Skip to content
All work

Applied Cryptography

Secure NFC e-Prescription System

A privacy-preserving mobile e-prescription protocol using cryptographic proxy signatures for delegation and short group signatures for medical anonymity, delivered over NFC on low-power devices.

Context

Master’s thesis project. Conventional e-prescription systems expose identity at every step: the prescription ties a named doctor to a named patient, and the pharmacy sees both. That is a privacy problem for patients and a liability for doctors. The goal was a mobile e-prescription scheme that a pharmacy could still trust — provably issued by an authorized prescriber — while revealing as little identity as cryptographically possible.

Constraints

  • Anonymity and authenticity at once. The pharmacy must be certain the prescription came from a legitimate signer, yet must not learn which one — the two requirements pull in opposite directions.
  • Delegation is real. Prescribing authority is delegated in practice (on-call, supervising physicians); the protocol had to model that without weakening trust.
  • Low-power target. Everything runs on handheld NFC devices — the cryptography had to fit a constrained compute and power budget, not a server.

Architecture

Doctor proxy signer Patient mobile · NFC Pharmacy verifier signs Rx under delegated authority e-prescription · proxy signature · NFC presents Rx · group-signed · NFC tap verifies signature, identity hidden dispenses · anonymous proof logged
Short group signatures (Boneh et al.) let the pharmacy verify that the prescription comes from an authorized signer — without learning who signed it.

The doctor signs the prescription under a proxy signature, cryptographically capturing delegated prescribing authority. The signed prescription transfers to the patient’s phone over NFC and, when presented at the pharmacy, carries a short group signature (Boneh et al.): the pharmacy verifies membership in the set of authorized prescribers without learning the individual identity. NFC keeps the exchange local and tap-scoped — no networked identity lookup, nothing to intercept over the air at range.

Decisions & Trade-offs

  • Short group signatures over plain digital signatures. A plain signature authenticates by revealing the signer; the group signature authenticates the authority while hiding the identity — the entire point of the scheme — at the cost of heavier verification and a group-management authority.
  • Proxy signatures over shared credentials for delegation. Modeling delegation cryptographically, rather than sharing keys, keeps delegated prescriptions attributable and revocable without exposing who exercised the authority.
  • NFC over networked exchange. Choosing a local, tap-scoped channel trades convenience of remote issuance for a dramatically smaller attack surface — appropriate given the privacy threat model and the low-power target.

Impact

The result is an e-prescription scheme where a pharmacy can fully trust a prescription without learning who prescribed it, delegation is handled cryptographically rather than by sharing secrets, and the whole exchange runs within the limits of a low-power NFC device — demonstrating privacy engineering under real hardware constraints, not just on paper.

Next case · Data Science & Causal Inference

Metabolomic Biomarkers for Osteoarthritis