EPPFM: Efficient and Privacy-Preserving Querying of Electronic Medical Records With Forward Privacy in Multiuser Setting

Abstract

With the application of the Internet of Things (IoT) and cloud computing, the eHealthcare industry has developed markedly, attracting many patients to seek medical treatment in an eHealthcare system. However, for patients who first register in the system, due to lack of experience, an important aspect is to choose appropriate medical services. Considering the sensitivity of health care data and the semi-honest nature of the cloud server, it is a good solution to use searchable encryption (SE) to obtain some historical electronic medical records (EMRs) that are consistent with the patient's symptom keyword combination and have high service scores for reference. However, existing SE schemes still have issues meeting the requirements of the eHealthcare system for flexible authorization and revocation, efficiency, and forward privacy. To resolve these issues, we propose two efficient and privacy-preserving electronic medical records query schemes with forward privacy in a multiuser setting (EPPFM). First, we present the basic scheme EPPFM-I to achieve a multiuser multikeyword exact match query under linear search complexity. In EPPFM-I, we also use the pseudorandom function (PRF) to perform the function of forward privacy. Then, we use a bucket structure to construct the improved scheme EPPFM-II, which has a faster-than-linear search complexity. Finally, we use detailed security analysis and extensive simulations to show the security and efficiency of the proposed schemes, respectively.