Privacy-Enhancing Technologies in Biomedical Data Science

Literature Cited

1. 1.

   Rehm HL, Page AJH, Smith L, Adams JB, Alterovitz G, et al. 2021.. GA4GH: international policies and standards for data sharing across genomic research and healthcare. . Cell Genom. 1:(2):100029
   [Crossref] [Google Scholar]
2. 2.

   Fatumo S, Chikowore T, Choudhury A, Ayub M, Martin AR, Kuchenbäcker K. 2022.. Diversity in genomic studies: a roadmap to address the imbalance. . Nat. Med. 28:(2):243–50
   [Crossref] [Google Scholar]
3. 3.

   Philippakis AA, Azzariti DR, Beltran S, Brookes AJ, Brownstein CA, et al. 2015.. The matchmaker exchange: a platform for rare disease gene discovery. . Hum. Mutat. 36:(10):915–21
   [Crossref] [Google Scholar]
4. 4.

   All of Us Res. Program Investig. 2019.. The ``All of Us'' research program. . N. Engl. J. Med. 381:(7):668–76
   [Crossref] [Google Scholar]
5. 5.

   Arellano AM, Dai W, Wang S, Jiang X, Ohno-Machado L. 2018.. Privacy policy and technology in biomedical data science. . Annu. Rev. Biomed. Data Sci. 1::115–29
   [Crossref] [Google Scholar]
6. 6.

   Gürsoy G. 2022.. Genome privacy and trust. . Annu. Rev. Biomed. Data Sci. 5::163–81
   [Crossref] [Google Scholar]
7. 7.

   Wan Z, Hazel JW, Clayton EW, Vorobeychik Y, Kantarcioglu M, Malin BA. 2022.. Sociotechnical safeguards for genomic data privacy. . Nat. Rev. Genet. 23:(7):429–45
   [Crossref] [Google Scholar]
8. 8.

   Bonomi L, Huang Y, Ohno-Machado L. 2020.. Privacy challenges and research opportunities for genomic data sharing. . Nat. Genet. 52:(7):646–54
   [Crossref] [Google Scholar]
9. 9.

   Berger B, Cho H. 2019.. Emerging technologies towards enhancing privacy in genomic data sharing. . Genome Biol. 20:(1):128
   [Crossref] [Google Scholar]
10. 10.

    Beauchamp TL. 2008.. The Belmont Report. . In The Oxford Textbook of Clinical Research Ethics, ed. EJ Emanuel, C Grady, RA Crouch, RK Lie, FG Miller, D Wendler , pp. 149–55. New York:: Oxford Univ. Press
    [Google Scholar]
11. 11.

    Nosowsky R, Giordano TJ. 2006.. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy rule: implications for clinical research. . Annu. Rev. Med. 57::575–90
    [Crossref] [Google Scholar]
12. 12.

    Isaak J, Hanna MJ. 2018.. User data privacy: Facebook, Cambridge Analytica, and privacy protection. . Computer 51:(8):56–59
    [Crossref] [Google Scholar]
13. 13.

    Greenwald G. 2014.. No Place to Hide: Edward Snowden, the NSA, and the US Surveillance State. New York:: Metropolitan Books
    [Google Scholar]
14. 14.

    McKeon J. 2021.. Growing number of states enact new genetic data privacy laws. . TechTarget, Oct. 27. https://healthitsecurity.com/news/growing-number-of-states-enact-new-genetic-data-privacy-laws
    [Google Scholar]
15. 15.

    Cho H, Ippolito D, Yu YW. 2020.. Contact tracing mobile apps for COVID-19: privacy considerations and related trade-offs. . arXiv:2003.11511 [cs.CR]
16. 16.

    Adler S. 2023.. First lawsuit filed over 23andMe data breach. . HIPAA Journal, Oct. 12. https://www.hipaajournal.com/first-lawsuit-filed-over-23andme-data-breach/
    [Google Scholar]
17. 17.

    Erlich Y, Narayanan A. 2014.. Routes for breaching and protecting genetic privacy. . Nat. Rev. Genet. 15:(6):409–21
    [Crossref] [Google Scholar]
18. 18.

    Garfinkel S. 2015.. De-identification of personal information. Rep. 8053 , Natl. Inst. Stand. Technol., Gaithersburg, MD:. https://nvlpubs.nist.gov/nistpubs/ir/2015/nist.ir.8053.pdf
    [Google Scholar]
19. 19.

    Clayton EW, Halverson CM, Sathe NA, Malin BA. 2018.. A systematic literature review of individuals' perspectives on privacy and genetic information in the United States. . PLOS ONE 13:(10):e0204417
    [Crossref] [Google Scholar]
20. 20.

    Steinsbekk KS, Kåre Myskja B, Solberg B. 2013.. Broad consent versus dynamic consent in biobank research: Is passive participation an ethical problem?. Eur. J. Hum. Genet. 21:(9):897–902
    [Crossref] [Google Scholar]
21. 21.

    Fiume M, Cupak M, Keenan S, Rambla J, de la Torre S, et al. 2019.. Federated discovery and sharing of genomic data using beacons. . Nat. Biotechnol. 37:(3):220–24
    [Crossref] [Google Scholar]
22. 22.

    Fleurence RL, Curtis LH, Califf RM, Platt R, Selby JV, Brown JS. 2014.. Launching PCORnet, a national patient-centered clinical research network. . J. Am. Med. Inform. Assoc. 21:(4):578–82
    [Crossref] [Google Scholar]
23. 23.

    Zarin DA, Tse T, Williams RJ, Califf RM, Ide NC. 2011.. The ClinicalTrials.gov results database—update and key issues. . N. Engl. J. Med. 364:(9):852–60
    [Crossref] [Google Scholar]
24. 24.

    Shringarpure SS, Bustamante CD. 2015.. Privacy risks from genomic data-sharing beacons. . Am. J. Hum. Genet. 97:(5):631–46
    [Crossref] [Google Scholar]
25. 25.

    Das S, Forer L, Schönherr S, Sidore C, Locke AE, et al. 2016.. Next-generation genotype imputation service and methods. . Nat. Genet. 48:(10):1284–87
    [Crossref] [Google Scholar]
26. 26.

    Mosca MJ, Cho H. 2023.. Reconstruction of private genomes through reference-based genotype imputation. . Genome Biol. 24:(1):271
    [Crossref] [Google Scholar]
27. 27.

    Yao AC-C. 1986.. How to generate and exchange secrets. . In 27th Annual Symposium on Foundations of Computer Science (SFCS 1986), pp. 162–67. Piscataway, NJ:: IEEE
    [Google Scholar]
28. 28.

    Malkhi D, Nisan N, Pinkas B, Sella Y. 2004.. Fairplay—a secure two-party computation system. Paper presented at USENIX Security Symposium, San Diego, CA:, Aug. 9
    [Google Scholar]
29. 29.

    Kolesnikov V, Schneider T. 2008.. Improved garbled circuit: free XOR gates and applications. . In Automata, Languages and Programming: 35th International Colloquium, ICALP 2008, Reykjavik, Iceland, July 7–11, 2008, Proceedings, Part II, ed. L Aceto, I Damgård, LA Goldberg, MM Halldórsson, A Ingólfsdóttir, I Walukiewicz , pp. 486–98. Berlin:: Springer
    [Google Scholar]
30. 30.

    Pinkas B, Schneider T, Smart NP, Williams SC. 2009.. Secure two-party computation is practical. . In Advances in Cryptology—ASIACRYPT 2009: 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6–10, 2009, Proceedings, ed. M Matsui , pp. 250–67. Berlin:: Springer
    [Google Scholar]
31. 31.

    Huang Y, Evans D, Katz J, Malka L. 2011.. Faster secure two-party computation using garbled circuits. Paper presented at the 20th USENIX Security Symposium, San Francisco, CA:, Aug. 10
    [Google Scholar]
32. 32.

    Songhori EM, Hussain SU, Sadeghi AR, Schneider T, Koushanfar F. 2015.. Tinygarble: highly compressed and scalable sequential garbled circuits. . In 2015 IEEE Symposium on Security and Privacy, pp. 411–28. Piscataway, NJ:: IEEE
    [Google Scholar]
33. 33.

    Liu C, Wang XS, Nayak K, Huang Y, Shi E. 2015.. Oblivm: a programming framework for secure computation. . In 2015 IEEE Symposium on Security and Privacy, pp. 359–76. Piscataway, NJ:: IEEE
    [Google Scholar]
34. 34.

    Rastogi A, Hammer MA, Hicks M. 2014.. Wysteria: a programming language for generic, mixed-mode multiparty computations. . In 2014 IEEE Symposium on Security and Privacy, pp. 655–70. Piscataway, NJ:: IEEE
    [Google Scholar]
35. 35.

    Shamir A. 1979.. How to share a secret. . Commun. ACM 22:(11):612–13
    [Crossref] [Google Scholar]
36. 36.

    Blakley GR. 1979.. Safeguarding cryptographic keys. . In International Workshop on Managing Requirements Knowledge, pp. 313–18. Piscataway, NJ:: IEEE Comp. Soc.
    [Google Scholar]
37. 37.

    Beaver D. 1992.. Efficient multiparty protocols using circuit randomization. . In Advances in Cryptology—CRYPTO '91, ed. J Feigenbaum , pp. 420–32. Berlin:: Springer
    [Google Scholar]
38. 38.

    Hastings M, Hemenway B, Noble D, Zdancewic S. 2019.. Sok: general purpose compilers for secure multi-party computation. . In 2019 IEEE Symposium on Security and Privacy (S&P), pp. 1220–37. Piscataway, NJ:: IEEE
    [Google Scholar]
39. 39.

    Keller M. 2020.. MP-SPDZ: a versatile framework for multi-party computation. . In CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1575–90. New York:: ACM
    [Google Scholar]
40. 40.

    Zhang Y, Steele A, Blanton M. 2013.. PICCO: a general-purpose compiler for private distributed computation. . In CCS '13: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 813–26. New York:: ACM
    [Google Scholar]
41. 41.

    Demmler D, Schneider T, Zohner M. 2015.. ABY—a framework for efficient mixed-protocol secure two-party computation. Paper presented at the Network and Distributed System Security (NDSS) Symposium, San Diego, CA:, Feb. 8
    [Google Scholar]
42. 42.

    Liu J, Juuti M, Lu Y, Asokan N. 2017.. Oblivious neural network predictions via MiniONN transformations. . In CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 619–31. New York:: ACM
    [Google Scholar]
43. 43.

    Mohassel P, Zhang Y. 2017.. SecureML: a system for scalable privacy-preserving machine learning. . In 2017 IEEE Symposium on Security and Privacy (S&P), pp. 19–38. Piscataway, NJ:: IEEE
    [Google Scholar]
44. 44.

    Riazi MS, Weinert C, Tkachenko O, Songhori EM, Schneider T, Koushanfar F. 2018.. Chameleon: a hybrid secure computation framework for machine learning applications. . In ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 707–21. New York:: ACM
    [Google Scholar]
45. 45.

    Mohassel P, Rindal P. 2018.. ABY3: a mixed protocol framework for machine learning. . In CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 35–52. New York:: ACM
    [Google Scholar]
46. 46.

    Makri E, Rotaru D, Vercauteren F, Wagh S. 2021.. Rabbit: efficient comparison for secure multi-party computation. . In Financial Cryptography and Data Security: Lecture Notes in Computer Science, ed. N Borisov, C Diaz , pp. 249–70. Berlin:: Springer
    [Google Scholar]
47. 47.

    Cho H, Wu DJ, Berger B. 2018.. Secure genome-wide association analysis using multiparty computation. . Nat. Biotechnol. 36:(6):547–51
    [Crossref] [Google Scholar]
48. 48.

    Kamm L, Bogdanov D, Laur S, Vilo J. 2013.. A new way to protect privacy in large-scale genome-wide association studies. . Bioinformatics 29:(7):886–93
    [Crossref] [Google Scholar]
49. 49.

    Jagadeesh KA, Wu DJ, Birgmeier JA, Boneh D, Bejerano G. 2017.. Deriving genomic diagnoses without revealing patient genomes. . Science 357:(6352):692–95
    [Crossref] [Google Scholar]
50. 50.

    Jha S, Kruger L, Shmatikov V. 2008.. Towards practical privacy for genomic computation. . In 2008 IEEE Symposium on Security and Privacy (S&P), pp. 216–30. Piscataway, NJ:: IEEE
    [Google Scholar]
51. 51.

    Bogdanov D, Kamm L, Laur S, Sokk V. 2018.. Implementation and evaluation of an algorithm for cryptographically private principal component analysis on genomic data. . Trans. Comput. Biol. Bioinform. 15:(5):1427–32
    [Crossref] [Google Scholar]
52. 52.

    Ma R, Li Y, Li C, Wan F, Hu H, et al. 2020.. Secure multiparty computation for privacy-preserving drug discovery. . Bioinformatics 36:(9):2872–80
    [Crossref] [Google Scholar]
53. 53.

    Hie B, Cho H, Berger B. 2018.. Realizing private and practical pharmacological collaboration. . Science 362:(6412):347–50
    [Crossref] [Google Scholar]
54. 54.

    von Maltitz M, Ballhausen H, Kaul D, Fleischmann DF, Niyazi M, et al. 2021.. A privacy-preserving log-rank test for the Kaplan-Meier estimator with secure multiparty computation: algorithm development and validation. . JMIR Med. Inform. 9:(1):e22158
    [Crossref] [Google Scholar]
55. 55.

    Smajlović H, Shajii A, Berger B, Cho H, Numanagić I. 2023.. Sequre: a high-performance framework for secure multiparty computation enables biomedical data sharing. . Genome Biol. 24:(1):5
    [Crossref] [Google Scholar]
56. 56.

    Rivest RL, Shamir A, Adleman L. 1978.. A method for obtaining digital signatures and public-key cryptosystems. . Commun. ACM 21:(2):120–26
    [Crossref] [Google Scholar]
57. 57.

    Elgamal T. 1985.. A public key cryptosystem and a signature scheme based on discrete logarithms. . IEEE Trans. Inform. Theory 31:(4):469–72
    [Crossref] [Google Scholar]
58. 58.

    Paillier P. 1999.. Public-key cryptosystems based on composite degree residuosity classes. . In EUROCRYPT '99: International Conference on the Theory and Applications of Cryptographic Techniques, ed. J Stern , pp. 223–38. Berlin:: Springer
    [Google Scholar]
59. 59.

    Goldwasser S, Micali S. 2019.. Probabilistic encryption & how to play mental poker keeping secret all partial information. . In Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, ed. O Goldreich , pp. 203–25. New York:: ACM
    [Google Scholar]
60. 60.

    Gentry C. 2009.. A fully homomorphic encryption scheme. PhD Diss. , Stanford Univ., Stanford, CA:
    [Google Scholar]
61. 61.

    Gentry C, Halevi S. 2011.. Implementing Gentry's fully-homomorphic encryption scheme. . In EUROCRYPT 2011: Advances in Cryptology, ed. KG Paterson , pp. 129–48. Berlin:: Springer
    [Google Scholar]
62. 62.

    Fan J, Vercauteren F. 2012.. Somewhat practical fully homomorphic encryption. . Cryptology ePrint Archive. https://eprint.iacr.org/2012/144
    [Google Scholar]
63. 63.

    Brakerski Z, Gentry C, Vaikuntanathan V. 2014.. (Leveled) fully homomorphic encryption without bootstrapping. . In ITCS '12: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, pp. 309–25. New York:: ACM
    [Google Scholar]
64. 64.

    Brakerski Z. 2012.. Fully homomorphic encryption without modulus switching from classical GapSVP. . In CRYPTO 2012: Advances in Cryptology, ed. R Safavi-Naini, R Canetti , pp. 868–86. Berlin:: Springer
    [Google Scholar]
65. 65.

    Cheon JH, Kim A, Kim M, Song Y. 2017.. Homomorphic encryption for arithmetic of approximate numbers. . In Advances in Cryptology—ASIACRYPT 2017: 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3–7, 2017, Proceedings, Part I, pp. 409–37. Cham, Switz.:: Springer
    [Google Scholar]
66. 66.

    Regev O. 2009.. On lattices, learning with errors, random linear codes, and cryptography. . J. ACM 56:(6):1–40
    [Crossref] [Google Scholar]
67. 67.

    Lyubashevsky V, Peikert C, Regev O. 2010.. On ideal lattices and learning with errors over rings. . In Advances in Cryptology—EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010, Proceedings, ed. H Gilbert , pp. 1–23. Berlin:: Springer
    [Google Scholar]
68. 68.

    Bossuat JP, Mouchet C, Troncoso-Pastoriza J, Hubaux JP. 2021.. Efficient bootstrapping for approximate homomorphic encryption with non-sparse keys. . In EUROCRYPT 2021: Advances in Cryptology, ed. A Canteaut, FX Standaert , pp. 587–617. Cham, Switz:.: Springer
    [Google Scholar]
69. 69.

    Han K, Ki D. 2020.. Better bootstrapping for approximate homomorphic encryption. . In Topics in Cryptology – CT-RSA 2020, ed. S Jarecki , pp. 364–90. Cham, Switz:.: Springer
    [Google Scholar]
70. 70.

    Chillotti I, Gama N, Georgieva M, Izabachène M. 2020.. TFHE: fast fully homomorphic encryption over the torus. . J. Cryptol. 33:(1):34–91
    [Crossref] [Google Scholar]
71. 71.

    Viand A, Jattke P, Hithnawi A. 2021.. SoK: fully homomorphic encryption compilers. . In 2021 IEEE Symposium on Security and Privacy (SP), pp. 1092–108. Piscataway, NJ:: IEEE
    [Google Scholar]
72. 72.

    Gilad-Bachrach R, Dowlin N, Laine K, Lauter K, Naehrig M, Wernsing J. 2016.. Cryptonets: applying neural networks to encrypted data with high throughput and accuracy. . PMLR 48::201–10
    [Google Scholar]
73. 73.

    Graepel T, Lauter K, Naehrig M. 2012.. ML confidential: machine learning on encrypted data. . In ICISC 2012: Information Security and Cryptology, ed. T Kwon, MK Lee, D Kwon , pp. 1–21. Berlin:: Springer
    [Google Scholar]
74. 74.

    Kocabas O, Soyata T. 2020.. Towards privacy-preserving medical cloud computing using homomorphic encryption. . In Virtual and Mobile Healthcare: Breakthroughs in Research and Practice, pp. 93–125. Hershey, PA:: IGI Global
    [Google Scholar]
75. 75.

    Bos JW, Lauter K, Naehrig M. 2014.. Private predictive analysis on encrypted medical data. . J. Biomed. Inform. 50::234–43
    [Crossref] [Google Scholar]
76. 76.

    Blatt M, Gusev A, Polyakov Y, Goldwasser S. 2020.. Secure large-scale genome-wide association studies using homomorphic encryption. . PNAS 117:(21):11608–13
    [Crossref] [Google Scholar]
77. 77.

    Kim M, Lauter K. 2015.. Private genome analysis through homomorphic encryption. . BMC Med. Inform. Decis. Mak. 15:(Suppl. 5):S3
    [Crossref] [Google Scholar]
78. 78.

    Bonte C, Makri E, Ardeshirdavani A, Simm J, Moreau Y, Vercauteren F. 2018.. Towards practical privacy-preserving genome-wide association study. . BMC Bioinform. 19:(1):537
    [Crossref] [Google Scholar]
79. 79.

    Lu WJ, Yamada Y, Sakuma J. 2015.. Privacy-preserving genome-wide association studies on cloud environment using fully homomorphic encryption. . BMC Med. Inform. Decis. Mak. 15:(Suppl. 5):S1
    [Crossref] [Google Scholar]
80. 80.

    Zhang Y, Dai W, Jiang X, Xiong H, Wang S. 2015.. FORESEE: fully outsourced secure genome study based on homomorphic encryption. . BMC Med. Inform. Decis. Mak. 15:(Suppl. 5):S5
    [Crossref] [Google Scholar]
81. 81.

    Leighton AT, Yu YW. 2023.. Secure federated Boolean count queries using fully-homomorphic cryptography. . bioRxiv 2021.11.10.468090. https://doi.org/10.1101/2021.11.10.468090
82. 82.

    Kantarcioglu M, Jiang W, Liu Y, Malin B. 2008.. A cryptographic approach to securely share and query genomic sequences. . IEEE Trans. Inform. Technol. Biomed. 12:(5):606–17
    [Crossref] [Google Scholar]
83. 83.

    Bruekers F, Katzenbeisser S, Kursawe K, Tuyls P. 2008.. Privacy-preserving matching of DNA profiles. . Cryptology ePrint Archive. https://eprint.iacr.org/2008/203
    [Google Scholar]
84. 84.

    Ayday E, Raisaro JL, McLaren PJ, Fellay J, Hubaux JP. 2013.. Privacy-preserving computation of disease risk by using genomic, clinical, and environmental data. Paper presented at the 2013 USENIX Workshop on Health Information Technologies, Washington, DC:, Aug. 12
    [Google Scholar]
85. 85.

    Kim M, Harmanci AO, Bossuat JP, Carpov S, Cheon JH, et al. 2021.. Ultrafast homomorphic encryption models enable secure outsourcing of genotype imputation. . Cell Syst. 12:(11):1108–20
    [Crossref] [Google Scholar]
86. 86.

    Gürsoy G, Chielle E, Brannon CM, Maniatakos M, Gerstein M. 2022.. Privacy-preserving genotype imputation with fully homomorphic encryption. . Cell Syst. 13:(2):173–82
    [Crossref] [Google Scholar]
87. 87.

    Desmedt YG. 1994.. Threshold cryptography. . Eur. Trans. Telecommun. 5:(4):449–58
    [Crossref] [Google Scholar]
88. 88.

    Asharov G, Jain A, López-Alt A, Tromer E, Vaikuntanathan V, Wichs D. 2012.. Multiparty computation with low communication, computation and interaction via threshold FHE. . In EUROCRYPT 2012: Advances in Cryptology, ed. D Pointcheval, T Johansson , pp. 483–501. Berlin:: Springer
    [Google Scholar]
89. 89.

    Mouchet C, Troncoso-Pastoriza JR, Bossuat JP, Hubaux JP. 2021.. Multiparty homomorphic encryption from ring-learning-with-errors. . Proc. Priv. Enhanc. Technol. Symp. 2021:(4):291–311
    [Google Scholar]
90. 90.

    Damgård I, Pastro V, Smart N, Zakarias S. 2012.. Multiparty computation from somewhat homomorphic encryption. . In CRYPTO 2012: Advances in Cryptology, ed. R Safavi-Naini, R Canetti , pp. 643–62. Berlin:: Springer
    [Google Scholar]
91. 91.

    Kim T, Kwak H, Lee D, Seo J, Song Y. 2022.. Asymptotically faster multi-key homomorphic encryption from homomorphic gadgetc decomposition. . Cryptology ePrint Archive. https://eprint.iacr.org/2022/347.pdf
    [Google Scholar]
92. 92.

    Kwak H, Lee D, Song Y, Wagh S. 2021.. A unified framework of homomorphic encryption for multiple parties with non-interactive setup. . Cryptology ePrint Archive. https://eprint.iacr.org/2021/1412
    [Google Scholar]
93. 93.

    Froelicher D, Troncoso-Pastoriza JR, Raisaro JL, Cuendet MA, Sousa JS, et al. 2021.. Truly privacy-preserving federated analytics for precision medicine with multiparty homomorphic encryption. . Nat. Commun. 12:(1):5910
    [Crossref] [Google Scholar]
94. 94.

    Cho H, Froelicher D, Chen J, Edupalli M, Pyrgelis A, et al. 2022.. Secure and federated genome-wide association studies for biobank-scale datasets. . bioRxiv 2022.11.30.518537. https://doi.org/10.1101/2022.11.30.518537
95. 95.

    Froelicher D, Cho H, Edupalli M, Sousa JS, Bossuat J, et al. 2023.. Scalable and privacy-preserving federated principal component analysis. . In 44th IEEE Symposium on Security and Privacy (SP), pp. 1908–25. Piscataway, NJ:: IEEE
    [Google Scholar]
96. 96.

    Zheng W, Popa RA, Gonzalez JE, Stoica I. 2019.. Helen: maliciously secure coopetitive learning for linear models. . In 2019 IEEE Symposium on Security and Privacy (SP), pp. 724–38. Piscataway, NJ:: IEEE
    [Google Scholar]
97. 97.

    Froelicher D, Troncoso-Pastoriza JR, Pyrgelis A, Sav S, Sousa JS, et al. 2021.. Scalable privacy-preserving distributed learning. . Proc. Priv. Enhanc. Technol. Symp. 2021:(2):323–47
    [Google Scholar]
98. 98.

    Sav S, Pyrgelis A, Troncoso-Pastoriza JR, Froelicher D, Bossuat JP, et al. 2021.. POSEIDON: privacy-preserving federated neural network learning. Paper presented at the 28th Annual Network and Distributed System Security Symposium, online, Feb. 21
    [Google Scholar]
99. 99.

    Yang M, Zhang C, Wang X, Liu X, Li S, et al. 2022.. TrustGWAS: a full-process workflow for encrypted GWAS using multi-key homomorphic encryption and pseudorandom number perturbation. . Cell Syst. 13:(9):752–67
    [Crossref] [Google Scholar]
100. 100.

     Sav S, Bossuat JP, Troncoso-Pastoriza JR, Claassen M, Hubaux JP. 2022.. Privacy-preserving federated neural network learning for disease-associated cell classification. . Patterns 3:(5):100487
     [Crossref] [Google Scholar]
101. 101.

     Mendelsohn S, Froelicher D, Loginov D, Bernick D, Berger B, Cho H. 2023.. sfkit: a web-based toolkit for secure and federated genomic analysis. . Nucleic Acids Res. 51:(W1):W535–41
     [Crossref] [Google Scholar]
102. 102.

     Li W, Kim M, Zhang K, Chen H, Jiang X, Harmanci A. 2023.. COLLAGENE enables privacy-aware federated and collaborative genomic data analysis. . Genome Biol. 24:(1):204
     [Crossref] [Google Scholar]
103. 103.

     Sabt M, Achemlal M, Bouabdallah A. 2015.. Trusted execution environment: what it is, and what it is not. . In ISPA 2015: The 13th IEEE International Symposium on Parallel and Distributed Processing with Applications, pp. 57–64. Piscataway, NJ:: IEEE
     [Google Scholar]
104. 104.

     Pinto S, Santos N. 2019.. Demystifying Arm TrustZone: a comprehensive survey. . ACM Comput. Surv. 51:(6):130
     [Crossref] [Google Scholar]
105. 105.

     Banks AS, Kisiel M, Korsholm P. 2021.. Remote attestation: a literature review. . arXiv:2105.02466 [cs.CR]
106. 106.

     Costan V, Devadas S. 2016.. Intel SGX explained. . Cryptology ePrint Archive. https://eprint.iacr.org/2016/086
     [Google Scholar]
107. 107.

     Intel Corp. 2022.. Intel^® trust domain extensions. White Pap. , Intel Corp., Santa Clara, CA:
     [Google Scholar]
108. 108.

     Kaplan D, Powell J, Woller T. 2021.. AMD memory encryption. White Pap. , Adv. Micro Devices, Santa Clara, CA:
     [Google Scholar]
109. 109.

     Nertney R. 2023.. Confidential compute on NVIDIA Hopper H100. White Pap. WP-11459-001 , NVIDIA, Santa Clara, CA:
     [Google Scholar]
110. 110.

     Borrello P, Kogler A, Schwarzl M, Lipp M, Gruss D, Schwarz M. 2022.. ÆPIC leak: architecturally leaking uninitialized data from the microarchitecture. Paper presented at the 31st USENIX Security Symposium (USENIX Security 22), Boston, MA:, Aug. 10
     [Google Scholar]
111. 111.

     van Schaik S, Seto A, Yurek T, Batori A, AlBassam B, et al. 2022.. SoK: SGX.Fail: How stuff gets eXposed. Tech. Rep. , Georgia Tech Univ., Atlanta:. https://sgx.fail/files/sgx.fail.pdf
     [Google Scholar]
112. 112.

     Fei S, Yan Z, Ding W, Xie H. 2021.. Security vulnerabilities of SGX and countermeasures: a survey. . ACM Comput. Surv. 54:(6):126
     [Google Scholar]
113. 113.

     Dokmai N, Kockan C, Zhu K, Wang X, Sahinalp SC, Cho H. 2021.. Privacy-preserving genotype imputation in a trusted execution environment. . Cell Syst. 12:(10):983–93.e7
     [Crossref] [Google Scholar]
114. 114.

     BeeKeeperAI. 2022.. BeeKeeperAI applies sightless computing technology to pediatric rare disease project. Press Release, Oct. 19. https://www.beekeeperai.com/beekeeperai-novartis-pediatric-rare-disease-press-release
     [Google Scholar]
115. 115.

     Intel Corp. 2021.. Maximum security at the processor level: Intel SGX protects electronic patient record. Solution Brief , Intel Corp., Santa Clara, CA:
     [Google Scholar]
116. 116.

     Pascoal T, Decouchant J, Boutet A, Esteves-Verissimo P. 2021.. DyPS: dynamic, private and secure GWAS. . Proc. Priv. Enhanc. Technol. 2021:(2):214–34
     [Google Scholar]
117. 117.

     Kockan C, Zhu K, Dokmai N, Karpov N, Kulekci MO, et al. 2020.. Sketching algorithms for genomic data analysis and querying in a secure enclave. . Nat. Methods 17:(3):295–301
     [Crossref] [Google Scholar]
118. 118.

     Widanage C, Liu W, Li J, Chen H, Wang X, et al. 2021.. HySec-Flow: privacy-preserving genomic computing with SGX-based big-data analytics framework. . IEEE Int. Conf. Cloud Comput. 2021::733–43
     [Google Scholar]
119. 119.

     Dwork C, McSherry F, Nissim K, Smith A. 2006.. Calibrating noise to sensitivity in private data analysis. . In TCC 2006: Theory of Cryptography, ed. S Halevi, T Rabin , pp. 265–84. Berlin:: Springer
     [Google Scholar]
120. 120.

     Dwork C, Kenthapadi K, McSherry F, Mironov I, Naor M. 2006.. Our data, ourselves: privacy via distributed noise generation. . In EUROCRYPT 2006: Advances in Cryptology, ed. S Vaudenay , pp. 486–503. Berlin:: Springer
     [Google Scholar]
121. 121.

     Dwork C, Rothblum GN. 2016.. Concentrated differential privacy. . arXiv:1603.01887 [cs.DS]
122. 122.

     Bun M, Steinke T. 2016.. Concentrated differential privacy: simplifications, extensions, and lower bounds. . In TCC 2016: Theory of Cryptography, ed. M Hirt, A Smith , pp. 635–58. Berlin:: Springer
     [Google Scholar]
123. 123.

     Mironov I. 2017.. Rényi differential privacy. . In IEEE 30th Computer Security Foundations Symposium, pp. 263–75. Piscataway, NJ:: IEEE
     [Google Scholar]
124. 124.

     Chaudhuri K, Monteleoni C, Sarwate AD. 2011.. Differentially private empirical risk minimization. . J. Mach. Learn. Res. 12:(3):1069–109
     [Google Scholar]
125. 125.

     Iyengar R, Near JP, Song D, Thakkar O, Thakurta A, Wang L. 2019.. Towards practical differentially private convex optimization. . In 2019 IEEE Symposium on Security and Privacy (SP), pp. 299–316. Piscataway, NJ:: IEEE
     [Google Scholar]
126. 126.

     Bassily R, Smith A, Thakurta A. 2014.. Private empirical risk minimization: efficient algorithms and tight error bounds. . In 2014 IEEE 55th Annual Symposium on Foundations of Computer Science, pp. 464–73. Piscataway, NJ:: IEEE
     [Google Scholar]
127. 127.

     Abadi M, Chu A, Goodfellow I, McMahan HB, Mironov I, et al. 2016.. Deep learning with differential privacy. . In CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 308–18. New York:: ACM
     [Google Scholar]
128. 128.

     Nissim K, Raskhodnikova S, Smith A. 2007.. Smooth sensitivity and sampling in private data analysis. . In STOC '07: Proceedings of the Thirty-Ninth Annual ACM Symposium on Theory of Computing, pp. 75–84. New York:: ACM
     [Google Scholar]
129. 129.

     Warner SL. 1965.. Randomized response: a survey technique for eliminating evasive answer bias. . J. Am. Stat. Assoc. 60:(309):63–69
     [Crossref] [Google Scholar]
130. 130.

     Dwork C, Naor M, Reingold O, Rothblum GN, Vadhan S. 2009.. On the complexity of differentially private data release: efficient algorithms and hardness results. . In STOC '09: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, pp. 381–90. New York:: ACM
     [Google Scholar]
131. 131.

     Kairouz P, Bonawitz K, Ramage D. 2016.. Discrete distribution estimation under local privacy. . PMLR 48::2436–44
     [Google Scholar]
132. 132.

     Erlingsson Ú, Pihur V, Korolova A. 2014.. RAPPOR: randomized aggregatable privacy-preserving ordinal response. . In CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1054–67. New York:: ACM
     [Google Scholar]
133. 133.

     Differential Privacy Team. 2017.. Learning with privacy at scale. Mach. Learn. Res. , Apple, Cupertino, CA:. https://machinelearning.apple.com/research/learning-with-privacy-at-scale
     [Google Scholar]
134. 134.

     Ding B, Kulkarni J, Yekhanin S. 2017.. Collecting telemetry data privately. . In NIPS '17: Proceedings of the 31st International Conference on Neural Information Processing Systems, ed. U von Luxburg , pp. 3574–83. Red Hook, NY:: Curran Assoc.
     [Google Scholar]
135. 135.

     Abowd J, Kifer D, Garfinkel SL, Machanavajjhala A. 2019.. Census TopDown: differentially private data, incremental schemas, and consistency with public knowledge. Tech. Pap. , US Census Bureau, Silver Hill, MD:
     [Google Scholar]
136. 136.

     Uhlerop C, Slavković A, Fienberg SE. 2013.. Privacy-preserving data sharing for genome-wide association studies. . J. Priv. Confid. 5:(1):137–66
     [Google Scholar]
137. 137.

     Yu F, Fienberg SE, Slavković AB, Uhler C. 2014.. Scalable privacy-preserving data sharing methodology for genome-wide association studies. . J. Biomed. Inform. 50::133–41
     [Crossref] [Google Scholar]
138. 138.

     Yu F, Rybar M, Uhler C, Fienberg SE. 2014.. Differentially-private logistic regression for detecting multiple-SNP association in GWAS databases. . In PSD 2014: Privacy in Statistical Databases, ed. J Domingo-Ferrer , pp. 170–84. Berlin:: Springer
     [Google Scholar]
139. 139.

     Johnson A, Shmatikov V. 2013.. Privacy-preserving data exploration in genome-wide association studies. . In KDD '13: Proceedings of the 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1079–87. New York:: ACM
     [Google Scholar]
140. 140.

     Simmons S, Berger B. 2016.. Realizing privacy preserving genome-wide association studies. . Bioinformatics 32:(9):1293–300
     [Crossref] [Google Scholar]
141. 141.

     Simmons S, Sahinalp C, Berger B. 2016.. Enabling privacy-preserving GWASs in heterogeneous human populations. . Cell Syst. 3:(1):54–61
     [Crossref] [Google Scholar]
142. 142.

     Wang S, Mohammed N, Chen R. 2014.. Differentially private genome data dissemination through top-down specialization. . BMC Med. Inform. Decis. Mak. 14:(Suppl. 1):S2
     [Crossref] [Google Scholar]
143. 143.

     Beaulieu-Jones BK, Wu ZS, Williams C, Lee R, Bhavnani SP, et al. 2019.. Privacy-preserving generative deep neural networks support clinical data sharing. . Circ. Cardiovasc. Qual. Outcomes 12:(7):e005122
     [Crossref] [Google Scholar]
144. 144.

     Mohammed N, Jiang X, Chen R, Fung BC, Ohno-Machado L. 2013.. Privacy-preserving heterogeneous health data sharing. . J. Am. Med. Inform. Assoc. 20:(3):462–69
     [Crossref] [Google Scholar]
145. 145.

     Cho H, Simmons S, Kim R, Berger B. 2020.. Privacy-preserving biomedical database queries with optimal privacy-utility trade-offs. . Cell Syst. 10:(5):408–16
     [Crossref] [Google Scholar]
146. 146.

     Vinterbo SA, Sarwate AD, Boxwala AA. 2012.. Protecting count queries in study design. . J. Am. Med. Inform. Assoc. 19:(5):750–57
     [Crossref] [Google Scholar]
147. 147.

     Wei J, Lin Y, Yao X, Zhang J, Liu X. 2020.. Differential privacy-based genetic matching in personalized medicine. . IEEE Trans. Emerg. Top. Comput. 9:(3):1109–25
     [Crossref] [Google Scholar]
148. 148.

     Field E, Dyda A, Lau C. 2021.. COVID-19 real-time information system for preparedness and epidemic response (CRISPER). . Med. J. Aust. 214:(8):386–86.e1
     [Crossref] [Google Scholar]
149. 149.

     Liu X, Zhou P, Qiu T, Wu DO. 2020.. Blockchain-enabled contextual online learning under local differential privacy for coronary heart disease diagnosis in mobile edge computing. . IEEE J. Biomed. Health Informat. 24:(8):2177–88
     [Crossref] [Google Scholar]
150. 150.

     Kairouz P, McMahan HB, Avent B, Bellet A, Bennis M, et al. 2021.. Advances and open problems in federated learning. . Found. Trends Mach. Learn. 14:(1–2):1–210
     [Crossref] [Google Scholar]
151. 151.

     McMahan B, Moore E, Ramage D, Hampson S, Agüera y Arcas B. 2017.. Communication-efficient learning of deep networks from decentralized data. . PMLR 54::1273–82
     [Google Scholar]
152. 152.

     Li T, Sanjabi M, Beirami A, Smith V. 2020.. Fair resource allocation in federated learning. Poster presented at ICLR 2020: International Conference on Learning Representations , Addis Ababa, Ethiopia:, Apr. 30
     [Google Scholar]
153. 153.

     Reddi SJ, Charles Z, Zaheer M, Garrett Z, Rush K, et al. 2020.. Adaptive federated optimization. Paper presented at ICLR 2021: International Conference on Learning Representations, Vienna:, May 4
     [Google Scholar]
154. 154.

     Wang H, Yurochkin M, Sun Y, Papailiopoulos D, Khazaeni Y. 2020.. Federated learning with matched averaging. Paper presented at ICLR 2020: International Conference on Learning Representations, online, Apr. 26
     [Google Scholar]
155. 155.

     Hegedűs I, Danner G, Jelasity M. 2019.. Gossip learning as a decentralized alternative to federated learning. . In Distributed Applications and Interoperable Systems: 19th IFIP WG 6.1 International Conference, DAIS 2019, Held as Part of the 14th International Federated Conference on Distributed Computing Techniques, DisCoTec 2019, Kongens Lyngby, Denmark, June 17–21, 2019, Proceedings, ed. J Pereira, L Ricci , pp. 74–90. Cham, Switz.:: Springer
     [Google Scholar]
156. 156.

     Tan AZ, Yu H, Cui L, Yang Q. 2023.. Towards personalized federated learning. . IEEE Trans. Neural Netw. Learn. Syst. 34:(12):9587–603
     [Crossref] [Google Scholar]
157. 157.

     Achituve I, Shamsian A, Navon A, Chechik G, Fetaya E. 2021.. Personalized federated learning with Gaussian processes. . Adv. Neural Inform. Proc. Syst. 34::8392–406
     [Google Scholar]
158. 158.

     Wang S, Tuor T, Salonidis T, Leung KK, Makaya C, et al. 2019.. Adaptive federated learning in resource constrained edge computing systems. . IEEE J. Sel. Areas Commun. 37:(6):1205–21
     [Crossref] [Google Scholar]
159. 159.

     Zhao Y, Li M, Lai L, Suda N, Civin D, Chandra V. 2018.. Federated learning with non-IID data. . arXiv:1806.00582 [cs.LG]
160. 160.

     Li T, Hu S, Beirami A, Smith V. 2021.. Ditto: fair and robust federated learning through personalization. . PMLR 139::6357–68
     [Google Scholar]
161. 161.

     Michieli U, Ozay M. 2021.. Are all users treated fairly in federated learning systems?. In 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pp. 2318–22. Nashville, TN:: IEEE
     [Google Scholar]
162. 162.

     Zhang DY, Kou Z, Wang D. 2020.. FairFL: a fair federated learning approach to reducing demographic bias in privacy-sensitive classification models. . In Proceedings of the 2020 IEEE International Conference on Big Data, ed. X Wu, C Jermaine, L Xiong, O Kotevska, S Lu , et al., pp. 1051–60. Piscataway, NJ:: IEEE
     [Google Scholar]
163. 163.

     So J, Ali RE, Güler B, Jiao J, Avestimehr AS. 2023.. Securing secure aggregation: mitigating multi-round privacy leakage in federated learning. . In Proceedings of the Thirty-Seventh AAAI Conference on Artificial Intelligence, pp. 9864–73. Washington, DC:: AAAI
     [Google Scholar]
164. 164.

     Geiping J, Bauermeister H, Dröge H, Moeller M. 2020.. Inverting gradients—how easy is it to break privacy in federated learning?. Adv. Neural Inform. Proc. Syst. 33::16937–47
     [Google Scholar]
165. 165.

     Huang Y, Gupta S, Song Z, Li K, Arora S. 2021.. Evaluating gradient inversion attacks and defenses in federated learning. . Adv. Neural Inform. Proc. Syst. 34::7232–41
     [Google Scholar]
166. 166.

     Al Mallah R, Lopez D, Badu-Marfo G, Farooq B. 2021.. Untargeted poisoning attack detection in federated learning via behavior attestation. . IEEE Access 11::125064–79
     [Crossref] [Google Scholar]
167. 167.

     Tolpegin V, Truex S, Gursoy ME, Liu L. 2020.. Data poisoning attacks against federated learning systems. . In Computer Security—ESORICS 2020: 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part I, ed. L Chen, N Li, K Liang, S Schneider , pp. 480–501. Cham, Switz.:: Springer
     [Google Scholar]
168. 168.

     Hu R, Guo Y, Li H, Pei Q, Gong Y. 2020.. Personalized federated learning with differential privacy. . IEEE Internet Things J. 7:(10):9530–39
     [Crossref] [Google Scholar]
169. 169.

     Noble M, Bellet A, Dieuleveut A. 2022.. Differentially private federated learning on heterogeneous data. . PMLR 151::10110–45
     [Google Scholar]
170. 170.

     Truex S, Liu L, Chow KH, Gursoy ME, Wei W. 2020.. LDP-Fed: federated learning with local differential privacy. . In EdgeSys '20: Proceedings of the Third ACM International Workshop on Edge Systems, Analytics and Networking, pp. 61–66. New York:: ACM
     [Google Scholar]
171. 171.

     Grammenos A, Mendoza Smith R, Crowcroft J, Mascolo C. 2020.. Federated principal component analysis. . Adv. Neural Inform. Proc. Syst. 33::6453–64
     [Google Scholar]
172. 172.

     Mansour Y, Mohri M, Ro J, Suresh AT. 2020.. Three approaches for personalization with applications to federated learning. . arXiv:2002.10619 [cs.LG]
173. 173.

     Chen Y, Qin X, Wang J, Yu C, Gao W. 2020.. FedHealth: a federated transfer learning framework for wearable healthcare. . IEEE Intel. Syst. 35:(4):83–93
     [Crossref] [Google Scholar]
174. 174.

     Pati S, Baid U, Edwards B, Sheller M, Wang SH, et al. 2022.. Federated learning enables big data for rare cancer boundary detection. . Nat. Commun. 13:(1):7346
     [Crossref] [Google Scholar]
175. 175.

     Darzidehkalani E, Ghasemi-Rad M, van Ooijen P. 2022.. Federated learning in medical imaging: part I: toward multicentral health care ecosystems. . J. Am. Coll. Radiol. 19:(8):969–74
     [Crossref] [Google Scholar]
176. 176.

     Ng D, Lan X, Yao MM-S, Chan WP, Feng M. 2021.. Federated learning: a collaborative effort to achieve better medical imaging models for individual sites that have small labelled datasets. . Quant. Imaging Med. Surg. 11:(2):852–57
     [Crossref] [Google Scholar]
177. 177.

     Sarma KV, Harmon S, Sanford T, Roth HR, Xu Z, et al. 2021.. Federated learning improves site performance in multicenter deep learning without data sharing. . J. Am. Med. Inform. Assoc. 28:(6):1259–64
     [Crossref] [Google Scholar]
178. 178.

     Kaissis G, Ziller A, Passerat-Palmbach J, Ryffel T, Usynin D, et al. 2021.. End-to-end privacy preserving deep learning on multi-institutional medical imaging. . Nat. Mach. Intel. 3:(6):473–84
     [Crossref] [Google Scholar]
179. 179.

     Vaid A, Jaladanki SK, Xu J, Teng S, Kumar A, et al. 2021.. Federated learning of electronic health records to improve mortality prediction in hospitalized patients with COVID-19: machine learning approach. . JMIR Med. Inform. 9:(1):e24207
     [Crossref] [Google Scholar]
180. 180.

     Brisimi TS, Chen R, Mela T, Olshevsky A, Paschalidis IC, Shi W. 2018.. Federated learning of predictive models from federated electronic health records. . Int. J. Med. Inform. 112::59–67
     [Crossref] [Google Scholar]
181. 181.

     Liu D, Dligach D, Miller T. 2019.. Two-stage federated phenotyping and patient representation learning. . In Proceedings of the 18th BioNLP Workshop and Shared Task, ed. D Demner-Fushman, K Bretonnel Cohen, S Ananiadou, J Tsujii , pp. 283–91. Florence, Italy:: Assoc. Comp. Linguist.
     [Google Scholar]
182. 182.

     Paulik M, Seigel M, Mason H, Telaar D, Kluivers J, et al. 2021.. Federated evaluation and tuning for on-device personalization: system design & applications. . arXiv:2102.08503 [cs.LG]
183. 183.

     Wu Q, Chen X, Zhou Z, Zhang J. 2020.. FedHome: cloud-edge based personalized federated learning for in-home health monitoring. . IEEE Trans. Mobile Comput. 21:(8):2818–32
     [Crossref] [Google Scholar]
184. 184.

     Ghosh S, Ghosh SK. 2023.. FEEL: federated learning framework for elderly healthcare using Edge-IoMT. . IEEE Trans. Comput. Soc. Syst. 10::1800–9
     [Crossref] [Google Scholar]
185. 185.

     Chor B, Kushilevitz E, Goldreich O, Sudan M. 1998.. Private information retrieval. . J. ACM 45:(6):965–81
     [Crossref] [Google Scholar]
186. 186.

     Kushilevitz E, Ostrovsky R. 1997.. Replication is not needed: single database, computationally-private information retrieval. . In Proceedings of the 38th Annual Symposium on Foundations of Computer Science, pp. 364–73. Piscataway, NJ:: IEEE
     [Google Scholar]
187. 187.

     Beimel A, Ishai Y, Malkin T. 2000.. Reducing the servers computation in private information retrieval: PIR with preprocessing. . In CRYPTO 2000: Advances in Cryptology, ed. M Bellare , pp. 55–73. Berlin:: Springer
     [Google Scholar]
188. 188.

     Corrigan-Gibbs H, Kogan D. 2020.. Private information retrieval with sublinear online time. . In EUROCRYPT 2020: Advances in Cryptology, ed. A Canteaut, Y Ishai , pp. 44–75. Cham, Switz:.: Springer
     [Google Scholar]
189. 189.

     Melchor CA, Barrier J, Fousse L, Killijian MO. 2016.. XPIR: private information retrieval for everyone. . Proc. Priv. Enhanc. Technol. 2016::155–74
     [Google Scholar]
190. 190.

     Davidson A, Pestana G, Celi S. 2022.. FrodoPIR: simple, scalable, single-server private information retrieval. . Cryptology ePrint Archive. https://eprint.iacr.org/2022/981
     [Google Scholar]
191. 191.

     Menon SJ, Wu DJ. 2022.. SPIRAL: fast, high-rate single-server PIR via FHE composition. . In 2022 IEEE Symposium on Security and Privacy (SP), pp. 930–47. Piscataway, NJ:: IEEE
     [Google Scholar]
192. 192.

     Henzinger A, Hong MM, Corrigan-Gibbs H, Meiklejohn S, Vaikuntanathan V. 2023.. One server for the price of two: simple and fast single-server private information retrieval. . In 32nd USENIX Security Symposium. Berkeley, CA:: USENIX. https://www.usenix.org/system/files/sec23summer_27-henzinger-prepub.pdf
     [Google Scholar]
193. 193.

     Chor B, Gilboa N, Naor M. 1997.. Private information retrieval by keywords. Tech. Rep. TR CS0917, Dep. Comput. Sci. , Technion, Haifa, Israel:
     [Google Scholar]
194. 194.

     Patel S, Seo JY, Yeo K. 2023.. Don't be dense: efficient keyword PIR for sparse databases. . 32nd USENIX Security Symposium. Berkeley, CA:: USENIX. https://www.usenix.org/system/files/sec23fall-prepub-392-patel.pdf
     [Google Scholar]
195. 195.

     Ishai Y, Kushilevitz E, Ostrovsky R, Sahai A. 2004.. Batch codes and their applications. . In STOC '04: Proceedings of the Thirty-Sixth Annual ACM Symposium on Theory of Computing, pp. 262–71. New York:: ACM
     [Google Scholar]
196. 196.

     Angel S, Chen H, Laine K, Setty S. 2018.. PIR with compressed queries and amortized query processing. . In 2018 IEEE Symposium on Security and Privacy (SP), pp. 962–79. Piscataway, NJ:: IEEE
     [Google Scholar]
197. 197.

     Sousa JS, Lefebvre C, Huang Z, Raisaro JL, Aguilar-Melchor C, et al. 2017.. Efficient and secure outsourcing of genomic data storage. . BMC Med. Genom. 10:(Suppl. 2):46
     [Crossref] [Google Scholar]
198. 198.

     Çetin GS, Chen H, Laine K, Lauter K, Rindal P, Xia Y. 2017.. Private queries on encrypted genomic data. . BMC Med. Genom. 10:(2):45
     [Crossref] [Google Scholar]
199. 199.

     Freedman MJ, Nissim K, Pinkas B. 2004.. Efficient private matching and set intersection. . In EUROCRYPT 2004: Advances in Cryptology, ed. C Cachin, JL Camenisch , pp. 1–19. Berlin:: Springer
     [Google Scholar]
200. 200.

     Pinkas B, Rosulek M, Trieu N, Yanai A. 2019.. SpOT-light: lightweight private set intersection from sparse OT extension. . In CRYPTO 2019: Advances in Cryptology, ed. A Boldyreva, D Micciancio , pp. 401–31. Cham, Switz:.: Springer
     [Google Scholar]
201. 201.

     Chase M, Miao P. 2020.. Private set intersection in the internet setting from lightweight oblivious PRF. . In CRYPTO 2020: Advances in Cryptology, ed. D Micciancio, T Ristenpart , pp. 34–63. Cham, Switz:.: Springer
     [Google Scholar]
202. 202.

     Baldi P, Baronio R, De Cristofaro E, Gasti P, Tsudik G. 2011.. Countering GATTACA: efficient and secure testing of fully-sequenced human genomes. . In CCS '11: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 691–702. New York:: ACM
     [Google Scholar]
203. 203.

     Agrawal R, Evfimievski A, Srikant R. 2003.. Information sharing across private databases. . In SIGMOD '03: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, pp. 86–97. New York:: ACM
     [Google Scholar]
204. 204.

     De Cristofaro E, Gasti P, Tsudik G. 2012.. Fast and private computation of cardinality of set intersection and union. . In CANS 2012: Cryptology and Network Security, ed. J Pieprzyk, AR Sadeghi, M Manulis , pp. 218–31. Berlin:: Springer
     [Google Scholar]
205. 205.

     Wang XS, Huang Y, Zhao Y, Tang H, Wang X, Bu D. 2015.. Efficient genome-wide, privacy-preserving similar patient query based on private edit distance. . In CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 492–503. New York:: ACM
     [Google Scholar]
206. 206.

     Goldwasser S, Micali S, Rackoff C. 1985.. The knowledge complexity of interactive proof-systems. . In STOC '85: Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing, pp. 291–304. New York:: ACM
     [Google Scholar]
207. 207.

     Diffie W, Hellman M. 1976.. New directions in cryptography. . IEEE Trans. Inform. Theory 22:(6):644–54
     [Crossref] [Google Scholar]
208. 208.

     Goldreich O, Micali S, Wigderson A. 1987.. How to play ANY mental game. . In STOC '87: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, pp. 218–29. New York:: ACM
     [Google Scholar]
209. 209.

     Goldreich O, Micali S, Wigderson A. 1991.. Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. . J. ACM 38:(3):690–728
     [Crossref] [Google Scholar]
210. 210.

     Parno B, Howell J, Gentry C, Raykova M. 2016.. Pinocchio: nearly practical verifiable computation. . Commun. ACM 59:(2):103–12
     [Crossref] [Google Scholar]
211. 211.

     Ben-Sasson E, Bentov I, Horesh Y, Riabzev M. 2018.. Scalable, transparent, and post-quantum secure computational integrity. . Cryptology ePrint Archive. https://eprint.iacr.org/2018/046.pdf
     [Google Scholar]
212. 212.

     Bünz B, Bootle J, Boneh D, Poelstra A, Wuille P, Maxwell G. 2018.. Bulletproofs: Short proofs for confidential transactions and more. . In 2018 IEEE Symposium on Security and Privacy (SP), pp. 315–34. Piscataway, NJ:: IEEE
     [Google Scholar]
213. 213.

     Xie T, Zhang Y, Song D. 2022.. Orion: zero knowledge proof with linear prover time. . In CRYPTO 2022: Advances in Cryptology, ed. Y Dodis, T Shrimpton , pp. 299–328. Cham, Switz:.: Springer
     [Google Scholar]
214. 214.

     Froelicher D, Egger P, Sousa JS, Raisaro JL, Huang Z, et al. 2017.. UnLynx: a decentralized system for privacy-conscious data sharing. . Proc. Privacy Enhanc. Technol. 2017:(4):232–50
     [Crossref] [Google Scholar]
215. 215.

     Camenisch J, Stadler M. 1997.. Proof systems for general statements about discrete logarithms. Tech. Rep. 260 , Dept. Comp. Sci., ETH Zurich, Zurich:. https://crypto.ethz.ch/publications/files/CamSta97b.pdf
     [Google Scholar]
216. 216.

     Chatel S, Pyrgelis A, Troncoso-Pastoriza JR, Hubaux JP. 2021.. Privacy and integrity preserving computations with CRISP. . In 30th USENIX Security Symposium, pp. 2111–28. Berkeley, CA:: USENIX
     [Google Scholar]
217. 217.

     Chase M, Derler D, Goldfeder S, Orlandi C, Ramacher S, et al. 2017.. Post-quantum zero-knowledge and signatures from symmetric-key primitives. . In CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1825–42. New York:: ACM
     [Google Scholar]
218. 218.

     Ishai Y, Kushilevitz E, Ostrovsky R, Sahai A. 2009.. Zero-knowledge proofs from secure multiparty computation. . SIAM J. Comput. 39:(3):1121–52
     [Crossref] [Google Scholar]
219. 219.

     Kuo TT, Kim HE, Ohno-Machado L. 2017.. Blockchain distributed ledger technologies for biomedical and health care applications. . J. Am. Med. Inform. Assoc. 24:(6):1211–20
     [Crossref] [Google Scholar]
220. 220.

     Esmaeilzadeh P, Mirzaei T. 2019.. The potential of blockchain technology for health information exchange: experimental study from patients' perspectives. . J. Med. Internet Res. 21:(6):e14184
     [Crossref] [Google Scholar]
221. 221.

     Grishin D, Raisaro JL, Troncoso-Pastoriza JR, Obbad K, Quinn K, et al. 2021.. Citizen-centered, auditable and privacy-preserving population genomics. . Nat. Comput. Sci. 1:(3):192–98
     [Crossref] [Google Scholar]
222. 222.

     Yan C, Yan Y, Wan Z, Zhang Z, Omberg L, et al. 2022.. A multifaceted benchmarking of synthetic electronic health record generation models. . Nat. Commun. 13:(1):7609
     [Crossref] [Google Scholar]
223. 223.

     Kazerouni A, Aghdam EK, Heidari M, Azad R, Fayyaz M, et al. 2023.. Diffusion models in medical imaging: a comprehensive survey. . Med. Image Anal. 88::102846
     [Crossref] [Google Scholar]
224. 224.

     Jeon M, Park H, Kim HJ, Morley M, Cho H. 2022.. k-SALSA: k-anonymous synthetic averaging of retinal images via local style alignment. . In ECCV 2022: Computer Vision, ed. S Avidan, G Brostow, M Cisse, GM Farinella, T Hassner , pp. 661–78. Cham, Switz:.: Springer
     [Google Scholar]
225. 225.

     Zhang Z, Yan C, Lasko TA, Sun J, Malin BA. 2021.. SynTEG: a framework for temporal structured electronic health data simulation. . J. Am. Med. Inform. Assoc. 28:(3):596–604
     [Crossref] [Google Scholar]
226. 226.

     Zhang Z, Yan C, Malin BA. 2022.. Membership inference attacks against synthetic health data. . J. Biomed. Inform. 125::103977
     [Crossref] [Google Scholar]
227. 227.

     Carlini N, Hayes J, Nasr M, Jagielski M, Sehwag V, et al. 2023.. Extracting training data from diffusion models. . In 32nd USENIX Security Symposium, pp. 5253–70. Berkeley, CA:: USENIX
     [Google Scholar]
228. 228.

     Torkzadehmahani R, Kairouz P, Paten B. 2019.. DP-CGAN: differentially private synthetic data and label generation. . In Proceedings of the 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, pp. 98–104. Piscataway, NJ:: IEEE
     [Google Scholar]
229. 229.

     Sadhuka S, Fridman D, Berger B, Cho H. 2023.. Assessing transcriptomic reidentification risks using discriminative sequence models. . Genome Res. 33:(7):1101–12
     [Google Scholar]
230. 230.

     Gürsoy G, Li T, Liu S, Ni E, Brannon CM, Gerstein MB. 2022.. Functional genomics data: privacy risk assessment and technological mitigation. . Nat. Rev. Genet. 23:(4):245–58
     [Crossref] [Google Scholar]
231. 231.

     Schadt EE, Woo S, Hao K. 2012.. Bayesian method to predict individual SNP genotypes from gene expression data. . Nat. Genet. 44:(5):603–8
     [Crossref] [Google Scholar]
232. 232.

     Hill AC, Guo C, Litkowski EM, Manichaikul AW, Yu B, et al. 2023.. Large scale proteomic studies create novel privacy considerations. . Sci. Rep. 13:(1):9254
     [Crossref] [Google Scholar]
233. 233.

     Li H, Wu J, Gao Y, Shi Y. 2016.. Examining individuals' adoption of healthcare wearable devices: an empirical study from privacy calculus perspective. . Int. J. Med. Inform. 88::8–17
     [Crossref] [Google Scholar]
234. 234.

     Nasr M, Carlini N, Hayase J, Jagielski M, Cooper AF, et al. 2023.. Scalable extraction of training data from (production) language models. . arXiv:2311.17035 [cs.LG]
235. 235.

     Guo J, Clayton EW, Kantarcioglu M, Vorobeychik Y, Wooders M, et al. 2023.. A game theoretic approach to balance privacy risks and familial benefits. . Sci. Rep. 13:(1):6932
     [Crossref] [Google Scholar]
236. 236.

     Xia W, Liu Y, Wan Z, Vorobeychik Y, Kantacioglu M, et al. 2021.. Enabling realistic health data re-identification risk assessment through adversarial modeling. . J. Am. Med. Inform. Assoc. 28:(4):744–52
     [Google Scholar]
237. 237.

     Berrang P, Humbert M, Zhang Y, Lehmann I, Eils R, Backes M. 2018.. Dissecting privacy risks in biomedical data. . In 2018 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 62–76. Piscataway, NJ:: IEEE
     [Google Scholar]
238. 238.

     Mironov I. 2012.. On significance of the least significant bits for differential privacy. . In CCS '12: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 650–61. New York:: ACM
     [Google Scholar]
239. 239.

     Liu C, Chakraborty S, Mittal P. 2016.. Dependence makes you vulnerable: differential privacy under dependent tuples. . In Network and Distributed System Security Symposium 2016, pp. 21–24. Red Hook, NY:: Curran Assoc.
     [Google Scholar]
240. 240.

     Chen IY, Pierson E, Rose S, Joshi S, Ferryman K, Ghassemi M. 2021.. Ethical machine learning in healthcare. . Annu. Rev. Biomed. Data Sci. 4::123–44
     [Crossref] [Google Scholar]
241. 241.

     Ding Y, Hou K, Xu Z, Pimplaskar A, Petter E, et al. 2023.. Polygenic scoring accuracy varies across the genetic ancestry continuum. . Nature 618::774–81
     [Crossref] [Google Scholar]
242. 242.

     Movva R, Shanmugam D, Hou K, Pathak P, Guttag J, et al. 2023.. Coarse race data conceals disparities in clinical risk score performance. . arXiv:2304.09270 [cs.CY]
243. 243.

     Bak M, Madai VI, Fritzsche MC, Mayrhofer MT, McLennan S. 2022.. You can't have AI both ways: balancing health data privacy and access fairly. . Front. Genet. 13::1490
     [Crossref] [Google Scholar]
244. 244.

     Seastedt KP, Schwab P, O'Brien Z, Wakida E, Herrera K, et al. 2022.. Global healthcare fairness: We should be sharing more, not less, data. . PLOS Digit. Health 1:(10):e0000102
     [Crossref] [Google Scholar]
245. 245.

     Xiao Y, Lim S, Pollard TJ, Ghassemi M. 2023.. In the name of fairness: assessing the bias in clinical record de-identification. . In FACCT '23: Proceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency, pp. 123–37. New York:: ACM
     [Google Scholar]
246. 246.

     Suriyakumar VM, Papernot N, Goldenberg A, Ghassemi M. 2021.. Chasing your long tails: differentially private prediction in health care settings. . In FACCT '21: Proceedings of the 2021 ACM Conference on Fairness, Accountability, and Transparency, pp. 723–34. New York:: ACM
     [Google Scholar]
247. 247.

     Mayer RC, Davis JH, Schoorman FD. 1995.. An integrative model of organizational trust. . Acad. Manag. Rev. 20:(3):709–34
     [Crossref] [Google Scholar]