Ciphertext-Policy Attribute-Based Signcryption With Verifiable Outsourced Designcryption for Sharing Personal Health Records

Personal health record (PHR) is a patient-centric model of health information exchange, which greatly facilitates the storage, access, and share of personal health information. In order to share the valuable resources and reduce the operational cost, the PHR service providers would like to store the PHR applications and health information data in the cloud. The private health information may be exposed to unauthorized organizations or individuals since the patient lost the physical control of their health information. Ciphertext-policy attribute-based signcryption is a promising solution to design a cloud-assisted PHR secure sharing system. It provides fine-grained access control, confidentiality, authenticity, and sender privacy of PHR data. However, a large number of pairing and modular exponentiation computations bring heavy computational overhead during designcryption process. In order to reconcile the conflict of high computational overhead and low efficiency in the designcryption process, an outsourcing scheme is proposed in this paper. In our scheme, the heavy computations are outsourced to ciphertext transformed server, only leaving a small computational overhead for the PHR user. At the same time, the extra communication overhead in our scheme is actually tolerable. Furthermore, theoretical analysis and the desired securing properties including confidentiality, unforgeability, and verifiability have been proved formally in the random oracle model. Experimental evaluation indicates that the proposed scheme is practical and feasible.

[1]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[3]  Javier Herranz,et al.  Short Attribute-Based Signatures for Threshold Predicates , 2012, CT-RSA.

[4]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[5]  Tatsuaki Okamoto,et al.  Efficient Attribute-Based Signatures for Non-Monotone Predicates in the Standard Model , 2014, IEEE Transactions on Cloud Computing.

[6]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[7]  Jinguang Han,et al.  VOD-ADAC: Anonymous Distributed Fine-Grained Access Control Protocol with Verifiable Outsourced Decryption in Public Cloud , 2020, IEEE Transactions on Services Computing.

[8]  G. Ravi,et al.  Attribute Based Encryption With Verifiable Outsourced Decryption , 2014 .

[9]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[10]  Huaxiong Wang,et al.  Spatial encryption supporting non-monotone access structure , 2014, Des. Codes Cryptogr..

[11]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[12]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[13]  Manoj Prabhakaran,et al.  Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance , 2008, IACR Cryptol. ePrint Arch..

[14]  Jian Shen,et al.  Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length , 2017, Secur. Commun. Networks.

[15]  Hao Wang,et al.  Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing , 2016, Soft Computing.

[16]  Qixiang Mei,et al.  Generic and Efficient Constructions of Attribute-Based Encryption with Verifiable Outsourced Decryption , 2016, IEEE Transactions on Dependable and Secure Computing.

[17]  Xiaolei Dong,et al.  Fuzzy Identity Based Signature , 2008, IACR Cryptol. ePrint Arch..

[18]  Y. Sreenivasa Rao,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing , 2017, Future Gener. Comput. Syst..

[19]  Rui Zhang,et al.  Fine-grained access control system based on fully outsourced attribute-based encryption , 2017, J. Syst. Softw..

[20]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.

[21]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[22]  Wenfen Liu,et al.  Traceable attribute-based signcryption , 2014, Secur. Commun. Networks.

[23]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[24]  Hui Ma,et al.  Verifiable and Exculpable Outsourced Attribute-Based Encryption for Access Control in Cloud Computing , 2017, IEEE Transactions on Dependable and Secure Computing.

[25]  Robert H. Deng,et al.  Attribute-Based Encryption With Efficient Verifiable Outsourced Decryption , 2015, IEEE Transactions on Information Forensics and Security.

[26]  Tatsuaki Okamoto,et al.  Decentralized Attribute-Based Signatures , 2013, Public Key Cryptography.

[27]  Qiaoyan Wen,et al.  Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing , 2016, IEEE Transactions on Parallel and Distributed Systems.

[28]  Cheng Chen,et al.  Combined Public-Key Schemes: The Case of ABE and ABS , 2012, ProvSec.

[29]  Yi Mu,et al.  Server-Aided Verification Signatures: Definitions and New Constructions , 2008, ProvSec.

[30]  Mingchu Li,et al.  Attribute-based ring signcryption scheme , 2013, Secur. Commun. Networks.

[31]  Xiaofeng Liao,et al.  Body Area Network Security: A Fuzzy Attribute-Based Signcryption Scheme , 2013, IEEE Journal on Selected Areas in Communications.

[32]  Atsuko Miyaji,et al.  Dynamic attribute-based signcryption without random oracles , 2012, Int. J. Appl. Cryptogr..

[33]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signcryption , 2010, SCN.

[34]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[35]  Changji Wang,et al.  Attribute-based Signcryption with Ciphertext-policy and Claim-predicate Mechanism , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.

[36]  Joseph K. Liu,et al.  Secure sharing of Personal Health Records in cloud computing: Ciphertext-Policy Attribute-Based Signcryption , 2015, Future Gener. Comput. Syst..

[37]  Guo Shaniqng,et al.  Attribute-based Signature Scheme , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[38]  Rui Zhang,et al.  A Blockchain based Access Control System for Cloud Storage , 2019 .

[39]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.

[40]  Duncan S. Wong,et al.  Secure Outsourced Attribute-Based Signatures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[41]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[42]  Paz Morillo,et al.  Revocable Attribute-Based Signatures with Adaptive Security in the Standard Model , 2011, AFRICACRYPT.

[43]  Ratna Dutta,et al.  Expressive Attribute Based Signcryption with Constant-Size Ciphertext , 2014, AFRICACRYPT.

[44]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[45]  Adam Duffy,et al.  A Biometric Identity Based Signature Scheme , 2007, Int. J. Netw. Secur..

[46]  Willy Susilo,et al.  Server-aided signatures verification secure against collusion attack , 2011, ASIACCS '11.