The Third-Generation Cross-Institutional Encrypted Collaboration: A Review of MPC-TEE Fusion in Medical Privacy AI

Authors

  • Chenyu Liu College of Mathematics and Information Science, Zhangjiakou University, Zhangjiakou, Hebei, 075000, China

DOI:

https://doi.org/10.54097/cmkhgs60

Keywords:

Secure Multi-Party Computation, Trusted Execution Environment, Privacy Computing, Medical Privacy

Abstract

With the increasingly stringent global data protection regulations and the growing demand for cross-institutional collaboration, traditional privacy computing technologies can hardly meet the requirements for efficient, secure and scalable collaboration. The third-generation cross-institutional encryption technology takes the fusion of Secure Multi-Party Computation (MPC) and Trusted Execution Environment (TEE) as the core, and better balances security and performance through the collaborative design of software and hardware. In the fields of healthcare, financial services, the Internet of Things and others, MPC-TEE fusion technology can realize efficient collaboration while ensuring data privacy, further promoting the industrialization of privacy AI. However, this technology still faces challenges such as side-channel attacks, insufficient standardization and high costs. This paper systematically reviews the latest research progress of MPC-TEE fusion technology, deeply analyzes its technical foundation, fusion principles and core architecture design, compares and analyzes the application performance and scenario adaptability of mainstream technical frameworks in the medical field, and discusses the security threats faced by the technology and multi-level defense mechanisms. It also looks forward to the development trends and research directions under the fusion of post-quantum cryptography, edge computing and other technologies, providing a reference for the large-scale implementation, optimization and upgrading of this technology in the field of medical privacy AI.

Downloads

Download data is not yet available.

References

[1] Evans, D., Kolesnikov, V., & Rosulek, M. (2018). A pragmatic introduction to secure multi-party computation. Foundations and Trends in Privacy and Security, 2(2–3), 70–246. https://doi.org/10.1561/3300000019.

[2] Yang, Z. G., Wang, Z. T., Wu, D. P., et al. (2023). Research on data heterogeneous robust federated learning with privacy protection in internet of things. Journal of Electronics & Information Technology, 45(12), 4235–4244. https://doi.org/ 10. 11999/JEIT221193.

[3] Chen, X., & Liu, J. (2021). Research on interoperability system of heterogeneous privacy computing platform based on middleware and blockchain. Information and Communications Technology and Policy, 47(6), 83–95.

[4] Lipp, M., Kogler, A., Oswald, D., et al. (2021). PLATYPUS: Software-based power side-channel attacks on x86. In 2021 IEEE Symposium on Security and Privacy (S&P) (pp. 1–18). IEEE. https://doi.org/10.1109/SP51572.2021.00042.

[5] Wang, Q., Zhou, L., Bai, J., et al. (2023). HT2ML: An efficient hybrid framework for privacy-preserving machine learning using HE and TEE. Computers & Security, 135, 103509. https://doi.org/10.1016/j.cose.2023.103509.

[6] Zhang, F., Zhou, L., Zhang, Y., et al. (2024). Trusted execution environment: Status and prospects. Journal of Computer Research and Development, 61(1), 243–260. https://doi.org/10. 7544/ issn1000-1239.202221016.

[7] Li, Y., Ma, R., Li, C., et al. (2020). Secure multiparty computation for privacy-preserving drug discovery. Bioinformatics, 36(9), 2872–2880. https://doi.org/10.1093/ bioinformatics/ btaa038.

[8] Spence, A., & Bangay, S. (2020). Side-channel sensing: Exploiting side-channels to extract information for medical diagnostics and monitoring. IEEE Journal of Translational Engineering in Health and Medicine, 8, 4900213. https://doi. org/ 10.1109/ JTEHM.2020.3028996.

[9] Goldreich, O., Micali, S., & Wigderson, A. (1987). How to play any mental game. In STOC '87: Proceedings of the 19th Annual ACM Symposium on Theory of Computing (pp. 218–229). ACM. https://doi.org/10.1145/28395.28420.

[10] Han, S., & Jang, J. (2021). MyTEE: Own the trusted execution environment on embedded devices. In 2021 IEEE International Conference on Consumer Electronics (ICCE) (pp. 1–6). IEEE. https://doi.org/10.1109/ICCE50685.2021.9427320.

[11] Li, Y., Ma, R., Li, C., et al. (2020). Secure multiparty computation for privacy-preserving drug discovery. Bioinformatics, 36(9), 2872–2880. https://doi.org/ 10.1093/ bioinformatics/ btaa038.

[12] Zhang, F., Zhou, L., Zhang, Y., et al. (2024). Trusted execution environment: Status and prospects. Journal of Computer Research and Development, 61(1), 243–260. https://doi.org/ 10. 7544/ issn1000-1239.202221016.

[13] Ménétrey, J., Göttel, C., Pasin, M., et al. (2022). An exploratory study of attestation mechanisms for trusted execution environments. arXiv preprint. https://doi.org/10. 48550/ arXiv. 2204.06790.

[14] Zhang, X., Wang, J., Cheng, Y., et al. (2023). Interface-based side channel in TEE-assisted networked services. IEEE/ACM Transactions on Networking, 32(1), 613–626. https://doi. org/ 10. 1109/TNET.2023.3294019.

[15] Zhao, W., Lu, K., Qi, Y., et al. (2020). MPTEE: Bringing flexible and efficient memory protection to Intel SGX. In Proceedings of the 15th European Conference on Computer Systems (pp. 1–15). ACM. https://doi.org/ 10.1145/ 3342195. 3387536.

[16] Yang, F., Zhang, Q. Y., Shi, Z. P., & Guan, Y. (2023). Survey on software side-channel attacks in trusted execution environment. Journal of Software, 34(1), 381–403. https://doi. org/ 10.13328/j.cnki.jos.006501.

[17] Liu, J., Li, N., & Tian, Y. (2022). STAMP: Lightweight TEE-assisted MPC for efficient privacy-preserving machine learning. arXiv preprint. https://doi.org/10. 48550/arXiv. 2210. 10133.

[18] De Haan, R., van der Sloot, B., & de Vries, B. (2024). Privacy-preserving techniques for analysis of medical data: Secure multi-party computation. University of Twente Press.

[19] Baker, S. B., Xiang, W., & Atkinson, I. (2017). Internet of things for smart healthcare: Technologies, challenges, and opportunities. IEEE Access, 5, 26321–26344. https://doi.org/10. 1109/ ACCESS.2017.2775180.

[20] Mutlag, A. W., Ghani, M. K. A., Arunkumar, N., et al. (2019). Enabling technologies for fog computing in healthcare IoT systems. Future Generation Computer Systems, 96, 228–240. https://doi.org/10.1016/j.future.2018.02.009.

[21] Jiang, C., Li, Y., Cao, C., & Li, J. (2021). Survey of security technologies for IoT edge stream processing based on trusted execution environment. Journal of Cyber Security, 6(3), 169–186.

[22] Kwon, D., Seo, J., Cho, Y., et al. (2020). PrOS: Light-weight privatized secure OSes in ARM TrustZone. IEEE Transactions on Mobile Computing, 19(1), 160–173. https://doi.org/10. 1109/ TMC.2019.2910861.

[23] Intel Corporation, & Ant Group. (2025). Better together: Intel® SGX and Intel® DL Boost power privacy-preserving machine learning. Intel China.

[24] Selvakumar, B., & Senthilkumar, M. (2025). A privacy preserving machine learning framework for medical image analysis using quantized fully connected neural networks with TFHE based inference. Scientific Reports, 15(1), 12345. https://doi.org/10.1038/s41598-025-52147-8.

[25] Jin, C., Jia, W., Wan, L., et al. (2025). DMAFL: Effective defense against malicious attacker federated learning framework via blockchain and TFHE. Journal of King Saud University – Computer and Information Sciences, 37(8), 102567. https://doi.org/10.1016/j.jksuci.2025.102567.

[26] Liu, H., Wang, Y., & Chen, L. (2023). Challenges and optimizations of TFHE for privacy-preserving medical data analytics. Computers & Security, 126, 103265. https://doi.org/ 10. 1016/j.cose. 2023.103265.

[27] Wu, L., Wang, X. A., Liu, J., et al. (2025). Homomorphic encryption for machine learning applications with CKKS algorithms: A survey of developments and applications. Computers, Materials & Continua, 85(1), 89–119. https:// doi.org/10.32604/CMC.2025.064346.

[28] Yang, Y. T., Liu, D. L., Liu, P. H., et al. (2022). BFV-Blockchainvoting: A blockchain electronic voting system supporting BFV fully homomorphic encryption. Journal on Communications, 43(9), 100–111. https://doi.org/ 10. 11959/j. issn.1000-436x.2022188.

[29] Xia, J., Wu, M., & Li, P. (2026). SHE-SFL: An efficient and privacy-preserving heterogeneous federated split learning architecture based on homomorphic encryption. Future Generation Computer Systems, 175, 108101. https://doi.org/10. 1016/j. future.2025.108101.

[30] Li, R. R., Guo, R., Zhang, Y. H., et al. (2025). A privacy protection scheme for edge federated learning based on multi-key homomorphic encryption. Journal of Frontiers of Computer Science and Technology.

[31] Lan, Y., Li, L., Peng, H., et al. (2025). An efficient and secure adaptive federated learning method based on CKKS for data processing in the Internet of Things. Internet of Things, 33, 101725. https://doi.org/10.1016/j.iot.2025.101725.

[32] Magyari, A., & Chen, Y. (2025). DARTPHROG: A superscalar homomorphic accelerator. Sensors, 25(16), 5176. https://doi. org/ 10. 3390/s25165176.

[33] Beytüllah, Y., Gürkan, G., Fatih, A., et al. (2023). Network fingerprinting via timing attacks and defense in software defined networks. Computer Networks, 232, 109850. https:// doi. org/10.1016/j.comnet.2023.109850.

[34] Le, D. H. (n.d.). Research on key technologies of circuit-level protection for cryptographic chips against power analysis attacks [Doctoral dissertation, National University of Defense Technology].

[35] Deng, G. M., Zhao, Q., Zhang, P., et al. (2009). Electromagnetic frequency-domain template analysis attacks against cryptographic chips. Chinese Journal of Computers, 32(4), 602–610. https://doi.org/10.3724/SP.J.1016.2009.00602.

[36] Jiang, W., Wen, L., Zhan, J., et al. (2020). Design optimization of confidentiality-critical cyber physical systems with fault detection. Journal of Systems Architecture, 107, 101739. https://doi.org/10.1016/j.sysarc.2020.101739.

[37] Hayes, J., & Ohrimenko, O. (2018). Contamination attacks and mitigation in multi-party machine learning. In Advances in Neural Information Processing Systems (Vol. 31, pp. 10212–10222). Curran Associates.

[38] Wang, Z. P., Zhu, Z. Y., & Wang, L. M. (2024). Quantitative research on defense against cache side-channel attacks. Journal of Cyber Security, 9(4), 107–124. https://doi.org/ 10.19363/ j.cnki. 10-1380/tp.2024.04.00.

[39] Yang, Y. G., Qiu, S., Huang, R. C., et al. (2025). All-or-nothing quantum oblivious transfer for unknown unitary operations. Advanced Quantum Technologies, 8(11), e2500511. https://doi. org/ 10.1002/qute.202500511.

[40] Rauzy, P., & Guilley, S. (2014). Formal analysis of CRT-RSA Vigilant's countermeasure against the BellCoRe attack: A pledge for formal methods in the field of implementation security. arXiv preprint. https://doi.org/ 10.48550/ arXiv.1401. 8172.

[41] Zhang, H., Fu, J., Liao, X., et al. (2026). Time-controlled proxy searchable re-encryption against collusion attacks. Computer Standards & Interfaces, 97, 104139. https://doi.org/10. 1016/j. csi. 2026.104139.

[42] Rauzy, P., & Guilley, S. (2014). Formal analysis of CRT-RSA Vigilant's countermeasure against the BellCoRe attack: A pledge for formal methods in the field of implementation security. arXiv preprint. https://doi.org/ 10.48550/ arXiv. 1401. 8172.

[43] Zhang, H., Fu, J., Liao, X., et al. (2026). Time-controlled proxy searchable re-encryption against collusion attacks. Computer Standards & Interfaces, 97, 104139. https://doi.org/ 10. 1016/ j.csi.2026.104139.

Downloads

Published

01-07-2026

Issue

Section

Articles

How to Cite

Liu, C. (2026). The Third-Generation Cross-Institutional Encrypted Collaboration: A Review of MPC-TEE Fusion in Medical Privacy AI. Frontiers in Computing and Intelligent Systems, 17(1), 73-81. https://doi.org/10.54097/cmkhgs60