Secure key-exchange protocol for implants using heartbeats

Proceedings of the ACM International Conference on Computing Frontiers Pub Date : 2016-05-16 DOI:10.1145/2903150.2903165

R. M. Seepers, J. Weber, Z. Erkin, I. Sourdis, C. Strydis

{"title":"Secure key-exchange protocol for implants using heartbeats","authors":"R. M. Seepers, J. Weber, Z. Erkin, I. Sourdis, C. Strydis","doi":"10.1145/2903150.2903165","DOIUrl":null,"url":null,"abstract":"The cardiac interpulse interval (IPI) has recently been proposed to facilitate key exchange for implantable medical devices (IMDs) using a patient's own heartbeats as a source of trust. While this form of key exchange holds promise for IMD security, its feasibility is not fully understood due to the simplified approaches found in related works. For example, previously proposed protocols have been designed without considering the limited randomness available per IPI, or have overlooked aspects pertinent to a realistic system, such as imperfect heartbeat detection or the energy overheads imposed on an IMD. In this paper, we propose a new IPI-based key-exchange protocol and evaluate its use during medical emergencies. Our protocol employs fuzzy commitment to tolerate the expected disparity between IPIs obtained by an external reader and an IMD, as well as a novel way of tackling heartbeat misdetection through IPI classification. Using our protocol, the expected time for securely exchanging an 80-bit key with high probability (1-10−6) is roughly one minute, while consuming only 88 μJ from an IMD.","PeriodicalId":226569,"journal":{"name":"Proceedings of the ACM International Conference on Computing Frontiers","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"27","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ACM International Conference on Computing Frontiers","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2903150.2903165","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 27

Abstract

The cardiac interpulse interval (IPI) has recently been proposed to facilitate key exchange for implantable medical devices (IMDs) using a patient's own heartbeats as a source of trust. While this form of key exchange holds promise for IMD security, its feasibility is not fully understood due to the simplified approaches found in related works. For example, previously proposed protocols have been designed without considering the limited randomness available per IPI, or have overlooked aspects pertinent to a realistic system, such as imperfect heartbeat detection or the energy overheads imposed on an IMD. In this paper, we propose a new IPI-based key-exchange protocol and evaluate its use during medical emergencies. Our protocol employs fuzzy commitment to tolerate the expected disparity between IPIs obtained by an external reader and an IMD, as well as a novel way of tackling heartbeat misdetection through IPI classification. Using our protocol, the expected time for securely exchanging an 80-bit key with high probability (1-10−6) is roughly one minute, while consuming only 88 μJ from an IMD.

查看原文本刊更多论文

使用心跳的植入物安全密钥交换协议

最近提出了心脏搏动间隔(IPI)，以促进使用患者自己的心跳作为信任来源的植入式医疗设备(imd)的密钥交换。虽然这种形式的密钥交换为IMD安全性带来了希望，但由于在相关工作中发现的简化方法，其可行性尚不完全清楚。例如，以前提出的协议在设计时没有考虑到每个IPI可用的有限随机性，或者忽略了与现实系统相关的方面，例如不完美的心跳检测或强加于IMD的能量开销。本文提出了一种新的基于ip的密钥交换协议，并对其在医疗紧急情况中的应用进行了评估。我们的协议采用模糊承诺来容忍外部读取器和IMD获得的IPI之间的预期差异，以及通过IPI分类解决心跳误检的新方法。使用我们的协议，以高概率(1-10−6)安全地交换80位密钥的预期时间大约为1分钟，而从IMD中仅消耗88 μJ。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the ACM International Conference on Computing Frontiers

自引率

0.00%

发文量