Verifiable Multikeyword Search Encryption Scheme With Anonymous Key Generation for Medical Internet of Things

Abstract

The development of the Internet of Things (IoT) has given birth to new applications and services. Accordingly, because the IoT application system collects a large amount of data containing sensitive information, there are also new challenges in data security and privacy preservation. To locate the medical IoT (mIoT), this article proposes a multikeyword searchable encryption scheme based on attributes supporting the data privacy preservation and integrity verification of the electronic health files stored on the IoT cloud platform on the basis of ensuring the application business functions of mIoT: 1) to ensure data confidentiality and fine-grained search authorization, the attribute-based encryption mechanism is introduced to encrypt the symmetric key. Moreover, anonymous key generation tampers semitrusted center authority’s (CA) decryption of all ciphertexts of users and access policy is hidden to prevent access policy from leaking; 2) the convergence key is adopted to encrypt electronic health records (EHRs), thereby providing double verification of the correctness of the search results and partial decryption results; 3) a time-division mechanism is also established to provide the access validity of shared EHRs; and 4) fixed length ciphertext and outsourcing decryption mechanisms are used to reduce the calculation on the user side, in which the majority of the decryption calculations are done by the cloud server. Formal proofs and performance evaluation show that the proposed scheme can achieve data security, keyword security, integrity verification, hidden policy, and collusion resistance, and has high computational efficiency and search efficiency.