A body area network (BAN) is a wireless network of health monitoring sensors designed to deliver personalized healthcare. Securing intersensor communications within BANs is essential for preserving not only the privacy of health data, but also for ensuring safety of healthcare delivery. This paper presents physiological-signal-based key agreement (PSKA), a scheme for enabling secure intersensor communication within a BAN in a usable (plug-n-play, transparent) manner. PSKA allows neighboring nodes in a BAN to agree to a symmetric (shared) cryptographic key, in an authenticated manner, using physiological signals obtained from the subject. No initialization or predeployment is required; simply deploying sensors in a BAN is enough to make them communicate securely. Our analysis, prototyping, and comparison with the frequently used Diffie-Hellman key agreement protocol shows that PSKA is a viable intersensor key agreement protocol for BANs.