EasyRadiology publishes uts encryption algorithms for all!
It is a good practice to publish the encryption code as open-source, so that anyone can scrutinize the security of the solution line by line and check the result of the encryption.
1. Encryption of the DICOM CD folder
The easyRadiology Image format (ERI) is a ZIP archive. It contains the entire original DICOM data (the CD/DVD folder) encrypted with AES-256. When you download the ZIP file and open it, you will see a folder labeled “DICOM_CD”. To extract files or the entire directory, please use a ZIP software like the free 7-ZIP or WinRAR. Windows’ built in extractor does not support the AES-256 encryption in ZIP files. If you are regularly extracting exams from other radiologies, we can provide you with specialist software connected to a QR code scanner to speed up the process.
The DICOM_CD folder is encrypted with a password, which has a format of 4x 8 (=32) characters separated by “-“. This has a randomness of 2.3 x 10^57, which corresponds to 192 bits. With current technologies, AES with a 192 bit password cannot be broken.
2. Encryption of the patient data
The patient data is stored alongside preview images in the ZIP container in a JSON file. This JSON file is encrypted with a 32 byte key (256 bits) with AES-256. The key is generated from the Exam Access Code. The “Exam Access Code” was chosen as a means that physicians and patients can enter the code easily on the website of EasyRadiology or the radiology. The “Exam Access Code” uses only 9 characters (3 x 3, separated by “-“), which are A-Z (without “O”) and 1-9 (without “0”). This results in a randomness of 35^9 = 7.8 x 10^13. easyRadiology uses the key derivation algorithm “Scrypt” with settings which make key derivation from the “Exam Access Code” extremely computationally heavy and hence very secure. On modern hardware and with default parameters, the cost of cracking the password on a file encrypted by Scrypt is approximately 100 billion times more than the cost of cracking the same password on a file encrypted by regular (open)SSL – this means that a five-character password using Scrypt is stronger than a ten-character password using openssl.” (from tarsnap.com).
3. Encryption source code online
Please have a look at the source code, which we developed and are using in easyRadiology here: https://github.com/smartinmedia/Net-Core-JS-Encryption-Decryption
Let’s assess the risks:
Intrusion into easyRadiology server
Assuming a hacker is able to access the database and read all data from it, all they will be able to find will be encrypted exams. If they want to brute-force crack the password of only one single radiology exam, they would attack the “Exam Access Code”, because attacking the ZIP AES-256 (192 bit key) is futile. Because of the settings used for Scrypt to generate the key from the Exam Access code, it takes an average of 250 ms per key derivation on a i7 machine. To calculate 50% of all possible keys, this machine would need appr. 250,000 years (a very conservative estimate). Even with 250,000 computers calculating many keys simultaneously, there would only be 50% chance of cracking only one radiology exam by the end of the year. For 2 radiology exams you would need the double amount of time or computers, because the access codes and the salt vary between each radiology exam. Using pre-computed rainbow tables would not help the attacker because the key is salted before Scrypt is applied. This is not even taking into account that the time taken to check each derived single key applied against the encrypted file to determine if it is correct. The chance of anyone heavily investing such a huge amount resources and money to crack only one single radiology exam is highly unlikely.
Sending out email with exam keys
Sending out the email to the user with the radiology exam keys is actually a more realistic threat to security and should be used at the user’s discretion. The possible attack can be either from the email service provider (reading your emails) or from anyone who can access your emails on your computer. We will implement another means of encryption on this webpage, namely using an offline-converter and uploading the result to our cloud or having the radiology exam pre-anonymized in your browser. Alternatively, you can the “Exam Access Code” after upload on the website instead of an email. However, we think that most users / patients would prefer a simple service and accepting the risk of their unsecure emails.
Losing documents containing codes
This is actually the most realistic scenario: a patient loses his document with passcodes and someone else can view his exam. However, this is already a current risk with a patients having a copies of their own radiology exam reports.
Realistically, easyRadiology offers excellent security which outperforms competing solutions in cryptography. The threat of all patient’s data are exposed to hackers, are negligable because of the applied technologies.
However, we are always constantly scrutinizing our technology constantly for possible improvements and are always grateful for recommendations from anyone!