Generating strong cryptographic key from body physiological signal in securing medical implants communication

The latest smart Implantable Medical Devices (IMDs) are providing many benefits to patients and health care providers. With real-time monitoring, the IMD is able to adjust its activity based on patient need, receive firmware updates to improve functionality and contribute a stream of real-time data for medical research.

With an aging population, increases in chronic disease, and technological breakthroughs, Harvard Business Review estimate the market for implantable medical devices stands at $398 billion, anticipating growth of 3% per year until at least 2022. There are currently millions of people relying on implantable medical devices.

Whilst the benefits of smart implantable medical devices are clear, they are not without their concerns. Namely, their vulnerability to malicious interference as a result of cyber-attack.

Recently, a set of new solutions has been proposed to use body physiological signals as the source of randomness for this secure communication. In these solutions, both the gateway and IMD start to read a physiological signal together and they simultaneously generate a communication key from that signal.

Work undertaken by researchers at UOG, under the leadership of Dr Hassan Chizari, showed that, despite the current claims, those physiological signals could not be used as a strong source of randomness.

More work is required to develop a secure method of authentication between IMD and its gateway. This would eliminate a large set of vulnerabilities in IMDs that are related to providing a secure communication and authentication between the IMD and its gateway.