A Systematic Review of Post-Quantum Cryptography for Healthcare Data Protection: Performance, Readiness, and Deployment Challenges

Authors

  • Taboka Ngwenya National University of Science and Technology
  • Belinda Ndlovu National University of Science and Technology

DOI:

https://doi.org/10.30871/jaic.v10i1.11836

Keywords:

Post Quantum Cryptography, Medical Imaging Security, Lattice Based Cryptography, Cloud Storage, Healthcare Data Protection, Quantum Resilience

Abstract

The traditional cryptographic methods used to protect healthcare data, especially for the long-term storage of medical imaging records, are becoming increasingly threatened by the quick development of quantum computing. The purpose of this study is to assess the challenges, efficacy, and preparedness of integrating Post-Quantum Cryptography (PQC) into healthcare information systems. Twenty peer-reviewed studies published between 2020 and 2025 were analysed following the Preferred Reporting Items for Systematic Reviews and Meta Analyses (PRISMA) protocol. The review was conducted using a systematic research design that included qualitative thematic synthesis, predetermined eligibility criteria, and database searching. According to the results, lattice-based PQC schemes, specifically, CRYSTALS-Kyber for encryption and CRYSTALS-Dilithium for authentication, show great promise because of their effectiveness, resilience, and suitability for decentralized architectures like blockchain and Internet-of-Medical-Things environments. Nonetheless, the review points out a notable deficiency of empirical assessment in actual healthcare settings, particularly with regard to cloud-based platforms and Picture Archiving and Communication Systems utilized in medical imaging processes. Scalability limitations, intricate key-management specifications, system interoperability restrictions, and the requirement for conformity with regulatory and compliance frameworks are some of the major issues noted. The results indicate that lattice-based PQC schemes have great promise, deployment readiness remains largely at the conceptual and experimental stage, particularly for cloud-based PACS environments. Real-world implementation validation in a healthcare setting has not been achieved.

Downloads

Download data is not yet available.

References

[1] S. Saif, P. Das, S. Biswas, S. Khan, M. A. Haq, and V. Kovtun, “A secure data transmission framework for IoT enabled healthcare,” Heliyon, vol. 10, no. 16, p. e36269, Aug. 2024, doi: 10.1016/J.HELIYON.2024.E36269.

[2] A. P. Varghese, S. Naik, S. Asrar Up Haq Andrabi, A. Luharia, and S. Tivaskar, “Enhancing Radiological Diagnosis: A Comprehensive Review of Image Quality Assessment and Optimization Strategies,” Cureus, vol. 2024, no. 6, pp. 1–10, 2024, doi: 10.7759/cureus.63016.

[3] I. U. Haq, M. Mhamed, M. Al-Harbi, H. Osman, Z. Y. Hamd, and Z. Liu, “Advancements in Medical Radiology Through Multimodal Machine Learning: A Comprehensive Overview,” Bioengineering, vol. 12, no. 5, pp. 1–38, 2025, doi: 10.3390/bioengineering12050477.

[4] M. Rempe, L. Heine, C. Seibold, F. Hörst, and J. Kleesiek, “De-identification of medical imaging data: a comprehensive tool for ensuring patient privacy,” Eur. Radiol., 2025, doi: 10.1007/s00330-025-11695-x.

[5] H. Pereira, L. Romero, and P. Miguel Faria, “Web-Based DICOM Viewers: A Survey and a Performance Classification,” J. Imaging Informatics Med., vol. 38, no. 3, pp. 1304–1322, 2025, doi: 10.1007/s10278-024-01216-5.

[6] M. SaberiKamarposhti et al., “Post-quantum healthcare: A roadmap for cybersecurity resilience in medical data,” Heliyon, vol. 10, no. 10, p. e31406, May 2024, doi: 10.1016/j.heliyon.2024.e31406.

[7] A. Karakaya and A. Ulu, “A survey on post-quantum based approaches for edge computing security,” Wiley Interdiscip. Rev. Comput. Stat., vol. 16, no. 1, 2024, doi: 10.1002/wics.1644.

[8] V. A. Muderere, B. Ndlovu, and K. Maguraushe, “Blockchain Adoption in Healthcare: Enhancing Interoperability, Security and Data Exchange,” J. Inf. Syst. Informatics, vol. 7, no. 3, pp. 2939–2977, 2025, doi: 10.51519/journalisi.v7i3.1267.

[9] C. M. Prakaashana et al., “Measuring the potential risk of re-identification of imaging research participants from open-source automated face recognition software,” Neuroimage, vol. 320, p. 121476, Oct. 2025, doi: 10.1016/J.NEUROIMAGE.2025.121476.

[10] B. Dharangan et al., “Secure Cloud-based E-Health System using Advanced Encryption Standard,” in 2022 3rd International Conference on Electronics and Sustainable Communication Systems (ICESC), Institute of Electrical and Electronics Engineers Inc., 2022, pp. 642–646. doi: 10.1109/ICESC54411.2022.9885501.

[11] W. Hurst, B. Tekinerdogan, T. Alskaif, A. Boddy, and N. Shone, “Securing electronic health records against insider-threats: A supervised machine learning approach,” Smart Heal., vol. 26, p. 100354, Dec. 2022, doi: 10.1016/J.SMHL.2022.100354.

[12] L. J. R. Lopez, D. Millan Mayorga, L. H. Martinez Poveda, A. F. C. Amaya, and W. Rojas Reales, “Hybrid Architectures Used in the Protection of Large Healthcare Records Based on Cloud and Blockchain Integration: A Review,” Computers, vol. 13, no. 6, Jun. 2024, doi: 10.3390/computers13060152.

[13] A. Ahmad and S. Jagatheswari, “Quantum Safe Multi-Factor User Authentication Protocol for Cloud-Assisted Medical IoT,” IEEE Access, vol. 13, no. December 2024, pp. 3532–3545, 2025, doi: 10.1109/ACCESS.2024.3523530.

[14] M. A. Naranjo and L. A. Fletscher, “Review Quantum Circuit Synthesis for Grover’s Algorithm Oracle,” Algorithms, vol. 17, no. 9, 2024, doi: 10.3390/a17090382.

[15] F. Opiłka, M. Niemiec, M. Gagliardi, and M. A. Kourtis, “Performance Analysis of Post-Quantum Cryptography Algorithms for Digital Signature,” Appl. Sci., vol. 14, no. 12, 2024, doi: 10.3390/app14124994.

[16] P. Vareta, H. Muzenda, T. Nyamupaguma, B. Ndlovu, and Y. Dube, “The Rise of Quantum Computing and its Impact on Cybersecurity,” vol. 14, no. 6, pp. 10072–10102, 2025, doi: https://doi.org/10.33022/ijcs.v14i6.5040.

[17] J. Martin, M. Cheng, J. Martin, and A. Johnson, “Encryption in Transit in Healthcare SaaS: The Role of Mutual TLS,” SSRN Electron. J., Feb. 2025, doi: 10.2139/ssrn.5131928.

[18] E. Fathalla and M. Azab, “Beyond Classical Cryptography: A Systematic Review of Post-Quantum Hash-Based Signature Schemes, Security, and Optimizations,” IEEE Access, vol. 12, pp. 175969–175987, 2024, doi: 10.1109/ACCESS.2024.3485602.

[19] D. Gyasi-Nyarko, E. Freeman, M. M. Ujakpa, W. Amponsah, and S. O. Amoako, “A Systematic Review of Public Key Cryptography: Implementation, Challenges and Future Opportunities,” in 2025 IST-Africa Conference (IST-Africa), 2025, pp. 1–15. doi: 10.23919/IST-Africa67297.2025.11060567.

[20] P. Maitireni, V. Ncube, B. Ndlovu, and T. Sibanda, “Quantum Computing Cryptography : A Systematic Review of Innovations , Applications , Challenges , and Algorithms,” J. Inf. Syst. Informatics, vol. 7, no. 4, pp. 3668–3710, 2025, doi: 10.51519/journalisi.v7i4.1331.

[21] N. Sharma and P. G. Shambharkar, “A Systematic Literature Review of the Emerging Technologies used in Securing Healthcare Data,” in 2024 12th International Conference on Internet of Everything, Microwave, Embedded, Communication and Networks (IEMECON), 2024, pp. 1–12. doi: 10.1109/IEMECON62401.2024.10846068.

[22] M. Akkal, S. Cherbal, B. Annane, H. Lakhlef, and K. Kharoubi, “Quantum, post-quantum, and blockchain approaches for securing the internet of medical things: a systematic review,” Cluster Comput., vol. 28, no. 10, p. 655, Oct. 2025, doi: 10.1007/s10586-025-05481-z.

[23] S. Cherbal, A. Zier, S. Hebal, L. Louail, and B. Annane, “Security in internet of things: a review on approaches based on blockchain, machine learning, cryptography, and quantum computing,” J. Supercomput., vol. 80, no. 3, pp. 3738–3816, Feb. 2024, doi: 10.1007/s11227-023-05616-2.

[24] C. Nather, D. Herzinger, S. L. Gazdag, J. P. Steghofer, S. Daum, and D. Loebenberger, “Migrating Software Systems Toward Post-Quantum Cryptography-A Systematic Literature Review,” IEEE Access, vol. 12, no. June, pp. 132107–132126, 2024, doi: 10.1109/ACCESS.2024.3450306.

[25] M. J. Page et al., “The PRISMA 2020 statement: an updated guideline for reporting systematic reviews,” 2021, doi: 10.1136/bmj.n71.

[26] W. Link, “CASP Checklist: For Cohort Studies”.

[27] S. Santhanam, V. Ravindran, and C. Wincup, “Critical appraisal of an original research article,” J. R. Coll. Physicians Edinb., Sep. 2025, doi: 10.1177/14782715251369964.

[28] Z. H. Liu, X. B. Chen, and Y. Y. Xie, “A lattice-based group signature with backward unlinkability for medical blockchain systems,” J. Inf. Secur. Appl., vol. 94, Nov. 2025, doi: 10.1016/j.jisa.2025.104226.

[29] J. Lee, W. Kim, and J. H. Kim, “A Programmable Crypto-Processor for National Institute of Standards and Technology Post-Quantum Cryptography Standardization Based on the RISC-V Architecture,” Sensors, vol. 23, no. 23, 2023, doi: 10.3390/s23239408.

[30] Z. G. Al-Mekhlaf et al., “A quantum-resilient lattice-based security framework for internet of medical things in healthcare systems,” J. King Saud Univ. - Comput. Inf. Sci., vol. 37, no. 6, Aug. 2025, doi: 10.1007/s44443-025-00140-0.

[31] J. Jebrane and S. Lazaar, “An enhanced and verifiable lightweight authentication protocol for securing the Internet of Medical Things (IoMT) based on CP-ABE encryption,” Int. J. Inf. Secur., vol. 23, no. 6, pp. 3691–3710, Dec. 2024.

[32] O. Popoola, M. A. Rodrigues, J. Marchang, A. Shenfield, A. Ikpehai, and J. Popoola, “An optimized hybrid encryption framework for smart home healthcare: Ensuring data confidentiality and security,” Internet of Things (Netherlands), vol. 27, Oct. 2024, doi: 10.1016/j.iot.2024.101314.

[33] A. Astarloa, J. Lázaro, and J. I. Gárate, “CRYSTALS-Dilithium post-quantum cyber-secure SoC for wired communications in critical systems,” Internet Things (The Netherlands), vol. 33, no. October 2024, p. 101656, 2025, doi: 10.1016/j.iot.2025.101656.

[34] M. Chaieb, K. Bou-Chaaya, and H. Rais, “EHRVault: A Secure, Patient-Centric, Privacy-Preserving and Blockchain-Based Platform for EHR Management,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 14529 LNCS, pp. 119–140, 2024, doi: 10.1007/978-3-031-61231-2_9.

[35] M. Asif et al., “Intelligent two-phase dual authentication framework for Internet of Medical Things,” Sci. Rep., vol. 15, no. 1, Dec. 2025, doi: 10.1038/S41598-024-84713-5.

[36] Sourav and R. Ali, “Lattice-based ring signcryption scheme for smart healthcare management,” Cluster Comput., vol. 27, no. 10, pp. 14131–14148, Dec. 2024.

[37] X. Zhang, C. Huang, Y. Zhang, J. Zhang, and J. Gong, “LDVAS: Lattice-Based Designated Verifier Auditing Scheme for Electronic Medical Data in Cloud-Assisted WBANs,” IEEE Access, vol. 8, pp. 54402–54414, 2020, doi: 10.1109/ACCESS.2020.2981503.

[38] A. A. Al-saggaf, T. Sheltami, H. Alkhzaimi, and G. Ahmed, “Lightweight Two-Factor-Based User Authentication Protocol for IoT-Enabled Healthcare Ecosystem in Quantum Computing,” Arab. J. Sci. Eng., vol. 48, no. 2, pp. 2347–2357, Feb. 2023.

[39] N. Rajkumar, K. K. Kumar, M. Gokul, and S. Durai, “Post-Quantum Cryptography Security with CSPM for Secure Data Transmission in Cloud Environments,” in 2024 4th International Conference on Ubiquitous Computing and Intelligent Information Systems (ICUIS), Institute of Electrical and Electronics Engineers Inc., 2024, pp. 1456–1462. doi: 10.1109/ICUIS64676.2024.10866709.

[40] Sourav and R. Ali, “Post-quantum secure health records: a blockchain-based lattice threshold signcryption scheme,” Cluster Comput., vol. 28, no. 7, pp. 1–23, Sep. 2025, Accessed: Oct. 09, 2025. [Online]. Available: https://link.springer.com/article/10.1007/s10586-025-05117-2

[41] B. B. Sezer and S. Akleylek, “PPLBB: a novel privacy-preserving lattice-based blockchain platform in IoMT,” J. Supercomput., vol. 81, no. 1, Jan. 2025.

[42] P. Bagchi et al., “Public Blockchain-Envisioned Security Scheme Using Post Quantum Lattice-Based Aggregate Signature for Internet of Drones Applications,” IEEE Trans. Veh. Technol., vol. 72, no. 8, pp. 10393–10408, Aug. 2023, doi: 10.1109/TVT.2023.3260579.

[43] S. Prajapat, N. Kumar, A. K. Das, P. Kumar, and R. Ali, “Quantum-safe blockchain-assisted data encryption protocol for internet of things networks,” Cluster Comput., vol. 28, no. 1, pp. 1–15, Feb. 2025, Accessed: Oct. 28, 2025. [Online]. Available: https://link.springer.com/article/10.1007/s10586-024-04688-w

[44] A. Ahmad and J. Srirangan, “Quantum-safe mutual authentication scheme for IoHT using blockchain,” Results Eng., vol. 28, no. August, p. 106945, Dec. 2025, doi: 10.1016/j.rineng.2025.106945.

[45] H. B. Mahajan and A. A. Junnarkar, “Smart healthcare system using integrated and lightweight ECC with private blockchain for multimedia medical data processing,” Multimed. Tools Appl., vol. 82, no. 28, pp. 44335–44358, Nov. 2023, doi: 10.1007/S11042-023-15204-4.

[46] Y. Cao, S. Xu, X. B. Chen, G. Xu, Y. Chen, and Z. Li, “Towards attribute-based conjunctive encrypted search over lattice for internet of medical things,” Peer-to-Peer Netw. Appl., vol. 18, no. 5, Sep. 2025, doi: 10.1007/S12083-025-02089-3.

[47] R. I. Abdelfatah, R. M. Elsobky, and S. A. Khamis, “Ultra-secure quantum protection for e-healthcare images: Hybrid chaotic one-time pad with cipher chaining encryption framework,” J. King Saud Univ. - Comput. Inf. Sci., vol. 37, no. 6, pp. 1–43, Aug. 2025, doi: 10.1007/s44443-025-00155-7.

[48] B. Ndlovu and K. Maguraushe, “Balancing Ethics and Privacy in the Use of Artificial Intelligence in Institutions of Higher Learning: A Framework for Responsive AI Systems,” IJIE (Indonesian J. Informatics Educ., vol. 9, no. 1, p. 39, Jul. 2025, doi: 10.20961/IJIE.V9I1.100723.

[49] V. A. Muderere, B. Ndlovu, and K. Maguraushe, “Framework for Enhancing Interoperability, Data Exchange, and Security in Healthcare through Blockchain Technology,” Indones. J. Comput. Sci., vol. 12, no. 2, pp. 284–301, 2023, [Online]. Available: http://ijcs.stmikindonesia.ac.id/ijcs/index.php/ijcs/article/view/3135

Downloads

Published

2026-02-04

How to Cite

[1]
T. Ngwenya and B. Ndlovu, “A Systematic Review of Post-Quantum Cryptography for Healthcare Data Protection: Performance, Readiness, and Deployment Challenges”, JAIC, vol. 10, no. 1, pp. 134–149, Feb. 2026.

Issue

Vol. 10 No. 1 (2026): February 2026

Section

Articles

License

Copyright (c) 2026 Taboka Ngwenya, Belinda Ndlovu

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) ) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Similar Articles

1 2 3 4 5 > >> 

You may also start an advanced similarity search for this article.