Mjolnir: Breaking the Glass in a Publicly Verifiable Yet Private Manner

Abstract

This paper formally investigates the problem of unauthorized yet required access to electronically protected information, a.k.a. Break-the-Glass (BtG) access. Reflecting on the rising deployment of such protocols in the current digitized healthcare system, we present Mjolnir1, a blockchain-based BtG framework that offers accountability of unauthorized accesses by healthcare practitioners, dependable right of notification to patients, and privacy of healthcare records accesses. Mjolnir is a smart contract-based protocol which provides undisputed public verifiability of the identity of BtG access entities while maintaining their anonymity except from concerned individual patients, hence protecting the patients’ privacy. We employ an application specific non-interactive cryptographic zero knowledge proof system which ensures that the signing entity (healthcare practitioner) belongs to a given authorized group and that the anonymity of their identity is only revocable by a given opening entity (patient). The security of our system relies on the hardness of the discrete logarithm and decisional Diffie-Hellman problems in elliptic curve groups, and the utilized proof system requires no trusted setup. We formally define and prove the security goals of Mjolnir, provide a proof of concept blockchain implementation on Ethereum, and report on performance experiments and comparisons with other generic zero knowledge proof systems.