Medical device with cryptosystem and method of implementing the same
Inventors
Assignees
Interested in licensing this patent?
MTEC can help explore whether this patent might be available for licensing for your application.
Publication Number
US-10089439-B2
Publication Date
2018-10-02
Expiration Date
Abstract
A medical device and a method of implementing a cryptosystem on the medical device include storing a data structure on a memory component of the medical device. An encryption key is stored in the data structure. Usage data related to usage of the medical device is provided. The encryption key is read from the data structure. The usage data is encrypted with the read encryption key. The encryption key is eliminated such that the encryption key is no longer present in the medical device.
Core Innovation
The invention relates to a medical device connectable to a console in which a memory component stores a data structure that includes an encryption key, a decryption key associated with the encryption key, and verification data to protect the decryption key. The medical device provides operation-related data that is read from the data structure, and encrypted data related to operation of the medical device is stored in the data structure.
The console reads the encryption key from the memory component, encrypts the data with the read encryption key, and stores the encrypted data on the data structure. After storing the encrypted data, the read encryption key is eliminated from the data structure such that the encryption key is no longer present on the memory component, while the decryption key associated with the eliminated encryption key is preserved on the memory component.
The method further reads the decryption key associated with the eliminated encryption key, decrypts the encrypted data using only the decryption key associated with the eliminated encryption key, and authenticates the decryption key with the verification data. Additional aspects include protecting decryption key and verification data such that authenticity is maintained, and using verification data to authenticate medical-device identification data and managing multiple key pairs, including establishing associations between encryption keys and decryption keys and distributing keys across data segments.
Claims Coverage
The provided independent claims include three independent claims. Across these claims, the core coverage centers on reading an encryption key from a medical device memory, encrypting operation-related data at a console, eliminating the encryption key from the device memory, then decrypting and authenticating using an associated decryption key protected by verification data, with additional coverage for restricting decryption to the associated decryption key and preserving the decryption key after elimination.
Reading and using an encryption key with verification-protected decryption
providing data related to operation of the medical device; reading the encryption key from the data structure; encrypting, at the console, the data with the read encryption key; storing the encrypted data on the data structure; reading, from the data structure, the decryption key associated with the read encryption key; decrypting the encrypted data with the read decryption key; and authenticating the decryption key with the verification data.
Eliminating the read encryption key from the data structure
eliminating the read encryption key from the data structure such that the read encryption key is no longer present on the memory component; and decrypting the encrypted data with the read decryption key while authenticating the decryption key with the verification data.
Preserving and limiting decryption to the associated decryption key after elimination
the decryption key associated with the eliminated encryption key is preserved on the memory component after elimination of the encryption key and wherein the decryption key is configured such that decrypting the encrypted data is possible using only the decryption key associated with the eliminated encryption key, and wherein the decryption key is authenticatable with the verification data.
Preventing the console from modifying authentic data
eliminating the encryption key from the data structure such that the console is no longer able to read the read encryption key from the memory component of the medical device, thereby preventing the console from modifying the authentic data; reading, from the memory component, the decryption key associated with the read encryption key for providing the ability to read the authentic data; decrypting the encrypted data with the read decryption key; and authenticating the decryption key with the verification data.
Overall, the claims require encryption at the console using an encryption key read from device memory, elimination of that encryption key from the device memory so it is no longer present or readable by the console, and preservation and use of the associated decryption key to decrypt encrypted operation data while authenticating the decryption key using verification data, with decryption restricted to the associated decryption key.
Stated Advantages
Prevents unauthorized ability of the console to modify authentic data by eliminating the encryption key so it is no longer readable from the memory component.
Maintains authenticity of encrypted operation-related data and ensures the decryption key is authenticatable with the verification data.
Restricts decryption to only the decryption key associated with the eliminated encryption key.
Enables verification-data-based authentication of medical-device identification data.
Documented Applications
Securing operation-related encrypted data on a medical device by using a console to encrypt and then eliminating the encryption key from device memory while authenticating and decrypting using an associated verification-protected decryption key.
Managing the ability of a console to modify authentic data on a memory component of a medical device by preventing the console from later reading the encryption key.
Protecting and authenticating medical-device identification data using verification data.
Interested in licensing this patent?