Verifiable Attribute-based Keyword Search Encryption with Attribute Revocation for Electronic Health Record System

Considering the security requirements of electronic health record (EHR) system, we propose a ciphertext-policy attribute-based encryption scheme, which can support data retrieval, result verification and attribute revocation. In the proposed scheme, we make use of the BLS signature technique to achieve result verification for attribute-based keyword search encryption. In addition, key encrypting key (KEK) tree and re-encryption are utilized to achieve efficient attribute revocation. By giving thorough security analysis, the proposed scheme is proven to achieve: 1) Indistinguishability against selective ciphertext-policy and chosen plaintext attack under the decisional q-parallel bilinear Diffie-Hellman exponent hardness assumption; 2) Indistinguishability against chosen-keyword attack under the bilinear Diffie-Hellman assumption in the random oracle model. Moreover, the performance analysis results demonstrate that the proposed scheme is efficient and practical in electronic health record system.

[1]  Daya Gupta,et al.  CP-ABE for Selective Access with Scalable Revocation: A Case Study for Mobile-based Healthfolder , 2018, Int. J. Netw. Secur..

[2]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[3]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[4]  Tiegang Gao,et al.  Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data by Chaos Based Arithmetic Coding and Confusion , 2019, Int. J. Netw. Secur..

[5]  M. Lilly Florence,et al.  Enhanced Secure Sharing of PHRs in Cloud Using Attribute-Based Encryption and Signature with Keyword Search , 2018 .

[6]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[7]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[8]  Timothy W. Finin,et al.  Attribute Based Encryption for Secure Access to Cloud Based EHR Systems , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[9]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[10]  Yang Zhao,et al.  An efficient and revocable storage CP-ABE scheme in the cloud computing , 2018, Computing.

[11]  Min-Shiang Hwang,et al.  A Study of Attribute-based Proxy Re-encryption Scheme in Cloud Environments , 2014, Int. J. Netw. Secur..

[12]  Fatos Xhafa,et al.  An efficient PHR service system supporting fuzzy keyword search and fine-grained access control , 2013, Soft Computing.

[13]  Jianfeng Ma,et al.  VMKDO: Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner , 2016, Peer-to-Peer Networking and Applications.

[14]  Y. Sreenivasa Rao,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing , 2017, Future Gener. Comput. Syst..

[15]  Cheng-Chi Lee,et al.  A Batch Verification for Multiple Proxy Signature , 2011, Parallel Process. Lett..

[16]  Duo Zhang,et al.  Efficiently Revocable and Searchable Attribute-Based Encryption Scheme for Mobile Cloud Storage , 2018, IEEE Access.

[17]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[18]  Yiwei Thomas Hou,et al.  Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.

[19]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[20]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[21]  Yinghui Zhang,et al.  Hidden Policy Attribute-Based Data Sharing with Direct Revocation and Keyword Search in Cloud Computing , 2018, Sensors.

[22]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[23]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[24]  Majid Bayat,et al.  A Lightweight and Efficient Data Sharing Scheme for Cloud Computing , 2018 .

[25]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[26]  Gandikota Ramu,et al.  A Secure Framework for Ensuring EHR's Integrity Using Fine-Grained Auditing and CP-ABE , 2016, 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).

[27]  Gandikota Ramu,et al.  A secure cloud framework to share EHRs using modified CP-ABE and the attribute bloom filter , 2018, Education and Information Technologies.