A Multiparty Homomorphic Encryption Approach to Confidential Federated Kaplan–Meier Survival Analysis

The proliferation of real-world healthcare data has substantially expanded opportunities for collaborative research, yet stringent privacy regulations hinder the pooling of sensitive patient records in a single location. To address this dilemma, we propose a multiparty homomorphic encryption-based framework for privacypreserving federated Kaplan–Meier survival analysis, surpassing existing methods by offering native floating-point support, a detailed theoretical model, and explicit mitigation of reconstruction attacks. Compared to prior work, our framework provides a more comprehensive analysis of noise growth and convergence, guaranteeing that the encrypted federated survival estimates closely match centralized (unencrypted) outcomes. Formal utility-loss bounds demonstrate that as aggregation and decryption noise diminish, the encrypted estimator converges to its unencrypted counterpart. Extensive experiments on the NCCTG Lung Cancer and the IKNL synthetic Breast Cancer dataset confirm that the mean absolute error (MAE) and root mean squared error (RMSE) remain low, indicating only negligible deviations between encrypted and non-encrypted federated survival curves. Log-rank tests further reveal no significant difference between federated encrypted and non-encrypted analyses, thereby preserving statistical validity. Additionally, an in-depth reconstruction-attack evaluation shows that smaller federations (2–3 providers) with overlapping data are acutely vulnerable, a challenge our multiparty encryption effectively neutralizes. Larger federations (5–50 sites) inherently degrade reconstruction accuracy, yet encryption remains prudent for maximum confidentiality. Despite an overhead factor of 8–19× compared to non-encrypted computation, our results show that threshold-based homomorphic encryption is feasible for moderate-scale deployments, balancing security needs with acceptable runtime. By furnishing robust privacy guarantees alongside high-fidelity survival estimates, this framework significantly advances the state of the art in secure, multi-institutional survival analysis.