Using Vibration for Secure Pairing with Implantable Medical Devices: Development and Usability Study (Preprint)

Abstract

Implantable Medical Devices (IMDs), such as pacemakers, increasingly communicate wirelessly with external devices. To secure this wireless communication channel, a pairing process is needed to bootstrap a secret key between the devices. Previous work has proposed pairing approaches that often adopt a “seamless” design and render the pairing process imperceptible to patients. This lack of user perception can significantly compromise security and pose threats to patients.

The objective of this work is to explore the use of highly perceptible vibrations for pairing with IMDs. We aim to propose a novel technique that leverages the natural randomness in human motor behavior as a shared source of entropy for pairing, potentially deployable to current IMD products.

We develop a proof-of-concept to demonstrate our proposed technique. We build a wearable prototype designed for individuals to simulate being an IMD patient (we do not test on real patients to avoid potential risks), and devise signal processing algorithms that utilize accelerometer readings to facilitate secure pairing with an IMD. We thoroughly evaluate the accuracy, security, and usability of our technique in a lab study with 24 participants.

Our proposed pairing technique achieves high pairing accuracy, with a zero false acceptance rate (indicating low risks from adversaries) and a false rejection rate of only 0.6% (suggesting that legitimate users will likely experience very few failures). Our approach also offers robust security, which passes the National Institute of Standards and Technology statistical tests (with all p-values > 0.01). Moreover, our technique has high usability, evidenced by an average System Usability Scale questionnaire score of 73.6 (surpassing the standard benchmark of 68 for "good usability") and insights gathered from the interviews. Furthermore, the entire pairing process can be efficiently completed within five seconds.

Vibration can be used to realize secure, usable, and deployable pairing in the context of IMDs. Our method also exhibits advantages over previous approaches, e.g., lenient requirements on the sensing capabilities of IMDs and the synchronization between the IMD and the external device.