Researchers from the Technische Universität Darmstadt who work together in the CROSSING Collaborative Research Center of the Deutsche Forschungsgemeinschaft (DFG) have developed a technological prototype together with Japanese and Canadian partners to ensure decades of secure storage of sensitive health data. The result of the cooperation they have just presented during a conference in Beijing, China. The system will go into trial operation in Japan in the coming weeks.
The electronic patient record has not only been discussed in Germany for a long time. But time and again, the question of data security is slowing down development. In particular, health data – which with the advancement of modern medicine more and more often contain genome data of patients – must be able to be safely stored for a lifetime and sometimes even beyond.
A major challenge here is the technological developments that are to be expected over this long period of time, as these have a major impact on the safety of existing procedures. “All encryption methods used today will become uncertain over the next few years and decades,” explains TU Professor Johannes Buchmann , spokesman for the CROSSING Collaborative Research Center . “The computing power of attackers is getting bigger and their attacks are getting better. We can therefore assume that all encrypted data will be revealed after 20 years at the latest. ”
Long-term confidentiality through “secret sharing”
In order to prevent this, Buchmann and his team started the cooperation with the Japanese research institute NICT in 2015 on the project “LINCOS – Long-Term Integrity and Confidentiality Protection System”. Since 2017, the Japanese hospital operator Kochi Health Science Center and the Canadian company ISARA are also on board. For the first time, the developed system combines information theoretic confidentiality protection with renewable integrity protection. This means that no matter what computing capacity and algorithms are available in the future, nobody will be able to access or modify the protected data.
Long-term confidentiality is achieved through a technology called “secret sharing”. The original data set is divided into different servers so that individual parts alone make no sense. Only when enough parts – so-called Shares – one superimposes, results again the original data set of the patient file. Should one of the involved servers be compromised, the attacker can not do anything with his captured share. In addition, the distribution is renewed regularly. The integrity, ie the unmodified, of the data is achieved by quantum computer-resistant signatures. But even in the event that they are classified as uncertain over time, the researchers have taken precautions: The signatures are exchanged regularly.
Protection by quantum key exchange
As the third component of the LINCOS system, ISARA, the industrial partner of the project, protects the data sent between the hospital and the server operators with quantum–computer-resistant encryption. In the future, the researchers want to add yet another level of security that they have already prototypically realized with the Japanese colleagues: quantum key exchange. This procedure guarantees long-term secure keys, since it can be completely ruled out that an attacker listens to the key exchange. The scientists at the CROSSING Collaborative Research Center are even working on this in their own quantum laboratory at TU Darmstadt.
“The sustainable protection of electronic health records is just one example where sustainable safety is urgently needed. Every day in our digitized world, we produce an unimaginable number of sensitive data that must remain confidential and unchanged over a long period of time, such as in Industrie 4.0 applications at the industrial location of Germany. Here, policymakers are called upon to ensure the guaranteed long-term protection of our data, “Buchmann says.