SSX-EHRs: secure and scalable cross-domain EHRs sharing with blockchain sharding and dynamic proxy re-encryption

The exchange of Electronic Health Records (EHRs) among healthcare institutions is essential for providing comprehensive patient care and advancing medical research. However, current systems face several challenges, including data silos, interoperability issues, and high computational costs associated with cross-domain data sharing. To address these limitations, this paper presents SSX-EHRs, a novel blockchain-based access control model designed for secure, scalable, and efficient EHR sharing across regions. We propose a distributed architecture of regional blockchains that stores encrypted EHRs in the cloud while maintaining their corresponding indexes on the blockchain. This architecture supports dynamic updates through a Merkle tree structure, enabling the addition of new EHRs without the need to rebuild the entire dataset, while ensuring data integrity through fast Merkle proofs. To enhance user authentication, we incorporate self-sovereign identity (SSI) with an improved zk-SNARKs protocol, which leverages a universal setup to minimize communication costs and optimize authentication for cross-domain environments. Additionally, we introduce a dynamic proxy re-encryption (D-PRE) mechanism that adaptively re-encrypt the ciphertext based on the load sharing. Through comparative analysis and experiments, our results demonstrate that SSX-EHRs achieves higher efficiency in handling larger datasets, improves query response times, and minimizes latency compared to existing solutions.