In hospital information systems, large volumes of electronic diagnostic records (EDRs) take up most of the storage space. While cloud server providers can reduce the local storage burden on hospitals and provide data-sharing services, the potential threat of sensitive data leakage and non-traceability of diagnoses prevents hospitals from uploading patients' diagnostic records to remote cloud servers directly. Therefore, to address security and traceability issues, we propose a new construction of post-quantum secure signcryption scheme with a designated equality test based on lattices (LB-SCDET) in this paper. Our LB-SCDET scheme allows a designated tester to perform equality tests on signcrypt-ciphertexts of EDRs without leaking what the EDRs actually are. Compared to the recent LB-SCET scheme proposed by Le et al., our LB-SCDET scheme implements a designated mechanism and is secure against offline message recovery attacks (OMRA). The comparison shows that our scheme enjoys a higher level of security, albeit the ciphertext size is slightly larger. Finally, we prove the scheme to be secure under the hardness of the Learning-with-Errors problem and unidirectionality of the Short-Integer-Solution problem. To be of independent interest, we show that the LB-SCET scheme fails to achieve the claimed IND-CCA security.
Read full abstract