Home The Significance of Asymmetric Encryption in Blockchain for Healthcare Applications

The Significance of Asymmetric Encryption in Blockchain for Healthcare Applications

Feb 24, 2018 08:00 CST Updated 08:00

The current internet is built upon a multitude of protocols, such as the TCP/IP protocol for computer network communications, the HTTP protocol for web content, the SMTP protocol for email, and the FTP protocol for file transfer. Blockchain has the potential to become another protocol that fosters trust and verifies identities, thereby enhancing the security of information stored on the internet. By establishing trust, accountability, and transparency—elements critical to modern commerce—blockchain technology can support a new generation of transactional applications and streamline business processes.


Beyond transactional and financial data storage, niche sectors across other industries also require blockchain to ensure the security of their data. Ensuring both security and liquidity has become a major concern for virtually all industries, and the emergence of blockchain technology offers a viable solution to this widespread challenge.


Data security and circulation in the healthcare sector have long been persistent challenges that remain inadequately addressed. With the large-scale adoption of electronic health records (EHRs), wearable devices, sensors, and the Internet of Things (IoT), data volume has surged dramatically in recent years. Consequently, achieving effective recording, tracking, and management of data information has become a significant challenge.


Therefore, even after grasping what blockchain is, stakeholders in the healthcare sector are more eager to understand how blockchain should be practically implemented in healthcare and medical services, what forms of participation are appropriate across various market segments, and what benefits it can deliver. To address these questions, VCBeat (WeChat ID: vcbeat) has curated a collection of articles on blockchain and case studies from the healthcare and medical fields.


In the coming period, VCBeat’s editorial planning in the blockchain sector will be as follows: In addition to continuously monitoring the development of blockchain technology in the healthcare field, we have established a blockchain exchange group. To join, please add VCBeat’s Membership Assistant on WeChat (WeChat ID: vcbeat_m; note “Blockchain” in the friend request) to gain access to more blockchain resources, corporate information, project whitepapers, offline event updates, and more.

 

VCBeat Blockchain Report Series I: Decoding Key Blockchain Terms

VCBeat Blockchain Report Series II: Interpreting Blockchain Application Scenarios in Healthcare

VCBeat Blockchain Report Series III: Case Studies of Blockchain Healthcare Enterprises in China and Abroad


Decoding Key Blockchain Terms (I): “Block” and “Chain”

Decoding Blockchain Keywords (II): How to Ensure the Security of Medical Health Data Through Distributed Storage?


Blockchain Keywords Explained (III): Asymmetric Encryption


Blockchain, also known as the trust chain, establishes trust relationships critical to modern commerce through identity authentication. In the previous two articles, we have repeatedly emphasized that blockchain employs cryptographic methods to resolve trust issues, thereby achieving security and immutability.


In the distributed network of blockchain, communication and trust establishment among nodes rely on digital signature technology, which enables identity verification as well as validation of the authenticity and integrity of information. Therefore,Digital signatures serve two purposes: first, to verify that the message was signed and sent by the sender; second, to confirm the integrity of the message.

 

The process of digital signing involves cryptographic techniques such as hashing algorithms and asymmetric encryption, which form the foundation of trust in blockchain implementation.

 

>>>>

Hash Algorithm


The two core components involved in the cryptographic process of blockchain digital signatures are hash algorithms and asymmetric encryption.


Hash Algorithm (HASH), commonly known as a hash function, transforms plaintext binary data of arbitrary length into shorter, fixed-length binary data through a hashing algorithm; this resulting binary value is referred to as the hash value. Bitcoin, the representative cryptocurrency of blockchain technology, employs the SHA-256 hashing algorithm, which offers exceptionally high security.


Hash algorithms have the following characteristics:


Fast Forward Computation: Given the plaintext and the hash algorithm, the hash value of any length of plaintext can be quickly calculated within limited time and resources.

Preimage Resistance: Given a set of hash values, it is computationally infeasible to reverse-engineer the plaintext within a finite time frame under current computational capabilities.

Avalanche Effect: Even a minute alteration to the original input results in a significantly different hash value. Therefore, data integrity and whether the data has been tampered with can be verified through its hash value.

Consistent Length: Information of varying lengths yields hash values of consistent length after hashing.

Collision Avoidance: Different plaintexts will not yield the same hash value after hashing, thereby avoiding collisions. (Hash collisions can be resolved using certain methods.)

 

32.jpg

After the content is changed, the hash value changes completely.


Hash algorithms in blockchain applications serve several key purposes. First, they encrypt private keys to ensure key security. (We will explain what private keys are and their functions in the next paragraph.) Second, they verify data blocks and generate unique transaction IDs. A hash value is a fixed-length, highly compact, and unique numerical representation of data, which can serve as a block ID and enable data verification. Third, they facilitate Proof of Work (PoW). The puzzle-friendly nature of hash functions forms the basis of consensus algorithms relying on Proof of Work (to be discussed in future articles). Hash values that meet specific requirements, derived through hashing operations, can serve as proof of work within consensus algorithms.


Hash algorithms are also common in everyday computer applications. For instance, when verifying the integrity of a downloaded file, the hash value serves as a verification mechanism. Even if a single byte in the downloaded file differs, it will result in a different hash value. Additionally, passwords registered on websites are typically stored after being processed through a hash algorithm, rather than in plaintext, to prevent data breaches in the event of database leaks. During authentication, the password entered by the user is hashed and compared with the stored hash value to verify identity. These two functions represent the application of hash algorithms in data integrity verification and user authentication, respectively.


>>>>

Asymmetric Encryption


Asymmetric encryption is a description of the encryption and decryption processes.


Encryption is the process of transforming original plaintext information into ciphertext, which appears as a sequence of random numbers, using an algorithm. Decryption requires the recipient of the ciphertext to use a key to decrypt it, thereby restoring the original plaintext for reading. The key serves as the essential tool in both the encryption and decryption processes.


If the same key is used for both encryption and decryption, it is symmetric encryption.The advantage of symmetric encryption lies in its fast encryption and decryption speed, butThe security of symmetric algorithms relies on the key; leakage of the key means that anyone can decrypt messages sent or received, so the confidentiality of the key is crucial.


Asymmetric encryption uses two keys: a public key and a private key. The public key can be made publicly available, while the private key is kept secret by its owner. During communication, the sender encrypts the message using the public key, and the recipient decrypts it using the private key, or vice versa. Because different keys are used for encryption and decryption, this method is also known as an asymmetric encryption algorithm.


Asymmetric encryption does not require prior synchronization of private keys before communication, thereby eliminating the risk of information theft by hackers during the key synchronization process. For example, the private keys issued by banks to individual users are stored on the user's personalUShield. Asymmetric encryption algorithms are generally more complex and have relatively longer execution times, with the advantage of eliminating key distribution issues.


The security of asymmetric cryptosystems is based on certain computationally hard mathematical problems; that is, the decryption process is significantly more time-consuming than verifying the answer. Examples include integer factorization of large numbers and the discrete logarithm problem,Elliptic Curveproblems, etc. Prime factorization is computationally difficult, but calculating the product of given prime numbers is much simpler. This is a typical example of an asymmetric algorithm.


In fact, cryptographic algorithms based on the integer factorization problem are the most influential encryption algorithms.RSAthe fundamental principles. Bitcoin, on the other hand, is based on the elliptic curve problem (Elliptic Curve Cryptography,ECC),RSAandECCAll are asymmetric encryption algorithms.


>>>>

The Role of Asymmetric Encryption in Blockchain


In addition to safeguarding plaintext and keys, asymmetric encryption technology serves another critical purpose: identity authentication, which enables the implementation of distributed storage systems. In blockchain systems, there is no central node to verify user identities; instead, all individual nodes are peer-to-peer and must broadcast their identities to the entire network.Therefore, while making your identity public, you must not disclose your private key to everyone. If someone possesses your private key, they can fully impersonate your identity.


Therefore, we need a mechanism that allows us to publicly verify our identity without disclosing the private key. In other words, even though others do not know the private key I possess, they can still be assured that I hold this key.


Asymmetric encryption can authenticate the identity of the ciphertext recipient. The sender encrypts the plaintext using a public key, and this cipher can only be decrypted byTalentIt can be decrypted. Thus, as long as the recipient solves this problem, others can verify through the answer that he is indeed the owner of the private key. Obviously, the entire network also requires during the private key verification processAsymmetry Even with the plaintext, ciphertext, and one of the keys, it is impossible to derive the other key.


During blockchain transactions, every participant in the network is involved in verifying encrypted transactions. A new transaction initiated by an individual is disseminated and confirmed across the entire network only after that individual proves their identity through decryption. Although ordinary participants cannot solve the cryptographic puzzles, they can quickly verify the correctness of a solution once it is provided.


In blockchain, a key application of asymmetric encryption is digital signatures.——Ensure the authenticity and legality of the content, guaranteeing that no data within the block has been tampered with. The entire signing process is illustrated in the figure below:HASHAlgorithms and asymmetric encryption both have corresponding applications in this field.


31.jpg


The figure above illustrates the encryption and decryption process of cryptographic algorithms during blockchain message transmission. Based on the message content, the sender first performs a hash operation on the message to generate a block digest. The sender then encrypts the digest with their private key to create a digital signature. Upon receipt, the recipient also performs a hash operation on the message and decrypts the digital signature using the corresponding public key. By comparing the two hash values, if they match, it confirms that the message was indeed sent by the claimed sender and has not been tampered with.


The Significance of Asymmetric Encryption in Healthcare Applications


In blockchain technology, all rules are predefined in the form of mathematical algorithms. Participants do not need to know the identity of their counterparties, nor do they need to rely on centralized third-party institutions for transaction endorsement; instead, mutual trust can be established simply by trusting the mathematical algorithms. In essence, algorithms generate credit and provide endorsement for consensus.Existing Blockchain Systems, multi-private-key encryption technologies have emerged based on practical application requirements to meet more flexible and complex scenarios such as multi-signature.


The healthcare ecosystem is complex, involving multiple stakeholders and highly intricate interactions within information systems. In the healthcare sector, resolving the tension between data sharing and privacy, and unlocking the latent value of healthcare data, are critical for healthcareITIt poses a significant challenge. Permission management for medical information and data is critical, yet this process must be simple and cost-effective to address the current inefficiencies.


Although centralized databases may be technically simpler, distributed blockchain networks with privacy-maximizing algorithms can maximize the security of data processing, in compliance withHIPAA, machineConfidentiality and other regulatory and ethical requirements.


>>>>

Creating Secure and Trusted Care Records


Trust is the foundation for providing medical services to patients. Patients need to trust healthcare institution personnel in order to receive proper medical care. Conversely, healthcare providers must trust that patients will honestly adhere to medical instructions. Healthcare blockchain projects can provide identity verification services for both doctors and patients through asymmetric encryption methods.

 

33.jpg

Confidential ID information of medical participants is generated by applying one-way hash encryption to their respective data.

 

By verifying and recording the identity information of both doctors and patients, the system immediately executes pre-edited smart contracts upon successful verification. This mechanism is applied to validation within the medical supply chain, enhancing the execution efficiency of medical prescriptions or the processing efficiency of insurance claims. When a physician prescribes medication for a patient, the prescribed drugs are recorded on the blockchain, allowing consumers to view their prescriptions and transparent drug pricing in real time. In the event of abnormal circumstances such as patient death or medical malpractice, any trusted party aware of the facts can add this information to the system, thereby improving the accuracy and credibility of the records.

 

While many different tools can periodically authenticate users, healthcare professionals must also ensure that identity claims are accurate and reflect the user’s status at a specific point in time. This is particularly critical for healthcare providers, as addressing fraud, waste, and abuse in medical practices has become a vital concern for both system providers and payers. Furthermore, if patients have inaccurate medical records, they may question the credibility and value of the healthcare services provided to them.

 

In medical health records, the risk of sensitive data breaches is extremely high. Blockchain-based identity verification and governance rules can predefine user access and control permissions to ensure the privacy level and transparency of medical health records, while ensuring that only qualified parties can view necessary data.

 

>>>>

Record the Patient's Authorized Consent


A key factor in the sharing of patients' medical information records is the need to obtain patient consent. This is a professional ethical obligation that must be adhered to in the sharing of medical information data.


By capturing patient consent and authorization statements within the immutable records of a blockchain, healthcare professionals can be assured of using these data with confidence. Furthermore, patients can add informed consent documents prior to any surgical or nursing procedures, trusting that the blockchain will securely store these authorization records. Healthcare providers can act in accordance with these instructions, while the blockchain can make access control decisions for medical health records based on post-authentication authorization information, thereby ensuring that the system complies with the patient’s wishes.


Decoding Key Blockchain Terms (I): “Block” and “Chain”

Decoding Key Blockchain Terms (Part II): How to Ensure the Security of Medical and Health Data Through Distributed Storage?


To join the blockchain discussion group and access more blockchain resources, company information, project whitepapers, and offline event updates, please scan the QR code to add the VCBeat Membership Assistant on WeChat (WeChat ID: vcbeat_m; please note “Blockchain”). Companies involved in medical blockchain businesses may also contact Liu Zongyu at VCBeat (WeChat ID: q19930797) for media coverage.


小助手.jpg