A secure and efficient electronic medical record data sharing scheme based on blockchain and proxy re-encryption

Abstract

With the rapid development of the Internet of Medical Things (IoMT) and the increasing concern for personal health, sharing Electronic Medical Record (EMR) data is widely recognized as a crucial method for enhancing the quality of care and reducing healthcare expenses. EMRs are often shared to ensure accurate diagnosis, predict prognosis, and provide health advice. However, the process of sharing EMRs always raises significant concerns about potential security issues and breaches of privacy. Previous research has demonstrated that centralized cloud-based EMR systems are at high risk, e.g., single points of failure, denial of service (DoS) attacks, and insider attacks. With this motivation, we propose an EMR sharing scheme based on a consortium blockchain that is designed to prioritize both security and privacy. The interplanetary file system (IPFS) is used to store the encrypted EMR while the returned hash addresses are recorded on the blockchain. Then, the user can authorize other users to decrypt the EMR ciphertext via the proxy re-encryption algorithm, ensuring that only authorized personnel may access the files. Moreover, the scheme attains personalized access control and guarantees privacy protection by employing attribute-based access control. The safety analysis shows that the designed scheme meets the expected design goals. Security analysis and performance evaluation show that the scheme outperforms the comparison schemes in terms of computation and communication costs.