16 research outputs found
Using vibrations from a SmartRing as an out-of-band channel for sharing secret keys
With the rapid growth in the number of Internet of Things (IoT) devices with wireless communication capabilities, and sensitive information collection capabilities, it is becoming increasingly necessary to ensure that these devices communicate securely with only authorized devices. A major requirement of this secure communication is to ensure that both the devices share a secret, which can be used for secure pairing and encrypted communication. Manually imparting this secret to these devices becomes an unnecessary overhead, especially when the device interaction is transient. In this work, we empirically investigate the possibility of using an out-of-band communication channel – vibration, generated by a custom smartRing – to share a secret with a compatible IoT device. Through a user study with 12 participants we show that in the best case we can exchange 85.9% messages successfully. Our technique demonstrates the possibility of sharing messages accurately, quickly and securely as compared to several existing techniques
e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices
To facilitate monitoring and management, modern Implantable Medical Devices
(IMDs) are often equipped with wireless capabilities, which raise the risk of
malicious access to IMDs. Although schemes are proposed to secure the IMD
access, some issues are still open. First, pre-sharing a long-term key between
a patient's IMD and a doctor's programmer is vulnerable since once the doctor's
programmer is compromised, all of her patients suffer; establishing a temporary
key by leveraging proximity gets rid of pre-shared keys, but as the approach
lacks real authentication, it can be exploited by nearby adversaries or through
man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one
of the most important design goals, few schemes explore to lower the
communication and computation overhead all at once. Finally, how to safely
record the commands issued by doctors for the purpose of forensics, which can
be the last measure to protect the patients' rights, is commonly omitted in the
existing literature. Motivated by these important yet open problems, we propose
an innovative scheme e-SAFE, which significantly improves security and safety,
reduces the communication overhead and enables IMD-access forensics. We present
a novel lightweight compressive sensing based encryption algorithm to encrypt
and compress the IMD data simultaneously, reducing the data transmission
overhead by over 50% while ensuring high data confidentiality and usability.
Furthermore, we provide a suite of protocols regarding device pairing,
dual-factor authentication, and accountability-enabled access. The security
analysis and performance evaluation show the validity and efficiency of the
proposed scheme
IMDfence: Architecting a Secure Protocol for Implantable Medical Devices
Over the past decade, focus on the security and privacy aspects of implantable medical
devices (IMDs) has intensified, driven by the multitude of cybersecurity vulnerabilities found in various
existing devices. However, due to their strict computational, energy and physical constraints, conventional
security protocols are not directly applicable to IMDs. Custom-tailored schemes have been proposed instead
which, however, fail to cover the full spectrum of security features that modern IMDs and their ecosystems so
critically require. In this paper we propose IMDfence, a security protocol for IMD ecosystems that provides a
comprehensive yet practical security portfolio, which includes availability, non-repudiation, access control,
entity authentication, remote monitoring and system scalability. The protocol also allows emergency access
that results in the graceful degradation of offered services without compromising security and patient safety.
The performance of the security protocol as well as its feasibility and impact on modern IMDs are extensively
analyzed and evaluated. We find that IMDfence achieves the above security requirements at a mere less than
7% increase in total IMD energy consumption, and less than 14 ms and 9 kB increase in system delay and
memory footprint, respectively
A survey on physiological-signal-based security for medical devices
Implantable Medical Devices (IMDs) are used to monitor and control patients with chronic diseases. A growing number of IMDs are equipped with a wireless interface that allows non-invasive monitoring and reprogramming through an external device, also known as device programmer. However, this wireless interface also brings important security and privacy risks that may lead to remote attacks. In this domain, the use of cryptography is challenging due to the inherent tensions between security vs accessibility and security vs energy cost. A well-studied problem yet unsolved is how to establish (and manage) cryptographic keys between the device programmer and the IMD. Recent work has investigated how Physiological Signals (PS) extracted from the patient can be used for key agreement or authentication between the devices.
This paper surveys some of the proposed countermeasures in the field of medical device security, with a special focus on those that use patient\u27s physiological signals for key establishment or authentication between the devices. We point out that most of the existing solutions, including those relying on PS, take assumptions that do not necessarily hold in practical scenarios. Furthermore, we show that the H2H protocol and the Biosec protocol have serious security weaknesses and design flaws which make them vulnerable to attacks. Based on our analysis, we define some of the challenges that need be addressed before adopting these solutions. Furthermore, we investigate how to use physiological-signal-based protocols in cryptography, possibly in combination with other solutions, such as pre-installed factory keys, to achieve higher security protection
Hardware Architectures for Low-power In-Situ Monitoring of Wireless Embedded Systems
As wireless embedded systems transition from lab-scale research prototypes to large-scale commercial deployments, providing reliable and dependable system operation becomes absolutely crucial to ensure successful adoption. However, the untethered nature of wireless embedded systems severely limits the ability to access, debug, and control device operation after deployment—post-deployment or in-situ visibility. It is intuitive that the more information we have about a system’s operation after deployment, the better/faster we can respond upon the detection of anomalous behavior. Therefore, post-deployment visibility is a foundation upon which other runtime reliability techniques can be built. However, visibility into system operation diminishes significantly once the devices are remotely deployed, and we refer to this problem as a lack of post-deployment visibility