ASAP: A lightweight authenticated secure association protocol for IEEE 802.15.6 based medical BAN

Abstract

Medical Body Area Networks (MBANs), a specialized subset of Wireless Body Area Networks (WBANs), are crucial for enabling medical data collection, processing, and transmission. The IEEE 802.15.6 standard governs these networks but falls short in practical MBAN scenarios. This paper introduces ASAP, a Lightweight Authenticated Secure Association Protocol integrated with IEEE 802.15.6. ASAP prioritizes patient privacy with randomized node ID generation and temporary shared keys, preventing node tracking and privacy violations. It optimizes network performance by consolidating Master Keys (MK), Pairwise Temporal Keys (PTK), and Group Temporal Keys (GTK) creation into a unified process, ensuring the efficiency of the standard four-message association protocol. ASAP enhances security by eliminating the need for pre-shared keys, reducing the attack surface, and improving forward secrecy. The protocol achieves mutual authentication without pre-shared keys or passwords and supports advanced cryptographic algorithms on nodes with limited processing capabilities. Additionally, it imposes connection initiation restrictions, requiring valid certificates for nodes, thereby addressing gaps in IEEE 802.15.6. Formal verification using Verifpal confirms ASAP's resilience against various attacks. Implementation results show ASAP's superiority over standard IEEE 802.15.6 protocols, establishing it as a robust solution for securing MBAN communications in medical environments.