Cloud computing is admired as a notable computing terminology in which facilities of the computing framework are rendered as aid over Internet services. In the era of cloud computing, lightweight devices can be used to afford remote e-healthcare, which facilitates the development of remote healthcare consultations, monitoring of patients’ health reports, and medical research. The downside of the cloud environment is that it does not support direct revocation with fine-grained access control over encrypted data by specifying access policies among ciphertexts and consumers’ secret-keys. Ciphertext Policy Attribute-Based Broadcast Encryption (CP-ABBE) can be deployed in a cloud computing environment to ensure fine-grained access control of outsourced data. In a CP-ABBE, consumers’ secret-keys are associated with attributes. Broadcaster encrypts the data concerning a subscriber set and an access policy. Legitimate consumers can recover the correct data if and only if the data file access policy satisfies the attributes associated with the consumers’ secret-keys. However, existing CP-ABBE schemes fail to withstand social engineering attacks, meaning that those are incapable of accomplishing consumers’ full anonymity as well as privacy of access policy, which are highly sensitive information in e-healthcare scenario. To mitigate these deficiencies, we introduce a new CP-ABBE, called privacy-preserving fully anonymous CP-ABBE, by tweaking an identity-based encryption framework over the most advanced and secure Type-3 bilinear pairings. In addition to being adaptively secure, our construction endures indistinguishable chosen-plaintext attack security under standard asymmetric decisional bilinear Diffie–Hellman assumption without using the random oracle model. In particular, the design is very efficient both in terms of parameter sizes and computation costs, as consumer secret-key and decryption time both are constant, and ciphertext-size is independent of access policy. The implementation and performance analysis of the protocol in opposition to existing works illustrate its effectiveness in providing healthcare services in the cloud environment.

云计算被视为一种著名的计算术语，其中将计算框架的设施呈现为Internet服务的辅助。在云计算时代，轻型设备可用于提供远程电子医疗保健，从而促进了远程医疗保健咨询的发展，对患者健康报告的监视以及医学研究的发展。云环境的不利之处在于，它不支持通过在密文和使用者的密钥之间指定访问策略来对加密数据进行细粒度访问控制的直接吊销。可以在云计算环境中部署基于密文策略属性的广播加密（CP-ABBE），以确保对外包数据进行细粒度的访问控制。在CP-ABBE中，消费者的密钥与属性相关联。广播公司对与订户集和访问策略有关的数据进行加密。当且仅当数据文件访问策略满足与使用者的秘密密钥关联的属性时，合法的使用者才能恢复正确的数据。但是，现有的CP-ABBE方案无法抵御社会工程学攻击，这意味着它们无法实现消费者的完全匿名性以及访问策略的隐私性，而这是电子医疗场景中高度敏感的信息。为了缓解这些缺陷，我们通过调整基于身份的加密，引入了一种新的CP-ABBE，称为隐私保护完全匿名CP-ABBE最先进，最安全的Type-3双线性配对的框架。除了具有自适应安全性之外，我们的构造还可以在标准非对称决策双线性Diffie-Hellman假设下，承受无法区分的选择明文攻击安全性，而无需使用随机Oracle模型。尤其是，该设计在参数大小和计算成本方面都非常有效，因为消费者密钥和解密时间都是恒定的，并且密文大小与访问策略无关。与现有工作相反的协议的实施和性能分析说明了该协议在云环境中提供医疗服务的有效性。