Abstract
An increasing amount of medical devices, such as pacemakers or insulin pumps, can communicate in wireless Body Area Networks (BANs). While this facilitates the interaction between users and medical devices, something that was previously more complicated or - in the case of implanted devices - often impossible, it also raises security and privacy questions. We exploit the wide availability of ballistocardiographs (BCG) and electrocardiographs (ECG) in consumer wearables and propose MEDISCOM, an ad-hoc, implicit, and secure communication protocol for medical devices in local BANs. Deriving common secret keys from a body's BCG or ECG signal, MEDISCOM ensures confidentiality and integrity of sensitive medical data. It also continuously authenticates devices, requiring no explicit user interaction and maintaining a low computational overhead. We consider relevant attack vectors and show how MEDISCOM is resilient towards them. Also, we validate the security of our protocol's secret keys on BCG and ECG data from 29 subjects.