One thing that has been starting to get more press are medical implants that are wireless. Researchers in China have devised a way to encrypt signals in these biometric devices using the patients heartbeat.
From Heise:
But the opportunities also increase the risks. Wireless implants are vulnerable to malicious attacks, which can be fatal. Experts say that signals must be securely encrypted. Now, researchers from the Chinese University of Hong Kong have presented their solution based on biometric features. The patient’s individual heartbeat, which can easily be measured from the person’s pulse, is used as the key for encryption. In their tests, 64-bit encryption works quite well, with the recognition ratio being nearly as accurate as with conventional fingerprint recognition systems. In the journal IEEE Transactions on Information Technology in Biomedicine, the researchers argue that heartbeat encryption is even safer because the constantly changing heartbeat cannot be mimicked by a recorded copy.
An interesting thought. But, could this also provide the key to break the crypto? Using a high powered parabolic microphone one could feasibly record the heartbeat of a target while they’re sitting at a sidewalk cafe.
Now imagine that the biometric device that you are looking to control is a heart monitor or insulin dispenser. This could potentially have horrific consequences. Sure the researchers say that it would be “impossible for attackers to use recorded data as a key at a later date”. Never say never. Of course this falls into the FUD category but, makes for an interesting movie plot line.
I might be a starting soundie (“location sound recordist”) and havent had my hands on laser mic’s or stuff like that but recording a heartbeat anywhere outside of a *really* quite room (like soundproof studio quiet) seems like a pretty hard thing to do (like: ha-ha. nah.) and getting a clean recording without any interference seems impossible.
if somebody manages to prove me wrong, I’ll be the first to buy him/her a pint (before the CIA/KGB/MI6/whatever-chinees-got get’s them ;] )
@harce
Hmm, fair enough. Anyone care to collect on the pint?
🙂
@harce
It is just a matter of the quality of your signal processing. If I can get my hands on the right test equipment (very expensive), you’ll owe me a pint.
I also wonder about encrypting with the patients normal heartbeat. Seems to me that the time when the doctor wants data from the device or wants to send it commands is when the patient’s heartbeat is irregular. Can they predict what a fibrillating heartbeat looks like based don normal heartbeat?
Curious minds want to know.