Privacy-preserving decentralized ABE for secure sharing of personal health records in cloud storage

Abstract

Personal health record (PHR) system has become an important platform for health information exchange, in which patients can effectively manage and share personal health information in cloud storage. In general, all health information will be encrypted before they are uploaded to the cloud server. However, the cloud server is unreliable and the sensitive information of users may be disclosed in this process. The general encryption algorithm cannot protect both confidentiality and privacy of the uploaded information. Attribute-based encryption (ABE) provides a solution to it. In this paper, we propose a privacy-preserving decentralized ABE scheme for secure sharing of PHR based on Lewko and Waters′s scheme, in which an anonymous secret key issuing protocol is used to hide GIDs. This protocol can make the authorities generate the correct decryption key for users without knowing their GIDs. In addition, the one-way anonymous key agreement is used to hide the attributes in the access policy. The presented scheme keeps the security of the Lewko and Waters′s scheme and removes the random oracle. Finally, we show that the security of the proposed scheme is reduced to static assumptions based on dual system encryption instead of other strong assumptions.