Efficient Identity-Based Distributed Decryption Scheme for Electronic Personal Health Record Sharing System

The rapid development of the Internet of Things (IoT) has led to the emergence of more and more novel applications in recent years. One of them is the e-health system, which can provide people with high-quality and convenient health care. Meanwhile, it is a key issue and challenge to protect the privacy and security of the user’s personal health record. Some cryptographic methods have been proposed such as encrypt user’s data before sharing it. However, it is complicated to share the data with multiple parties (doctors, health departments, etc.), due to the fact that data should be encrypted under each recipient’s keys. Although several $(t,n)$ threshold secret sharing schemes can share the data only need one encryption operation, there is a limitation that the decryption private key has to be reconstructed by one party. To offset this shortcoming, in this paper, we propose an efficient identity-based distributed decryption scheme for personal health record sharing system. It is convenient to share their data with multiple parties and does not require to reconstruct the decryption private key. We prove that our scheme is secure under chosen-ciphertext attack (CCA). Moreover, we implement our scheme by using the Java pairing-based cryptography (JPBC) library on a laptop and an Android phone. The experimental results show that our system is practical and effective in the electronic personal health record system.

[1]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[2]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[3]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[4]  Victor I. Chang,et al.  Privacy-preserving smart IoT-based healthcare big data storage and self-adaptive access control system , 2018, Inf. Sci..

[5]  Xavier Boyen,et al.  Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems , 2007, RFC.

[6]  Dong-Yuan Shi,et al.  An Efficient Cloud-Based Personal Health Records System Using Attribute-Based Encryption and Anonymous Multi-receiver Identity-Based Encryption , 2014, 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[7]  Mohammad S. Obaidat,et al.  Security of e-Systems and Computer Networks , 2007 .

[8]  Ambadas Wairagar,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2016 .

[9]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[10]  José Luis Fernández Alemán,et al.  Security and privacy in electronic health records: A systematic literature review , 2013, J. Biomed. Informatics.

[11]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[12]  Kenneth D. Mandl,et al.  Indivo: a personally controlled health record for health information exchange and communication , 2007, BMC Medical Informatics Decis. Mak..

[13]  Jorge Werner,et al.  A Cloud Computing Solution for Patient's Data Collection in Health Care Institutions , 2010, 2010 Second International Conference on eHealth, Telemedicine, and Social Medicine.

[14]  Yi Mu,et al.  Privacy-Preserving and Secure Sharing of PHR in the Cloud , 2016, Journal of Medical Systems.

[15]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[16]  Matthew Green,et al.  Securing electronic medical records using attribute-based encryption on mobile devices , 2011, SPSM '11.

[17]  Qiming Huang,et al.  Securable Personal Health Records using ciphertext policy attribute based encryption , 2012, 2012 IEEE 14th International Conference on e-Health Networking, Applications and Services (Healthcom).

[18]  Jiankun Hu,et al.  Corresponding author’s address: , 2022 .

[19]  Huaxiong Wang,et al.  Revocable Identity-Based Encryption from Lattices , 2012, ACISP.

[20]  Xavier Boyen,et al.  Identity-Based Encryption from Lattices in the Standard Model , 2009 .

[21]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.

[22]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[23]  Pieter H. Hartel,et al.  A Type-and-Identity-Based Proxy Re-encryption Scheme and Its Application in Healthcare , 2008, Secure Data Management.

[24]  Mihai Lica,et al.  IDENTITY-BASED CHRYPTOGRAPHY : FROM PROPOSALS TO EVERYDAY USE , 2014 .

[25]  Muthu Ramachandran,et al.  Cloud Computing Adoption Framework – a security framework for business clouds , 2015 .

[26]  Victor I. Chang,et al.  Privacy-preserving fusion of IoT and big data for e-health , 2018, Future Gener. Comput. Syst..

[27]  Craig Gentry,et al.  Space-Efficient Identity Based EncryptionWithout Pairings , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[28]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[29]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[30]  Xuejiao Liu,et al.  Secure and efficient querying over personal health records in cloud computing , 2018, Neurocomputing.

[31]  David W. Bates,et al.  White Paper: Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption , 2006, J. Am. Medical Informatics Assoc..

[32]  G Eysenbach,et al.  What is e-health? , 2001, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[33]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[34]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..