Secure Key-Exchange Protocol for Implants Using Heartbeats

Conference paper (2016)

Authors

R.M. Seepers Erasmus MC

J.H. Weber

Z. Erkin

I. Sourdis Chalmers University of Technology

C. Strydis Erasmus MC

Access control Biometrics Security and privacy ! Key management Mobile and wireless security

To reference this document use:

http://resolver.tudelft.nl/uuid:33c00c53-2fd6-4d1f-8ba3-1c89ebfa7881

More Info

expand_more

Published Date

2016

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

The cardiac interpulse interval (IPI) has recently been proposed tofacilitate key exchange for implantable medical devices (IMDs) using apatient's own heartbeats as a source of trust. While this form of key exchangeholds promise for IMD security, its feasibility is not fully understood due tothe simplified approaches found in related works. For example, previouslyproposed protocols have been designed without considering the limitedrandomness available per IPI, or have overlooked aspects pertinent to arealistic system, such as imperfect heartbeat detection or the energy overheadsimposed on an IMD. In this paper, we propose a new IPI-based key-exchangeprotocol and evaluate its use during medical emergencies. Our protocol employsfuzzy commitment to tolerate the expected disparity between IPIs obtained by anexternal reader and an IMD, as well as a novel way of tackling heartbeatmisdetection through IPI classification. Using our protocol, the expected timefor securely exchanging an 80-bit key with high probability (1-10−6) is roughlyone minute, while consuming only 88 μJ from an IMD.