{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T00:08:08Z","timestamp":1755907688838,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":68,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T00:00:00Z","timestamp":1722297600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,30]]},"DOI":"10.1145\/3664476.3670876","type":"proceedings-article","created":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T12:35:50Z","timestamp":1721910950000},"page":"1-13","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["OOBKey: Key Exchange with Implantable Medical Devices Using Out-Of-Band Channels"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7302-9088","authenticated-orcid":false,"given":"Mo","family":"Zhang","sequence":"first","affiliation":[{"name":"The University of Melbourne, Australia and University of Birmingham, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5002-0187","authenticated-orcid":false,"given":"Eduard","family":"Marin","sequence":"additional","affiliation":[{"name":"Telefonica Research, Spain"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1632-497X","authenticated-orcid":false,"given":"Mark","family":"Ryan","sequence":"additional","affiliation":[{"name":"University of Birmingham, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2804-6038","authenticated-orcid":false,"given":"Vassilis","family":"Kostakos","sequence":"additional","affiliation":[{"name":"The University of Melbourne, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8271-0289","authenticated-orcid":false,"given":"Toby","family":"Murray","sequence":"additional","affiliation":[{"name":"The University of Melbourne, Australia and Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7831-2632","authenticated-orcid":false,"given":"Benjamin","family":"Tag","sequence":"additional","affiliation":[{"name":"Monash University, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8524-5282","authenticated-orcid":false,"given":"David","family":"Oswald","sequence":"additional","affiliation":[{"name":"University of Birmingham, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2024,7,30]]},"reference":[{"volume-title":"Understanding PKI: concepts, standards, and deployment considerations","author":"Adams Carlisle","key":"e_1_3_2_1_1_1","unstructured":"Carlisle Adams and Steve Lloyd. 2003. Understanding PKI: concepts, standards, and deployment considerations. Addison-Wesley Professional."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2750858.2807521"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.3390\/s151128889"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098243.3098256"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"S.\u00a0Abhishek Anand and Nitesh Saxena. 2017. A Sound for a Sound: Mitigating Acoustic Side Channel Attacks on Password Keystrokes with Active Sounds. In Financial Cryptography and Data Security. 346\u2013364.","DOI":"10.1007\/978-3-662-54970-4_21"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2018.2873372"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Lawrence Bassham Andrew Rukhin Juan Soto James Nechvatal Miles Smid Stefan Leigh M Levenson M Vangel Nathanael Heckert and D Banks. 2010. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications.","DOI":"10.6028\/NIST.SP.800-22r1a"},{"volume-title":"Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy. 72\u201384","author":"Bellovin S.M.","key":"e_1_3_2_1_8_1","unstructured":"S.M. Bellovin and M. Merritt. 1992. Encrypted key exchange: password-based protocols secure against dictionary attacks. In Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy. 72\u201384."},{"key":"e_1_3_2_1_9_1","unstructured":"Philipp Bobek. 2022. Compass. https:\/\/github.com\/Kr0oked\/Compass."},{"key":"e_1_3_2_1_10_1","unstructured":"Bosch. 2014. BNO055 Intelligent 9-axis absolute orientation sensor. https:\/\/cdn-shop.adafruit.com\/datasheets\/BST_BNO055_DS000_12.pdf Rev. 1.2."},{"key":"e_1_3_2_1_11_1","unstructured":"Cybersecurity and Infrastructure\u00a0Security Agent. 2020. Medtronic 2090 Carelink Programmer Vulnerabilities (Update C).https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/ICSMA-18-058-01."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 3rd Conference on Hot Topics in Security. Article 5, 7\u00a0pages.","author":"Denning Tamara","year":"2008","unstructured":"Tamara Denning, Kevin Fu, and Tadayoshi Kohno. 2008. Absence Makes the Heart Grow Fonder: New Directions for Implantable Medical Device Security. In Proceedings of the 3rd Conference on Hot Topics in Security. Article 5, 7\u00a0pages."},{"volume-title":"Global Active Implantable Medical Devices Market is Expected to Reach USD 30.42 Billion by","year":"2025","key":"e_1_3_2_1_13_1","unstructured":"GlobeNewswire. 2019. Global Active Implantable Medical Devices Market is Expected to Reach USD 30.42 Billion by 2025. https:\/\/www.globenewswire.com\/news-release\/2019\/08\/08\/1898922\/0\/en\/Global-Active-Implantable-Medical-Devices-Market-is-Expected-to-Reach-USD-30-42-Billion-by-2025-Fior-Markets.html."},{"key":"e_1_3_2_1_14_1","volume-title":"Activity classification using a single chest mounted tri-axial accelerometer. Medical engineering & physics 33, 9","author":"Godfrey Alan","year":"2011","unstructured":"Alan Godfrey, AK Bourke, GM Olaighin, P Van De\u00a0Ven, and J Nelson. 2011. Activity classification using a single chest mounted tri-axial accelerometer. Medical engineering & physics 33, 9 (2011), 1127\u20131135."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2018436.2018438"},{"key":"e_1_3_2_1_16_1","unstructured":"HACKADAY. 2020. Using IR LEDS to hide in plain sight.https:\/\/hackaday.com\/2020\/02\/28\/using-ir-leds-to-hide-in-plain-sight\/."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866319"},{"key":"e_1_3_2_1_18_1","volume-title":"Security and privacy for implantable medical devices","author":"Halperin Daniel","year":"2008","unstructured":"Daniel Halperin, Thomas\u00a0S Heydt-Benjamin, Kevin Fu, Tadayoshi Kohno, and William\u00a0H Maisel. 2008. Security and privacy for implantable medical devices. IEEE pervasive computing 7, 1 (2008), 30\u201339."},{"key":"e_1_3_2_1_19_1","volume-title":"Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. In 2008 IEEE Symposium on Security and Privacy (sp","author":"Halperin Daniel","year":"2008","unstructured":"Daniel Halperin, Thomas\u00a0S. Heydt-Benjamin, Benjamin Ransford, Shane\u00a0S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, and William\u00a0H. Maisel. 2008. Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. In 2008 IEEE Symposium on Security and Privacy (sp 2008). 129\u2013142."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/964696.964713"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/TOH.2013.2"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/319709.319714"},{"volume-title":"Security in Communication Networks","author":"Katz Jonathan","key":"e_1_3_2_1_23_1","unstructured":"Jonathan Katz, Rafail Ostrovsky, and Moti Yung. 2003. Forward Secrecy in Password-Only Key Exchange Protocols. In Security in Communication Networks, Stelvio Cimato, Giuseppe Persiano, and Clemente Galdi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 29\u201344."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2744928"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1080\/10447318.2018.1455307"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3300061.3345434"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417286"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3302506.3310406"},{"key":"e_1_3_2_1_29_1","volume-title":"An Experimental Performance Evaluation of the Orientation Accuracy of Four Nine-Axis MEMS Motion Sensors. In 2017 5th International Conference on Enterprise Systems (ES). 185\u2013189","author":"Lin Zhirong","year":"2017","unstructured":"Zhirong Lin, Yongsheng Xiong, Houde Dai, and Xuke Xia. 2017. An Experimental Performance Evaluation of the Orientation Accuracy of Four Nine-Axis MEMS Motion Sensors. In 2017 5th International Conference on Enterprise Systems (ES). 185\u2013189."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3322431.3325099"},{"volume-title":"A Privacy-Preserving Remote Healthcare System Offering End-to-End Security","author":"Marin Eduard","key":"e_1_3_2_1_31_1","unstructured":"Eduard Marin, Mustafa\u00a0A. Mustafa, Dave Singel\u00e9e, and Bart Preneel. 2016. A Privacy-Preserving Remote Healthcare System Offering End-to-End Security. In Ad-hoc, Mobile, and Wireless Networks, Nathalie Mitton, Valeria Loscri, and Alexandre Mouradian (Eds.). Springer International Publishing, Cham, 237\u2013250."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991094"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2857705.2857746"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3176258.3176310"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3023359"},{"volume-title":"Shake Well Before Use: Authentication Based on Accelerometer Data","author":"Mayrhofer Rene","key":"e_1_3_2_1_36_1","unstructured":"Rene Mayrhofer and Hans Gellersen. 2007. Shake Well Before Use: Authentication Based on Accelerometer Data. In Pervasive Computing, Anthony LaMarca, Marc Langheinrich, and Khai\u00a0N. Truong (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 144\u2013161."},{"key":"e_1_3_2_1_37_1","unstructured":"Medtronic. 2016. Rate Response (RR) Feature. https:\/\/www.medtronicacademy.com\/features\/rate-response-rr-feature."},{"key":"e_1_3_2_1_38_1","unstructured":"Medtronic. 2020. BlueSync Technology Within Implantable Cardiac Devices. https:\/\/europe.medtronic.com\/xd-en\/healthcare-professionals\/therapies-procedures\/cardiac-rhythm\/cardiac-device-features\/bluesync-technology.html."},{"key":"e_1_3_2_1_39_1","unstructured":"Medtronic. 2021. Insulin pump systems. https:\/\/www.medtronic.com\/us-en\/healthcare-professionals\/products\/diabetes\/insulin-pump-systems.html."},{"key":"e_1_3_2_1_40_1","unstructured":"Medtronic. 2021. MyCarelink mobile app. https:\/\/global.medtronic.com\/xg-en\/mobileapps\/patient-caregiver\/cardiac-monitoring\/mycarelink-heart-app.html."},{"key":"e_1_3_2_1_41_1","unstructured":"Medtronic. 2022. Azure Pacing System. https:\/\/europe.medtronic.com\/xd-en\/healthcare-professionals\/products\/cardiac-rhythm\/pacemakers\/azure.html"},{"key":"e_1_3_2_1_42_1","unstructured":"Medtronic. n.d.. Medtronic Sensor. https:\/\/www.cardiocases.com\/en\/pacingdefibrillation\/specificities\/programming-exercise\/medtronic\/medtronic-sensor."},{"key":"e_1_3_2_1_43_1","unstructured":"Oracle. 2023. Java Class SecureRandom. https:\/\/docs.oracle.com\/javase\/8\/docs\/api\/java\/security\/SecureRandom.html."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.3390\/e20020094"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jcin.2015.02.005"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2006.1632652"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1186\/s12877-020-01559-y"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653712"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2708690"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.5555\/3154768.3154786"},{"key":"e_1_3_2_1_51_1","first-page":"18","article-title":"Syncope in patients with cardiac pacemakers","volume":"36","author":"Rocha Eduardo\u00a0Arrais","year":"2020","unstructured":"Eduardo\u00a0Arrais Rocha, Gisele\u00a0Schineider Cunha, Aline\u00a0Bezerra Tavares, Ant\u00f4nio\u00a0Brazil Viana\u00a0J\u00fanior, Ana Rosa\u00a0Pinto Quidute, Francisca Tatiana\u00a0Moreira Pereira, Marcelo de Paula\u00a0Martins Monteiro, Maria Eduarda Quidute\u00a0Arrais Rocha, Camila Rabelo\u00a0Ferreira Gomes, and Carlos Roberto\u00a0Martins Rodrigues\u00a0Sobrinho. 2020. Syncope in patients with cardiac pacemakers. Brazilian Journal of Cardiovascular Surgery 36 (2020), 18\u201324.","journal-title":"Brazilian Journal of Cardiovascular Surgery"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"crossref","unstructured":"Marc Roeschlin Ivan Martinovic and Kasper\u00a0Bonne Rasmussen. 2018. Device Pairing at the Touch of an Electrode.. In NDSS Vol.\u00a018. 18\u201321.","DOI":"10.14722\/ndss.2018.23076"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516658"},{"key":"e_1_3_2_1_54_1","volume-title":"SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks. In 2014 IEEE Symposium on Security and Privacy. 524\u2013539","author":"Rushanan Michael","year":"2014","unstructured":"Michael Rushanan, Aviel\u00a0D. Rubin, Denis\u00a0Foo Kune, and Colleen\u00a0M. Swanson. 2014. SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks. In 2014 IEEE Symposium on Security and Privacy. 524\u2013539."},{"volume-title":"2011 IEEE International Conference on Pervasive Computing and Communications (PerCom). 181\u2013188","author":"Saxena Nitesh","key":"e_1_3_2_1_55_1","unstructured":"Nitesh Saxena, Md.\u00a0Borhan Uddin, Jonathan Voris, and N. Asokan. 2011. Vibrate-to-unlock: Mobile phone assisted user authentication to multiple personal RFID tags. In 2011 IEEE International Conference on Pervasive Computing and Communications (PerCom). 181\u2013188."},{"key":"e_1_3_2_1_56_1","volume-title":"1st USENIX Workshop on Health Security and Privacy (HealthSec 10)","author":"Schechter Stuart","year":"2010","unstructured":"Stuart Schechter. 2010. Security That Is Meant to Be Skin Deep: Using Ultraviolet Micropigmentation to Store Emergency-Access Keys for Implantable Medical Devices. In 1st USENIX Workshop on Health Security and Privacy (HealthSec 10). USENIX Association, Washington, DC."},{"key":"e_1_3_2_1_57_1","volume-title":"S-ICDs and heart failure devices. Tech Guide","author":"Scientific Boston","year":"2017","unstructured":"Boston Scientific. 2017. Boston scientific electromagnetic (EMI) compatibility table for pacemakers, transvenous ICDs, S-ICDs and heart failure devices. Tech Guide (2017)."},{"key":"e_1_3_2_1_58_1","volume-title":"Attacks on heartbeat-based security using remote photoplethysmography","author":"Seepers Robert\u00a0Mark","year":"2017","unstructured":"Robert\u00a0Mark Seepers, Wenjin Wang, Gerard De\u00a0Haan, Ioannis Sourdis, and Christos Strydis. 2017. Attacks on heartbeat-based security using remote photoplethysmography. IEEE journal of biomedical and health informatics 22, 3 (2017), 714\u2013721."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/PerCom.2014.6813959"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3083576"},{"volume-title":"Elements of information theory","author":"Thomas MTCAJ","key":"e_1_3_2_1_61_1","unstructured":"MTCAJ Thomas and A\u00a0Thomas Joy. 2006. Elements of information theory. Wiley-Interscience."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2019.8737540"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIM.2009.2015639"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2018.2809736"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2011.5934987"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/IPSN.2016.7460726"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"crossref","unstructured":"Mo Zhang Eduard Marin David Oswald and Dave Singel\u00e9e. 2022. FuzzyKey: Comparing Fuzzy Cryptographic Primitives on Resource-Constrained Devices. In Smart Card Research and Advanced Applications. 289\u2013309.","DOI":"10.1007\/978-3-030-97348-3_16"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/3287079"}],"event":{"name":"ARES 2024: The 19th International Conference on Availability, Reliability and Security","acronym":"ARES 2024","location":"Vienna Austria"},"container-title":["Proceedings of the 19th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3670876","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664476.3670876","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T16:55:48Z","timestamp":1755881748000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3670876"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,30]]},"references-count":68,"alternative-id":["10.1145\/3664476.3670876","10.1145\/3664476"],"URL":"https:\/\/doi.org\/10.1145\/3664476.3670876","relation":{},"subject":[],"published":{"date-parts":[[2024,7,30]]},"assertion":[{"value":"2024-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}