Search

EP-4736485-A1 - SECURE WIRELESS COMMUNICATION BETWEEN AN IMPLANTABLE MEDICAL DEVICE AND AN EXTERNAL DEVICE

EP4736485A1EP 4736485 A1EP4736485 A1EP 4736485A1EP-4736485-A1

Abstract

Mutual authentication and encryption key generation for secure wireless communication between an implantable medical device and an external device employs asymmetric cryptography. A method of conducting secure wireless communication between an implantable medical device and an external device includes conducting a mutual authentication procedure that employs asymmetric cryptography via wireless communication between the implantable medical device and the external device. A shared encryption key is generated by the external device. The shared encryption key is generated by the implantable medical device. Wireless communication is conducted between the implantable medical device and the external device via wireless transmissions encrypted via the shared encryption key.

Inventors

  • MA, Ding

Assignees

  • TC1 LLC

Dates

Publication Date
20260506
Application Date
20240624

Claims (20)

  1. WHAT IS CLAIMED IS: 1. A method of conducting secure wireless communication between an implantable medical device and an external device, the method comprising: conducting a mutual authentication procedure that employs asymmetric cryptography via wireless communication between the implantable medical device and the external device; generating a shared encryption key by the external device; generating the shared encryption key by the implantable medical device; and conducting wireless communication between the implantable medical device and the external device via wireless transmissions encrypted via the shared encryption key.
  2. 2. The method of claim 1, wherein: an implantable medical device asymmetric key pair is stored in the implantable medical device; the implantable medical device asymmetric key pair comprises an implantable medical device public key and an implantable medical device private key; an external device asymmetric key pair is stored in the external device; and the external device asymmetric key pair comprises an external device public key and an external device private key.
  3. 3. The method of claim 2, wherein: the implantable medical device asymmetric key pair is stored in the implantable medical device prior to conducting the mutual authentication procedure; and the external device asymmetric key pair is stored in the external device prior to conducting the mutual authentication procedure.
  4. 4. The method of claim 2, wherein: an implantable medical device X.509 certificate is stored in the implantable medical device; the implantable medical device X.509 certificate comprises the implantable medical device public key; an external device X.509 certificate is stored in the external device; and the external device X.509 certificate comprises the external device public key.
  5. 5. The method of claim 4, wherein: the implantable medical device X.509 certificate is less than 512 bytes in size; and the external device X.509 certificate is less than 512 bytes in size.
  6. 6. The method of claim 5, wherein: the implantable medical device X.509 certificate is signed using Elliptical Curve Digital Signature Algorithm (ECDSA) using P-256 or Secure Hash Algorithm 256 (SHA- 256); and the external device X.509 certificate is signed using Elliptical Curve Digital Signature Algorithm (ECDSA) using P-256 or Secure Hash Algorithm 256 (SHA-256).
  7. 7. The method of claim 2, wherein: an implantable medical device authentication token structure is stored in the implantable medical device; the implantable medical device authentication token structure comprises the implantable medical device public key; an external device authentication token structure is stored in the external device; and the external device authentication token structure comprises the external device public key.
  8. 8. The method of any one of claim 2 through claim 7, wherein the mutual authentication procedure comprises: transmitting, by the external device, the external device public key to the implantable medical device; transmitting, by the implantable medical device, the implantable medical device public key to the external device; verifying, by the implantable medical device, the external device public key; and verifying, by the external device, the implantable medical device public key.
  9. 9. The method of claim 8, wherein: verifying, by the implantable medical device, the external device public key comprises using a Public Key Infrastructure (PKI) certificate; and verifying, by the external device, the implantable medical device public key comprises using the PKI certificate.
  10. 10. The method of claim 8, wherein the mutual authentication procedure further comprises: generating, by the external device, an external device random nonce; transmitting, by the external device, the external device random nonce to the implantable medical device; generating, by the implantable medical device, an implantable medical device random nonce; transmitting, by the implantable medical device, the implantable medical device random nonce to the external device; generating a signed implantable medical device random nonce, by the external device, by signing the implantable medical device random nonce using the external device private key; generating a signed external device random nonce, by the implantable medical device, by signing the external device random nonce using the implantable medical device private key; transmitting, by the external device, the signed implantable medical device random nonce to the implantable medical device; transmitting, by the implantable medical device, the signed external device random nonce to the external device; verifying, by the implantable medical device, the external device private key using the external device public key; and verifying, by the external device, the implantable medical device private key using the implantable medical device public key.
  11. 11. The method of any one of claim 2 through claim 7, wherein: the external device generates the shared encryption key using the implantable medical device public key and the external device private key; and the implantable medical device generates the shared encryption key using the external device public key and the implantable medical device private key.
  12. 12. The method of claim 11, wherein an Elliptic-curve Diffie Hellman (ECDH) algorithm is used to generate the shared encryption key.
  13. 13. The method of claim 12, wherein an Advance Encryption Standard (AES) algorithm is used to encrypt the wireless transmissions.
  14. 14. The method of claim 11, wherein at least some of the wireless transmissions are double encrypted via the shared encryption key and Bluetooth over-the-air (OTA) encryption.
  15. 15. A medical system comprising: an implantable medical device comprising a medical device wireless communication unit and a medical device controller configured to control operation of the implantable medical device and the medical device wireless communication unit; and an external device comprising an external device wireless communication unit and an external device controller configured to control operation of the external device wireless communication unit, wherein the external device controller and the medical device controller are configured to: conduct a mutual authentication procedure that employs asymmetric cryptography via wireless communication between the medical device wireless communication unit and the external device wireless communication unit; generate a shared encryption key by the external device controller; generate the shared encryption key by the medical device controller; and conduct wireless communication between the medical device wireless communication unit and the external device wireless communication unit via wireless transmissions encrypted via the shared encryption key.
  16. 16. The medical system of claim 15, wherein: a medical device asymmetric key pair is stored in the medical device controller; the medical device asymmetric key pair comprises a medical device public key and a medical device private key; an external device asymmetric key pair is stored in the external device controller; and the external device asymmetric key pair comprises an external device public key and an external device private key.
  17. 17. The medical system of claim 16, wherein: the medical device asymmetric key pair is stored in the medical device controller prior to conducting the mutual authentication procedure; and the external device asymmetric key pair is stored in the external device controller prior to conducting the mutual authentication procedure.
  18. 18. The medical system of claim 16, wherein: a medical device X.509 certificate is stored in the medical device controller; the medical device X.509 certificate comprises the medical device public key; an external device X.509 certificate is stored in the external device controller; and the external device X.509 certificate comprises the external device public key.
  19. 19. The medical system of claim 18, wherein: the medical device X.509 certificate is less than 512 bytes in size; and the external device X.509 certificate is less than 512 bytes in size.
  20. 20. The medical system of claim 18, wherein: the medical device X.509 certificate is signed using Elliptical Curve Digital Signature Algorithm (ECDSA) using P-256 or Secure Hash Algorithm 256 (SHA-256); and the external device X.509 certificate is signed using Elliptical Curve Digital Signature Algorithm (ECDSA) using P-256 or Secure Hash Algorithm 256 (SHA-256).

Description

PATENT Attorney Docket No.096205-060010PC-1447966 Client Ref. No.15077WOO1 SECURE WIRELESS COMMUNICATION BETWEEN AN IMPLANTABLE MEDICAL DEVICE AND AN EXTERNAL DEVICE CROSS-REFERENCE TO RELATED APPLICATION [0001] This application claims priority to U.S. Provisional Patent Application No. 63/524,565, filed June 30, 2023; the full disclosure of which is incorporated herein by reference in its entirety for all purposes. BACKGROUND [0002] Many implantable medical devices include a programmable controller that controls operation of the implantable medical device. Examples of implantable medical devices that may include a programmable controller include mechanical circulatory support pumps (e.g., ventricular assist devices), cardioverter defibrillators, pacemakers, and implantable sensors such as blood pressure monitoring sensors. An external control device can be used by a clinician to program/configure and/or read data from an implanted medical device. The external control device and the implanted medical device can be configured to communicate via wireless transmissions. [0003] Bluetooth, Near-Field Communication (NFC), and proprietary radio-frequency (RF) such as OOK RX/TX (On-Off Keying) are prominent wireless technologies used for communicating with implanted medical devices. Device authentication and encryption of wireless transmissions between the external control device and the implanted medical device may be necessary to meet cybersecurity requirements. The standard Bluetooth security functions, however, rely on the user input of a personal identification number (PIN) or passphrase on both peer devices, which cannot be accomplished with an inaccessible implanted medical device. NFC authentication relies on “tapping” or “close contact” of the peer devices, which is not possible with many implanted medical devices. In many other RF technologies, the device authentication and data encryption are either not defined or implemented in an ad-hoc way that may not satisfy cybersecurity requirements. BRIEF SUMMARY [0004] The following presents a simplified summary of some embodiments of the invention in order to provide a basic understanding of the invention. This summary is not an extensive overview of the invention. It is not intended to identify key/critical elements of the invention or to delineate the scope of the invention. Its sole purpose is to present some embodiments of the invention in a simplified form as a prelude to the more detailed description that is presented later. [0005] Embodiments disclosed herein are directed to secure wireless communication between an implantable medical device and an external device. In many embodiments, asymmetric cryptography is used for device authentication and a shared encryption key is generated based on the authentication. The methods of conducting secure wireless communication between an implantable medical device and an external device provide for effective and efficient mutual authentication and data encryption. [0006] In one aspect, a method of conducting secure wireless communication between an implantable medical device and an external device employs asymmetric cryptography. The method includes conducting a mutual authentication procedure that employs asymmetric cryptography via wireless communication between the implantable medical device and the external device. A shared encryption key is generated by the external device. The shared encryption key is generated by the implantable medical device. Wireless communication between the implantable medical device and the external device is conducted via wireless transmissions encrypted via the shared encryption key. [0007] In many embodiments of the method, an implantable medical device asymmetric key pair is stored in the implantable medical device and an external device asymmetric key pair is stored in the external device. The implantable medical device asymmetric key pair can include an implantable medical device public key and an implantable medical device private key. The external device asymmetric key pair can include an external device public key and an external device private key. The implantable medical device asymmetric key pair can be stored in the implantable medical device prior to conducting the mutual authentication procedure. The external device asymmetric key pair can be stored in the external device prior to conducting the mutual authentication procedure. [0008] In some embodiments of the method, an implantable medical device X.509 certificate is stored in the implantable medical device and an external device X.509 certificate is stored in the external device. The implantable medical device X.509 certificate can include the implantable medical device public key. The external device X.509 certificate can include the external device public key. In some embodiments of the method, the implantable medical device X.509 certificate is less than 512 bytes in size and the external device X.509 certific