PEP — Polymorphic Encryption and Pseudonymisation
Overview
PEP (Polymorphic Encryption and Pseudonymisation) is the privacy layer that lets large neuroscience cohorts share sensitive participant data openly without exposing identities. Built for and first deployed on the Personalized Parkinson Project, it is an open-source cryptographic framework, developed at Radboud University in Nijmegen, that pseudonymises and encrypts data so that even the party storing it cannot read it. By giving each authorised researcher their own local pseudonyms and splitting decryption material across separate servers, it makes worldwide reuse of cohort data possible while satisfying the pseudonymisation requirements of the GDPR.
How it works
The cryptographic basis is ElGamal public-key encryption; what is specific to PEP is how it is applied, through re-randomisation, re-keying, and re-shuffling, so that encrypted pseudonyms are translated cryptographically into per-user local pseudonyms. Encrypted data is held on a storage server kept separate from two complementary servers holding the cryptographic material needed for decryption, so that unauthorised access would require breaching at least two servers. Stored data is versioned, allowing datasets to be retrieved as they were at an earlier point in time to support peer review or repeat analyses.
Deployments
PEP was developed for the Personalized Parkinson Project, whose data (more than one petabyte as of 2020) it protects, and is also used by the Healthy Brain Study at Radboud. Its current users and partners further include the NOLAI growth-fund project and a closed secure data archive under development at the University of Amsterdam, which uses PEP as a building block. Across these deployments, where sensitive data is collected and shared to external processing environments, responsible reuse depends on PEP for access management, security, and pseudonymisation.
Connections
- relatedTo: Personalized Parkinson Project (PEP was built for and protects PPP cohort data)
- relatedTo: Donders Institute (PEP secures Donders-run cohorts including the Healthy Brain Study)
- relatedTo: GDPR (PEP is designed to meet GDPR pseudonymisation requirements for medical data)
Resources
- https://pep.cs.ru.nl
- https://eprint.iacr.org/2016/411 (Verheul et al. 2016, foundational PEP design paper)
- https://doi.org/10.3233/JPD-202431 (van Gastel et al. 2021, polymorphic pseudonymisation in PPP)