Multi-user certificateless public key encryption with conjunctive keyword search for cloud-based telemedicine
Introduction
Telemedicine is a new medical model that uses advanced communication and information technologies (i.e., computers, mobile devices) to realize the diagnosis, treatment, medicine education and other medical functions between experts and patients at a distance [1]. At present, the telemedicine technology has developed from early telephone remote diagnosis to real-time voice and video communication using the Internet anytime and anywhere, providing a broad prospect for the development of telemedicine. As such, it breaks the regional restrictions, not only can provide medical resources for remote areas, but also can improve medical service level in big cities [2]. Furthermore, it can reduce patients’ waiting time, avoid delayed diagnosis and misdiagnosis, and reduce medical expenses.
Along with the rapid development of telemedicine, it also faces many challenges, such as the storage issue of the huge electronic health records (EHRs) and the limited computing power of mobile medical monitoring devices. To address these issues, cloud-based telemedicine is emerging [3], which provides more affordable and efficient health services. Integrated with the powerful data storage capacity and the features of dynamic, scalable and pay-as-you-go service of cloud computing [4], [5], [6], cloud-based telemedicine not only provides users with convenient and high-quality services, but also reduces the burden of equipment maintenance. Fig. 1 shows the architecture for cloud-based telemedicine.
The cloud-based telemedicine brings great benefits to people, however, it also faces many serious threats especially the security and privacy issues. In a cloud-based telemedicine system, the EHRs data is outsourced to cloud server, and the users (i.e., doctors and patients) will lose physical control of these data. However, the server is not entirely trusted and may steal data for illegal commercial use. Therefore, ensuring data security and privacy is considered as a critical requirement [7], [8]. To enhance data security, data is usually stored on the server in ciphertext state. However, the ciphertext data will change the original structure, so the existing search algorithm for plaintext will no longer work for ciphertext.
The technology of searchable encryption (SE) can effectively realize the function of searching on ciphertext data without revealing any information of plaintext data. Song et al. [9] firstly proposed a SE scheme based on symmetric cryptography (SSE). Later, many SSE schemes have been proposed in an effort to balance security and efficiency [10], [11], [12]. The SSE algorithm has its own inherent advantages, such as fast operation and high performance. However, due to the symmetric nature of the secret key in SSE, the communicating parties must share a common secret key in advance, and each key can only used once for security. Therefore, the SSE schemes suffer from cumbersome key management issues, and are only suitable for single-user model, which limits its practical application. The reality is more of multi-user scenarios. For example, in a cloud-based telemedicine system, a patient may want to be diagnosed by more than one doctor, so he/she needs to share his/her EHRs with multiple doctors.
Motivation: To solve above issues, Boneh et al. [13] introduced the definition of PEKS and gave a PEKS instance. However, the proposed instance is not efficient in multi-user scenario. For example, when there are multiple receivers, the data sender needs to encrypt the same data multiple times using different receiver’s public key, which will consume huge computing and storage overhead. Recently, many PEKS schemes for multi-owner or multi-receiver system have been designed [14], [15], [16], [17]. Hwang et al. [14] developed a PEKS scheme that support conjunctive keyword search, and they extended their scheme to the multi-user scenario. Wang et al. [16] proposed an attribute-based keyword search scheme to achieve flexible access control in multi-user system.
However, these schemes are plagued by cumbersome certificate management or key escrow issues. To resolve these issues, the certificateless cryptosystem is introduced [18]. Recently, many certificateless PEKS (CLPEKS) schemes have been constructed [19], [20]. However, the previous CLPEKS schemes were unable to effectively support multi-keyword search and only considered the single receiver scenario, which cannot satisfy the realistic demand. Therefore, it is meaningful and challenging to develop a CLPEKS scheme that supports flexible search for multi-user system.
The main research contributions are summarized as follows.
- •
Firstly, we design a new mCLPECK scheme, which supports conjunctive keyword search and is suitable for multi-user scenarios.
- •
Secondly, we show mCLPECK is semantically secure under the random oracle model.
- •
Finally, we provide the performance evaluation, and evaluation results indicate that mCLPECK has better performance.
Section 2 and Section 3 present some related references and preliminary backgrounds, respectively. Section 4 presents the concrete construction of the mCLPECK scheme. Section 5 and Section 6 provide the security and efficiency analysis for mCLPECK. We conclude this paper in Section 7.
Section snippets
Related work
To achieve data sharing between users, Boneh et al. [13] designed a PEKS scheme, which considered the e-mail system with three entities (i.e., the sender named Bob, the receiver named Alice, and the e-mail server). As shown in Fig. 2, Bob encrypts the e-mail files (i.e., ) and the keywords extracted from the files (i.e., ). Then, Bob uploads to the server. Alice generates the trapdoor for keyword to be queried with his own private key,
Background
We present some notations used in this paper (see Table 1).
The construction of mCLPECK
This section presents the detail construction of mCLPECK, which includes seven algorithms.
- •
Setup: KGC inputs a security parameter and chooses a bilinear pairing : . Let be a generator of . KGC selects four different collision–resistance hash functions: , , , . KGC selects randomly, and computes . KGC keeps secretly, and publishes the public parameters
- •
Security analysis
In this section, we present mCLPECK is semantically secure under the security model defined in Section 3.4.
Theorem 1 Suppose DLDHP is intractable, then mCLPECK is semantically secure under the chosen keyword attacks.
Theorem 1 can be derived from Lemma 1, Lemma 2.
Lemma 1 There is an algorithm that can break the DLDHP assumption if can break the mCLPECK scheme.
Proof Let the maximum number of queries for the trapdoor is . The next, we will present that if can break the scheme in Section 4 with the probability
Performance analysis
We present the efficiency comparison of mCLPECK and the related PECK schemes proposed in [31]. To achieve the security level of 1024-bit RSA algorithm, a Tate pairing : is used in the implementation, where with order is generated by a point on a super-singular curve , and are 512-bit and 160-bit prime numbers respectively.
Conclusion
The telemedicine system combines telecommunication technology, new electronic technology and computer multimedia technology to provide patients with telemedicine diagnosis and other medical services. With the gradual maturity of telemedicine technology, it has been gradually applied in many departments of medicine, such as radiology, dermatology, cardiology and neurology. However, as the wide application of telemedicine, it is inevitable to face various challenges, especially the big data
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgements
This work was supported by the National Natural Science Foundation of China (No. 61902111), the High-level talent Fund Project of Henan University of Technology, China (No. 2018BS052), the Project funded by China Postdoctoral Science Foundation (No. 2020M670223), and the Open Fund Project of Key Laboratory of Grain Information Processing and Control (Henan University of Technology, China ), Ministry of Education (No. KFJJ-2016-107).
References (41)
- et al.
An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks
Inform Sci
(2017) - et al.
Telemedicine technology: a review of services, equipment, and other aspects
Curr Allergy Asthma Rep
(2018) - et al.
Telemedicine: Its effects on health communication
Health Commun
(2007) - et al.
Telemedicine in the cloud era: Prospects and challenges
IEEE Pervasive Comput
(2015) - et al.
Achieving simple, secure and efficient hierarchical access control in cloud computing
IEEE Trans Comput
(2016) - et al.
Two-factor data access control with efficient revocation for multi-authority cloud storage systems
IEEE Access
(2017) - et al.
A secure authenticated and key exchange scheme for fog computing
Enterpr Inf Syst
(2020) - et al.
A review on the state-of-the-art privacy-preserving approaches in the e-health clouds
IEEE J Biomed Health Inf
(2014) - et al.
Provably secure group key management approach based upon hyper-sphere
IEEE Trans Parallel Distrib Syst
(2014) - et al.
Practical techniques for searches on encrypted data
Practical backward-secure searchable encryption from symmetric puncturable encryption
Publicly verifiable searchable symmetric encryption based on efficient cryptographic components
Des Codes Cryptogr
Towards achieving keyword search over dynamic encrypted cloud data with symmetric-key based verification
IEEE Trans Dependable Secure Comput
Public key encryption with keyword search
Public key encryption with conjunctive keyword search and its extension to multi-user system
Privacy preserving ranked multi-keyword search for multiple data owners in cloud computing
IEEE Trans Comput
A ciphertext-policy attribute-based encryption scheme supporting keyword search function
Searchable attribute-based mechanism with efficient data sharing for secure cloud storage
IEEE Trans Inf Forensics Secur
Certificateless public key cryptography
Certificateless public key encryption with keyword search
China Commun
Cited by (17)
Blockchain-enabled one-to-many searchable encryption supporting designated server and multi-keywords for Cloud-IoMT
2024, Journal of Systems ArchitectureEfficient secure channel free identity-based searchable encryption schemes with privacy preserving for cloud storage service
2024, Journal of Systems ArchitectureCertificate-based authenticated encryption with keyword search: Enhanced security model and a concrete construction for Internet of Things
2024, Journal of Information Security and ApplicationsA certificateless authenticated searchable encryption with dynamic multi-receiver for cloud storage
2023, Computer CommunicationsA designated tester-based certificateless public key encryption with conjunctive keyword search for cloud-based MIoT in dynamic multi-user environment
2023, Journal of Information Security and ApplicationsCitation Excerpt :For an easy understanding of the CLPEKS scheme, we offer the following steps : This section describes a dCL-PECK scheme, an extension of the mCLPECK [47] scheme to support the dynamic addition and revocation of the data receiver. The dCL-PECK scheme allows anyone to encrypt a keyword set using the selected group of recipient’s public keys.
A designated cloud server-based multi-user certificateless public key authenticated encryption with conjunctive keyword search against IKGA
2022, Computer Standards and InterfacesCitation Excerpt :The evaluation of the computation cost of each algorithm (i.e., Keygen, Encryption, Trapdoor, Test) by using some basic operations is shown in Table 3. Using the exact execution time reported [60] for these operations can make comparisons more likely. To run the basic operations, they used the MIRACL library [68] on Lenovo personal computer with Windows 10 operating system, I5-8250U 1.60 GHz processor and 8 GB memory.