{"id":"https://openalex.org/W4366494048","doi":"https://doi.org/10.1145/3577923.3583646","title":"HAT: Secure and Practical Key Establishment for Implantable Medical Devices","display_name":"HAT: Secure and Practical Key Establishment for Implantable Medical Devices","publication_year":2023,"publication_date":"2023-04-20","ids":{"openalex":"https://openalex.org/W4366494048","doi":"https://doi.org/10.1145/3577923.3583646"},"language":"en","primary_location":{"id":"doi:10.1145/3577923.3583646","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3577923.3583646","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583646","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583646","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056637221","display_name":"Sayon Duttagupta","orcid":"https://orcid.org/0000-0002-3495-4641"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":true,"raw_author_name":"Sayon Duttagupta","raw_affiliation_strings":["KU Leuven, Leuven, Belgium"],"raw_orcid":"https://orcid.org/0000-0002-3495-4641","affiliations":[{"raw_affiliation_string":"KU Leuven, Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056871782","display_name":"Eduard Marin","orcid":"https://orcid.org/0000-0002-5002-0187"},"institutions":[{"id":"https://openalex.org/I4210134591","display_name":"Telefonica Research and Development","ror":"https://ror.org/03qgzzb04","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210097190","https://openalex.org/I4210134591"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Eduard Marin","raw_affiliation_strings":["Telef\u00f3nica Research, Barcelona, Spain"],"raw_orcid":"https://orcid.org/0000-0002-5002-0187","affiliations":[{"raw_affiliation_string":"Telef\u00f3nica Research, Barcelona, Spain","institution_ids":["https://openalex.org/I4210134591"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009111901","display_name":"Dave Singel\u00e9e","orcid":"https://orcid.org/0000-0001-9084-698X"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Dave Singel\u00e9e","raw_affiliation_strings":["KU Leuven, Leuven, Belgium"],"raw_orcid":"https://orcid.org/0000-0001-9084-698X","affiliations":[{"raw_affiliation_string":"KU Leuven, Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5039506639","display_name":"Bart Preneel","orcid":"https://orcid.org/0000-0003-2005-9651"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Bart Preneel","raw_affiliation_strings":["KU Leuven, Leuven, Belgium"],"raw_orcid":"https://orcid.org/0000-0003-2005-9651","affiliations":[{"raw_affiliation_string":"KU Leuven, Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5056637221"],"corresponding_institution_ids":["https://openalex.org/I99464096"],"apc_list":null,"apc_paid":null,"fwci":0.5217,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.59456177,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"213","last_page":"224"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11932","display_name":"Wireless Body Area Networks","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/2204","display_name":"Biomedical Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11932","display_name":"Wireless Body Area Networks","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/2204","display_name":"Biomedical Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.681468665599823},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6452598571777344},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6261261701583862},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5849402546882629},{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.5497638583183289},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5472218990325928},{"id":"https://openalex.org/keywords/wireless","display_name":"Wireless","score":0.52149498462677},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.5120466351509094},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.4955347776412964},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.46547266840934753},{"id":"https://openalex.org/keywords/key-generation","display_name":"Key generation","score":0.4375610947608948},{"id":"https://openalex.org/keywords/key-management","display_name":"Key management","score":0.41102200746536255},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3487415313720703},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.2937917709350586},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.12655800580978394},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12010887265205383}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.681468665599823},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6452598571777344},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6261261701583862},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5849402546882629},{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.5497638583183289},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5472218990325928},{"id":"https://openalex.org/C555944384","wikidata":"https://www.wikidata.org/wiki/Q249","display_name":"Wireless","level":2,"score":0.52149498462677},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.5120466351509094},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.4955347776412964},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.46547266840934753},{"id":"https://openalex.org/C163173736","wikidata":"https://www.wikidata.org/wiki/Q3308558","display_name":"Key generation","level":3,"score":0.4375610947608948},{"id":"https://openalex.org/C17886624","wikidata":"https://www.wikidata.org/wiki/Q1320561","display_name":"Key management","level":3,"score":0.41102200746536255},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3487415313720703},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.2937917709350586},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.12655800580978394},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12010887265205383},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3577923.3583646","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3577923.3583646","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583646","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:lirias2repo.kuleuven.be:20.500.12942/730855","is_oa":true,"landing_page_url":"https://lirias.kuleuven.be/handle/20.500.12942/730855","pdf_url":"https://lirias.kuleuven.be/retrieve/b34dd842-ab49-4c33-8df1-f88da0898260","source":{"id":"https://openalex.org/S4306401954","display_name":"Lirias (KU Leuven)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I99464096","host_organization_name":"KU Leuven","host_organization_lineage":["https://openalex.org/I99464096"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"CODASPY: Data and Application Security and Privacy, Charlotte, NC, USA, 24-26 April 2023","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1145/3577923.3583646","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3577923.3583646","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3577923.3583646","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1745981660","display_name":null,"funder_award_id":"826284","funder_id":"https://openalex.org/F4320321730","funder_display_name":"Fonds Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G2925976288","display_name":null,"funder_award_id":"871793","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G4435414571","display_name":null,"funder_award_id":"VR20192203","funder_id":"https://openalex.org/F4320327336","funder_display_name":"Vlaamse regering"},{"id":"https://openalex.org/G5688237398","display_name":"Data-protection toolkit reducing risks in hospitals and care centers","funder_award_id":"826284","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320313460","display_name":"Agentschap Innoveren en Ondernemen","ror":"https://ror.org/032xdry56"},{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321730","display_name":"Fonds Wetenschappelijk Onderzoek","ror":"https://ror.org/03qtxy027"},{"id":"https://openalex.org/F4320327336","display_name":"Vlaamse regering","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4366494048.pdf","grobid_xml":"https://content.openalex.org/works/W4366494048.grobid-xml"},"referenced_works_count":18,"referenced_works":["https://openalex.org/W348661062","https://openalex.org/W956784997","https://openalex.org/W1500374364","https://openalex.org/W1606443045","https://openalex.org/W1991422642","https://openalex.org/W2108161119","https://openalex.org/W2122235704","https://openalex.org/W2131994112","https://openalex.org/W2138644571","https://openalex.org/W2296514843","https://openalex.org/W2605103970","https://openalex.org/W2735786930","https://openalex.org/W2793872287","https://openalex.org/W2804700615","https://openalex.org/W2943200671","https://openalex.org/W3094700539","https://openalex.org/W4235202118","https://openalex.org/W6847919120"],"related_works":["https://openalex.org/W3034529322","https://openalex.org/W2115913271","https://openalex.org/W2965905066","https://openalex.org/W2352475406","https://openalex.org/W2075972269","https://openalex.org/W2360887425","https://openalex.org/W2358235859","https://openalex.org/W2364840942","https://openalex.org/W3174871241","https://openalex.org/W2036351525"],"abstract_inverted_index":{"During":[0],"the":[1,34,61,68,105,129,141,151,156,163,172],"last":[2],"few":[3],"years,":[4],"Implantable":[5],"Medical":[6],"Devices":[7],"(IMDs)":[8],"have":[9,75],"evolved":[10],"considerably.":[11],"IMD":[12,35,69,157],"manufacturers":[13],"are":[14,93,102],"now":[15],"starting":[16],"to":[17,97,121,140,149,158],"rely":[18],"on":[19,84],"standard":[20],"wireless":[21],"technologies":[22],"for":[23,104,128],"connectivity.":[24],"Moreover,":[25],"there":[26],"is":[27,60,148],"an":[28,85,159],"evolution":[29],"towards":[30],"open":[31],"systems":[32],"where":[33],"can":[36],"be":[37],"remotely":[38],"monitored":[39],"or":[40,49,101],"reconfigured":[41],"through":[42],"personal":[43,72],"commercial-off-the-shelf":[44],"devices":[45],"such":[46,71,166],"as":[47,167,171],"smartphones":[48],"tablets.":[50],"Nevertheless,":[51],"a":[52,116,168],"major":[53],"problem":[54],"that":[55,179],"still":[56],"remains":[57],"unsolved":[58],"today":[59],"secure":[62,117],"establishment":[63],"of":[64,108,132],"cryptographic":[65],"keys":[66],"between":[67],"and":[70,118,124,138,185,188],"devices.":[73],"Researchers":[74],"already":[76],"proposed":[77,91],"various":[78],"solutions,":[79],"most":[80],"notably":[81],"by":[82,111],"relying":[83],"additional":[86],"external":[87,160],"device.":[88],"Unfortunately,":[89],"these":[90],"approaches":[92],"either":[94],"insecure,":[95],"difficult":[96],"realise":[98],"in":[99],"practice,":[100],"unsuitable":[103],"latest":[106],"generation":[107,131],"IMDs.":[109],"Motivated":[110],"this,":[112],"we":[113],"present":[114],"HAT,":[115],"practical":[119],"solution":[120],"provide":[122],"fine-grained":[123],"dynamic":[125],"access":[126,152],"control":[127,137,153],"next":[130],"IMDs,":[133],"while":[134],"offering":[135],"full":[136],"transparency":[139],"patient.":[142],"The":[143],"main":[144],"idea":[145],"behind":[146],"HAT":[147,180],"shift":[150],"responsibilities":[154],"from":[155],"device":[161],"under":[162],"user's":[164],"control,":[165],"smartphone,":[169],"acting":[170],"IMD's":[173],"Key":[174],"Distribution":[175],"Center.":[176],"We":[177],"show":[178],"only":[181],"introduces":[182],"minimal":[183],"energy":[184],"memory":[186],"overhead":[187],"formally":[189],"prove":[190],"its":[191],"security":[192],"using":[193],"Verifpal.":[194]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2026-05-23T08:51:43.019350","created_date":"2025-10-10T00:00:00"}