From c51e5290e17383019f6a18f9fe8bf814452e18da Mon Sep 17 00:00:00 2001 From: sherlock Date: Tue, 28 Oct 2025 16:58:56 +0530 Subject: [PATCH] client --- IS/Lab/Eval-Endsem/q.md | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/IS/Lab/Eval-Endsem/q.md b/IS/Lab/Eval-Endsem/q.md index e69de29..1ec11c2 100644 --- a/IS/Lab/Eval-Endsem/q.md +++ b/IS/Lab/Eval-Endsem/q.md @@ -0,0 +1,38 @@ +# Question + +**Design and implement a privacy-preserving medical records management system with the following requirements:** + +1. **System Architecture**: Create a client-server architecture where: + - Doctors (clients) can register, submit medical reports, and log expenses + - An auditor can verify reports and perform aggregate analysis without decrypting individual records + +2. **Cryptographic Requirements**: + - Use **RSA** for encrypting sensitive AES keys during report transmission + - Use **ElGamal** for digitally signing reports with timestamps + - Use **Paillier homomorphic encryption** for department information to enable privacy-preserving keyword searches + - Use **RSA-based homomorphic encryption** (exponent trick) to allow summation of encrypted expenses without decryption + - Use **AES-256** for authenticated encryption of report contents + +3. **Functional Features**: + - Doctor registration with encrypted department information + - Secure report submission with signature verification + - Privacy-preserving expense tracking where individual amounts remain encrypted + - Auditor capabilities to: + - Search doctors by department keyword without decrypting data + - Sum all expenses across doctors or per-doctor while maintaining encryption + - Verify report authenticity and timestamps + - List and audit all stored records + +4. **Implementation Details**: + - Implement server-side state management with persistent JSON storage + - Implement client-side key generation and cryptographic operations + - Use socket-based TCP communication with JSON serialization + - Handle concurrent connections with thread-safe operations + - Support multiple independent doctor clients connecting to a single server + +**Required**: Provide both server and client implementations with proper key management, error handling, and an interactive menu system for all user roles. + +# Answers + +Client - [Code](https://git.aadit.cc/aadit/MIT-Curricular/src/branch/main/IS/Lab/Eval-Endsem/client.py) +Server - [Server](https://git.aadit.cc/aadit/MIT-Curricular/src/branch/main/IS/Lab/Eval-Endsem/server.py)