Implementing crypto authentication in medical consumables and accessories

Xavier Bignalet – product marketing manager – Microchip Secure Product Group at Microchip Technology, explains the uses of crypto authentication in medical and healthcare consumables.

The reasons for using cryptographic authentication in medical consumables and accessories 

We have all suffered from the poor performance of a fake or counterfeit product at some stage. Printer ink cartridges and camera batteries are just two examples of consumer products where users may have encountered a counterfeit part. While a counterfeit printer cartridge might result in fewer pages printed, poor print quality and variable colours, it might not cause any harm to human life. However, a faulty battery, particularly one using dangerous materials such as lithium-ion, might create excessive heat while charging, catch fire or even explode. While these conditions threaten life, consider the consequences of fake medical consumables and counterfeit single-use disposable or medical accessories entering a hospital’s supply chain. 

The danger to human life in a medical environment is severe. However, from a business perspective, we must also look at how it impacts the manufacturer of the equipment that the consumable or accessory is used in. The equipment manufacturer’s brand would be significantly damaged due to an incident resulting from a counterfeit item used in their machine, even though they didn’t make the consumable. Crypto authentication techniques are routinely used across various consumer and industrial products to counter threats from counterfeit and fake accessories. 

Brain sensors are one of the many medical products that considers crypto authentication IC to be a critical safety feature. Each time a healthcare worker operates a brain monitor it would verify the authenticity of the sensor to prove the validity of the data coming out of the sensor. A Microchip CryptoAuthentication IC approach protects the medical office from counterfeit sensors which may report corrupt information about brain health. 

Manufacturers invest significant marketing budgets in building their brands and the values they stand for, so implementing cryptographic authentication in their products and accessories protects their customers from counterfeit products and reinforces product safety.

Implementing crypto authentication in medical and healthcare products is crucial for patient health, patient confidentiality and user safety and applies across a wide range of different diagnostic and monitoring appliances. Examples include single-use ECG electrodes, disposable vital signs sensors, breathing tubes, drug delivery dispensers and glucose meters. Not all medical applications involve an electronic-based accessory or consumable, so supporting consumables that do not have any integrated electronics, such as breathing tubes and inhaler cartridges, is essential as well. The increase in point-of-care and home remote monitoring away from a controlled hospital and healthcare environment places further demand on the need for consumable and accessory authenticity. Within a clinical setting, authentication protects patients from incorrect medications and counterfeit products, and authentication also reassures medical staff that the consumables or medication is from a trusted and approved source, a factor that could be required to meet regulatory compliance and clinical process. 

Understanding how crypto authentication works

There are two fundamental cryptographic-based, challenge-response authentication methods used to verify the authenticity of a device or data and establish a secure connection, symmetrical and asymmetrical. Although both ways achieve the same result, they differ in their approach and the underlying process used to perform authentication.

Symmetric authentication, also known as secret key authentication, uses a single secret key shared between the sender (the host equipment) and the receiver (the accessory). Symmetric authentication benefits from its simplicity, and the algorithms do not impose a high computational load compared to an asymmetrical approach; however, the key needs secure storage, which might present a challenge for high-volume products. This is particularly the case during manufacturing, where keys are at risk of being exposed.

Figure 1 highlights a symmetric-based cryptographic challenge and response using a shared secret key between a host device and a consumable or accessory. During product manufacturing, in a process termed provisioning, a secret key is created from a parent key and is loaded into a cryptographic IC for the accessory or disposable. When the authentication process is initiated, the host issues a random number challenge to the accessory. The anticipated response is a digest computed from the random number and the secret key through a hashing process. The host also runs the same process, and if the two results match, the accessory or disposable is deemed to be a genuine part. Hash algorithms such as SHA256 is an industry-standard method issued and managed by the U.S. National Institute of Standards and Technology (NIST).

A slightly more complex approach is achieved with asymmetrical crypto authentication, also known as public-key infrastructure (PKI), which uses a pair of mathematically linked keys, one public and one private. The private key resides in an authentication IC within the accessory along with a device certificate and device public key as well as the upper authority certificate and signature, called the signer certificate. The host embeds a signer public key. The public key, especially for devices without internet connection become very sensitive as they verify to the host the validity of the disposable. When the authentication process is initiated the accessory or disposable device will send its device public key and signature to the host where they are verified with a signer public key. If this step is authorised the host will send a random number challenge to the accessory or disposable where the random number is signed with the private key. The host side uses the device public key and random number to verify the signature. Once the signature is calculated to be mathematically valid, the accessory or disposable is authorised access if it is a genuine part. The benefit of asymmetric authentication is its scalability to distribute cryptographic keys better than symmetric ones. 

CryptoAuthentication ICs from Microchip

Microchip offers a comprehensive line-up of CryptoAuthentication ICs that cater to a broad range of use cases, from IoT applications to enterprise data centers. Figure 3 highlights the line-up by application, with ICs suitable for medical and healthcare consumables and accessories, including the SHA104/SHA105 and SHA106 series and the ECC204 and ECC206 family.

The Microchip SHA104 is designed for accessory and disposable applications and provides 128-bit symmetric security. It can be used in systems requiring either one-way or mutual authentication. The SHA106 is also supplied in a 2-pin package and embeds a SHA256 hardware accelerator and four slots of key storage or data. The 2-pin form factor integrates a capacitor within the IC, providing a parasitic power capability. Designed for consumables or accessories without electronics, the IC only needs a power and GND pin as the data is transferred over the power pin. This compact form factor is ideal for applications with limited I/O on the controller or space constrained. Communication uses an I2C or single-wire interface (SWI) 

The Microchip ECC204 and ECC206 provide asymmetrical authentication, supporting ECDSA, SHA-256, and hash message authentication code (HMAC). Like the SHA106, the ECC206 also features the option for a pin count of two, allowing the use of a single-wire interface (SWI). 

Figure 4 showcases the ease of the 2-pin SWI interface with power for the SHA106 or ECC206 harvested from the data line and stored in an integrated capacitor. No PCB is required, an approach that opens the opportunity to incorporate crypto authentication into a range of medical and healthcare consumables not previously possible.

Example crypto authentication implementation – hand-held nebuliser

Figure 5 illustrates a reference design of a symmetrical crypto authentication implementation for a hand-held nebuliser that uses replaceable cartridges. It is a functional nebuliser design where only the manufacturer’s medicine cup will authenticate with the same manufacturer’s main nebuliser head unit, not a counterfeit medicine cup. The benefits of authentication are significant for patients, ensuring that the correct mediation from a trusted source is used. Other benefits include protection of the manufacturer’s brand name and quality, sales and service revenue and compliance with regulatory requirements.

All the design files and source code are available for download from the Microchip website. Provided for evaluation and prototyping purposes, the designs utilise an ultra-low power SHA204 authentication IC featuring an SHA-256 algorithm, a hardware random number generator and a 4.5 Kbit EEPROM for key and data storage. It operates from 1.8 VDC to 5.5 VDC and consumes less than 150 nA during sleep. The host processor in the head unit is an ultra-low power Microchip PIC16F1718 8-bit intelligent analogue microcontroller.

Crypto authentication design resources help speed prototyping

To aid the prototyping of CryptoAuthentication designs based on the ECC204, ECC206, SHA104, and SHA106 ICs, Microchip offers a comprehensive range of hardware evaluation platforms, software code examples and its Trust Platform Design Suite (TPDS).

The Microchip CryptoAuth Trust Development Kit, part number DM320118 – see Figure 6 – provides the development kit for evaluating a range of Microchip’s crypto authentication devices. Equipped with a Microchip ATSAMD21E18A microcontroller, it supports the TPDS and other software tools for developing and prototyping security designs for IoT applications. Out of the box, it comprises ATECC608 IC support and, via a mikroElectronika mikroBUS socket, supports the ECC and SHA series of asymmetric and symmetric crypto authentication ICs.

An example of a mikroBUS development board is the ECC204-based EV92R58A. It plugs into the DM32018 companion development board and allows evaluation over an SWI or I2C interface. In addition to TPDS support, the Microchip CryptoAuthLib Library (CAL) is a recommended resource. 

Another plug-in development board is the EV97M19A – see Figure 7. Incorporating Microchip’s symmetrical SHA104 and SHA105 CryptoAuthentication devices, the SHA104 can use either the SWI or I2C interface and the SHA105 via the I2C only.

Complementing Microchip’s hardware development kits and evaluation boards is the Trust Platform Design Suite. Providing a platform for prototyping embedded security solutions, it comprises technical training documentation, prototyping examples with dummy key and source code examples and a secure provisioning system. The source code is available as Microchip MPLAB projects for use with Microchip microcontrollers and native C code for other microcontrollers.

Crypto authentication – protecting clinical staff, patients, and brand credentials

Ensuring the authenticity of medical consumables and accessories is crucial. Symmetric and asymmetric crypto authentication models provide the fundamental security concept and features to assure clinicians and patients that the products they are using are from a trusted source. Also, using authentication devices that require minimal electrical connections and no power supply significantly extends the ability to protect medical and healthcare accessories and disposables with no integrated electronics.


link

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous post National Nurses Day 2022: Brands celebrating nurses with the best deals this year
Next post CDC Weighs Lower Infection Safety Precautions For Healthcare Workers