Research On Attribute Based Encryption For Personal Health Record System

The development of cloud storage technology and the popularity of mobile smart devices provide necessary conditions for the Personal Health Records(PHR)system.With the fast development and wide application of PHR system,its security has become an issue.For example,one patient's sensitive information stored on a cloud storage server is easily attacked by an adversary.How to ensure the storage security and the efficient sharing of sensitive information is important for the development of PHR system.Now,most researchers use Attribute Based Encryption(ABE)to solve the problem.However,there are still some problems in the current work.There is almost no research about the importance of weighted attributes.The length of the trace storage is too large.And the granularity of the revocation mechanism is too large.In order to solve the above problems,through the deep research on attribute based encryption and combined with the specific environment requirements of PHR,we proposes two attribute encryption schemes which are suitable for the PHR environment in this paper.In particular,we first propose a Multi-Authority Weighted Ciphertext-Policy Attribute Based Encryption.And then we give a Multi-Authority Traceable Ciphertext-Policy Attribute Based Encryption scheme with constant storage for traitor tracing.The main work of this paper is the two following aspects:Based on the existing scheme,we construct a Weighted Ciphertext-Policy Attribute Based Encryption scheme by introducing the idea of weight.In order to reduce the dependence on the trusted center,we improve the registration algorithm.And we adopted the technology of proxy re-encryption to get fine-grained attribute revocation,when an attribute is revoked,our scheme also has the advantage of reducing the amount of communication between the user and the attribute authority.In order to realize the verifiability of the outsourced decryption,the scheme utilizes the hash function,to guarantee the user's delete management of the file,we adding the file deletion process and using the signature algorithm.Through the security proof,it is proved that our schemes both achieve the safety of choose plaintext attack(CPA)security.Based on the existing scheme,we construct a multi-authority attribute based encryption scheme with constant tracking storage.In this scheme,the trusted center and the attribute authority manage the user's identity and attributes respectively,which reduces the dependence on the security of a single center.Using a probabilistic encryption scheme,user's id will be embedded in the private key,which can help us to achieve a constant length of tracking storage.It is proved that the scheme can achieve the CPA security under the standard model through the security proof.At the same time,it is proved that the scheme is fully traceable.it is proved that the scheme has a small tracking storage consumption.We can prove that the scheme has a constant tracking storage through the experimental simulation.