A privacy-preserving and efficient data sharing scheme with trust authentication based on blockchain for mHealth

Abstract

The mobile healthcare (mHealth) is a promising and fascinating paradigm, which can dramatically improve the quality of healthcare delivery by providing remote diagnosis and medical record sharing. Now, the mHealth faces serious challenges such as data leakage and unauthorised access currently. Attribute-based encryption (ABE) which has been employed for mHealth is an excellent cryptographic primitive of securing data sharing. However, there are still some security and efficiency issues in the ABE-based data sharing scheme for mHealth. Firstly, the explicit storage of access policy may expose the privacy of users. Secondly, the computation cost is high, especially in the mHealth with IoT devices. Thirdly, the authentication of access rights to shared data is usually performed by the centralised third parties or IoT devices with limited resources. To handle the above issues, this paper presents a privacy-preserving and efficient data sharing scheme. The scheme partially hides access policy to protect user's privacy, and introduces an offline mechanism in key generation and encryption phase to improve efficiency of mHealth. Furthermore, it also provides decentralised and trusted authentication of data access right based on blockchain. The security proofs and the experiment results demonstrate that the presented scheme has better security and efficiency.