A Lightweight CP-ABE Scheme for EHR Over Cloud Based on Blockchain and Secure Multi-Party Computation
Jiawen Qiao
School of Cyber Science and Technology, Beihang University, Beijing, China
Search for more papers by this authorCorresponding Author
Na Wang
School of Cyber Science and Technology, Beihang University, Beijing, China
Correspondence: Na Wang ([email protected]) and Junsong Fu ([email protected])
Search for more papers by this authorCorresponding Author
Junsong Fu
School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China
Correspondence: Na Wang ([email protected]) and Junsong Fu ([email protected])
Search for more papers by this authorLunzhi Deng
School of Mathematical Sciences, Guizhou Normal University, Guiyang, China
Search for more papers by this authorJingjing Wang
School of Cyber Science and Technology, Beihang University, Beijing, China
Search for more papers by this authorJianwei Liu
School of Cyber Science and Technology, Beihang University, Beijing, China
Search for more papers by this authorJiawen Qiao
School of Cyber Science and Technology, Beihang University, Beijing, China
Search for more papers by this authorCorresponding Author
Na Wang
School of Cyber Science and Technology, Beihang University, Beijing, China
Correspondence: Na Wang ([email protected]) and Junsong Fu ([email protected])
Search for more papers by this authorCorresponding Author
Junsong Fu
School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China
Correspondence: Na Wang ([email protected]) and Junsong Fu ([email protected])
Search for more papers by this authorLunzhi Deng
School of Mathematical Sciences, Guizhou Normal University, Guiyang, China
Search for more papers by this authorJingjing Wang
School of Cyber Science and Technology, Beihang University, Beijing, China
Search for more papers by this authorJianwei Liu
School of Cyber Science and Technology, Beihang University, Beijing, China
Search for more papers by this authorABSTRACT
With the growth of cloud computing and the popularity of electronic health records (EHR), more and more patients and hospitals are uploading EHR to the cloud for storage, retrieval and organization. Due to the privacy of EHR, cloud-based EHR systems need to protect data security and provide access control, and attribute-based encryption (ABE) is the appropriate technology. Nevertheless, traditional single-center ABE schemes do not conform to the collaborative scenario of electronic health care, and some of them do not support real-time attribute update. Consequently, this paper proposes a lightweight CP-ABE scheme for EHR over cloud based on blockchain and secure multi-party computation (LCBS). First, we introduce the model of multi-authority and innovatively apply secure multi-party computation to initialize the system, which maintains normal system operation while the power is decentralized. Second, we deploy a blockchain suitable for EHR systems to record the users' key information, assisting multiple entities to verify the key at different stages and protecting the EHR from illegal acquisition. In addition, our scheme supports lightweight attribute update, which requires small amount of computational overhead to achieve instant attribute update. Finally, through formal security analysis and simulation experiments of the LCBS system, it is shown that our scheme guarantees data security and improves computing efficiency.
Open Research
Data Availability Statement
Research data are not shared.
References
- 1M. Wang, Y. Guo, C. Zhang, C. Wang, H. Huang, and X. Jia, “Medshare: A Privacy-Preserving Medical Data Sharing System by Using Blockchain,” IEEE Transactions on Services Computing 16, no. 1 (2023): 438–451.
- 2Y. Zhang, M. Qiu, C.-W. Tsai, M. M. Hassan, and A. Alamri, “Health-CPS: Healthcare Cyber-Physical System Assisted by Cloud and Big Data,” IEEE Systems Journal 11, no. 1 (2015): 88–95.
- 3T. Dillon, C. Wu, and E. Chang, “ Cloud Computing: Issues and Challenges,” in 2010 24th IEEE International Conference on Advanced Information Networking and Applications, Perth, Australia (2010), 27–33.
10.1109/AINA.2010.187 Google Scholar
- 4B. V. Rani and P. Singh, “ A Survey On Electronic Health Records (EHRS): Challenges And Solutions,” 2022 6th International Conference on Computing Methodologies and Communication (ICCMC), Erode, India (2022), 655–658.
10.1109/ICCMC53470.2022.9754040 Google Scholar
- 5F. Xhafa, J. Feng, Y. Zhang, X. Chen, and J. Li, “Privacy-Aware Attribute-Based Phr Sharing With User Accountability in Cloud Computing,” Journal of Supercomputing 71 (2015): 1607–1619.
- 6M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, “Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption,” IEEE Transactions on Parallel and Distributed Systems 24, no. 1 (2012): 131–143.
- 7R. Lu, X. Lin, and X. Shen, “Spoc: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency,” IEEE Transactions on Parallel and Distributed Systems 24, no. 3 (2012): 614–624.
10.1109/TPDS.2012.146 Google Scholar
- 8J. Liu, X. Huang, and J. K. Liu, “Secure Sharing of Personal Health Records in Cloud Computing: Ciphertext-Policy Attribute-Based Signcryption,” Future Generation Computer Systems 52 (2015): 67–76.
- 9M. Pirretti, P. Traynor, P. McDaniel, and B. Waters, “Secure Attribute-Based Systems,” Journal of Computer Security 18, no. 5 (2010): 799–837.
10.3233/JCS-2009-0383 Google Scholar
- 10H. Wang, Z. Zheng, L. Wu, and P. Li, “New Directly Revocable Attribute-Based Encryption Scheme and Its Application in Cloud Storage Environment,” Cluster Computing 20 (2017): 2385–2392.
- 11S. Nakamoto, Bitcoin: A Peer-To-Peer Electronic Cash System (2008), https://www.debr.io/article/21260.pdf.
- 12R. Guo, H. Shi, Q. Zhao, and D. Zheng, “Secure Attribute-Based Signature Scheme With Multiple Authorities for Blockchain in Electronic Health Records Systems,” IEEE Access 6 (2018): 11676–11686.
- 13S. Cao, G. Zhang, P. Liu, X. Zhang, and F. Neri, “Cloud-Assisted Secure Ehealth Systems for Tamper-Proofing Ehr via Blockchain,” Information Sciences 485 (2019): 427–440.
- 14A. Ekblaw, A. Azaria, J. D. Halamka, and A. Lippman, “ A Case Study for Blockchain in Healthcare: “Medrec” Prototype for Electronic Health Records and Medical Research Data,” in Proceedings of IEEE Open & Big Data Conference, vol. 13 (2016), 1–13.
- 15F. Li, K. Liu, L. Zhang, S. Huang, and Q. Wu, “Ehrchain: A Blockchain-Based Ehr System Using Attribute-Based and Homomorphic Cryptosystem,” IEEE Transactions on Services Computing 15, no. 5 (2021): 2755–2765.
10.1109/TSC.2021.3078119 Google Scholar
- 16M. Xiao, Q. Huang, Y. Miao, S. Li, and W. Susilo, “Blockchain Based Multi-Authority Fine-Grained Access Control System With Flexible Revocation,” IEEE Transactions on Services Computing 15, no. 6 (2021): 3143–3155.
10.1109/TSC.2021.3086023 Google Scholar
- 17O. Goldreich, “Secure Multi-Party Computation,” Manuscript, Preliminary Version 78, no. 110 (1998): 1–108.
- 18D. Boneh, Identity-Based Encryption From the Weil Pairing (Berlin, Heidelberg: Crypto, 2001).
10.1007/3-540-44647-8_13 Google Scholar
- 19R. Ma, L. Zhang, Q. Wu, Y. Mu, and F. Rezaeibagha, “Be-Trdss: Blockchain-Enabled Secure and Efficient Traceable-Revocable Data-Sharing Scheme in Industrial Internet of Things,” IEEE Transactions on Industrial Informatics 19, no. 11 (2023): 10821–10830.
- 20J. Wei, X. Chen, X. Huang, X. Hu, and W. Susilo, “Rs-Habe: Revocable-Storage and Hierarchical Attribute-Based Access Scheme for Secure Sharing of e-Health Records in Public Cloud,” IEEE Transactions on Dependable and Secure Computing 18, no. 5 (2019): 2301–2315.
- 21G. Xiang, B. Li, X. Fu, M. Xia, and W. Ke, “ An Attribute Revocable CP-abe Scheme,” in Seventh International Conference on Advanced Cloud and Big Data (CBD), Suzhou, China, vol. 2019 (2019), 198–203.
10.1109/CBD.2019.00044 Google Scholar
- 22S. Wang, K. Guo, and Y. Zhang, “Traceable Ciphertext-Policy Attribute-Based Encryption Scheme With Attribute Level User Revocation for Cloud Storage,” PLoS One 13, no. 9 (2018): e0203225.
- 23K. Xue, N. Gai, J. Hong, D. S. Wei, P. Hong, and N. Yu, “Efficient and Secure Attribute-Based Access Control With Identical Sub-Policies Frequently Used in Cloud Storage,” IEEE Transactions on Dependable and Secure Computing 19, no. 1 (2020): 635–646.
10.1109/TDSC.2020.2987903 Google Scholar
- 24Q. Li, B. Xia, H. Huang, Y. Zhang, and T. Zhang, “Trac: Traceable and Revocable Access Control Scheme for Mhealth in 5g-Enabled Iiot,” IEEE Transactions on Industrial Informatics 18, no. 5 (2021): 3437–3448.
10.1109/TII.2021.3109090 Google Scholar
- 25D. Ziegler and A. Marsalek, “ Efficient Revocable Attribute-Based Encryption With Hidden Policies,” in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China (2020), 1638–1645.
- 26K. Sethi, A. Pradhan, and P. Bera, “Pmter-Abe: A Practical Multi-Authority Cp-Abe With Traceability, Revocation and Outsourcing Decryption for Secure Access Control in Cloud Systems,” Cluster Computing 24 (2021): 1525–1550.
- 27R. Zhang, J. Li, Y. Lu, J. Han, and Y. Zhang, “Key Escrow-Free Attribute Based Encryption With User Revocation,” Information Sciences 600 (2022): 59–72.
- 28Z. Liu, F. Wang, K. Chen, and F. Tang, “A New User Revocable Ciphertext-Policy Attribute-Based Encryption With Ciphertext Update,” Security and Communication Networks 2020 (2020): 1–11.
- 29S. Chen, J. Li, Y. Zhang, and J. Han, “Efficient Revocable Attribute-Based Encryption With Verifiable Data Integrity,” IEEE Internet of Things Journal 11, no. 6 (2024): 10 441–10 451.
- 30J. Ning, Z. Cao, X. Dong, K. Liang, L. Wei, and K.-K. R. Choo, “Cryptcloud ˆ++: Secure and Expressive Data Access Control for Cloud Storage,” IEEE Transactions on Services Computing 14, no. 1 (2018): 111–124.
- 31G. Yu, Z. Cao, G. Zeng, and W. Han, “ Accountable Ciphertext-Policy Attribute-Based Encryption Scheme Supporting Public Verifiability and Nonrepudiation,” in Provable Security: 10th International Conference, ProvSec 2016, Nanjing, China, November 10–11, 2016, Proceedings 10 (Cham: Springer, 2016), 3–18.
- 32X. Yang, T. Li, W. Xi, A. Chen, and C. Wang, “A Blockchain-Assisted Verifiable Outsourced Attribute-Based Signcryption Scheme for Ehrs Sharing in the Cloud,” IEEE Access 8 (2020): 170713–170731.
- 33R. Guo, H. Shi, D. Zheng, C. Jing, C. Zhuang, and Z. Wang, “Flexible and Efficient Blockchain-Based Abe Scheme With Multi-Authority for Medical on Demand in Telemedicine System,” IEEE Access 7 (2019): 88012–88025.
- 34Y. Guo, Z. Lu, H. Ge, and J. Li, “Revocable Blockchain-Aided Attribute-Based Encryption With Escrow-Free in Cloud Storage,” IEEE Transactions on Computers 72, no. 7 (2023): 1901–1912.
- 35K. Ogawa and K. Nuida, “ Privacy Preservation for Versatile Pay-Tv Services,” in HCI for Cybersecurity, Privacy and Trust: First International Conference, HCI-CPT 2019, Held as Part of the 21st HCI International Conference, HCII 2019, Orlando, FL, USA, July 26–31, 2019, Proceedings 21 (Cham: Springer, 2019), 417–428.
10.1007/978-3-030-22351-9_28 Google Scholar
- 36Z. Ren, E. Yan, T. Chen, and Y. Yu, “Blockchain-Based Cp-Abe Data Sharing and Privacy-Preserving Scheme Using Distributed Kms and Zero-Knowledge Proof,” Journal of King Saud University, Computer and Information Sciences 36 (2024): 101969.
- 37A. Shamir, “How to Share a Secret,” Communications of the ACM 22, no. 11 (1979): 612–613.
- 38A. Beimel, “ Secure Schemes for Secret Sharing and Key Distribution” (1996).
- 39G. Becker, Merkle Signature Schemes, Merkle Trees and Their Cryptanalysis, vol. 12 (Bochum, Germany: Ruhr-University Bochum, Tech. Rep, 2008), 19.
- 40M. Ben-Or, S. Goldwasser, and A. Wigderson, “ Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation,” in Proceedings of the ACM Symposium on Theory of Computing, Chicago, IL (1998), 1–10.
- 41K. Yu, L. Tan, M. Aloqaily, H. Yang, and Y. Jararweh, “Blockchain-Enhanced Data Sharing With Traceable and Direct Revocation in Iiot,” IEEE Transactions on Industrial Informatics 17, no. 11 (2021): 7669–7678.
- 42X. Chen, Y. Chen, X. Wang, X. Zhu, and K. Fang, “Dsvn: A Flexible and Secure Data-Sharing Model for Vanet Based on Blockchain,” Applied Sciences 13, no. 1 (2022): 217.
10.3390/app13010217 Google Scholar
