Blockchain-assisted sharing of electronic health records: a feasible privacy-centric constant-size ring signature framework

Abstract

The quest to share Electronic Heath Records (EHR) with blockchain as a core technology has witnessed a myriad of frameworks ingrained with diverse cryptographic primitives as well as non-cryptographic mechanisms. Existing works, however, still suffer from privacy-related challenges chief being privacy breaches based on blockchain digital footprints from health facilities, doctors, and patients alike as well as feasibility challenges. Empirical research from state-of-the-art demonstrates the possibility to deanonymize entities involved in a blockchain transaction via inference analysis using such digital footprints on-chain. In this paper, we address such lacunae by advancing a privacy-conscious feasible blockchain-agnostic EHR sharing framework leveraging anonymous transactions, a smart contract, and decentralized storage technology. We construct a constant-size identity-based ring signature to provide accentuated privacy for transaction initiators and demonstrate how health facilities can anonymously retrieve anonymous data on-chain to facilitate EHR sharing via a novel, robust yet computationally efficient, and privacy-aware algorithm dubbed PatientFinder. We subsequently show proof of concept of our framework. A thorough system evaluation is performed revealing that the solution satisfies the privacy of patients and health facilities (doctors), feasibility, and security-related requirements.