2015
DOI: 10.1007/978-3-662-48051-9_18
|View full text |Cite
|
Sign up to set email alerts
|

On Vulnerabilities of the Security Association in the IEEE 802.15.6 Standard

Abstract: Abstract. Wireless Body Area Networks (WBAN) support a variety of real-time health monitoring and consumer electronics applications.The latest international standard for WBAN is the IEEE 802.15.6. The security association in this standard includes four elliptic curve-based key agreement protocols that are used for generating a master key. In this paper, we challenge the security of the IEEE 802.15.6 standard by showing vulnerabilities of those four protocols to several attacks. We perform a security analysis o… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1

Citation Types

0
32
0
1

Year Published

2015
2015
2020
2020

Publication Types

Select...
5
3

Relationship

2
6

Authors

Journals

citations
Cited by 42 publications
(33 citation statements)
references
References 12 publications
0
32
0
1
Order By: Relevance
“…This standard specifies short range wireless communication inside or on the human body [28]. However, several security problems have been noted [4], and communication can be achieved in a variety of ways, including ZigBee, Bluetooth, internet, WIMAX, RF, Volte, and 2, 3, or 4G mobile telephone networks [30,47,49]. Wireless body area networks function in either a one-hop or two-hop star topology [35].…”
Section: Wireless Body Area Networkmentioning
confidence: 99%
“…This standard specifies short range wireless communication inside or on the human body [28]. However, several security problems have been noted [4], and communication can be achieved in a variety of ways, including ZigBee, Bluetooth, internet, WIMAX, RF, Volte, and 2, 3, or 4G mobile telephone networks [30,47,49]. Wireless body area networks function in either a one-hop or two-hop star topology [35].…”
Section: Wireless Body Area Networkmentioning
confidence: 99%
“…The authors in [11,12] show that a dictionary attacker who eavesdrops messages between the initiator and the responder in a protocol run can obtain PK I and PK I and compute Q(PW) from Q(PW) = PK I − PK I . Then, Q(PW) can be used as a verifier and the attacker can try probable PWs from a dictionary of most probable passwords and check them using Q(PW).…”
mentioning
confidence: 99%
“…The author in [11,12] illustrates that if SK I has been compromised by an attacker, the attacker can acquire the Diffie-Hellman key K through computing K = SK I × PK R and MK from MK = CMAC 128 (LMB 128 (K), N I N R ) since PK R , N I and N R are sent in the form of plaintext. …”
mentioning
confidence: 99%
“…Despite the WBANs being endowed with the simplicity and high efficiency, they suffer from low security so that the transmitted data contain the health information of the user which is typically highly sensitive. The need of finding a secure solution for the network is immediate as the security association in the 802.15.6 standard is in doubt [3]. To guarantee a secure WBAN, a secure authentication key agreement protocol should be executed in advance of the communication.…”
Section: Introductionmentioning
confidence: 99%
“…According to the previously reported works, e.g., [3,4], the authentication key agreement protocol of the WBAN shall provide the data secrecy, user anonymity, session unlinkability, mutual authentication, forward secrecy, resilient to online/offline dictionary attack, resilient to replay attack, and resilient to man-in-the-middle attack. Due to a few reasons, we should not use generic authentication key agreement protocols [5] or lightweight protocols for the general purpose short distance communications [6] in WBANs.…”
Section: Introductionmentioning
confidence: 99%