Secure medical implants with encrypted heartbeats

To prevent wirelessly connected defibrillators and insulin pumps from being hijacked, researchers suggest using a heartbeat reading along with an encryption step.
Written by Janet Fang, Contributor on
encrypt your heartbeat.jpg
Security researchers have shown that they can reprogram a wireless implant to stay inactive in an emergency, deliver an unnecessary 700-volt jolt, or drain its battery.

One way to help secure implants is to use a heartbeat reading to confirm that whoever is trying to reprogram or download data is in direct contact with the patient, and not a remote hacker. Technology Review reports.

Over 300,000 of these wireless devices -- like defibrillator and insulin pumps -- are implanted each year in the U.S. Doctors or device makers can update software and download information (such as about heart-shocks or the timing of insulin doses) without surgery. But it opens the door to malicious wireless attacks.

Researchers at Rice University and security company RSA have designed a solution:

  1. A doctor or paramedic holds a device against the patient’s body that takes a direct reading of the heartbeat.
  2. The device reads the patient’s heartbeat and compares it to one relayed in a wireless signal from the implant. That’ll confirm if the signals match.
  3. The wireless exchange of the heartbeat signal is encrypted, thwarting attempts to hijack the communications during the exchange.

This fix could work, they say, even in emergency situations where there’s no time for delay since doctors or paramedics wouldn’t need to authenticate themselves with a password.

A future emergency responder wouldn’t need to know the identity of a heart-attack victim, for example, before gaining access and downloading information from the victim’s implanted device.

“The heart is very conveniently producing this stream of random bits, and we tap into the stream of bits and make sure we are getting the same signal at the same time,” says Ari Juels at RSA Laboratories in Cambridge, Massachusetts. “Our approach doesn’t rely on a registration of a biometric -- all it does is check that the signals are identical.”

The encryption step prevents a theoretical attacker in, say, a hospital or a battlefield from hijacking the signal in order to issue life-threatening instructions.

[Technology Review]

Image: Manu_H via Flickr

This post was originally published on Smartplanet.com

Editorial standards