Live Science Plus
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Delivered Daily
Daily Newsletter
Sign up for the latest discoveries, groundbreaking research and fascinating breakthroughs that impact you and the wider world direct to your inbox.
Once a week
Life's Little Mysteries
Feed your curiosity with an exclusive mystery every week, solved with science and delivered direct to your inbox before it's seen anywhere else.
Once a week
How It Works
Sign up to our free science & technology newsletter for your weekly fix of fascinating articles, quick quizzes, amazing images, and more
Delivered daily
Space.com Newsletter
Breaking space news, the latest updates on rocket launches, skywatching events and more!
Once a month
Watch This Space
Sign up to our monthly entertainment newsletter to keep up with all our coverage of the latest sci-fi and space movies, tv shows, games and books.
Once a week
Night Sky This Week
Discover this week's must-see night sky events, moon phases, and stunning astrophotos. Sign up for our skywatching newsletter and explore the universe with us!
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
In the second season of the TV show "Homeland," terrorists assassinated the vice president of the United States (played by Jamey Sheridan) by hacking into his Wi-Fi-enabled pacemaker, and inducing a heart attack.
That isn't just fiction, researchers say: Many pacemakers and other implantable medical devices (IMDs), such as insulin pumps, connect to the Internet via Wi-Fi to share important medical data with doctors. But very few of these devices use secure connections.
That's why researchers at Rice University in Houston decided to look for a better way to protect people's IMDs. [9 Odd Ways Your Tech Devices May Injure You]
You could say their solution "beats" the competition: They use a patient's heartbeat as a constantly changing password.
"We use the heartbeat as a random-number generator," said Farinaz Koushanfar, an assistant professor of electrical and computer engineering at the university. "Your heart generates pulses, and the timing of these pulses has a good amount of randomness to them…. This is a true random number generator."
An uncrackable code
Random numbers are an essential part of any encryption system, and the more random, the better the encryption. The randomness of the human heartbeat, combined with the fact that a doctor or potential attacker would need to physically touch a patient to measure the heartbeat in order to access the IMD, forms the basis of the researchers' device.
Most companies that make IMDs choose not to encrypt their devices' wireless connections because an IMD's most important job is to save its wearer's life, Koushanfar said. If companies have to choose between reliable, easy access and security against intruders, they'll always choose the former, she told LiveScience.
Even if developers could find a way to balance security and ease of access, strong encryption requires additional processing power, which means a bigger drain on the IMD's battery, Koushanfar explained. Because changing an IMD's battery usually means operating on a patient, developers are hesitant to do anything that will significantly shorten the battery life.
The researchers say their program would only minimally drain an IMD's battery, while still ensuring a high degree of security.
It works like this: Using a Wi-Fi-enabled electrocardiogram reader, or EKG, the doctor will initiate a connection with a patient's IMD. But the devices don't actually share until both the doctor's EKG reader and the patient's IMD take a 12-second reading of the patient's heartbeat.
Once the doctor's EKG reader and the patient's IMD have been connected, the two devices will then generate a number based on the patient's unique heartbeat pattern, and then, like poker players simultaneously showing each other their hands, the two devices will show each other their numbers.
Pacemakers
The researchers say their program would work best with pacemakers, but could also be used in any IMD that can reliably detect the pulse.
Koushanfar said the next step in the research , which she completed with graduate student Mahmoud Rostami, is to get the program approved for use by the Food and Drug Administration.
To treat a person with an IMD secured in this way, all doctors have to do is download the program to their EKG device, she said.
Many researchers have developed algorithms for generating numbers that seem to be random to humans. But there's no such thing as a true random number generator because computers are inherently logical machines, and always use some sort of process to generate the numbers that, without extremely close scrutiny, only appear to be random. The Rice researchers may have gotten around that problem.
"Those mathematical versions are pseudorandom generators," Rostami said. "This is a real random number generator."
Email jscharr@techmedianetwork.com or follow her @JillScharr. Follow us @livescience, Facebook & Google+. Original article on LiveScience.
