Revocable Attribute-Based Encryption Scheme With Efficient Deduplication for Ehealth Systems

The deduplication based on attribute-based encryption can be well used in eHealth systems to save storage space and share medical records. However, the excessive computation costs of existing schemes lead to inefficient deduplication. In addition, the frequent changes of clients’ attribute weaken the forward secrecy of data, and thus, how to achieve the attribute revocation in deduplication is a problem that remains to be solved. In this paper, we propose a variant of the attribute-based encryption scheme that supports efficient deduplication and attributes revocation for eHealth systems. Specifically, an efficient deduplication protocol based on the nature of prime number is used to alleviate the computation burden on the private cloud, and attribute revocation is realized by updating the attribute agent key and the ciphertext. Moreover, outsourcing decryption is introduced to reduce the computation overhead of clients. The security analysis argues that the proposed scheme can reach the desired security requirements, and the visual experiment result indicates the excellent performance of the proposed scheme while realizing deduplication and attribute revocation.

[1]  Martín Abadi,et al.  Message-Locked Encryption for Lock-Dependent Messages , 2013, IACR Cryptol. ePrint Arch..

[2]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[3]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[4]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[5]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[6]  Duo Zhang,et al.  Efficiently Revocable and Searchable Attribute-Based Encryption Scheme for Mobile Cloud Storage , 2018, IEEE Access.

[7]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[8]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[9]  Keita Emura,et al.  Revocable Identity-Based Cryptosystem Revisited: Security Models and Constructions , 2014, IEEE Transactions on Information Forensics and Security.

[10]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[11]  Dong Hoon Lee,et al.  New Constructions of Revocable Identity-Based Encryption From Multilinear Maps , 2015, IEEE Transactions on Information Forensics and Security.

[12]  Xiaodong Lin,et al.  HealthDep: An Efficient and Secure Deduplication Scheme for Cloud-Assisted eHealth Systems , 2018, IEEE Transactions on Industrial Informatics.

[13]  Xiaohu Tang,et al.  Achieving Efficient and Privacy-Preserving Multi-Domain Big Data Deduplication in Cloud , 2018, IEEE Transactions on Services Computing.

[14]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[15]  Yi Mu,et al.  Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation , 2019, Inf. Sci..

[16]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[17]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[18]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[19]  Tao Jiang,et al.  Secure and Efficient Cloud Data Deduplication With Randomized Tag , 2017, IEEE Transactions on Information Forensics and Security.

[20]  Pradeep Kumar Ray,et al.  The Need for Technical Solutions for Maintaining the Privacy of EHR , 2006, 2006 International Conference of the IEEE Engineering in Medicine and Biology Society.

[21]  Roberto Di Pietro,et al.  A tunable proof of ownership scheme for deduplication using Bloom filters , 2014, 2014 IEEE Conference on Communications and Network Security.

[22]  Tsz Hon Yuen,et al.  Time-Based Direct Revocable Ciphertext-Policy Attribute-Based Encryption with Short Revocation List , 2018, IACR Cryptol. ePrint Arch..

[23]  Yinghui Zhang,et al.  Efficient and privacy-aware attribute-based data sharing in mobile cloud computing , 2017, Journal of Ambient Intelligence and Humanized Computing.

[24]  Kui Ren,et al.  Attribute-based fine-grained access control with efficient revocation in cloud storage systems , 2013, ASIA CCS '13.

[25]  Robert H. Deng,et al.  Attribute-Based Storage Supporting Secure Deduplication of Encrypted Data in Cloud , 2019, IEEE Transactions on Big Data.

[26]  Pieter H. Hartel,et al.  Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application , 2009, WISA.

[27]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[28]  Jianfeng Ma,et al.  Secure, efficient and revocable multi-authority access control system in cloud storage , 2016, Comput. Secur..

[29]  Yucheng Zhang,et al.  A similarity-aware encrypted deduplication scheme with flexible access control in the cloud , 2017, Future Gener. Comput. Syst..

[30]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[31]  Jin Li,et al.  An Efficient Ciphertext-Policy Attribute-Based Access Control towards Revocation in Cloud Computing , 2013, J. Univers. Comput. Sci..

[32]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[33]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[34]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[35]  Jian Shen,et al.  User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage , 2018, IEEE Systems Journal.