CKKS-ITSA: A Secure Cloud-Based Medical Image Encryption Model Using Optimized Homomorphic Encryption Algorithm

The use of cloud computing (CC) has become an essential instrument in improving the healthcare sector, rendering it more patient-centered and data-driven. Integrating medical data with CC enhances accessibility in a cost-efficient manner. This can provide reliable responses for patients and industries [1]. Moreover, CC can improve system agility, velocity, and adaptability by diminishing hardware or software supply demands and minimizing resources required for system maintenance, including installation, configuration, and testing. Notwithstanding the advantages of CC in healthcare, securing patient and medical data security and privacy remains a paramount concern that influences the widespread use of the cloud-based approach [2]. CC enables the distribution of customizable computational resources via the network and functions as a platform (PaaS), infrastructure (IaaS), or software (SaaS) as a service for providing a cohesive solution. This subsequently improves the storing, sharing, and manipulation of extensive medical data, encompassing radiography and genomic information, while facilitating the distribution and collection of electronic health records among practitioners, researchers, specialists, and patients with reduced initial cost [3].

The healthcare sector generates substantial data from several sources, including patients, clinics, hospitals, sensors, mobile devices, electronic health records, and researchers. This data is frequently incomplete, incorrect, and heterogeneous, complicating management, storage, and analysis. Cost-effective high-throughput analysis of physiological and medical information from many sources is possible. Nonetheless, proficient management and evaluation of these data are essential for enhancing healthcare outcomes and progressing medical research [4].

Figure 1 delineates the National Institute of Standards and Technology (NIST) CC framework, encompassing a list of principal participants, their responsibilities, and their corresponding roles within CC [5]. A cloud organization consists of resources allocated to fulfill requests. NIST identifies five fundamental components that constitute a cloud computing configuration.

111.png

Figure 1. NIST architecture of CC

Cloud consumer: Consumer can get reduced costs and enhanced services by entering into a service-level agreement (SLA) with a provider of cloud services.

Cloud Supplier: A supplier of cloud services is an entity that facilitates access to assistance for a cloud client.

Cloud Auditor: A cloud auditor is responsible for independently evaluating cloud services. The inspector objectively evaluates the cloud to see if the norms have been satisfied.

Cloud Broker: A cloud broker manages the communications between cloud users and suppliers, controlling the utilization, efficiency, and distribution of cloud services.

Cloud Carrier: A cloud carrier serves as an intermediary that links cloud providers with clients to facilitate the delivery of cloud services [6].

Currently, remote data storage is a predominant application of cloud computing. Security is undeniably essential for organizations of all sizes and clients of cloud storage. A cloud computing storage service must ensure highly accessible data access while sustaining high speed and optimal scalability. Moreover, security in a storage system is essential, and the accuracy of data must be assured [7]. Cryptography serves as a security solution; nonetheless, the context and sequence of its application are crucial. The client requires that its data on the cloud be protected and preserved. The Cloud Service Provider (CSP) handling the client's data must ensure data accessibility while preventing unauthorized users from reading or modifying it. Cloud data storage provides an extensive repository of shared resources, enabling users to move data to fulfill their requirements. Improper media refinement, Data integrity and privacy, data vulnerability and recoverability, and data backup are challenges associated with cloud storage in CC [8].

In a CC environment where service providers manage the processing and storage of data resources, consumers need to retain control over their stored content and keep ownership. Cryptographic methods serve as a crucial instrument for preserving data security, necessitating the initial layer of security both before its transmission to the data center as well as during its storage as ciphertext. These provide security criteria and source encryption protocols for data applications [9]. Nevertheless, the ciphertext of conventional encryption systems will only be analyzed, mined, and employed after its decryption into plaintext, incurring additional computational and communicative expenses. Utilizing advanced cryptographic technology, the cloud facilitates the sharing, computation, as well as processing of information in ciphertext form without any knowledge of the underlying content [10].

Cloud-based health information exchange enables healthcare workers to securely access patient data remotely, simplifying prompt decision-making, particularly in crises [11]. Cloud technology facilitates the scalability of healthcare organizations, allowing for the on-demand adjustment of health information exchange systems to meet fluctuations in the volume of data and user needs. The utilization of this economical alternative to conventional document storage and sharing methods can advance healthcare. Cloud service providers secure patient medical data through encryption, access controls, and routine security assessments of the health information exchange [12].

1.1 Problem statement

With the quick adoption of medical image security systems based on the cloud, the security and privacy of the patient’s sensitive medical data must be protected. Conventional encryption techniques often struggle to balance between computational efficiency, security, and preserving the quality of the image. This issue makes the system inappropriate for real-time medical applications [13]. Homomorphic encryption provides a promising solution, but it has high computational complexity and inefficient key management limitations. Additionally, traditional encryption models struggle in resisting differential attacks, maintaining structural integrity, and optimizing processing. To solve these challenges, this study proposes a novel medical image security framework based on the cloud using CKKS-HE with improved TSA (CKKS-ITSA). This proposed research model aims to improve the encryption robustness, computational efficiency, and cloud-based data security.

1.2 Research contributions

The novelty of the research includes two improvements that the developed CKKS-ITSA model offers over existing models. First, medical image datasets have requirements with regard to encryption and decryption, as they require fast and approximate computations. The CKKS framework successfully addresses these needs, unlike conventional HE methods like BFV or Paillier, which are slow and computationally expensive to operate on medical image datasets. Additionally, the integration of ITSA for key generation provides the CKKS framework's medical image encryption model with improved parameter tuning, which leads to a reduction in key-generation time and enhanced security from cryptanalytic attacks. Based on these two reasons, the CKKS-ITSA model can be designed with less distortion (MSE = 0.139, PSNR = 68.45 dB, SSIM = 99.97%) as well as faster runtime (encryption = 6.75 ms, decryption = 5.12 ms) compared to other medical image encryption models, which further highlights its distinction from other models. Hence, in this research, a novel framework for securing medical image transmission and storage in cloud platforms is developed. The major contributions of this research are described as follows:

• The work develops a novel encryption framework by integrating the CKKS-HE method with the ITSA technique for optimized key generation to ensure improved security and computational efficiency.

• The model utilized the ITSA technique to generate highly secure public and secret keys for minimizing computational complexity and improving the robustness of the HE method for medical image security.

• The model is experimented with using the Multi Cancer Dataset from Kaggle to validate the performance and efficiency.

• The model is assessed with various performance metrics such as decryption time, encryption time, key generation time, MSE, PSNR, SSIM, CC, NPCR, and UACI. The image quality metrics are assessed to ensure minimal distortion and high fidelity in encrypted medical images. The NPCR and UACI are assessed to ensure the model’s resistance to differential attacks.

• Finally, the performance results of the proposed CKKS-ITSA model are compared with the other methodologies analyzed in the review, and the advantages and limitations of the model over the compared models in cloud-based data security.

The research work is structured into the following sections: Section 2 briefly analyzes the existing models related to the research work. Section 3 includes the implementation of the present research methodology. Section 4 presents the experimental findings of the developed model and compares them with existing models. Section 5 ends the research by summarizing the findings and offering recommendations for future research.

This research presents a novel medical image security framework based on the cloud for secure transmission and storage. The proposed research utilized a new homomorphic encryption method called CKKS-HE for medical image encryption and decryption. This CKKS-HE method was originally developed to perform arithmetic calculations on encrypted complex and real numbers. However, in this work, it is implemented to perform encryption and decryption for images. The workflow of the proposed research methodology is depicted in Figure 2. The figure represents the CKKS-based homomorphic encryption model for securing medical images in cloud environments. As seen in the workflow, the process starts from the hospital or healthcare center, where the medical images of the patients are collected for storing in the cloud securely. The collected images are processed using the CKKS-HE method, which ensures privacy while allowing computations on encrypted data. The ITSA technique is applied for optimal key generation, in which the technique optimally generates the encryption keys for improving the security and computational efficiency. The encrypted images are then transmitted to the cloud for remote storage and processing. If the authorized users, like doctors or medical staff, need access, the encrypted images are downloaded or extracted from the cloud. Then, the images are decrypted using the CKKS decryption with the secret key. Finally, the decrypted images are restored to their original form for healthcare diagnosis. This proposed research model ensures privacy and security throughout the transmission and storage process in the cloud.

222.png

Figure 2. Workflow of the research methodology

3.1 Data collection

From the Kaggle repository, a multi-cancer dataset is obtained to validate the proposed methodology. This dataset consists of images of various cancer types, compiled for scientific and research uses. It includes eight forms of cancer: Acute Lymphoblastic Leukemia (ALL), Brain Cancer, Breast Cancer, Cervical Cancer, Kidney Cancer, Lung Cancer, Colon Cancer, Lymphoma, and Oral Cancer. This dataset contains 130,000 images as shown in Table 2. Figure 3 depicts these cancer images collected from the dataset. This dataset is publicly available and downloadable from the Kaggle repository [31].

Table 2. Multicancer dataset

333.png

Figure 3. Cancer images from the dataset

Within each class of the dataset, the model is exposed to normal, benign, and varying stages of malignant images that allow the model to better learn the heterogeneity of image representation. This enables the CKKS-ITSA model to better address varying complex medical imaging conditions as opposed to models designed only for specific cancers. Although the issues of class imbalance among the different types of cancer and the use of images from a well-known Kaggle dataset rather than real clinical workflows are well known. These issues might affect the dataset’s representative portrayal of medical imagery in the real world. To correct for these issues, DSIHE and Z-score normalization were utilized as preprocessing methods to dualistically balance quality and distribution, mitigating bias. Additionally, through the evaluation of the model on various types of cancer images, the study substantiates that the encryption method proposed can robustly work with diverse medical datasets, which further proves the validity of the experiments in real-world conditions.

3.2 Preprocessing

Preprocessing and normalization of medical images can significantly enhance the efficiency of the proposed decryption and encryption process for cloud-based security. For this work, the Dualistic Sub-Image Histogram Equalization (DSIHE) is implemented for enhancing the images and Z-score normalization is applied to standardize the image data. The DSIHE is an advanced histogram equalization technique, which provides better contrast enhancement while reducing the over-enhancement issues. This can lead to achieving higher SSIM and PSNR results in encryption and decryption.

The DSIHE technique divides the image histogram into two equal parts based on the median gray level and applies the equalization individually to each part to maintain the original brightness. Subsequently, conventional histogram equalization is applied independently to each sub-histogram. Upon completion of the equalization process, all the parts are combined to produce the final output. The DSIHE technique decomposes the image according to the gray level with a cumulative distribution function (CDF) value of 0.5. Assuming the image that is input be $X$, which will be divided into two parts, $X_L$ and $X_U$, with the median values $X_D$ determined as stated in the following expressions Eqs. (1) and (2).

$X=X_L \cup X_U$              (1)

where, $X_L=\left\{x(i, j) \mid x(i, j) \leq X_D \forall x(i, j) \in X\right\}$ and $X_U= \left\{x(i, j) \mid x(i, j)>X_D \forall x(i, j) \in X\right\}$.

$\begin{aligned} & X_D= \arg {Min}_{0 \leq k \leq L-1}\left|{cdf}\left(X_k\right)-\frac{{cdf}\left(X_0\right)+c d f\left(X_{L-1}\right)}{2}\right|\end{aligned}$                (2)

The outcome of the DSIHE method is evaluated when the two equalized parts are merged into a single image. When $Y(i, j)$ represent the processed image in Eq. (3), then the output image is expressed in Eq. (4):

$Y(i, j)=\left\{\begin{array}{c}X_0+\left(X_m-X_0\right) c_L\left(X_k\right) \\ X_{m+1}+\left(X_{L-1}-X_{m+1}\right) c_U\left(X_k\right)\end{array}\right.$                  (3)

$Y=\{Y(i, j)\}=f_L\left(X_L\right) \cup f_U\left(X_U\right)$            (4)

Additionally, observe that sub-image $X_L$ is equalized by a function $f_L\left(X_L\right)$ within the range $\left(X_0, X_{D-1}\right)$, whereas $X_U$ is equalized by a function $f_U\left(X_U\right)$ within the range $\left(X_D, X_{L-1}\right)$ [32].

The Z-score normalization ensures that the pixel intensity values have zero as the mean and one as the standard deviation, which helps to minimize the intensity variations and standardize the image distributions. It also enhances the encryption consistency by maintaining a uniform pixel distribution, which improves the security against noise artifacts. This normalization avoids bias during processing, ensures better feature preservation for encryption and decryption. Eq. (5) represents the Z-score normalization.

$Z=\frac{(x-\mu)}{\sigma}$               (5)

Here, $\mu$ and $\sigma$ are the mean and standard deviation values of non-zero pixels, correspondingly. Furthermore, $x$ denotes the current pixel's intensity [33].

3.3 Improved TSA for optimal key generation

The TSA technique has been developed by emulating the swarm intelligence and jet propulsion behaviours of tunicates in their search for food sources, which is their optimal behaviors. Therefore, a tunicate must satisfy the following requirements: avoid problems among search operators, shift towards the location of the most effective search operator, and keep proximity to the optimal search operator to develop jet propulsion behaviour mathematically, while the swarm behaviour adjusts the position of remaining search operators according to the optimum solutions.

This research employed an improved version of the TSA method by incorporating a novel search equation into the tunicate position. Using ITSA, the keys are enhanced to encrypt confidential medical data. Optimization procedures have been generally executed utilizing a fitness function (FF), to which the optimization issue converges to yield the optimal solution. The FF is the PSNR value’s minimization function computed among the decoded images and the actual plaintext image. In each iteration, the value of PSNR was assessed, and the optimal keys that preserve the quality of the decoded images were chosen. Hence, the developed CKKS-Based Homomorphic Encryption could encrypt images without compromising the quality of the decrypted images and simultaneously reduce the computation time necessary for encryption. Figure 4 depicts the flowchart of the ITSA. Based on this flowchart, the function of ITSA is discussed in the following for this research for key optimization [34].

In this ITSA, the population (set of key values) $\left(N_{m k}\right.$, where $k=1,2, \ldots, a$ and $m=1,2, \ldots, c)$ of tunicates is chosen at random during initialization. After generating the initial key values, the FF of the input solution was evaluated, and the optimal solution was chosen during the assessment of the fitness phase. The FF is expressed by the following Eq. (6).

$F F\left(N_{m k}\right)=\max (P S N R)$                    (6)

If the PSNR $\geq$ Threshold, the present solution is preserved, and the ITSA seeks to enhance or sustain the best fitness value.

The following step seeks to improve the TSA's search procedure. A dynamic perturbation has been added to enhance the exploitation patterns and search neighboring solutions in the exploration space. In the search equation, all the positions are adjusted with a dynamic step, and these positions are considered viable if they surpass the previous ones. The parameters of the search space are adjusted dynamically. The updated position of ITSA could be presented as given in the following Eq. (7).

$P_{{pop}}(t+1)=P_{{pop}}(t) \pm {rant} ^t \times \frac{\alpha}{2}$                  (7)

In this equation, $P_{ {pop}}(t+1)$ indicates the tunicate's update position, $t$ indicates the number of iterations, and $\alpha$ denotes a dynamic step that diminishes as the optimization process advances, hence enhancing neighborhood search and facilitating exploitation capability. It is presented as follows in the given Eq. (8).

$\alpha=\theta \times \alpha_1+(1-\theta) \times \alpha_2$                 (8)

Here, $\theta$ is a random variable that adheres to a uniform distribution ranging from zero to one, $\alpha_1$ and $\alpha_2$ delineate the dynamic boundaries, which are computed using Eq. (9).

$\alpha_1=\min \left(\overrightarrow{P_{p o p}}\right), \alpha_2=\max \left(\overrightarrow{P_{p o p}}\right)$               (9)

The calculation of the position of new search agent (newer keys) uses the vectors 'K' to prevent issues among search operators (other tunicates) according to the subsequent Eq. (10):

$\vec{K}=\frac{\vec{G}}{\vec{S}}$                 (10)

In this equation, $\vec{G}$ represents the gravitational force, whereas $\vec{S}$ signifies the social force among search operators, which could be expressed as given in Eqs. (11) and (12).

$\vec{G}=h_2+h_3+\vec{W}$                   (11)

$\vec{W}=2 \cdot h_1$                   (12)

In addition, $\vec{W}$ signifies the advection of water flow in the deep ocean, while $h_1, \ldots h_3$ are random variables within the interval $[0 ; 1]$. Furthermore, the social dynamics among search agents $\vec{S}$ are structured as given in the following Eq. (13).

$\vec{S}=\left[V_{\min }+h_1 \cdot V_{\max }-V_{\min }\right]$                  (13)

In this equation, $V_{\min }$ and $V_{\max }$ denote the primary and secondary velocities for initiating a social connection. The next step involves directing search agents towards the optimal neighbor. The distance across the food supply and the search agent is determined using Eq. (14) to identify the optimal neighbor:

$\vec{D}=\left|\vec{N}_o-h \cdot \vec{N}(q)\right|$                 (14)

Here, $\vec{N}(q)$ is the tunicate positioning at the qth iterations, $\vec{N}_o$ signifies the optimality (food location), and $h$ is a random value within the interval $[0,1]$.

Upon acquiring the optimal neighbor, the search operators descend towards the location of the most effective search operator (food sources). Thus, the revised positions of the tunicates N(q) are as follows in Eq. (15).

$\vec{N}^{\prime}(q)=\left\{\begin{array}{l}\vec{N}_o+\vec{N} \cdot \vec{N}^{\prime}, \cdots \text { if } h \geq 0.5 \\ \vec{N}_o+\vec{N} \cdot \vec{N}^{\prime}, \cdots \text { otherwise }\end{array}\right.$                     (15)

The initial two optimal solutions were retained, and the placements of the remaining search operators were adjusted based on the positions of the top search operators to emulate tunicate swarm behaviour, as articulated in the following Eq. (16).

$\vec{N}^{\prime}(q+1)=\frac{\vec{N}(q)+\vec{N}^{\prime}(q)}{2+h_1}$                     (16)

The previous steps are reiterated till the maximum repetition is achieved. Additionally, during all the iterations, the generated keys were assessed for efficacy and updated in accordance with the previously best keys [35]. The best optimal keys acquired were only utilized to decode the images. Following the acquisition of the optimal keys, the cloud server simultaneously stores the encrypted sensitive medical images.

Figure 4. Flowchart of ITSA

3.3.1 Parameter optimization

In this study, the ITSA relies on key parameters like fitness function as well as the dynamic random variables and perturbation factors. A fitness function was used to maximize the PSNR and minimize the MSE, which ensures that the optimized keys preserve high image quality after decryption. The random variable $\theta$ allows the key formation to have exploitation and exploration balancing, where the smaller values initiate fine-tuned local search, while larger values enable global exploration of the key space. Perturbation was integrated to avoid premature convergence and ensure diversity of solutions.

3.3.2 Integration of ITSA with CKKS-HE

The use of CKKS-ITSA as a framework includes the ITSA in the key generation phase of the CKKS scheme. In CKKS, encryption keys are made with predetermined polynomial degrees and modulus chain parameters that often do not provide the best balance of security, calculation efficiency, and ciphertext noise. In contrast, ITSA fills out this parameter space by setting the fitness function to be the image reconstruction quality (high PSNR and SSIM) and the efficiency (low encryption and decryption time) to be maximized together. The evaluation of the candidate parameter sets is done iteratively with small-scale encryption and decryption cycles, and the best configuration is kept for usage.

3.4 CKKS-homomorphic encryption

The CKKS Homomorphic Encryption technique facilitates arithmetic operations on encrypted real as well as complex integers. The framework includes four primary homomorphic processes: encryption, key generation, decryption, and evaluation; whilst the evaluation phase was generally executed by the cloud servers, the majority of the other operations were conducted on the user's side. The CKKS technique functions on a quotient ring as given in Eq. (17), with $Q$ denoting the modulus integer and $N$ representing the power-of-two polynomial degree.

$R_Q=\frac{Z_Q}{\left(X^N+1\right)}$                (17)

Specifically, key generation entails the formulation of the secret key for encryption-decryption operations executed by a trustworthy entity (e.g., an end user). Furthermore, one or many public keys could be produced for encryption reasons or additional public functional keys that can be utilized throughout evaluation. Each of these keys was generated from the fundamental secret keys. The encryption of the CKKS system was non-deterministic and could be classified as either asymmetric or symmetric, based upon certain requirements. Evaluation involves conducting calculations on encrypted data, typically conducted by an unauthorized entity, yielding encoded results. At last, decryption was executed by an authorized entity in possession of the secret key, facilitating the recovery of the original raw content.

Typically, HE systems utilizing the quotient ring, $R_Q$, necessitate a substantial modulus integer, $Q$, to facilitate extensive homomorphic operations. An effective method called the Chinese Remainder Theorem (CRT) was suggested to resolve this problem. The CRT facilitates the reduction of the huge modulus, $Q$, into small pairwise coprime moduli, represented as $q_i$, resulting in the following Eq. (18):

$Q=\prod_{i=0}^L q_i$                    (18)

This decomposition allows for the modeling of a polynomial, $a$ in the RNS domain and supports effective computation on each of its elements. Using the residue number system (RNS) representations, the polynomial '$a$' could be represented as a collection of three polynomials, $a_0, a_1, a_2$, when adopting three pairwise co-prime moduli, $q_0, q_1, q_2$, correspondingly. In this context, each $a_i$ denotes a polynomial within the corresponding RNS channel, $R q_i$. This strategy is beneficial as it decreases the size of coefficients and markedly improves the effectiveness of computations within the homomorphic encryption. The subsequent polynomial components are specified as follows [36]:

$a=\left([a]_{q_0}, \ldots,[a]_{q_i}\right) \in \prod_{i=0}^L R q_i$                       (19)

In this context, in a ring field $R q_i=\frac{z q_i}{\left(X^N+1\right)}$ is given as:

$[a]_{q_i}=a_0+a_1 X+\cdots+a_{N-1} X^{N-1} \in R q_i$                        (20)

Consequently, executing arithmetic computations on the large integer coefficients could be conducted separately for every smaller modulus without affecting accuracy. The discussed CKKS-HE method is applied for medical image decryption and encryption for securing medical images in a cloud environment. The CKKS-HE method has three main stages like key generation, encryption, and decryption.

3.4.1 Key generation process

The key generation in CKKS is significant to encrypt the medical images and perform secure computations. The key generation process includes the generation of the public key $\left(P_k\right)$, secret key $\left(S_k\right)$, and evaluation keys. The public key is used for encryption, the secret key is used for decryption, and evaluation keys are used for homomorphic operations. The CKKS model is based on the ring learning with errors (RLWE) problem for security. The key generation process includes the following steps.

Step 1: Secret Key Generation

The client (hospital) generates a random polynomial $s$ from a predefined distribution. The secret key is used to decrypt the medical images. The representation of secret key $S_k$ was defined as given in the following Eq. (21).

$S \sim u\left(R_o\right)$              (21)

Here, the variable $R_Q$ denotes the quotient ring utilized in CKKS.

Step 2: Public Key Generation

It is derived from the secret key. A polynomial $a$ randomly and the error polynomial $e$ were sampled. The public key is computed using the following Eq. (22).

$P_k=(b, a)$, where $b=-(a \cdot S+e)$                     (22)

The public key  is utilized for encrypting the medical images.

Step 3: Evaluation Keys

Furthermore, to facilitate key transitions in homomorphic functions (including conjugation, permutation, and multiplication), evaluation keys were initially produced by the clients and subsequently transmitted to the cloud servers for additional processing. The following presents the pseudocode for the key generation process based on ITSA.

3.4.2 Encryption process

In CKKS, the medical images in grayscale and RGB images are represented as pixel intensity values. The CKKS method could encrypt these values and enable secure processing without decryption. The images are converted into a format appropriate for CKKS encryption before encryption. The images are flattened into a one-dimensional array of pixel values. Next, the pixel values are normalized by scaling the pixel intensities in the range [0, 1] or [-1, 1] to fit in the numerical encrypting range of CKKS. For example, the medical images from the dataset are in a resolution of 512×512. So, the 512×512 has 262144 pixels. The CKKS can store 8192 values per ciphertext, hence the entire image is divided into 32 blocks, resulting in 8192×32=262144-pixel values. Each block is individually encrypted into a unique ciphertext. The CKKS indicates the encrypted data as polynomials, where all the pixel intensity values are encrypted as the coefficients of the polynomials. The RNS decomposition was utilized for dividing the large polynomials into small modulus components for enhancing efficiency.

If the pixel intensity values were $p_1, p_2, \ldots, p_N$, the plaintext polynomial is expressed as given in the following Eq. (23).

$m(X)=p_1+p_2 X+p_3 X^2+\cdots+p_N X^{N-1}$                  (23)

This polynomial is then encrypted using the CKKS method. For encryption, the public key $P_k=(b, a)$ is utilized and the ciphertext pair $c t=\left(c t^0, c t^1\right)$ is generated. Finally, the encrypted image blocks are secure for cloud computing.

3.4.3 Decryption process

When the encrypted medical image is retrieved or downloaded, the decryption process is performed to decrypt the medical image to its original form. In this decryption process, the secret key $\mathrm{S}_{\mathrm{k}}$ is utilized to retrieve the plaintext polynomial. The pixel intensity values from the polynomial representation are extracted. The one-dimensional pixel array is converted into a medical image. The mathematical representation of the decrypted polynomial is expressed as given in the following Eq. (24).

$m^{\prime}=p_1^{\prime}+p_2^{\prime} X+p_3^{\prime} X^2+\cdots+p_N^{\prime} X^{N-1}$                         (24)

The retrieval of data or decryption is executed with this equation. The $m^{\prime}$ is converted back to an image format. The 32 ciphertexts are decrypted individually using CKKS decryption process. All the decrypted blocks recover the original pixel values. The blocks are arranged to reconstruct the original image [37].

The CKKS-HE method relies on the RLWE problem, which makes the method resistant to quantum attacks. Different from AES or RSA, the CKKS method enables encrypted computations to prevent data leaks. This CKKS method ensures secure medical image encryption and cloud storage.

This research proposed a novel secure and efficient cloud-based medical image encryption model using CKKS-HE method. The improved TSA optimization technique was furthermore employed for optimizing the process of key generation of CKKS method. This CKKS-ITSA model was developed for improving the efficiency and security of the cloud-based medical image storage and transmission. For the experiment and validation, a medical image dataset was utilized in this research. The proposed model effectively balanced the security, computational efficiency, and image quality preservation. The results of the proposed model demonstrated low MSE (0.139), high PSNR (68.45 dB), high SSIM (99.97%), and strong correlation (99.94%). These results highlighted the model’s minimal distortion and high fidelity in encrypted images. The results also include the model’s fast decryption time (5.12 ms), encryption time (6.75 ms), and key generation time (4.82 ms). The model was additionally tested with NPCR and UACI for validating its resistance against differential attacks, and the performed better. These results highlighted that the CKKS-ITSA model is highly suitable for real-time cloud-based data security applications. Consistent with CKKS-ITSA’s results, it outperforms other models in terms of PSNR by 3–5 dB, SSIM by nearly 2%, and NPCR by almost 1%, validating its effectiveness and secure cloud medical imaging application.

In future, this research aims to expand the CKKS-ITSA framework in the following aspects. Initially, the FPGA-based cryptographic processors can be explored to decrease the homomorphic computation costs associated with large-scale healthcare implementations. Other benchmark datasets, such as NIH ChestX-ray14, BraTS brain tumor MRI, and the TCGA histopathology collection, will be employed to further test the framework's applicability across different imaging domains. After that, the framework's security and robustness will be evaluated against adversarial threats, such as poisoning attacks, data tampering, and large-scale distributed cloud computing. One critical issue is the ciphertext expansion factor of CKKS, which leads to higher memory and computation overhead; for this, we plan to explore lightweight homomorphic encryption variants as well as hybrid compression techniques. The last step will be to combine deep learning optimizers with ITSA in order to reduce the search cost of parameter tuning and allow for adaptive, real-time optimization. This work will guarantee the continued evolution of the CKKS-ITSA model for medical cloud ecosystems in terms of scalability, security, and practical adoption.