The Trusted Server: A secure computational environment for privacy compliant evaluations on plain personal data

Hashimoto

Doi

et al. 2022

Sci Rep

Secure storage and secondary use of individual human genome data is increasingly important for genome research and personalized medicine. Currently, it is necessary to store the whole genome sequencing information (FASTQ data), which enables detections of de novo mutations and structural variations in the analysis of hereditary diseases and cancer. Furthermore, bioinformatics tools to analyze FASTQ data are frequently updated to improve the precision and recall of detected variants. However, existing secure secondary use of data, such as multi-party computation or homomorphic encryption, can handle only a limited algorithms and usually requires huge computational resources. Here, we developed a high-performance one-stop system for large-scale genome data analysis with secure secondary use of the data by the data owner and multiple users with different levels of data access control. Our quantum secure cloud system is a distributed secure genomic data analysis system (DSGD) with a “trusted server” built on a quantum secure cloud, the information-theoretically secure Tokyo QKD Network. The trusted server will be capable of deploying and running a variety of sequencing analysis hardware, such as GPUs and FPGAs, as well as CPU-based software. We demonstrated that DSGD achieved comparable throughput with and without encryption on the trusted server Therefore, our system is ready to be installed at research institutes and hospitals that make diagnoses based on whole genome sequencing on a daily basis.

Section: Preset Work For Secure Secondary Use Of Data Methods (Multi-...mentioning

confidence: 99%

Secure secondary utilization system of genomic data using quantum secure cloud

Hashimoto

Doi

et al. 2022

Sci Rep

“…The novelty of our scheme is to introduce the share calculator to guarantee an integrity of the data. The trusted assumptions on processing hardware are practical and have often been introduced in secure multiparty computation studies [20,25]. In our case, we require that share calculations are performed secretly and the memory used to calculate MAC tags is long-term secure but small.…”

Section: Advantage Of Our Schemes (For Both Information Theoretical Security and Computational Security)mentioning

confidence: 99%

“…A problem of this setting is that the MAC generator enables to falsify the MAC tags easily due to the property of the universal2 hash function. Therefore, in the proposed scheme, we introduce "a trusted calculator" [20] for the MAC taggenerator. Such a concept of secure computation using a trusted hardware, which is trusted but has small long-term memory capacities, is used in practices (an example of such a device is in [21,22]).…”

Section: Introductionmentioning

confidence: 99%

Long-Term Secure Distributed Storage Using Quantum Key Distribution Network With Third-Party Verification

IEEE Trans. Quantum Eng.

Nojima

Tsurumaru

et al. 2022

The quantum key distribution (QKD) network [1,2] with Vernam's One Time Pad (OTP) encryption [3] and secret sharing [4] are powerful security tools to realize an information theoretically secure (ITS) distributed storage system. In [5], a single-password-authenticated secret sharing (SPSS) scheme based on the QKD network and Shamir's secret sharing [4] was experimentally demonstrated; it confirmed ITS data transmission, storage, authentication, and integrity. To achieve data integrity, an ITS message authentication code (MAC) tag is employed and a data owner of the secret sharing performs both the MAC tag generation and verification. However, for a scenario in which the data owner and end users are different entities, the above approach may not work since the data owner can cheat the end users. In this paper, we resolve this problem by proposing an ITS integrity protection scheme employing a third-party verification with timestamp. The ITS integrity protection is realized by two steps: integrity check by the data owner at data reconstruction, and data integrity certification by the data owner, the end user, and the third-party verifier using a MAC based on universal2 hash function [6] and random number provided from the QKD network [7]. In addition to introduce the third-party verifier, we institute "a trusted calculator" which computes shares of the data and MAC tags and sends MAC tags to the third-party verifier. The random number used in calculating MAC tag is stored in the trusted calculator. We implement this scheme on the SPSS system installed in the Tokyo QKD Network [8] and evaluate the performance of the third-party verification in view of attack scenarios on this system. In addition, we demonstrate a simple share renewal function based on verifiable secret sharing scheme which ensures the data integrity for a certain practical period based on the hardness of discrete logarithm problem. To our best knowledge, this is the first demonstration of ITS secure data transmission, storage, authentication, and data integrity with the third-party in a metropolitan area network.

“…To solve these two subjects, secure computation using "a trusted server" enables realistic and secure data use, and has been proposed as one form of implementation [27].…”

Section: Introductionmentioning

confidence: 99%

Secure secondary utilization system of genomic data using quantum secure cloud

Hashimoto

Doi

et al. 2022

Preprint

Secure storage and secondary use of individual human genome data is increasingly important for genome research and personalized medicine. Currently, it is necessary to store whole genome sequencing information (FASTQ data) itself, which enables detections of denovo mutations and structural variations in the analysis of hereditary diseases and cancer. Furthermore, bioinformatics tools to analyze FASTQ data are frequently updated to improve the precision and recall of detected variants. However, existing secure secondary use of data, such as multi-party computation or homomorphic encryption, only can handle a limited algorithms and usually requires huge computational resources. Here, we developed a high-performance one-stop system for large-scale genome data analysis with secure secondary use of data to the data owner and multiple users with different data access control. Our quantum secure cloud system is a distributed secure genomic data analysis system (DSGD) with “a trusted server” built on a quantum secure cloud, Tokyo QKD Network under the information-theoretically secure. The trusted server will be capable of deploying and running a variety of sequencing analysis hardware, such as GPUs and FPGAs, as well as CPU-based software. We demonstrated DSGD achieved comparable throughput between with and without encryption on the “a trusted server”. Therefore, our system would be ready to be installed to the research institutes and hospitals that makes diagnoses based on whole genome sequencing on a daily basis.