Quantum secure patient login credential system using blockchain for electronic health record sharing framework

Abstract

Nowadays, most of the medical records are maintained in a digital format known as Electronic Health Records Sharing (EHRS) framework. Patients have individual login credentials for accessing these medical records. In the BCT, the information about the owner of the block and its dependency over other blocks is maintained in itself. Moreover, each block is linked with its nearby blocks, leading to a network controlled by patients responsible for storing and sharing the information. In healthcare, BCT can help with mobile health apps, monitoring equipment, sharing and keeping of clinical trial data, electronic medical records, and insurance information storage. This study proposes a secure Patient Login Credential System (PLCS) for EHRS. The proposed scheme has been included for block encryption with the symmetric and asymmetric cryptography algorithms with respect to the hospital server and patients. Additionally, the Quantum Secure Trust Protocol (QSTP) is integrated to enhance trust and security between the patient-side and hospital-side, maintaining data integrity and confidentiality. Similarly, the Tune Swarm Optimization (TSO) algorithm is utilized to optimize performance metrics. The security analysis for the proposed scheme has been evaluated with basic security assumptions for information systems like, availability, access control, maintaining forward secrecy, and maintaining data integrity. The proposed scheme demonstrated enhanced security and performance, with IDEA achieving encryption in 58 ms and decryption in 278 ms for a 512-bit block, offering the best performance in terms of encryption speed.

Introduction

In modern healthcare systems, EHRS frameworks have become the standard for maintaining patient data in digital format. As patients are given the individual login credentials to access their medical records, the centralized nature of current EHRS solution raises concerns about data security, privacy and reliance on third-party vendors for data management. Nowadays, the healthcare systems around the world face several critical challenges. Security issues in healthcare systems are a critical and significant threat, as patient records contain highly sensitive information that can be misused if compromised.

Table 1 summarizes various security challenges in healthcare systems and how blockchain solutions address them, as referenced by several studies. Single-point-of-failure and privacy leaks are prevented through access control and key management solutions, ensuring privacy. Real-time patient monitoring is secured via consortium-management solutions that provide data availability and immutability. Privacy issues and attacks are countered with data encryption and access control mechanisms, ensuring confidentiality. Data breaches and malicious access are prevented by customized solutions and index-based searching, enhancing reliability. Lastly, data sharing and OoS issues are addressed through smart and secured blockchain solutions, improving privacy protection and message delivery efficiency.

Table 1.

Various security problems in healthcare systems.

References	Security problems	Blockchain solutions
Dagher et al.29	Single-point-of-failure and privacy leak	Access control and key management solutions for privacy preservation
Xu et al.54	Real-time patient monitoring	Consortium-managed solution
Wen et al.55, Ito et al.56	Privacy issues and attacks	Data encryption and access control mechanisms
Zhang et al.57	Data breach and malicious access	Customized solutions and index-based searching
Griggs et al.58	Data sharing and quality of service (QoS)	Smart and secured blockchain solutions

An efficient healthcare system should focus on two major areas: data security and data ownership. Due to the lack of security weakness, the sensitive medical records are subject to various kinds of attacks. The Department of Health and Human Services’ Office for Civil Rights (OCR) admitted notifications regarding many data openings which lead to the disclosure of over 13 million records of healthcare¹. The Ponemon Institute conducted a survey done by IBM Security, and the regular aggregate cost of information opening in the United States was found to be $7.91 million, wherein the medical related sector contributed to the highest capital cost. Another source of dissatisfaction is represented by patients that are unable to fully own their medical data. This concept is gaining traction with the growth of personalised treatment and wearable medical devices. These problems can be addressed with the advent of BCT. BCT is meant to provide a persistent, verifiable, and attack-resistant way for recording data using the bitcoin crypto currency². Blockchain is now considered as a distributed digital ledger technology with a decentralised ledger. The transactions are recorded by means of individual blocks, and added to the existing block chain which are connected by cryptographic hashes. Whenever a request to start a new transaction arrives, the user/patient is required to sign the transaction. The process of signing the transaction, which is commonly referred to as the digital signature, is done by making use of the private key of the user. Each transaction may involve any type of crypto currency, records, contracts, and still more data. The authenticity of the transaction is verified by a third party by making use of the public key. A one-way mathematical function is used to produce the public key pairs from the private key. The most known public key cryptosystems are elliptic curve cryptography or Rivest Shamir Adleman (RSA)³. The new transaction is then broadcasted to all the nodes in the shared network which is considered to be peer-to-peer. The miners then select a batch of communications and form a block. It is worth noting that, while a miner is continuously a full node, a node is not always a miner. Each miner is now contending to find an acceptable hashed outcome of the transactions recorded in the block.

The process of generating the output string from random input strings, so that the output requirements are met, involves the usage of more computational power. The miner who manages to get success by producing the desired output string is allowed to insert his block into the blockchain, thus completing one round of transaction. The same process is repeated for the next transaction and so on. When a block is included in the chain, its inclusion is made permanent in the blockchain. Any alterations or updates involve re-computation of the block to be altered and of its successive blocks, further leading to more power usage. Moreover, security is achieved by the fact that multiple copies of the data are stored on various nodes without any centralized structure.

These are the properties that make the BCT desirable in healthcare data management. Remote Healthcare Monitoring Systems (RHMS) are playing a vital role in providing facilities to the end-users through various remote accessing devices and advanced technical support. Maintaining security and privacy records in RHMS is gaining more attention, and these systems are using various security techniques for achieving privacy. These applications make use of blockchain techniques for providing security over the health records maintained by the hospital servers. A technique has been proposed and developed for smartphone applications, namely mHealth (mobile health), especially tailored for data regarding the cognitive behavioural treatment for insomnia⁴. This application connects to a private blockchain network to send patient health data. As an effect of the features of blockchain, the EMRs in the network were found to be secure and showed their resistance to tampering. Only the patient had access to and control over the information. The patient is allowed to record telecare medical information with the use of an application present in a remote. This information is then sent to the healthcare providers in a few seconds without any regard of the distance that lies between the patient and the service provider. The patients are more interested and observant since they are allowed to monitor their own health care using the designed mHealth system. Healthcare Data Gateway (HDG) organizes the health-related information of patients through a mobile application⁵. This encompasses two divisions, namely Indicator-Centric Schema (ICS), and a secure Multi-Party Computing (MPC) system. ICS is used for organization whereas MPC protects health data with no authoritative power and also enables interaction with the outsource party. The information is organized and stored in various layers, i.e., layer for data management, storage layer, and the data utility layer. All these layers slog in a cooperative manner for providing secured access and control over the stored information. In addition to this, smart contracts are engaged for monitoring and verification of the activities in the block chain which also aids in operating the device securely.

In⁶, an Ethereum mode based private blockchain has been developed for improvement of remote monitoring, which makes use of sensors and smart contracts for interacting with smart devices and for recording events in the blockchain, respectively. The usage of smart contracts allows a real time monitoring of the patients. Intimations are then sent to both healthcare service providers and patients over the blockchain in a secured manner. These notifications allow patients to be updated about and take care of their health. This system also supports third-party access.

Because information related to the health of the patient is private and more sensitive, there are security considerations related with mobile healthcare monitoring that must be carefully addressed. Blockchain has been damaged in the past by mobile viruses, and the usage of blockchain governing mobile applications should be entirely safe before it is used to store health data. The most venomous category of mobile malware, namely, root exploit, with its impact on blockchain was studied by the authors in⁷. As it is possible to discover the private key of patient’s, which is mandatory to have access to private and secured data on the blockchain, this issue provides drastic catastrophic effects on the system. This study used a biological approach, i.e., Practical Swarm Optimization (PSO), to detect root exploit, as well as boosters that can improve the activities related to machine learning to find new root activities and data updates. The study discovered that Logitboost, a type of boost, has a 93% accuracy rate in detecting root vulnerabilities. Logitboost was discovered to identify root exploits in the Root Exploit Detection System (RODS) curated in the study. Blockchain was created with the goal of providing distributed records of financial transactions which do not depend on controlled authorities and financial institutes. Medical records, transactions related to smart contract and billing of insurances have all benefited from advancements in BCT, which enables total access to and security of information and also a distributed system of transactions. Additionally, the accessibility to the history of the patient’s is also required for writing prescriptions, and healthcare services can be effectively improved with the framework of blockchain. BCT offers numerous advantages, particularly in data security, privacy, and decentralisation. Its decentralized nature removes the need for third-party vendors, allowing patients to have full control over their medical records. Additionally, the transparent ledger improves trust in the system, as transactions are verifiable and permanent.

To address the problems faced with existing methods in healthcare. This study addresses the afore-mentioned issues to overcome present restraints in healthcare and medical information systems utilizing BCT. Several technologies are first discussed to analyse the systems’ efficiency, e.g., Composer, Container, Hyperledger Fabric, Docker, Wireshark capture engine and the Hyperledger Caliper. The study proposes a novel access control policy algorithm for refining the accessibility of information between various healthcare providers, assisting for the simulated scenario implementing Hyperledger-based Electronic Healthcare Record (EHR) systems, working on a shared basis on the concept of a chain code. The proposed PLCS enhances the security by employing both symmetric and asymmetric encryption for protecting the transmission and storage of patient data between hospital servers and patients. Additionally, the QSTP is used to enhance trust and security between the patient-side and hospital-side. The QSTP calculates the trust score based on the feedback data, ensuring reliable and secure data transfer. Similarly, also during communication, the TSO algorithm is utilized to validate nonce verification messages and optimize the performance metrics. The system empowers patients with full control over their health records, ensuring data ownership and privacy, Moreover, the PLCS addresses data integrity and forward secrecy by safeguarding data from potential breaches, while maintaining the availability of records in a decentralized network. Performance metrics of blockchain networks, such as throughput, latency, and Round Trip Time (RTT), are also optimized to achieve better results. Compared to traditional EHR systems using client–server model, the proposed secure login record system uses blockchain for achieving improved security and efficiency.

The main contributions of this study are as follows:

• A blockchain-based quantum secure Patient Login Credentials System (PLCS) has been proposed for Electronic Health Record Sharing (EHRS).

• The proposed scheme includes block encryption using various symmetric and asymmetric cryptography algorithms with respect to the hospital server and patient.

• The Quantum Secure Trust Protocol (QSTP) has been integrated to enhance security and trust, between the patient-side and hospital-side.

• The security analysis evaluates the proposed scheme based on various parameters such as availability, etc.

• The average encryption and decryption times on both patient-side and hospital-side using various cryptography algorithms, including AES, IDEA, ECC and RSA are measured.

The remaining part of this paper is organized as follows. Section "Related works" illustrates the related works, while Section "Proposed secure patient login-credential system using BCT" details the proposed approach for secure login record system based on the BCT. Section "Security analysis" conduct an informal and a formal security analysis of the proposed method, respectively. Results and comparative analyses carried out with existing approaches are depicted in Section "Results and performance analysis", just before our conclusion sketched in Section "Conclusion".

Related works

Recently many research articles have been published by researchers in the field of blockchain techniques. Healthcare Data Gateway was proposed in the paper as an application with a Blockchain-based architecture. The proposed application, according to the authors, allows patients to own and share their data and control data in a secure and simple manner without infringing on their privacy. The paper⁸ presents an attribute-based signature scheme with multiple authorities. In this proposed scheme, the patient declares only a message according to the attribute, while not disclosing any other information other than the evidence. Similarly, the paper⁹ proposes a trusted encryption platform, enabled by Intel SGX to provide accountability for data access and propose a decentralized approach to address the privacy concern. An Innovative user-centric health data sharing solution was proposed in the paper¹⁰ by utilizing a decentralised and permissioned blockchain to provide privacy and enhance the identity management using blockchain. The paper¹¹ presents a blockchain-based approach which adds new functionalities to an innovative teledermatology. Similarly, the paper¹² presents a novel lightweight scheme to securely log the data from body worn sensing devices as witnesses. A secure system for PSN-based healthcare is proposed in this paper¹³. The paper¹⁴ presents a body sensor network to design a lightweight backup and efficient recovery scheme. Similarly, the paper¹⁵ discusses the major aspects of medical records, blockchain and big data. The paper¹⁶ investigates different blockchain structures and provides possible solutions. Similarly, the paper¹⁷ discusses the potential to use the BCT to protect healthcare data hosted within the cloud. Hospital CIO explains the blockchain’s potential in the paper¹⁸. The paper¹⁹ investigates current processes and aims to introduce BCT as an improved security model that has the potential to lower the cost of trust. The paper²⁰ presents the state-of-the-art security and privacy issues in big data as applied to the healthcare industry.

An overview of future-generation blockchain and artificial intelligence technology is provided in the paper²¹. Additionally, the paper also offered novel tools that might be utilised to speed up research in the area of biomedicine and provide patients with the set of new tools to govern and profit from their personal information, as well as for incentives associated with continuous monitoring of health data. By enabling creative ways for medication research, biomarker development, and preventative healthcare, the author developed a new idea for appraising and evaluating personal records and proposed an architecture for blockchain-based decentralised personal health care information ecosystems.

A framework for organising and distributing Electronic Medical Records (EMR) data for cancer patient care was proposed in the paper²². With the help of Stony Brook University Hospital, the report brings the intended scheme into action. The suggested method, according to the author, ensures availability, privacy, security, and control of access over EMR data. The paper developed a strategy that allows patients to decide on factors such as accessibility of their data limiting their accessibility, thus providing individualised fine control of their data by third parties²³. The paper presented a MedRec, a revolutionary, decentralised record maintenance model based on Blockchain techniques for processing EMRs²⁴. The proposed system, according to the authors, provided patients with an elaborate, immutable record and quick access to their healthcare data across many service providers and treatment venues. The MedRec is in charge of authentication, confidentiality, accountability, and data exchange, all of which are critical considerations when dealing with sensitive data.

The paper²⁵ proposed a paradigm that focuses on delivering academics with healthcare data to be used for statistical analysis while still maintaining privacy. By combining the tailored access control protocol and asymmetric encryption, the authors demonstrated that the proposed approach provides exceptional data security. For sensitive medical information sharing, this approach employs a proxy re-encryption technique. The paper²⁶ presented a permissioned blockchain platform that uses smart contacts and attribute-based access management to improve the authorization paradigm. Moreover, the paper also presented Hyperledger Fabric as a permissioned blockchain system that might be used for privacy-sensitive use cases. The paper²⁷ explained how BCT might help with health data management in terms of patient rights, cyber security, regulatory frameworks and provider-centric viewpoints. A framework based on BCT for efficient electronic medical record storage and maintenance was proposed in the paper²⁸. This framework ensures that third parties, providers and patients have secure, efficient access to medical records. By analysing the demands of third parties, service providers and patients, the authors assessed the security of the suggested framework. The paper²⁹ presented a blockchain-based architecture allowing patients, third parties and service providers to have efficient, secure, and interoperable access to medical records. For access management and safe data exchange, this architecture makes use of smart contracts with respect to an Ethereum-based blockchain.

The paper³⁰ presents a proposed scheme that focuses on allowing keyword searches over encrypted data with a time-controlled functionality to restrict data access during time. However, inefficient revocation is a significant challenge. This revocation process becomes computationally expensive and difficult to manage when a user’s access must be revoked or modified. Similarly, the paper³¹ presents a proposed scheme which meets the data sharing requirement in the IoV where data integrity and transparency are critical. However, the main problem is in the complexity of redactability, verifiability. The goal of the system is having the ability to delete or replace portions of a data block under certain conditions. As a result, it is challenging to maintain the integrity of the entire blockchain while maintaining verifiability and preventing any data that could be tampered inappropriately. Furthermore, the paper³² focuses on providing privacy preserving authentication in IoV networks using BCT and global updates. The continuous global updates of commitment values required by this scheme, results in a high computational overhead, making it a major challenge. Additionally, it suffers from the difficulty in ensuring strong privacy guarantees and at the same time, preventing security vulnerabilities introduced by overall updates in large dynamic networks like IoVs. The detailed analysis of few existing studies are as follows:

1. “Blockchain-Based Framework for Interoperable Electronic Health Records for an Improved Healthcare System” by the authors Faheem Ahmad Reegu, Hafiza Abas, Yonis Gulzar, Qin Xin, Ali A. Alwan, Abdoh Jabbari, Rahul Ganpatrao Sonkamble and Rudzidatul Akmam Dziyauddin.

This paper³³ presents an interoperable blockchain-based EHR framework that can fulfill the requirements defined by various national and international EHR standards such as HIPAA and HL7. The proposed blockchain-based interoperable framework (BCIF-EHR) makes interoperability possible between the two frameworks HL7 and HIPAA, discussed earlier. The proposed framework offers a patient-centric system where patients control access to their EHRs across different hospital platforms using BCT. It partitions EHRs into offline and online components, with patient identity attributes stored online and off-chain data managed in document-oriented databases. The framework ensures that patients have full control over their data, with the ability to grant or revoke access to healthcare providers and other stakeholders. BCT ensures secure, verifiable storage and management of EHRs, while government agencies oversee the authenticity and privacy of the records. The framework was utilized to provide data security and promote scalability in various systems. This paper contributes to the discussion of related challenges and solutions related to the implementation of EHRs and the administration of patient data. It was found that the advantages of a creative, blockchain-based interoperability architecture worked.

Table 2 outlines the summary of the paper which proposed an interoperable blockchain-based EHR framework. The primary purpose of this framework is to meet international EHR standards, ensuring secure and scalable data management across different systems. The authors discuss the challenges associated with EHR and propose blockchain as a solution for better data security and system scalability. Their conclusions emphasize the potential of BCT to address interoperability and security concerns in healthcare systems.

2. “A secure blockchain-based e-health records storage and sharing scheme” by the authors Salman Shamshad, Minahil, Khalid Mahmood, Saru Kumari and Chien-Ming Chen.

Table 2.

Summary table of the paper titled “blockchain-based framework for interoperable electronic health records for an improved healthcare system”.

Authors	Purpose	Conclusion
Faheem Ahmad Reegu, Hafiza Abas, Yonis Gulzar, Qin Xin, Ali A. Alwan, Abdoh Jabbari, Rahul Ganpatrao Sonkamble and Rudzidatul Akmam Dziyauddin	Interoperable blockchain-based EHR framework that fulfills the requirements by international EHR standards	The framework was used to support scalability and data security across multiple systems. The paper contributes to the discussion of related challenges and solutions related to EHRs

This paper³⁴ presents a novel blockchain-based privacy and security preserving EHR sharing protocol for improved diagnosis and efficient treatments in Telecare Medicine Information System (TMIS). The technique used in this paper is implemented independently for the user and server sides in order to achieve efficient computing results. The scheme mainly consists of three entities, one is system manager of infrastructure, the other one is patient of the system and the last one is data user of the system. Moreover, it also consists of mainly three phases, one is data access phase, the other one is data storage phase and the final one is data sharing phase. There are few more phases apart from these. Accurate implementation of EHR sharing has been achieved with the use of two blockchain systems: consortium blockchain and private blockchain. Additionally, by offering a noticeable level of security, the proposed solution performs comparably better in terms of communication and compute overhead when compared to other current protocols, according to performance analysis.

Table 3 summarizes a paper titled “A secure blockchain-based e-health records storage and sharing scheme”, which proposed a blockchain based protocol to ensure privacy and security in EHR sharing with TMIS. The protocol involves several entities, including the system manager, patients and data users. The methodology covers different phases such as data access, storage, sharing, user revocation and authentication. The paper concludes that the proposed approach outperforms existing protocols by reducing communication and computing overhead while maintaining strong security standards.

3. “Blockchain Technology for Integrating Electronic Records of Digital Healthcare System” by Md. Halimuzzaman, Dr. Jaideep Sharma, Tapan Bhattacharjee, Bilash Mallik, Rashadur Rahman, Mohammad Rezaul Karim, Mostafa Masrur Ikram, Md Fokhrul Islam.

Table 3.

Summary table of the paper titled “a secure blockchain-based e-health records storage and sharing scheme”.

Authors	Purpose	Entities	Methodology	Conclusion
Salman Shamshad, Minahil, Khalid Mahmood, Saru Kumari and Chien-Ming Chen	It presents a blockchain-based privacy and security preserving EHR sharing protocol for improved diagnosis and efficient treatments in TMIS	System manager of infrastructure, Patient and Data user of the system	It consists of various phases: data access phase, data storage phase, data sharing phase, user revocation phase, password update phase, authentication phase, login phase and registration phase	Performance investigation shows that, compared to other existing protocols, the suggested approach performs substantially better in terms of communication and computing overhead while providing a detectable level of security

This paper³⁵ attempts to close this knowledge gap by developing an EHR framework that is built on blockchain technology and is compatible with many national and international EHR standards, including HL7 and HIPAA. Methods. A Hash-lock based method is used in this paper. If the EHR needs to be accessed from a separate platform, this method is used. They have looked at popular interoperable EHR standards like DICOM, SNOMED-CT, HL7, HIPAA, and open EHR. Two instances of these standards are HL7 and HIPAA. The proposed framework aims to promote scalability amongst various systems. Only the hashes and little EHRs on the blockchain need to be retained in order to conserve storage space. The paper’s findings proved that the two EHR frameworks, HIPAA and HL7, are compatible. Because of this interoperability, a unique hybrid system that integrates the two proposed frameworks with blockchain technology and data exchange is created. Overall, the proposed solution provides data exchange and privacy-preservation.

Table 4 outlines the paper titled “Blockchain Technology for Integrating Electronic Records of Digital Healthcare System”, focusing on developing blockchain-based EHR framework that stick to global standards like HL7 and HIPAA. The main purpose is to create a secure and compliant system for EHR that enables efficient data exchange. The authors propose a hybrid system that integrates two frameworks, improving both data security and interoperability across different healthcare platforms. The conclusion highlights the successful development of a system that meets the goals of data protection and streamlined information sharing in healthcare.

4. “A Novel Secure Blockchain Framework for Accessing Electronic Health Records Using Multiple Certificate Authority” by the authors Aitizaz Ali, Hasliza A Rahim, Jehad Ali, Muhammad Fermi Pasha, Mehedi Masud, Ateeq Ur Rehman, Can Chen and Mohammed Baz.

Table 4.

Summary table of the paper titled “blockchain technology for integrating electronic records of digital healthcare system”.

Authors	Purpose	Conclusion
Md. Halimuzzaman, Dr. Jaideep Sharma, Tapan Bhattacharjee, Bilash Mallik, Rashadur Rahman, Mohammad Rezaul Karim, Mostafa Masrur Ikram, Md Fokhrul Islam	Developing an EHR framework that is built on blockchain technology and is compatible with many national and international EHR standards, including HL7 and HIPAA. Method	Overall, a unique hybrid system is developed that integrates the two proposed frameworks with blockchain technology and data exchange is created

This paper³⁶ provides the facilities of flexible policies to update a record or invoke the policy such that a patient has complete authority. With the help of our suggested framework, a novel method to multiple Certificate Authority (CA) is incorporated in the design. The proposed method overcomes the shortcoming and security breaches faced by single certificate authority. They have identified the features that affect the performance of a cross-domain framework in a healthcare system. Using a cross-domain blockchain based framework, they have created a keyword search mechanism and a novel algorithm for safe access management. The Internet three layer structure is used in an experimental evaluation. These layers are referred to as the User layer, Local Domain, and Public Domain. In order to place multiple sensors, the topology is divided into multiple domains, and smart contracts and an efficient sensor placement algorithm are used to place the sensors so that there is as little delay as possible between blocks and transactions. Using Matlab and Pycharm, two blockchain tools, the performance results of the proposed framework are compared with the benchmark scheme. Based on the analysis, it is confirmed that our suggested framework offers increased security and throughput, which is supported by the comparison analysis and simulations compared to the benchmark models. The proposed framework provides improved security, resistance to replay and collusion attacks.

Table 5 summarizes a paper titled “A Novel Secure Blockchain Framework for Accessing Electronic Health Records Using Multiple Certificate Authority”, aimed at developing a cross-domain blockchain framework that offers flexible policies for record updates and access control, ensuring that patients have authority over their data. Using a keyword search mechanism and efficient sensor management, the framework enhances security and access management. The authors conclude that the proposed system provides strong protection against replay and collusion attacks, improving the overall security of healthcare data sharing.

5. “A Blockchain-Based Secret-Data Sharing Framework for Personal Health Records in Emergency Condition” by the authors Ahmed Raza Rajput, Qianmu Li and Milad Taleby Ahvanooey.

Table 5.

Summary table of the paper titled “A novel secure blockchain framework for accessing electronic health records using multiple certificate authority”.

Authors	Purpose	Methodology	Conclusion
Aitizaz Ali, Hasliza A Rahim, Jehad Ali, Muhammad Fermi Pasha, Mehedi Masud, Ateeq Ur Rehman, Can Chen and Mohammed Baz	Facilities of flexible policies to update a record or invoke the policy such that a patient has complete authority	A cross-domain blockchain framework for healthcare was proposed, featuring keyword search and access management with efficient sensor placement	The proposed framework provides improved security, resistance to replay and collusion attacks

This paper³⁷ suggested a healthcare management framework that considers safe policies and utilizes blockchain to provide a tamper protection application. In an emergency, these policies include tamper resistance, auditing, and extensible access control identification. Three components make up our suggested architecture: off-chain storage, a permissioned blockchain, and a patient-centric user interface. Three primary files make up this structure: authorization, script, and model. The three main components of the model are as follows: (i) assets are the patient’s PHR data items and some necessary personal information, which are stored in the variables as regular variables; (ii) participants are the actors who can participate in the network (patient, family physician, and emergency doctor); and (iii) transactions of participants on the assets through the network. The "logic.js" script explains a number of system transactions that took place. The experiments demonstrated that the proposed framework achieves superior performance compared to the state-of-the-art models healthcare systems providing accessibility, privacy, emergency access control and data auditing.

Table 6 describes a healthcare management framework proposed in the paper titled “A Blockchain-Based Secret-Data Sharing Framework for Personal Health Records in Emergency Condition”. Their framework emphasizes secure policies and uses blockchain for tamper-proof healthcare applications. The system is built on key components like off-chain storage, a permissioned blockchain, and a patient-centric user interface. It involves primary files such as authorization scripts and models to manage access. The framework aims at improving accuracy and providing accessibility, emergency access control and data auditing, ensuring a secure and efficient healthcare data management process.

Table 6.

Summary table of the paper titled “a blockchain-based secret-data sharing framework for personal health records in emergency condition”.

Authors	Purpose	Components	Primary Files	Conclusion
Ahmed Raza Rajput, Qianmu Li and Milad Taleby Ahvanooey	Healthcare management framework that considers safe policies and utilizes blockchain to provide a tamper protection application	Off-chain storage, permissioned blockchain and patient-centric user interface	Authorization, script and model	The proposed framework achieves higher accuracy and provides accessibility, privacy, emergency access control and data auditing

Figure 1 is a bubble chart that visualizes the impact of various research papers in the domain of blockchain-based EHR management. Each bubble represents a paper, with its position along with the x-axis corresponding to the publication year and its y-axis placement reflecting the paper’s focus area, such as “Secure Healthcare” or “Blockchain” for healthcare. It highlights key focus areas such as EHR privacy, decentralized authentication, secure data sharing and blockchain security, while also showcasing the distribution of focus areas of the publications across years. This helps to identify the research trends by showcasing the active and evolving topics in the secure healthcare domain, highlighting the various topics explored and identifying the research gap by finding the unexplored areas within this field.

Fig. 1.

Focus area distribution of top papers in secure healthcare and blockchain.

It is evident that the key research contributions in secure healthcare and blockchain are focusing on aspects such as privacy, interpretability, authentication and secure data sharing. Several studies³⁸ have explored different solutions, including blockchain for EHRS³⁹, privacy-preserving mechanisms^40–42, encrypted medical data transmissions^43–45, decentralizerd authentication^45,46 and blockchain security^47–53. These studies collectively highlight the role of blockchain in strengthening healthcare data security, preventing unauthorized access and ensuring seamless data exchange among stakeholders.

Research gap

While numerous studies have made significant advancements in blockchain-based EHR systems, several key gaps remain. For instance, the works in the paper³³ and³⁵ primarily focus on enhancing EHR interoperability through blockchain, but they do not sufficiently address cross-jurisdictional challenges that arise from differing international healthcare regulations.

RQ1

How can blockchain-based EHR systems ensure seamless interoperability while navigating varying international healthcare regulations?

Moverover, while scalability solutions, such as those presented by³⁴, provide partial improvements, there is limited research on how these blockchain frameworks can handle large scale, real-time healthcare data, especially without comprising efficiency and security in high throughput environments. The proposed system in this study, ensures interpretability by integrating BCT with standard data formats and protocols commonly used in healthcare systems, such as Fast Healthcare Interoperability Resources.

RQ2

How can blockchain systems be optimized to handle large-scale healthcare data in real-time while maintaining security and efficiency?

In terms of data privacy, although frameworks have been proposed to enhance user control over health records, they often lack fine-grained access mechanisms that allow patients to selectively share parts of their data while maintaining privacy. The scalability problem is addressed by employing the TSO algorithm, which optimizes transaction processing and block generation in the blockchain. This ensures that large-scale healthcare data can be processed efficiently in real time without any drop in system performance.

RQ3

What mechanisms can be implemented to enable fine-grained access control in blockchain-based EHR systems for selectively data sharing?

Another significant gap lies in the use of multi CA systems for improving security, as proposed by Aitizaz. While this approach enhances trust, there is insufficient exploration of the trade-offs between security and performance, particularly in large-scale healthcare applications. This study involves a combination of symmetric and asymmetric cryptographic techniques to implement a fine-tuned access control. Role-based access policies and attribute-based encryption ensure that data access is granted only t authorized entities. Patients retain full control over their data, enabling them to grant or revoke access dynamically.

RQ4

What is the performance-security trade-offs in multi-certificate authority systems in large-scale healthcare environments?

Furthermore, although existing research addresses common cyber-attacks, there is a pressing need to explore solutions for emerging threats, including those posed by quantum computing, side-channel attacks, and man-in-the-middle attacks. The proposed solution balances security and performance by introducing a lightweight multi-certificate authority system combined with the QSTP. This ensures strong security mechanisms with minimal computational overhead. The TSO algorithm further enhances performance by optimizing resource utilization and reducing latency.

RQ5

How can blockchain-based EHR systems mitigate emerging security threats such as quantum computing and side-channel attacks?

Emergency access to health records, discussed by³⁷ also remains underexplored, especially regarding how such access can be provided securely in critical situations without compromising long-term privacy. The inclusion of QSTP provides resistance against quantum computing threats by utilizing quantum-resistant cryptographic techniques. Furthermore, the system involves side-channel attack prevention strategies, such as dynamic key generation and secure multi-party computation, to address these evolving threats.

RQ6

How can blockchain-based EHR systems ensure secure and fast emergency access without compromising long-term privacy?

Lastly despite, the theoretical frameworks presented, there is a lack of real-world implementation studies that examine the practical challenges of adopting BCT in healthcare, including regulatory hurdles, integration with IT systems and overall cost-effectiveness. The emergency access is facilitated through smart contracts that allow healthcare providers to access critical patient data in emergencies, these contracts are designed to log and verify every access event, ensuring transparency and accountability. After the emergency, the patient can review and revoke any access permissions granted during the incident.

RQ7

What are the practical challenges and real-world implications of implementing blockchain in healthcare, considering regulatory and integration issues?

The proposed solution addresses the real-world challenges of implementing blockchain in healthcare by ensuring security. The practical challenges of implementing blockchain includes integration with existing systems, compliance with varying healthcare regulations, ensuring data privacy and security. By integrating blockchain with symmetric and asymmetric cryptography, the system ensures secure access and data sharing between patients and hospitals. Additionally, the QTSP further enhances security, providing strong trust mechanisms in a healthcare setting. Furthermore, the TSO algorithm optimizes the performance metrics, ensuring efficiency.

Table 7 outlines key challenges and research questions related to blockchain-based EHR systems. It highlights critical areas such as ensuring interoperability across international healthcare regulations, optimizing scalability for large-scale data and implementing fine-grained access control for data sharing. This table also addresses security-performance trade-offs in multi-certificate authority systems, the need to counter emerging threats like quantum computing and the challenge of ensuring secure emergency access. Finally, it emphasizes the practical hurdles involved in the real-world adoption of blockchain in healthcare, including regulatory and integration issues. Each research question aims to provide solutions for improving blockchain EHR systems.

Table 7.

Research challenges and questions.

S. no	Key challenge	Research question (RQ)
1	Interoperability	How can blockchain-based EHR systems ensure seamless interoperability while navigating varying international healthcare regulations?
2	Scalability	How can blockchain systems be optimized to handle large-scale healthcare data in real-time while maintaining security and efficiency?
3	Access control	What mechanisms can be implemented to enable fine-grained access control in blockchain-based EHR systems for selectively data sharing?
4	Security vs. performance	What are the performance-security trade-offs in multi-certificate authority systems in large-scale healthcare environments
5	Emerging threats	How can blockchain-based EHR systems mitigate emerging security threats such as quantum computing and side-channel attacks?
6	Emergency access	How can blockchain-based EHR systems ensure secure and fast emergency access without compromising long-term privacy?
7	Adoption challenges	What are the practical challenges and real-world implications of implementing blockchain in healthcare, considering regulatory and integration issues?

Proposed secure patient login-credential system using BCT

Dataset

The dataset utilized for this study was sourced from Kaggle and is structured to simulate real-world EHR scenarios. It is organized hierarchically, containing 4080 folders grouped into 255 groups, with each group containing 4080 subgroups and a total of 1,29,218 files. The files are represented in JSON format, representing patient data, medical records and related metadata. The dataset contains various attributes such as patient identifiers, record timestamps and medical history entities, which were utilized to test the security features of the proposed secure PLCS.

Figure 2 illustrates the gender distribution of patients in the dataset, showing a nearly equal split between male and female patients, with males around 50.04% and females of around 49.96%. This patient’s gender balance is important for making informed decisions in clinical trials.

Fig. 2.

Gender distribution of patients in the dataset.

Figure 3 shows the trends of male and female patient births from 1920 to 1980. The plot shows fluctuations in both male and female births, with male births increasing at 11 in 1930 and female births increasing at 9 in 1930 and 1935. Over time, both genders show a decline in birth numbers, with male births reaching up to 2 in 1980 and female births dropping to 2. This helps in understanding the data distribution of gender-related births over the years.

Fig. 3.

Patient births over years.

System model

Figure 4 illustrates the interaction between patients, healthcare providers and emergency services using mobile devices connected through the internet. The patient’s data, accessed through mobile devices, is shared with hospital servers, physicians, emergency services and telemedicine platforms, ensuring secure, real-time medical support and biometric authentication.

Fig. 4.

Proposed electronic health record sharing architecture.

According to Fig. 2, we have a hospital server that stores the Digital Medical Information (DMI). The patients are registered with the hospital server as users with login credentials, like user-name, password, and basic information about the patients. In this architecture, we have three types of services: Hospital service, Emergency call service, and Doctor online service. For every new service request, the user has to initiate the login request through the hospital application by using any device. The patient login details are verified with the Medial Information Server and this request will be recorded by the server and the user. The patient will be allowed to use the requested service once the login credentials are verified by the Medical Information Server. Once the requested service is completed, then the login session will be terminated by both the parties.

Basic system setup

This section introduces key definitions that will be used in the proposed algorithm for securing PLCS.

Cryptographic Hash Function Definition: A cryptography hash function is defined as with four parameters with the following conditions:

1. is a set of possible messages.

2. is a finite set of possible digest or authentication messages in a digest message.

3. represents a specific cryptographic key from a finite set of possible keys for hashing.

4. denotes the set of possible has functions generated for the messages based on the selected keys.

5. is a finite set of possible keys .

6. For each , there is a hash function and .

Digital Signature Definition: Digital Signature over Finite Fields is denoted with , and the signature algorithm with , and the verification algorithm with . Each and . These are the signature and verification functions, satisfying the following equation for every message and the corresponding signature :

1

The Signature pair with and is known as a signature message.

Symmetric Encryption Algorithm Definition: The symmetric encryption algorithm is defined with the following parameters and these parameters are computed as follows,

Random bit strings

Encryption function.

Decryption function.

Proposed secure patient login system

This study proposes a secure patient login-credential system using BCT. The proposed system secures and allows patients to maintain login details with forward secrecy on their own records and at the same time allows hospitals to have easy access. Figure 2 illustrates the working principle of the proposed user/patient login credential, and here below detailed.

Figure 5 illustrates the steps involved in the proposed PLCS. Initially, the user submits their login details, which are then processed by the server through respective Application Program Interface (API) calls. The server generates session tokens, and the API creates a session login token. The patient then encrypts the login session query using their secret key, ensuring secure authentication before the server grants access. The entire process ensures secure and authenticated patient login.

Fig. 5.

Steps involved in the proposed secure patient login credential system.

Quantum Secure Trust Protocol (QSTP) in healthcare systems

The increasing dependency on digital healthcare systems demands advanced mechanisms to support security and trust between patients and healthcare providers. The QSTP, integrated into the PLCS, is designed to achieve this by ensuring secure interactions and preserving data integrity in the blockchain-based healthcare information system proposed in this study.

The primary function of the QSTP is the dynamic calculation of a trust score that gauges the reliability of interactions between patients and hospital servers. This score is derived from feedback data exchanged during the transaction, and it plays a pivotal role in ensuring that only trustworthy entities are allowed to access sensitive patient information. The trust score T is calculated as follows:

where: T is the total trust score. is the trust score assigned to the hospital server, based on historical reliability. is the trust score assigned to the patient, based on previous interaction patterns. represents the quality of the current interaction, including data integrity checks and is influenced by the quality of encryption and successful verification process. are weight factors that adjust the importance of each component.

These weights are computed based on prior interactions, ensuring that trust grows with more secure, reliable exchanges. The updated trust score is recalculated after each communication, ensuring that any malicious activity can result in an immediate reduction in trust.

To ensure that patient data is transmitted securely, the QSTP employs quantum-safe encryption protocols. Given the potential threats posed by quantum computing, traditional encryption methods such as RSA or ECC may no longer offer adequate protection. The QSTP utilizes post-quantum encryption schemes, which remain secure against quantum attacks.

Let M represent a message containing patient data and let K be a secret encryption key. The quantum-safe encryption function E is expressed as:

where, C is the ciphertext, M is the plaintext message containing sensitive patient data. K is the secret key, generated using a quantum-safe algorithm such as lattice-based encryption or code-based encryption. E is the encryption function applied to the message.

Once the message M is encrypted, it can only be decrypted by the intended recipient with the correct key K. the decryption process D is expressed as:

where, D is the decryption function that reverses the encryption processes to recover the original message.

To maintain data integrity, the QSTP ensures that the message M cannot be altered during transmission between the patient and the hospital server. A hash function H is applied to the message to generate a digest, H(M), which is often compared by the recipient to verify the integrity of the received message:

If the received digest matches with the expected digest, then the message is considered valid:

Additionally, forward secrecy is achieved by frequently rotating encryption keys, ensuring that even if a key is compromised in the future, past communications cannot be decrypted. Let represent the encryption time at time and , the key at time t + 1. The forward secrecy condition ensures that:

This ensures that no information about the current encryption key can be inferred from past keys.

To further enhance trust, the QSTP calculates feedback-based trust metrics, where the score is influenced by the previous trust score and feedback received after each interaction. Feedback from the patient and hospital server is combined in a feedback function F, which updates the trust score as follows:

where: is the updated trust score. is the previous trust score. is the feedback function that adjusts trust based on the feedback from the patient and hospital. is the scaling factor that determines the impact of feedback on trust.

If feedback indicates a successful transaction, the trust score increases, while negative feedback leads to decrease in trust. This feedback mechanism ensures that the system adapts in real-time to maintain high levels of security and trust.

Incorporating the Tune Swarm Optimization Algorithm (TSOA) into the QSTP helps optimize the selection of encryption algorithms and the adjustment of the trust score calculation. TSOA, an enhanced version of Particle Swarm Optimization (PSO), fine-tunes the parameters of the QSTP to improve performance and optimize system security. In TSOA, the objective is to minimize the error function , which could rep resent the system’s vulnerability or trust-related performance. The basic update equations for TSOA are:

is the velocity of the particle i at time t. is the position of a particle i at time t, representing the optimization parameters. w is the inertia weight controlling the exploration–exploitation balance. and are cognitive and social learning factors, respectively. and are random values between 0 and 1. is the best-known position of particle i. is the global best-known position, representing the optimal solution found by the swarm.

Algorithms

The proposed system performs the following algorithm during the service requesting time, and this will be maintained by the user and server for future verification.

Algorithm 1.

Secure patient login credential system

Algorithm 1 Involves the following steps where the patient initiates a login request through hospital application, which is forwarded to the server for session token creation and credential verification. The server encrypts the approved session token using its public key and sends it to the patient. The patient then encrypts the received token using their secret key and links it with their blockchain. Both the patient and hospital maintain separate blockchains to securely store the session credentials, ensuring authenticated and private login access.

Algorithm 2.

Symmetric encryption scheme for secure communication between hospital and patients

The algorithm 2 outlines a secure block encryption scheme that combines AES and IDEA symmetric algorithms with asymmetric encryption for key exchange. It ensures that sensitive patient data is encrypted using two layers of symmetric encryption while securely exchanging keys using asymmetric cryptography.

Algorithm 3.

Asymmetric encryption scheme for secure communication between hospital and patients

The algorithm 3 uses asymmetric cryptography (RSA and ECC) for secure key exchange and symmetric encryption (AES) for efficient data encryption. The patient generates a symmetric AES key and encrypts it using the hospital’s public RSA key. Optionally, ECC can be used to further secure the key exchange. The AES-encrypted data and RSA-encrypted symmetric key are sent to the hospital, which then decrypts the symmetric key using its private RSA key and the data using the symmetric key. This ensures secure transmission of sensitive patient information while maintaining efficiency.

Algorithm 4.

Tune Swarm optimization algorithm

The algorithm 4 enhances Particle Swarm Optimization (PSO) by dynamically adjusting key parameters like inertia weight (w) and acceleration coefficients (c₁ and c₂) during the optimization process. This tuning balances exploration (searching new areas) and exploitation (refining known areas) as the algorithm progresses. Particles update their positions and velocities based on both personal and global best solutions. Over iterations, TSO fine-tunes the swarm’s behaviour to improve convergence, leading to an optimal solution for the given objective function.

The proposed Secure Patient Login Credential System maintains two different blockchains, one for the patient and the other for the Hospital server and the other one for the patient. Each time a patient initiates a login request, the Hospital server creates a new block containing the session information and securely inserts it into the blockchain, where each new login request is treated as an individual architecture enhances security and accountability by providing separate but interconnected ledgers for both the hospital and the patient. For every new login request, the Hospital server will create a block and insert it within the existing blockchain for the particular patient. The patients are maintaining individual blockchain by connecting the entire login request as an individual block. Figure 3 depicts the blockchain model for the login page in the proposed scheme.

Figure 6 illustrates the process of generating an individual block from a patient login request in the blockchain. The patient enters their credentials (username and password) in the login interface. A query is then executed to retrieve session data, including the username, project name and login time from the session history. This data is formatted into a block, which is then added to the patient’s personal blockchain. Each login request results in the creation of a new block, securely linking it to the existing blockchain to maintain a detailed record of the patient’s login activities.

Fig. 6.

Individual block generation from login request in a patient blockchain.

Security analysis

Security analysis is essential for evaluating the strength of any cryptographic system, ensuring that it can withstand various types of attacks while maintaining the integrity, confidentiality and availability of sensitive data. In the context of blockchain-based systems, security considerations include measures such as availability, access control, forward secrecy and data integrity. These ensure that data is securely stored and transmitted and that unauthorized access or tampering is prevented. Additionally, adversarial security models, such as indistinguishability and digital signature analysis are used to evaluate how well the system can defend against sophisticated attacks, including those by malicious adversaries seeking to compromise system security.

In general, security analysis for BCT has been measured with basic assumptions of Information security assurance, Availability, Access Control, Maintaining Forward Secrecy and Maintaining Data Integrity. Availability refers to the fact that requested information is available and made accessible only to authorized users. It provides an assurance that any information system and data are accessible by the authorized users whenever it’s required. In the proposed scheme, at any point of time, the patient and the Hospital Server can verify the login details of the individual session. Access control is a security practice that regulates who or what can perform over the resources. In the proposed scheme, the patient or a medical professional may access the resource from the Hospital Server when the Login Credentials are verified. The patient or the Hospital Server can only verify with the proper key. The forward secrecy or perfect forward secrecy is a security measure used to reduce the risk level of being compromised by the attacker with a minimum level of key information. In the proposed scheme, the public attacker or an inside attacker could not make any prediction about the Hospital Server Secret key and the patient private key. This assumption will maintain the forward secrecy for the proposed scheme. Data integrity is one of the main features for any information credential system to provide assurance of the accuracy and consistency for data over its entire data transmission. In the proposed patient login credential information system, we have used Secure Hash Algorithm along with the original login session request. The Data integrity of the individual login request will be verified with the hash code comparison. Secure Hash Algorithm to verify the integrity of the login request, ensuring that no tampering occurs during data transmission. These measures collectively form a robust security framework for the proposed system.

This section discusses the adversarial security analysis model for the proposed framework for supply chain mechanism based on blockchain technique.

Adversarial security analysis

This section discusses the adversarial security analysis model for the proposed framework for the supply chain mechanism based on blockchain techniques.

Adversary model for indistinguishability

An adversarial model for conducting mathematical experiment to identify the indistinguishability

1. An adversary outputs a pair of Messages

2. A key is generated by using Eq. (1) through Gen and a uniform bit sequence of is chosen. The corresponding cipher text is computed and given to . Here c is a challenge cipher text

3. Then has to produce an output of

4. The output of the success experiment is defined as 1 if , otherwise

   

If is 1 then

Assume the scenario of adversary gets two independent encrypted messages using the same encryption function. The adversary has the same a priori partial information or even partial control.

Theorem 1

Assume that an adversary running over a Private key encryption scheme has indistinguishable encryption under a selected plain text attack if for all probabilistic polynomial time adversaries has exists a negligible function such that.

2

Here the probability calculated based on the assumption taken over the random coin tossing mode by adversary , as well as the random coin toss.

Adversary model for digital signature

Difference Lemma

Let E₁, E₂, F be events defined in some probability distribution and assume that . Here the events E₁ and E₂ are defined as capture of independent encrypted message and the F is a success of the event

3

Here represents the probability of event occurrence the following Theorem 1 states the success probability of events.

Theorem 2

Assume that an adversary running over a probabilistic polynomial time t against the digital signature schemes based on the asymmetric cryptography algorithms. The proposed Blockchain technique is provably secure based on the above mention adversary model and the breaking probability of breaking the unknown secrete key success factor is as follows:

4

Here, (a) : advantage of for solving the Digital Signature, (b) : the total number of hash queries requested by the adversary node, (c) the size of the hash function.

This study included the use of dataset containing directories in JSON format to stimulate real-world electronic health records. The dataset structure allowed for efficient organization and testing of hierarchical data, representing typical EHR scenarios. The various symmetric as well as asymmetric encryption algorithms such as AES-128, AES-192, AES-256, IDEA, RSA-128, RSA-256, ECC-64 and ECC-128 were tested to determine their performance in terms of encryption and decryption time and computational efficiency. Among these, IDEA emerged as the most efficient, achieving encryption in 58 ms and decryption in 278 ms for a 512-bit block. THE QSTP were integrated to enhance trust and prevent potential security threats such as man-in-the-middle attacks, providing an additional layer of protection. Optimization of performance metrics was achieved using the TSO algorithm, which minimized computational overhead while maintaining high levels of security.

Results and performance analysis

The Hospital server-side scripting has been developed and the patient database is also maintained. The communication between the patient and the Hospital server is established by using simple TCP/IP protocol. The proposed scheme has been divided into four modules, like patient login page design, hospital server-side design, Hospital Server Blockchain maintenance, and patient side Blockchain maintenance. The Hospital Server manages the patient login request Blockchain for every request received from the individual patient. The Hospital Server side Blockchain maintenance has two parts:

1. The first part is to create a Block from the received patient login session request

2. The second part is to link the newly created login session request with the existing Blockchain.

The patients are maintaining blockchain for the login session request by connecting individual login request blocks. The blockchain maintained by the patient is known as Login request Blockchain (LB), while the Hospital Server is known as Patient Request Blockchain (PB). The performance analysis for the proposed method is based on the time taken for individual block generation by the patient and the Hospital Server. The Hospital Server-side block has been encrypted by using Symmetric Encryption with Secret Key. The patient side block has been encrypted by using Asymmetric Encryption with a patient public key. We have used the following two symmetric encryption algorithms, one is Advanced Encryption Standard and the other one is International Data Encryption Algorithm and two Asymmetric Encryption algorithms (RSA and ECC). We have considered the following parameters for the proposed scheme performance analysis, Block size and Key size.

To further enhance the security and performance of the proposed scheme, QSTP is integrated to provide strong authentication and ensure PLCS. Additionally, TSO algorithm is applied to optimize the block generation process, improving the efficiency of both the Hospital Server and patient-side encryption. This leads to optimized performance in terms of encryption time, decryption time, and overall system throughput.

The performance analysis for the proposed scheme considers parameters such as block size and key size, with the additional performance improvement contributed by QSTP and TSO optimizing the overall encryption and blockchain operations.

The various performance metrics used in this study are:

Block size (bits)

The size of the data block, in bits used for encryption. It impacts encryption and decryption speed.

Average patient time (ms)

The average time taken by the encryption algorithm to process data on the patient’s device side in milliseconds.

Average hospital time (ms)

The average time taken by the encryption algorithm to process data on the hospital server side in milliseconds.

Standard deviation (ms)

The standard deviation of the processing times, showing variability in encryption performance.

Throughput (TPS)

The number of transactions processed per second (TPS), which indicates the algorithm’s efficiency in handling transactions.

Efficiency ratio

The ratio of an algorithm’s efficiency relative to a baseline standard (usually 1.00 for comparative purpose).

Encryption time

The time taken by the algorithm to encrypt the data for a given block size, measured in milliseconds.

Decryption time

The time taken by the algorithm to decrypt the data for a given block size, measured in milliseconds.

Latency

The delay between when the data is sent and when it is received and decrypted, calculated as the difference between decryption and encryption times.

Table 8 presents performance metrics for various encryption algorithms, including AES-128, AES-192, AES-256, IDEA, RSA-128, RSA-256, ECC-64, ECC-128. It compares metrics such as Average Patient Time, Average Hospital Time (in milliseconds), Standard Deviation (in milliseconds), Throughput (Transactions per second), Efficiency Ratio. Notably, patient and hospital times are identical for all algorithms, suggesting similar performance for both sides. Standard Deviation values highlight variability in performance, with ECC-64 having the lowest. Throughput varies significantly, with IDEA offering the highest TPS, while efficiency remains consistent across all algorithms at 1.00, indicating optimal use of resources.

Table 8.

Average performance metrics for the proposed secure patient login credential system.

Avg performance metrics	Patient side (in ms)				Hospital server side (in ms)
	AES-128	AES-192	AES-256	IDEA	RSA-128	RSA-256	ECC-64	ECC-128
Avg patient time (ms)	248	297	345.55	82.33	354.67	431	367.33	440.67
Avg hospital time (ms)	248	297	345.55	82.33	354.67	431	367.33	440.67
Standard deviation (ms)	54.75	57.85	70.17	19.61	51.27	75.72	103.81	101.29
Throughput (TPS)	4.03	3.37	2.90	12.14	2.83	2.32	2.72	2.27
Efficiency ratio	1.00	1.00	1.00	1.00	1.00	1.00	1.00	1.00

The impact of QSTP and TSO is in optimizing performance metrics as shown in Table 8. Execution time performance is mainly improved by reducing variance and improving consistency. This is achieved by optimizing the server-side processing, so that the operation is more efficient. It enables a major reducing in latency at the patient side coupled with increased server-side processing efficiency. Additionally, QSTP achieves high efficiency in cryptographic operations and the efficiency ratio remains at 1.0 across all algorithms. Similarly, TSO plays a main role in enhancing the throughput. TSO provides intelligent task scheduling to increase transactions per second (TPS), especially in algorithms like IDEA. TSO also has led to reduction in latency in patient-side processing, making tasks faster to perform. An overall improvement in system throughput is observed along with improved performance metrics for all algorithms.

Figure 7 visually compares the performance of various encryption algorithms across key metrics. The Average Patient Time (ms) and Average Hospital Time (ms) show that RSA-256 and ECC-128 have higher processing time, while IDEA performs the fastest. The Standard Deviation plot illustrates the consistency of processing times, with ECC-64 and ECC-128 showing the latest variability, while RSA-256 and IDEA exhibit greater fluctuations. In terms of throughput (TPS), IDEA leads, offering the highest transactions per second, while other algorithms show lower throughput. Lastly, the Efficiency Ratio remains consistently at 1.00 across all algorithms, indicating that each one operates at optimal efficiency. These diagrams offer a comprehensive view of the trade-offs between speed, consistency, throughput, and efficiency in different encryption algorithms.

Fig. 7.

(a) Average patient time (b) Average hospital time (c) Standard deviation (d) throughput (e) efficiency comparison of various encryption algorithms.

Table 9 presents the performance analysis for a proposed PLCS, focusing on the patient side and hospital side processing time in milliseconds for various encryption algorithms (AES-128, AES-256, IDEA, RSA-128, RSA-256, ECC-64, ECC-128) across three block sizes (512, 768 and 1028 bits). As the block size increases, the processing time for both patient and hospital server side generally increases, reflecting the higher computational demands. AES-128 has the lowest processing time, while ECC-128 and RSA-256 exhibit longer processing time, particularly at higher block sizes. IDEA offers the lowest processing time for the patient side, while RSA and ECC show higher latencies.

Table 9.

Performance analysis for the proposed secure patient login credential system.

Block size (Bits)	Patient side (in ms)				Hospital server side (in ms)
	AES-128	AES-192	AES-256	IDEA	RSA-128	RSA-256	ECC-64	ECC-128
512	178	198	268	58	278	358	268	318
768	255	311	358	85	358	422	338	486
1028	311	382	410	104	428	513	496	518

The proposed method has been tested with block sizes of 512 bits, 768 bits, and 1028 bits. Figures 4 and 5 show the result analysis for the proposed secure electronic health record sharing system. These figures explain about the use of different cryptographic operations with different key sizes for patient record and hospital servers.

Figure 8 shows that the AES algorithm consistently outperforms IDEA. Among the AES algorithms, AES-128 tends to have the best performance, especially at smaller block sizes.

Fig. 8.

Performance analysis for the proposed EHRS (Symmetric Encryption).

Figure 9 shows that while RSA algorithms outperforms ECC algorithms, especially at smaller block sizes, the overall performance differences are less compared to symmetric encryption.

Fig. 9.

Performance analysis for the proposed EHRS (Asymmetric Encryption).

Table 10 analyses the performance of different encryption algorithms (AES, IDEA, RSA, ECC) across three block sizes (512, 768, 1028 bits). As the block size increases, both encryption and decryption times generally rise for all algorithms. AES-128 shows a significant increase in encryption time from 178 ms at 512 bits to 311 ms at 1028 bits. Decryption time follows a similar trend, with RSA and IDEA exhibiting larger increases compared to AES. Latency, defined as the difference between encryption and decryption times, varies significantly for a few algorithms. Overall, larger block sizes result in increased processing time, but the latency is notably higher for algorithms like IDEA, highlighting inefficiencies in managing large data blocks.

Table 10.

Block size-based encryption, decryption and latency time for the proposed secure patient login credential system.

Block size (bits)	Algorithm	Encryption time (ms)	Decryption time (ms)	Latency
512	AES-128	178	198	20
	AES-192	198	268	70
	AES-256	268	268	0
	IDEA	58	278	220
	RSA-128	278	358	80
	RSA-256	358	422	64
	ECC-64	268	268	0
	ECC-128	318	318	0
768	AES-128	255	311	56
	AES-192	311	358	47
	AES-256	358	410	52
	IDEA	85	358	273
	RSA-128	358	422	64
	RSA-256	422	486	64
	ECC-64	338	338	0
	ECC-128	486	486	0
1028	AES-128	311	382	71
	AES-192	382	410	28
	AES-256	410	428	18
	IDEA	104	428	324
	RSA-128	428	513	85
	RSA-256	513	518	5
	ECC-64	496	496	0
	ECC-128	518	518	0

Figure 10 illustrates the performance of various algorithms in terms of encryption, decryption and latency for a 512 bits block size. The encryption chart shows that IDEA has the fastest encryption (58 ms), while RSA-256 takes the longest (358 ms). Similarly, the decryption time chart indicates that IDEA is the fastest at 278 ms, with RSA-256 again being the slowest at 422 ms. Lastly the Latency chart reveals that IDEA and ECC-64 have the highest latencies, at 220 ms and 80 ms respectively, while AES-256 and ECC-64 experience no latency, showing efficient performance in processing time.

Fig. 10.

Performance analysis of encryption, decryption and latency for a 512 bit block size.

Figure 11 illustrates the performance metrics for different encryption algorithms when using a 768 bit block size. The first chart shows encryption times, with algorithms like IDEA being significantly faster (85 ms) compared to RSA-256 and ECC-128, which takes the longest (422 ms and 486 ms respectively). The second chart presents decryption times, where similar patterns are observed, with IDEA and ECC-64 showing the fastest performance. The third chart displays latency, highlighting that ECC-64 and ECC-128 have zero latency, while other algorithms exhibit higher latencies, particularly IDEA with 273 ms, suggesting that the efficiency of algorithms can vary significantly depending upon their design and block size.

Fig. 11.

Performance analysis of encryption, decryption and latency for a 768 bit block size.

Figure 12 displays the performance metrics of various encryption algorithms for a 1028 bit block size. The Encryption Time chart reveals that IDEA is the fastest algorithm, taking only 104 ms, while RSA-256 is the slowest at 513 ms. The Decryption Time chart shows a similar trend, with IDEA and RSA-256 continuing to be the fastest and slowest. The Latency Chart highlights that ECC-64 and ECC-128 experience no latency (0 ms), whereas IDEA and RSA-128 exhibit higher latency, particularly IDEA with latency of 324 ms. This chart illustrates the trade-offs between speed and latency for different algorithms.

Fig. 12.

Performance analysis of encryption, decryption and latency for a 1028 bit block size.

QSTP and TSO has major contributions in encryption time, decryption time and latency. The latency is significantly reduced by the ability of TSO to schedule tasks with priority, so that the processes are executed in logical order or execution sequence which results in minimum delay. Finally, the QTSP provides optimized resource usage with a particular focus on asymmetric cryptography. QTSP ensures secure, faster communication over AES-192, RSA-128 and RSA-256 by speeding the process of both encryption and decryption. In AES-256, QSTP ensures efficiency as resources are used efficiently. QSTP improves throughput and consistency in ECC-64 and there is no latency in ECC-128 because the tasks are successfully distributed efficiently. QSTP and TSO together achieve both better efficiency and resource usage as well as better latency and optimal task scheduling for faster and more efficient cryptographic operations.

Overall, QSTP and TSO work together to optimize performance metrics. QSTP reduces execution time variance, improves consistency and enhances server-side efficiency, leading to reduced patient-side latency and high cryptographic latency. It also ensures efficient resource usage, particularly in asymmetric cryptography and improves throughput. Together, QSTP and TSO improve efficiency, reduce latency and optimize task scheduling for faster cryptographic operations.

The proposed method showcases an improvement over approach in terms of encryption and decryption efficiency and therefore is the strongest solution for blockchain based EHRS systems. The IDEA algorithm achieves encryption in 58 ms and decryption in 278 ms for a 512-bit block. The efficiency of the proposed method makes it desirable for real time data and secure patient record management. The results show that if symmetric and asymmetric cryptographic algorithms are combined with the QSTP which provide confidentiality with minimum additional calculation overhead. Beyond these modern security challenges, these features offer a solution for scalability for implementations into high throughput healthcare environments. Finally, the proposed system provides both a practical and innovative solution to the problem of securing EHRS systems by ensuring enhanced encryption performance and strong trust and security protocols.

Conclusion

The Blockchain is a technical support system for maintaining a list of records and each record will be converted into blocks that are connected based on cryptography algorithms. In this study, a BCT based patient record maintenance patient login credential for future verification with quantum security is proposed. The Medical Information System (MIS) is used with patients having individual registered login. The Hospital Server will maintain all login requests received from the patient in the encrypted format with server secret key. The patient will maintain the blockchain of connected blocks in the encrypted individual login request with the patient public key. The proposed method is more secure by using the QSTP and under the basic security assumption of the information system. The performance of the proposed scheme is measured by applying different symmetric and asymmetric encryption algorithms across various performance metrics. The proposed scheme demonstrated enhanced security and performance, with IDEA achieving encryption in 58 ms and decryption in 278 ms for a 512-bit block, offering the best performance in terms of encryption speed. Together, QSTP and TSO improve efficiency, reduce latency and optimize task scheduling for faster cryptographic operations, further enhancing the performance of the system.

Future works

The future works for this proposed secure PLCS could be enhanced by exploring hybrid cryptographic approaches, combining symmetric and asymmetric cryptography to achieve better efficiency while maintaining strong security. As quantum computing evolves, integrating post-quantum cryptographic algorithms to future-proof the system against potential vulnerabilities could also be crucial. Additionally, also advanced task-scheduling techniques such as ML-based predictive scheduling, may improve system efficiency by dynamically adjusting to workloads. Finally, integrating ML-based intrusion detection systems could help identify and manage malicious activities, further strengthening the system’s defense mechanisms.

Abbreviations

EHRS

Electronic health records sharing

PLCS

Patient login credential system

OCR

Office for civil rights

RSA

Rivest Shamir Adleman

RHMS

Remote healthcare monitoring systems

HDG

Healthcare data gateway

ICS

Indicator-centric schema

MPC

Multi-party computing

PSO

Practical swarm optimization

RODS

Root exploit detection system

RTT

Round trip time

TMIS

Telecare medicine information system

CA

Certificate authority

DMI

Digital medical information

API

Application program interface

LB

Login request blockchain

PB

Patient request blockchain

MIS

Medical information system

ECC

Elliptic curve cryptography

IDEA

Simplified international data encryption algorithm

QSTP

Quantum secure trust protocol

TSO

Tune swarm optimization

QoS

Quality of service

IoV

Internet of vehicles

Author contributions

All authors contributed equally to this work. All authors reviewed the manuscript.

Data availability

The datasets used and/or analysed during the current study are available from the corresponding author on request.

Declarations

Competing interests

The authors declare no competing interests.