Method for privacy-preserving medical risk test

1 . A privacy-preserving method for performing a disease susceptibility test on a patient, said method comprising: (I) performing homomorphic computations, so as to retrieve an encrypted test result; (J) partly decrypting said test result with a first part of a private key, (L) decrypting the partly decrypted result with a second part of said private key, wherein said homomorphic computations are based on encrypted genomic markers of the patient, on encrypted clinical and/or environmental markers, and on encrypted ancestry markers of the patient. 2 . The method of claim 1 , further comprising: (A) generating a pair of encryption keys comprising said private key and one public key corresponding to said private key; (B) dividing said private key in said first and second parts; (C) making a first one of said parts available to one user of said results, and a second one of said parts available to a data center; (D) retrieving a set of patient markers including said genomic markers and said clinical and environmental markers; (E) individually encrypting a plurality of said patient markers with said public key; (F) making at least some of said encrypted patient markers available to said data center. 3 . The method of claim 2 , wherein said homomorphic computations are performed by said user, said step (J) of obtaining a result which is partly decrypted being performed at said data center, said step (L) of decrypting said partly decrypted result being performed by said user. 4 . The method of claim 2 , wherein said homomorphic computations are performed in said data center, said step (J) of obtaining a result which is partly decrypted being performed at said data center, said step (L) of decrypting said partly decrypted result being performed by said user. 5 . The method of claim 1 , further comprising: (G) transmitting to said data center a selection of identifiers of patient markers, at least some of said patient markers being required for said homomorphic computation; (H) retrieving in said data center patient markers corresponding to said identifiers. 6 . The method of claim 5 , wherein said identifiers are encrypted with a symmetric key known by said user and unknown by said data center, so as to prevent said data center from knowing which patient markers are tested. 7 . The method of claim 5 , wherein said selection of identifiers comprises dummy identifiers for markers with no contribution to said result, in order to conceal the type of said test from said data center. 8 . The method of claim 1 , wherein said encrypted ancestry markers are inferred from genomic markers or from said encrypted genomic markers of the patient. 9 . The method of claim 8 , further comprising transmitting to said Data Center weights, said step (I) of performing homomorphic computations further comprising using said weights and said encrypted genomic markers for inferring an encrypted ancestry group with a principal component analysis. 10 . The method of claim 8 , said step of inferring the ancestry group comprising a determination of the similarity between said genomic markers and a plurality of clusters, each cluster corresponding to one ancestry group. 11 . The method of claim 10 , said determination of similarity being performed in the encrypted domain. 12 . The method of claim 8 , further comprising a step of performing a Principal Component Analysis on an external reference panel of genotypes, and a step of clustering the results of said Principal Component Analysis. 13 . The method of claim 1 , said user being a medical clinic. 14 . The method of claim 1 , said user being a device such as a personal computer, tablet, mobile phone, laptop or smart card. 15 . A data center, comprising: a storage module for storing a set of encrypted patient markers including genomic markers, clinical and environmental markers, and ancestry markers; a module for transmitting a selection of patient markers to a user; a module for receiving an encrypted result from said user; a cryptographic module arranged for decrypting said result with a part of a private key; means for transmitting the partly decrypted result to said user (MC). 16 . A data center, comprising: a storage module for storing a set of patient markers including genomic markers, clinical and environmental markers, and ancestry markers; a computing module arranged for performing homomorphic computations based on said genomic markers, on said clinical and environmental markers, and on said ancestry markers, so as to retrieve an encrypted result; a cryptographic module arranged for decrypting said result with a part of a private key; means for transmitting the partly decrypted result to one user. 17 . The data center of claim 16 , said computing module being arranged for determining a similarity between some genomic markers and a plurality of clusters, so as to retrieve encrypted ancestry markers. 18 . A user system comprising: means for transmitting to a data center identifiers of patient genomic, clinical and environmental, and ancestry markers; means for receiving encrypted genomic, clinical and environmental, and ancestry markers; computations based on said genomic markers, on said clinical and environmental markers, and on said ancestry markers, so as to retrieve an encrypted result; means for transmitting the encrypted result to said data center; means for receiving a partly decrypted result; a cryptographic module arranged for decrypting said partly decrypted result with a part of a private key. 19 . A computer readable storage medium having recorded thereon a computer program for performing a disease susceptibility test on a patient, said test comprising: (I) performing homomorphic computations, so as to retrieve an encrypted test result; (J) partly decrypting said test result with a first part of a private key, (L) sending the partly decrypted result to a user, wherein said homomorphic computations are based on encrypted genomic markers of the patient, on encrypted clinical and/or environmental markers, and on encrypted ancestry markers of the patient. 20 . A computer readable storage medium having recorded thereon a computer program for performing a disease susceptibility test on a patient, said test comprising: transmitting to a data center a selection of identifiers of patient markers, at least some of said identifiers identifying genomic markers, on clinical and/or environmental markers, and ancestry markers of the patient; receiving from said data center a partly decrypted result of an homomorphic computation based on identified encrypted genomic markers of the patient, on identified encrypted clinical and/or environmental markers, and on identified encrypted ancestry markers of the patient; decrypting the partly decrypted result with a second part of said private key.