A cluster-based key agreement scheme using keyed hashing for Body Area Networks Aftab Ali & Sarah Irum & Firdous Kausar & Farrukh Aslam Khan # Springer Science+Business Media, LLC 2011 Abstract In recent years, Body Area Networks (BANs) have gained immense popularity in the domain of healthcare as well as monitoring of soldiers in the battlefield. Security of a BAN is inevitable as we secure the lives of soldiers and patients. In this paper, we propose a security framework using Keyed-Hashing Message Authentication Code (HMAC-MD5) to protect the personal information in a BAN. We assume a network in which nodes sense physiological variables such as electrocardiography (EKG), electroencephalography (EEG), pulse oximeter data, blood pressure and cardiac output. Heterogeneous wireless sensor network is considered which consists of a powerful High-end sensor (H-sensor) and several Low-end sensors (L-sensors). EKG is used for secure communication between nodes as it introduces plug and play capability in BANs. The process is made secure by applying HMAC-MD5 on EKG blocks. Key agreement is done by comparing HMAC of feature blocks between sensors resulting in a more secure network. The analysis is done by calculating the entropy of keys and checking the randomness of EKG data using NIST- randomness testing suite. Keywords Body Area Network . Physiological values . Electrocardiogram . Hash-based Message Authentication Code (HMAC) . L-sensors . H-sensors 1 Introduction Body Area Networks (BANs) are becoming increasingly important during the last few years. BANs can be used in health and fitness monitoring of patients as well as soldiers in a battlefield. Several parameters such as speed, distance, heartbeat, respiration, temperature, pacing information etc. of patients and soldiers can be monitored by using a BAN. It consists of low-power sensors which are implanted on the body and are allowed to communicate with one another and transmit data to the local base station and remote places Multimed Tools Appl DOI 10.1007/s11042-011-0791-4 A. Ali : S. Irum : F. Kausar : F. A. Khan (*) Department of Computer Science, National University of Computer & Emerging Sciences, AK Brohi Road H-11/4, Islamabad, Pakistan e-mail: farrukh.aslam@nu.edu.pk