A survey on physiological-signal-based security for medical devices

Implantable Medical Devices (IMDs) are used to monitor and control patients with chronic diseases. A growing number of IMDs are equipped with a wireless interface that allows non-invasive monitoring and reprogramming through an external device, also known as device programmer. However, this wireless interface also brings important security and privacy risks that may lead to remote attacks. In this domain, the use of cryptography is challenging due to the inherent tensions between security vs. accessibility and security vs. energy cost. A well-studied problem yet unsolved is how to establish (and manage) cryptographic keys between the device programmer and the IMD. Recent work has investigated how Physiological Signals (PS) extracted from the patient can be used for key agreement or authentication between the devices. This paper surveys some of the proposed countermeasures in the field of medical device security, with a special focus on those that use patient’s physiological signals for key establishment or authentication between the devices. We point out that most of the existing solutions, including those relying on PS, take assumptions that do not necessarily hold in practical scenarios. Furthermore, we show that the H2H protocol and the Biosec protocol have serious security weaknesses and design flaws which make them vulnerable to attacks. Based on our analysis, we define some of the challenges that need be addressed before adopting these solutions. Furthermore, we investigate how to use physiological-signal-based protocols in cryptography, possibly in combination with other solutions, such as pre-installed factory keys, to achieve higher security protection.

[1]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[2]  Kevin Fu,et al.  They can hear your heartbeats: non-invasive security for implantable medical devices , 2011, SIGCOMM.

[3]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[4]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.

[5]  Ingrid Verbauwhede,et al.  On the Feasibility of Cryptography for a Wireless Insulin Pump System , 2016, CODASPY.

[6]  Jia Wang,et al.  A Biometric Key Establishment Protocol for Body Area Networks , 2011, Int. J. Distributed Sens. Networks.

[7]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[8]  Fan Zhang,et al.  OPFKA: Secure and efficient Ordered-Physiological-Feature-based key agreement for wireless Body Area Networks , 2013, 2013 Proceedings IEEE INFOCOM.

[9]  Dwijendra K. Ray-Chaudhuri,et al.  Binary mixture flow with free energy lattice Boltzmann methods , 2022, arXiv.org.

[10]  Irina Adjudeanu,et al.  Codes correcteurs d'erreurs LDPC structurés , 2010 .

[11]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[12]  Srdjan Capkun,et al.  On Limitations of Friendly Jamming for Confidentiality , 2013, 2013 IEEE Symposium on Security and Privacy.

[13]  Sandeep K. S. Gupta,et al.  Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..

[14]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[15]  Fengyuan Xu,et al.  IMDGuard: Securing implantable medical devices with the external wearable guardian , 2011, 2011 Proceedings IEEE INFOCOM.

[16]  Alan Borning,et al.  Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices , 2010, CHI.

[17]  L. Tarassenko,et al.  Non-contact video-based vital sign monitoring using ambient light and auto-regressive models , 2014, Physiological measurement.

[18]  Meng Zhang,et al.  MedMon: Securing Medical Devices Through Wireless Monitoring and Anomaly Detection , 2013, IEEE Transactions on Biomedical Circuits and Systems.

[19]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[20]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[21]  Srdjan Capkun,et al.  Proximity-based access control for implantable medical devices , 2009, CCS.

[22]  Nitesh Saxena,et al.  On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping , 2010, CCS '10.

[23]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[24]  Farinaz Koushanfar,et al.  Balancing security and utility in Medical Devices? , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[25]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[26]  Sandeep K. S. Gupta,et al.  Protect your BSN: No Handshakes, just Namaste! , 2013, BSN.

[27]  Bart Preneel,et al.  On the (in)security of the latest generation implantable cardiac defibrillators and how to secure them , 2016, ACSAC.

[28]  K.K. Venkatasubramanian,et al.  Plethysmogram-based secure inter-sensor communication in Body Area Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[29]  Ye Li,et al.  A Modified Fuzzy Vault Scheme for Biometrics-Based Body Sensor Networks Security , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[30]  Daniel McDuff,et al.  Advancements in Noncontact, Multiparameter Physiological Measurements Using a Webcam , 2011, IEEE Transactions on Biomedical Engineering.

[31]  Farinaz Koushanfar,et al.  Heart-to-heart (H2H): authentication for implanted medical devices , 2013, CCS.

[32]  Niraj K. Jha,et al.  Vibration-based secure side channel for medical devices , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).