RSS-Based Secret Key Generation in Wireless In-body Networks Muhammad Faheem Awan 1 , Kimmo Kansanen 1 , Sofia Perez-Simbor 2 , Concepcion Garcia-Pardo 2 , Sergio Castell´ o-Palacios 2 and Narcis Cardona 2 1 Department of Electronics, NTNU, Trondheim, Norway 2 iTEAM, Universitat Polit` ecnica de Val` encia, Spain {faheem.awan}@ntnu.no Abstract—Secure communication is considered as an integral part of next generation wireless implantable med- ical devices. In this work, we provide the symmetric cryptographic key generating approach by exploiting the randomness in received signal strength (RSS) for data en- cryption in an in-body network. The application of concern is the wireless modules for next generation leadless cardiac pacemaker with two units. For RSS based key generation method, both the units probe the wireless channel for RSS measurements within the coherence time and outputs the encryption key bits based on available randomness and quantization algorithm. To evaluate the available randomness in RSS measurements, the methodology of phantom experiments is adapted to emulate the cardiac cycle. It has been found that the measurements emulating the cardiac cycle can be approximated to follow the log- Normal distribution. Moreover, a high correlation of RSS measurements is observed across the pacemaker units to generate a symmetric key whereas the eavesdropper link is found to be highly de-correlated. Based on the available randomness, the quantization algorithm generates 2- bits per cardiac cycle and requires 64 cardiac cycles to generate a 128-bit binary key string with an average mismatch percentage of 1 % over 1000 key runs. Index Terms—Implanted Medical Devices; Wireless lead- less cardiac pacemaker; WBAN, Security and Privacy, Physical layer security, RSS based Quantization I. I NTRODUCTION The technological advancements in wireless body area networks results in number of implantable and wearable medical devices. Among these devices the most notable are cardiac pacemaker and implanted cardiac defibrilla- tors. Pacemakers are implanted inside the human heart for treatment of cardiac arrhythmia’s. There are about 0.7 million pacemaker implantation’s worldwide [1]. Current versions of pacemakers contain subcutaneous implant (can) under the skin beneath the shoulder that is connected via wires through sub-clavian vein to the electrodes in right atrium and right ventricle. The next generation of these pacemakers is expected to be wireless between electrodes and subcutaneous implant. Fig. 1 shows the implementation of leadless cardiac pacemaker (LCP) in the right ventricle communicating with subcu- taneous implant wirelessly 1 . The only available leadless pacemakers in the market are Medtronics Micra [2] and Nanostim-LCP, which are autonomous leadless pace- makers in right ventricle without subcutaneous implant. The wireless nature of these leadless pacemakers is significant source of security risks and makes it more visible, facilitating eavesdropper to overhear the commu- nication. Due to the sensitive nature of these pacemakers, it’s essential to protect the communication between these pacemaker modules. In [3], Halperin et al exploits the wireless vulner- abilities to extract the patients data from pacemaker by using off the shelf programmer and antennas. A complete review of security and privacy concerns related to implanted medical devices is provided in [4]. Several approaches are available in the literature to secure the wireless body area network (WBAN) com- munications, that includes techniques from traditional cryptographic algorithms to wireless physical layer secu- rity methods (PLS). This work focuses on physical layer security methods. PLS methods exploit wireless channel to secure com- munication between legitimate parties. In [5], Zhang et al provides a comprehensive review on key generation techniques from wireless channels. The concept of key generation from wireless channels was first introduced by Maurer in [6]. The commonly used parameters for key generation are Received signal strength (RSS), An- gle of Arrival (AoA), Channel transfer function (CTF) and Channel Impulse Response (CIR). In [7], a novel key generating architecture is provided for low power constrained devices. Similarly, in [8] [9], an RSS based secret key generation method is utilized for on-body WBAN nodes. In context of wireless in-body area net- works, most of the literature is focussed on generating the secret key by using common bio-metric feature like ECG, EEG and EMG [10]–[12]. In this work, we utilize an RSS based secret key generation approach in context of wireless in-body net- work. Our used case application is next generation of 1 EU Horizon 2020 Project WiBEC