# Question **Design and implement a privacy-preserving medical records management system with the following requirements:** 1. **System Architecture**: Create a client-server architecture where: - Doctors (clients) can register, submit medical reports, and log expenses - An auditor can verify reports and perform aggregate analysis without decrypting individual records 2. **Cryptographic Requirements**: - Use **RSA** for encrypting sensitive AES keys during report transmission - Use **ElGamal** for digitally signing reports with timestamps - Use **Paillier homomorphic encryption** for department information to enable privacy-preserving keyword searches - Use **RSA-based homomorphic encryption** (exponent trick) to allow summation of encrypted expenses without decryption - Use **AES-256** for authenticated encryption of report contents 3. **Functional Features**: - Doctor registration with encrypted department information - Secure report submission with signature verification - Privacy-preserving expense tracking where individual amounts remain encrypted - Auditor capabilities to: - Search doctors by department keyword without decrypting data - Sum all expenses across doctors or per-doctor while maintaining encryption - Verify report authenticity and timestamps - List and audit all stored records 4. **Implementation Details**: - Implement server-side state management with persistent JSON storage - Implement client-side key generation and cryptographic operations - Use socket-based TCP communication with JSON serialization - Handle concurrent connections with thread-safe operations - Support multiple independent doctor clients connecting to a single server **Required**: Provide both server and client implementations with proper key management, error handling, and an interactive menu system for all user roles. # Answers - Client - [Code](https://git.aadit.cc/aadit/MIT-Curricular/src/branch/main/IS/Lab/Eval-Endsem/client.py) - Server - [Code](https://git.aadit.cc/aadit/MIT-Curricular/src/branch/main/IS/Lab/Eval-Endsem/server.py)