light on the technical real difficulties in getting a fully working implementation of such a solution.
- •
As it was previously stated, the contributions in this article shed light on the feasibility of IPI-based solutions, where two sensors obtain such values from the same organ (in our case the heart). On the other hand, in this article we do not analyze the security of IPI values, which has been widely studied in the literature (e.g., [8], [10], [18], [26]).
The rest of this paper is organized as follows, in Section 2 we provide some basic knowledge in order to facilitate the reading of the rest of the paper. Section 3 presents the core of our work, while Section 4 introduces our proof-of-concept implementation of the proposed solution. Section 5 contains a summary of the main published papers in this research area. Finally, we conclude and present future directions for further research in the last Section.
Section snippets
Background
In this section we provide some preliminaries on Body Area Networks (BANs) and we give a brief overview of the datasets used for the experiments. After this, we yield an overview of related work that has explored how heart signals can be applied to biometrics and cryptography. We also discuss why fuzzy extractors are often used in the literature together with biometrics. Finally, we give some background about modeling and verification of real-time systems focusing on how formal verification is
ECG-based token generation procedure
In this section, we first explain the methodology we have followed to carry out our research. We then explain in detail how we generated tokens from different ECG signals, and demonstrate how a pre-processing phase is needed to agree on the same token generated. Finally, we propose a timed automaton satisfying our properties and create the corresponding monitor in order to synchronize the signals (and thus generate the same token).
Proposed solution
In this Section we provide a proof-of-concept implementation to demonstrate whether two sensors can derive the same token from the heart signal using real hardware. The purpose of the presented proof-of-concept is to show the feasibility of our solution as well as the minimum requirements for generating common tokens on different ECG sensors. For this first approach, and similarly to previous proposals (e.g., [23], [81], [82]), we assume the communications to be secure between the sensors and
Related work
Several studies have been done in the area of security and privacy applied to biometrics, and in particular where heart signals are involved (e.g., [8], [9], [19]] In most of these works, there are three main assumptions: (1) bits extracted from the heart signal can be considered random [8], [10]; (2) two sensors placed in the same body can generate the same random token from the heart signal [11], [18], [20], [78], and; (3) two sensors should gather 32 consecutive peaks in order to generate a
Conclusion
In this paper we tested whether error corrections algorithms, including fuzzy extractors, can be used alone to claim that two different sensors are able to derive equal tokens from two ECG signals measured at different parts of the body by using an IPI-based approach as proposed in many previous works [8], [10], [11], [15], [27]. We run the experiments against 19 public databases from Physionet repository, and we can clearly conclude that a pre-processing of the heart signal is mandatory for
Lara Ortiz-Martin is a PhD. student in Computer Science at Universidad Carlos III de Madrid. She received a MSc. degree in Computer Science from the same university. Her current research interests include systems security, applied cryptography and biometrics. She is also working on web technologies in the industry.
References (89)
An approach to develop the smart health using internet of things and authentication based on biometric technology
Future Gener. Comput. Syst.
(2019)- et al.
Monitoring of pet animal in smart cities using animal biometrics
Future Gener. Comput. Syst.
(2018) - et al.
Encryption by heart (ebh)—using ecg for time-invariant symmetric key generation
Future Gener. Comput. Syst.
(2017) - et al.
Energy efficient and load balanced priority queue algorithm for wireless body area network
Future Gener. Comput. Syst.
(2018) Are electroencephalogram (eeg) signals pseudo-random number generators?
J. Comput. Appl. Math.
(2014)- et al.
Biometric random number generators
Comput. Secur.
(2004) - et al.
A theory of timed automata
Theoret. Comput. Sci.
(1994) - et al.
Real-time logics: complexity and expressiveness
Inform. and Comput.
(1993) - et al.
Real-time electrocardiogram streams for continuous authentication
Appl. Soft Comput.
(2018) - et al.
A lightweight method of data encryption in bans using electrocardiogram signal
Future Gener. Comput. Syst.
(2019)
Optimization of signal quality over comfortability of textile electrodes for ecg monitoring in fog computing based medical applications
Future Gener. Comput. Syst.
An Introduction to Biometric Authentication Systems
The global biometrics and mobility report: the convergence of commerce and privacy
Tech. rep.
Look into my eyes: a survey of biometric security.
Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices
Improved detection and classification of arrhythmias in noise-corrupted electrocardiograms using contextual information
Heart-to-heart (h2h): authentication for implanted medical devices
A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health
IEEE Commun. Mag.
Enhancing heart-beat-based security for mhealth applications
IEEE J. Biomed. Health Inf.
Using the timing information of heartbeats as an entity identifier to secure body sensor network
IEEE Trans. Inf. Technol. Biomed.
Human identification using compressed ECG signals
J. Med. Syst.
Analysis of using interpulse intervals to generate 128-bit biometric random binary sequences for securing wireless body sensor networks
IEEE Trans. Inf. Technol. Biomed.
Method for seamless unlock function for mobile applications
On using a von neumann extractor in heart-beat-based security
Deriving cryptographic keys from physiological signals
Pervasive Mob. Comput.
Entropy extraction from bio-signals in healthcare iot
Multiple ecg fiducial points based random binary sequence generation for securing wireless body area networks
IEEE J. Biomed. Health Inf.
Peak misdetection in heart-beat-based security: characterization and tolerance
Comparison of heart rate variability from ppg with that from ecg
A biometric key establishment protocol for body area networks
Int. J. Distrib. Sens. Netw.
Secure key-exchange protocol for implants using heartbeats
A novel key distribution of body area networks for telemedicine
Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body
Heartbeats do not make good pseudo-random number generators: an analysis of the randomness of inter-pulse intervals
Entropy
Imdguard: securing implantable medical devices with the external wearable guardian
Cryptographic key generation using ecg signal
The internet of things for health care: a comprehensive survey
IEEE Access
Physiobank, physiotoolkit, and physionet: components of a new research resource for complex physiologic signals
Circulation
Age-related alterations in the fractal scaling of cardiac interbeat interval dynamics
Am. J. Physiol.-Regul. Integr. Comparative Physiol.
The apnea-ecg database
Predicting the onset of paroxysmal atrial fibrillation: the computers in cardiology challenge 2001
A comparison of heartbeat detectors for the seismocardiogram
Cited by (4)
ECG signals-based security and steganography approaches in WBANs: A comprehensive survey and taxonomy
2024, Sustainable Computing: Informatics and SystemsA new biometrics-based key establishment protocol in WBAN: energy efficiency and security robustness analysis
2020, Computers and SecurityCitation Excerpt :In this work, we assume that the WBAN's nodes are able to perform, simultaneously, multiple sensing functions. Nowadays, it is common to have these kind of devices such as smartwatches, equipped, in the same time, with accelerometers, Global Positioning System (GPS), and ECG to measure the heart rate (Ortiz-martin et al., 2019). To be optimal and appropriate for WBANs, our protocol has to enable efficient and reliable generation of symmetric keys using ECG, while optimising the consumed resources in this key establishment process.
Are the Interpulse Intervals of an ECG signal a good source of entropy? An in-depth entropy analysis based on NIST 800-90B recommendation
2020, Future Generation Computer SystemsCitation Excerpt :This algorithm fundamentally transforms a continuous signal into a discrete one and applies a Gray code to decrease the errors of the signal. We took the public source code recently released by Ortiz et al. [44] and made some slight modifications to get all the IPIs. This task was particularly computational demanding due to the amount of IPIs to generate and the number of databases involved in the experiment.
A Privacy-Preserving ECG-Based Authentication System for Securing Wireless Body Sensor Networks
2022, IEEE Internet of Things Journal
Lara Ortiz-Martin is a PhD. student in Computer Science at Universidad Carlos III de Madrid. She received a MSc. degree in Computer Science from the same university. Her current research interests include systems security, applied cryptography and biometrics. She is also working on web technologies in the industry.
Pablo Picazo-Sanchez received the PhD. degree in Computer Science from the Carlos III University of Madrid, in 2016. Currently he works at Chalmers University, Sweden, in a postdoc position in the Formal Methods division. His current research interests include systems security, applied cryptography and web security.
Pedro Peris-Lopez holds an Associate Professor position at Universidad Carlos III de Madrid. He has a M.Sc. in Telecommunications Engineering (2004) and Ph.D. in Computer Science (2008) from University Carlos III of Madrid. His research interests are in the fields of cryptography, computer forensics, signal processing, and artificial intelligence. Nowadays, his research is mainly focused on Implantable Medical Devices (IMD) and Biomedical applications. He has published many articles (40) in International Journals with impact factor and papers (41) in International Conferences of recognized prestige (peer- reviewed; 2–4 reviewers). His works have a high impact: the whole of his works have more than 3341 cites and his h-index is 26 (04/2018 - Google Scholar). For additional information see: www.lightweightcryptography.com
Juan Tapiador is Associate Professor of Computer Science in the Com- puter Security (COSEC) Lab at Universidad Carlos III de Madrid, Spain. His main research interests include systems security, malware analysis, reverse en- gineering, and anomaly and intrusion detection.
Gerardo Schneider received a PhD degree in Computer Science from the University Joseph Fourier (thesis done at the VERIMAG laboratory), Grenoble (France), in 2002. From 2003 till 2009 he was a researcher at Uppsala University (Sweden), Irisa/INRIA Rennes (France), and the University of Oslo (Norway). He joined the Department of Computer Science and Engineering at the Univer- sity of Gothenburg (Sweden) in July 2009, where he has been a full professor since July 2014. His research interests include formal verification (static and runtime verification, model checking, testing), the specification and analysis of normative documents, and security & privacy.
- ☆
This work was partially supported by the Spanish CAM grant S2013/ICE-3095 (CIBERDINE), the Spanish MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV), and, by the Swedish Research Council (Vetenskapsrådet) under grant Nr.2015-04154 (PolUser: Rich User-Controlled Privacy Policies).