Heart-to-Heart (H2H): Authentication for implanted medical devices

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2013, Pages 1099-1111

  Rostami, Masoud ^a   Juels, Ari ^b   Koushanfar, Farinaz ^a  

^a RICE UNIVERSITY   (United States)

^b RSA Laboratories   (United States)

Author keywords

imd security; implantable medical devices; security protocols

Indexed keywords

AUTHENTICATION MECHANISMS; AUTHENTICATION PROTOCOLS; CRYPTOGRAPHIC DEVICES; IMD SECURITY; IMPLANTABLE MEDICAL DEVICES; IMPLANTED MEDICAL DEVICES; MEDICAL INSTRUMENTS; SECURITY PROTOCOLS;

AUTHENTICATION; CRYPTOGRAPHY; ELECTROCARDIOGRAPHY; HEART; NETWORK SECURITY; PHYSIOLOGICAL MODELS; RANDOM PROCESSES;

BIOMEDICAL EQUIPMENT;

EID: 84888984313     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2508859.2516658     Document Type: Conference Paper

References (29)

1. A. L. Goldberger et al. PhysioBank, PhysioToolkit, and PhysioNet: Components of a new research resource for complex physiologic signals. Circulation, 101(23), 2000.
2. American Heart Association. Physical activity and blood pressure, 2012.
3. S. D. Bao, C. C. Y. Poon, Y. T. Zhang, and L. F. Shen. Using the timing information of heartbeats as an entity identifier to secure body sensor network. IEEE Trans. on Info. Tech. in Biomedicine, 12(6):772-779, 2008.
4. E. Barker and A. Roginsky. Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths. NIST Special Publication, 800:131A, 2011.
5. M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In Eurocrypt, pages 139-155, 2000.
6. R. Bousseljot, D. Kreiseler, and A. Schnabel. Nutzung der ekg-signaldatenbank cardiodat der ptb über das internet. Biomedizinische Technik Biomedical Engineering, 40(s1):317-318, 2009.
7. K. A. Brownley, B. E. Hurwitz, and N. Schneiderman. Cardiovascular psychophysiology. Handbook of psychophysiology, 2:224-264, 2000.
8. R. Canetti and M. Fischlin. Universally composible commitments. In Crypto, pages 332-349, 2001.
9. S. Cherukuri, K. K. Venkatasubramanian, and S. K. S. Gupta. Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. In Parallel Processing Workshop, pages 432-439, 2003.
10. K. Cho and D. Lee. Biometric based secure communications without pre-deployed key for biosensor implanted in body sensor networks. In Information Security Applications, pages 203-218, 2012.
11. C. Cremers, K. B. Rasmussen, B. Schmidt, and S. Capkun. Distance hijacking attacks on distance bounding protocols. In IEEE Symp. on Security and Privacy, pages 113-127, 2012.
12. B. Danev, D. Zanetti, and S. Capkun. On physical-layer identification of wireless devices. ACM Computing Surveys, 2011.
13. T. Denning, K. Fu, and T. Kohno. Absence makes the heart grow fonder: New directions for implantable medical device security. In USENIX HotSec, 2008.
14. Y. Dodis, L. Reyzin, and A. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. on Computing, 38(1):97-139, 2008.
15. T. Drew and M. Gini. Implantable medical devices as agents and part of multiagent systems. In Int. Joint Conf. on Autonomous Agents and Multiagent Systems (AAMAS), pages 1534-1541, 2006.
16. K. Fu. Inside risks: Reducing risks of implantable medical devices. Communications of the ACM, 52(6):25-27, June 2009.
17. A. L. Goldberger, D. R. Rigney, and B. J. West. Chaos and fractals in human physiology. Scientific American, 262:42-49, 1990.
18. S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu. They can hear your heartbeats: non-invasive security for implantable medical devices. In ACM SIGCOMM, pages 2-13, 2011.
19. A. J. Greenspon, J. D. Patel, E. Lau, J. A. Ochoa, D. R. Frisch, R. T. Ho, B. B. Pavri, and S. M. Kurtz. 16-year trends in the infection burden for pacemakers and implantable cardioverter-defibrillators in the united states: 1993 to 2008. Journal of the American College of Cardiology, 58(10):1001-1006, 2011.
20. D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In IEEE Symp. on Security and Privacy, pages 129-142, 2008.
21. D. Halperin, T. Kohno, T.S. Heydt-Benjamin, K. Fu, and W.H. Maisel. Security and privacy for implantable medical devices. IEEE Pervasive Computing, 7(1):30-39, Jan.-Mar. 2008.
22. K. E. Hanna, F. J. Manning, P. Bouxsein, and A. Pope, editors. Innovation and Invention in Medical Devices: Workshop Summary. The National Academies Press, 2001.
23. C. Hu, X. Cheng, F. Zhangand, D. Wuand, X. Liao, and D. Chen. OPFKA: Secure and efficient ordered-physiological-feature-based key agreement for wireless body area networks. In IEEE INFOCOM, 2013.
24. A. Juels and M. Wattenberg. A fuzzy commitment scheme. In ACM CCS, pages 28-36, 1999.
25. D. Karaouglan and A. Levi. A survey on the development of security mechanisms for body area networks. The Computer Journal, 2013.
26. C. Kaufman, R. Perlman, and M. Speciner. Network security: private communication in a public world. Prentice Hall Press, 2002.
27. S. S. Keller. NIST-recommended random number generator based on ANSI X9.31 appendix A.2.4 using the 3-key triple DES and AES algorithms. Technical report, NIST, 2005.
28. MISRA Limited. Misra-c:2004 - guidelines for the use of the c language in critical systems. Technical report, 2004.
29. W. H. Maisel. Safety issues involving medical devices. Journal of the American Medical Association, 294(8):955-958, Aug. 2005.