Skip to main content

Efficient Secure-Channel Free Public Key Encryption with Keyword Search for EMRs in Cloud Storage

Abstract

Searchable encryption is an important cryptographic primitive that enables privacy-preserving keyword search on encrypted electronic medical records (EMRs) in cloud storage. Efficiency of such searchable encryption in a medical cloud storage system is very crucial as it involves client platforms such as smartphones or tablets that only have constrained computing power and resources. In this paper, we propose an efficient secure-channel free public key encryption with keyword search (SCF-PEKS) scheme that is proven secure in the standard model. We show that our SCF-PEKS scheme is not only secure against chosen keyword and ciphertext attacks (IND-SCF-CKCA), but also secure against keyword guessing attacks (IND-KGA). Furthermore, our proposed scheme is more efficient than other recent SCF-PEKS schemes in the literature.

This is a preview of subscription content, access via your institution.

Fig. 1

References

  1. 1.

    Abdalla, M., Bellare, M., Rogaway, P.: DHIES: an encryption scheme based on the Diffie-Hellman problem. In: CT-RSA 2001, LNCS 2020. pp. 143–158 (2001)

  2. 2.

    Ateniese, G., Fu, K.V., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: Internet Society (ISOC): NDSS 2005. pp. 29–43 (2005)

  3. 3.

    Aviv, A.J., Locasto, M.E., Potter, S., Keromytis, A.D.: SSARES: Secure searchable automated remote email storage. In: ACSAC 2007. pp. 129–139 (2007)

  4. 4.

    Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: EUROCRYPT 2004, LNCS 3027. pp. 506–522 (2004)

  5. 5.

    Baek, J., Safavi-Naini, R., Susilo, W.: Public key encryption with keyword search revisited. In: ICCSA 2008, LNCS 5072. pp. 1249–1259 (2008)

  6. 6.

    Baek, J., Safavi-Naini, R., Susilo, W.: On the integration of public key data encryption and public key encryption with keyword search. In: ISW 2006, LNCS 4176. pp. 217–232 (2006)

  7. 7.

    Byun, J.W., Rhee, H.S., Park, H.A., Lee, D.H.: Off -line keyword guessing attacks on recent keyword search schemes over encrypted data. In: Proceedings of SDM 2006, LNCS 4165. pp. 75–83 (2006)

  8. 8.

    Coron, J.S.: On the exact security of full domain hash. In: Crypto 2000. LNCS 1880. pp. 229–235 (2000)

  9. 9.

    Chen, Y.-C., Horng, G., Lin, Y.-J., Chen, K.-C.: Privacy preserving index for encrypted electronic medical records. J. Med. Syst. doi:10.1007/s10916-013-9992-x (2013)

  10. 10.

    Chen, T.-S., Liu, C.-H., Cen, T.-L., Chen, C.-S., Bau, J.-G., Lin, T.-C., Secure dynamic access control scheme of PHR in cloud computing. J. Med. Syst. 36(6):4005–4020, 2012.

    Article  Google Scholar 

  11. 11.

    Chen, Y.-Y., Lu, J.-C., Jan, J.-K., A secure EHR system based on hybrid clouds. J. Med. Syst. 36(5): 3375–3384, 2012.

    Article  Google Scholar 

  12. 12.

    Chen, C.-L., Yang, T.-T., Chiang, M.-L., Shih, T.-F., A privacy authentication scheme based on cloud for medical environment. J. Med. Syst. 38(11), 2014. doi:10.1007/s10916-014-0143-9.

  13. 13.

    Chen, C.-L., Yang, T.-T., Shih, T.-F., A secure medical data exchange protocol based on cloud environment. J. Med. Syst. 38(9), 2014. doi:10.1007/s10916-014-0112-3.

  14. 14.

    Chen, Y., Zhang, J., Lin, D., Zhang, Z.: Generic constructions of integrated PKE and PEKS. Des. Codes Crypt. doi:10.1007/s10623-014-0014-x (2014)

  15. 15.

    Emura, K., Miyaji, A., Omote, K.: Adaptive secure-channel free public-key encryption with keyword search implies timed release encryption. In: ISC 2011, LNCS 7001. pp. 102–118 (2011)

  16. 16.

    Emura, K., Miyaji, A., Rahman, M.S., Omote, K.: Generic constructions of secure-channel free searchable encryption with adaptive security. IACR Cryptology ePrint Archive. Available at http://eprint.iacr.org/2013/321 (2013)

  17. 17.

    Emura, K., and Rahman, M.S.: Constructing secure-channel free searchable encryption from anonymous IBE with partitioned ciphertext structure. In: SECRYPT 2012. pp. 84–93 (2012)

  18. 18.

    Fernández-Cardeñosa, G., de la Torre-Díez, I., López-Coronado, M., Rodrigues, J.J.P.C., Analysis of cloud-based solutions on EHRs systems in different scenarios. J. Med. Syst. 36(6):3777–3782, 2012.

    Article  Google Scholar 

  19. 19.

    Fang, L.M., Susilo, W., Ge, C.P., Wang, J.D.: A secure channel free public key encryption with keyword search scheme without random oracle. In: CANS 2009, LNCS 5888. pp. 248–258 (2009)

  20. 20.

    Fang, L.M., Susilo, W., Ge, C.P., Wang, J.D., Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Inf. Sci. 238:221–241, 2013.

    Article  MathSciNet  Google Scholar 

  21. 21.

    Gentry, C.: Practical identity-based encryption without random oracles. In: EUROCRYPT 2006, LNCS 4004. pp. 445–464 (2006)

  22. 22.

    Kamara, S., and Lauter, K.: Cryptographic cloud storage. In: FC 2010, LNCS 6054. pp. 136–149 (2010)

  23. 23.

    Lai, J.Z., Deng, R.H., Liu, S.L.: Efficient CCA-secure PKE from Identity-based techniques. In: CT-RSA 2010, LNCS 5985, pp. 132–147 (2010)

  24. 24.

    Low, C., and Hsueh Chen, Y., Criteria for the evaluation of a cloud-based hospital information system outsourcing provider. J. Med.l Syst. 36(6):3543–3553, 2012.

    Article  Google Scholar 

  25. 25.

    Lu, C., Wu, Z., Liu, M., Chen, W., Guo, J., A patient privacy protection scheme for medical information system. J. Med. Syst. 37 (6), 2013. doi:10.1007/s10916-013-9982-z.

  26. 26.

    Mat Kiah, M.L., Nabi, M. S., Zaidan, B.B., Zaidan, A.A., An enhanced security solution for electronic medical records based on AES hybrid technique with SOAP/XML and SHA-1. J. Med. Syst. 37 (5), 2013. doi:10.1007/s10916-013-9971-2.

  27. 27.

    Rhee, H. S., Park, J. H., Susilo, W., Lee, D. H.: Improved searchable public key encryption with designated tester. In: ASIACCS 2009, ACM. pp. 376–379 (2009)

  28. 28.

    Rhee, H.S., Park, J.H., Susilo, W., Lee, D.H., Trapdoor security in a searchable public key encryption scheme against keyword guessing attacks. J. Syst. ans Softw. 6(5):237–243, 2010.

    Google Scholar 

  29. 29.

    Rhee, H.S., Park, J.H., Lee, D.H., Generic construction of designated tester public-key encryption with keyword search. Inf. Sci. Express 205(1):93–109, 2014.

    MathSciNet  Google Scholar 

  30. 30.

    Rhee, H.S., Susilo, W., Kim, H.J., Secure searchable public key encryption scheme against keyword guessing attacks. IEICE Electron. Express 83:763–771, 2009.

    Google Scholar 

  31. 31.

    Sun, J., and Fang, Y., Cross-domain data sharing in distributed electronic health record systems. IEEE Trans. Parallel Distrib. Syst. 21(6):754–764, 2010.

    Article  MathSciNet  Google Scholar 

  32. 32.

    Susilo, W., and Win, K.T., Security and access of health research data. J. Med. Syst. 31(2):103–107, 2007.

    Article  Google Scholar 

  33. 33.

    Wang, W., Xu, P., Li, H., Yang, L.T.: Secure hybrid-indexed search for high efficiency over keyword searchable ciphertexts. Future Gener. Comput. Syst. doi:10.1016/j.future.2014.07.008 (2014)

  34. 34.

    Waters, B.: Efficient identity based encryption without random oracles. In: EUROCRYPT 2005, LNCS 3494. pp. 114–127. Springer-Verlag (2005)

  35. 35.

    Yau, W.C., Heng, S.H., Goi, B.M.: Off-line keyword guessing attacks on recent public key encryption with keyword search schemes. In: ATC 2008, LNCS 5060. pp. 100–105 (2008)

  36. 36.

    Zhang, R., and Imai, H.: Generic combination of public key encryption with keyword search and public key encryption. In: CANS 2007, LNCS 4856. pp. 159–174 (2007)

  37. 37.

    Zhang, R., and Imai, H., Combining public key encryption with keyword search and public key encryption. IEICE Trans. 92-D(5):888–896, 2009.

    Google Scholar 

Download references

Acknowledgments

The authors would like to thank anonymous reviewers for their useful comments. We also thank Syh-Yuan Tan (Multimedia University) for his helpful discussions on Java implementation of the proposed scheme. L. Guo is supported by the National Science Foundation of China under Grant No. 61202365 and Technology Foundation for Selected Overseas Chinese Scholar, Department of Human Resources and Social Security of Shanxi Province. W.-C. Yau is partially supported by FRGS Grant (FRGS/1/2012/TK06/MMU/03/9).

Author information

Affiliations

Authors

Corresponding author

Correspondence to Wei-Chuen Yau.

Additional information

This article is part of the Topical Collection on Systems-Level Quality Improvement.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Guo, L., Yau, WC. Efficient Secure-Channel Free Public Key Encryption with Keyword Search for EMRs in Cloud Storage. J Med Syst 39, 11 (2015). https://doi.org/10.1007/s10916-014-0178-y

Download citation

Keywords

  • Electronic medical record
  • Cloud storage
  • Public key encryption
  • Keyword search
  • Keyword guessing attack
  • Standard model