Efficient cryptographic building blocks for processing private measurements in e-healthcare

More Info
expand_more

Abstract

In order to achieve practical e-healthcare systems, five requirements should be addressed, namely 1) availability, 2) integrity, 3) accuracy, 4) confidentiality, and 5) efficiency. Using remote computer storage and processing services satisfies availability, integrity, and efficiency. However, it introduces privacy concerns regarding the leakage of private medical data to unauthorized parties, which violates GDPR. Data encryption is one of the widely used techniques to address those privacy concerns in e-healthcare systems. Although data encryption provides data confidentiality, while the accuracy and integrity of the data are preserved, it introduces computation and communication overheads that downgrade the efficiency of the e-healthcare systems.
To precisely find the bottlenecks in achieving privacy-preserving e-healthcare systems, we design three real-life e-healthcare scenarios. The scenarios are different in terms of the number of parties used in the system, the way that data are stored (centralized or distributed), and encryption key setting (single-key or multiple-key). Then, we identify the challenges and required cryptographic protocols for each scenario. Afterward, we investigate the performance of several applications that are using the same identified cryptographic protocols. We show that the existing cryptographic protocols, which are required for our scenarios, are dominating the computation and communication costs of the applications.
To address the challenges in the single-key setting, we improve the existing core building blocks, comparison, and equality testing, and develop new protocols to mitigate the overall costs of e-healthcare systems. We show that data filtering and retrieval protocols are still highly resource demanding, even though efficient building blocks are used. Thus, we develop a new secure indexing protocol that reduces the data filtering cost significantly. Moreover, we develop a novel data packing technique to achieve an efficient data retrieval protocol by using our indexing protocol. For themultiple-key setting, we introduce a homomorphic proxy re-encryption scheme. Our encryption scheme
has several properties such as an unlimited number of re-encryption, supporting homomorphism after each re-encryption, one-direction re-encryption, and non-interactive re-encryption key generation. Afterward, we use our encryption scheme for data filtering in the multiple-key setting and evaluate its performance.
The results of the performance analysis of our protocols show that improving core building blocks can significantly decrease both computation and communication costs of the cryptographic applications. Moreover, we show that developing techniques such as data packing and indexing can limit the number of homomorphic operations considerably, and consequently, mitigate the overall computation and communication costs of the cryptographic applications.

Files

Thesis_Majid_Nateghizad.pdf
(pdf | 3.54 Mb)
Unknown license