BANDANA - Body Area Network Device-to-device ... Body Area Network Device-to-device Authentication using Natural gAit Dominik Schürmann, Arne Brüsch, Stephan Sigg†, Lars Wolf*,

BANDANABody Area Network Device-to-device Authenticationusing Natural gAitDominik Schürmann*, Arne Brüsch*, Stephan Sigg†, Lars Wolf*, 2017-03-15*Institute of Operating Systems and Computer Networks, TU Braunschweig†Ambient Intelligence, Comnet, Aalto University

Introduction Quantization Protocol Conclusion

Waking up on Hawaii…

Jet lagAwesome sunriseLet’s go jogging

2017-03-15 Dominik Schürmann, Arne Brüsch, Stephan Sigg, Lars Wolf BANDANA Page 2 of 14



Quantified self




Putting on your wearables




Putting on all your wearables




Putting on all your wearables



Device-to-Device Authentication

Bluetooth Authentication“Just works” profileStill pressing buttonsDH key exchangeNo MitM protection

BANDANAPerson’s gait (walking pattern)Zero interactionIndependent of on-body locationMitM protection



Device-to-Device Authentication

Bluetooth Authentication“Just works” profileStill pressing buttonsDH key exchangeNo MitM protection

BANDANAPerson’s gait (walking pattern)Zero interactionIndependent of on-body locationMitM protection



Novelty

Unlock smartphonesMuaaz et al. 2015Hoang et al. 2015

Device2Device AuthenticationNo init procedure with templatesFresh secrets for each D2Dauthentication

Gait Cycle



Accelerometer Reading

0 1 2 3 4 5 6 7−5

0

5

Time [s]

Acce

lera

tion

[m/

s2 ]

Accelerometer reading on z-axis only



Rotated Signal

0 1 2 3 4 5 6 70

10

20

Time [s]

Acce

lera

tion

[m/

s2 ]

Orientation relative to ground usingMadgwick’s Algorithm

Notice influence of gravity gz

y x

g



Noise-Reduced Signal

0 1 2 3 4 5 6 7−5

0

5

Time [s]

Acce

lera

tion

[m/

s2 ]

Apply a bandpass filter to keep frequencies between 0.5 and 12 Hz



Gait-Cycle Detection

0 1 2 3 4 5 6−5

0

5

Time [s]

Acce

lera

tion

[m/

s2 ]

Partition data into gait cyclesResample gait cycles to equal lengthCalculate average gait cycle



Quantization

−5

0

5

Acce

lera

tion

[m/

s2 ]

−5

0

5

Acce

lera

tion

[m/

s2 ]

−5

0

5

Acce

lera

tion

[m/

s2 ]

Cycle Average Cycle 1 0 0 1

Average gait cycle overlaid on each original gait cycle4 bits per cycle



Quantization

−5

0

5

Acce

lera

tion

[m/

s2 ]

a) 1001 0100 1001 1010 1010 1001 0101 0110

b) 1001 0100 1001 1010 1010 1001 0101 0110

c) 0111 1000 1001 0101 1000 1100 1011 1000

Average gait cycle overlaid on each original gait cycle4 bits per cycle



Comparison between Locations

−5

0

5

Acce

lera

tion

[m/

s2 ]

forearm: 0111 1000 1001 0101 1000 1100 1011 1000

−5

0

5

Acce

lera

tion

[m/

s2 ]

waist: 0110 1000 1001 0001 1001 1001 1100 1010



Evaluation

Intra-body

chest

forear

mhead sh

inthigh

uppera

rmwais

t0

0.2

0.4

0.6

0.8

1

Inter-body

Sim

ilarit

y



A

A

A

A

A

A

B

B

B

B

B

B

Authentication Request

Sensor RecordingMadgwick, Bandpass Filter

Gait Cycle DetectionQuantization, Reliability⇒ f̃A, rA

Sensor RecordingMadgwick, Bandpass Filter

Gait Cycle DetectionQuantization, Reliability⇒ f̃B, rB

rA rB

If h(rB) > h(rA): rA = rBfA = Rel(f̃A, rA)fA

Fuzzy Crypto−−−−−−→ k

If h(rA) > h(rB): rB = rAfB = Rel(f̃B, rB)fB

Fuzzy Crypto−−−−−−→ kPassword Authenticated Key Exchange (PAKE)

s = PAKE(k) s = PAKE(k)



Conclusion

Device-to-Device authentication for Body Area NetworksZero-interaction based on human gait patternFor 128 bit keys, 192 bit fingerprints are generated (48 cycles),disregarding 64 unreliable bitsWorst-case duration: 96 s80% similarity required for fuzzy cryptography⇒ 103-bit security level for the PAKE password.

Any questions?Dominik Schürmann <[email protected]>



Conclusion

Device-to-Device authentication for Body Area NetworksZero-interaction based on human gait patternFor 128 bit keys, 192 bit fingerprints are generated (48 cycles),disregarding 64 unreliable bitsWorst-case duration: 96 s80% similarity required for fuzzy cryptography⇒ 103-bit security level for the PAKE password.

Any questions?Dominik Schürmann <[email protected]>


Backup Slides


Spectral Coherence

0 5 10 15 20 250

0.2

0.4

0.6

0.8

1

Frequency

γ2

Same subjects, different locationsDifferent subjects, same locationsDifferent subjects, different locations

Figure: Average spectral coherence over full sensor readings of the Mannheimdataset for same and different subject.


Reliability

N+0

N+16

N+32

N+48

N+64

N+128

0.6

0.7

0.8

0.9

1

Total Fingerprint Size M

Sim

ilarit

y[%

]

Figure: Fingerprint similarity of different sizes M with cutoff at N = 128 toevaluate the influence of Rel().


Fingerprint Similarity

Table: Fingerprint similarity between locations on the same body(intra-body). Shown is the mean over all 15 subjects.

chest

forear

m

head shin

thighupp

erarm

waist

chest 1.0 0.82 0.74 0.78 0.78 0.88 0.81forearm 0.82 1.0 0.8 0.81 0.88 0.89 0.89head 0.74 0.8 1.0 0.8 0.76 0.77 0.78shin 0.78 0.81 0.8 1.0 0.77 0.78 0.8thigh 0.78 0.88 0.76 0.77 1.0 0.85 0.84upperarm 0.88 0.89 0.77 0.78 0.85 1.0 0.88waist 0.81 0.89 0.78 0.8 0.84 0.88 1.0


Entropy

1-19 20-35 36-47 48-51 52-55 56-88 89-950

0.2

0.4

0.6

0.8

1

p-va

lue

1:birthdays 5:bitsream 9:count1sstr 13:3dsphere 17:marsagliatsangcd 36-47:rgb-bitdistribution (1-12) 90:dab-bytedistrib2:operm5 6:opso 10:count1sbyt 14:squeeze 18:sts-monobit 48-51:rgb-minimum-distance (2-5) 91:dab-dct3:rank32x32 7:oqso 11:parkinglot 15:runs 19:sts-runs 52-55:rgb-permutations (2-5) 92-93:dab-filltree (20-21)4:rank6x8 8:dna 12:2dsphere 16:craps 20-35:sts-serial (1-16) 56-88:rgb-lagged-sum (0-32) 94:dab-filltree (32)

89:rgb-kstest-test 95:dab-monobit2 (12)

Figure: Distribution of p-values achieved for 128 bit keys (fingerprint lengthM = 192, 64 unreliable bits removed) in 21 runs of the various statistical tests ofthe dieHarder set of statistical tests.


Documents

BANDANA - Body Area Network Device-to-device ... Body Area Network Device-to-device Authentication using Natural gAit Dominik Schürmann*, Arne Brüsch*, Stephan Sigg†, Lars Wolf*,

BANDANA - Body Area Network Device-to-device ... Body Area Network Device-to-device Authentication using Natural gAit Dominik Schürmann, Arne Brüsch, Stephan Sigg†, Lars Wolf*,