Abstract

Implantable medical devices (IMDs) are opening up new opportunities for holistic healthcare by enabling continuous monitoring and treatment of various medical conditions, leading to an ever-improving quality of life for patients. Integration of radio frequency (RF) modules in IMDs has provided wireless connectivity and facilitated access to on-device data and post-deployment tuning of essential therapy. However, this has also made IMDs susceptible to various security attacks. Several lightweight encryption mechanisms have been developed to prevent well-known attacks, e.g., integrity attacks that send malicious commands to the device, on IMDs. However, lack of a secure key exchange protocol (that enables the exchange of the encryption key while maintaining its confidentiality) and the immaturity of already-in-use wakeup protocols (that are used to turn on the RF module before an authorized data transmission) are two fundamental challenges that must be addressed to ensure the security of wireless-enabled IMDs. In this paper, we introduce OpSecure, an optical secure communication channel between an IMD and an external device, e.g., a smartphone. OpSecure enables an intrinsically user-perceptible unidirectional data transmission, suitable for physically-secure communication with minimal size and energy overheads. Based on OpSecure, we design and implement two protocols: (i) a low-power wakeup protocol that is resilient against remote battery-draining attacks, and (ii) a secure key exchange protocol to share the encryption key between the IMD and the external device. We evaluate the two protocols using a human body model.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.