Cloud medical treatment provides real-time data sharing in a cost-effective method, making it more practical to create, collect and manage vast amounts of personal health records (PHR) of patients. However, health information is considered highly sensitive. How to securely store and dynamically process massive patients’ PHR data in a public cloud environment has become one of the most important challenges. Therefore, we introduce a novel solution to the problems of privacy exposure, data security and flexible access of storage modules in medical systems. In this paper, we present a privacy-preserving certificateless broadcast encryption with authorization for the PHR system, which is the best approach to effectively solve the above problems and avoid key escrow. In our work, users (patients) outsource their encrypted data to the cloud server and reallocate data accessing rights of recipients through an authorization set, sharing with a group of authorized receivers (doctors) in a secure and efficient manner. In addition, it is shown to be capable of achieving both plaintext confidentiality and receiver anonymity under the random oracle model. Moreover, the experimental evaluation shows that the proposed scheme enjoys low computational and communication overhead, indicating the feasibility and practicality of the scheme.
Identity‐based encryption (IBE) is a public key cryptosystem on purpose to remove the traditional certificate management. How to realize efficient user revocation in the IBE is of great importance when considering its application. The drawback of most existing works is that the revoked user can still access the ciphertext prior to revocation. One possible solution proposed by Sun et al. is to evolve the ciphertext in the cloud. However, it is unfortunate that the master time key in their scheme is kept by the private key generator (PKG), which means it is sustained extra burden. In this article, we present an efficient revocable IBE with ciphertext evolution in the cloud‐assisted system and the ciphertext remains constant size. The cloud server keeps only one secret master time update key sent by the PKG in a private channel, and thus our scheme offers scalability. In the meantime, our detailed analysis demonstrates that our proposed scheme is semantically secure against ciphertext chosen attacks based on the k‐CAA problem and enjoys better efficiency in computation and communication costs compared with previous works.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.