Efficient Partially Policy-Hidden CP-ABE for IoT Assisted Smart Health

Abstract

With the rapid advancements of Internet of Things (IoT) technologies, wearable devices assisted cloud-based smart health (s-health) has become the promising solution to improve the quality and convenience of healthcare. However, the privacy preserving and data security has not been perfectly addressed. In past few years, ciphertext-policy attribute-based encryption (CP-ABE) proposed as a flexible and powerful cryptographic primitive to realize one-to-many encryption and fine-grained access control has been regarded as a promising solution to the security problem in cloud. But in traditional CP-ABE, the attribute values in access policy are presented in cleartext. This will easily divulge the privacy of the data owners (patients). So in this paper, we propose a efficient partially policy-hidden CP-ABE scheme (PPH-CP-ABE), which can effectively hide the attribute values in ciphertext to protect the sensitive information in access policy. Our access policy in our PPH-CP-ABE scheme can supports both AND and OR gates which is based on the Linear Secret Sharing Scheme (LSSS). And our PPH-CP-ABE scheme is more efficient and lightweight than the other CP-ABE schemes with hidden policies. Furthermore, we give a rigorous security proof and analysis to state that our scheme is selectively indistinguishable secure under chosen plaintext attacks (selectively IND-CPA secure) and resistant to the off-line dictionary attacks. Through comparison with the state-of-art schemes from the perspective of functionality and efficiency, it is easily to observe that our scheme is more practical, secure and efficient in the real s-health scenarios.