Medical device with cryptosystem and method of implementing the same

US 10,089,439 B2
Filed: 10/28/2015
Issued: 10/02/2018
Est. Priority Date: 10/28/2014
Status: Active Grant

First Claim

Patent Images

1. A method for manipulating a data structure provided on a memory component of a medical device, the medical device being connectable to a console, the data structure including an encryption key, a decryption key associated with the encryption key, and verification data to protect the decryption key, the method comprising:

providing data related to operation of the medical device;

reading the encryption key from the data structure;

encrypting, at the console, the data with the read encryption key;

storing the encrypted data on the data structure;

eliminating the read encryption key from the data structure such that the read encryption key is no longer present on the memory component;

reading, from the data structure, the decryption key associated with the read encryption key;

decrypting the encrypted data with the read decryption key; and

authenticating the decryption key with the verification data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A medical device and a method of implementing a cryptosystem on the medical device include storing a data structure on a memory component of the medical device. An encryption key is stored in the data structure. Usage data related to usage of the medical device is provided. The encryption key is read from the data structure. The usage data is encrypted with the read encryption key. The encryption key is eliminated such that the encryption key is no longer present in the medical device.

27 Citations

28 Claims

1. A method for manipulating a data structure provided on a memory component of a medical device, the medical device being connectable to a console, the data structure including an encryption key, a decryption key associated with the encryption key, and verification data to protect the decryption key, the method comprising:
- providing data related to operation of the medical device;
  
  reading the encryption key from the data structure;
  
  encrypting, at the console, the data with the read encryption key;
  
  storing the encrypted data on the data structure;
  
  eliminating the read encryption key from the data structure such that the read encryption key is no longer present on the memory component;
  
  reading, from the data structure, the decryption key associated with the read encryption key;
  
  decrypting the encrypted data with the read decryption key; and
  
  authenticating the decryption key with the verification data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein decrypting the encrypted data is possible using only the decryption key associated with the encryption key that was used to encrypt the data.
  - 3. The method of claim 1, further comprising randomly generating the encryption key and the decryption key such that the encryption key and the decryption key are unique to and exist solely for the medical device.
  - 4. The method of claim 1, wherein the data structure includes a plurality of data segments and further comprising storing both the encryption key and the associated decryption key in single data segment.
  - 5. The method of claim 1, wherein eliminating the read encryption key is further defined as overwriting the read encryption key with the encrypted data.
  - 6. The method of claim 1, further comprising:
    - storing in the data structure identification data related to identification of the medical device;
      
      protecting the identification data with the verification data; and
      
      authenticating the identification data with the verification data.
  - 7. The method of claim 1, wherein the console further performs the steps of reading the encryption key, storing the encrypted data, eliminating the read encryption key, reading the decryption key, reading the encrypted data, decrypting the encrypted data, and authenticating the decryption key with the verification data.
  - 8. The method of claim 1, wherein the data structure further comprises a plurality of encryption keys and a plurality of decryption keys, and with each one of the decryption keys being associated with one of the encryption keys.
  - 9. The method of claim 8, wherein the data structure includes a plurality of data segments and further comprising:
    - storing each one of the encryption keys in a different one of the data segments; and
      
      storing each one of the decryption keys in a different one of the data segments.
  - 10. The method of claim 8, wherein the data structure includes a plurality of data segments and further comprising occupying all of the data segments with the encryption keys and the decryption keys.
  - 11. The method of claim 8, further comprising randomly generating each of the encryption keys and each of the decryption keys such that the encryption keys are different from one another, the decryption keys are different from one another, and the encryption keys and the decryption keys are different from one another.

12. A medical device being connectable to a console, the medical device comprising:
- a memory component;
  
  a data structure stored on the memory component;
  
  an encryption key being stored in the data structure and being configured to be read from the memory component;
  
  a decryption key being stored in the data structure and being configured to be read from the memory component, and with the decryption key being associated with the encryption key;
  
  verification data to protect the decryption key; and
  
  encrypted data related to operation of the medical device being stored in the data structure and wherein the encrypted data is encrypted, at the console, by the encryption key that was previously stored in the data structure and subsequently eliminated such that the encryption key is no longer present in the memory component;
  
  wherein the decryption key associated with the eliminated encryption key is preserved on the memory component after elimination of the encryption key and wherein the decryption key is configured such that decrypting the encrypted data is possible using only the decryption key associated with the eliminated encryption key, and wherein the decryption key is authenticatable with the verification data.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The medical device of claim 12, wherein the encryption key and the decryption key are randomly generated such that the encryption key and the decryption key are unique to and exist solely for the medical device.
  - 14. The medical device of claim 12, wherein the encrypted data is written over the encryption key to eliminate the encryption key.
  - 15. The medical device of claim 12, wherein the data related to operation of the medical device comprises one or more of usage data and calibration data.
  - 16. The medical device of claim 12, further comprising:
    - identification data related to identification of the medical device being stored in the data structure;
      
      the verification data to further protect the identification data; and
      
      the identification data being authenticatable with the verification data.
  - 17. The medical device of claim 12, wherein the medical device comprises a handpiece and wherein the memory component is positioned in the handpiece.
  - 18. The medical device of claim 12, wherein the data structure further comprises a plurality of encryption keys and a plurality of decryption keys, and with each one of the decryption keys being associated with one of the encryption keys.
  - 19. The medical device of claim 18, wherein the data structure includes a plurality of data segments and wherein each one of the encryption keys is stored in a different one of the data segments and wherein each one of the decryption keys is stored in a different one of the data segments.
  - 20. The medical device of claim 18, wherein the data structure includes a plurality of data segments and wherein at least one encryption key and associated decryption key pair is stored in single data segment.
  - 21. The medical device of claim 18, wherein each of the encryption keys and each of the decryption keys are randomly generated such that the encryption keys are different from one another, the decryption keys are different from one another, and the encryption keys and the decryption keys are different from one another.

22. A method of managing the ability of a console to modify authentic data on a memory component of a medical device that is connectable to the console, the memory component comprising a data structure including an encryption key, a decryption key associated with the encryption key, and verification data to protect the decryption key, the method comprising the console performing the steps of:
- reading the encryption key from the memory component of the medical device;
  
  encrypting, at the console, the data with the read encryption key such that the data remains authentic;
  
  storing the encrypted data on the data structure;
  
  eliminating the encryption key from the data structure such that the console is no longer able to read the read encryption key from the memory component of the medical device, thereby preventing the console from modifying the authentic data;
  
  reading, from the memory component, the decryption key associated with the read encryption key for providing the ability to read the authentic data;
  
  decrypting the encrypted data with the read decryption key; and
  
  authenticating the decryption key with the verification data.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The method of claim 22, wherein the memory component further includes identification data related to the medical device, the method further including protecting the decryption key and identification data using asymmetric key encryption providing a secret key and a public key.
  - 24. The method of claim 23, further including providing one console access to the secret key and providing another console access to the public key.
  - 25. The method of claim 22, further including protecting the encryption key and the authentic data using asymmetric key encryption utilizing a secret key and a public key.
  - 26. The method of claim 25, further including providing one console access to the secret key and providing another console access to the public key.
  - 27. The method of claim 22 wherein the memory component further includes identification data related to the medical device, and further comprising:
    - protecting the identification data with the verification data; and
      
      authenticating the identification data with the verification data.
  - 28. The method of claim 22, wherein the memory component further comprises a plurality of encryption keys and a plurality of decryption keys, and with each one of the decryption keys being associated with one of the encryption keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Stryker Sustainability Solutions, Inc. (Stryker Corporation)
Original Assignee
Stryker Sustainability Solutions, Inc. (Stryker Corporation)
Inventors
Hunn, David Robert Joseph
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Chao, Michael W

Application Number

US14/925,307
Publication Number

US 20160117449A1
Time in Patent Office

1,070 Days
Field of Search

None
US Class Current
CPC Class Codes

A61B 5/00   Measuring for diagnostic pu...

G06F 21/62   Protecting access to data v...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2107   File encryption

G16H 10/60   for patient-specific data, ...

G16Z 99/00   Subject matter not provided...

H04L 63/068   using time-dependent keys, ...

Medical device with cryptosystem and method of implementing the same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Medical device with cryptosystem and method of implementing the same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links