Attribute-based Encryption Supporting Access Policy Hiding In Smart Health

With the development of cloud computing technology and the progress of Internet of Things technology,the smart health service has become the focus of people’s attention because it can provide better diagnosis and treatment for patients.However,while smart health brings convenience,it also brings a series of security problems,such as data tampering,privacy leakage and so on.In the existing methods,the attribute-based encryption(ABE)that supports policy hiding can solve these problems effectively and can avoid the disclosure and tampering of confidential data while protecting the privacy of users.However,most of the schemes supporting policy hiding still have many problems,such as low decryption efficiency,the assumption of strong security dependence and no support for user/attribute revocation.To solve these problems,this thesis studies the attribute-based encryption that supports access policy hiding.The main work is as follows:Firstly,in view of the potential leakage risk of patient data in smart health system and the lack of computing resources storage resources of lightweight devices,a fully hidden attribute-based encryption scheme for lightweight devices is proposed.In the traditional ABE,the access policy specified by the encryptor is generally composed of some sensitive user attributes,which will lead to the disclosure of user privacy.Most of the existing solutions realize partial hiding of access policy,that is,the attribute is divided into attribute name and attribute value,but this only realizes the hiding of user specific attribute value.In order to solve the above problems,the scheme combines the inner product encryption technology with the attribute-based encryption scheme,and obscures the access policy and the user attribute set by transforming them into vectors,so that the access policy can be completely hidden.Furthermore,the scheme only needs a pair operation for the decryption test,that is,users can effectively check whether they are legitimate users and verify whether their attributes meet the access policy decryption requirements before full decryption.In addition,the scheme adopts online/offline encryption in the encryption stage,and outsources most of the heavy computing to the third-party cloud server in the decryption phase,which reduces the time cost of the client’s online computing.Based on DBDH assumption and DLIN assumption,it is proved that the scheme achieves IND-CPA security.The performance analysis shows that the proposed scheme has obvious advantages compared with the existing schemes.Secondly,in order to solve the problems in multi-user sharing mechanism such as inflexible access control,user revocation and lack of computing resources,an anonymous attribute-based dynamic broadcast encryption scheme supporting user revocation is proposed.In the scheme,the key is not only associated with the user identity index,but also with the user attribute.Only when the user identity index belongs to the authorized user group and the user attribute satisfies the policy,can the ciphertext be decrypted successfully.Moreover,the scheme based on the idea of broadcast encryption scheme proposed by Delerablee et al.,the scheme realizes the efficient user revocation function.The scheme uses the oblivious transfer protocol to realize the anonymity of the receiver and protect the privacy of the data user.In addition,the scheme supports fast decryption and reduces the decryption operation to a constant size,which effectively reduces the computing cost of the end user.Based on the static assumption of composite order group,the security analysis is given.Performance analysis shows that the computational efficiency of the proposed scheme is better than the existing schemes.