Secure Telemetric Link

US 20080046039A1
Filed: 07/26/2007
Published: 02/21/2008
Est. Priority Date: 08/18/2006
Status: Active Grant

First Claim

Patent Images

1. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:

assigning to each node an identifier unique to each node within the network;

assigning to each node a device key unique to each node within the network;

assigning to the network a network key;

establishing a communication session between the at least first and second nodes;

providing the network key to at least the second node;

providing the second node'"'"'s identifier to the first node;

providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery;

preparing a first communication comprising the first node'"'"'s identifier and the second node'"'"'s identifier;

securing the first communication with the second node'"'"'s device key;

transmitting the first communication to the second node;

decrypting at the second node the first communication using the second node'"'"'s device key;

providing the first node with the network key subject to verification that the second node'"'"'s device key was used to secure the first communication; and

securing a second communication among the at least first and second nodes using the network key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communications protocol is used to provide data privacy, message integrity, message freshness, and user authentication to telemetric traffic, such as to and from implantable medical devices in a body area network. In certain embodiments, encryption, message integrity, and message freshness are provided through use of token-like nonces and ephemeral session-keys derived from device identification numbers and pseudorandom numbers.

53 Citations

View as Search Results

30 Claims

1. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:
- assigning to each node an identifier unique to each node within the network;
  
  assigning to each node a device key unique to each node within the network;
  
  assigning to the network a network key;
  
  establishing a communication session between the at least first and second nodes;
  
  providing the network key to at least the second node;
  
  providing the second node'"'"'s identifier to the first node;
  
  providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery;
  
  preparing a first communication comprising the first node'"'"'s identifier and the second node'"'"'s identifier;
  
  securing the first communication with the second node'"'"'s device key;
  
  transmitting the first communication to the second node;
  
  decrypting at the second node the first communication using the second node'"'"'s device key;
  
  providing the first node with the network key subject to verification that the second node'"'"'s device key was used to secure the first communication; and
  
  securing a second communication among the at least first and second nodes using the network key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 1, wherein the provision to the first node of the second node'"'"'s device key in a manner not subject to unauthorized discovery is effected by entry of the device key from a physical token.
  - 3. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 1, wherein the step of providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery comprises the steps of:
    - placing the second node'"'"'s device key on a physical token; and
      
      transferring the second node'"'"'s device key from the physical token to the first node.
  - 4. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 3, wherein in the step of providing to the first node the second node'"'"'s device key in a manner not subject to unauthorized discovery, the second node'"'"'s device key is stored on the physical token and the step of transferring of the second node'"'"'s device key from the physical token to the first node is done electronically.
  - 5. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 4, wherein the step of transferring of the second node'"'"'s device key from the physical token to the first node electronically is done in a manner in which the first node is provided the device key in encrypted form.
  - 6. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 3, wherein the physical token is a key fob containing at least one processor.
  - 7. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 6, wherein the step of securing the first communication is effected by means of the at least one processor of the key fob.
  - 8. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 3, wherein the physical token is a smartcard.
  - 9. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 8, wherein the step of securing the first communication is effected by the smartcard.
  - 10. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 9, wherein the second node'"'"'s device key is encrypted by authentication information and stored on the smartcard.
  - 11. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 10, where the authentication information comprises a string of password characters.
  - 12. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 10, wherein the authentication information comprises biometric parameters.
  - 13. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 1, wherein the network includes a medical data service network.
  - 14. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 1, wherein at least one of the at least first and second nodes comprises an implantable medical device.

16. In a telecommunications network having at least first and second nodes in communication with each other, a method of making secure at least one communication between the at least first and second nodes during a communication session, comprising the steps of:
- assigning to each node an identifier unique to each node within the network;
  
  assigning to each node a device key unique to each node within the network;
  
  assigning to the network a network key;
  
  establishing a communication session between the at least first and second nodes;
  
  providing the network key to at least the first node;
  
  providing the second node'"'"'s identifier to the first node;
  
  securely providing to the first node the second node'"'"'s device key;
  
  transmitting from the second node to the first node a first communication comprising the first node'"'"'s identifier, the second node'"'"'s identifier, and the network key, wherein the first communication is secured with the second node'"'"'s device key; and
  
  securing a second communication among the at least first and second nodes using the network key.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 16, wherein the step of securing the second communication among the at least first and second nodes using the network key comprises the steps of:
    - generating a session key at the first node as a function of the network key and a first arbitrary number;
      
      independently generating the session key at the second node as a function of the network key and the first arbitrary number; and
      
      using the session key to secure the second communication among the at least first and second nodes.
  - 18. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 17, wherein the first arbitrary number is a pseudorandom number.
  - 19. The method of making secure at least one communication between the at least first and second nodes during a communication session of claim 17, wherein the first arbitrary number is generated by a method of arbitrary number generation, comprising the steps of:
    - generating a second arbitrary number at the first node;
      
      providing the second arbitrary number to the second node;
      
      generating a third arbitrary number at the second node;
      
      providing the third arbitrary number to the first node; and
      
      generating the first arbitrary number as a function of both the second arbitrary number and the third arbitrary number.
  - 20. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 19, wherein at least one of the second arbitrary number and third arbitrary number is a pseudorandom number.
  - 21. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 17, wherein the step of securing the second communication among the at least first and second nodes with the session key comprises the step of executing bitwise modulo-2 addition between the output of a cipher and a message comprising plaintext, wherein the output of the cipher is a function of both the session key and a first nonce that is unique within the communication session.
  - 22. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 21, wherein the first nonce is a function of the number of discrete communications that have been transmitted between the at least first and second nodes during the communication session, and a size of the discrete communications.
  - 23. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 22, wherein the discrete communications are packets.
  - 24. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 23, wherein the size of the discrete communications is measured in blocks.
  - 25. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 24, wherein the cipher is a block cipher.
  - 26. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 25, further comprising the step of appending to each discrete communication an authentication tag derived from the discrete communication to which it is appended.
  - 27. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 26, wherein the authentication tag is a function of the session key and the plaintext of the message being communicated.
  - 28. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 27, wherein the authentication tag is also a function of a second nonce, wherein the second nonce is a function of the number of discrete communications that have been transmitted between the at least first and second nodes of the network during the communication session.
  - 29. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 26, wherein the authentication tag is a function of the session key, the plaintext of the message being communicated, and the number of discrete communications that have been transmitted between the at least first and second nodes of the network during the communication session.
  - 30. The method of making secure the at least one communication between the at least first and second nodes during a communication session of claim 26, wherein the authentication tag is the result of a hash function performed on the discrete communication to which the authentication tag is appended.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Medtronic Incorporated (Medtronic Plc)
Original Assignee
Medtronic Incorporated (Medtronic Plc)
Inventors
Corndorf, Eric D.

Granted Patent

US 7,930,543 B2
Time in Patent Office

Days
Field of Search
US Class Current

607/60
CPC Class Codes

A61N 1/37252   Details of algorithms or da...

A61N 1/37254   Pacemaker or defibrillator ...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/0853   using an additional device,...

H04L 9/0844   with user authentication or...

H04L 9/0897   involving additional device...

H04L 9/3231   Biological data, e.g. finge...

Secure Telemetric Link

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

30 Claims

Specification

Use Cases

Quick Links

Others

Secure Telemetric Link

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

30 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others