| 摘要 |
The invention relates to a method for establishing cryptographic communications between a remote device (2) and a medical device (1), in particular an insulin pump, with the medical device (1) having less processing power than the remote device (2), the method comprising the steps of establishing unencrypted communication between the remote device (2) and the medical device (1), generation of an asymmetric key pair by the remote device (2), the asymmetric key pair comprising a public key and a private key, generation of a key request message by the remote device (2) and sending of the key request message together with the public key to the medical device (1), generation of a pre-master key by the medical device (1) and encryption of the pre-master key with the received public key by the medical device (1), generation of a key response message by the medical device (1) and sending of the key response message together with the encrypted pre-master key from the medical device (1) to the remote device (2), decrypting the encrypted pre-master key with the private key by the remote device (2), deriving a master key as symmetric key from the pre-master key by either using the pre-master key as master key or by means of the key request message and/or the key response message by each of the medical device (1) and the remote device (2), the master key to be used for both decryption and encryption of application data to be communicated, wherein the key request message and/or the key response message contain random data and a time stamp. The invention further relates to a system for carrying out the invention. |
