Verifiable Attribute-based Keyword Search Encryption with Attribute Revocation for Electronic Health Record System

Abstract

Considering the security requirements of electronic health record (EHR) system, we propose a ciphertext-policy attribute-based encryption scheme, which can support data retrieval, result verification and attribute revocation. In the proposed scheme, we make use of the BLS signature technique to achieve result verification for attribute-based keyword search encryption. In addition, key encrypting key (KEK) tree and re-encryption are utilized to achieve efficient attribute revocation. By giving thorough security analysis, the proposed scheme is proven to achieve: 1) Indistinguishability against selective ciphertext-policy and chosen plaintext attack under the decisional q-parallel bilinear Diffie-Hellman exponent hardness assumption; 2) Indistinguishability against chosen-keyword attack under the bilinear Diffie-Hellman assumption in the random oracle model. Moreover, the performance analysis results demonstrate that the proposed scheme is efficient and practical in electronic health record system.