Enhancing the security of electronic medical records using the forward secure secret key encryption scheme

The move to digitize medical records has resulted to the birth of the electronic medical records (EMRs). EMRs pose a number of security challenges. Cryptographic solutions have been used to protect patients’ EMR but with one major weakness; in an event where there is an exposure of a secret key, the secrecy of past and future encrypted data by the exposed secret key is void. This research aimed at integrating the concept of forward secrecy in the protection of EMRs. A study of the existing cryptographic techniques that have been used to protect EMRs was carried out and their weakness noted. In addition, a study of the different forward secure cryptographic approaches was carried out to identify their strengths and weaknesses. An experimental simulation was carried out to evaluate the performance of forward secure and none forward secure secret key encryption scheme. To address the security of the secret key, in use during a particular period, a blowfish algorithm was applied to the forward secure secret key encryption scheme (FSSKES) that was implemented. The study revealed that only few cryptographic schemes that implement forward secrecy have been used in the protection of EMRs and very few of them use the FSSKJES. The main difference between symmetrical and asymmetrical forward secure encryption schemes depends on the underlying encryption schemes used. The experiment showed that the cost of running forward secure encryption is close to that of running none forward secure encryption schemes in symmetrical cryptography. Their throughput was 49.714% and 50.286% respectively.