SMKA: Secure multi-key aggregation with verifiable search for IoMT

Abstract

The Internet of Medical Things (IoMT) aggregates numerous smart medical devices and fully employs the collected health data to enhance patients’ experiences. In IoMT, patients generate various encryption keys and receive keyword information sent by data requesters to securely share selected health data, which increases the potential risk of key leakage. Besides, the cloud server may tamper with search results. The existing schemes did not consider that patients may inadvertently disclose the keyword information of data requesters. Additionally, these schemes entail a significant cost for verifying the search results. To deal with these challenges, we innovatively propose a secure multi-key aggregation (SMKA) scheme with verifiable search for IoMT. Firstly, the SMKA scheme is built upon key-aggregate searchable encryption, utilizing an oblivious search request and blockchain technology to achieve secure key aggregation. Secondly, a dual verifiable algorithm is integrated into the scheme to provide lightweight verification for the search results. The proposed scheme can achieve access control, requester privacy, accountability, and dual verification while ensuring secure search. Furthermore, the security analysis and proof have shown the effectiveness of the proposed protocol in achieving the intended security goals. Finally, the performance analysis indicates the significant feasibility and scalability of the proposed scheme.