Clear Sky Science
Evidence-based, jargon-light explanations

Clear Sky Science · en

Scalable privacy-preserving data analytics for IoMT via FHE and zk-SNARK-enabled edge aggregation

· Back to index

Why safer medical data matters

Modern medicine increasingly relies on gadgets we wear or even have implanted—watches that track heart rate, glucose monitors, and smart inhalers. Together, these devices form the “Internet of Medical Things,” streaming constant health data to doctors and hospitals. That stream is valuable for spotting early warning signs, but it is also deeply personal. This paper introduces MedGuard, a framework designed to let health systems learn from that data at scale while keeping each patient’s information locked away from prying eyes—even from the computers doing the analysis.

Figure 1
Figure 1.

The problem with today’s smart health networks

Current connected health systems work by sending readings from thousands of devices to nearby gateways and then on to the cloud for analysis. Along the way, several weak points appear. A dishonest gateway can quietly alter or drop data, skewing statistics like average heart rate or blood sugar. Many existing protections focus only on scrambling data in transit, without proving that the results they produce are actually correct. Others are either too simple—supporting only basic sums—or too heavy, slowing low‑power devices with complex math. As a result, health networks often must choose between rich analytics, strong privacy, and practical performance, instead of getting all three.

A new way to protect and verify health data

MedGuard is built to close this gap. It combines two advanced ideas from cryptography in a way that is hidden from patients and clinicians. First, every device encrypts its readings in a special way that still lets computers add and average numbers without ever unlocking them. Second, when an edge gateway combines readings from many patients, it also produces a tiny mathematical “receipt”—a zero‑knowledge proof—that the computation it performed was honest, again without exposing the original data. The cloud accepts a result only if this proof checks out. This design removes the need to blindly trust any middleman: even if an edge node is compromised, it cannot convincingly fake regional statistics without being caught.

How the MedGuard pipeline works in practice

In the MedGuard layout, simple sensors on or inside the body encrypt each new measurement and attach basic metadata such as time and device ID. These encrypted packets travel over secure internet links to local edge servers. Each edge server groups data from about ten devices, and, still without decryption, computes sums, averages, or variability measures. It then generates the zero‑knowledge proof and forwards both the encrypted result and the proof to the cloud. The cloud first verifies the proof; only then does it combine results from all regions, run more advanced analyses—like checking for unusual spikes or long‑term trends—and, for authorized doctors, decrypt only the final, summarized answers. Raw patient data stay encrypted at every step and are stored in a secure database with fine‑grained access rules.

Figure 2
Figure 2.

Performance in a simulated hospital network

The authors tested MedGuard in a detailed computer simulation with 1,000 medical devices, 100 edge nodes, and a cloud server similar to those used in practice. They fed the system with a mix of real wearable‑sensor data and carefully generated synthetic data reflecting realistic heart rate, blood sugar, and activity patterns, including deliberate anomalies. Even with all its protections turned on, MedGuard responded in about 65 milliseconds end‑to‑end—fast enough for real‑time monitoring—and improved delay by more than 13 percent compared with leading alternatives. It also handled over a thousand packets and queries per second, used less energy per query than comparable secure schemes, and withstood a wide range of simulated attacks, from eavesdropping and data tampering to denial‑of‑service floods, with extremely low chances of a successful breach.

What this means for future patient care

For non‑specialists, the key message is that MedGuard shows it is possible to get the best of both worlds: large‑scale, always‑on health monitoring and strong mathematical guarantees that data stay private and results are trustworthy. Doctors can run rich statistics and trend analyses over entire patient populations without ever seeing individuals’ raw readings, and hospitals no longer have to place blind faith in the many computers that sit between a patient’s wearable and the cloud. While the framework still needs real‑world trials and further tuning to ease its computational load, it outlines a practical path toward smart healthcare systems that are not only intelligent and fast, but also verifiably safe with respect to patients’ most sensitive information.

Citation: Ben Othman, S., Mihret, N. Scalable privacy-preserving data analytics for IoMT via FHE and zk-SNARK-enabled edge aggregation. Sci Rep 16, 5098 (2026). https://doi.org/10.1038/s41598-026-35284-0

Keywords: Internet of Medical Things, privacy-preserving analytics, homomorphic encryption, zero-knowledge proofs, smart healthcare