Research On Updatable And Anonymous Attribute-based Encryption Algorithms

As the core of cloud computing,cloud storage has a series of advantages of shared resources,low management cost,expansibility and so on,so it can provide data user with efficient and fast storage and computing services.Electronic medical system can help patients access,manage,and share their health data,which is beneficial to predict a variety of diseases and improve the quality of medical services.With the growing scale of existing medical data,the development of electronic medical system based on cloud storage platform is also increasingly rapid.However,there exist some cloud security problems in an electronic medical system based on cloud storage,such as data confidentiality and flexible access control.Attribute-based encryption,as a cryptographic primitive,can achieve a fine-grained access control for health data.Thus,the above problems are effectively solved,so it is more suitable for electronic medical system.A series of researches have been made in the existing attribute-based encryption algorithms for electronic medical system,but there still exist some new challenges in access control,such as policy privacy disclosure,dynamic policy update and illegal policy alteration.Specifically,access policy in a form of plaintext maybe reveal privacy information located in the access policy.Real-time sharing of data requires a flexible access structure encryption.Data user change access policy maliciously,which results in the disclosure of information and thus the authenticity of the access policy needs a third party to be verified.In view of these problems,the main contributions can be summarized as follows:(1)We propose an efficient algorithm with policy hidden and policy update,which is a CP-ABE algorithm with full policy hiding and flexible data sharing in PHRs.In the algorithm,the attribute information in the access policy is completely hidden by a randomization technique,and an attribute location mechanism based on attribute bloom filter is used to locate the attribute position.The decryption algorithm is effective based on whether the user attribute set matches the access policy.In addition,data owner generates an additional transforming key for the PHR cloud to change access policy dynamically.Under the standard model,the proposed algorithm is proved to be IND-CPA secure under the decisional q-BDHE assumption.Finally,the performance comparisons with the existing algorithms show that the proposed algorithm is practical in electronic medical system.(2)We construct a CP-ABE algorithm with policy hidden and policy validation,which can ensure that the attribute located in an access policy is completely hidden and the access policy has not been tampered in S-Health.In particular,an entire attribute in the structure is randomized,and we restore the attribute by utilizing attribute Cuckoo filter.At the same time,the proposed algorithm introduces a third party to check whether the access structure in the ciphertext is consistent with the predefined access structure.Later on,under the standard model,we prove that the proposed algorithm is selectively secure based on the q-parallel BDHE assumption.Finally,the performance comparison and experimental results show that the proposed algorithm is feasible and efficient for S-Health.