Yusuf Taofeek

Work place: Department of Cyber Security Science, Federal University of Technology, Minna, Nigeria

E-mail: yusuf.pg824211@st.futminna.edu.ng

Website: https://orcid.org/0009-0008-7589-6354

Research Interests:

Biography

Yusuf Taofeek received the B.Sc Ed. Degree from Usmanu Danfodiyo University, Sokoto, in 2000. He obtained a Postgraduate Diploma in computer science and M.Tech. degree in cyber security science from Federal University of Technology, Minna, Nigeria, in 2005 and 2016 respectively. He is currently pursuing the PhD degree in cyber security science with Federal University of Technology, Minna. He is a member of cyber security expert association of Nigeria. His research interests include Cryptography, Network security, IoT security, Blockchain security and sensor network security.

Author Articles
Secure Communication in Wireless Body Area Networks with ECC-Based Key Management and Renewal Protocols

By Yusuf Taofeek Waziri Onomza Victor Olalere Morufu Noel Moses Dogonyaro

DOI: https://doi.org/10.5815/ijwmt.2024.06.03, Pub. Date: 8 Dec. 2024

Wireless body area networks (WBANs) are employed to monitor and collect physiological data using wearable and implantable sensor nodes for remote medical applications. Due to the sensitive nature of the data transmitted over open wireless channels, robust security measures are critical. WBANs are particularly susceptible to threats such as eavesdropping, man-in-the-middle attacks, node capture, and replay attacks. Moreover, the constrained nature of sensor nodes and duplicate occurrence of keys makes it challenging for cryptographic key management protocols to function efficiently without increasing the computational and storage overhead of the security protocol. This work proposes a secure and efficient key management protocol designed for key establishment, revocation, and renewal of compromised keys in WBANs. The protocol leverages elliptic curve cryptography (ECC) and integrates a keychain hash function mechanism to eliminate the reuse of keys and execute key computations efficiently. Furthermore, it utilizes an authentication method based on authentication tables, which reduces the number of messages exchanged and minimizes computational overhead. To guarantee the protocol's robustness, a formal validation using BAN logic was conducted, validating that the protocol meets key security requirements, which include, confidentiality, integrity, and authentication. An informal security analysis further demonstrates the protocol's resilience against impersonation, eavesdropping, man-in-the-middle, replay, and injection attacks. A performance evaluation of the protocol’s computational and storage costs was also carried out. The results show that while our protocol incurs lower computational costs compared to some related works, it exhibits slightly higher costs compared to others. In terms of storage overhead, our protocol outperforms most existing solutions. Future work will focus on optimizing the protocol and exploring further efficiency improvements in its implementation within a WBAN testbed.

[...] Read more.
Other Articles