Name
Abstract | ||
|---|---|---|
Implantable medical devices (IMDs) typically rely on proprietary protocols to wirelessly communicate with external device programmers. In this paper, we fully reverse engineer the proprietary protocol between a device programmer and a widely used commercial neurostimulator from one of the leading IMD manufacturers. For the reverse engineering, we follow a black-box approach and use inexpensive hardware equipment. We document the message format and the protocol state-machine, and show that the transmissions sent over the air are neither encrypted nor authenticated. Furthermore, we conduct several software radio-based attacks that could compromise the safety and privacy of patients, and investigate the feasibility of performing these attacks in real scenarios.
Motivated by our findings, we propose a security architecture that allows for secure data exchange between the device programmer and the neurostimulator. It relies on using a patient»s physiological signal for generating a symmetric key in the neurostimulator, and transporting this key from the neurostimulator to the device programmer through a secret out-of-band (OOB) channel. Our solution allows the device programmer and the neurostimulator to agree on a symmetric session key without these devices needing to share any prior secrets; offers an effective and practical balance between security and permissive access in emergencies; requires only minor hardware changes in the devices; adds minimal computation and communication overhead; and provides forward and backward security. Finally, we implement a proof-of-concept of our solution.
|
Year | DOI | Venue |
|---|---|---|
2018 | 10.1145/3176258.3176310 | CODASPY |
Keywords | DocType | ISBN |
Proprietary wireless communication protocol, black-box reverse engineering, low-cost randomness source, security architecture | Conference | 978-1-4503-5632-9 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
7 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Eduard Marin | 1 | 34 | 5.61 |
| Dave Singelée | 2 | 304 | 22.38 |
| Bohan Yang | 3 | 0 | 0.34 |
| Vladimir Volskiy | 4 | 0 | 0.34 |
| Guy A. E. Vandenbosch | 5 | 23 | 6.46 |
| Nuttin Bart | 6 | 1 | 0.82 |
| Bart Preneel | 7 | 6249 | 695.32 |