The method of patients' data protection on the instance of chemotherapy dosing data calculation process for Ewing's sarcoma treatment which improves the protection of personal data of cancer patients is proposed in this article. While performing this work, the types of homomorphic encryption, their features and examples of applications for this subject area were analyzed. After analyzing the known solutions, it was decided to develop method which combines homomorphic encryption with a distributed data storage such as blockchain. The instance of proposed method's implementation is presented. At the end of the work, we draw conclusions and set tasks for the future research in this area.
The need for personal data protection of patients is relevant everywhere. In Ukraine, the Law on
Personal Data Protection [
Compliance with laws and regulations, such as the General Data Protection Regulation (GDPR) [
Nowadays, the number of cancer patients is increasing, and each patient requires an individual approach to treatment. Nowadays, patients often move, which can lead to the risk of losing critical health data. For instance, the war in Ukraine has resulted in a significant number of internal refugees. These individuals may face challenges in maintaining consistent medical records, which can affect their treatment.
To solve these problems, it is important to implement data protection, including encryption of patients’ personal data. Encrypting patient data ensures that even if records are transferred or accessed from different locations, the information remains secure and protected from unauthorized access. However the usage of encryption making it more difficult to process data, because it is needed to be decrypted before making an alterations and re-encrypted afterwards for the storing at the media.
Known approaches for data storing uses databases, clouds and blockchain. However each of these approaches has drawbacks in comparison to others: databases lacking availability and integrity protection of the stored data; clouds needs secure connection and complete trust to the cloud provider, thus creating problems for information security compliance; blockchains aren’t designed for storing big data arrays and are open for all the peers for reading stored data, thus creating additional tasks for data privacy protection. The latter creates tasks of data protection improvement for the mediums.
The goal of this study is to improve the protection of patients' personal data by using homomorphic encryption.
To achieve the goal of this study, one should solve the following tasks:
2. Task formalization. 3. Data protection method development. 4. Software development. 5. Implementation results analysis. 6. Conclusion drawing.
The main contribution of the research is method of homomorphic encryption utilization for the blockchain as a storage medium for patients’ data, which allow to avoid additional read/write operations in case of data updating.
The structure of the paper is the following: section 2 contains preliminaries in order to cover the background of the research, section 3 is devoted to the state of the art analysis followed be task formalization presented in the section 4, the main results are presented at section 5, where proposed method is presented, and section 6, where its software implementation and use-case are shown, section 7 contains further discussion and conclusions of the research.
Homomorphic encryption is a form of encryption that allows computations to be performed on
encrypted data without need to decrypting it beforehand. This is particularly valuable when sensitive
data needs to remain confidential but still requires processing. In homomorphic encryption, an
encrypted input produces an encrypted output that, when decrypted, matches the result of the
operation as if it had been performed on the plaintext data [
There are two primary types of homomorphic encryption systems:
1. Partially homomorphic encryption [
2. Fully homomorphic encryption [
The example of partially homomorphic encryption is Paillier cryptosystem [
The basic public key encryption scheme has three steps:
Step 1. Generate a public key pair (n , g). To achieve this one needs to generate large prime numbers p and q of equal bit length.
Then compute: (1) (2) (3) (4) (5) 6)
( (7) n= p⋅ q Then one need to randomly generate g such as g∈ Z¿n2.
Step 2. The private decryption key is (λ, μ). To achieve this one needs to compute λ as: where lcm (.) means least common multiple.
Then is used to calculate the modular multiplicative inverse:
λ=lcm ( p−1 , q−1), μ=( L ( gλ mod n2))−1 mod n , where the function L ( x )= ( x−1) (quotient of integer division).
n Pick a random number r in the range 0<r <n∧ gcd (r , n)=1.
Step 3. To encrypt the message (m), where 0 ≤ m<n , should need to compute c as: where c – ciphertext.
Step 4. To decrypt the m should need to do the next computation:
c=gm ∙ rn , m= L ( c λ mod n2)∗μ mod n , where c – ciphertext to decrypt and c∈ Z¿n2.
Among the operations supported by Paillier's scheme are homomorphic addition (6) and multiplication (7), but it should be noted that without knowledge of the private key there is no way to calculate the product of encrypted messages.
When two ciphertexts are multiplied, the result decrypts to the sum of their plaintexts:
D ( E pub (m1)∗E pub (m2) mod n2)=m1+m2 mod n , where D is the multiplication need to decrypt.
When a ciphertext is raised to the power of a plaintext, the result decrypts to the product of the two plaintexts:
D mod n2= m1∗m2 mod n
Paillier is computationally less expensive than fully homomorphic encryption schemes like BFV
[
For the chemotherapy calculations the main factor is body surface area (BSA) [
BSA =√ Dose=BSA∗ct , (8) (9) where ct is the doseCoefficient, h – height of the patient, w – weight of the patient.
The above preliminaries became the basis for known approaches analysis for this field.
Homomorphic encryption is used in the medical field to enhance data privacy while enabling
computations on encrypted datasets. One notable example is the Swiss project MedCo [
HE facilitates secure analysis of cardiovascular data, enabling encrypted computations to pinpoint
high-risk individuals and forecast disease progression without compromising patient privacy [
On the other hand, homomorphic encryption usage in this case possess some disadvantages: high computational overhead, which can reduce performance and scalability, especially when processing large datasets.
Another important usage of homomorphic encryption is collaborative cancer research, where
encrypted data from multiple hospitals is examined to identify the most efficient chemotherapy
protocols based on different cancer types and patient characteristics [
There is known an innovative system for lung cancer diagnosis which is based on homomorphic
encryption [
In the work [18], the author proposes a method for predicting the likelihood of a heart attack based on a few body measurements. This approach employs a client application that gathers health data and transmits it in the encrypted format using Microsoft Azure cloud services [17]. Relying on cloud-based homomorphic encryption (via Microsoft Azure) introduces security concerns around trust in thirdparty providers and may not comply with stringent healthcare regulations.
Another work proposed a fully homomorphic encryption algorithm for encrypting and decrypting images in healthcare is the research [19]. As the size of medical images increases (e.g., higher resolution scans), the encryption and decryption processes become less scalable requiring more memory and processing power.
These methods suffer from significant computational overhead, especially when processing large datasets or high-resolution medical images, leading to delays and increased operational costs. We address these issues by using the homomorphic encryption scheme that focuses on practical use cases, such as calculating personalized drug doses based on encrypted patient data, without exposing sensitive information.
Let’s denote by D the patients’ data, which is operated by the doctors and is needed for proper calculations of chemotherapy dosage for Ewing's sarcoma treatment. Let M to be the set of data storage mediums those are used to store D and S to be a set of data already stored using mediums M. Therefore it is possible that due to inaccessibility or a destruction of the mediums certain data is missing. The process of storing given amount of data d∈ D on the medium m∈ M is formalized as the following:
store : D × M → S or sm=store ( d , m).
In the formula (10) we used subscript in order to mark the fact, that sm is stored at the medium m. The reverse process of stored data retrieving is the following: retrieve : S × M → D or d =retrieve ( sm , m). (11)
Due to the criticality of correct dosage and number of sessions the stored data should be updated over time. Consequently there should be updating process: (10) (12) (13) update : S → S or s´m=update ( sm).
The mathematical description of the research field is the following: MathematicalDescription={D , S , M , {store ( d , m) , update ( sm) , retrieve ( sm , m)}}.
Thus the task of the research is to develop such method of data protection with the following conditions: 1. M should be robust to the denial of service attacks. 2. Destruction of given medium m∈ M shouldn’t lead to losses of S. 3. Only authorized persons (the respective patient and doctors, whom the patient granted access) can yield D from S, i.e. there should be limitations to the persons, who is able to perform data retrieving process retrieve(). 4. S must be updated without a disclosure of D, update() can be performed arbitrary from store() and retrieve() processes.
These conditions are to be met by the patient's data protection method.
In order to meet above-mentioned conditions sets, stated at the mathematical description (13) are to be
identified for the case of data, which is used for chemotherapy dosing calculations in case of Ewing's
sarcoma treatment. According to the methodology of the dosage calculations [
D={{height , weight , chemotherapySessions }, ct },
(14)
where height – a given patient’s height, which is used for the BSA computation;
weight – a given patient’s weight, which is used for the BSA computation;
chemotherapySessions – a number of already passed chemotherapy sessions;
ct – the scalability coefficient used by the methodology [
The chemotherapySessions parameter is needed in order to allow doctors to assign proper number of sessions. This parameter is essential for the considered case of warfare refugees, whom shouldn’t be expected to maintain proper medical records or correctly remembering the exect number, because of experienced extreme stress. Moreover the parameter is to be updated after each session, while height and weight might change as well between sessions. Therefore used mediums are to be open for data updates.
In order to meet conditions 1 and 2 defined in the previous section we choose Ethereum-like blockchain [19] as a medium. Usage of multiple nodes at the blockchain any of each can be used for stored data accessing provides robustness to the denial of service attacks thus meeting the condition 1. The very property allows to meet the condition 2, because any node’s destruction doesn’t lead to data losses. Moreover, the data loss in case of blockchain utilizing as a medium is possible only in case of all nodes destruction, which can be omitted by organizational means such as running several nodes outside warfare territory (abroad in partner countries, for instance) or minimizing the risk by placing nodes in different missile/drone protected areas.
The choice of this type of blockchain is motivated by the scalability of these types of blockchains due to smart contracts as a data structure. Consequently, in case of either chemotherapy dosage calculations methodology alterations, or proposed method usage in similar areas programmability of smart contracts allows to adapt this medium’s data structure as well.
M =BlockchainNodes, where BlockchainNodes is a set of all blockchain’s nodes.
Due to data openness caused by chosen medium and the need of meeting condition 3 stored data S should be presented in the encrypted form. Therefore, S is defined in the following form: (15) (16)
S={{height e , weight e , chemotherapySessionse }, ct e }, where heighte – an encrypted value of given patient’s height; weighte – an encrypted value of weight; chemotherapySessionse – an encrypted value of number of already passed chemotherapy sessions by given patient; cte – an encrypted value of ct.
The latter parameter is to be encrypted, because its value can help determine what kind of treatment is performed. This will be helpful for scalability reasons as well in case the proposed method and tool would be used for other cases of chemotherapy treatment.
After all data had been defined, the implementation of the processes should be performed. We propose to conduct store() process by the following steps:
Gather patients identification data patientID (such as number of medical record, eHealth account etc) and relevant parameters such as height and weight. 2. Perform hashing of the patientID in order to protect them from the exposure. In case of Ethereum-like blockchain usage it would be natural to use Keccak-256 hash function: path=keccak ( patientID ). (17) 3. Using homomorphic encryption, Paillier scheme in particular, encrypt with a patient’s public key height and weight parameters in order to obtain heighte and weighte respectively. 4. Access patient’s profile or create one at the smart contract ran in blockchain by using mapping of the following kind path → { heighte, weighte, chemotherapySessionse}. In case of profile creation encrypt 0 using patient's public key in order to get chemotherapySessionse. 5. Set obtained at step 3 values of heighte, weighte parameters.
Stored encrypted parameters can be read directly from blockchain in case of correct path parameter computation. Therefore retrieve() process is easy to implement for this case. However it doesn’t have sense in the research, because the main goal of the retrieve() process is to provide respective chemotherapy dose value. Therefore we propose to perform retrieve() by the following steps: 1. 2. 3.
Gather patients identification data patientID.
Obtain path value using (17).
Call smart-contract’s method, which computes in encrypted form value of a respective chemotherapy dose using homomorphic transformations and receive dosee.
Using patient’s private key decrypt dosee and obtain proper dose value.
After administrating chemotherapy the stored value of chemotherapySessionse is to be updated. To do so we propose the following update() process implementation: 1. Gather patients identification data patientID. 2. Obtain path value using (17). 3. Encrypt 1 using patient's public key: encryptedOne=g⋅ rn mod n2. (18) 4. 5.
Retrieve stored value of chemotherapySessionse.
Using homomorphic transformation add encrypted 1 to the value of chemotherapySessionse. chemotherapySessionse=chemotherapySessionse⋅ encryptedOne mod n2. (19) 6. Store new value of chemotherapySessionse.
It should be noted, that we used Paillier’s method for the homomorhpic encryption, but the method with a small adjustment can be adapted for other homomorphic encryption method usage.
Whether during the visiting doctor occurs the situation when the patient does not remember the necessary data for calculating the dose of chemotherapy drug and the number of received chemotherapy sessions, the doctor performs receive() process and gains the necessary data for treatment prescribing.
The smart contract was developed that allows to structure the information needed during the process of prescribing further treatment.
PatientChemotherapy smart contract, is designed to manage patient data related to chemotherapy treatments, including tracking a patient's height, weight, and number of chemotherapy sessions. Patients mapping – this is a mapping that associates a hashed patientID (using keccak256) to a patient's details stored in the Patient struct. The hashedID ensures that the actual patientID is not stored in a plain form, providing confidentiality.
An Ethereum-like blockchain [20] and Ganache [21] test environment, which is free and convenient for testing, were chosen to interact with the smart contract. The results of the successful recording by calling PatientUpdated() function of the some arbitrary patient's personal data and the dose of chemotherapy drug encrypted using the Paillier scheme are shown in the Figure 1.
Patients’ data protection has the strict regulation from the governments and increased attention from
the society [
Known works on the topic of the homomorphic encryption usage for the medical data protection
utilize it for the large data arrays [
These homomorphic encryption properties create constrains for its application at the healthcare
field, which are not properly addressed. Firstly, only data that is supposed to be used at computations
should be protected by this type of encryption. Secondly, designated storage medium should possess
enhanced availability properties in order to compensate the above-mentioned drawback. To meet the
former constraint the implementation area is to be analyzed and the data is to be determined. The
latter constraint leads to the utilization of the distributed storage such as clouds and blockchains. Due
to security compliance considerations clouds seem to be less desirable due to the cloud provider trust
legal regulations. Therefore a blockchain was chosen as a data storage medium that allowed to meet
the requirement and additionally provide increased integrity and traceability protection
comparatively with known approaches based on the server file storages, databases or clouds [
Performed analysis of the Ewing's sarcoma treatment methodology allowed us to determine, that partially homomorphic encryption, which is computationally less demanding and have less impact on data size increasing after the encryption, is enough for the case, because data updating needs can be satisfied only be the additive operations. That’s why Paillier scheme, which provides fully homomorphic addition, but partially homomorphic multiplication, was chosen for the research.
Presented task formalization allowed us to identify the task parameters and restrictions, in particular the data set, that is to be protected by the homomorphic encryption. The latter allowed to develop a method on the basis of them. Mathematical description of the task can be used in the further research in the area of medical data protection.
We proposed a method for data protection on the basis of homomorphic encryption and distributed storage, namely Ethereum-like blockchain. Due to homomorphism property of the encryption the data can be processed and updated in the encrypted form, which allowed to negate the drawback of blockchain’s openness and a lack of mechanisms for data privacy protection. The very blockchain’s openness and data distribution via multiple nodes provides increased protection of integrity, availability and traceability to the method. Proposed method and its processed were formalized. In order to reach proof-of-concept we presented results of software, which implements the method, those allowed to prove its efficiency. However due to the utilization of partially homomorphic encryption scheme proposed method have limitations for the possible data processing operations, those can be performed in encrypted form without compromising patients’ personal data.
That’s why in order to scale the method for other patients data protection instances it should be prior adapted to new case’s data processing requirements. The latter may lead to the necessity of encryption method substitution by other partially homomorphic or by fully homomorphic ones.
However, several tasks are yet to be solved before the method could be integrated to the medical practice. In particular the task of key sharing, their certification and distribution. We anticipate utilizing of electronic systems of healthcare such as eHealth system in Ukraine [22] and integration of key sharing protocols to the system. The task is to be addressed in our future research. Nevertheless, proposed method reaches its goals and meets restrictions of the task.
[17] K. Munjal, R. Bhatia. A systematic review of homomorphic encryption and its contributions in healthcare industry. Complex & Intelligent Systems. 2022. Doi: 10.1007/s40747-022-00756-z. [18] J. W. Bos, K. Lauter, M. Naehrig. Private predictive analysis on encrypted medical data. Journal of Biomedical Informatics. 2014. Vol. 50. pp. 234–243. doi: 10.1016/j.jbi.2014.04.003. [19] A. M. Vengadapurvaja. An Efficient Homomorphic Medical Image Encryption Algorithm For Cloud Storage Security. Procedia Computer Science. 2017. Vol. 115. pp. 643–650. doi: 10.1016/j.procs.2017.09.150. [20] Ethereum. URL: https://ethereum.github.io/yellowpaper/paper.pdf. [21] Ganache. URL: https://archive.trufflesuite.com/ganache/. [22] eHealth. URL: https://ehealth.gov.ua/.