A Lightweight CP-ABE Scheme for EHR Over Cloud Based on Blockchain and Secure Multi-Party Computation

Abstract

With the growth of cloud computing and the popularity of electronic health records (EHR), more and more patients and hospitals are uploading EHR to the cloud for storage, retrieval and organization. Due to the privacy of EHR, cloud-based EHR systems need to protect data security and provide access control, and attribute-based encryption (ABE) is the appropriate technology. Nevertheless, traditional single-center ABE schemes do not conform to the collaborative scenario of electronic health care, and some of them do not support real-time attribute update. Consequently, this paper proposes a lightweight CP-ABE scheme for EHR over cloud based on blockchain and secure multi-party computation (LCBS). First, we introduce the model of multi-authority and innovatively apply secure multi-party computation to initialize the system, which maintains normal system operation while the power is decentralized. Second, we deploy a blockchain suitable for EHR systems to record the users' key information, assisting multiple entities to verify the key at different stages and protecting the EHR from illegal acquisition. In addition, our scheme supports lightweight attribute update, which requires small amount of computational overhead to achieve instant attribute update. Finally, through formal security analysis and simulation experiments of the LCBS system, it is shown that our scheme guarantees data security and improves computing efficiency.