Abstract: The research presents a Privacy-Preserving Data Exchange (PPDE) framework for electronic health records (EHRs) that integrates elliptic-curve cryptography (ECC), zero-knowledge proofs (ZKPs), and capability tokens on a permissioned blockchain to create a cohesive, policy-compliant data-sharing workflow. In this system, IoT gateways establish ECC-based session keys to encrypt measurements at the edge, while only cryptographic hashes and pointers to the encrypted data are stored on a consortium blockchain, ensuring data confidentiality with tamper-evident integrity and auditable provenance. Healthcare providers issue Access Request Transactions that include ECC signatures and ZKPs to prove policy compliance (such as patient consent and role-based access) without revealing sensitive details. Off-chain ZKPs validate authorization decisions, with on-chain records providing verifiable evidence of conformance and access history, and a capability token is granted to authorize future data access within defined scopes and time windows. The framework emphasizes end-to-end confidentiality, privacy-preserving authorization, and tamper resistance through the blockchain. Our evaluation analyzes network throughput, end-to-end delay, packet delivery ratio, scalability, and energy efficiency, with particular attention to the overhead from blockchain operations, ECC, and ZKP verification. Results show improved privacy and security for EHR data, with only nominal overhead relative to the privacy and integrity gains, and favorable scalability and energy performance in realistic deployments.
Daniel et al. (Wed,) studied this question.