A hybrid ECC-AES encryption framework for secure and efficient cloud-based data protection

Abstract

In digital healthcare, ensuring the privacy and security of sensitive mental health data remains a critical challenge. This paper introduces SymECCipher, a novel hybrid encryption framework that integrates Elliptic Curve Cryptography (ECC) for key exchange and the Advanced Encryption Standard (AES) for data encryption. Unlike conventional encryption models such as RSA-2048 (15ms encryption, 12ms decryption) and AES-256 (6ms encryption, 5ms decryption), SymECCipher achieves significantly lower encryption time (5ms) and decryption time (4ms) while maintaining a high throughput of 1000 Mbps, ensuring secure and efficient data encryption. The proposed methodology is designed to handle secure cloud-based healthcare applications, implemented in the form of User, Doctor, and Cloud Modules to handle patient records and treatment recommendations. This model addresses existing encryption inefficiencies by balancing high-speed cryptographic operations with robust data security, making it suitable for real-time medical data storage and retrieval. Statistical analysis confirms its superior performance, demonstrating a 25–40% reduction in computational overhead compared to traditional cryptosystems. Furthermore, this work outlines the integration of machine learning (ML)-based depression detection within the encrypted framework, ensuring privacy-preserving data analysis. The results highlight SymECCipher’s potential for large-scale healthcare deployment, offering a scalable, quantum-resistant, and blockchain-compatible encryption framework. Future research can be extended by integrating lattice-based cryptography, to enhance quantum security and extending SymECCipher’s applicability to wearable health devices and telemedicine platforms.

Introduction

In current scenario, Depression is a major health crisis in workplaces that leads to reduced productivity, diminished workplace spirit and deteriorated employee health conditions. Mental health problems have increased among professionals due to complicated job requirements along with continuous working hours with mounting stress levels. Those Professionals avoid contacting Psychiatric Medicos because of the society’s negative views about mental health issues. The need for early intervention coupled with privacy protection plays a vital factor to support those people who are affected by depression. The development of ML-based depression detection models is required for identifying early mental distress by processing both behavioral and clinical data through digital healthcare solutions^1,2. These models utilize cloud-based infrastructure to handle, process and analyze medical information. The disclosure of such sensitive mental health information, poses significant problems of privacy concern, data security and unauthorized access. Digital healthcare systems face trust issues when patients’ health information lacks appropriate data protection that leads to violation of patient confidentiality and misuse of data.

Depression among working professionals is not just a personal health issue; it is a complex interplay of environmental, psychological, and biological factors. The workplace itself can be a source of significant stress, with factors such as job insecurity, workplace bullying, and lack of support playing a pivotal role. On a psychological level, the constant strive for perfectionism, fear of failure, and the inability to meet exceedingly high expectations can contribute to feelings of inadequacy and hopelessness, hallmark symptoms of depression^3–5. Biologically, genetic predisposition, along with neurochemical imbalances, can make certain individuals more vulnerable to developing depression under stress. The impact of depression on working professionals is profound and multifaceted. On an individual level, it can lead to a decrease in productivity, creativity, and the ability to concentrate, significantly impairing job performance. The personal toll is equally severe, with depression affecting relationships, physical health, and overall quality of life. On a broader scale, the economic implications are substantial, with increased absenteeism, presenteeism (working while sick), and healthcare costs contributing to the financial burden on businesses and economies⁶.

Despite its prevalence and impact, depression in the workplace often remains unrecognized and under-treated. This is partly due to the stigma associated with mental health issues, which discourages individuals from seeking help. Additionally, lack of awareness and understanding among employers and colleagues about depression can lead to inadequate support structures and resources for affected people^7,8. Addressing depression among working professionals requires a multifaceted approach that encompasses awareness, prevention, and intervention strategies. When it comes to mental health, employers have a key role to play in fostering a welcoming workplace. Some examples of this include creating a welcoming environment where people feel safe talking about mental health, expanding access to mental health services, and enacting policies that encourage a healthy work-life balance. Figure 1 depicts the symptoms of depression. Early identification and intervention, along with personalized treatment plans that may include therapy, medication, and lifestyle changes that are critical in helping individuals to manage depression and regain their well-being^9,10.

Fig. 1.

Depression symptoms.

The importance of early detection in the realm of healthcare is of paramount importance. It serves as a crucial bridge between health maintenance and disease prevention, ultimately shaping the trajectory of an individual’s life. Early detection encompasses the identification of a disease or condition at an initial stage, often before symptoms become apparent. This proactive approach has transformative implications for treatment outcomes, quality of life, and healthcare costs, making it a cornerstone of modern medical practice^11,12. In the context of chronic and life-threatening diseases such as cancer, cardiovascular diseases and diabetes, early detection plays a pivotal role for achieving manageable condition and to get rid of life-altering diagnosis. Diseases identified at an early stage typically offer a wider array of treatment options, often less invasive and more effective than those available for advanced stages. For instance, early-stage cancers may be treatable with surgery or localized therapies, offering patients a higher chance of survival and reduced risk of recurrence. Conversely, late detection often necessitates more aggressive treatments such as extensive surgeries, chemotherapy or radiation which can significantly impact quality of life and survival rates¹³.

Beyond individual health benefits, early detection plays a pivotal role in controlling healthcare costs. Diseases caught early are usually less expensive to treat, reducing the financial strain on both patients and healthcare systems. In contrast, advanced diseases require more intensive and prolonged treatment, leading to higher medical expenses and often needs long-term care¹⁴. By investing in early detection measures, societies can alleviate the economic burden of diseases, freeing up resources for preventive care and health education initiatives. The psychological and social implications of early detection further underscore its importance. Early diagnosis can significantly reduce the emotional and mental stress associated with advanced diseases. Knowing that a condition has been caught early and is treatable can provide patients and their families with hope and a positive outlook, which is crucial for mental well-being¹⁵. Additionally, early detection can prevent the cascading effects of serious illnesses on family dynamics, employment and social roles, preserving the fabric of societal well-being. Implementing effective early detection strategies requires a multifaceted approach including public health campaigns, accessible screening programs, education on risk factors and identifying early symptoms. Public health initiatives can raise awareness about the importance of regular check-ups and screenings, encouraging individuals to take proactive steps toward their health. Accessible screening programs ensure that all segments of the population, regardless of socioeconomic status, have the opportunity to benefit from early detection. Education on recognizing early symptoms and understanding risk factors empowers individuals to seek medical advice promptly, facilitating early diagnosis¹⁶.

In this digital age, storage of confidential data in cloud has become ubiquitous, driven by convenience, flexibility and scalability that are offered by cloud services. However, this transition has also introduced complex challenges related to security, privacy and compliance, necessitating stringent measures to protect sensitive information from unauthorized access, breaches and other cyber threats. As organizations and individuals increasingly rely on cloud platforms for storing confidential data, understanding and implementing robust security measures becomes paramount^17,18. The cornerstone of cloud data security is encryption, a powerful tool that ensures data confidentiality by converting information into a coded format that is unreadable without the correct decryption key. Encryption should be applied not only to data at rest but also to data in transit, protecting it from potential interception during transmission. AESs, such as AES-256, offer robust protection, but their effectiveness hinges on proper key management practices. Thus, organizations must adopt secure key management protocols, ensuring that encryption keys are stored separately from the data they protect and are accessible only to authorized personnel. The installation of access control systems is another important measure to ensure that people can only have access to the data they need to do their jobs. This sets up limit to access the sensitive information according to user roles following the concept of least privilege. Authentication and authorization systems, like multi-factor authentication (MFA), offer another degree of protection to access restrictions by necessitating two or more verification factors, greatly increasing the difficulty of illegal access^{19 - 21}.

Research gap and problem statement

The RSA-2048 and ECC-256 encryption models along with AES-256 provide varied levels of combined security and high performance. Despite recent advancements, Cloud-based healthcare applications cannot achieve cryptographic strength together with computational efficiency through existing encryption models.Although RSA-2048 has high security level, it produces processing delays that affect system performance ^{22, 23}. The AES-256 encryption system when used as standalone encryption technique becomes more susceptible to attacks due to its inferior mechanisms for key transfer in distributed systems. Medical data access in real-time encounters difficulties in traditional encryption methods as they cause computational delays, have excessive overhead and efficiency problems that acts as a bottleneck for Cloud based healthcare applications. SymECCipher represents our proposed encryption model that combines ECC for secure key exchange functions with AES for effective data encryption tasks²⁴. The SymECCipher exhibits high speed encryption and decryption with increased throughput at minimum computational cost, that best suits Cloud based healthcare systems. Through its incorporation in User Doctor Cloud Modules, the proposed system provides complete security coverage with rapid processing cycles ensuring protection for real-time depression detection platforms.

The rise of cloud-based system data management lead to a vital security challenge that necessitates the importance of data confidentiality, encryption and system integrity with high efficacy. RSA and AES constitute widely accepted methods by the cloud providers to encrypt their data for storage and transmission ²⁵. Large key sizes in RSA-based encryption technique have high computational costs whereas pure AES-based encryption fails to provide secure key exchange in real-time cloud applications that affects its efficacy. Research in cryptographic field aims at developing hybrid models that combines the advantages of asymmetric encryption with symmetric encryption techniques to enhance the security. This mandates development of a performance-efficient scalable framework for encryption. SymECCipher represents a hybrid encryption framework designed to utilize ECC for protected key transfer and AES-256 for speed-enhanced encryption, mitigating the performance-security trade-offs in cloud services ^{26, 27}. The cryptographic power of ECC surpasses RSA for each bit that enables secure keys to be smaller, thus lowering computational workloads. The AES-256 algorithm performs symmetric bulk data encryption at high speed that makes it excellent for cloud environment security. SymECCipher allows organizations to maintain top security while reducing the burden on computer resources and scaling up to fulfill requirements of massive cloud applications.

Contributions of the work

Research studies have introduced various hybrid encryption models that suffers from excessive computation costs, inadequate key transfer methods and inability to scale in cloud systems. RSA-AES hybrid encryption models provide more security although it introduces processing delay due to increased computational complexity ²⁸. The encryption method with ECC keys provides secure key exchange but fails to establish an efficient process to encrypt bulk data at high speeds that makes it inappropriate for real time applications. SymECCipher differs from these models by:

1. Introducing a lightweight key exchange mechanism – SymECCipher that implements ECC instead of RSA to establish secure keys through faster and enhanced encryption setup processes.

2. Optimizing encryption speed without compromising security – The SymECCipher system achieves both high cryptographic power and faster encryption and decryption through its AES-256 integration with ECC which surpasses RSA-based and ECC stand alone models.

3. Enhancing cloud scalability – The SymECCipher encryption solution caters specifically to secure cloud-based security while providing fast data flow speeds and quick encryption times with decreased computational requirements.

4. Ensuring privacy-preserving AI-driven encryption – SymECCipher provides extended functionality by protecting ML-generated analytics which ensures privacy preservation for assessments conducted through AI systems.

The remainder of the paper is structured as follows: Sect. 2 conducts a comprehensive literature review, examining previous studies and recent developments in healthcare encryption. Section 3 presents the SymECCipher Model, an innovative encryption architecture that combines ECC and AES to enhance data security. Section 4 presents the experimental data, analyzing and discussing the model’s effectiveness in protecting sensitive health information in detail. Finally, Sect. 5 offers a brief summary of the paper’s major results and provides recommendations for further research into privacy-preserving technology for digital healthcare.

Related work

Depressive disorder was identified as a mental health condition that frequently had a negative impact on an individual’s life. Though it could strike anybody at any time, students were found to be at a heightened risk for experiencing it as they progressed through their academic careers. Mobile connectivity became the new standard throughout the pandemic and beyond in 2020 when the COVID-19 disease drove people into quarantine and forced them to be constantly linked with mobile devices, causing huge issues in people’s lives ²⁹. The trend toward blended learning at colleges made this problem much worse for students. Under these conditions, it became critical to track students’ mental health in relation to their access to mobile devices and the Internet. The mental health of students at an International University of Bangladesh became the subject of a study, which aimed to examine the effects of their heavy usage of mobile devices on their daily lives. The data was collected from 444 people using a cross-sectional survey approach. After the exploratory data analysis, a system to automatically identify and classify depression from mild to severe was developed using eight ML algorithms³⁰. The method achieved an accuracy boost of around 3 to 5% when automated detection was combined with feature selection techniques like Recursive Feature Elimination (RFE) and the Chi-square test. Similarly, using a feature extraction approach like Principal Component Analysis (PCA) could boost accuracy by 5 to 15%. When it came to accuracy, F1-score, and ROC-AUC, the SparsePCA feature extraction method and the CatBoost classifier emerged as the clear winners. Nearly half of the individuals (44% to be exact) showed no indications of depression when the data was analyzed. Pupils exhibited mild to moderate depression in around 25% of cases, and severe to intense depression in 31%. Findings pointed to the efficacy of ML models in multi-stage depression diagnosis in students when combined with an appropriate feature engineering strategy. This model had the potential to be applied in several fields to identify early indicators of depression in individuals.

One common mental disorder that required patients to self-report was depression. Regrettably, even in the early phases of depression, 70% of people did not seek medical assistance. Social media evolved into a powerful resource for the detection of mental health problems due to the proliferation of users who posted about their everyday lives and feelings. The goal of the paper was to analyze Twitter tweets for indicators of depression using a number of hybrid ML models for sentiment analysis. The feature extraction and classifiers in the study were based on supervised and unsupervised methods, respectively. A variety of performance indicators were used to assess the suggested models on datasets of public mood tweets. Symptoms of depression in text data could be detected using the suggested four modules³¹. The feature extraction in Module 1 was done using BERT, and then the classification was done using an artificial neural network. The second module began with preprocessing the data, then moved on to feature extraction using the TF-IDF approach and finally used logistic regression for classification. Module 3 employed a linear support vector machine for classification, however, data pre-processing and the TF-IDF feature extraction approach were also included. Module 4 concluded with a feature extraction approach using a tiny library and a classification algorithm using a linear support vector machine, implemented in the Spacy package. Among the four models tested, model 4’s accuracy was the lowest at 0.868, while models 2 and 3 were quite close at 0.994 and 0.992, respectively. A precision of 0.99 was attained using Model 1.

Depression was recognized as a serious mental illness that had been on the rise across the globe. With the massive growth of social media and internet users, the timely detection of emotional reactions became more important than ever. Over 300 million individuals were affected by the devastating effects of mental illness, which also explained why studies on this topic were so prevalent. An early depression detection system became crucial for reducing the number of afflicted persons; with the availability of relevant sample data and the developments in ML, this became possible³². This paper introduced a practical model that could help protect people from mental disorders and thoughts of suicide. The proposed model utilized a Recurrent Neural Network (RNN) with two dense layers to predict episodes of depression from text, in addition to the Long-Short Term Memory (LSTM) model with two hidden layers and a large bias. The purpose of training RNN on textual data was to enable its detection of sorrow by means of language, semantics, and written content. The proposed approach reduced the false positive rate and achieved a 99.0% accuracy rate, surpassing frequency-based deep learning models. Additionally, the proposed model was compared to the mean accuracy of other models. This comparison revealed the effectiveness of RNN and LSTM in detecting signs of depression in the emotions of social media users at an early stage.

Both individuals and society as a whole suffered greatly from depression. The majority of depressive illness diagnoses and severity ratings were based on self-reporting. Unfortunately, individuals with depression were not always easy to identify since they often felt ashamed to talk about their struggles with mental health. Additionally, there was a certain amount of cases that were likely to be unreported due to the time-consuming nature of self-reporting. The automatic detection of sad persons using non-traditional means, including social media, therefore saw a dramatic increase in attention. Social media, a vital everyday communication network, connected millions of individuals, some of whom may have been depressed. Additionally, it provided a means of locating patients who may have been affected by this illness. The purpose of this work is to examine deep-learning methods for depression risk prediction utilizing data from Chinese microblogs in an effort to identify more depressed individuals and track their mental health statuses³³. The purpose of this study is to determine whether using information from Chinese microblogs and state-of-the-art deep-learning algorithms may be helpful in predicting the risk of depression. To forecast the probability of depression, researchers investigated deep-learning methods that made use of pretrained language representation models, including XLNET, ROBERTa, and BERT as well as bidirectional encoder representations from transformers. A manually annotated benchmark data set has been used to compare these strategies against preceding ones. On a scale from 0 to 3, severe depression risk have been represented by 3, mild depression risk by 2, and no tendency at all by 0, respectively. Weibo, a Chinese microblog, was the source of the dataset. Pretrained language representation models were used to assess various deep-learning approaches in two settings: the first was a publicly available model, and the second was a language representation model pretrained using a large-scale unlabeled dataset derived from Weibo. F1 scores, recall, and precision were utilized to assess performance.

Even while depression was known to increase the risk of suicide, very little information is availble about the exact mechanisms that connected depression to this risk. Weibo language features were considered a key indicator of suicidal ideation or behavior, prompting an investigation into this possibility. Members of the Weibo depression super-topic community (DSTC) were randomly selected from 3,196 users to serve as the depression group, while 5,167 active users were utilized as the control group³⁴. The total number of posts analyzed amounted to 487,251. To calculate the effect of depression on suicide risk, the DML technique was employed. Tree interpreters and SHapley Additive ExPlanations (SHAP) values were then used to deduce the relationships between the two variables. It was found that individuals with depression had an 18% greater risk of suicide compared to those without the disorder. Among all the language features, Exclusive had the highest SHAP value (M = 0.029). Additionally, the three-depth tree interpretation revealed that increased use of Exclusive and Health identified a grouping of depressed individuals with a high risk of suicide. Directed ML analysis uncovered depression-suicide risk pathways. The visualized tree interpretation suggested a positive association between cognitive complexity and physical suffering and the likelihood of suicide in populations affected by depression. Based on these results, researchers became more motivated than ever to understand how depression increases the risk of suicide. Prospective studies on depression therapy and suicide prevention could benefit from a better understanding of the underlying causes.

Enterprises worldwide moved their infrastructure to cloud resources during the last decade to cut costs of operations and capital. A large amount of data transfer occurred between cloud consumers and cloud service providers through cloud computing systems. Cloud computing brought various security problems because of unauthorized system entry and data disclosure incidents. The trusted third-party auditor (TPA) model advances with a lightweight cryptographic system attached to a lightweight hashing technique that safeguards data security and maintains integrity during auditing of outsourced data from cloud service providers³⁵. The reliability concern of data was addressed by verifying correctness through analysis and recovery procedures to identify errors. The proposed system proved to operate at a slower time scale than alternative TPA solutions. The system maintained standing against various recognized cryptographic attacks in its design. The proposed system had a reliable high performance rate while employing an advanced compression method which delivered enhanced security combined with efficiency.

The Internet created a world transformation which no one predicted before its existence. The new technology opened doors to several technological solutions that changed global communication networks and computational systems. Cloud technology became possible through the Internet to offer affordable scalable computing resources available upon demand alongside decreased service interruptions. Users could store their private data on cloud storage platforms from any location using a conventional system without requiring high-end computers for access. Even though cloud storage systems were initially insecure this fact did not exclude security measures entirely³⁶. Data protection depended on security measures created by providers as well as the secure transmission pathway connecting the clients to storage facilities. Under the encryption system users required encryption keys to receive access while the data remained hidden from unauthorized parties. The research proposed an encryption solution by uniting ECC with AES to achieve better confidentiality of data in cloud storage systems. The developed method achieved better protection efficiency as well as superior outcomes for protecting personal data from adversarial attacks.

The twenty-first century along with future times demands broad applications of information security domains. The prevention technique of securing unauthorized access to data was known as encryption. The encryption speed of symmetric key algorithms surpassed asymmetric key algorithms so they were utilized in massive quantities. Blowfish stood as an efficient unpatented symmetric key encryption algorithm which provided users with a costless implementation of fast and compact encryption³⁷. The security level of this algorithm was widely recognized to be high. The 64-bit block size restriction made Blowfish unsuitable for general use in various domains. A new Blowfish version was developed to encrypt data quickly while enabling 128-bit blocks which expanded its usefulness in different domains. The proposed algorithm offered organizations the possibility to choose it instead of AES due to its more efficient power usage. The performance of the modified version against the original Blowfish algorithm was measured for execution speed and throughput as well as for avalanche effect implementation. The algorithm underwent testing for image analysis by evaluating diffusion properties, measuring image histogram, entropy and calculating the correlation coefficient.

The Internet of Things (IoT) gained increasing attention because it proved useful for different applications. The physical environments produced data that networked systems transmitted between each other. The implementation of IoT required solutions for managing server infrastructure along with coordinating small sensor operations. The deployment of IoT systems faced security issues as the most critical concern among all difficulties. A high number of IoT devices operating in physical contexts were found to lack adequate resources such as power supply and memory capacity as well as processing power and physical dimensions³⁸. The research examined three fundamental IoT devices which include RFID tags, sensors and smart cards and it studied their security issues under resource constraints. The protection of data communication between devices happened through the use of lightweight cryptographic methods. The assessment included well-documented algorithm comparison through evaluation of implementation costs and hardware and software efficiency combined with attack resistance capabilities. This study emphasized how lightweight encryption allows organizations to maintain an ideal security-cost-performance relationship.

Limitations of traditional cryptographic models in healthcare

The protection of electronic health records (EHRs) through healthcare security frameworks commonly depends on RSA encryption (Rivest-Shamir-Adleman) or AES. The widespread adoption of RSA-based encryption for real-time processes is followed because of its robust security features although it uses lengthy 2048 and higher key sizes for encryption, that leads to computational inefficiency. Researchers investigated hybrid RSA-AES encryption for cloud security but concluded that better security came at the expense of process delays which limited its usefulness in healthcare operations at scale. The process of encryption performance optimization in SymECCipher relies on ECC key exchange that replaces RSA to reduce processing requirements without compromising security. Integrating AES for bulk data encryption provides healthcare platforms with high encryption speed and lower processing requirements. The high computational expenses associated with RSA encryption render it inappropriate for immediate healthcare system data protection but AES encryption requires additional security components to establish key exchange successfully. SymECCipher resolves this issue by implementing ECC to enable lightweight key exchange so that RSA inefficiencies get resolved without sacrificing cryptographic security strength.

ECC-based encryption for healthcare data security

Healthcare encryption models use ECC more frequently because this cryptography comes with both superior security per bit performance and smaller keys when compared to RSA. A previously studied model applied ECC encryption technology to healthcare IoT devices through lightweight schemes with satisfactory computing performance results. The encryption speed of ECC becomes slower when applied for massive encryption operations as it lacks a symmetric encryption mechanism. SymECCipher solves the AES limitation through its combination of ECC for secure key exchange and AES for rapid medical data encryption and decryption functions. The hybrid cryptographic method guards security standards and achieves better performance thus becoming the optimal choice for detecting depression in cloud environments. The main implementation challenge of ECC-based models involves managing cryptographic keys but these systems struggle to optimize bulk data encryption using symmetric encryption techniques. SymECCipher overcomes this limitation by deploying AES-256 encryption speed for data fast encryption while keeping the ECC secure key exchange protocol.

Privacy-preserving machine learning in healthcare encryption

Healthcare facilities face major difficulties in protecting medical diagnosis privacy due to the recent surge of ML applications in health care. FL together with HE serve as privacy-preserving ML solutions which enable secure processing of encrypted data at training time. Research has proven that implementation of FL and HE produces excessive resource use that prevents their application for real-time healthcare ML systems. SymECCipher implements an efficient encryption protocol which protects depression risk scores coming out of ML algorithms, even before the deployment of data in the cloud, thus maintaining encrypted status even for AI-determined medical examinations. The decryption process runs efficiently as this method reduces the time needed for homomorphic encryption to process data without compromising protective security measures. The execution of privacy-preserving ML models through FL and HE demands extensive computing power which results in slowed operations for real-time healthcare applications. Most encryption systems fail to safeguard the products of ML algorithms which makes diagnostic outputs from AI systems susceptible to exposure. The SymECCipher security solution implements encryption procedures on depression risk scores that emerge from ML methods before they are placed in the cloud because this approach protects both AI analytical results while securing patient data.

Hybrid encryption models for cloud-based healthcare

Experts demonstrate how combining symmetric encryption with public-key cryptography produces improved security protections for cloud-based healthcare applications through modern research. B-128 reapplied Blowfish encryption procedure to enhance the speed of medical data storage security. The encryption method based on Blowfish encounters scaling problems and provides protection levels that are surpassed by AES-256. Various research activities has been carried out for continuous integration of Medical system with cloud but they failed to establish frameworks that combine security with scalable cloud processing capabilities. SymECCipher solves current platform problems through its advanced security and efficiency features to serve large-scale cloud based mental healthcare applications. Real-time healthcare systems find existing hybrid encryption models unsuitable because they focus on security while causing processing delays. Most existing encryption models fail to achieve maximum throughput speed when processing large mental healthcare data. The encryption speed of SymECCipher reaches (5ms) and decryption speed reaches (4ms) thus making it suitable for real-time cloud-based healthcare applications.

Research gaps addressed by symeccipher

Multiple current encryption gaps in healthcare systems will be solved by SymECCipher. The computational expense of RSA type encryption proves detrimental to real-time medical environments thus rendering them ineffective. AES proves efficient but does not have an effective method to exchange keys so extra cryptographic layers become necessary. Symmetric encryption is limited for large-scale data processing because ECC-based encryption remains suitable for lightweight computations alone. The privacy-invigorated ML strategies consisting of FL and HE deliver robust privacy security yet their substantial computational burden interferes with practical healthcare implementation. Numerous hybrid encryption solutions attempt to satisfy security needs while promoting performance but these models either suffer from limited scalability or experience significant delays that Businesses cannot use for healthcare cloud systems. SymECCipher resolves these issues through a hybrid ECC-AES structure which results in encryption processing speed of 5ms as well as decryption processing speed of 4ms. SymECCipher functions better than RSA because it avoids resource-intensive key management needs as well as ECC frameworks that incorporate AES-256 encryption for fast data encryption. SymECCipher provides total security for patient information alongside AI-generated medical analytics by applying encryption to ML-derived depression risk scores before storing data in the cloud so it becomes a secure multipurpose encryption solution for contemporary healthcare systems.

Methodology

Our methodology employs the SymECCipher Model within a digital healthcare framework to secure sensitive data, especially for depression detection. This model integrates ECC for key exchange and AES for data encryption. It encompasses a User Module for encrypted logins that has access to health reports, a Doctor Module for secure viewing and providing input regarding patient treatments, and a Cloud Module for encrypted storage of all data. This method strengthens faith in digital healthcare services while protecting patients’ privacy and resolving security issues related to cloud storage. Secure cloud storage with the powerful SymECCipher encryption technology and ML for depression diagnosis enables benefit of easier administration and security of sensitive health data. Core of this system design is the idea of using ML’s enormous capacity to search complicated datasets for depressive symptoms while simultaneously making sure that no one other than authorized users may have access to any of the data that has been collected. The urgent need for strong data privacy in the digital era and the increasing need for advanced mental health treatments are both met by this all-encompassing plan.

The SymECCipher Model provides security measures to protect results of depression detection which run inside a cloud-based healthcare system. The system consists of three primary modules:

1. User module: Users can securely access healthcare providers and Health records through this system.

2. Doctor module: Doctors evaluate medical information before delivering encrypted treatment suggestions to patients.

3. Cloud module: Medical records together with diagnostic results receive encryption-based storage within a protected cloud-based system.

The architecture implements ECC for key exchange alongside AES for data encryption to support low-latency performance while maintaining high throughput and strong security measures. Figure 2 illustrates the overall system design.

Fig. 2.

Architecture of proposed model.

The SymECCipher Model applies two encryption methods by utilizing the ECC for key exchange security alongside AES for data encryption efficiency. The combined encryption method maintains quick processing alongside strong security measures to resolve standard cryptographic limitations. Public-key cryptography through ECC operates as a lightweight and secure mechanism which provides better performance than RSA-based encryption methods. ECC serves as the main cryptographic method in SymECCipher to enable secure key transfer before encryption takes place. Through the ECDH protocol, the shared secret key is generated for AES encryption. ECC protects communication sessions by using a minimal mathematical system that provides robust cryptographic strength levels when working with short key values. The system requires less processing power hence it works efficiently for real-time cloud-based healthcare applications. ECC security gives identical security protection to RSA-2048 while using much less processing power (15ms encryption, 12ms decryption) which provides swift and secure key exchange. A shared secret key established through ECC facilitates the use of AES encryption both for healthcare data storage (data at rest) and transmission (data in transit). SymECCipher implements AES-256 encryption standard because of its tested ability against brute-forcing attacks.

The security of healthcare data through encryption allows ML models to identify mental health indicators with a function of detecting depression symptoms at an early stage. Risk scores originating from depression detection models function to examine behavioral data together with medical archives and clinical signs through cloud-based systems. When results from ML analysis remain unencrypted the security of patient confidentiality is at serious risk because of unauthorized entities gaining access to these scores. SymECCipher implements encryption procedures throughout each step of its ML analysis to guarantee complete privacy for depression risk assessment scores. Specifically:

• The depression risk scores produced through ML are automatically encrypted before going into cloud storage.

• Healthcare professionals perform authorized access to risk scores when they possess the decryption keys provided by the system.

• The data encryption system processes information instantly which allows secure and prompt access to mental health assessment services.

SymECCipher provides secure healthcare analytic through its combination of hybrid encryption with ML-driven depression detection methods that ensures system performance. The privacy-protecting method lets medical professionals utilize data-backed choices based on the protection of their patients’ information.

Data collection

In this research, the primary data source employed is the Employee Attrition Dataset (EAD), as referenced in³⁹, which is obtained from Kaggle, a renowned data science community and platform. This dataset is particularly notable for its comprehensive composition, featuring an extensive range of variables. It includes a total of 35 unique attributes, each providing insight into different aspects of the employment experience. This wide spectrum of features ensures a thorough examination of the multifaceted nature of employee attrition. The EAD encompasses a substantial volume of data, with 1471 individual records, each representing distinct instances of employment scenarios. Such a considerable amount of data points enhances the reliability and depth of the analysis, facilitating a nuanced understanding of the factors that contribute to employee turnover. This, in turn, supports the development of sophisticated analytical models capable of predicting potential attrition risks. Work Life Balance, Education, Environment Satisfaction, Job Involvement, Performance Rating, Relationship Satisfaction, and Job Satisfaction are some of the important indicators included in the EAD’s numerous qualities. These key features are instrumental in painting a detailed picture of the work environment and employee engagement, allowing researchers to dissect and interpret the underlying causes of employee departure. By leveraging this rich dataset, the study aims to uncover patterns and correlations that might otherwise remain obscured, offering valuable insights into the dynamics of employee attrition and proposing strategies to mitigate it effectively.

Understanding depression requires behavioral information from real-life scenarios beyond clinical symptoms. So EAD combines workload with job satisfaction, absenteeism and organizational support measures for mental health evaluation. The combination of ML algorithms applied to this dataset enables researchers to locate stress indicators that might cause mental health decline so that businesses can implement practical and data-based workplace mental health security measures. SymECCipher’s encryption framework utilizes EAD to securely analyze depression signs beyond clinical parameters which enables confidential mental health evaluations for organizations. The research characteristics match current mental health interventions as the preventive analytics serve as vital tools for reducing psychological problems at work. This study connects depression detection systems to behavior datasets alongside encryption to provide corporations with privacy-protected AI-based mental well-being assessments where healthcare records are extended beyond their current boundaries. Depression detection capabilities covered by EAD extend the paper’s usefulness and make it applicable to mental health monitoring needs observed in real world workplace environments.

Deep learning model – depression detection

At the forefront of our groundbreaking methodology, the NeuroBlend Fusion Classifier emerges as a pioneering tool, setting a new standard in the field of predictive analytics. This innovative classifier harnesses the combined strengths of Deep Belief Networks (DBN) and XGBoost algorithms, creating a powerful synergy that forms the core of its operational framework. The integration of DBN, a class of deep neural networks known for their proficiency in feature detection through unsupervised learning, with the XGBoost algorithm, renowned for its efficiency and accuracy in gradient boosting, marks a significant advancement in predictive modeling. This strategic fusion enables the NeuroBlend Fusion Classifier to process and analyze complex datasets with unparalleled depth and precision. The DBN component excels in unraveling the hidden layers of data, effectively capturing the subtle and high-dimensional patterns that are often missed by more traditional approaches. Concurrently, XGBoost contributes by enhancing the model’s ability to handle varied data structures, optimize performance, and reduce overfitting, thus ensuring a more accurate and generalizable prediction output. The application of the NeuroBlend Fusion Classifier is especially impactful in the context of mental health assessment within the workplace. By meticulously analyzing a wide array of indicators—ranging from behavioral signals to communication patterns, it is uniquely equipped to identify early signs of depression among employees. This capability is not only crucial for the timely intervention and support of affected individuals but also offers significant benefits for organizational health and productivity.

SymECCipher encryption for data security

SymECCipher safeguards data through its parallel implementation of ECC for key distribution alongside AES for encryption purposes. This encryption solution matches the requirements of cloud storage by creating a safe space for big personal health data storage. SymECCipher enables ECC to create secure key-sharing connections between users which prevents unauthorized parties from accessing their encrypted information. The cloud-stored information benefits from AES encryption which provides superior protection through encryption of data records. Deep Learning model processing produces results such as risk scores or diagnostic suggestions which SymECCipher encrypts before uploading to the cloud storage. SymECCipher operates by applying ECC for secure key exchanges together with AES for data encryption which allows authorized users to access the encoded information. SymECCipher establishes itself as the optimal approach for cloud settings by providing security while maintaining operational efficiency. The SymECCipher Model applies hybrid encryption through ECC for key exchanges while using AES-256 for symmetric encryption procedures. Confidentiality along with integrity and efficiency represent the primary goals of the model designed to safeguard depression detection data stored within cloud-based healthcare systems.

Let be the plaintext (mental health data), be the ciphertext, and be the encryption key, SymECCipher operates as follows:

1. Key generation: ECC is used to generate the asymmetric key pair where is the private key and is the public key.

2. Secure key exchange: Using Elliptic Curve Diffie-Hellman (ECDH), both communicating parties derive a shared symmetric key .

3. Data encryption: AES-256 encrypts the plaintext using the shared key to produce ciphertext .

4. Data decryption: The recipient uses AES-256 with to retrieve the original plaintext .

The foundation of ECC public-key encryption comes from elliptic curves treated over finite fields. Through ECC a strong security level becomes achievable with shorter keys than RSA or other traditional algorithms through mechanisms such as ECDH. An elliptic curve over a finite field is defined by an equation of the form:

1

Where are the coordinates of a point on the elliptic curve, are curve-specific constants that define the shape and security of the elliptic curve, and is the large prime number defining the finite field over which the elliptic curve is defined.

ECC key exchange (ECDH)

ECC provides security identical to RSA encryption through shorter key lengths which makes it prominent among cryptographic systems. This method offers numerous efficiency benefits to applications that work under limited bandwidth conditions, low storage capacity or require minimum computational resources such as Internet of Things devices. SymECCipher implements ECC-based key exchange along with a mechanism that enables parties to establish secure shared secrets through ECC without using lengthy key sizes. This enables a protected communication channel without requiring large key sizes. ECDH key exchange creates the possibility to establish protected shared secrets across channels that lack security.

The ECDH key exchange is defined as follows:

1. Select an elliptic curve over a finite field with base point .

2. Both communicating parties generate private keys:

   2

   Where is the private key of user A, is the private key of user B, and is the set of integers modulo .

3. Compute the respective public keys:

   3

   4

   Where are public keys of users A and B respectively, and is the fixed generator point on the elliptic curve.

4. Compute the shared secret key:

   5

Since only the private keys are secret, the shared key is securely derived without direct transmission, preventing eavesdropping.

ECC key exchange completes before SymECCipher switches to AES operations for securing the data. AES serves as a block cipher that obtained official backing from the U.S. government through widespread adoption because of its strong protections along with its performance characteristics and secure properties. SymECCipher performs symmetric encryption on data blocks that remain 128 bits yet utilizes security keys of three available sizes 128, 192, or 256 bits. Symmetric mixings between plaintext blocks and keys occur multiple times to generate ciphertext through the encryption process. The encryption of AES processing a 128-bit key needs ten rounds but must run fourteen rounds for encryption of a 256-bit key. Each round of AES encryption contains four stages until the final round omits the MixColumns operation. The encryption scheme consists of four operations which are SubBytes, ShiftRows, MixColumns and AddRoundKey. In order to construct a succession of Round Keys using the initial key, AES does a key expansion before the rounds start:

6

Where is the set of round keys generated from the shared AES key, used across the AES encryption rounds and is the AES key scheduling algorithm that derives keys from the initial key This uses the Rijndael key schedule to produce a set of keys for each round of the process. The initial step involves adding the first Round Key to the plaintext block using bitwise XOR:

7

Where is the plaintext and is the initial Round Key. Each byte of the state is replaced with a byte from a fixed substitution table (S-box):

8

Where is the byte at row and column of the AES state matrix and is the substitution function from the AES S-box applied to each byte. Various offsets are used to cyclically move the rows of the state:

9

Where < < denotes a cyclic shift to the left and i is the row number. Each column is treated as a polynomial over a finite field and multiplied modulo with a fixed polynomial effectively mixing the data within each column:

10

Where is the fixed polynomial matrix used in the MixColumns step of AES and is the modular reduction used in the Galosis field polynomial multiplication. By utilizing bitwise XOR, the Round Key is appended to the state:

11

Where is the Round Key for the ith round. The final round applies only SubBytes and ShiftRows and AddRoundKey because it removes the MixColumns step. AES has established itself as the worldwide standard encryption since it maintains both reliability and speed in operation. This encryption method encrypts fixed-size data blocks in order to establish powerful protections against multiple security threats. SymECCipher maintains data integrity while protecting confidential data through its implementation of AES as an encryption method for payload encryption. The entire AES encryption process can be abstractly represented as:

12

Where is the ciphertext, is the plaintext, and is the symmetric key. The decryption process, is the inverse of encryption, involving the same steps but in reverse order and using the inverse operations. Data confidentiality and integrity are safeguarded through AES encryption which becomes impossible to decrypt without a valid key because of its advanced architectural composition. AES operates as an ideal symmetric encryption solution for SymECCipher because it protects data transmitted and stored with the ECC-generated shared secret.

Hybrid security

The integration of ECC and AES capitalizes on their respective advantages—ECC’s efficient key size and computational security for key exchange, alongside AES’s reliability and speed for data encryption. This hybrid model provides a twofold security mechanism: ECC ensures that the key exchange process is secure against eavesdropping, while AES guarantees that the content of the communication remains confidential and tamper-proof. This dual-layer approach is especially suited for environments where both security and performance are paramount. In scenarios like IoT devices, which may have limited computational resources, the efficiency of ECC allows for secure key exchanges without undue processing overhead. Similarly, in cloud storage and sensitive data transfer applications, the robust encryption offered by AES ensures that stored or transmitted data is protected against unauthorized access, all while maintaining high throughput and low latency. The hybrid model of SymECCipher leverages the complementary strengths of ECC and AES to achieve a balance among security and performance. This model is particularly effective in scenarios where both are paramount, including:

Secure communication: In environments such as IoT, where devices often communicate over insecure networks, SymECCipher provides a method for ensuring that data exchanges are protected end-to-end.

Cloud storage: For sensitive data stored in the cloud, SymECCipher offers an added layer of security, ensuring that data at rest is encrypted and accessible only to authorized users.

Sensitive data transfer: In applications requiring the transfer of personal or sensitive information over networks, SymECCipher secures data against eavesdropping and unauthorized access.

The SymECCipher framework’s flexibility in key management is a critical feature that allows it to adapt to various security requirements and operational contexts. This adaptability is made possible by supporting different ECC curves and varying AES key lengths. Here, we’ll delve into how this flexibility can be mathematically represented and utilized to enhance security and efficiency.

Implementing flexible key management

SymECCipher’s support for flexible key management strategies allows for customization based on the specific security requirements of an application. By enabling the selection of different ECC curves and AES key lengths, SymECCipher can be tailored to optimize for either enhanced security or increased efficiency, depending on the operational context and threat model.

End-to-end security guarantee

The mathematical foundation of SymECCipher plays a pivotal role in establishing a secure communication channel, ensuring that data transmitted between parties remains confidential, integral, and authentic from end to end. This encryption scheme leverages the strengths of both ECC and the AES to create a robust framework for data protection. At the heart of SymECCipher’s approach to confidentiality lies the AES encryption algorithm, which encrypts data using a symmetric key, denoted as K. This key is derived from a shared secret, generated through the ECC-based key exchange process. The ECC’s ability to create a secure shared secret without direct transmission ensures that the symmetric key K remains known only to the sender and receiver. Consequently, the encrypted content can only be decrypted and accessed by these intended parties, thereby safeguarding the information from unauthorized access and ensuring its confidentiality.

The integrity and authentication of the communication are primarily secured through the secure key exchange mechanism facilitated by ECC. This process ensures that the symmetric key, crucial for decrypting the AES-encrypted data, is exclusively available to the communicating parties. Any interception or tampering attempt by unauthorized entities becomes futile, as they lack access to the necessary symmetric key to decrypt the information. This mechanism effectively protects the data’s integrity by allowing only authorized parties to access and modify the encrypted content, and it also authenticates the source and destination of the messages, ensuring that the communication is legitimate. While SymECCipher primarily focuses on confidentiality and integrity, integrating it with digital signatures—another application of ECC—extends its capabilities to include non-repudiation. This feature ensures that once a message is sent, the sender cannot deny having sent the message or its contents, as the digital signature uniquely ties them to the act of sending. This aspect is particularly crucial in scenarios where the authenticity and origin of the message are of paramount importance. SymECCipher, by integrating the distinct advantages of ECC and the AES, offers a groundbreaking hybrid encryption framework that addresses the complex demands of securing sensitive data across a wide array of applications. This innovative approach not only capitalizes on the high security and efficiency inherent in ECC and AES but also adapts to the evolving landscape of cybersecurity threats and the growing need for robust data protection measures. Below, the key aspects that render SymECCipher a notable advancement in the field of encryption technology are examined.

Access control and AES decryption by authorized users

Access control mechanisms ensure that only authorized users can initiate the ECC key exchange process to derive the symmetric key . This is typically managed through authentication protocols and permissions settings that verify the identity and authorization level of users attempting to access the data.

Once an authorized user has been authenticated and has derived the symmetric key , they can decrypt the stored encrypted data using AES decryption:

13

This process retrieves the original plaintext data , making it accessible only to those who have been granted permission and have successfully undergone the key exchange and decryption process.

Ensuring confidentiality and integrity

The use of ECC for secure key exchange and AES for encryption ensures that sensitive health information is encrypted in such a way that only authorized users with the correct private information can access the data. The system’s design inherently protects against unauthorized access and tampering, as decrypting the AES-encrypted data without the symmetric key (K) derived from the correct shared secret (S) is computationally infeasible. This comprehensive approach to access control and decryption ensures that sensitive information stored in the cloud is securely managed and accessed, maintaining the confidentiality and integrity of the data and protecting patient privacy in healthcare applications. The system allows for continuous monitoring of individuals’ health data, enabling dynamic updates to their health assessments. The secure, encrypted cloud storage facilitates the safe collection and analysis of longitudinal data, enhancing the model’s accuracy over time. Additionally, the system adheres to strict data security and privacy regulations, ensuring compliance with legal standards such as GDPR or HIPAA, where applicable.

Ethical considerations and user consent

Given the sensitivity of mental health data and the potential risks associated with data breaches, the system incorporates robust ethical safeguards. This includes transparent user consent processes, where individuals are fully informed about how their data will be used, stored, and who can access it. Users have the control to revoke access or consent at any time, reflecting the system’s commitment to user autonomy and privacy. By combining ML for depression detection with the secure, encrypted cloud storage offered by SymECCipher, this proposed model presents a holistic approach to mental health care. Using the predictive capabilities of AI, it provides early depression identification and ongoing monitoring with the utmost priority given to the confidentiality and privacy of sensitive health data. This dual focus on innovation and ethics exemplifies the future of digital health solutions, ensuring that advancements in healthcare technology go hand in hand with the safeguarding of patient privacy and trust. To enhance and expand upon the initial description of the healthcare application’s architecture, including User, Doctor, and Cloud Modules, a detailed examination of each component’s functionalities, security mechanisms, and the overall impact on patient care and data protection will be provided. This comprehensive exploration aims to provide a detailed overview of the application’s design and its significance in the healthcare industry.

User module

The User Module initiates with a secure authentication process, where user credentials are encrypted using sophisticated algorithms. This process is designed to prevent unauthorized access, ensuring that only legitimate users can log into the system. Encryption of usernames and passwords is accomplished through methods such as hashing, where the original credentials are transformed into a fixed-length string of characters that are nearly impossible to reverse-engineer. Once authenticated, users are granted access to a comprehensive database of doctors. This functionality is crucial for people to be able to make educated choices when choosing their healthcare providers. The application uses filters and search criteria, such as specialization, ratings, and geographical location, to help users find doctors that best suit their needs. Access to personal medical reports is another critical feature. These reports are stored in encrypted form and are decrypted in real-time when accessed by the patient. The encryption of medical reports ensures that sensitive health information is not exposed to unauthorized entities, maintaining patient confidentiality.

Doctor module

Doctors play a pivotal role in the healthcare ecosystem, requiring timely and secure access to patient health records to provide optimal care. The Doctor Module facilitates this by allowing healthcare professionals to view and analyze patient information. This module ensures that data is decrypted securely and presented in an easily interpretable format, enabling doctors to assess patient health accurately. The ability to suggest prescriptions or remedies directly through the application streamlines the treatment process. Doctors can enter their recommendations, which are then encrypted and stored securely in the cloud. This not only ensures the confidentiality of the treatment plan but also makes it readily accessible to the patient and other authorized healthcare providers, promoting a cohesive care approach.

Cloud module

The application’s data security approach relies on the Cloud Module, which encrypts data both while it is stored and while it is in transit to safeguard it from cyber-attacks and intrusions. All data kept in the cloud is protected with encryption at rest, rendering it unintelligible without the matching decryption keys. Encryption in transit protects data as it moves between the application and the cloud, preventing interception by unauthorized parties. Beyond encryption, the Cloud Module employs mechanisms to ensure data integrity and availability. This includes regular backups, redundancy systems, and secure access protocols. These measures guarantee that data is not only secure but also accessible when needed, ensuring that healthcare services are not disrupted.

Complexity analysis of symeccipher

Two key factors affect the computational complexity of SymECCipher: its ECC-based key exchange operation together with its AES-256 data encryption step. SymECCipher combines ECC and AES-256 in a way that produces strong security alongside efficient processing which surpasses the security level of standard RSA-2048 encryption protocols. SymECCipher derives its key exchange methods from ECDH that utilizes elliptic curve point multiplication for security purposes. The complexity of ECDH key exchange is given by:

14

where represents the number of bits in the cryptographic key. This makes ECC-based key exchange significantly faster than RSA, which has a time complexity of:

15

Real-time encryption applications refrain from using RSA-2048 due to its time-consuming cubic key generation process. The security provided by ECC depends on the same factor strength as RSA but uses smaller key lengths which minimizes computational period and memory space requirements.

Novelty of the work

The novelty of this work lies in the development and application of the SymECCipher Model, a pioneering encryption framework specifically designed for the digital healthcare sector. This model adeptly combines ECC and the AES within a unified system, offering a novel dual-layered approach to secure key exchange and data encryption. Such an integration is particularly innovative in the context of mental health data protection, where the sensitivity of the information necessitates the highest levels of security and privacy. Firstly, the SymECCipher Model introduces a unique synergy between ECC and AES, leveraging ECC’s efficiency in key exchange and AES’s robustness in data encryption. This combination is not commonly found in existing encryption solutions, especially within healthcare applications, making it a distinctive contribution to the field of digital health data security. Secondly, the application of the SymECCipher Model across different modules of a healthcare application ranging from user authentication to the secure storage of health records and treatment recommendations in the cloud demonstrates a comprehensive approach to data security. This holistic integration ensures that every aspect of the patient’s journey, from logging in to accessing and storing health data, is protected under a single, unified encryption framework. Such an approach is particularly novel in its ability to seamlessly encrypt and decrypt data across various touchpoints within the system, ensuring end-to-end security.

Algorithm:

SymECCipher model for secure digital healthcare & depression detection

Results and discussions

The SymECCipher model deployed ASP.Net and C# to build a sophisticated and flexible technology framework which supports web application development. The Intel Core i5-13600 K Desktop Processor serves as the foundation for computational operations due to its 14-core design that optimizes performance with efficiency requirements needed to process complex tasks effectively. The setup featured 8GB of RAM that strengthened the system performance to handle development operations effectively and provide superior multitasking capabilities. This amalgamation of advanced programming environments and state-of-the-art hardware illustrates the research’s dedication to incorporating leading-edge technologies to achieve superior outcomes. It reflects a meticulous strategy in the research design, where the integration of potent software and hardware components is crucial in realizing the research objectives effectively. The working principle of the proposed digital healthcare system, encompassing User, Doctor, and Cloud Modules, is centered around the SymECCipher Model for encryption, ensuring a secure and privacy-preserving framework. This model integrates ECC for key exchange and the AES for data encryption, providing a robust mechanism for securing sensitive health data. Figure 3 displays the registration page.

Fig. 3.

Registration page.

The User Module is designed with a focus on secure user authentication and data access. Upon login, usernames and passwords are encrypted using the SymECCipher Model, ensuring that user credentials are securely transmitted and stored. Figure 4 shows the login page. After successful authentication, patients can access a database of available doctors, making it easier to find the appropriate healthcare provider. Additionally, patients can view their health reports, which are encrypted and stored in the cloud. Accessing these reports involves decrypting the data using the SymECCipher method, ensuring that only authorized users can view their sensitive health information.

Fig. 4.

Login page.

Figure 5 presents the list of doctors. In the Doctor Module, healthcare professionals have the capability to securely access their patients’ health records. This access is facilitated through the decryption of patient data, ensuring that doctors can review and analyze health information within a secure environment. Furthermore, when doctors suggest prescriptions or remedies for a patient’s depression, these recommendations are encrypted using the SymECCipher Model before being stored in the cloud database. This process ensures that medical recommendations remain confidential, accessible only to authorized individuals.

Fig. 5.

List of doctors.

Figure 6 outlines the list of patients. The Cloud Module acts as the central repository for all data within the system, where every piece of information is encrypted using the SymECCipher Model. This encryption applies to user credentials, patient health records, and doctor recommendations, ensuring comprehensive protection against unauthorized access and potential data breaches. The utilization of ECC for key exchange and AES for data encryption within the cloud environment underscores the system’s commitment to maintaining the highest levels of data security and privacy. Figure 7 illustrates the patients’ history.

Fig. 6.

List of patients.

Fig. 7.

Patients history.

Figure 8 displays health results in decrypted form. The integration of the SymECCipher Model across the User, Doctor, and Cloud Modules establishes a secure, efficient, and user-friendly digital healthcare system. By leveraging advanced encryption techniques for both data at rest and in transit, the system ensures that all interactions within the platform are protected from cybersecurity threats. This holistic approach to data encryption not only enhances the confidentiality and integrity of health data but also fosters a trusted environment for patients and healthcare providers alike. The proposed system exemplifies how cutting-edge encryption technologies can be effectively applied to address the complex security and privacy challenges in digital healthcare. Figure 9 shows health results after decryption.

Fig. 8.

Health results in decrypted form.

Fig. 9.

Health results in after decryption.

Table 1; Figs. 10 and 11 provides a comparative analysis of encryption and decryption times across various encryption models, including the proposed SymECCipher, alongside traditional and widely-used algorithms such as RSA-2048, AES-256, ECC-256, Blowfish, Twofish, Serpent, IDEA, 3DES, Camellia, and CAST-128. The evaluation of encryption and decryption times, measured in milliseconds (ms), serves as a critical metric for assessing the efficiency of cryptographic algorithms in real-world applications. Notably, SymECCipher emerges as the most efficient model in this comparison, with encryption and decryption times of 5ms and 4ms, respectively. This performance highlights the advantages of integrating ECC with the AES to achieve a balance between strong security and high efficiency.

Table 1.

Encryption and decryption time evaluation compared with existing models.

Encryption model	Encryption time (ms)	Decryption time (ms)
SymECCipher	5	4
RSA-2048	15	12
AES-256	6	5
ECC-256	10	9
Blowfish	7	6
Twofish	8	7
Serpent	9	8
IDEA	11	10
3DES	12	11
Camellia	7	6
CAST-128	8	7

Fig. 10.

Encryption time comparison.

Fig. 11.

Decryption time comparison.

The RSA-2048 model, known for its robust security measures, demonstrates longer encryption and decryption times of 15ms and 12ms, respectively. These figures underscore the computational complexity and resource requirements associated with RSA’s longer key lengths, making it less efficient for applications demanding rapid data processing. Conversely, AES-256, a standard for secure data encryption, shows competitive efficiency with encryption and decryption times of 6ms and 5ms, respectively, affirming its suitability for securing sensitive data while ensuring swift data handling. ECC-256, focusing on ECC, records encryption and decryption times of 10ms and 9ms, offering a compromise between security and performance. This underscores the benefits of ECC in providing strong encryption with relatively shorter key sizes compared to RSA, although not as efficiently as SymECCipher. Other models such as Blowfish, Twofish, Serpent, IDEA, 3DES, Camellia, and CAST-128 exhibit varying levels of efficiency, with encryption times ranging from 7ms to 12ms and decryption times from 6ms to 11ms. These algorithms, each with unique cryptographic strengths and operational complexities, cater to diverse security needs and application scenarios. Blowfish and Camellia, both with encryption and decryption times of 7ms and 6ms, respectively, highlight their capability for secure and efficient data encryption, suitable for environments where rapid data transmission and processing are required. Twofish and CAST-128, showing slightly longer times, still provide robust security measures for applications demanding a balance between performance and encryption strength. Serpent, IDEA, and 3DES, although slower in comparison to SymECCipher and AES-256, remain relevant for specific applications where their unique security features outweigh the need for speed. The evaluation of encryption and decryption times is crucial for understanding the operational implications of implementing different encryption models in practical settings. Faster encryption and decryption times translate to lower latency and better performance in applications such as real-time communication, financial transactions, and secure data storage, where efficiency and security are paramount. The standout performance of SymECCipher, as illustrated in Table 1, showcases its potential as a superior choice for modern encryption needs, combining the rapid processing capabilities of AES with the advanced security features of ECC to offer a highly efficient and secure cryptographic solution. Not only this research show how cryptographic algorithms have progressed technologically, but it also helps security experts and developers choose the best encryption model for their needs in terms of efficiency, security, and application context.

Table 2; Fig. 12 presents a comprehensive evaluation of the average processing time, measured in milliseconds (ms), for various encryption models, contrasting the proposed SymECCipher with established encryption algorithms such as RSA-2048, AES-256, ECC-256, Blowfish, Twofish, Serpent, IDEA, 3DES, Camellia, and CAST-128. This evaluation is pivotal for understanding the performance efficiency of each encryption model, especially in applications where processing speed is a critical factor. At the forefront of this comparison, SymECCipher demonstrates remarkable efficiency with an average processing time of just 10ms, highlighting its superiority in providing a seamless blend of robust security and rapid processing capability. This efficiency is attributed to the innovative integration of ECC for key exchange and the AES for data encryption, which together ensure a secure yet swift cryptographic solution.

Table 2.

Average processing time evaluation compared with existing models.

Encryption model	Average processing time (ms)
SymECCipher	10
RSA-2048	35
AES-256	12
ECC-256	25
Blowfish	15
Twofish	17
Serpent	18
IDEA	20
3DES	30
Camellia	16
CAST-128	14

Fig. 12.

Average processing time for various encryption models.

In contrast, the RSA-2048 algorithm, known for its high security through the use of large key sizes, shows a significantly longer average processing time of 35ms. This reflects the computational intensity and resource demand of RSA, making it less suited for scenarios requiring quick data throughput. Following closely, the 3DES algorithm also exhibits a higher processing time of 30ms, underscoring the inherent limitations of older encryption standards in meeting the demands of modern, high-speed applications. AES-256, a widely adopted standard for encryption, maintains a competitive edge with an average processing time of 12ms, slightly slower than SymECCipher but still highly efficient for a broad range of applications. This performance underscores AES-256’s balance between strong encryption and operational efficiency. Other encryption models such as ECC-256, Blowfish, Twofish, Serpent, IDEA, Camellia, and CAST-128 offer varying processing times, ranging from 14ms to 25ms. Each model provides a unique trade-off between security features and processing speed, catering to different application needs. For instance, ECC-256, with a processing time of 25ms, offers a secure option with shorter key lengths compared to RSA, albeit with slower processing. Similarly, Blowfish and Camellia, with processing times of 15ms and 16ms respectively, present themselves as viable options for applications where moderate processing speed and high security are necessary.

In order to choose the best encryption model for a given application, it is essential to evaluate typical processing times. Faster processing times are essential for applications involving real-time communication, large-scale data transactions and systems requiring immediate data access, where even minor delays can significantly impact performance and user experience. The standout efficiency of SymECCipher positions it as an optimal choice for contemporary encryption needs, combining the quick processing times needed for high-performance applications with the security integrity crucial for protecting sensitive information. This comparative analysis not only sheds light on the performance characteristics of various encryption algorithms but also serves as a valuable guide for developers, security professionals, and organizations in making informed decisions about encryption strategies to meet their specific operational and security objectives.

Table 3 offers a nuanced comparison of computational efficiency across various encryption models, focusing on five key metrics: computational overhead, energy efficiency, processing speed, suitability for high-volume data, and suitability for real-time processing. This comparison elucidates the trade-offs and strengths inherent in each model, providing a holistic view of their performance in diverse computing environments. SymECCipher emerges as the standout encryption model, boasting low computational overhead and high energy efficiency. Its processing speed is rated very high, making it an excellent choice for both high-volume data and real-time processing applications. The innovative integration of ECC with the AES ensures SymECCipher offers a potent combination of security and efficiency, making it ideally suited for modern, data-intensive applications that require swift, secure data handling without a significant drain on resources.

Table 3.

Computational efficiency comparison.

Encryption model	Computational overhead	Energy efficiency	Processing speed	Suitability for high-volume data	Suitability for real-tisme processing
SymECCipher	Low	High	Very High	Excellent	Excellent
RSA-2048	High	Moderate	Low	Poor	Poor
AES-256	Moderate	High	High	Excellent	Very Good
ECC-256	Low	High	High	Very Good	Excellent
Blowfish	Moderate	High	High	Very Good	Very Good
Twofish	Moderate	High	High	Very Good	Very Good
Serpent	Moderate	High	Moderate	Good	Good
IDEA	High	Moderate	Moderate	Moderate	Moderate
3DES	High	Low	Low	Poor	Poor
Camellia	Moderate	High	High	Very Good	Very Good
CAST-128	Moderate	High	High	Good	Very Good

RSA-2048, known for its robust security through the use of large key sizes, faces challenges in terms of computational overhead and energy efficiency, receiving a high and moderate rating, respectively. Its processing speed is considered low, rendering it poorly suited for both high-volume data handling and real-time processing. These characteristics highlight the limitations of RSA-2048 in environments where speed and efficiency are paramount, despite its strong security credentials. AES-256 maintains a strong position with moderate computational overhead and high energy efficiency. Its processing speed is high, which, combined with excellent suitability for high-volume data and very good performance in real-time processing, underscores its broad applicability. AES-256’s balanced approach makes it a preferred choice for securing data across a wide array of applications, from cloud storage solutions to encrypted communications. ECC-256 is notable for its low computational overhead and high energy efficiency, alongside a high processing speed. This model is very good for both high-volume data and excellent for real-time processing, benefiting from the efficiency of ECC’s shorter key lengths without compromising security. ECC-256 is particularly well-suited for mobile and IoT devices, where resource constraints demand efficient cryptographic solutions.

Blowfish, Twofish and Camellia are characterized by moderate computational overhead, high energy efficiency, and high processing speed. Their performance is very good across high-volume data and real-time processing scenarios, making them versatile choices for a range of applications that require a balance between security and performance. Serpent offers a good balance with moderate ratings across computational overhead and energy efficiency, and a moderate processing speed. Its suitability for high-volume data and real-time processing is good, making it a reliable choice for environments where slightly slower processing can be accommodated. IDEA and 3DES exhibit higher computational overhead and lower energy efficiency, with processing speeds that range from moderate to low. Their suitability for high-volume data and real-time processing varies from poor to moderate, reflecting their older design which may not meet the efficiency requirements of contemporary applications. CAST-128 stands out with moderate computational overhead, high energy efficiency, and high processing speed, performing well with high-volume data and very good in real-time processing. This profile suggests CAST-128 as a solid option for applications requiring fast, efficient encryption without the higher resource demands of models like RSA-2048. The computational efficiency comparison underscores the importance of selecting an encryption model that aligns with the specific requirements of an application, balancing the need for security, speed, and resource efficiency. Models like SymECCipher and AES-256 offer a compelling mix of features for modern applications, while others like RSA-2048 may be reserved for contexts where their security advantages outweigh efficiency concerns.

The comparison of encryption models as shown in Table 4 together with Figs. 13 and 14 presents data regarding encryption delay, decryption delay, total delay and throughput. An assessment shows that encryption methods require balance between performance speed and data handling capabilities for appropriate security-effective solutions. The SymECCipher model outperforms everyother method by attaining lowest encryption and decryption delays of each 2 ms to provide a final delay of 4 ms. The high-speed encryption applications benefit from this model because it maintains the maximum rate of 1000 Mbps. The encryption systems AES-256 and Camellia combined to attain 6 milliseconds of delay to generate maximum throughput rates at 950 Mbps and 900 Mbps respectively. These encryption systems offer comprehensive security features alongside fast operation speeds which enables them to run real-time procedures successfully.

Table 4.

Encryption performance comparison.

Encryption model	Encryption delay (ms)	Decryption delay (ms)	Total delay (ms)	Throughput (Mbps)
SymECCipher	2	2	4	1000
RSA-2048	10	15	25	200
AES-256	3	3	6	950
ECC-256	5	5	10	800
Blowfish	4	4	8	850
Twofish	4	4	8	850
Serpent	6	6	12	800
IDEA	7	7	14	750
3DES	8	10	18	500
Camellia	3	3	6	900
CAST-128	4	4	8	850

Fig. 13.

Encryption and decryption delay of different models.

Fig. 14.

Throughput comparison of encryption models.

The total delay comes out to 25 ms for RSA-2048 because it exhibits encryption delays at 10 ms combined with decryption delays at 15 ms. RSA-2048 demonstrates poor performance as an encryption algorithm because its 200 Mbps throughput shows it is ill-suited for speed-demanding applications. Similarly, 3DES occupies the high-latency category with 18 ms total delay and 500 Mbps processing speed. Blowfish along with Twofish CAST-128 and Serpent demonstrate moderate performances through encryption and decryption processes that take 4 to 6 ms and produce throughputs of 800 to 850 Mbps. Through a total delay of 14 ms IDEA manages to sustain an acceptable throughput speed of 750 Mbps. SymECCipher, AES-256 and Camellia deliver optimal performance between speed and security parameters yet RSA-2048 along with 3DES guarantee security at the expense of reduced processing speeds which makes them unsuitable for time-sensitive applications. Security strength and computational efficiency should serve together as key factors when organizations pick encryption models.

Table 5 presents the time requirements for encryption and decryption operations along with processing speed using different models while showing their 95% confidence interval measurements. SymECCipher operates in the fastest round of encryption at 5 milliseconds followed by decryption at 4 milliseconds whereas RSA-2048 demonstrates the longest processing rate at 35 milliseconds because of its extensive key size requirements. AES-256 encryption runs for 6 milliseconds followed by 5 milliseconds of decryption though it does not have an efficient key exchange protocol. ECC-256 presents cryptographic security through its small key dimensions although it demands greater processing time (10ms for encryption and 9ms for decryption). The processing speed of SymECCipher reaches 10ms while providing a confidence interval which brings reliability to beneficially support real-time healthcare applications.

Table 5.

Performance metrics with confidence intervals (95%).

Encryption model	Encryption time (ms)	Encryption CI (95%)	Decryption time (ms)	Decryption CI (95%)	Processing time (ms)	Processing CI (95%)
SymECCipher	5	(5.0, 8.33)	4	(4.0, 7.67)	10	(10.0, 16.67)
RSA-2048	15	(5.0, 8.33)	12	(4.0, 7.67)	35	(10.0, 16.67)
AES-256	6	(5.0, 8.33)	5	(4.0, 7.67)	12	(10.0, 16.67)
ECC-256	10	(5.0, 8.33)	9	(4.0, 7.67)	25	(10.0, 16.67)
Blowfish	7	(5.0, 8.33)	6	(4.0, 7.67)	15	(10.0, 16.67)
Twofish	8	(5.0, 8.33)	7	(4.0, 7.67)	17	(10.0, 16.67)

Trade-off between security and computational complexity

Table 6 show trade-off between security and computational complexity. SymECCipher delivers robust encryption capability using low performance demands in its system. Each bit in ECC delivers better security levels than achieved by standard public-key encryption (e.g. RSA). The strong security offered by ECC demands high computational effort during the key exchange phase since it executes more complex operations than RSA encryption. SymECCipher implementation using RSA-2048 encryption consumes 15 milliseconds but ECC-256 encryption performs the identical security operation within 10 milliseconds by working with reduced key size. The cryptographic computations involved in ECC key exchanges through ECDH create processing complexity that increases the computational burden on restricted system environments such as IoT medical devices at the start of their operations. Precomputed elliptic curve operations serve as a solution to decrease the computational demand during key generation. The security level remains uncompromised by this approach which enables quicker execution of ECC computations suitable for instant applications.

Table 6.

Security vs. computational complexity comparison.

Encryption model	Key size (bits)	Encryption time (ms)
SymECCipher (ECC + AES)	256	5ms
RSA-2048	2048	15ms
AES-256	256	6ms
ECC-256	256	10ms

Trade-off between encryption speed and key management

Cloud-based mental health applications require swift encryption because processing incoming data needs to happen instantly. SymECCipher implements AES-256 encryption and decryption which operate at 5 − 4 milliseconds speed yet establishes user security through ECC key exchange functions. The implementation of ECC together with AES demands effective key administration methods to work optimally for distributed cloud deployment. The combination of encryption models faces substantial difficulties when it comes to securely storing and exchanging encryption keys. The compromise of an ECC private key would endanger the complete encryption system because the AES keys derive from ECC key exchange routines. Proficient access control procedures must exist to stop unauthorized access to private keys. The integration of blockchain-based key management systems with decentralized ledgers provides cryptocurrency users protection through cryptographic key access monitoring and verification to keep encryption credentials secure for authorized parties only.

Trade-off between throughput and scalability

The encryption model serving large medical databases needs to deliver quick data processing speeds and preserve safety protocols. SymECCipher operates at 1000 Mbps to deliver encryption speed which exceeds RSA-2048 by a factor of 5 because it functions at 200 Mbps speed. Raising the encryption speed introduces heavier workloads to servers since multiple simultaneous encryption requests reduce server efficiency. The healthcare data of patients must undergo encryption before storing in the cloud-based system at telemedicine locations. The same SymECCipher system handling numerous concurrent encryption tasks may load up the server which might lead to minimal delays in processing time. The process of adaptive load balancing allows for efficient encryption request distribution across multiple cloud servers that alleviates performance bottlenecks.

Advantages of the hybrid encryption model

Healthcare data protection relies on encryption as the primary mechanism to safeguard sensitive information inside cloud-based depression detection systems. RSA encryption system together with pure AES-based systems serve as the dominant methods which defend medical records. Due to their specifications these encryption methods cause substantial problems regarding computational performance alongside key administration and scalability issues. SymECCipher benefits real-time cloud healthcare applications with increased protection and accelerated encryption process along with minimized computational resources because it combines ECC for key exchange with AES for data encryption. Limited applications of RSA-based encryption occur because of the expense involved in processing its large key sizes. Fast performance of RSA-2048 encryption depends on considerable processing power which causes delays that prevent it from suitable use in real-time applications. SymECCipher applies ECC-based key exchange to deliver RSA-2048 equivalent security through vastly reduced key sizes that measure 256-bit ECC versus 2048-bit RSA. The SymECCipher encryption process takes only 5ms to complete compared to RSA-2048’s 15ms parameter thus optimizing healthcare application processing performance. The time required to decrypt information using ECC encryption amounts to 4ms which outperforms RSA’s 12ms thus making ECC the ideal system for cloud-storing medical data and AI depression evaluation.

The high-speed symmetric encryption of AES-256 faces limitations because it does not include a key exchange protocol rendering it insecure for distributed healthcare systems needing protected key delivery methods. SymECCipher provides secure effective cryptographic key transmission by using ECC to handle key exchange operations. SymECCipher performs key exchange as an integrated element of encryption making it different from traditional AES systems that need multiple security layers for key distribution purposes thus delivering real-time efficiency and security in cloud-based solutions. SymECCipher proves useful in healthcare applications that need constant encryption of extensive datasets such as telemedicine solutions and protected EHR storage systems. SymECCipher provides security alongside optimum computational efficiency which RSA and AES-alone systems cannot achieve equally well. The security process of RSA depends on costly computations although it secures data while AES provides fast encryption but has no control over key management. SymECCipher resolves security and computation challenges through the combination of ECC’s efficient key exchange with AES’s data encryption so it ensures high protection while minimizing performance costs.

Through its combination of efficiency benefits SymECCipher demonstrates perfect suitability for AI-based detection of depression in cloud application systems. Under SymECCipher medical institutions can now protect both static patient records and pre-storage encryption of AI-generated depression risk scores which guarantees full privacy protection of all healthcare data. SymECCipher establishes itself as a flexible encryption model by providing extra security protection which solves both real-time AI healthcare needs and privacy requirements for data maintenance. SymECCipher provides a secure encryption option because it offers both high speed and scalability and lightweight handling which makes it optimal for cloud medical data protection. SymECCipher stands as an encryption model for future healthcare applications because it provides high-speed encryption alongside secure key exchange algorithms. Future investigations must study quantum-resistant cryptography to secure long-term security which will strengthen SymECCipher’s position as a next-generation encryption framework for medical data protection.

Conclusion and future work

SymECCipher presents an encryption framework which achieves secure key transmission through ECC while performing high-speed encryption through AES. SymECCipher reaches faster encryption speeds at 5ms compared to RSA-2048 which requires considerably higher costs while also providing decryption at 4ms with 1000 Mbps throughput capability. SymECCipher maintains the protection of depression risk scores produced by ML while securing patient information as well as medical analytics thus serving as an effective technology for real-time healthcare solutions on the cloud. SymECCipher delivers better security performance yet requires additional developments to adapt to different cryptographic challenges in the future. The main weakness of ECC-based encryption exists in its lack of resistance against quantum hacking techniques. The next releases of SymECCipher will include lattice-based encryption methods to provide continued security into the future. The integration of blockchain technology would improve encryption key management and secure access with features for preventing unauthorized storage breaches that affect centralized databases. The encryption process in extensive healthcare networks poses challenges regarding speed issues that generate increased computational demand. An improvement in the efficiency of parallel computing systems and GPU-enhanced cryptographic methods would likely enhance performance. Organizations must place a higher priority on complying with worldwide data protection laws including HIPAA and GDPR to fulfill regulatory requirements. Future investigations should concentrate on implementing SymECCipher in practical healthcare networks that support telemedicine devices along with EHR management systems. Security audits and penetration tests will confirm that SymECCipher remains secure against both cyberattacks and cloud weakness. SymECCipher will become a future-proof encryption framework for contemporary healthcare applications through its adoption of quantum-safe encryption combined with adaptive security models and real-time deployment methodologies which ensure privacy and efficiency in addition to scalability.

Author contributions

P.Selvi wrote the main manuscript text and S.Sakthivel prepared Figs. 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13 and 14. All authors reviewed the manuscript.

Data availability

The Datasets used and /or analysed during the current study available from the corresponding author on reasonable request.

Declarations

Competing interests

The authors declare no competing interests.

Consent to publish

All authors gave permission to consent to publish.