IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY INBIOMEDICINE, VOL. 14, NO. 6, NOVEMBER 2010 1397 Trustworthy Data Collection From Implantable Medical Devices Via High-Speed Security Implementation Based on IEEE 1363 Fei Hu, Member, IEEE, Qi Hao, Member, IEEE, Marcin Lukowiak, Member, IEEE, Qingquan Sun, Kyle Wilhelm, Stanislaw Radziszowski, and Yao Wu Abstract—Implantable medical devices (IMDs) have played an important role in many medical fields. Any failure in IMDs op- erations could cause serious consequences and it is important to protect the IMDs access from unauthenticated access. This study investigates secure IMD data collection within a telehealthcare [mobile health (m-health)] network. We use medical sensors car- ried by patients to securely access IMD data and perform se- cure sensor-to-sensor communications between patients to relay the IMD data to a remote doctor’s server. To meet the require- ments on low computational complexity, we choose N-th degree truncated polynomial ring (NTRU)-based encryption/decryption to secure IMD–sensor and sensor–sensor communications. An ex- tended matryoshkas model is developed to estimate direct/indirect trust relationship among sensors. An NTRU hardware imple- mentation in very large integrated circuit hardware description language is studied based on industry Standard IEEE 1363 to increase the speed of key generation. The performance analysis results demonstrate the security robustness of the proposed IMD data access trust model. Index Terms—Implantable medical devices (IMDs), industry Standard IEEE 1363, medical security, NTRU, trust model. I. INTRODUCTION H EALTHCARE cost is a large budget percentage in many countries. For example, the U.S. healthcare spending was about $7421 per resident in 2007 and accounted for 16.2% of the national gross domestic product [1]. One of the most ef- ficient ways to reduce healthcare labor cost is to use medical sensors to build a patient monitoring platform, which is called a telehealthcare system [2]. In addition to medical sensors, im- plantable medical devices (IMDs) have become an important approach to monitor and treat physiological conditions in pa- tients’ organs. Many different types of IMDs such as pacemak- ers, insulin pump, and brain neurostimulators can be used for a Manuscript received January 29, 2010; accepted January 29. 2010. Date of publication April 26, 2010; date of current version November 5, 2010. F. Hu, Q. Hao, Q. Sun, and Y. Wu are with the Electrical and Computer Engi- neering, The University of Alabama, Tuscaloosa, AL 35487-0286 USA (e-mail: fei@eng.ua.edu; qh@eng.ua.edu; qsun3@bama.ua.edu). M. Lukowiak and K. Wilhelm are with the Computer Engineering, Rochester Institute of Technology, Rochester, NY 14623-5603 USA (e-mail: mxleec@rit.edu). S. Radziszowski is with the Department of Computer Science, Rochester In- stitute of Technology, Rochester, NY 14623-5603 USA (e-mail: spr@cs.rit.edu). Color versions of one or more of the figures in this paper are available online at http://ieeexplore.ieee.org. Digital Object Identifier 10.1109/TITB.2010.2049204 series of critical medical purposes including cardiac arrhythmia, diabetes treatment. It was estimated that U.S. citizens used over 25 million IMDs already for life-critical functions [3]. It is important to guarantee the data access security via low- complexity schemes for the IMDs because of the following. 1) IMDs are implanted in patients’ organs. Unlike regular medical sensors, those IMDs are so close to organs that any small change in their control parameters could threaten the patient’s life. For instance, a pacemaker cannot be stopped in order to activate heartbeats regularly. 2) IMD security is a governmental rule in many countries. For example, U.S. Department of Health and Human Services issued patient privacy protections as part of the Health In- surance Portability and Accountability Act of 1996. Most health insurers, pharmacies, doctors, and others are re- quired to comply with these federal standards [4]. While there exist several secure, well documented, asym- metric algorithms, most of them [such as Rivest, Shamir, and Adleman (RSA)] require large amounts of memory and sig- nificant computation time. We propose to use a very efficient, low overhead, public key encryption algorithm to support a high level of security. Such an algorithm is NTRU [5], [6]. In addition, there is a need for building a robust trust model and computing quantitative trust relationships among sensors and IMDs. Our contributions reported in this paper include the following. 1) Hardware-oriented NTRU design and NTRU speed opti- mization in medical signal transmission. Real-time sensor data authentication and intrusion detection are expected with low complexity and energy consumption in medical sensor network system, where the stream decryption time cannot go beyond 100 μs [7]. This paper presents a series of optimizations in the NTRU circuit design to achieve a high operation speed with low power dissipation. 2) Integration of NTRU with an indirect/direct trust model. Our initial study on the possibility of using NTRU-based algorithms to achieve medical security has generated some preliminary results [8]–[11]. In this study, we significantly extend our previous research by closely integrating IMD– sensor indirect/direct trust model with NTRU hardware implementation to achieve comprehensive m-health IMD data collections anywhere and anytime. 3) Comprehensive and quantitative performance analysis on NTRU industry standard implementation and trust-based IMD/sensor security. We have evaluated our NTRU hard- ware design performance under the industry Standard 1089-7771/$26.00 © 2010 IEEE