PORTLAND, Ore.— The increasing proliferation of medicalimplants that can be programmed wirelessly,such as pacemakers, insulin pumps,defibrillators, neural implants, and drugdelivery systems, has prompted concern thathackers could gain access and harm apatient.
Now researchers at Rice University claim tohave an answer. Called Heart-to-Heart (H2H)the novel cryptographic techniqueuses the patient's own heartbeat as a randomnumber generator. It will be presented atthe upcoming Association for ComputingMachinery (ACM) Conference on Computer andCommunications Security (November 4-8,Berlin).
Today, reprogramming medical implants areperformed in the doctor's office wheresecurity is not a concern. Traditionalcryptographic techniques can be used forsecure access to implants there, but,according to the Rice researchers, hackerscould gain wireless access to implantsoutside the doctor's office by breakingthose techniques. Sophisticated, traditionalcryptography could be used, but that wouldtax the processing power of the implant'smicrocontroller and run down its battery.H2H, on the other hand, is designed to beeasy on computing resources and yet moresecure than traditional cryptography.
In essence, the technique derives a randompassword from the heartbeat of the patientthat can only be computed when touching thepatient. Called touch-to-access by theresearchers, they claim touching isimportant, since hackers could determine therough outline of a heartbeat remotely withspecial cameras. After touch-to-accessderives the random password from thepatient's heartbeat, a novel pairingprotocol then uses that password, which isseparately calculated by the implant'smicrocontroller, to establish a securewireless connection between the doctor'sprogrammer and the implanted medical device(IMD).
“We have shown that the heartbeat has enoughrandomness to be used as a random numbergenerator,” professor Farinaz Koushanfar atRice University told EE Times. “The IMD,which is inside the body, can record randombits in a heartbeat in the short-timeinterval that the access is happening, andthe person who is accessing the IMD can alsorecord the heartbeat.”
Koushanfar went on to explain:
For 12 seconds the person whohas access to the patient with the IMDdevice records the same random number asthe IMD device is recording, and then theygo through a cryptographic pairing. Butwhat is significant about thiscryptographic pairing is that we haveshown it is resilient against all sorts ofattacks. There have been approaches thattried this earlier, but earlier work hasshown that those approaches could bebroken.
Today millions of medical implants are inuse, many of them with unsecured wirelessaccess, but the Rice researchers claim theiralgorithm is simple enough to beincorporated even into legacy IMDs by simplyupdating their firmware. The researchers arecurrently in informal discussions with IMDmakers to license them their H2H technology.
(Source: Jeff Fitlow/Rice University)
In their ACM presentation in Berlin, theresearchers, who include doctoral candidateMasoud Rostami, will describe H2H and thetouch-to-access protocol, which they haveimplemented on an ARM Core M-3microcontroller.
Also contributing to the development effortwas independent security analyst, and formerdirector of RSA Laboratories in Cambridge,Mass., Ari Juels. Funding was provided bythe Office of Naval Research and the ArmyResearch Office.
To read more, go to: “Heart-to-Heart (H2H): Authentication for Implanted Medical Devices“
(This article has also been published on EETimes. )