Author:
Yuan Ke,Cheng Ziwei,Chen Keyan,Wang Bozhen,Sun Junyang,Zhou Sufang,Jia Chunfu
Abstract
AbstractElectronic health record (EHR) cloud system, as a primary tool driving the informatization of medical data, have positively impacted both doctors and patients by providing accurate and complete patient information. However, ensuring the security of EHR cloud system remains a critical issue. Some patients require regular remote medical services, and controlling access to medical data involving patient privacy during specific times is essential. Timed-release encryption (TRE) technology enables the sender to preset a future time T at which the data can be decrypted and accessed. It is a cryptographic primitive with time-dependent properties. Currently, mainstream TRE schemes are based on non-interactive single time server methods. However, if the single time server is attacked or corrupted, it is easy to directly threaten the security applications of TRE. Although some research schemes “distribute” the single time server into multiple ones, they still cannot resist the single point of failure problem. To address this issue, we propose a multiple time servers TRE scheme based on Shamir secret sharing and another variant derived from it. In our proposed schemes, the data receiver does not need to interact with the time servers; instead, they only need to obtain the time trapdoors that exceed or equal the preset threshold value for decryption, which ensures the identity privacy of the data sender and tolerates partial downtime or other failures of some time servers, significantly improving TRE reliability. Security analysis indicates that our proposed schemes demonstrate data confidentiality, verifiability, anti-advance decryption, and robust decryption with multiple time trapdoors, making them more practical. Efficiency analysis indicates that although our schemes have slightly higher computational costs than most efficient existing TRE schemes, such differences are insignificant from a practical application perspective.
Funder
the Key Specialized Research and Development Program of Henan Province
the Basic Higher Educational Key Scientific Research Program of Henan Province
the Innovation Training Program for College Students of Henan province
the National Key Research and Development Program
the National Natural Science Foundation of China
the Fundamental Research Funds for the Central Universities of China
the Natural Science Foundation of Tianjin
Publisher
Springer Science and Business Media LLC