Cloud-assisted electronic health records (EHRs) provide convenient medical services for patients by storing and analyzing medical data records in the cloud, but searching for sensitive data (e.g., identity, medical history) in the cloud conflicts with privacy protection requirements. Searchable encryption (SE) is a good cryptographic primitive for solving this conflict, which allows the user to store their encrypted data in the cloud and search them later in encrypted domain. However, the direct applications of most existing SE schemes in cloud-assisted EHRs may result in challenges, for example in terms of functionality, security and efficiency. In this paper, we propose BPVSE, a new verifiable and dynamic SE scheme for cloud-assisted EHR. BPVSE has the following advantages over existing approaches. First, leveraging blockchain and hash-proof chain, BPVSE allows the user to publicly verify the search result returned by the cloud without a trusted authority. Second, BPVSE supports dynamic datasets with forward and backward security, using our newly designed new hidden data structure. Third, BPVSE enables the user to launch parallel search with efficient encryption. We formally prove the security of the proposed BPVSE, and also conduct theoretical comparison and experimental evaluation to show its superiority of functionality, security, and efficiency.
Read full abstract