TY - GEN
T1 - Voiceprint-based access control for wireless insulin pump systems
AU - Hao, Bin
AU - Hei, Xiali
AU - Tu, Yazhou
AU - Du, Xiaojiang
AU - Wu, Jie
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/12/6
Y1 - 2018/12/6
N2 - Insulin pumps have been widely used by patients with diabetes. Insulin pump systems adopt wireless channel with few cryptographic mechanisms, which makes them vulnerable to many attacks. In this paper, we focus on the wireless channel between Carelink USB and insulin pump on which the attackers can launch message eavesdropping and/or therapy manipulation attacks, which may put the patient in a life-threatening situation. Some prior solutions such as certificate-based or token-based schemes need either complicated key management or additional devices. We propose a novel voiceprint-based access control scheme comprising anti-replay speaker verification and voiceprint-based key agreement to secure the channel between the Carelink USB and insulin pump. Our scheme does not need permanent key sharing or additional devices. The anti-replay speaker verification adopts cascaded fusion of speaker verification and anti-replay countermeasure to ensure the insulin pump can be accessed by Carelink USB only after the legitimate user passes the identity verification. The evaluation on ASVspoof 2017 datasets shows that our scheme achieves a 4.02% Equal Error Rate (EER) with the existence of replay impostors. Besides, our scheme uses energy-difference-based voiceprint extraction and secure multi-party computing to generate a common cryptography (temporary) key between the Carelink USB and insulin pump, which can be used to encrypt the subsequent communication, and protect the insulin pump from eavesdropping and therapy manipulation attacks. By appropriately setting the similarity threshold of voiceprints, our key agreement scheme allows the insulin pump to establish a secure channel only with the device in its close proximity.
AB - Insulin pumps have been widely used by patients with diabetes. Insulin pump systems adopt wireless channel with few cryptographic mechanisms, which makes them vulnerable to many attacks. In this paper, we focus on the wireless channel between Carelink USB and insulin pump on which the attackers can launch message eavesdropping and/or therapy manipulation attacks, which may put the patient in a life-threatening situation. Some prior solutions such as certificate-based or token-based schemes need either complicated key management or additional devices. We propose a novel voiceprint-based access control scheme comprising anti-replay speaker verification and voiceprint-based key agreement to secure the channel between the Carelink USB and insulin pump. Our scheme does not need permanent key sharing or additional devices. The anti-replay speaker verification adopts cascaded fusion of speaker verification and anti-replay countermeasure to ensure the insulin pump can be accessed by Carelink USB only after the legitimate user passes the identity verification. The evaluation on ASVspoof 2017 datasets shows that our scheme achieves a 4.02% Equal Error Rate (EER) with the existence of replay impostors. Besides, our scheme uses energy-difference-based voiceprint extraction and secure multi-party computing to generate a common cryptography (temporary) key between the Carelink USB and insulin pump, which can be used to encrypt the subsequent communication, and protect the insulin pump from eavesdropping and therapy manipulation attacks. By appropriately setting the similarity threshold of voiceprints, our key agreement scheme allows the insulin pump to establish a secure channel only with the device in its close proximity.
KW - Access control
KW - Acoustic channel
KW - Speaker verification
KW - Voice anti-replay
KW - Voiceprint
KW - Wireless insulin pump
UR - http://www.scopus.com/inward/record.url?scp=85060230907&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85060230907&partnerID=8YFLogxK
U2 - 10.1109/MASS.2018.00046
DO - 10.1109/MASS.2018.00046
M3 - Conference contribution
AN - SCOPUS:85060230907
T3 - Proceedings - 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2018
SP - 245
EP - 253
BT - Proceedings - 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2018
T2 - 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2018
Y2 - 9 October 2018 through 12 October 2018
ER -