Back to projects
Completed Featured

Pulsecure

Rust, tfhe-rs, Python, SQLite, Ratatui, Argon2, AES-256-GCM, Ed25519 · 4 min read

Overview

Pulsecure enables machine learning inference on encrypted medical data. The system processes patient information without ever seeing it in plaintext, providing mathematical privacy guarantees rather than policy-based ones.

The core idea: a server can compute on data it cannot read. Using Fully Homomorphic Encryption (FHE), patient features are encrypted locally, processed homomorphically, and only the final diagnosis is decrypted by the data owner.

WARNING: This is a proof-of-concept project. The model is trained on publicly available data and optimized for high sensitivity (low false negatives), which results in a tendency toward false positives. It should not be used for actual medical decisions. Always consult a healthcare professional.

Features

  • Homomorphic Inference: Patient data encrypted with tfhe-rs, processed blindly using a quantized logistic regression model.
  • Cryptographic Key Protection: Keys encrypted at rest using Argon2id (KDF) and AES-256-GCM (envelope encryption).
  • Model Integrity: Ed25519 signatures verify model authenticity before loading. Anti-rollback protection prevents replay attacks.
  • Differential Privacy: Aggregate statistics protected with calibrated Laplace noise. Atomic epsilon budget tracking prevents privacy leakage.
  • Interactive TUI: Terminal interface built with Ratatui for patient data entry, inference progress, and result visualization.
  • Air-Gapped Deployment: Docker container runs with network_mode: none. No network access, no data exfiltration vector.

Technical Details

The application follows Hexagonal Architecture (Ports and Adapters) to ensure testability and separation of concerns.

Architecture

Layer Responsibility
Domain Core types: Patient, Diagnosis, Crypto. No external dependencies.
Ports Trait definitions: FheEngine, Storage, DifferentialPrivacy.
Adapters Implementations: tfhe-rs, SQLite, OpenDP.
Application Use cases: InferenceService, AnalyticsService.
TUI Terminal interface with Ratatui.

FHE Pipeline

The Python training pipeline exports a quantized model:

  1. Data: NHANES cardiovascular dataset with SMOTE balancing
  2. Model: Logistic Regression with Elastic Net regularization
  3. Calibration: Isotonic Regression for accurate probabilities
  4. Quantization: 12-bit fixed-point for FHE compatibility (scale factor 4096)
  5. Export: JSON parameters + Rust constants for tfhe-rs

At inference time:

  1. Features normalized and quantized to integers
  2. Encrypted with tfhe-rs client key
  3. Homomorphic linear combination computed on ciphertexts
  4. Sigmoid approximated via lookup table (programmable bootstrapping)
  5. Result decrypted locally

Security Model

Component Algorithm
FHE Scheme TFHE (tfhe-rs)
Key Encryption Argon2id + AES-256-GCM
Model Signing Ed25519
Key Fingerprint SHA-256 (truncated)
DP Mechanism Laplace

Memory security: all key material implements Zeroize and ZeroizeOnDrop. Debug traits are overridden to prevent accidental leakage. Log sanitization filters PII patterns (UUIDs, emails, SSNs, PEM blocks).

Challenges and Solutions

Thread-Local Server Key Management

tfhe-rs uses a thread-local global for the server key. In a concurrent environment, keys could “leak” between computations.

Solution: Implemented an RAII guard (ServerKeyGuard) that sets the key before computation and clears it on drop, ensuring per-computation scoping.

Quantization Fidelity

FHE requires integer arithmetic. Converting float model weights to fixed-point risks precision loss affecting clinical accuracy.

Solution: Used 12-bit precision (scale factor 4096) with 64-bit accumulators to prevent overflow. Validation showed AUC difference < 0.001 compared to the float model.

Model Training and Calibration

Building an ML model for medical predictions from scratch required careful dataset selection and threshold tuning. The NHANES dataset is large but imbalanced.

Solution: Applied SMOTE oversampling for class balance. Used isotonic calibration to ensure probability outputs are meaningful. Optimized the decision threshold for high recall (97.6%) at the cost of precision, which is acceptable for a screening tool where follow-up testing is standard.

Lessons Learned

FHE is computationally expensive. Key generation takes 2-5 seconds, and a single inference can take 1-5 seconds. This forced careful design of the TUI to handle async operations without blocking the interface.

The project also demonstrated the value of strict separation between cryptographic primitives and business logic. The Hexagonal Architecture made it straightforward to test inference logic with mock FHE engines before integrating the heavy tfhe-rs library.

View on GitHub