Method and system for establishing cryptographic communications between a remote device and a medical device

US 8,892,886 B2
Filed: 03/14/2013
Issued: 11/18/2014
Est. Priority Date: 11/06/2009
Status: Active Grant

First Claim

Patent Images

1. A method for establishing cryptographic communications between a remote device and a medical device, comprising:

establishing unencrypted communication between the remote device and the medical device;

generating an asymmetric key pair by the remote device, the asymmetric key pair comprising a public key and a private key;

generating a key request message by the remote device and sending of the key request message together with the public key to the medical device;

generating a pre-master key by the medical device and encryption of the pre-master key with the received public key by the medical device;

generating a key response message by the medical device and sending of the key response message together with the encrypted pre-master key from the medical device to the remote device;

decrypting the encrypted pre-master key with the private key by the remote device;

deriving a master key as symmetric key from the pre-master key; and

wherein the remote device and the medical device each compute verification data using the master key and wherein communication of application data may first start when the verification data computed by the devices have the same values.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system establishing cryptographic communications between a remote device and a medical device, with the medical device having less processing power than the remote device are disclosed. The method may comprise establishing unencrypted communication between the remote device and the medical device, generating an asymmetric key pair by the remote device comprising a public key and a private key, generating a key request message and sending of the key request message together with the public key to the medical device, generating a pre-master key and encryption of the pre-master key with the received public key by the medical device, generating a key response message and sending of the key response message together with the encrypted pre-master key from the medical device to the remote device, decrypting the encrypted pre-master key with the private key by the remote device, and deriving a master key as a symmetric key from the pre-master key.

22 Citations

View as Search Results

20 Claims

1. A method for establishing cryptographic communications between a remote device and a medical device, comprising:
- establishing unencrypted communication between the remote device and the medical device;
  
  generating an asymmetric key pair by the remote device, the asymmetric key pair comprising a public key and a private key;
  
  generating a key request message by the remote device and sending of the key request message together with the public key to the medical device;
  
  generating a pre-master key by the medical device and encryption of the pre-master key with the received public key by the medical device;
  
  generating a key response message by the medical device and sending of the key response message together with the encrypted pre-master key from the medical device to the remote device;
  
  decrypting the encrypted pre-master key with the private key by the remote device;
  
  deriving a master key as symmetric key from the pre-master key; and
  
  wherein the remote device and the medical device each compute verification data using the master key and wherein communication of application data may first start when the verification data computed by the devices have the same values.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein the step of deriving a master key as symmetric key from the pre-master key further comprises either using the pre-master key as the master key or by using the key request message or the key response message for the derivation of the master key from the pre-master key by each of the medical device and the remote device, the master key to be used for both decryption and encryption of application data to be communicated.
  - 3. The method of claim 2 further comprising the key request message or the key response message containing random data and a time stamp.
  - 4. The method of claim 1 further comprising starting communication of the application data after a user has confirmed that the verification data computed by the remote device and the medical device have the same values.
  - 5. The method of claim 4 further comprising preventing eavesdropping and ensuring that messages have not been manipulated by an attacker using the step of confirming verification.
  - 6. The method of claim 4 further comprising storing, by the remote device and the medical device, the computed master key in respective storage repositories and closing the connection between the devices unless the remote device sends the medical device a synchronizing message to re-establish a connection between the devices and the medical device determines a session identifier is valid.
  - 7. The method of claim 6 further comprising determining the session identifier is valid and sending an acknowledgment message to the remote device.
  - 8. The method of claim 1 further comprising configuring the medical device and the remote device such that the medical device has less processing power than the remote device.
  - 9. The method of claim 1, wherein the medical device is an insulin pump.
  - 10. The method of claim 1, wherein the medical device is a glucose meter.
  - 11. The method of claim 1, wherein the medical device is a personal computer.
  - 12. The method of claim 1, further comprising communicating using the devices, wherein the remote device and the medical device are configured to communicate through wireless communication, and wherein the wireless communication comprises radiofrequency, infrared, microwave, or inductive coupling.
  - 13. The method of claim 1, wherein the remote device and the medical device each further comprise a user interface and wherein the user interfaces are visual display units.
  - 14. The method of claim 1 wherein the remote device and the medical device each further comprise a user interface and wherein the user interfaces are at least one of a liquid crystal display (LCD), one or more light emitting diodes (LEDs), or a vacuum fluorescent display.
  - 15. The method of claim 1 wherein the remote device and the medical device each further comprise a user interface and wherein the user interfaces are audible devices that are responsive to a control signal to produce an audible sound.
  - 16. The method of claim 1 wherein the remote device and the medical device each further comprise a user interface and wherein the user interfaces are tactile devices configured to be responsive to a control signal to produce a tactile signal that may be perceived by a user.
  - 17. The method of claim 16 wherein the user interfaces further comprise a unit configured to receive and provide information, and which comprises keys or a touch screen.
  - 18. A system for establishing cryptographic communications, the system comprising a remote device and a medical device which performs the method of claim 1.
  - 19. The method of claim 1 further comprising the step of communicating cryptographically through secured communication of application data between the remote device and the medical device after completion of the step of verifying that data computed by the devices have the same values.
  - 20. The method of claim 1 further comprising limiting the amount of communication that the medical device can accept in a time frame to prevent denial-of-service attacks.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Roche Diabetes Care Inc. (Roche Holding AG)
Original Assignee
Roche Diagnostics International AG (Roche Holding AG)
Inventors
Konrad, Guido, Troesch, Martin, Lindner, Felix, Kopf, Gregor
Primary Examiner(s)
McNally, Michael S

Application Number

US13/826,048
Publication Number

US 20130227288A1
Time in Patent Office

614 Days
Field of Search

380/282, 600/634, 600/364, 300/282
US Class Current

713/168
CPC Class Codes

G06F 21/606   by securing the transmissio...

G16H 40/67   for remote operation

H04L 2209/80   Wireless network architectu...

H04L 2209/88   Medical equipments

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/10   for controlling access to d...

H04L 63/166   at the transport layer

H04L 9/002   Countermeasures against att...

H04L 9/006   involving public key infras...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/30   Public key, i.e. encryption...

H04L 9/302   involving the integer facto...

H04L 9/3297   involving time stamps, e.g....

Method and system for establishing cryptographic communications between a remote device and a medical device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for establishing cryptographic communications between a remote device and a medical device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links