Privacy-Preserving Genomic Data Sharing via Hybrid AES/ECC and Blockchain-Based Dynamic Consent

Genomic data are growing exponentially, creating opportunities for discovery but also raising significant concerns regarding privacy, security, and governance. We present a framework that encrypts genome-scale files using AES-256-GCM and protects keys per recipient via Curve25519, anchors only content identifiers and encrypted keys on a blockchain smart contract, and stores ciphertext off-chain in IPFS. The design enables dynamic, auditable consent through on-chain access-control lists (grant/revoke with immutable events) while keeping raw genomes off-chain. A working prototype on the Ethereum Sepolia testnet demonstrates end-to-end registration, retrieval, and revocation. Experiments on the human reference genome (hg38) and synthetic sequences demonstrate near-AES performance for multi-gigabyte files and strong diffusion, as per the avalanche criterion. By separating the data plane (symmetric encryption) from the control plane (public-key keying + smart contracts), the system delivers practical, privacy-preserving genomic data sharing suitable for IRB-approved cohort and clinical workflows.