Secure remote reprogramming of implantable medical devices ∗

In the last years, there has been a technological revolution that has lead to important advances in the medical industry, such as remote monitoring systems for observing the patient’s health status when they are at home. Similarly, in the near future, remote reprogramming systems will revolutionize the health care industry, allowing doctors to (re)program medical implants of a patient being at home. However, as remote reprogramming systems perform actions that could endanger the patient’s life, they must also deploy strong security mechanisms to protect against different types of (wireless) attack. Therefore, in this paper we propose a secure key management solution that can be used to bootstrap the cryptographic algorithms that are needed to create a secure channel between the doctor and the patient’s implant. Our security solution combines biometrics and cryptography and only requires limited user interaction.

[1]  Bart Preneel,et al.  Key Establishment Using Secure Distance Bounding Protocols , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[2]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[3]  Farinaz Koushanfar,et al.  Heart-to-heart (H2H): authentication for implanted medical devices , 2013, CCS.

[4]  Kaisa Nyberg,et al.  Enhancements to Bluetooth Baseband Security , 2007 .

[5]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[6]  Claude Castelluccia,et al.  Shake them up!: a movement-based pairing protocol for CPU-constrained devices , 2005, MobiSys '05.

[7]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2012, IEEE Journal on Selected Areas in Communications.

[8]  Christian Gehrmann,et al.  Manual authentication for wireless devices , 2004 .

[9]  Fengyuan Xu,et al.  IMDGuard: Securing implantable medical devices with the external wearable guardian , 2011, 2011 Proceedings IEEE INFOCOM.

[10]  Jie Wu,et al.  Defending Resource Depletion Attacks on Implantable Medical Devices , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[11]  Srdjan Capkun,et al.  Proximity-based access control for implantable medical devices , 2009, CCS.

[12]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[13]  Z. Wang,et al.  MICS transceivers: regulatory standards and applications [medical implant communications service] , 2005, Proceedings. IEEE SoutheastCon, 2005..

[14]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[15]  Fan Zhang,et al.  OPFKA: Secure and efficient Ordered-Physiological-Feature-based key agreement for wireless Body Area Networks , 2013, 2013 Proceedings IEEE INFOCOM.

[16]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[17]  Yih-Chun Hu,et al.  Body Area Network Security: Robust Key Establishment Using Human Body Channel , 2012, HealthSec.

[18]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.

[19]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[20]  C. Gehrmann,et al.  Security in personal area networks , 2004 .

[21]  Bowen Alpern,et al.  Key Exchange Using 'Keyless Cryptography' , 1983, Inf. Process. Lett..

[22]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[23]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .