Anonymity-Enhanced Sequential Multi-Signer Ring Signature for Secure Medical Data Sharing in IoMT

Internet of Medical Things (IoMT) has garnered significant research attention from both academic and medical institutions. However, the sensitive medical data involved in IoMT raises security and privacy concerns. To mitigate these, ring signature has surfaced as a proper solution, which offers unforgeability and anonymity. Unfortunately, most multi-signer ring signature schemes require a predetermined number of signers and are difficult to adjust dynamically. Additionally, traditional ring signatures have limited adaptability for IoMT due to their reliance on a single entity. It is challenging to effectively define different signature permissions for users of various entities, such as patients and doctors. Therefore, research focusing on constructing a dynamic multi-signer ring signature for multi-party participation remains a critical and ongoing challenge. In this paper, we present ASMR, an anonymity-enhanced sequential multi-signer ring signature scheme for secure medical data sharing in IoMT. ASMR contains two different rings, PR and DR, for patients and doctors, respectively. It allows patients in PR to anonymously sign their electronic healthcare record (EHR) owned by doctors in DR, overcoming the reliance on a single entity in existing approaches while enhancing the anonymity of the signature. Meanwhile, ASMR introduces the concept of signature chaining, allowing multiple users in DR to co-sign information in sequence. In addition, it ensures that each generated signature is traceable, offering a transparent system. We also formally prove the security of ASMR in the random oracle model. Comprehensive performance evaluations indicate that ASMR excels in both computational and storage overhead. In the best case, computational overhead is reduced by approximately $4.7\times $ - $61.7\times $ , while storage overhead is reduced by approximately $26.7\times $ - $212.8\times $ compared to prior arts.