Hardware Protection for Medical Implants Security ASIC for the Quantum-safe Pacemaker

Related Vendor

Taiwan Machine Tool & Accessory Builders' Association (TMBA)

If quantum computers crack current encryptions in the future, vital wearables will be acutely endangered. A new ASIC design from MIT is now putting a stop to this: The extremely economical chip brings post-quantum cryptography directly into the implant and offers integrated hardware protection against power-side channel attacks and voltage glitching.

Wireless biomedical devices are increasingly networked and interfere deeply with patients' privacy and health. This makes them a critical target. Current encryption standards will be compromised by future quantum computers, but the so-called post-quantum cryptography (PQC) methods are so computationally complex that they would drain the batteries of implants and wearables in a very short time.

A team at MIT led by PhD student Seoyoon Jang and the renowned low-power expert Prof. Anantha Chandrakasan have now presented a hardware solution to this dilemma. The researchers developed a security ASIC based on a 28 nm CMOS process that is no larger than the tip of a needle.

Dual PQC Architecture

The chip achieves 20 to 60 times higher energy efficiency than previous PQC implementations and consumes just 0.86 µJ per computing operation. To achieve this, the architecture uses so-called resource sharing. The chip supports two different PQC schemes simultaneously. Instead of implementing separate hardware blocks for each scheme, both methods share the same internal memory and the same arithmetic units. This saves valuable chip space (silicon area) and drastically reduces leakage currents. The dual design also makes the chip future-proof in case one of the two PQC methods is cracked in the future.

In addition, the developers integrated a True Random Number Generator (TRNG) directly on the die. The native on-chip generation of secret keys saves the enormous energy overhead that would arise when communicating with external TRNG components.

Better Protection

Pure algorithmic protection is often not sufficient for implants, as attackers can potentially gain physical access to the device. The MIT developers therefore implemented targeted countermeasures against power-side channel attacks. In these attacks, hackers attempt to deduce cryptographic keys by analyzing minimal power fluctuations. As continuous defensive measures would cost an extreme amount of energy, the ASIC's protection only intervenes in those computing operations that are most susceptible to side-channel attacks.

The design also features early error protection. If attackers attempt to provoke errors by glitching, for example by deliberately manipulating the power supply, the chip recognizes this immediately and aborts the operation. This not only protects the data, but also prevents energy being wasted on faulty, compromised calculations.

According to Jang and Chandrakasan, who also collaborated with physicians from Brigham and Women's Hospital on this project funded by the US health authority ARPA-H, the new ASIC architecture is not only suitable for medical sensors, but can also be seamlessly transferred to other energy- and resource-constrained applications such as industrial IoT (IIoT) or smart tags. (heh)

Secure and Compliant Authentication in Laboratories

Secure & Contactless User Authentication at GMP/GLP