A critical analysis of ECG-based key distribution for securing wearable and implantable medical devices
Document Type
Journal Article
Publication Title
IEEE Sensors Journal
Publisher
IEEE
School
Security Research Institute
RAS ID
27653
Abstract
Wearable and Implantable Medical Devices (WIMDs) perform critical health monitoring and therapeutic functions. However, current WIMD products lack security safeguards to protect patients from fatal cyber-attacks. In the recent past, electrocardiogram (ECG) signals based security techniques have been widely explored to secure such devices by using two cryptographic primitives, the fuzzy commitment and the fuzzy vault, respectively. Nonetheless, differences, as well as similarities between these two primitives, have not been well investigated, making it difficult to decide which one would be appropriate for a particular setting. In this paper, we perform a critical analysis on both primitives and discuss their merits and drawbacks in the context of ECG-based key distribution. We analyze the critical challenges within each primitive-based key distribution technique, such as binary sequence generation and polynomial computations. Experimental results show that the technique based on the fuzzy commitment has a better false acceptance rate due to the randomness of ECG binary sequences. On the other hand, the fuzzy vault based scheme can achieve an acceptable false reject rate (5%) with less cost to the WIMDs. Future research is suggested to enhance the precision of ECG signal processing, to improve the efficacy of binary sequence generation process as well as to suggest ways to reduce polynomial computations
DOI
10.1109/JSEN.2018.2879929
Access Rights
subscription content
Comments
Zheng, G., Shankaran, R., Yang, W., Valli, C., Qiao, L., Orgun, M. A., & Mukhopadhyay, S. C. (2018). A critical analysis of ECG-based key distribution for securing wearable and implantable medical devices. IEEE Sensors Journal, 19(3), 1186-1198.
Available here.