Justin Wagner,Joseph N. Paulson,Xiao-Shun Wang,Bobby Bhattacharjee,Hector Corrada Bravo

DOI: https://doi.org/10.1101/025999

2015-09-02

Abstract:Motivation: Developing targeted therapeutics and identifying biomarkers relies on large amounts of patient data. Beyond human DNA, researchers now investigate the DNA of micro-organisms inhabiting the human body. An individual's collection of microbial DNA consistently identifies that person and could be used to link a real-world identity to a sensitive attribute in a research dataset. Unfortunately, the current suite of DNA-specific privacy-preserving analysis tools does not meet the requirements for microbiome sequencing studies. Results: We augment an existing categorization of genomic-privacy attacks to incorporate microbiome sequencing and provide an implementation of metagenomic analyses using secure computation. Our implementation allows researchers to perform analysis over combined data without revealing individual patient attributes. We implement three metagenomic analyses and perform an evaluation on real datasets for comparative analysis. We use our implementation to simulate sharing data between four policy-domains and measure the increase in significant discoveries. Additionally, we describe an application of our implementation to form patient pools of data to allow drug companies to query against and compensate patients for the analysis. Availability: The software is freely available for download at: http://cbcb.umd.edu/\textapprox{}hcorrada/projects/secureseq.html

Taeho Jung,Ryan Karl,Geoffrey H. Siwo

DOI: https://doi.org/10.48550/arXiv.2103.14741

2021-03-26

Cryptography and Security

Abstract:DNA fingerprinting is a cornerstone for human identification in forensics, where the sequence of highly polymorphic short tandem repeats (STRs) from an individual is compared against a DNA database. This presents significant privacy risks to individuals with DNA profiles in the database due to hacking by malicious attackers who may access the data and misuse it for secondary purposes. In this paper, we propose a novel cryptographic framework for jointly encrypting DNA-based fingerprints (STRs) with other biometric data, for example, facial images, such that the STRs and biometrics information of an individual are revealed only when a positive match is found, i.e. the STRs act as decryption keys. Specifically, when a search is performed on the encrypted database using STR sequences of an individual in the database, a perfect match generates the facial image and/ or other biometrics of the individual while the lack of a match returns a null result. By jointly encrypting DNA fingerprints and other biometrics using the unique STRs generated keys, our approach ensures perfect privacy of the encrypted information with decryption of only the record with STRs matching the query. This safeguards the information of other individuals in the same database. The proposed approach can also be used to securely authenticate the identity of individuals or biological material in scenarios beyond forensics including tracking the identity of samples for clinical genetics and cell therapies.

Pierre Baldi,Roberta Baronio,Emiliano De Cristofaro,Paolo Gasti,Gene Tsudik

DOI: https://doi.org/10.48550/arXiv.1110.2478

2011-12-02

Abstract:Recent advances in DNA sequencing technologies have put ubiquitous availability of fully sequenced human genomes within reach. It is no longer hard to imagine the day when everyone will have the means to obtain and store one's own DNA sequence. Widespread and affordable availability of fully sequenced genomes immediately opens up important opportunities in a number of health-related fields. In particular, common genomic applications and tests performed in vitro today will soon be conducted computationally, using digitized genomes. New applications will be developed as genome-enabled medicine becomes increasingly preventive and personalized. However, this progress also prompts significant privacy challenges associated with potential loss, theft, or misuse of genomic data. In this paper, we begin to address genomic privacy by focusing on three important applications: Paternity Tests, Personalized Medicine, and Genetic Compatibility Tests. After carefully analyzing these applications and their privacy requirements, we propose a set of efficient techniques based on private set operations. This allows us to implement in in silico some operations that are currently performed via in vitro methods, in a secure fashion. Experimental results demonstrate that proposed techniques are both feasible and practical today.

Cryptography and Security,Computational Engineering, Finance, and Science

Carson Stillman,Jonathan E. Bravo,Christina Boucher,Sara Rampazzi

2024-06-15

Abstract:Portable genome sequencing technology is revolutionizing genomic research by providing a faster, more flexible method of sequencing DNA and RNA [1, 2]. The unprecedented shift from bulky stand-alone benchtop equipment confined in a laboratory setting to small portable devices which can be easily carried anywhere outside the laboratory network and connected to untrusted external computers to perform sequencing raises new security and privacy threats not considered before. Current research primarily addresses the privacy of DNA/RNA data in online databases [3] and the security of stand-alone sequencing devices such as Illumina [4]. However, it overlooks the security risks arising from compromises of computer devices directly connected to portable sequencers as illustrated in Fig. 1. While highly sensitive data, such as the human genome, has become easier to sequence, the networks connecting to these smaller devices and the hardware running basecalling can no longer implicitly be trusted, and doing so can deteriorate the confidentiality and integrity of the genomic data being processed. Here, we present new security and privacy threats of portable sequencing technology and recommendations to aid in ensuring sequencing data is kept private and secure. First, to prevent unauthorized access to sequencing devices, IP addresses should not be considered a sufficient authentication mechanism. Second, integrity checks are necessary for all data passed from the sequencer to external computers to avoid data manipulation. Finally, encryption should be considered as data is passed from the sequencer to such external computers to prevent eavesdropping on data as it is sent and stored. As devices and technology rapidly change, it becomes paramount to reevaluate security requirements alongside them or risk leaving some of our most sensitive data exposed.

Cryptography and Security

Dennis Grishin,Jean Louis Raisaro,Juan Ramón Troncoso-Pastoriza,Kamal Obbad,Kevin Quinn,Mickaël Misbach,Jared Gollhardt,Joao Sa,Jacques Fellay,George M. Church,Jean-Pierre Hubaux

DOI: https://doi.org/10.1038/s43588-021-00044-9

2021-03-01

Nature Computational Science

Abstract:The growing number of health-data breaches, the use of genomic databases for law enforcement purposes and the lack of transparency of personal genomics companies are raising unprecedented privacy concerns. To enable a secure exploration of genomic datasets with controlled and transparent data access, we propose a citizen-centric approach that combines cryptographic privacy-preserving technologies, such as homomorphic encryption and secure multi-party computation, with the auditability of blockchains. Our open-source implementation supports queries on the encrypted genomic data of hundreds of thousands of individuals, with minimal overhead. We show that real-world adoption of our system alleviates widespread privacy concerns and encourages data access sharing with researchers.

Raja Vavekanand

DOI: https://doi.org/10.48185/smhs.v1i1.1158

2024-05-11

Abstract:The quick progress of genomics examination has driven a surge in the creation of significantly fragile genomic data, making ensuring its security essential. This data contains sensitive information roughly an individual's prosperity, family history, and defencelessness to ailments. Unauthorized access or mishandling can lead to isolation, stigmatization, and mystery breaches. The potential threats to genomic data affirmation are multifaceted, checking the chance of re-identification and extended defense lessness to data breaches, hacking events, and unauthorized get to by harmful actors. To address these challenges, a multifaceted approach is required, tallying solid privacy-preserving methods, securing data capacity, and transmission sharpens, and getting to controls. Encryption techniques, differential security methods, and secure multiparty computation offer promising streets for securing genomic data while progressing collaborative ask approximately. Establishing clear authority frameworks and rules for data management, capacity, and sharing is essential to reduce security threats in genomics research. Collaboration between researchers, policymakers, industry partners, and support groups is essential for developing comprehensive methods to protect genomic data security. By prioritizing security concerns and executing effective safeguards, the community can uphold individuals' rights, maintain open acceptance, and drive advancements in genomics research for the betterment of society.

Xiaosan Lei,Xiaoyan Zhu,Haotian Chi,Shunrong Jiang

DOI: https://doi.org/10.1109/iccchina.2015.7448655

2015-01-01

Abstract:The rapid development of the DNA sequencing has greatly decreased the costs in genome sequencing, leading to a high availability of genomic data in the near future. Based on these data, we can realize genomic medical treatment, disease prevention, personalized medicine, social network applications, and etc., which greatly facilitate our daily life. However, since one's genomic data is the ultimate identifier of an individual and contains huge amount of sensitive private information, such as disease predispositions and ancestry information, the use of genomic data may raise serious privacy concerns. In this paper, we focus on one important genomic data application: Paternity Test, which involves the whole DNA sequence (about 3 · 109 letters) and needs huge storage and computation. Considering genomic data user's privacy and the great storage and computing power of the public cloud, it is necessary to find ways of using genomic data in the cloud without disclosure and abuse of the individual's privacy. We first provide a general framework for storing and processing genomic data both in the cloud, then introduce the proposed privacy-preserving scheme for genetic paternity test with RSA's commutative encryption properties in public clouds without disclosure of users' genomic privacy. Our proposed scheme can achieve a higher privacy preserving level and outsource majority of computation to the public cloud. Performance evaluation shows the effectiveness and efficiency of our proposed scheme.

Fillipe D. M. de Souza,Hubert de Lassus,Ro Cammarota

DOI: https://doi.org/10.1186/s12920-024-02037-9

2024-11-27

BMC Medical Genomics

Abstract:Forensic analysis heavily relies on DNA analysis techniques, notably autosomal Single Nucleotide Polymorphisms (SNPs), to expedite the identification of unknown suspects through genomic database searches. However, the uniqueness of an individual's genome sequence designates it as Personal Identifiable Information (PII), subjecting it to stringent privacy regulations that can impede data access and analysis, as well as restrict the parties allowed to handle the data. Homomorphic Encryption (HE) emerges as a promising solution, enabling the execution of complex functions on encrypted data without the need for decryption. HE not only permits the processing of PII as soon as it is collected and encrypted, such as at a crime scene, but also expands the potential for data processing by multiple entities and artificial intelligence services.

genetics & heredity

Alexander J. Titus,Audrey Flower,Patrick Hagerty,Paul Gamble,Charlie Lewis,Todd Stavish,Kevin P. OConnell,Greg Shipley,Stephanie M. Rogers

DOI: https://doi.org/10.1371/journal.pcbi.1006454

2018-03-26

Abstract:Genomic data are becoming increasingly valuable as we develop methods to utilize the information at scale and gain a greater understanding of how genetic information relates to biological function. Advances in synthetic biology and the decreased cost of sequencing are increasing the amount of privately held genomic data. As the quantity and value of private genomic data grows, so does the incentive to acquire and protect such data, which creates a need to store and process these data securely. We present an algorithm for the Secure Interrogation of Genomic DataBases (SIG-DB). The SIG-DB algorithm enables databases of genomic sequences to be searched with an encrypted query sequence without revealing the query sequence to the Database Owner or any of the database sequences to the Querier. SIG-DB is the first application of its kind to take advantage of locality-sensitive hashing and homomorphic encryption to allow generalized sequence-to-sequence comparisons of genomic data.

Quantitative Methods,Cryptography and Security,Databases,Genomics

Muhalb M Alsaffar,Mohammad Hasan,Gavin P McStay,Mohamed Sedky

DOI: https://doi.org/10.1093/bib/bbab607

2022-03-10

Abstract:DNA sequencing technologies have advanced significantly in the last few years leading to advancements in biomedical research which has improved personalised medicine and the discovery of new treatments for diseases. Sequencing technology advancement has also reduced the cost of DNA sequencing, which has led to the rise of direct-to-consumer (DTC) sequencing, e.g. 23andme.com, ancestry.co.uk, etc. In the meantime, concerns have emerged over privacy and security in collecting, handling, analysing and sharing DNA and genomic data. DNA data are unique and can be used to identify individuals. Moreover, those data provide information on people's current disease status and disposition, e.g. mental health or susceptibility for developing cancer. DNA privacy violation does not only affect the owner but also affects their close consanguinity due to its hereditary nature. This article introduces and defines the term 'digital DNA life cycle' and presents an overview of privacy and security threats and their mitigation techniques for predigital DNA and throughout the digital DNA life cycle. It covers DNA sequencing hardware, software and DNA sequence pipeline in addition to common privacy attacks and their countermeasures when DNA digital data are stored, queried or shared. Likewise, the article examines DTC genomic sequencing privacy and security.

Fangwei Ye,Hyunghoon Cho,Salim El Rouayheb

DOI: https://doi.org/10.1109/tit.2022.3156276

Abstract:Motivated by the growing availability of personal genomics services, we study an information-theoretic privacy problem that arises when sharing genomic data: a user wants to share his or her genome sequence while keeping the genotypes at certain positions hidden, which could otherwise reveal critical health-related information. A straightforward solution of erasing (masking) the chosen genotypes does not ensure privacy, because the correlation between nearby positions can leak the masked genotypes. We introduce an erasure-based privacy mechanism with perfect information-theoretic privacy, whereby the released sequence is statistically independent of the sensitive genotypes. Our mechanism can be interpreted as a locally-optimal greedy algorithm for a given processing order of sequence positions, where utility is measured by the number of positions released without erasure. We show that finding an optimal order is NP-hard in general and provide an upper bound on the optimal utility. For sequences from hidden Markov models, a standard modeling approach in genetics, we propose an efficient algorithmic implementation of our mechanism with complexity polynomial in sequence length. Moreover, we illustrate the robustness of the mechanism by bounding the privacy leakage from erroneous prior distributions. Our work is a step towards more rigorous control of privacy in genomic data sharing.

Jiaxin Xu,Yu Wang,Xue Chen,Lingwei Wang,Haibo Zhou,Hui Mei,Shanze Chen,Xiaoluo Huang

DOI: https://doi.org/10.1016/j.mtbio.2024.101221

2024-09-01

Abstract:The exponential increasement and the attributes of medical data drive the requirement for secure medical data archiving. DNA data storage shows promise for storing sensitive and important data like medical records due to its high density and endurance. Nevertheless, current DNA data storage working scheme generally does not fully consider the data encryption, posing a risk of data corruption by routine DNA sequencing. Here, we designed a "multi-layer" encryption pipeline for medical data archiving. Initially, digital information was encrypted using Blowfish algorithm at information technology (IT) layer, followed by two-layer data encryption at the biotechnology (BT) layer. The first BT layer exploited the molecular weight of synthetic DNA or nucleoside to encrypt the key, while the second BT layer encrypted digital information within DNA sequences. Consequently, decryption involved layer-by-layer interpretation of data, including mass spectroscopy, sequencing, and Blowfish decryption, significantly enhancing data security. Utilizing mass spectroscopy to retrieve information allows for employment of both natural and unnatural nucleosides, as well as their synthetic oligonucleotides, for data storage, thereby considerably boosting scalability. Our work implies expanded flexibility of DNA-based data storage, highlighting the potential for leveraging various physical and chemical characteristics of DNA molecules to encode and access digital information.

Sultan Almakdi,Iqra Ishaque,Majid Khan,Mohammed S Alshehri,Noor Munir

DOI: https://doi.org/10.1016/j.heliyon.2023.e23572

IF: 3.776

2023-12-12

Heliyon

Abstract:In this era of advanced information technology, the exploration and development of novel mechanisms to ensure information confidentiality have consistently captivated the attention of upcoming researchers. In this article, we present a pioneering approach that combines DNA sequencing with a four-dimensional (4D) hyperchaotic map to bolster the security of digital information. Our primary focus is on the design of a robust and secure scheme for encrypting color images, leveraging DNA cryptography and hyperchaos. By extracting three distinct DNA sequences, we generate encryption keys through the integration of DNA computing and 4D hyperchaotic maps. Notably, these keys are intricately linked to the plaintext and vary with any alterations in the input. Consequently, the proposed encryption method stands resilient against an array of potential cryptographic attacks. To gauge the algorithm's security, we subject it to rigorous standard statistical analysis. Our findings underscore the efficiency and robustness of the proposed framework, establishing its potential for facilitating secure communication.

Kayvon Mazooji,Roy Dong,Ilan Shomorony

2024-11-04

Abstract:When an individual's DNA is sequenced, sensitive medical information becomes available to the sequencing laboratory. A recently proposed way to hide an individual's genetic information is to mix in DNA samples of other individuals. We assume that the genetic content of these samples is known to the individual but unknown to the sequencing laboratory. Thus, these DNA samples act as "noise" to the sequencing laboratory, but still allow the individual to recover their own DNA samples afterward. Motivated by this idea, we study the problem of hiding a binary random variable $X$ (a genetic marker) with the additive noise provided by mixing DNA samples, using mutual information as a privacy metric. This is equivalent to the problem of finding a worst-case noise distribution for recovering $X$ from the noisy observation among a set of feasible discrete distributions. We characterize upper and lower bounds to the solution of this problem, which are empirically shown to be very close. The lower bound is obtained through a convex relaxation of the original discrete optimization problem, and yields a closed-form expression. The upper bound is computed via a greedy algorithm for selecting the mixing proportions.

Information Theory,Cryptography and Security

Garima Mathur,Anjana Pandey,Sachin Goyal

DOI: https://doi.org/10.1109/idea49133.2020.9170715

2020-02-01

Abstract:In recent years, there is fast growth in the high throughput DNA sequencing technology, and also there is a reduction in the cost of genome-sequencing, that has led to a advances in the genetic industries. However, the reduction in cost and time required for DNA sequencing there is still an issue of managing such large amount of data. Also, the security and transmission of such huge amount of DNA sequence data is still an issue. The idea is to provide a secure storage platform for future generation bioinformatics systems for both researchers and healthcare user. Secure data sharing strategies, that can permit the healthcare providers along with their secured substances for verifying the accuracy of data, are crucial for ensuring proper medical services. In this paper, it has been surveyed about the applications of blockchain technology for securing healthcare data, where the recorded information is encrypted so that it becomes difficult to penetrate or being removed, as the primary goals of block-chaining technology is to make data immutable.

Carsten Baum,Hongrui Cui,I. Damgård,K. Esvelt,M. Gao,Dana W Gretton,Omer Paneth,R. Rivest,V. Vaikuntanathan,D. Wichs,Andrew Yao,Yu Yu

2020-01-01

Abstract:Securely screening synthetic DNA orders is crucial to minimizing the number of individuals and groups capable of accessing biological weapons of mass destruction, but it must be accomplished without disclosing information on potential bioweapons. Accomplishing this goal requires: 1) screening orders against a database of hazardous sequences, whose secrecy should be protected at the highest possible level while preserving usability; 2) protecting the privacy of the client synthesizer’s queries. In this document, we propose a cryptographic screening protocol that accomplishes these objectives, providing accurate complexity-theoretical assumptions, precise security guarantees, and rigorous mathematical proofs. In addition to technical details, we also explain the reasoning behind our protocol design for the benefit of non-cryptographers.

Wang Chenghong,Yichen Jiang,Noman Mohammed,Feng Chen,Xiaoqian Jiang,Md Momin Al Aziz,Md Nazmus Sadat,Shuang Wang

2018-04-16

Abstract:As genomic data are usually at large scale and highly sensitive, it is essential to enable both efficient and secure analysis, by which the data owner can securely delegate both computation and storage on untrusted public cloud. Counting query of genotypes is a basic function for many downstream applications in biomedical research (e.g., computing allele frequency, calculating chi-squared statistics, etc.). Previous solutions show promise on secure counting of outsourced data but the efficiency is still a big limitation for real world applications. In this paper, we propose a novel hybrid solution to combine a rigorous theoretical model (homomorphic encryption) and the latest hardware-based infrastructure (i.e., Software Guard Extensions) to speed up the computation while preserving the privacy of both data owners and data users. Our results demonstrated efficiency by using the real data from the personal genome project.

Feng Chen,Chenghong Wang,Wenrui Dai,Xiaoqian Jiang,Noman Mohammed,Md Momin Al Aziz,Md Nazmus Sadat,Cenk Sahinalp,Kristin Lauter,Shuang Wang

DOI: https://doi.org/10.1186/s12920-017-0281-2

2017-07-01

BMC Medical Genomics

Abstract:BackgroundAdvances in DNA sequencing technologies have prompted a wide range of genomic applications to improve healthcare and facilitate biomedical research. However, privacy and security concerns have emerged as a challenge for utilizing cloud computing to handle sensitive genomic data.MethodsWe present one of the first implementations of Software Guard Extension (SGX) based securely outsourced genetic testing framework, which leverages multiple cryptographic protocols and minimal perfect hash scheme to enable efficient and secure data storage and computation outsourcing.ResultsWe compared the performance of the proposed PRESAGE framework with the state-of-the-art homomorphic encryption scheme, as well as the plaintext implementation. The experimental results demonstrated significant performance over the homomorphic encryption methods and a small computational overhead in comparison to plaintext implementation.ConclusionsThe proposed PRESAGE provides an alternative solution for secure and efficient genomic data outsourcing in an untrusted cloud by using a hybrid framework that combines secure hardware and multiple crypto protocols.

genetics & heredity

Shibiao Wan,Man-Wai Mak,Sun-Yuan Kung

DOI: https://doi.org/10.48550/arXiv.1708.02629

2017-08-09

Abstract:In the post-genomic era, large-scale personal DNA sequences are produced and collected for genetic medical diagnoses and new drug discovery, which, however, simultaneously poses serious challenges to the protection of personal genomic privacy. Existing genomic privacy-protection methods are either time-consuming or with low accuracy. To tackle these problems, this paper proposes a sequence similarity-based obfuscation method, namely IterMegaBLAST, for fast and reliable protection of personal genomic privacy. Specifically, given a randomly selected sequence from a dataset of DNA sequences, we first use MegaBLAST to find its most similar sequence from the dataset. These two aligned sequences form a cluster, for which an obfuscated sequence was generated via a DNA generalization lattice scheme. These procedures are iteratively performed until all of the sequences in the dataset are clustered and their obfuscated sequences are generated. Experimental results on two benchmark datasets demonstrate that under the same degree of anonymity, IterMegaBLAST significantly outperforms existing state-of-the-art approaches in terms of both utility accuracy and time complexity.

Cryptography and Security,Machine Learning

Liina Kamm,Dan Bogdanov,Sven Laur,Jaak Vilo

DOI: https://doi.org/10.1093/bioinformatics/btt066

IF: 5.8

2013-02-14

Bioinformatics

Abstract:MOTIVATION: Increased availability of various genotyping techniques has initiated a race for finding genetic markers that can be used in diagnostics and personalized medicine. Although many genetic risk factors are known, key causes of common diseases with complex heritage patterns are still unknown. Identification of such complex traits requires a targeted study over a large collection of data. Ideally, such studies bring together data from many biobanks. However, data aggregation on such a large scale raises many privacy issues.RESULTS: We show how to conduct such studies without violating privacy of individual donors and without leaking the data to third parties. The presented solution has provable security guarantees.SUPPLEMENTARY INFORMATION: Supplementary data are available at Bioinformatics online.

biochemical research methods,biotechnology & applied microbiology,mathematical & computational biology