Using heartbeats as passwords to secure medical devices

Filed Under: Cryptography, Denial of Service, Featured, Malware, Security threats, Vulnerability

Heartbeat. Image courtesy of Shutterstock.It is time to start thinking of our hearts as random number generators. That's so they can serve as passwords to secure medical devices that are vulnerable to hacking, researchers at Rice University have proposed.

In their paper on the authentication technique - called Heart-to-Heart (H2H) - the researchers note that the use of implantable medical devices (IMDs) is growing in the US: for example, each year, over 100,000 patients receive implantable cardioverter defibrillators that detect dangerous heart rhythms and administer electric shocks to restore normal activity.

Other IMDs - a category that includes devices either partially or fully implanted into patients' bodies - include pacemakers, neurostimulators, and insulin or other drug pumps.

The researchers at the US university in Houston, Texas, say that H2H addresses a fundamental tension between two critical requirements for IMDs:

  • Emergency responders have to be able to swiftly reprogram or extract data from the devices, lest treatment delays prove fatal to patients as they hunt for keys or passwords, and
  • The devices' wireless access must be protected from hackers who might harm patients or expose their medical data.

The researchers - Rice electrical and computer engineer Farinaz Koushanfar, graduate student Masoud Rostami, and collaborator Ari Juels, former chief scientist at RSA Laboratories - describe H2H as implementing a "touch-to-access" control policy.

H2H involves a medical instrument that the researchers generically call a programmer. This is allowed to wirelessly access a patient's medical device only when it has direct contact with a patient's body.

A medical technician uses the programmer to pick up a waveform generated by the patient's beating heart - i.e., an electrocardiogram (ECG) signature.

The external device - that is, the programmer - compares the ECG details with the internal medical device. Only if the signals collected by both at the same time match up is access granted.

Rostami told Softpedia's Eduard Kovacs that, in essence, given a heartbeat's variability, the heart can function as something of a random number generator:

The signal from your heartbeat is different every second, so the password is different each time. You can’t use it even a minute later.

Hacking of medical devices is, at this point, demonstrably feasible.

The US government in October 2012 told the US Food and Drug Administration (FDA) to finally start taking medical device security seriously, whether we're talking about intentional hacking, unencrypted data transfer that can be manipulated or a host of other threat vectors.

In June 2013, the FDA complied, calling on medical device manufacturers and health care facilities to start addressing medical devices' vulnerability to cyberattack.

Koushanfar and Rostami will present the system in November at the Conference on Computer and Communications Security in Berlin.

Before we see H2H debut, it will need to obtain FDA approval. After that, it's up to medical device manufacturers to adopt the technology.

It's a fascinating approach to authentication.

My insulin pump and I look forward to seeing whether it wins approval and achieves adoption in the medical device industry.

After that, who knows?

Perhaps our beating hearts will someday be a viable alternative to the easily guessable, completely hackable security questions that are now used to supposedly verify that we are, indeed, who we say we are.

Image of heartbeat courtesy of Shutterstock.

, , , , , , ,

You might like

5 Responses to Using heartbeats as passwords to secure medical devices

  1. Thomas Tanghus · 330 days ago

    You probably shouldn't use it to encrypt your will...

  2. Joseph Bugeja · 330 days ago

    Interesting idea! However, I still do not believe that the heartbeat can be qualified as a good source of randomness (maybe for a PRNG). Maybe it is impractical or infeasible in real-life, however I believe that the heartbeat can be controlled mentally and psychologically. Also, I am not sure if it is a very good distinguishable characteristic. For instance, I think that it is still possible for people to have, for a good span of time, the same heartbeat signal example when in meditative state or for instance if people are related genetically. Well, however, I cannot prove this nor the inverse :-)

  3. Um,.. fine till the poor sod flat-lines and they can't identify which patient cos there's no output code,.. this really hasn't been though through. Certainly not by anyone who's spent time in ICU.

    • GreyBeard · 330 days ago

      Arguably Lisa could have outlined this scenario - it is briefly covered in 'their paper' on page 3 (just follow the link): In an emergency (i.e. absence of a suitable ECG waveform) H2H will permit access. To quote from the paper "For these acute events, the risks of medical failure greatly outweigh those of malicious attack."

  4. Deramin · 330 days ago

    Anyone bothering to actually read the paper would have noticed that the researchers did actually consider what would happen if the patient's heard stopped:

    "The ECG waveform goes flat when an acute heart attack occurs. Similarly, in some late-stage terminal diseases, the parasympathetic network collapses and as a result, the ECG waveform loses most of its entropy. The hugely distorted ECG waveform resulting from such conditions is readily identifiable. In such cases, H2H is designed to enter a promiscuous mode in which any Programmer may access the IMD: For these acute events, the risks of medical failure greatly outweigh those of malicious attack. Additionally, these extreme medical conditions occur rarely."

    @Joseph Bugeja, whether the patient is able to effect their own heartbeat is irreverent. The idea behind the paper is that if the implanted device is measuring the patient's heart beat, and the external programmer is measuring the same patient's heartbeat at the same time, the two readings should be significantly similar. A hacker might be able to produce a similar heart rate to the patient, but multiple studies have shown that the actual rhythm is unique. What you're suggesting is equivalent to saying that if two people have a similar cut or scar on their finger, their fingerprints will match.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.