Qing Yang,Songping Mai,Yixin Zhao,Zhijun Wang,Chun Zhang,Zhihua Wang

DOI: https://doi.org/10.1109/mwscas.2014.6908469

2014-01-01

Abstract:In order to fight against severe risks of security and privacy for implantable medical devices, an on-chip security guard based on zero-power authentication is proposed and verified in this paper. The conception of `zero-power' is realized by virtue of wireless power recovery instead of fetching power from primary battery. The security guard recovers both data and clock from external wireless signals based on amplitude shift keying pulse width modulation. It features a wireless data rate of 500 Kbps and no need for on-chip clock generator. The Hash encryption is adopted in authentication and features a 32-bit ALU to speed up the SHA-1 computation with an estimated peak power of about only 1 mW, which is affordable by wireless power recovery which has a capacity of several mW. FPGA and chip implementation verify the feasibility of this system.

Yuchen Miao,Chaojie Gu,Zhenyu Yan,Sze Yiu Chau,Rui Tan,Qi Lin,Wen Hu,Shibo He,Jiming Chen

DOI: https://doi.org/10.1145/3596264

2023-01-01

Abstract:Secure device pairing is important to wearables. Existing solutions either degrade usability due to the need of specific actions like shaking, or they lack universality due to the need of dedicated hardware like electrocardiogram sensors. This paper proposes TouchKey, a symmetric key generation scheme that exploits the skin electric potential (SEP) induced by powerline electromagnetic radiation. The SEP is ubiquitously accessible indoors with analog-to-digital converters widely available on Internet of Things devices. Our measurements show that the SEP has high randomness and the SEPs measured at two close locations on the same human body are similar. Extensive experiments show that TouchKey achieves a high key generation rate of 345 bit/s and an average success rate of 99.29%. Under a range of adversary models including active and passive attacks, TouchKey shows a low false acceptance rate of 0.86%, which outperforms existing solutions. Besides, the overall execution time and energy usage are 0.44 s and 2.716 mJ, which make it suitable for resource-constrained devices.

Jayaprakash Kar,Xiaoguang Liu,Fagen Li

DOI: https://doi.org/10.1109/access.2024.3429137

IF: 3.9

2024-01-01

IEEE Access

Abstract:Implantable medical devices (IMDs) in medical sciences have provided a quantum leap in network transformation. The communication network with IMDs typically has a wireless radio frequency (RF) telemetry or wired connection. IMDs, being devices, have more computing, communication capabilities and decision-making. Furthermore, these devices are being used to improve patients’ quality of life by medicating various chronic diseases. The captured data is stored in a medical server through a controller node. Our work focuses on wireless communication, so sensitive patient data over a public channel might be tampered with or eavesdropped by unauthorised access. Furthermore, the leakage of health data and malfunctioning of IMDs are vital in constructing cryptographic protocols, particularly in the design of remote user authentication. In this paper, we proposed a novel secure remote user authentication scheme using a lightweight consortium blockchain for the communication network with IMDs.

Bruno M. G. Rosa,Salzitsa Anastasova,Guang Z. Yang

DOI: https://doi.org/10.1109/tcyb.2021.3088711

IF: 11.8

2021-01-01

IEEE Transactions on Cybernetics

Abstract:Implantable devices represent the future of remote medical monitoring and administration of both chemical and physical therapies to the patients. Although some of these devices are already in the market, the security mechanisms deployed inside them to withstand deliberate external influence are still decades away from the robust digital data security schemes employed in modern distributed networks these days. Medical data theft, spoofing, and disclosure pose serious threats that can ultimately lead to individual and social stigmas or even death. In this article, we present a small-form and batteryless implantable device with acquisition channels for biopotential (30-dB gain and 16-Hz bandwidth), arterial pulse oximetry, and temperature (0.12°C accuracy) recordings, suitable for cardiovascular, neuronal, and endocrine parameters assessment. The proposed device is powered by the near-field communication (NFC) interface with an external mobile phone, with a power consumption of 0.9 mW and achieving the full operation for distances close to 1 cm under the skin. In situ encryption of the acquired physiological signals is performed by a lightweight and short-term symmetric-key distribution scheme with data stream hopping, in order to ensure secure data transference over the air between the patient and trusted entities only, complemented by data storage, processing, and recovery through a medical blockchain type of network that involves the main stakeholders inside a medical community.

Haotian Chi,Longfei Wu,Xiaojiang Du,Qiang Zeng,Paul Ratazzi

DOI: https://doi.org/10.1109/cns.2018.8433213

2018-05-01

Abstract:To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient’s IMD and a doctor’s programmer is vulnerable since once the doctor’s programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients’ rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme.

Xiaoyu Zhang,Hanjun Jiang,Binjie Zhu,Xinkai Chen,Chun Zhang,Zhihua Wang

DOI: https://doi.org/10.1109/APCCAS.2010.5774828

2010-01-01

Abstract:This paper presents a low-power MCU with remotely-programmable feature which is specifically optimized for implantable medical devices (IMDs). In medical applications the most critical requirements are low-power, energy-efficient, flexible, etc., which are provided by utilizing the techniques such as clock gating, power gating, instruction set improvement, DMA optimizations for data paths. The MCU has been verified correctly and fabricated with a scale of 79.1K equivalent gates, in standard 0.18μm CMOS technology.

Yuchen Su,Guoqing Jiang,Yicong Du,Yuefeng Chen,Hongbo Liu,Yanzhi Ren,Huan Dai,Yan Wang,Shuai Li,Yingying Chen

DOI: https://doi.org/10.1109/icdcs57875.2023.00074

2023-01-01

Abstract:Personal Identification Number (PIN), as one of the primary means of protecting digital properties and privacy on mobile devices, has been suffering from shoulder surfing attacks and weak password guessing for the long term. Recent years witness the growing interest in two-factor authentication that takes advantage of two different ways for mutual verification, thereby strengthening user authentication's accuracy and reliability. Especially with the popularity of smartwatches, more physiological signals are readily available to facilitate two-factor authentication. This paper presents a lightweight and unobtrusive two-factor authentication scheme, P 2 Auth, integrating the PIN and unique keystroke-related Photoplethysmography (PPG) measurement on wearables. Specifically, we propose the transformation of the multivariate PPG signal induced by the keystrokes to extract reliable biometric features. We develop short-time energy-based methods to identify the input cases, thus enabling support the authentication for both one-handed and two-handed input cases. Furthermore, we also consider the situation where there is no fixed PIN and design a new enhanced privacy scheme by combining the PPG measurements of different keystrokes to improve authentication security. The experiments involving 15 volunteers demonstrate that our prototype system can achieve an average authentication accuracy of over 95% for one-handed cases and over 90% for two-handed cases.

Shuang Song,Mario Konijnenburg,Roland van Wegberg,Jiawei Xu,Hyunsoo Ha,Wim Sijbers,Stefano Stanzione,Dwaipayan Biswas,Arjan Breeschoten,Peter Vis,Chris van Liempd,Chris van Hoof,Nick van Helleputte

DOI: https://doi.org/10.1109/tbcas.2019.2945114

2019-01-01

Abstract:An all-in-one battery powered low-power SoC for measuring multiple vital signs with wearables is proposed. All functionality needed in a typical wearable use case scenario, including dedicated readouts, power management circuitry, digital signal processing and wireless communication (BLE) is integrated in a single die. This high level of integration allows an unprecedented level of miniaturization leading to smaller component count which reduces cost and improves comfort and signal integrity. The SoC includes an ECG, Bio-Impedance and a fully differential PPG readout and can interface with external sensors (like an IMU). In a typical application scenario where all sensor readouts are enabled and key features (like heart rate) are calculated on the chip and streamed over the radio, the SoC consumes only 769W from the regulated 1.2 V supply.

Hongzhe Pei,Gang Wang,Guanghui He

DOI: https://doi.org/10.1109/ICET58434.2023.10211767

2023-01-01

Abstract:Wireless body area networks (WBANs) transmit highly sensitive human physiological data, which requires robust security measures to prevent data leakage. However, due to the small size and low power consumption limitations of WBAN devices, the hardware computational resources and speed may not meet the traditional cryptographic computation requirements. Therefore, the need for low-power data encryption circuits is becoming increasingly urgent. This paper proposes a dual-cryptographic coprocessor that accelerates both RSA and advanced encryption standard (AES) cryptographic algorithms for authentication and data encryption in WBAN applications. The coprocessor is integrated with a RISC-V processor to construct a programmable WBAN system for supporting authentication and data transmission between smart WBAN chips. The proposed design was implemented in a 55nm CMOS technology. The overall WBAN system operates at a clock frequency of 100 MHz with a power consumption of approximately 11 mW, fulfilling the authentication and data encryption requirements.

Fengyuan Xu,Zhengrui Qin,Chiu Chiang Tan,Baosheng Wang,Qun Li

DOI: https://doi.org/10.1109/infcom.2011.5934987

2011-01-01

Abstract:Recent studies have revealed security vulnerabilities in implantable medical devices (IMDs). Security design for IMDs is complicated by the requirement that IMDs remain operable in an emergency when appropriate security credentials may be unavailable. In this paper, we introduce IMDGuard, a comprehensive security scheme for heart-related IMDs to fulfill this requirement. IMDGuard incorporates two techniques tailored to provide desirable protections for IMDs. One is an ECG based key establishment without prior shared secrets, and the other is an access control mechanism resilient to adversary spoofing attacks. The security and performance of IMDGuard are evaluated on our prototype implementation.

Muhammad Ali Siddiqi,Christian Doerr,Christos Strydis

DOI: https://doi.org/10.1109/ACCESS.2020.3015686

2020-08-13

Abstract:Over the past decade, focus on the security and privacy aspects of implantable medical devices (IMDs) has intensified, driven by the multitude of cybersecurity vulnerabilities found in various existing devices. However, due to their strict computational, energy and physical constraints, conventional security protocols are not directly applicable to IMDs. Custom-tailored schemes have been proposed instead which, however, fail to cover the full spectrum of security features that modern IMDs and their ecosystems so critically require. In this paper we propose IMDfence, a security protocol for IMD ecosystems that provides a comprehensive yet practical security portfolio, which includes availability, non-repudiation, access control, entity authentication, remote monitoring and system scalability. The protocol also allows emergency access that results in the graceful degradation of offered services without compromising security and patient safety. The performance of the security protocol as well as its feasibility and impact on modern IMDs are extensively analyzed and evaluated. We find that IMDfence achieves the above security requirements at a mere less than 7% increase in total IMD energy consumption, and less than 14 ms and 9 kB increase in system delay and memory footprint, respectively.

Cryptography and Security,Computers and Society

Longfei Wu,Haotian Chi,Xiaojiang Du

DOI: https://doi.org/10.48550/arXiv.1803.07751

2018-06-30

Abstract:With the rapid development of health equipments, increasingly more patients have installed the implantable medical devices (IMD) in their bodies for diagnostic, monitoring, and therapeutic purposes. IMDs are extremely limited in computation power and battery capacity. Meanwhile, IMDs have to communicate with an external programmer device (i.e., IMD programmer) through the wireless channel, which put them under the risk of unauthorized access and malicious wireless attacks. In this paper, we propose a proxy-based fine-grained access control scheme for IMDs, which can prolong the IMD's lifetime by delegating the access control computations to the proxy device (e.g., smartphone). In our scheme, the proxy communicates with the IMD programmer through an audio cable, which is resistant to a number of wireless attacks. Additionally, we use the ciphertext-policy attribute-based encryption (CP-ABE) to enforce fine-grained access control. The proposed scheme is implemented on real emulator devices and evaluated through experimental tests. The experiments show that the proposed scheme is lightweight and effective.

Cryptography and Security

Mario Konijnenburg,Roland van Wegberg,Shuang Song,Hyunsoo Ha,Wim Sijbers,Jiawei Xu,Stefano Stanzione,Chris van Liempd,Dwaipayan Biswas,Arjan Breeschoten,Peter Vis,Chris Van Hoof,Nick Van Helleputte

DOI: https://doi.org/10.1109/isscc.2019.8662520

2019-01-01

Abstract:Continuous vital-sign monitoring is of paramount importance in remote heath monitoring or rehabilitation environments for chronic diseases. Medical-grade wireless and wearable bio-sensor systems that can be used at home offer a much more attractive solution than hospital-based monitoring systems. We report an all-in-one battery-powered SoC designed for low-cost single-use health patches (Fig. 22.1.1), allowing continuous monitoring in a home setting to improve patient comfort and reduce cost of care by, e.g., reducing hospital stays. In addition to medical-grade signal quality, low power consumption is key in such a health patch system, to enable a comfortable form factor with miniature battery size and prolong the operational lifetime to at least several weeks.

Chang Gao,Sara Ghoreishizadeh,Yan Liu,Timothy Constandinou

DOI: https://doi.org/10.1109/iscas.2017.8050422

2017-01-01

Abstract:This paper presents a 64-bit on-chip identification system featuring low power consumption and randomness compensation for multi-node bio-implantable devices. A sense amplifier based bit-cell is proposed to realize the silicon physical unclonable function, providing a unique value whose probability has a uniform distribution and minimized influence from the temperature and supply variation. The entire system is designed and implemented in a typical 0.35 μm CMOS technology, including an array of 64 bit-cells, readout circuits, and digital controllers for data interfaces. Simulated results show that the proposed bit-cell design achieved a uniformity of 50.24% and a uniqueness of 50.03% for generated IDs. The system achieved an energy consumption of 6.0 pJ per bit with parallel outputs and 17.3 pJ per bit with serial outputs.

Chandranshu Gupta,Gaurav Varshney

DOI: https://doi.org/10.1016/j.comcom.2023.01.001

2022-04-29

Abstract:Bluetooth Low Energy (BLE) devices have become very popular because of their Low energy consumption and hence a prolonged battery life. They are being used in smart wearable devices, smart home automation system, beacons and many more areas. BLE uses pairing mechanisms to achieve a level of peer entity authentication as well as encryption. Although, there are a set of pairing mechanisms available but BLE devices having no keyboard or display mechanism (and hence using the Just Works pairing) are still vulnerable. In this paper, we propose and implement, a light-weight digital certificate based authentication mechanism for the BLE devices making use of Just Works model. The proposed model is an add-on to the already existing pairing mechanism and therefore can be easily incorporated in the existing BLE stack. To counter the existing Man-in-The-Middle attack scenario in Just Works pairing (device spoofing), our proposed model allows the client and peripheral to make use of the popular Public Key Infrastructure (PKI) to establish peer entity authentication and a secure cryptographic tunnel for communication. We have also developed a lightweight BLE profiled digital certificate containing the bare minimum fields required for resource constrained devices, which significantly reduces the memory (about 90\% reduction) and energy consumption. We have experimentally evaluated the energy consumption of the device using the proposed pairing mechanism to demonstrate that the model can be easily deployed with less changes to the power requirements of the chips. The model has been formally verified using automatic verification tool for protocol testing.

Cryptography and Security

Yetong Cao,Fan Li,Qian Zhang,Song Yang,Yu Wang

DOI: https://doi.org/10.1109/tmc.2021.3133275

IF: 6.075

2021-01-01

IEEE Transactions on Mobile Computing

Abstract:Mobile devices are promising to apply two-factor authentication to improve system security. Existing solutions have certain limits of requiring extra user effort, which might seriously affect user experience and delay authentication time. In this paper, we propose PPGPass, a novel mobile two-factor authentication system, which leverages Photoplethysmography (PPG) sensors available in most wrist-worn wearables. PPGPass simultaneously performs a password/pattern/signature authentication and a physiological-based authentication. To realize both nonintrusive and secure, we design a two-stage algorithm to separate clean heartbeat signals from PPG signals contaminated by motion artifacts so that users do not have to deliberately keep their bodies still. In addition, to deal with noncancelable issues when biometrics are compromised, we design a repeatable and non-invertible method to generate cancelable feature templates as alternative credentials. We leverage the great power of Random Forest and Support Vector Data Description to detect adversaries and verify a user's identity. To the best of our knowledge, PPGPass is the first nonintrusive and secure mobile two-factor authentication based on PPG sensors. Extensive experiments demonstrate that PPGPass can achieve the false acceptance rate of 3.11% and the false recognition rate of 3.71%, which confirms its high effectiveness, security, and usability.

computer science, information systems,telecommunications

Sudip Vhaduri,Christian Poellabauer

DOI: https://doi.org/10.48550/arXiv.1907.06563

2019-07-15

Cryptography and Security

Abstract:The Internet of Things (IoT) is increasingly empowering people with an interconnected world of physical objects ranging from smart buildings to portable smart devices such as wearables. With recent advances in mobile sensing, wearables have become a rich collection of portable sensors and are able to provide various types of services including tracking of health and fitness, making financial transactions, and unlocking smart locks and vehicles. Most of these services are delivered based on users' confidential and personal data, which are stored on these wearables. Existing explicit authentication approaches (i.e., PINs or pattern locks) for wearables suffer from several limitations, including small or no displays, risk of shoulder surfing, and users' recall burden. Oftentimes, users completely disable security features out of convenience. Therefore, there is a need for a burden-free (implicit) authentication mechanism for wearable device users based on easily obtainable biometric data. In this paper, we present an implicit wearable device user authentication mechanism using combinations of three types of coarse-grain minute-level biometrics: behavioral (step counts), physiological (heart rate), and hybrid (calorie burn and metabolic equivalent of task). From our analysis of over 400 Fitbit users from a 17-month long health study, we are able to authenticate subjects with average accuracy values of around .93 (sedentary) and .90 (non-sedentary) with equal error rates of .05 using binary SVM classifiers. Our findings also show that the hybrid biometrics perform better than other biometrics and behavioral biometrics do not have a significant impact, even during non-sedentary periods.

Zhenyang Guo,Jin Cao,Xiaomeng Bai,Ang Li,Ben Niu,Hui Li

DOI: https://doi.org/10.1109/jsen.2023.3315523

IF: 4.3

2023-01-01

IEEE Sensors Journal

Abstract:Information security and user comfort are the games that smartphone manufacturers have always had to face. The explicit authentication methods, including password, fingerprint recognition, and face recognition, have become the most popular ways to unlock smartphones. However, these methods also incur some troubles in users’ daily lives and even suffer from security problems like shoulder surfing attacks and password reuse attacks. Unlike the explicit authentication methods, the implicit authentication methods employ the user’s behavior, posture, etc., to confirm who the user is. The "Smart Lock (SL)," as a new implicit authentication introduced by the biggest smartphone system manufacturer, Google, has effectively increased user comfort while ensuring user information security. However, we found that the SL is not secure enough, where anyone wearing a smart device can be authenticated. In this paper, based on the "Trusted Devices (DEVICE)" approach in SL, we design a band with sensors commonly found on smart wearables and two authentication models to improve the security of SL scenarios. We use our designed band to collect data in order to evaluate our models. The experimental results show that our designed band is universal. Our authentication model for power-constrained devices such as wearables has 97.01% accuracy and a power overhead of 0.0195mAh per time. The designed authentication model for smartphones has an accuracy of 99.67% and power consumption of 0.83mAh per time. Therefore, our scheme can meet the implicit authentication for different security requirements in different scenarios.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

Hanvit Kim,Haena Kim,Se Young Chun,Jae-Hwan Kang,Ian Oakley,Youryang Lee,Jun Oh Ryu,Min Joon Kim,In Kyu Park,Hyuck Ki Hong,Young Chang Jo,Sung-Phil Kim

DOI: https://doi.org/10.3390/s18082738

2018-08-20

Abstract:Multimodal biometrics are promising for providing a strong security level for personal authentication, yet the implementation of a multimodal biometric system for practical usage need to meet such criteria that multimodal biometric signals should be easy to acquire but not easily compromised. We developed a wearable wrist band integrated with multispectral skin photomatrix (MSP) and electrocardiogram (ECG) sensors to improve the issues of collectability, performance and circumvention of multimodal biometric authentication. The band was designed to ensure collectability by sensing both MSP and ECG easily and to achieve high authentication performance with low computation, efficient memory usage, and relatively fast response. Acquisition of MSP and ECG using contact-based sensors could also prevent remote access to personal data. Personal authentication with multimodal biometrics using the integrated wearable wrist band was evaluated in 150 subjects and resulted in 0.2% equal error rate ( EER ) and 100% detection probability at 1% FAR (false acceptance rate) ( PD . 1 ), which is comparable to other state-of-the-art multimodal biometrics. An additional investigation with a separate MSP sensor, which enhanced contact with the skin, along with ECG reached 0.1% EER and 100% PD . 1 , showing a great potential of our in-house wearable band for practical applications. The results of this study demonstrate that our newly developed wearable wrist band may provide a reliable and easy-to-use multimodal biometric solution for personal authentication.

Songping Mai,Chunhong Li,Yixin Zhao,Chun Zhang,Zhihua Wang

DOI: https://doi.org/10.1109/iscas.2013.6572126

2013-01-01

Abstract:The presented SoC is an 8-bit MCU based processor with 32-bit encryption algorithm acceleration and special security mechanism dedicated to mobile one-time password (MOTP) applications. The encryption algorithm accelerator can perform several 32-bit key operations for hash function computation, with each in one clock cycle. The SoC also features protection mechanisms which can prevent attackers from stealing the algorithm program code or the secret key, or utilizing under-voltage attacks. The SoC chip, fabricated in 0.25 μm CMOS process, has more than 50% efficiency improvement on hash function computation if compared with those 8-bit general-purpose MCUs and consumes less than 7.2 μA current in average for typical MOTP applications.