CN114567465A - Searchable encryption method for classified medical data based on block chain - Google Patents
Searchable encryption method for classified medical data based on block chain Download PDFInfo
- Publication number
- CN114567465A CN114567465A CN202210144437.7A CN202210144437A CN114567465A CN 114567465 A CN114567465 A CN 114567465A CN 202210144437 A CN202210144437 A CN 202210144437A CN 114567465 A CN114567465 A CN 114567465A
- Authority
- CN
- China
- Prior art keywords
- data
- medical data
- ciphertext
- key
- owner
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 230000035945 sensitivity Effects 0.000 claims abstract description 13
- 238000010845 search algorithm Methods 0.000 claims description 22
- 238000004364 calculation method Methods 0.000 abstract description 4
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 238000013524 data verification Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/221—Column-oriented storage; Management thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Software Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a searchable encryption method for classified medical data based on a block chain, which comprises the following steps: step 1, initializing a system; step 2, key generation and user registration; step 3, generating and storing a ciphertext; step 4, generating a trap door; and 5, searching and sharing the ciphertext. The method can meet the search requirements of third-party data users on medical data with different sensitivity levels, improve the safety of the searchable encryption scheme and reduce the calculation and storage expenses.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a searchable encryption method for classified medical data based on a block chain.
Background
Medical data often contains a large amount of sensitive information, and data leakage can have serious consequences, so that a large amount of medical data is stored in a cloud server in an encrypted manner. Although the traditional cloud encryption storage mode reduces huge cost brought by local storage and can ensure the confidentiality of data, the problems of difficult retrieval of encrypted data, leakage risk of sensitive data in the data sharing process and the like also exist. The searchable encryption method can realize keyword search of the ciphertext on the premise of ensuring data security. In addition, different medical data has different sensitivities, and the sensitivity of medical data such as the identification number of a patient, a home address, a contact phone, and the like is the highest, while the sensitivity of medical data such as sex, personal preference, family history, and the like is relatively low. In practical applications, different data may be of interest to the user. For patients, when a data user wants to search for extremely sensitive personal information, the patient often wants to be able to create a search trapdoor only by himself. However, given the large computational burden of trapdoors on the patient side, it is contemplated that a physician may generate a search trapdoor when the data user searches for other less sensitive data.
In 2004, Boneh et al presented the concept of public key based searchable encryption (PEKS). Numerous searchable encryption schemes that support concatenated keyword queries, fuzzy keyword queries, wildcard keyword queries, etc. have then been proposed in succession. Most PEKS schemes heretofore have been vulnerable to keyword guessing attacks. In 2018, Wu et al constructed a secure and effective searchable public key encryption scheme using a DH shared key. Their schemes, while resistant to internal keyword guessing attacks and file injection attacks, are not resistant to online keyword guessing attacks and support multi-keyword searches. In 2020, Pakniat et al proposed a certificateless authenticated encrypted search scheme that supports multiple keyword searches. Although their solution provides an enhanced security model, the search efficiency is low. In recent years, with the development of blockchain technology, blockchain technology has been gradually applied to the medical field. The combination of the block chain technology and the searchable encryption well solves the problem of high dependence of the traditional third-party center. Wang et al have proposed a block chain-based personal health profile sharing scheme, and their scheme has adopted searchable encryption and attribute set encryption techniques to achieve keyword search and fine-grained access control, while also supporting verification of data integrity, but cannot share the public part and the private part in electronic medical records, respectively.
Therefore, it is urgently needed to provide a searchable encryption method for classified medical data based on a blockchain to solve the technical problem.
Disclosure of Invention
The invention aims to provide a block chain-based searchable encryption method for classified medical data, which can meet the search requirements of third-party data users on medical data with different sensitivity levels, improve the security of a searchable encryption scheme and reduce the calculation and storage costs.
In order to achieve the above object, the present invention provides a searchable encryption method for classified medical data based on blockchains, comprising:
step 1, initializing a system;
step 2, key generation and user registration;
step 3, generating and storing a ciphertext;
step 4, generating a trap door;
and 5, searching and sharing the ciphertext.
Preferably, step 1 comprises:
the trusted authority TA selects a bilinear map e G1×G1=GTTwo hash functionsAndand a symmetric encryption algorithm E (-) in which G1And GTAre all multiplications of prime order q, G1Is g; trusted authority TA publishes system parameter para ═ (G)l,GT,q,g,e,H1,H2,E(·))。
Preferably, step 2 comprises:
step 2a, randomly selecting trusted authority AComputing the public and private key pair of the data provider DP as { skp,pkp}={x,gx}; similarly, trusted authority A randomly selectsComputing the public and private key pair of the data owner DO as
Step 2b, the data owner DO willSent to the blockchain master node, wherein the IDiIs the unique identity of the data owner DO,is the public key of the data owner DO; the main node of the block chain returns the account address A to the data user DOiAnd will beRecording is carried out locally; at this point, the data owner DO completes the registration.
Preferably, in step 3, the data owner will (ID)i,Ai) Sent to the data provider DP, which generates the raw medical data M ═ M for the data owner DOl,MhAnd extracting MlAnd MhIs W ═ W1……wnW'1……w′nIn which M islFor less sensitive data, MhIs highly sensitive data; the data provider DP then encrypts the raw medical data and its set of keywords separately.
Preferably, step 3 comprises:
step 3a, the data provider DP calculates DH key between DP and DO by using Diffie-Hellman key agreement algorithmGenerating low-sensitivity data M by encrypting K as encryption keylIs encrypted by the encryption keyDP then generates low sensitivity data MlIs given as the set of keywords W ═ W1……wnC ofW=(A,B,C,{Di}i∈[1,n]);
Step 3b, the data provider DP uses the public key of the data owner DOGenerating highly sensitive data MhIs encrypted by the encryption keyThen, highly sensitive data M is generatedhIs equal to { W'1……w′nC ofW′=(A′,B′,C′,{D′j}j∈[1,n]);
To this end, the data provider obtains the original medical data ciphertextKey word ciphertext CWAnd CW′(ii) a Data owner DP ciphertext C of original medical dataMSending the data to a cloud server, and after the data is successfully stored, returning the storage position F of the original data ciphertext by the cloud server CSiThe data owner DO uses its own private key skoFor storage position FiSigned, after which the data owner DP will send the data package (C)W,CW′,(Fi).sig,IDi,DkH (M)) as a transaction to a blockchain network, where DkIs the signature of the data provider DP.
Preferably, step 4 includes that when the DU needs to search for a certain type of medical data, the DU sends a trapdoor request to a corresponding trapdoor producer
Step 4a, when the data user DU requests to search for the low-sensitivity medical data MlAt the time, a set of keywords to be searched is generated by the data provider DP or the data owner DOTrapdoor
Step 4b, when the data user DU requests to search for the highly sensitive medical data MhAt the time, the set of keywords to be searched can only be generated by the data owner DOTrapdoor
After the trapdoor is generated, the generator of the trapdoor will trap the trapdoorOrCurrent time t1、IDiAnd IDjAnd uploading to the intelligent contracts in the blockchain.
Preferably, step 5 comprises the third party data user DU sending an identity IDjRequesting the intelligent contract to execute the search algorithm, the intelligent contract firstly obtaining the current time stamp t2Judgment of t2-t1<Whether delta t is true or not, wherein delta t is the preset trap door effective time, if t is true2-t1<Δ t, the intelligent contract continues to execute the following search algorithm:
step 5a, inputting keyword index ciphertext CW=(A,B,C,{Di}i∈[1,n]) And trap doorRespectively calculateμ2C andthen determining mu1=μ2·μ3Whether the equation is established or not is judged, if the equation is established, the search algorithm is successfully executed; otherwise, the search algorithm fails to execute;
step 5b, inputting keyword index ciphertext CW′=(A′,B′,C′,{D′j}j∈[1,n]) And trap doorRespectively calculateμ′2Is equal to C' andthen judging mu'1=μ′2·μ′3Whether the equation is established or not is judged, if the equation is established, the search algorithm is successfully executed; otherwise, the search algorithm fails to execute;
when the search is successful, the master node of the block chain first utilizes the public key of the DOVerifying storage location FiAfter the signature is successfully verified, the block chain main node returns to the storage position F of the original medical data ciphertextiAnd account address a of data owner DOiAccount A to third party data user DUjIn the above, if the DU wants to obtain the original medical data of the DO, the DU may access the account a of the DOiAn access request is sent.
Preferably, in step 3a, first the data provider DP calculates the key between the data owner DO and the data provider DP according to the Diffie-Hellman key agreement algorithmEncrypting low-sensitivity medical data M by taking K as encryption keylObtaining a ciphertextThe data provider DP then randomly selectsCalculate A ═ e (g, g)ra、B=gr、AndwhereinLow-sensitivity medical data MlThe key word ciphertext is CW=(A,B,C,{Di}i∈[1,n]);
In step 3b, the data provider DP utilizes the dataPublic key of owner DOGenerating highly sensitive data MhIs encrypted byThen, data provider DP selectionAs a random number, a' ═ e (g, g) was calculatedr、Andhighly sensitive medical data MhThe key word ciphertext is CW′=(A′,B′,C′,{D′j}j∈[1,n])。
Preferably, the trapdoors of the trapdoor generation stage are generated by a designated trapdoor generator, and the highly sensitive medical data M are generated according to different sensitivity levels of the medical datahThe search trapdoor of (2) can only be generated by the data owner DO, while the less sensitive medical data MlThe search trapdoor(s) may be generated by a data provider DP, and is specifically implemented as:
in step 4a, when the third party data user DU searches for the hypo-sensitive medical data MlThe keyword set of the input search isFirst, the private key sk of the DP is used by the data provider DPpAnd the public key of the data owner DOOr the private key sk of the DO is used by the data owner DOoAnd the public key pk of DPpCalculating DH keysThen, followMachine selectionComputing Wherein a ═ H1(K)=H1(gxy) (ii) a The key word ciphertext is
In step 4b, when the third party data user DU searches the high sensitive medical data MhInputting a set of keywords to be searchedThe private key sk of the DO can only be used by the data owner DOoAnd the public key pk of DPpComputingAndthe key word cryptograph is
Preferably, in the ciphertext search and sharing stage, the DU sends a keyword search request to the blockchain, and after verifying the validity of the trapdoor, an intelligent contract deployed in the blockchain network starts to execute a search algorithm, where the specific search process is as follows:
in step 5a, when the low-sensitivity medical data M is searchedlTime, input keyword cipher text CW=(A,B,C,{Di}i∈[1,n]) Trap doorComputingμ2=C,Then determining mu1=μ2·μ3Whether the result is true or not; if the equality is established, the keyword to be searched is successfully matched with the ciphertext, and the intelligent contract returns to 'TRUE'; otherwise, returning to 'FALSE';
in step 5b, when the highly sensitive medical data M is searchedhTime, input keyword cipher text CW′=(A′,B′,C′,{D′j}j∈[1,n]) Trap doorComputingμ′2=C′,Then judging mu'1=μ′2·μ′3Whether the result is true or not; if the equality is established, the keyword to be searched is successfully matched with the ciphertext, and the intelligent contract returns to 'TRUE'; otherwise, "FALSE" is returned.
According to the technical scheme, the original medical data are stored in the cloud server in an encrypted manner, and the keyword ciphertext, the hash value of the original data and the data ciphertext storage position are uploaded to the block chain, so that the original medical data and the keyword ciphertext are not easy to be distorted, and the storage pressure of the block chain is effectively reduced; secondly, according to different sensitivities of the medical data, the invention mainly divides the medical data into two types: high sensitive data and low sensitive data, and two different public key searchable encryption schemes are respectively provided for the two types of data. The method and the device realize that the searched trapdoor can only be generated by a designated trapdoor producer, not only reduce the calculation cost of generating all the trapdoors by a data owner, but also meet different searching requirements of third-party data users; finally, the invention automatically executes the search algorithm by utilizing the intelligent contract, thereby not only ensuring the high efficiency and the accuracy of the search process, but also saving the search expense of the user; meanwhile, the intelligent contract judges whether the trapdoor is in the valid period or not by calculating the time difference, so that the time controllability of the trapdoor is realized.
Additional features and advantages of the invention will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a system block diagram of a blockchain-based method for searchable encryption of classified medical data according to the present invention;
FIG. 2 is a flow chart of system initialization and data encryption in the block chain-based classified medical data searchable encryption method provided by the present invention;
FIG. 3 is a flowchart of a trap request and keyword search in a blockchain-based classified medical data searchable encryption method provided by the present invention;
fig. 4 is a flowchart of an algorithm of the block chain-based classified medical data searchable encryption method provided by the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present invention, are given by way of illustration and explanation only, not limitation.
Referring to fig. 1, the present invention comprises six main bodies: the data owner DO, the data provider DP, the third party data user DU, the trusted authority TA, the block chain BC and the cloud server CS. Wherein the data owner DO has ownership of the medical data and is responsible for generating a search trapdoor of highly sensitive data for the third party data users DU. Meanwhile, the DO can authorize the DP of the data provider to encrypt the medical data of the DO; and the data provider DP is responsible for encrypting the original medical data and the keyword set, uploading the medical data ciphertext to the cloud server, and uploading the keyword ciphertext to the block chain. In addition, the DP is also responsible for generating search trapdoors for low sensitive data for third party data users DU; the third party data user DU mainly refers to a third party user interested in different medical data; the trusted authority TA is responsible for generating public and private key pairs for DO, DP and DU; the block chain BC stores the keyword ciphertext and is responsible for executing a keyword search algorithm; the cloud server is mainly responsible for storing original medical data ciphertexts uploaded by the DP.
Referring to fig. 2, the specific implementation of the system initialization and data encryption storage phase is as follows:
(1) a system initialization stage: the trusted authority TA selects a bilinear map e G1×G1=GTTwo hash functionsAndand a symmetric encryption algorithm E (-) in which G1And GTAre all multiplications of prime order q, G1Is g. Trusted authority TA publishes system parameter para ═ (G)l,GT,q,g,e,H1,H2,E(·))。
(2) And key generation and user registration stages:
(2a) trusted authority A random selectionPublic and private key pair of data provider DP is { skp,pkp}={x,gx}. Similarly, trusted authority A randomly selectsComputing the public and private key pair of the data owner DO as
(2b)DO willSent to the blockchain master node, wherein the IDiIs the global identity of the data owner DO,is the public key of the data owner DO. The main node of the block chain returns the account address A to the data user DOiAnd will beThe recording is local. At this point, the data owner DO completes the registration.
(3) Ciphertext generation and storage stage: the data provider DP generates the raw medical data M ═ M for the data owner DOl,MhAnd define MlAnd MhIs W ═ W1……wnW'1……w′nIn which M islFor less sensitive medical data, MhIs highly sensitive medical data. The data provider DP then encrypts the two sets of medical data and keywords with different sensitivities:
(3a) for low-sensitivity medical data MlFirst, the data provider DP computes the key between the data owner DO and the data provider DP according to the Diffie-Hellman key agreement algorithmEncryption of low sensitive data M using a shared secret key KlGenerating a ciphertextThe data provider DP is then the low-sensitivity data MlGenerating a keyword W ═ W1……wnC ofW=(A,B,C,{Di}i∈[1,n]) Wherein A ═ e (g, g)ra、B=gr、
(3b) For highly sensitive medical data MhFirst, the data provider DP uses the public key of the data owner DOEncrypting original medical data MhGenerating a ciphertextThe data provider DP is then the highly sensitive data MhGenerating a keyword W '═ { W'1……w′nC ofW′=(A′,B′,C′,{D′j}j∈[1,n]) Wherein a' ═ e (g, g)r、
After the ciphertext is generated, the data owner DP encrypts the original medical data ciphertextSending to the cloud server when CMAfter being successfully stored, the cloud server CS returns the storage position F of the original data ciphertextiThe data owner DO uses its own private key skoFor storage position FiSigned, after which the data provider DP will send the data package (C)W,CW′,H(M),(Fi).sig,IDi,Dk) Is sent as a transaction to the blockchain network, where DkIs the signature of the data provider DP, and h (m) is the hash value of the medical data. To this end, the original medical data ciphertext CMKeyword cryptograph (C) of medical data of different sensitivity levels successfully stored in cloudW,CW′) Medical data hash value H (M) and storage location (F)i).sigSuccessfully stored in the blockchain;
referring to fig. 3, the specific implementation of the trapdoor generation and keyword search phase is as follows:
(4) a trapdoor generation stage: when DU of data user needs to search for a certain type of medical data, DU sends trapdoor request to corresponding trapdoor producer
(4a) The method comprises the following steps When data user DU searches low sensitive medical data MlThe private key sk of the DP is used by the data provider DPpAnd the public key of the data owner DOOr the data owner DO utilizes the private key sk of the DOoAnd the public key pk of the data provider DPpGenerating a set of keywords to be searchedTrapdoorWherein a=H1(K)=H1(gxy);
(4b) The method comprises the following steps When data user DU searches high sensitive medical data MhIn this case, the private key sk of the data owner DO can only be used by the data owner DOoAnd the public key pk of the data provider DPpGenerating a set of keywords to be searchedTrapdoorWherein
After the trapdoor is generated, the generator of the trapdoor can enable the trapdoor to beOrCurrent time t1、IDiAnd IDjAnd uploading to the intelligent contracts in the blockchain.
(5) Ciphertext searching and sharing stage: after the trap door is searched and successfully uploaded, the data user sends a global identity IDjRequesting the intelligent contract to execute the search algorithm, the intelligent contract first obtaining the current time stamp t2Judgment of t2-t1<Whether delta t is established or not, wherein delta t is the preset effective time of the trap door, if t is established2-t1<Delta t, the intelligent contract continues to execute the following search algorithm, otherwise, the search algorithm fails to execute;
(5a) the method comprises the following steps The intelligent contract indexes the ciphertext C according to the known keywordsW=(A,B,C,{Di}i∈[1,n]) And trap doorTime, respectively calculateμ2C andthen determining mu1=μ2·μ3If the equation is established, outputting 'TRUE' by the intelligent contract to represent that the search algorithm is successfully executed, otherwise, outputting 'FALSE';
(5b) the method comprises the following steps Intelligent contracts are indexed according to known keywordsCiphertext CW′=(A′,B′,C′,{D′j}j∈[1,n]) And trap doorTime, respectively calculateμ′2C' andthen judging mu'1=μ′2·μ′3If the equality is established, the intelligent contract outputs 'TRUE' to indicate that the search algorithm is successfully executed, otherwise, outputs 'FALSE';
when the keywords to be searched are successfully matched, the block chain main node firstly carries out the matching according to the ID of the data user DOiFinding the public key of the corresponding data owner DOVerifying storage location FiAfter the signature is successfully verified, the main node of the block chain stores the storage position F of the original medical data ciphertextiAnd account address a of data owner DOiAccount A sent to third party data user DUjIn the above, if the DU wants to obtain the original medical data of the DO, the DU may access the account a of the DOiAn access request is sent.
Through the technical scheme, the original medical data are stored in the cloud server in an encrypted manner, and the keyword ciphertext, the hash value of the original data and the data ciphertext storage position are uploaded to the block chain, so that the original medical data and the keyword ciphertext are not easy to be distorted, and the storage pressure of the block chain is effectively reduced; meanwhile, according to different sensitivities of the medical data, the invention mainly divides the medical data into two types: high sensitive data and low sensitive data, and two different public key searchable encryption schemes are respectively provided for the two types of data. The method and the device realize that the trap door searching can only be generated by a designated trap door producer, not only reduce the calculation cost of generating all trap doors by a data owner, but also meet different searching requirements of third-party data users. Moreover, the invention automatically executes the search algorithm by utilizing the intelligent contract, thereby not only ensuring the high efficiency and the accuracy of the search process, but also saving the search expense of the user; meanwhile, the intelligent contract judges whether the trapdoor is in the valid period or not by calculating the time difference, so that the time controllability of the trapdoor is realized.
The preferred embodiments of the present invention have been described in detail with reference to the accompanying drawings, however, the present invention is not limited to the specific details of the above embodiments, and various simple modifications can be made to the technical solution of the present invention within the technical idea of the present invention, and these simple modifications are within the protective scope of the present invention.
It should be noted that the various technical features described in the above embodiments can be combined in any suitable manner without contradiction, and the invention is not described in any way for the possible combinations in order to avoid unnecessary repetition.
In addition, any combination of the various embodiments of the present invention is also possible, and the same should be considered as the disclosure of the present invention as long as it does not depart from the spirit of the present invention.
Claims (10)
1. A searchable encryption method for classified medical data based on a blockchain is characterized by comprising the following steps:
step 1, initializing a system;
step 2, key generation and user registration;
step 3, generating and storing a ciphertext;
step 4, generating a trap door;
and 5, searching and sharing the ciphertext.
2. The block chain based classified medical data searchable encryption method according to claim 1, wherein step 1 comprises:
3. The block chain based classified medical data searchable encryption method according to claim 1, wherein step 2 comprises:
step 2a, the trusted authority A randomly selectsComputing the public and private key pair of the data provider DP as { skp,pkp}={x,gx}; similarly, trusted authority A randomly selectsComputing the public and private key pair of the data owner DO as
Step 2b, the data owner DO willSent to the blockchain master node, wherein the IDiIs the unique identity of the data owner DO,is the public key of the data owner DO; the main node of the block chain returns the account address A to the data user DOiAnd will (ID)i,Ai) Recording locally; at this point, the data owner DO completes the registration.
4. The blockchain-based classified medical data searchable encryption method according to claim 1, wherein in step 3, the data owner will (ID)i,Ai) Sent to the data provider DP, which generates the raw medical data M for the data owner DOl,MhAnd extracting MlAnd MhIs W ═ W1……wnW'1……w′nIn which M islFor less sensitive data, MhData that is highly sensitive; the data provider DP then encrypts the raw medical data and its set of keywords separately.
5. The block chain based classified medical data searchable encryption method according to claim 4, wherein step 3 comprises:
step 3a, the data provider DP calculates DH key between DP and DO by using Diffie-Hellman key agreement algorithmGenerating low-sensitivity data M by encrypting K as encryption keylCipher text C ofMl(ii) a DP then generates low sensitivity data MlIs given as the set of keywords W ═ W1……wnC ofW=(A,B,C,{Di}i∈[1,n]);
Step 3b, the data provider DP uses the public key of the data owner DOGenerating highly sensitive data MhIs encrypted by the encryption keyThen, highly sensitive data M is generatedhIs equal to { W'1……w′nC ofW′=(A′,B′,C′,{D′j}j∈[1,n]);
To this end, the data provider obtains the original medical data ciphertextKey word ciphertext CWAnd CW′(ii) a Data owner DP ciphertext C of original medical dataMSending the data to a cloud server, and after the data is successfully stored, returning the storage position F of the original data ciphertext by the cloud server CSiThe data owner DO uses its own private key skoFor storage position FiSigned, after which the data owner DP will send the data package (C)W,CW′,(Fi)·sig,IDi,DkH (M)) as a transaction to a blockchain network, where DkIs the signature of the data provider DP.
6. The block chain based classified medical data searchable encryption method of claim 1, wherein step 4 comprises sending a trapdoor request to a corresponding trapdoor generator by a third party Data User (DU) when DU needs to search for a certain type of medical data, (bIDj):
Step 4a, when the data user DU requests to search for the low-sensitivity medical data MlAt the time, a set of keywords to be searched is generated by the data provider DP or the data owner DOTrapdoor
Step 4b, when the data user DU asksSearching for highly sensitive medical data MhAt the time, the set of keywords to be searched can only be generated by the data owner DOTrapdoor
7. The block chain based searchable encryption method for categorized medical data according to claim 1, wherein step 5 comprises third party data user DU sending identity IDjRequesting the intelligent contract to execute the search algorithm, the intelligent contract first obtaining the current time stamp t2Judgment of t2-t1If < Δ t is true, where Δ t is the preset trapdoor active time, if t2-t1< Δ t, the intelligent contract continues to execute the following search algorithm:
step 5a, inputting keyword index ciphertext CW=(A,B,C,{Di}i∈[1,n]) And trap doorRespectively calculateμ2C andthen theJudgment of mu1=μ2·μ3Whether the equation is established or not is judged, if the equation is established, the search algorithm is successfully executed; otherwise, the search algorithm fails to execute;
step 5b, inputting keyword index ciphertext CW′=(A′,B′,C′,{D′j}j∈[1,n]) And trap doorRespectively calculateμ′2Is equal to C' andthen judging mu'1=μ′2·μ′3If the equality is established, the search algorithm is successfully executed; otherwise, the search algorithm fails to execute;
when the search is successful, the master node of the block chain first utilizes the public key of the DOVerifying storage location FiAfter the signature is successfully verified, the block chain main node returns to the storage position F of the original medical data ciphertextiAnd account address a of data owner DOiAccount A to third party data user DUjIn the above, if the DU wants to obtain the original medical data of the DO, the DU may access the account a of the DOiAn access request is sent.
8. The blockchain-based searchable encryption method of classified medical data according to claim 5, wherein in step 3a, first, the data provider DP calculates a key between the data owner DO and the data provider DP according to a Diffie-Hellman key agreement algorithmEncryption with K as encryption key is desensitizedMedical sensing data MlObtaining a ciphertextThe data provider DP then randomly selectsCalculate A ═ e (g, g)ra、B=gr、AndwhereinLow-sensitivity medical data MlThe key word ciphertext is CW=(A,B,C,{Di}i∈[1,n]);
9. The blockchain-based searchable encryption method for classified medical data according to claim 6, wherein the trapdoors of the trapdoor generation stage are generated by designated trapdoor generators, and the highly sensitive medical data M is generated according to different sensitivity levels of the medical datahCan only be generated by the data owner DO, while less sensitive medical data MlThe search trapdoor(s) may be generated by a data provider DP, and is specifically implemented as:
in step 4a, when the third party data user DU searches for the hypo-sensitive medical data MlThe keyword set of the input search isFirst, the private key sk of the DP is used by the data provider DPpAnd the public key of the data owner DOOr the private key sk of the DO is used by the data owner DOoAnd the public key pk of DPpCalculating DH keysThen, randomly selectComputing Wherein a ═ H1(K)=H1(gxy) (ii) a The key word ciphertext is
In step 4b, when the number of the third party is less than the number of the first partySearching for highly sensitive medical data M from user DUhInputting a set of keywords to be searchedThe private key sk of the DO can only be used by the data owner DOoAnd the public key pk of DPpComputingAndthe key word ciphertext is
10. The block chain-based classified medical data searchable encryption method according to claim 7, wherein in the ciphertext searching and sharing phase, the DU sends a keyword search request to the block chain, and after verifying validity of the trapdoor, an intelligent contract deployed in a block chain network starts to execute a search algorithm, and the specific search process is as follows:
in step 5a, when the low-sensitivity medical data M is searchedlTime, input keyword cipher text CW=(A,B,C,{Di}i∈[1,n]) Trap doorCalculating outμ2=C,Then determining mu1=μ2·μ3Whether the result is true or not; if the equality is established, the keyword to be searched is successfully matched with the ciphertext, and the intelligent contract returns to 'TRUE'; otherwise, return "FALSE”;
In step 5b, when the highly sensitive medical data M is searchedhTime, input keyword cipher text CW′=(A′,B′,C′,{D′j}j∈[1,n]) Trap doorComputingμ′2=C′,Then judging mu'1=μ′2·μ′3Whether the result is true or not; if the equality is established, the keyword to be searched is successfully matched with the ciphertext, and the intelligent contract returns to 'TRUE'; otherwise, "FALSE" is returned.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210144437.7A CN114567465B (en) | 2022-02-17 | 2022-02-17 | Block chain-based classified medical data searchable encryption method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210144437.7A CN114567465B (en) | 2022-02-17 | 2022-02-17 | Block chain-based classified medical data searchable encryption method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114567465A true CN114567465A (en) | 2022-05-31 |
CN114567465B CN114567465B (en) | 2024-05-24 |
Family
ID=81713837
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210144437.7A Active CN114567465B (en) | 2022-02-17 | 2022-02-17 | Block chain-based classified medical data searchable encryption method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114567465B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114900318A (en) * | 2022-06-02 | 2022-08-12 | 浙江工商大学 | Key agreement protocol and verifiable round-of-communication searchable encryption method |
CN115314225A (en) * | 2022-08-08 | 2022-11-08 | 西南石油大学 | Electronic medical record sharing and verifiable system based on block chain |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014028524A1 (en) * | 2012-08-15 | 2014-02-20 | Visa International Service Association | Searchable encrypted data |
CN108200063A (en) * | 2017-12-29 | 2018-06-22 | 华中科技大学 | It is a kind of to can search for public key encryption method, system and server using this method |
US20190229906A1 (en) * | 2018-01-19 | 2019-07-25 | Huazhong University Of Science And Technology | Method of hybrid searchable encryption and system using the same |
CN111835500A (en) * | 2020-07-08 | 2020-10-27 | 浙江工商大学 | Searchable encryption data secure sharing method based on homomorphic encryption and block chain |
CN112417006A (en) * | 2020-11-30 | 2021-02-26 | 齐鲁工业大学 | Ciphertext keyword searching method, system, device and medium based on block chain |
CN112765650A (en) * | 2021-01-05 | 2021-05-07 | 西安电子科技大学 | Attribute-based searchable encryption block chain medical data sharing method |
CN113194078A (en) * | 2021-04-22 | 2021-07-30 | 西安电子科技大学 | Cloud-supported privacy protection sequencing multi-keyword search encryption method |
CN113407966A (en) * | 2021-06-25 | 2021-09-17 | 南京师范大学 | Searchable public key encryption method and system with key updating and ciphertext sharing functions |
CN113407627A (en) * | 2021-06-17 | 2021-09-17 | 安徽师范大学 | Intelligent medical network system based on block chain and medical data sharing method |
-
2022
- 2022-02-17 CN CN202210144437.7A patent/CN114567465B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014028524A1 (en) * | 2012-08-15 | 2014-02-20 | Visa International Service Association | Searchable encrypted data |
CN110086830A (en) * | 2012-08-15 | 2019-08-02 | 维萨国际服务协会 | The encrypted data that can search for |
CN108200063A (en) * | 2017-12-29 | 2018-06-22 | 华中科技大学 | It is a kind of to can search for public key encryption method, system and server using this method |
US20190229906A1 (en) * | 2018-01-19 | 2019-07-25 | Huazhong University Of Science And Technology | Method of hybrid searchable encryption and system using the same |
CN111835500A (en) * | 2020-07-08 | 2020-10-27 | 浙江工商大学 | Searchable encryption data secure sharing method based on homomorphic encryption and block chain |
CN112417006A (en) * | 2020-11-30 | 2021-02-26 | 齐鲁工业大学 | Ciphertext keyword searching method, system, device and medium based on block chain |
CN112765650A (en) * | 2021-01-05 | 2021-05-07 | 西安电子科技大学 | Attribute-based searchable encryption block chain medical data sharing method |
CN113194078A (en) * | 2021-04-22 | 2021-07-30 | 西安电子科技大学 | Cloud-supported privacy protection sequencing multi-keyword search encryption method |
CN113407627A (en) * | 2021-06-17 | 2021-09-17 | 安徽师范大学 | Intelligent medical network system based on block chain and medical data sharing method |
CN113407966A (en) * | 2021-06-25 | 2021-09-17 | 南京师范大学 | Searchable public key encryption method and system with key updating and ciphertext sharing functions |
Non-Patent Citations (3)
Title |
---|
丁晓晖: "智能合约辅助下满足前后向安全的动态可搜索加密方案", 计算机工程 * |
牛淑芬;刘文科;陈俐霞;王彩芬;杜小妮;: "基于联盟链的可搜索加密电子病历数据共享方案", 通信学报, no. 08 * |
闫玺玺;原笑含;汤永利;陈艳丽;: "基于区块链且支持验证的属性基搜索加密方案", 通信学报, no. 02 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114900318A (en) * | 2022-06-02 | 2022-08-12 | 浙江工商大学 | Key agreement protocol and verifiable round-of-communication searchable encryption method |
CN114900318B (en) * | 2022-06-02 | 2024-04-19 | 浙江工商大学 | One-round communication searchable encryption method based on key negotiation protocol and verifiable |
CN115314225A (en) * | 2022-08-08 | 2022-11-08 | 西南石油大学 | Electronic medical record sharing and verifiable system based on block chain |
Also Published As
Publication number | Publication date |
---|---|
CN114567465B (en) | 2024-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11973889B2 (en) | Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption | |
CN113194078B (en) | Sequencing multi-keyword search encryption method with privacy protection supported by cloud | |
JP4896537B2 (en) | Method and system for asymmetric key security | |
CN110224986A (en) | It is a kind of that access control method efficiently can search for based on hiding strategy CP-ABE | |
CN107948146B (en) | Connection keyword retrieval method based on attribute encryption in hybrid cloud | |
CN102187618B (en) | Method and apparatus for pseudonym generation and authentication | |
CN112365945B (en) | Electronic medical record fine granularity access control and ciphertext searchable method based on blockchain | |
CN114567465B (en) | Block chain-based classified medical data searchable encryption method | |
Su et al. | BA-RMKABSE: Blockchain-aided ranked multi-keyword attribute-based searchable encryption with hiding policy for smart health system | |
CN108390855A (en) | A kind of attribute base keyword search encryption system and method towards cloud storage | |
CN108171066A (en) | The cross-domain searching method of keyword and system in a kind of medical treatment cloud under secret protection | |
CN112511599B (en) | Civil air defense data sharing system and method based on block chain | |
CN111726363A (en) | Attribute-based multi-user connection keyword searchable encryption method | |
CN115021903B (en) | Electronic medical record sharing method and system based on blockchain | |
CN108092766A (en) | A kind of cipher text searching method for verifying authority and its system | |
CN114826703A (en) | Block chain-based data search fine-grained access control method and system | |
CN112532650A (en) | Block chain-based multi-backup safe deletion method and system | |
Fan et al. | Verifiable attribute-based multi-keyword search over encrypted cloud data in multi-owner setting | |
CN111159352B (en) | Encryption and decryption method supporting multi-keyword weighted retrieval and result ordering and capable of being verified | |
CN114139194A (en) | Privacy protection task allocation method based on task content | |
Yin et al. | Attribute-based multiparty searchable encryption model for privacy protection of text data | |
CN114142996B (en) | Searchable encryption method based on SM9 cryptographic algorithm | |
CN116663046A (en) | Private data sharing and retrieving method, system and equipment based on blockchain | |
CN115412259B (en) | Block chain-based cloud health system searchable proxy signcryption method and product | |
Nie et al. | Time‐enabled and verifiable secure search for blockchain‐empowered electronic health record sharing in IoT |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |