DK201470780A1 - Apparatus for secure hearing device communication and related method - Google Patents

Apparatus for secure hearing device communication and related method Download PDF

Info

Publication number
DK201470780A1
DK201470780A1 DKPA201470780A DKPA201470780A DK201470780A1 DK 201470780 A1 DK201470780 A1 DK 201470780A1 DK PA201470780 A DKPA201470780 A DK PA201470780A DK PA201470780 A DKPA201470780 A DK PA201470780A DK 201470780 A1 DK201470780 A1 DK 201470780A1
Authority
DK
Denmark
Prior art keywords
session key
session
key
hearing device
response
Prior art date
Application number
DKPA201470780A
Inventor
Brian Dam Pedersen
Allan Munk Vendelbo
Original Assignee
Gn Resound As
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gn Resound As filed Critical Gn Resound As
Priority to DKPA201470780A priority Critical patent/DK201470780A1/en
Priority to US14/573,372 priority patent/US9503437B2/en
Priority to JP2015232429A priority patent/JP6807153B2/en
Priority to CN201510921044.2A priority patent/CN105704709B/en
Publication of DK201470780A1 publication Critical patent/DK201470780A1/en
Priority to US15/347,744 priority patent/US10045207B2/en
Priority to US16/031,435 priority patent/US10595197B2/en
Priority to US16/782,517 priority patent/US11284249B2/en
Priority to JP2020159087A priority patent/JP2021007233A/en

Links

Landscapes

  • Computer And Data Communications (AREA)

Abstract

The disclosure provides a client device for hearing device communication and related method. The client device comprises a processing unit, a memory unit, and an interface. The processing unit is configured to send a session request for a session to the hearing device via the interface. The processing unit is configured to receive a session response from the hearing device via the interface. The processing unit is configured to obtain a session key based on e.g. the session response. The processing unit is configured to determine hearing device data and/or to generate session data e.g. based on the session key and the hearing device data. The processing unit is configured to send the session data to the hearing device via the interface.

Description

APPARATUS FOR SECURE HEARING DEVICE COMMUNICATION AND RELATED METHOD
The present disclosure relates to hearing device communication, in particular to apparatus and/or device for securing hearing device communication and method for hearing device communication.
BACKGROUND
The functionality of a hearing device becomes increasingly advanced. Hearing device communication comprises wireless communication between a hearing device and external devices, such as hearing device fitting apparatus, tablets, smart phones and remote controllers, which increases in complexity. A wireless communication interface of a hearing device uses open standard-based interface which is convenient for communication with a hearing device, for various purposes such as fitting the hearing device on an individual's ear. However, hearing device communication is exposed to many challenges in terms of security. A device communicating with a hearing device may be a legitimate device but may also be a rogue device. If communication with a hearing device does not permit to distinguish legitimate devices from rogue devices, this opens the door to a plethora of attacks, such as unauthorized access to the hearing device memory to write or change data. Any such attacks may result in a malfunction of the hearing aid, e.g. a battery exhaustion attack.
However, a hearing device is a very small device with strict constraints in terms of computational power, memory space, etc. Therefore, a device communicating with a hearing device cannot use an off-the-shelf security algorithm and protocol, at the risk of e.g. depleting the hearing device battery or degrading functions of the hearing device rendering the hearing device quasi-useless.
SUMMARY
There is a need for an improved communication with a hearing device that protects the hearing device against potential attacks, such as an improved client device, and a method of communication with a hearing device that improves security thereof. Disclosed is a client device for hearing device communication. The client device comprises a processing unit, a memory unit, and an interface. The processing unit is configured to send a session request for a session to the hearing device via the interface. The processing unit is configured to receive a session response from the hearing device via the interface. The processing unit is configured to obtain a session key based on e.g. the session response. The processing unit is optionally configured to determine hearing device data and/or to obtain or generate session data e.g. based on the session key and the hearing device data. The processing unit is configured to send the session data to the hearing device via the interface.
Aiso disclosed is a method, performed in a client device, for hearing device communication, e.g. communication with a hearing device. The client comprises a processing unit, a memory unit and an interface. The method comprises sending a session request for a session to the hearing device via the interface. The method comprises receiving a session response via the interface and/or obtaining a session key based on e.g. the session response. The method comprises determining hearing device data and/or generating session data based on the session key and the hearing device data. The method comprises sending the session data to the hearing device via the interface.
The method and apparatus as disclosed provide a secure communication from the client device to the hearing device, such as provide to the client device a secure and/or authorized access to the memory of the hearing device, it is an advantage of the present disclosure that the communication between the client device and the hearing device is protected against any action or at least some actions from undesired parties. The disclosed client device thus has the advantage of allowing the hearing device to detect any modification by unauthorized parties. The client device provides a secure communication adapted to the hearing device, which in turn is able to communicate securely with legitimate parties such as the client device and to counterstrike attacks such as spoofing attacks, man-in-the-middle attacks, and/or replay-attacks,
BRIEF DESCRIPTION OF THE DRAWINGS
The above and other features and advantages will become readily apparent to those skilled in the art by the following detailed description of exemplary embodiments thereof with reference to the attached drawings, in which:
Fig. 1 schematically illustrates an exemplary architecture according to this disclosure,
Fig. 2 schematically illustrates an exemplary hearing device,
Fig. 3 schematically illustrates an exemplary signalling diagram, and
Fig. 4 schematically illustrates a flowchart of an exemplary method.
DETAILED DESCRIPTION
Various embodiments are described hereinafter with reference to the figures. Like reference numerals refer to like elements throughout. Like elements will, thus, not be described in detail with respect to the description of each figure. It should also be noted that the figures are only intended to facilitate the description of the embodiments. They are not intended as an exhaustive description of the claimed invention eras a limitation on the scope of the claimed invention, in addition, an illustrated embodiment needs not have all the aspects or advantages shown. An aspect or an advantage described in conjunction with a particuiar embodiment is not necessarily limited to that embodiment and can be practiced in any other embodiments even if not so illustrated, or if not so explicitly described.
Throughout, the same reference numerals are used for identical or corresponding parts.
It is an object of the present disclosure to provide a client device, and a method which seeks to mitigate, alleviate, or eliminate one or more of the above-identified deficiencies in the art and disadvantages singly or in any combination.
The present disclosure provides improved security of communication performed between the client device and a hearing device. Security comprises assessing threats, vulnerabilities and attacks and developing appropriate safeguards and countermeasures to protect against threats and attacks. The present disclosure provides a hearing device comprising a processing unit configured to compensate for hearing loss of a user of the hearing device.
The term “client device” as used herein refers to a device that communicates with the hearing device. The client device may refer to a computing device acting as a client. The client device may comprise a fitting device, a handheld device, a relay, a tablet, a persona! computer, a mobile phone, and/or USB dongle plugged into a personal computer. The client device may control operation of the hearing device, either by sending fitting data, hearing device operating parameters, and/or firmware data. The disclosed client device and method support the hearing device in combatting attacks such as unauthorized access or control of a hearing device, while still allowing access to legitimate parties such as the client device, for e.g. fitting purposes, update purposes, maintenance purposes.
As used herein, the term “hearing device” refers to a device configured to assist a user in hearing a sound, such as a hearing instrument, or a hearing aid device,.
The client device comprises a memory unit and an interface respectively connected to the processing unit. The interface may comprise a wireless transceiver, e.g. configured for wireless communication at frequencies in the range from 2.4 to 2.5 GHz. in an embodiment, the interface is configured for communication, such as wireless communication, with a hearing aid comprising a wireless transceiver.
The processing unit is configured to send a session request for a session to the hearing device via the interface. The processing unit is configured to receive a session response from the hearing device via the interface, e.g. from a hearing device and/or a session key device. The session response may comprise the hearing device identifier or an identifier derived therefrom, in an exemplary client device, the client device may receive the hearing device identifier during a pairing of the client device and the hearing device. Hence, the processing unit comprises e.g. a receive/send unit configured to send data such as the session request and/or receive data such as the session response via the interface. The processing unit is configured to obtain a session key based on e.g. the session response, such as to extract the session key from or based on the session response. Hence, the processing unit comprises an obtainer. The processing unit may retrieve the session key from a key depository, e.g. stored in the memory unit. The processing unit may be configured to obtain a session key, wherein to obtain a session key may comprise to establish a connection to a session key device via the interface. The processing unit may send a session key request to the session key device such as a session key server via the interface e.g. via a communication link established between the client device and the session key device via the interface. The processing unit may receive a session key response from the session key device via the interface, and may determine the session key based on the session key response.
The session response may comprise a hearing device identifier. The hearing device identifier may comprise a hardware number of the hearing device and/or a seriai number of the hearing device. The client device may retrieve the session key from the session key device by providing the hearing device identifier to the session key device, e.g, as part of the session key request, and requesting the session key or a hearing device key from the session key device and/or requesting the session key device to decrypt the session response and/or the session key.
in one or more exemplary client devices, the processing unit configured to obtain the session key may be configured to establish a connection to a session key device via the interface, to send a session key request to the session key device via the interface, to receive a session key response from the session key device via the interface, and to determine the session key based on the session key response. The session key request may comprise the hearing device identifier. The connection to the session key device may be a secure connection over a network, such as including a private and/or a public network.
The session key device may be a fitting accessory device; wherein the fitting accessory device optionally comprises a storage device containing a list configured to provide a session key and/or a session key response based on a session key request.
The processing unit is configured to determine hearing device data. Hence the processing comprises e.g. a determiner. The hearing device data comprises e.g. firmware, fitting data, and/or hearing device operating parameters. Fitting data may for example be data generated by a fitting device used by a dispenser when a hearing device is being fitted in a user’s ear. Fitting data may comprise hearing loss parameters, compressor parameters, filter coefficients, and/or gain coefficients.
Hearing device operation parameters may comprise volume control parameters, mode and/or program control parameters. Firmware may refer to a computer program provided by the hearing device manufacturer, and to be installed on the hearing device to control the hearing device. Firmware is for example to be installed to upgrade the operations and capabilities of the hearing device.
The session response may comprise an encrypted session key. The processing unit may be configured to determine the session key by retrieving the session key from the session key response.
In one or more exemplary client device, to determine the session key comprises retrieving a hearing device key from the session key response or from the memory unit and decrypting the encrypted session key based on the hearing device key. To determine the session key may comprise decrypting the encrypted session key with a global key. A global is e.g. a key common to a group of client devices. The processing unit may be configured to retrieve a hearing device key from the session key response and decrypt the encrypted session key based on the hearing device key. The processing unit may comprise a decrypt/encrypt unit. The hearing device key may be e.g. a symmetric key or a public key of a private-public key pair. The hearing device key may comprise an AES-128 bits key as a symmetric key. The use of a symmetric key as a hearing device key provides the advantage of being able to use hardware accelerators. The hearing device key may comprise a public key of a private-public key pair, such as a public key of a private-public key pair of an authorized discloser of the session key, such as of the client device or the session key device.
The processing unit configured to determine the session key by including a decryption of the encrypted session key with a global key, i.e. to determine the session key may comprise decrypting the encrypted session key with a global key. The global key may be e.g. a symmetric key or a public key of a private-public key pair. The session key may be compliant with an encryption standard such as Advanced Encryption Standard, AES, RSA crvpto-system, Triple Data Encryption Algorithm.
The processing unit is configured to generate session data, e.g. including a message authentication code, based on the session key and the hearing device data. Hence the processing unit may comprise a generator. The processing unit may generate a message authentication code based on the session key and the hearing device data. The message authentication code may be included in the session data. The processing unit may be configured to generate session data based on a hearing device key.
The processing unit may be configured to digitally sign the hearing device data, such as to digitally sign the hearing device data using a private key of the client device, and/or of a group of client devices. The processing unit may be configured to digitally sign the hearing device data using a private key obtained from the session key device, e.g. as part of a session key response. The processing unit may generate a digital signature using a signature generation function and a private key of a client device and append the digital signature to the session data. The hearing device may then verify the digital signature when receiving the session data, if the digital signature is not successfully verified using the alleged public key of a client device, the hearing device may disregard the session data and/or terminate the session. This may provide the advantage that the client device supports the hearing device in rejecting session data tampered or received from unauthenticated parties and the communication with the hearing device may thus be robust against impersonation and masquerading attacks.
The processing unit is configured to send the session data to the hearing device via the interface, e.g. using the receive/send unit. The session data may comprise hearing device data encrypted with the session key. To encrypt session data with the session key, the client device may utilize any of the above encryption standards.
Fig, 1 schematically illustrates an exemplary architecture 100 according to this disclosure. The architecture 100 comprises a hearing device 101, a client device 110, and a session key device 111. The session key device 111 may comprise a computing device having access to a key depository. The session key device may comprise a fitting accessory device, e.g. comprising a storage device containing a list that is configured to provide a session key and/or a session key response based on a session key request. The session key device 111 may be connected to the client device 110 via communication link 112 over a network 112a. The session key device may be a computer-server. The computer-server may comprise a storage device containing a list configured to provide a session key, a hearing device key and/or a session key response based on a session key request. The session key device 111 may be a tablet, a USB dongle plugged in a personal computer. The session key device 111 may comprise a computing device configured to act as a server, i.e. to serve requests from the client device 110 and/or from the hearing device 101. The session key device 111 may be controlled by the hearing device manufacturer.
The hearing device 101 may be connected to the client device 110 via a communication link 113, such as a bidirectional communication link and/or a wireless communication link. The wireless communication link may be carried over a short-range communication system, such as Bluetooth, Bluetooth low energy, IEEE 802.11, Zigbee. The hearing device 101 may be connected to the client device 110 over a network. The client device 110 may permit remote fitting of the hearing aid device where a dispenser connects to the hearing device via the client device 110 of the user. The client device 110 may have a secure connection to the hearing device, e. g. authenticated connection.
The hearing device 101 may be connected to the session key device 111 via a communication link 114 over a network 114a, such as a bidirectional and/or wireless communication link over a network. The client device 110 may be connected to the session key device 111 via a communication link 112 over a network 112a, such as a bidirectional and/or wireless communication link over a network.
Fig. 2 schematically illustrates an exemplary client device 110. The exemplary client device 110 comprises a processing unit 202 configured communicate with a hearing device 101. The exemplary client device 110 comprises a memory unit 203 and an interface 204 respectively connected to the processing unit 202. The processing unit 202 is configured to send a session request for a session to the hearing device via the interface. The session request may comprise the hearing device identifier or an identifier derived therefrom. The processing unit 202 is configured to receive a session response via the interface, e.g. from a hearing device 101 and/or a session key device 111. Hence, the processing unit 202 comprises e.g. a receive/send unit 205 configured to send and/or receive via the interface 204. The processing unit 202 is configured to obtain a session key based on e.g. the session response, such as to extract the session key from the session response. Hence, the processing unit 202 comprises an obtainer 206, The processing unit 202 may retrieve the session key from a key depository, e.g. stored in the memory unit 203. To obtain a session key may comprise to establish a connection to a session key device 111 via the interface 204, i.e. the processing unit 202 may be configured to establish a connection to a session key device via the interface. The processing unit 202 may send a session key request, e.g, comprising a hearing device identifier, to the session key device via the interface 204. The processing unit 202 may receive a session key response from the session key device 111 via the interface 204, the session key response optionally comprising a hearing aid key. The processing unit 202 may determine the session key based on the session key response, e.g. by decrypting the encrypted session key with the hearing device key from the session key device.
The session response may comprise a hearing device identifier. The hearing device identifier may comprise a hardware number of the hearing device and/or a seriai number of the hearing device. The client device 110 may retrieve the session key from the session key device 111 by providing the hearing device identifier to the session key device 111 and requesting the session key from the session key device 111 and/or requesting the session key device 111 to decrypt the session response and/or the session key.
in one or more exempiary ciient devices, to obtain the session may comprise to establish a connection to a session key device via the interface, to send a session key request to the session key device via the interface, to receive a session key response from the session key device via the interface, and to determine the session key based on the session key response. The connection establishment may be a secure connection establishment e.g. using a secure protocol to a server acting as session key device.
The processing unit 202 is configured to determine hearing device data. Hence the processing comprises e.g. a determiner. The hearing device data comprises e.g. firmware, fitting data, and/or hearing device operating parameters. Thus, the client device 110 may be a fitting device. Fitting data may for example be data generated by a fitting device used by a dispenser when a hearing device is being fitted in a user’s ear. Fitting data may comprise hearing loss parameters, compressor parameters, filter coefficients, and/or gain coefficients. Hearing device operation parameters may comprise volume control parameters, mode and/or program control parameters. Firmware may refer to a computer program provided by the hearing device manufacturer, and to be installed on the hearing device to control the hearing device. Firmware is for example to be installed to upgrade the operations and capabilities of the hearing device.
In an embodiment, the client device may be in the form of a smart phone or a table may comprise software configured to provide the functionality of a fitting device.
The session response may comprise an encrypted session key. The processing unit 202 may be configured to determine the session key by retrieving the session key from the session key response
In one or more exemplary client devices, to determine the session key comprises retrieving a hearing device key from the session key response and decrypting the encrypted session key based on the hearing device key. Alternatively to determine the session key may comprise decrypting the encrypted session key with a global key. A global is e.g. a key common to a group of client devices. The processing unit 202 is configured to e.g. retrieve a hearing device key from the session key response and decrypt the encrypted session key based on the hearing device key. The processing unit may comprise a decrypt/encrypt unit. The hearing device key may be e.g. a symmetric key or a public key of a private-pubiic key pair. The hearing device key may comprise an AES-128 bits key as a symmetric key. The use of a symmetric as a hearing device key provides the advantage of being able to use hardware accelerators. The hearing device key may comprise a public key of a private-public key pair, such as a public key of a private-public key pair of an authorized discloses" of the session key, such as of the client device 110 or the session key device 111.
In one or more exemplary client devices, to determine the session key comprises decrypting the encrypted session key with a global key. The global key may be e.g. a symmetric key or a public key of a private-pubiic key pair. The session key may be compliant with or encrypted with an encryption standard such as Advanced Encryption Standard, AES, RSA crypto-system, Triple Data Encryption Algorithm.
The processing unit 202 is configured to generate session data e.g. based on the session key and the hearing device data. Hence the processing comprises e.g, a generator 208. The processing unit 202 may generate a message authentication code based on the session key and the hearing device data. A message authentication code, MAC, is generated by a client device 110 based on the session data and the session key. Upon reception of the session data comprising the MAC, the hearing device which holds the stored session key is able to re-compute the MAC based on the received session data and a MAC generation function and compare the recomputed MAC with the received MAC. if the recomputed MAC does not match the received MAC, then the hearing device concludes that session data is corrupted.
The processing unit 202 to generate session data may be configured to encrypt the hearing device data with the session, using e.g. an encryption scheme. The encryption scheme may comprise a symmetric encryption scheme and/or an asymmetric encryption scheme. The session key may comprise a symmetric key. The symmetric key may be uniquely generated for each session by the hearing device and/or session key device. The symmetric key may comprise an AES-128 bits key. The use of a symmetric key as a session key may reduce a processing power requirement, and aliow the hearing device 101 to decrypt the session data with light encryption algorithms.
The processing unit 202 may be configured to digitally sign the hearing device data, such as to digitally sign the hearing device data using a private key of the client device, and/or of a group of client devices. The processing unit 202 generates a digital signature using a signature generation function and a private key of a client device 110 and append it to the session data. The hearing device 101 may then verify the digitai signature when receiving the session data, if the digital signature is not successfully verified using the alleged public key of a client device 110, the hearing device 101 may disregard the session data and terminates the session. This may provide the advantage that the client device 110 supports the hearing device 101 in rejecting session data tampered or received from unauthenticated parties and the communication with the hearing device may thus be robust against impersonation and masquerading attacks.
The processing unit 202 is configured to send the session data to the hearing device via the interface, e.g. using the receive/send unit 205. The session data may comprise hearing device data encrypted with the session key. To encrypt session data with the session key, the client device 110 may utilize any of the above encryption standards.
Fig. 3 shows an exemplary signalling diagram 300 involving a session key device 111. A client device 110 sends to e.g. the hearing device 101 a session request 301 for a session via the interface 204. The client device 110 receives from e.g. hearing device 101 a session response 302. The session response 302 may comprise an encrypted session key. The client device 110 obtains the session key. For example, to obtain session key, the client device 110 may send a session key request 304 to the session key device 111, whereupon the session key device decrypts the encrypted session key comprised in the session response 302. Based on the session key request 304, the session key device 111 may send the decrypted session key or a hearing device key enabling the client device to decrypt the encrypted session key in a session key response 305 to the client device 110. The session key response 305 from the server device 111 may comprise the decrypted session key. The communication link 112 between the client device 110 and the session key device 111 is secure. For example, the session key device 111 may be physically attached as a USB dongle to the client device 111. Alternatively the session key device 111 may be connected to the client device via a network. The communication link 112 between the client device 110 and the session key device 111 may be secure, i.e. authenticated, encrypted and/or integrity protected using a security protocol (e.g. Transport Layer Security protocol).
The client device 110 determines hearing device data and generates session data 303 based on the session key and the hearing device data. For example the client device 110 encrypts the hearing device data with the session key. The session data 303 may be integrity-protected by the client device 110. The client device 110 sends the session data 303 in the session via the interface 204.
Fig. 4 shows an exemplary fiow-chart illustrating a method, performed in a client device 110, for hearing device communication. The client device 110 comprises a processing unit 202, a memory unit 203 and an interface 204. The method comprises sending S1 a session request for a session to the hearing device 101 via the interface 204, e.g. to a hearing device 101 and/or a session key device 111. The method comprises receiving S2 a session response via the interface 204, from a hearing device 101 and/or a session key device 111.
The method comprises obtaining S3 a session key based on the session response, such as to extract the session key from the session response. Obtaining S3 a session key may comprise establishing S31 a connection to a session key device 111, sending S32 a session key request to the session key device 111, receiving S33 a session key response from the session key device 111, and determining S34 the session key based on the session key response. The client device 110 may retrieve the session key from the session key device 111 by providing the hearing device identifier to the session key device 111 and requesting the session key from the session key device 111 and/or requesting the session key device 111 to decrypt the session response and/or the session key.
In one or more methods, receiving S2 a session response may comprise receiving S21 an encrypted session key. Determining S33 the session key may comprise retrieving S33a the session key from the session key response. Determining S33 the session key may comprises retrieving S33b a hearing device key from the session key response and decrypting S33c the encrypted session key based on the hearing device key.
In one or more methods, receiving S2 a session response may comprise receiving S21 an encrypted session key. Obtaining S3 a session key based on the session response may comprise decrypting S35 the encrypted session key with a global key. The gioba! key may be stored in the client device 110, such as in the memory 203.
The method comprises determining S4 hearing device data, The method comprises generating S5 session data based on the session key and the hearing device data. The method comprises sending S6 the session data to the hearing device via the interface.
Although particular features have been shown and described, it will be understood that they are not intended to limit the claimed invention, and it will be made obvious to those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the claimed invention. The specification and drawings are, accordingly to be regarded in an illustrative rather than restrictive sense. The claimed invention is intended to cover all alternatives, modifications and equivalents.
□ STOF references 100 architecture 101 hearing device 111 session key device 112 communication link between client device and session key device 112a communication network 113 communication link between client device and hearing device 114 communication link between session key device and hearing device 114a communication network 202 processing unit 203 memory unit 204 interface 205 receive/send unit 206 obtainer 207 determiner 208 generator 300 signalling diagram 301 session request 302 session response 303 session data 304 session key request 305 session key response 400 method

Claims (17)

1. A client device for hearing device communication, the client device comprising - a processing unit; - a memory unit; and - an interface, wherein the processing unit is configured to: - send a session request for a session to the hearing device via the interface; - receive a session response from the hearing device via the interface; - obtain a session key based on the session response; - determine hearing device data; - generate session data based on the session key and the hearing device data; and - send the session data to the hearing device via the interface.
2. Client device according to claim 1, wherein the session response comprises a hearing device identifier.
3. Client device according to any of the preceding claims, wherein to obtain a session key comprises to establish a connection to a session key device via the interface, to send a session key request to the session key device via the interface, to receive a session key response from the session key device via the interface, and to determine the session key based on the session key response.
4. Client device according to claim 3 as dependent on claim 2, wherein the session key request comprises the hearing device identifier.
5. Client device according to any of claims 3-4, wherein the connection to the session key device is a secure connection over a network.
6. Client device according to any of claims 3-5, wherein the session key device is a fitting accessory device; wherein the fitting accessory comprises a storage device containing a list configured to provide a session key and/or a session key response based on a session key request.
7. Client device according to any of claims 3-6, wherein the session key device is a computer-server; wherein the computer-server comprises a storage device containing a list configured to provide a session key and/or a session key response based on a session key request.
8. Client device according to any of claims 3-7, wherein the session response comprises an encrypted session key, and wherein to determine the session key comprises retrieving the session key from the session key response.
9. Client device according to claim 8, wherein to determine the session key comprises retrieving a hearing device key from the session key response and decrypting the encrypted session key based on the hearing device key; or wherein to determine the session key comprises decrypting the encrypted session key with a global key.
10. Client device according to any of the preceding claims, wherein to generate session data based on the session key and the hearing device data comprises generating a message authentication code based on the session key and the hearing device data.
11. Ciient device according to any of the preceding claims, wherein to generate session data based on the session key and the hearing device data comprises digitally signing the hearing device data.
12. Ciient device according to any of the preceding claims wherein the hearing device data comprises firmware, fitting data, and/or hearing device operating parameters.
13. A method, performed in a client device, for hearing device communication, the ciient device comprising a processing unit, a memory unit and an interface, the method comprising: sending a session request for a session to the hearing device via the interface; receiving a session response via the interface; obtaining a session key based on the session response; determining hearing device data; generating session data based on the session key and the hearing device data; and sending the session data to the hearing device via the interface,
14. Method according to ciaim 13, wherein obtaining a session key comprises establishing a connection to a session key device, sending a session key request to the session key device, receiving a session key response from the session key device, and determining the session key based on the session key response.
15. Method according to any of claims 13-14, wherein receiving a session response comprises receiving an encrypted session key, and wherein determining the session key comprises retrieving the session key from the session key response
16. Method according to any of claims 14-15, wherein determining the session key comprises retrieving a hearing device key from the session key response and decrypting the encrypted session key based on the hearing device key.
17. Method according to any of claims 14-15, wherein receiving a session response comprises receiving an encrypted session key, and obtaining a session key based on the session response comprises decrypting the encrypted session key with a global key.
DKPA201470780A 2014-12-12 2014-12-12 Apparatus for secure hearing device communication and related method DK201470780A1 (en)

Priority Applications (8)

Application Number Priority Date Filing Date Title
DKPA201470780A DK201470780A1 (en) 2014-12-12 2014-12-12 Apparatus for secure hearing device communication and related method
US14/573,372 US9503437B2 (en) 2014-12-12 2014-12-17 Apparatus for secure hearing device communication and related method
JP2015232429A JP6807153B2 (en) 2014-12-12 2015-11-27 Devices and related methods for secure hearing device communication
CN201510921044.2A CN105704709B (en) 2014-12-12 2015-12-11 Apparatus for secure hearing device communication and related methods
US15/347,744 US10045207B2 (en) 2014-12-12 2016-11-09 Apparatus for secure hearing device communication and related method
US16/031,435 US10595197B2 (en) 2014-12-12 2018-07-10 Apparatus for secure hearing device communication and related method
US16/782,517 US11284249B2 (en) 2014-12-12 2020-02-05 Apparatus for secure hearing device communication and related method
JP2020159087A JP2021007233A (en) 2014-12-12 2020-09-23 Device and related method for secure hearing device communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DKPA201470780A DK201470780A1 (en) 2014-12-12 2014-12-12 Apparatus for secure hearing device communication and related method

Publications (1)

Publication Number Publication Date
DK201470780A1 true DK201470780A1 (en) 2016-06-27

Family

ID=56162694

Family Applications (1)

Application Number Title Priority Date Filing Date
DKPA201470780A DK201470780A1 (en) 2014-12-12 2014-12-12 Apparatus for secure hearing device communication and related method

Country Status (1)

Country Link
DK (1) DK201470780A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070076889A1 (en) * 2005-09-29 2007-04-05 International Business Machines Corporation Pre-generation of generic session keys for use in communicating within communications environments
US20130185559A1 (en) * 2012-01-18 2013-07-18 Square, Inc. Secure communications between devices
US20130182845A1 (en) * 2012-01-18 2013-07-18 Square, Inc. Secure communications between devices using a trusted server
US20130202138A1 (en) * 2012-02-08 2013-08-08 Panasonic Corporation Hearing aid, hearing aid fitting management system, server device, and computer device
US20140341405A1 (en) * 2013-05-15 2014-11-20 Gn Resound A/S Hearing instrument with an authentication protocol
WO2015028050A1 (en) * 2013-08-27 2015-03-05 Phonak Ag Method for controlling and/or configuring a user-specific hearing system via a communication network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070076889A1 (en) * 2005-09-29 2007-04-05 International Business Machines Corporation Pre-generation of generic session keys for use in communicating within communications environments
US20130185559A1 (en) * 2012-01-18 2013-07-18 Square, Inc. Secure communications between devices
US20130182845A1 (en) * 2012-01-18 2013-07-18 Square, Inc. Secure communications between devices using a trusted server
US20130202138A1 (en) * 2012-02-08 2013-08-08 Panasonic Corporation Hearing aid, hearing aid fitting management system, server device, and computer device
US20140341405A1 (en) * 2013-05-15 2014-11-20 Gn Resound A/S Hearing instrument with an authentication protocol
WO2015028050A1 (en) * 2013-08-27 2015-03-05 Phonak Ag Method for controlling and/or configuring a user-specific hearing system via a communication network

Similar Documents

Publication Publication Date Title
US10681082B2 (en) Hearing device with communication protection and related method
US10027474B2 (en) Hearing device with communication protection and related method
US11284249B2 (en) Apparatus for secure hearing device communication and related method
US10694360B2 (en) Hearing device and method of hearing device communication
EP3668120B1 (en) Hearing device with service mode and related method
US11546699B2 (en) Hearing device with service mode and related method
EP3032858B1 (en) Apparatus for secure hearing device communication and related method
EP3113515B1 (en) Hearing device and method of hearing device communication
DK201470780A1 (en) Apparatus for secure hearing device communication and related method
DK201470778A1 (en) Hearing device with service mode and related method
DK201570434A1 (en) Hearing device and method of hearing device communication

Legal Events

Date Code Title Description
PHB Application deemed withdrawn due to non-payment or other reasons

Effective date: 20161216