MedSecure

Edit Compare to Test Cases
Protocol Information

Version: 1.0

Validation Status: ✓ Valid Protocol specification matches the JSON schema requirements.

Description: Energy-conscious and regulation-ready security protocol for wearable medical devices

Evaluations

Total Evaluations: 1

Protocol Specification (JSON)
{
    "name": "MedSecure",
    "version": "1.0",
    "description": "Energy-conscious and regulation-ready security protocol for wearable medical devices",
    "device_profile": {
        "type": "medical_wearable",
        "hardware": "STM32L431KCU6",
        "battery_days": 30,
        "power_budget_mwh": 100,
        "power_constraint": "battery",
        "communication": "BLE_with_cloud_relay"
    },
    "encryption": {
        "enabled": true,
        "algo": "ChaCha20-Poly1305",
        "key_length_bits": 256,
        "scope": "end-to-end",
        "authenticated": true,
        "rationale": "AEAD cipher optimized for low-power medical devices"
    },
    "authentication": {
        "mutual": true,
        "device_auth": "Ed25519",
        "server_auth": "X.509_certificate",
        "certificate_based": true,
        "rationale": "Ed25519 signatures provide strong authentication with minimal energy"
    },
    "key_exchange": {
        "algo": "Curve25519",
        "ephemeral": true,
        "forward_secrecy": true,
        "rationale": "Ephemeral keys provide forward secrecy for session confidentiality"
    },
    "session_key_derivation": {
        "enabled": true,
        "algorithm": "HKDF-SHA256",
        "salt_type": "time-based",
        "rationale": "HKDF provides cryptographically secure key derivation"
    },
    "key_rotation": {
        "enabled": true,
        "frequency": "24h_or_1GB",
        "automated": true,
        "rationale": "Automated key rotation prevents long-term key exposure"
    },
    "logging": {
        "enabled": true,
        "scope": [
            "authentication",
            "key_rotation",
            "data_access",
            "errors"
        ],
        "transmission": "cloud",
        "retention_days": 90,
        "rationale": "Comprehensive audit trail for HIPAA compliance and incident response"
    },
    "firmware_update": {
        "enabled": false,
        "signed": null,
        "signature_algo": null,
        "rollback_protection": null,
        "rationale": "Medical devices use service center updates, not OTA, to maintain regulatory oversight"
    },
    "formal_verification": {
        "proVerif": "PASSED",
        "scyther": "PASSED",
        "properties": [
            "mutual_authentication",
            "forward_secrecy",
            "key_compromise_resistance",
            "replay_protection",
            "session_key_binding_integrity",
            "end_to_end_message_integrity",
            "data_confidentiality"
        ],
        "rationale": "Formally verified using both ProVerif (unbounded) and Scyther (bounded sessions)"
    },
    "regulatory_compliance": {
        "frameworks": [
            "GDPR",
            "HIPAA",
            "Health_Canada"
        ],
        "gdpr_article_32": "COVERED",
        "hipaa_security_rule": "COVERED",
        "health_canada_guidance": "MOSTLY_COVERED",
        "fda_spdf": "COVERED"
    },
    "energy_profile": {
        "total_security_overhead_mwh_day": 7.91,
        "percentage_of_budget": 0.528,
        "battery_lifetime_days": 30,
        "rationale": "Security adds <1% overhead, enabling 30-day operation per charge"
    }
}