Research On Attribute-based Encryption Method For Intelligent Medical Electronic Data Sharing

With the rapid development of science and technology,various kinds of communication and intelligent devices emerge one after another,which brings us a lot of convenience,especially improves the efficiency of medical services.Intelligent medical system provides an efficient data sharing and storage platform for patients and medical personnel.Data owners can use intelligent devices to share and store their medical data without limitation of time and space.However,because medical data contains various physiological data and identity information of patients,if the data is illegally accessed,data is leaked or tampered,may cause the privacy problem of the patient or misdiagnosis,endangering the patient’s life,so data security and privacy protection are the important problems of electronic medical data sharing.Ciphertext-policy attribute-based encryption(CP-ABE)has the characteristics of“one-to-many” data sharing and “fine-grained” access control,which is very suitable for multi-user sharing needs of medical system.Therefore,many scholars have carried out research on intelligent medical data sharing based on attribute encryption.However,there are still some problems in the existing research work,such as key leakage,access policy leakage,ciphertext too long,high encryption and decryption computation and data tampering.Aiming at these problems,this thesis studies the intelligent medical data sharing scheme based on attribute encryption,the specific work is as follows:(1)In cloud environment,an anonymous medical record sharing scheme is proposed,which uses decentralized hierarchical attribute-based encryption technology.In this scheme: firstly,decentralized multi-authority attribute encryption technology is adopted to avoid centralized attack on single authority,anonymous key generation mechanism is used to prevent multiple attribute authorities from tracking GID of users to obtain complete electronic medical data,which also protects the security of user key;secondly,hierarchical access tree is used to encrypt multiple files at one time,which greatly saves storage space and computing cost;thirdly,the access policy is hidden to prevent the privacy leakage of users;finally,the verification key and convergence key are used to realize the double verification of ciphertext to ensure the correctness and integrity of electronic medical data.(2)On the basis of the first scheme,a revocable medical record sharing scheme is proposed,which combines block chain technology and hierarchical attribute-based encryption technology.In this scheme: firstly,the decentralized blockchain system is used to replace the authority center to be responsible for parameter generation,key management and user revocation,and all revocation tasks are completed by blockchain,which reduces the re-encryption of user ciphertext and key updating;secondly,the complicated decryption operation is outsourced to reduce the burden of decryption;finally,in order to ensure the correctness and integrity of medical information,the decrypted plaintext information is double verified.The security of the two schemes proposed in this thesis is proved under the DBDH assumption,and the analysis results show that the schemes satisfy the requirements of anti-collusion attack,non-forgery,privacy protection and integrity verification of shared data.