Auditable Medical Data Sharing through Recoverable Key Agreement
More Info
expand_more
Abstract
Medical research benefits from large quantities of high-quality data. Internet-based data-sharing platforms bring the advantage of rapidly sharing data medical data. However, ensuring security and accountability in networked medical systems remains a challenge. In this paper, we propose a secure and auditable data-sharing platform for hospitals and research groups based on a distributed ledger. A two-party protocol for recoverable key agreement lies at the basis of securing the data sharing. This protocol enables two parties to agree on an encryption key and put the encryption key under the escrow of a board of semi-trusted auditors. A quorum of these auditors is required in order to recover the encryption key. The recoverable key agreement ensures that past communication can be audited, even if one of the two parties is malicious. We provide a realization of the protocol and analyze its complexity and performance. Based on these analyses, we demonstrate that the protocol is suitable for real-world use cases and resource-constrained devices.
Files
File under embargo until 30-06-2025