CN116861449A - Medical data searchable encryption system based on blockchain - Google Patents
Medical data searchable encryption system based on blockchain Download PDFInfo
- Publication number
- CN116861449A CN116861449A CN202310524743.8A CN202310524743A CN116861449A CN 116861449 A CN116861449 A CN 116861449A CN 202310524743 A CN202310524743 A CN 202310524743A CN 116861449 A CN116861449 A CN 116861449A
- Authority
- CN
- China
- Prior art keywords
- medical data
- encryption
- file
- public
- mdu
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004422 calculation algorithm Methods 0.000 claims description 69
- 238000000034 method Methods 0.000 claims description 23
- 238000013507 mapping Methods 0.000 claims description 6
- 238000010845 search algorithm Methods 0.000 claims description 6
- 238000007781 pre-processing Methods 0.000 claims description 3
- 230000001105 regulatory effect Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 description 13
- 238000010586 diagram Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 8
- 230000008901 benefit Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000004590 computer program Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 239000004744 fabric Substances 0.000 description 2
- 229940028444 muse Drugs 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- GMVPRGQOIOIIMI-DWKJAMRDSA-N prostaglandin E1 Chemical compound CCCCC[C@H](O)\C=C\[C@H]1[C@H](O)CC(=O)[C@@H]1CCCCCCC(O)=O GMVPRGQOIOIIMI-DWKJAMRDSA-N 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- SLXKOJJOQWFEFD-UHFFFAOYSA-N 6-aminohexanoic acid Chemical compound NCCCCCC(O)=O SLXKOJJOQWFEFD-UHFFFAOYSA-N 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H50/00—ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics
- G16H50/70—ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics for mining of medical data, e.g. analysing previous cases of other patients
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Bioethics (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Public Health (AREA)
- Biomedical Technology (AREA)
- Pathology (AREA)
- Epidemiology (AREA)
- Primary Health Care (AREA)
- Human Computer Interaction (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a medical data searchable encryption system based on a blockchain, which comprises a system initialization module, a medical data file encryption module, a medical data file updating module, a keyword search secret medical data module and a medical data and search request supervision module. The invention is based on the alliance chain and the public key searchable encryption structure, realizes the retrieval and supervision of the ciphertext medical data in a multi-user scene, and can realize the usability of the medical data while ensuring the safety and privacy of the data.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a medical data searchable encryption system based on a blockchain.
Background
The searchable encryption technique (Searchable Encryption, SE) enables a user to search for data in a ciphertext state, and is an important technical means for realizing the usability of medical data on the premise of ensuring security and privacy. In a searchable encryption system, the data owner stores encrypted data in a cloud server. In order to search for data containing the target keyword, the user needs to construct a search trapdoor and submit the search trapdoor to the cloud server, and the cloud server searches for the encrypted data through the trapdoor. Since the search trapdoor can only be constructed by authorized users, access control to the data users can be achieved.
Multiuser searchable encryption (Multi-User Searchable Encryption, MUSE) is an important research direction for SE, and has practical research significance. In MUSE, the data owner uploads data to the cloud server and wishes to share the data with multiple users. The data owner then authorizes a group of users to initiate a keyword search query and retrieve the corresponding file. Multi-user searchable encryption plays a critical role in facilitating data sharing, as compared to single-user searchable encryption (where only the data owner can query the data). The broadcast encryption technology (Broadcast Encryption, BE) can realize multi-user data sharing, and is suitable for a scene that data users are relatively fixed. In 2006, curtomola et al proposed a multi-user searchable encryption scheme based on broadcast encryption for the first time, using broadcast encryption to enable a data owner to share the same encrypted data with multiple users.
The blockchain technology is used as a decentralization calculation paradigm with public verifiability and tamper-proof characteristics, and can be applied to a searchable encryption technology to effectively solve the problem that a third party data search result is not credible. The intelligent contracts deployed in the blockchain can replace a third party server to execute a search function, and the intelligent integrated date automatically executes a search protocol according to a trigger condition to generate a correct result. The block link records the transaction result in an invariable account book, ensures the integrity of the transaction result, and does not require the data owner to further verify the result. Even if one or more nodes fail or are corrupted to be malicious adversaries, the correctness of the results will not be affected due to the fault tolerance of the blockchain consensus mechanism, which will make the system more reliable. In addition, the blockchain-based searchable encryption scheme can also implement some new features such as decentralization, fair exchange, and resistance to keyword guessing attacks.
The searchable encryption can ensure the data security and privacy of the medical data system and simultaneously give consideration to the availability of the data, however, in practical application, a search server may return a non-matched search result due to certain benefits or single-point faults, and the blockchain technology is taken as a decentralised calculation paradigm with public verifiability and tamper-proof characteristics, and can effectively solve the problem that the search result of a third party server is not credible in combination with the searchable encryption technology. However, the existing block chain-based searchable encryption scheme cannot guarantee forward and backward privacy and realize multi-user search function at the same time, and is difficult to be suitable for actual medical scenes.
Disclosure of Invention
The invention provides a medical data searchable encryption system based on a blockchain, which combines intelligent contracts in the blockchain to ensure the accuracy of search results, realizes the encryption storage of medical data files and the retrieval of ciphertext data with forward and backward privacy characteristics in a multi-user scene, and simultaneously supports the legitimacy supervision of ciphertext data and search requests.
To achieve the above object, the present invention discloses a blockchain-based medical data searchable encryption system, comprising:
a system initialization module for generating a public and private key pair (d) of system public parameters Param and a supervision SUP through a trusted authority TI sup ,Q sup ) Public and private key pair of medical data user MDUTI receives the public key certificate application of MDU, and the verification is passedIssuing a certificate to the MDU later;
the medical data encryption module is used for preprocessing the original medical data through an MDO of a medical data owner, encrypting the original medical data through a data encryption algorithm, and uploading the encrypted medical data to a blockchain through an intelligent contract, wherein the data encryption algorithm encrypts the original medical data based on system public parameters, a public key of an MDU and mapping;
the medical data searching module is used for generating trapdoors through the MDU based on system public parameters, the private key of the MDU and the searched keyword to obtain a search trapdoor, searching through the intelligent contract based on the system public parameters, the search trapdoor and the private key of the MDU to obtain a matched result set, then executing a decryption algorithm on the result set through the MDU to obtain a file index set, uploading the file index set to the MCS to obtain a related ciphertext set, and finally decrypting the related ciphertext set to obtain the original medical data.
In one embodiment, the system further comprises a medical data file update module, specifically for: aiming at a common user, setting keywords and state pointers, calculating updated state pointers to obtain an updated medical database, and adding or deleting data in the updated medical database by using a data encryption algorithm; aiming at a newly added authorized user, a new public-private key pair is generated for the newly added authorized user, an original broadcast ciphertext is obtained, and then an updating algorithm is executed to obtain a new vector, wherein the updating algorithm is based on a system public parameter Param, and the authorized user set { u } i′ } i′∈[1,n′] And public key thereofThe secret values r, s stored by the medical data owners, and the file index set updates the new authorized user vector.
In one embodiment, the method further comprises a medical data administration module, the module body comprising: sensitive word dictionary W based on given public parameter Param by regulatory agency * Private key d of SUP sup Public key set of supervision objectAnd executing a supervision algorithm, outputting a hash list H, and uploading the H to the blockchain through the intelligent contract to filter illegal requests.
In one embodiment, the system initialization module is specifically configured to:
the trusted authority TI generates a system public parameter Param based on given security parameters by using a system establishment algorithm, and generates a public-private key pair of the supervision department SUP and a public-private key pair of the medical data user MDU by using a key generation algorithm.
In one embodiment, the medical data encryption module is specifically configured to:
the medical data owner pre-processes the original medical data to obtain IND= { IND 1 ,ind 2 ,…,ind m },W={w 1 ,w 2 ,…,w D Sum of
Initializing Sigma, executingOutput->
Through intelligent contracts Uploading to a medical alliance chain MCB;
wherein IND represents a file index composed of all medical data, IND 1 、ind 2 And ind m Index of first medical data file, index of second medical data file and index of mth medical data file respectively, W represents keyword dictionary, W 1 、w 2 And w D Respectively represent the firstA first keyword, a second keyword, and a third keyword,the representation contains the keyword w k File index of->Representing a first index and a second index, respectively, containing keywords, Σ representing a keyword status pointer map stored by MDO, encrypt () representing a data encryption algorithm, +_a->Representing the public key set of the MDU, DB representing the database of all medical data, add representing the add-on file, EDB representing the file encryption index dataset stored on the blockchain, the file encryption index dataset being composed of encrypted medical data,/a->Representing status pointer +.>Cipher text reference and carrier storing encryption pointers, +.>Representing File index +.>Ciphertext reference of (a) and a carrier storing an encryption index, < >>Representing keyword w k A ciphertext reference and a carrier storing the encryption key.
In one embodiment, the medical data search module is specifically configured to:
MDU executionOutput search trapdoor->Wherein Trapdor () is Trapdoor generation algorithm which functions according to the input parameters Param, & lt/L>And w k Obtaining the keyword w k Is a trapdoor;
smart contract executionOutput matched result set RS (w k ) Wherein Search () is a Search algorithm that functions according to the keyword +.>Searching out a result set RS (w) successfully matched with the keyword from a file encryption index data set EDB stored on a blockchain k );
MDU executionOutputting a file index set I;
the MDU sends the I to a medical cloud server MCS, and the MCS returns a related ciphertext set C;
the MDU uses the decryption key to decrypt C and outputs the medical record file D to obtain the original medical data;
where Decrypt () is a decryption algorithm that functions according to the input parameters Param,w k And RS (w) k ) And obtaining a file index set I.
Compared with the prior art, the invention has the following advantages and beneficial technical effects:
1. compared with the traditional encryption mode, the method not only can ensure the storage safety of outsourced medical data, but also can give consideration to the usability of the data.
2. The intelligent contracts in the alliance chain Fabric are combined to effectively solve the problem that the third-party server search results are not credible, and the accuracy of the search results is ensured.
3. The method realizes ciphertext data retrieval in a multi-user scene by using a polynomial-based broadcast encryption technology, and supports legal supervision of ciphertext data.
4. Forward and backward privacy is achieved through a single-strand table data structure and a pseudo-random permutation function.
5. The key management and distribution operation is avoided, the user can independently generate the search trapdoor, the search trapdoor has high performance in the scene of frequently executing the search operation, and meanwhile, the alliance chain has great advantages in performance and cost compared with the public chain, so that the medical data system has high availability.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a model diagram of a blockchain-based searchable encryption scheme provided by an embodiment of the present invention;
FIG. 2 is a flowchart of a system establishment algorithm in the method according to the embodiment of the present invention;
FIG. 3 is a flowchart of a key generation algorithm in the method according to the embodiment of the present invention;
FIG. 4 is a flowchart of an implementation of a data encryption algorithm in a method according to an embodiment of the present invention;
FIG. 5 is a flowchart of an update algorithm implemented in a method according to an embodiment of the present invention;
FIG. 6 is a flowchart of an implementation of trapdoor generation algorithm in the method provided by the embodiment of the invention;
FIG. 7 is a flowchart of a search algorithm implemented in a method according to an embodiment of the present invention;
FIG. 8 is a flowchart of a decryption algorithm implemented in a method according to an embodiment of the present invention;
FIG. 9 is a flowchart of an implementation of a supervision algorithm in a method provided by an embodiment of the present invention;
fig. 10 is a frame diagram of a searchable encryption system for medical data in the method according to the embodiment of the present invention.
Detailed Description
Aiming at the technical problems that the existing block chain-based searchable encryption scheme cannot ensure forward and backward privacy and realize multi-user search function at the same time and is difficult to be suitable for practical medical scenes, the invention provides a block chain-based medical data searchable encryption system.
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Specific symbols involved in the present invention are described below:
kappa: a security parameter;
param: system common parameters
G 1 : addition group of order q
G 2 : multiplication group with order q
P: group G 1 Is a generator of (1)
e: from the slaveTo->Bilinear mapping of (a)
H/H: hash function
F,F -1 : pseudo-random permutation function
Pseudo-random permutation key
key: symmetric key for encrypting data
M max : maximum number of indexes containing keywords
(d sup ,Q sup ): public and private key pair of supervision party
(d u ,Q u ): public-private key pair of user u, public key
W: keyword dictionary w= { W 1 ,w 2 ,…}
IND: index ind= { IND of all files 1 ,ind 2 ,…}
OP: the add/delete operation op= { add, del } (add represents adding a file, del represents deleting a file)
Comprises keyword w k File index of->
Comprises keyword w k The number of files->
Sigma: keyword state pointer map Σ [ key ] =value stored by data owner
VI: version information for encrypted data set
Keyword w after c-th update k Status pointer of->Not involving in information storage
Status pointer->Ciphertext reference and carrier for storing an encryption pointer
File index->Ciphertext reference and carrier for storing an encryption index
Keyword w k Ciphertext reference and carrier for storing encrypted keywords
File->Is (are) encrypted index
EDB: file encryption index data set stored on blockchain
Keyword w k Search trapdoor of (a)
RS(w k ): trapdoorSearch results of (a)
Exclusive or operation
I: connection operation
DB: database for storing data
n: total number of initial authorized users
n': total number of new authorized users.
Referring to fig. 1, which is a model diagram of a blockchain-based searchable encryption method of the present invention, referring to fig. 2 to 9, which are specific algorithms of a blockchain-based searchable encryption scheme:
1. system set-up algorithm Setup (kappa)
(1) Giving a security parameter kappa;
(2) Calculating bilinear versus system parameters
(3) Selecting a secure hash function (H 0 ,H 1 ,H 2 ,H 3 ,H 4 ,h 1 ,h 2 ,h 3 ,h 4 ) Wherein, the method comprises the steps of, wherein,
(4) Selecting a pseudo-random permutation function F: {0,1} κ ×{0,1} κ →{0,1} κ Its inverse permutation function is F -1 ;
(5) Output common parameter param= (G) 1 ,G 2 ,q,P,e,H 0 ,H 1 ,H 2 ,H 3 ,H 4 ,h 1 ,h 2 ,h 3 ,h 4 ,F,F -1 )。
2. Key generation algorithm KeyGen (Param)
(1) Random generationCalculating the secret value D of the derived public key u =d u ·P;
(2) Given a public key of Q sup =d sup ·P;
(3) Random selectionCalculating the public key of the data consumer +.>
(4) Output public key
3. Data encryption algorithm
(1) Given the system public parameter Param, authorized data uses the party public keyDatabase DB, mapping Σ, encrypted data authorizing user { u } i } i∈[1,n] And its public key->
(2) Random selectionCalculating version information vi=r·p of the encrypted database;
(3) Random selectionConstruction polynomial->Let vector
Wherein z is i Is z in f (z) i Coefficients of (2);
(4) For each keyword W in the keyword set W k :
a) RetrievalIf the result is empty, let ∈ ->
b) Randomly generating pseudo-random permutation keysCalculate->
c) Updating a mapping
d) Given state pointerAnd a pair of encrypted filesThe key is called;
e) Calculation of
f) Computing encryption index
g) Calculation of
h) Trapdoor for calculating keyword wk to be stored
i) Calculation of
(5) Outputting an encrypted database
4. Updating algorithm
(1) Given the system parameter Param, update authorized user set u i′ } i′∈[1,n′] And public key thereofSecret values r, s saved by the data owner, set of file indices->
(2) Calculating a polynomial g (z) =f (z) -s;
(3) Calculating a new authorization polynomial
(4) Output vectorWherein z' i Is z in polynomial f' (z) i Is a coefficient of (a).
5. Trapdoor generation algorithm
(1) Given the public parameter Param, authorized user { u } i } i∈[1,n] And its private keyKeyword w k ;
(2) Computing user u i Secret value of (2)
(3) Obtaining version information vi=r·p of keyword wk, and calculating intermediate value
(4) Calculate H 0 (V) 0 ,H 0 (V) 1 ,…,H 0 (V) n ;
(5) Calculating secret values
(6) Output trapdoor
6. Search algorithm
(1) Given the public parameter Param, keyword w k Is searched for (a)Rope trapdoorAnd an encryption database EDB;
(2) Initializing empty sets
(3) Calculating keyword w k Ciphertext reference carrier
(4) Retrieving the storage keyword w from EDB k Is a carrier of encrypted keywordsIf it isIf the search is of T, the search is terminated and the search is returned to T>Otherwise, calculate status pointer ++>
(5) Calculating state pointersCiphertext reference vector->
(6) Retrieving a storage state pointer from an EDBCarrier of encryption pointers of->If->If the search is of T, the search is terminated and the search is returned to T>Otherwise, calculate +.>
(7) Computing file indexesCiphertext reference vector->
(8) Retrieving storage file indexes from EDBIs a carrier of encryption index of (a)
(9) Calculation of
(10) Order the
(11) Calculating the last updated state
(12) Order theTurning to step (6);
(13) After the loop is completed, a search result set RS (w k )。
7. Decryption algorithm
(1) Given the public parameter Param, authorized user { u } i } i∈[1,n] And its private keyResult set RS (w) k );
(2) Initializing empty file index sets
(3) For each of
a) Calculation of
b) If op=add, letOtherwise, not updating I;
(4) And outputting a set I, acquiring a data ciphertext from the cloud server according to the I, and decrypting by using a key to obtain a plaintext.
8. Supervision algorithm
(1) Given the public parameter Param, authorized user u i Public key of (a)Supervisor's private key d sup Sensitive word setW * ;
(2) Initializing a list of secret valuesAnd hash value list ++>
(3) For each u i ,i∈[1,n]:
a) Computing user u i Secret value of (2)
b) Calculating the Trapdor to obtain a secret value S in the steps (3) (4) (5), wherein S=S U < S >;
(4) For each s.epsilon.S, w k ∈W * :
a) Calculation of
b) Calculation ofLet->
c) Calculation of
d) Calculation of
(5) Output hash value list H (search supervision: search trapdoor T for DU generation w Matching with H list to achieve interception of illegal search requests) and set I (file supervision: access the CS using the file index in set I to locate the corresponding illegal file).
The searchable encryption system for medical data is designed on the basis of a searchable encryption scheme based on a blockchain, and mainly realizes the encryption storage and multi-user secure retrieval of medical data files, and simultaneously supports the legitimacy supervision of ciphertext data and search requests.
The embodiment of the invention provides a medical data searchable encryption system based on a blockchain, which comprises the following components:
a system initialization module for generating a public and private key pair (d) of system public parameters Param and a supervision SUP through a trusted authority TI sup ,Q sup ) Public and private key pair of medical data user MDUThe TI receives a public key certificate application of the MDU, and issues a certificate to the MDU after the verification is passed;
the medical data encryption module is used for preprocessing the original medical data through an MDO of a medical data owner, encrypting the original medical data through a data encryption algorithm, and uploading the encrypted medical data to a blockchain through an intelligent contract, wherein the data encryption algorithm encrypts the original medical data based on system public parameters, a public key of an MDU and mapping;
the medical data searching module is used for generating trapdoors through the MDU based on system public parameters, the private key of the MDU and the searched keyword to obtain a search trapdoor, searching through the intelligent contract based on the system public parameters, the search trapdoor and the private key of the MDU to obtain a matched result set, then executing a decryption algorithm on the result set through the MDU to obtain a file index set, uploading the file index set to the MCS to obtain a related ciphertext set, and finally decrypting the related ciphertext set to obtain the original medical data.
Referring to fig. 10, a frame diagram of a searchable encryption system for medical data is shown.
In one embodiment, the system further comprises a medical data file update module, specifically for: aiming at the common user, given keywords and state pointers, calculating updated state pointers to obtain an updated medical database, and then using a data encryption algorithm to the updated medical databaseIs added or deleted; aiming at a newly added authorized user, a new public-private key pair is generated for the newly added authorized user, an original broadcast ciphertext is obtained, and then an updating algorithm is executed to obtain a new vector, wherein the updating algorithm is based on a system public parameter Param, and the authorized user set { u } i′ } i′∈[1,n′] And public key thereofThe secret values r, s stored by the medical data owners, and the file index set updates the new authorized user vector.
The specific implementation steps of the medical data file updating module are as follows:
the updating mode for the common user is as follows:
a) Given keyword w' k Status pointer for a mobile communication device
b) Calculating state pointersOutput->Wherein->To contain the keyword w' k IND 'is the updated file index set, W' is the updated keyword dictionary;
c) CallingOr (b)Addition/deletion is performed.
The updating mode for the authorized user is as follows:
a) Generating a newly added MDU public-private key pair
b) Obtaining original broadcast ciphertextExecution->Output new vector +.>
In a specific implementation, the data encryption algorithm and the update algorithm employed in the module are as described in algorithm 3 and algorithm 4 above.
In one embodiment, the method further comprises a medical data administration module, the module body comprising: sensitive word dictionary W based on given public parameter Param by regulatory agency * Private key d of SUP sup Public key set of supervision objectAnd executing a supervision algorithm, outputting a hash list H, and uploading the H to the blockchain through the intelligent contract to filter illegal requests.
Specifically, the specific implementation process of the medical data supervision module is as follows:
(1) Given the disclosure parameter Param, sensitive word dictionary W * Private key d of SUP sup Public key set of supervision object
(2) SUP executionOutputting a hash list H;
(3) SUP uploads H to the medical alliance chain MCB via smart contracts to filter illegal requests.
In particular implementations, the supervisory algorithm employed in the module is as described above for algorithm 8.
In one embodiment, the system initialization module is specifically configured to:
the trusted authority TI generates a system public parameter Param based on given security parameters by using a system establishment algorithm, and generates a public-private key pair of the supervision department SUP and a public-private key pair of the medical data user MDU by using a key generation algorithm.
In particular implementations, the system set-up algorithm and key generation algorithm employed in this module are as described above for algorithm 1 and algorithm 2.
In one embodiment, the medical data encryption module is specifically configured to:
the medical data owner pre-processes the original medical data to obtain IND= { IND 1 ,ind 2 ,…,ind m },W={w 1 ,w 2 ,…,w D Sum of
Initializing Sigma, executingOutput->
Through intelligent contracts Uploading to a medical alliance chain MCB;
wherein IND represents a file index composed of all medical data, IND 1 、ind 2 And ind m Index of first medical data file, index of second medical data file and index of mth medical data file respectively, W represents keyword dictionary, W 1 、w 2 And w D Respectively represent a first keyword and a second keywordA number of keywords and a D-th keyword,the representation contains the keyword w k File index of->Representing a first index and a second index, respectively, containing keywords, Σ representing a keyword status pointer map stored by MDO, encrypt () representing a data encryption algorithm, +_a->Representing the public key set of the MDU, DB representing the database of all medical data, add representing the add-on file, EDB representing the file encryption index dataset stored on the blockchain, the file encryption index dataset being composed of encrypted medical data,/a->Representing status pointer +.>Cipher text reference and carrier storing encryption pointers, +.>Representing File index +.>Ciphertext reference of (a) and a carrier storing an encryption index, < >>Representing keyword w k A ciphertext reference and a carrier storing the encryption key.
In a specific implementation, the data encryption algorithm employed in this module is as described in algorithm 3 above.
In one embodiment, the medical data search module is specifically configured to:
MDU executionOutput search trapdoor->Wherein Trapdor () is Trapdoor generation algorithm which functions according to the input parameters Param, & lt/L>And w k Obtaining the keyword w k Is a trapdoor;
smart contract executionOutput matched result set RS (w k ) Wherein Search () is a Search algorithm that functions according to the keyword +.>Searching out a result set RS (w) successfully matched with the keyword from a file encryption index data set EDB stored on a blockchain k );
MDU executionOutputting a file index set I;
the MDU sends the I to a medical cloud server MCS, and the MCS returns a related ciphertext set C;
the MDU uses the decryption key to decrypt C and outputs the medical record file D to obtain the original medical data;
where Decrypt () is a decryption algorithm that functions according to the input parameters Param,w k And RS (w) k ) And obtaining a file index set I.
In a specific implementation, the trapdoor generation algorithm, the search algorithm, and the decryption algorithm used in the module are as described in algorithm 5, algorithm 6, and algorithm 7.
The correctness of the scheme algorithm proposed by the invention is analyzed as follows:
when generating search trapdoors, for broadcast polynomialsAuthorized user u i Private key +.>Calculating a secret value s:
after s is obtained, calculating a search trapdoorThe search can be performed according to trapdoors.
In ciphertext data supervision, the private key d of a given supervisor sup And a partial public key of an authorized userCalculate->The specific calculation steps are as follows:
/>
obtainingAfter that, the secret value s for searching and decrypting can be obtained by calculation as described above.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. compared with the traditional encryption mode, the method can ensure the storage safety of outsourced medical data and also consider the usability of the data by adopting the searchable encryption technology.
2. The problem that the third-party server search results are not credible is effectively solved by combining intelligent contracts in the alliance chain Fabric, and the accuracy of the search results is ensured.
3. The method realizes ciphertext data retrieval in a multi-user scene by using a polynomial-based broadcast encryption technology, and supports legal supervision of ciphertext data.
4. Forward and backward privacy is achieved through a single-strand table data structure and a pseudo-random permutation function.
5. The key management and distribution operation is avoided, the user can independently generate the search trapdoor, the search trapdoor has high performance in the scene of frequently executing the search operation, and meanwhile, the alliance chain has great advantages in performance and cost compared with the public chain, so that the medical data system has high availability.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims and the equivalents thereof, the present invention is also intended to include such modifications and variations.
Claims (6)
1. A blockchain-based medical data searchable encryption system, comprising:
a system initialization module for generating a public and private key pair (d) of system public parameters Param and a supervision SUP through a trusted authority TI sup ,Q sup ) Public and private key pair of medical data user MDUThe TI receives a public key certificate application of the MDU, and issues a certificate to the MDU after the verification is passed;
the medical data encryption module is used for preprocessing the original medical data through an MDO of a medical data owner, encrypting the original medical data through a data encryption algorithm, and uploading the encrypted medical data to a blockchain through an intelligent contract, wherein the data encryption algorithm encrypts the original medical data based on system public parameters, a public key of an MDU and mapping;
the medical data searching module is used for generating trapdoors through the MDU based on system public parameters, the private key of the MDU and the searched keyword to obtain a search trapdoor, searching through the intelligent contract based on the system public parameters, the search trapdoor and the private key of the MDU to obtain a matched result set, then executing a decryption algorithm on the result set through the MDU to obtain a file index set, uploading the file index set to the MCS to obtain a related ciphertext set, and finally decrypting the related ciphertext set to obtain the original medical data.
2. The blockchain-based medical data searchable encryption system as in claim 1, further comprising a medical data file update module, particularly for: aiming at the common user, given keywords and state pointers, calculating updated state pointers to obtain updated medical numbersThe database is used for adding or deleting the data in the updated medical database by using a data encryption algorithm; aiming at a newly added authorized user, a new public-private key pair is generated for the newly added authorized user, an original broadcast ciphertext is obtained, and then an updating algorithm is executed to obtain a new vector, wherein the updating algorithm is based on a system public parameter Param, and the authorized user set { u } i′ } i′∈[1,n′] And public key thereofThe secret values r, s stored by the medical data owners, and the file index set updates the new authorized user vector.
3. The blockchain-based medical data searchable encryption system of claim 1, wherein the method further comprises a medical data administration module, the module body comprising: sensitive word dictionary W based on given public parameter Param by regulatory agency * Private key d of SUP sup Public key set of supervision objectAnd executing a supervision algorithm, outputting a hash list H, and uploading the H to the blockchain through the intelligent contract to filter illegal requests.
4. The blockchain-based medical data searchable encryption system as in claim 1, wherein the system initialization module is specifically configured to:
the trusted authority TI generates a system public parameter Param based on given security parameters by using a system establishment algorithm, and generates a public-private key pair of the supervision department SUP and a public-private key pair of the medical data user MDU by using a key generation algorithm.
5. The blockchain-based medical data searchable encryption system as in claim 1, wherein the medical data encryption module is specifically configured to:
the medical data owner preprocesses the original medical data to obtain IND={ind 1 ,ind 2 ,…,ind m },W={w 1 ,w 2 ,…,w D Sum of
Initializing Sigma, executingOutput of
Through intelligent contracts Uploading to a medical alliance chain MCB;
wherein IND represents a file index composed of all medical data, IND 1 、ind 2 And ind m Index of first medical data file, index of second medical data file and index of mth medical data file respectively, W represents keyword dictionary, W 1 、w 2 And w D Respectively representing a first keyword, a second keyword and a D-th keyword,the representation contains the keyword w k File index of->Representing a first index and a second index, respectively, containing keywords, Σ representing a keyword status pointer map stored by MDO, encrypt () representing a data encryption algorithm, +_a->Representing the public key set of the MDU, DB representing the database of all medical data, add representing the add-on file, EDB representing the file encryption index dataset stored on the blockchain, the file encryption index dataset being composed of encrypted medical data,/a->Representing status pointer +.>Cipher text reference and carrier storing encryption pointers, +.>Representing file indexesCiphertext reference of (a) and a carrier storing an encryption index, < >>Representing keyword w k A ciphertext reference and a carrier storing the encryption key.
6. The blockchain-based medical data searchable encryption system as in claim 1, wherein the medical data searching module is specifically configured to:
MDU executionOutput search trapdoor->Wherein Trapdor () is Trapdoor generation algorithm which functions according to the input parameters Param, & lt/L>And w k Obtaining the keyword w k Is a trapdoor;
smart contract executionOutput matched result set RS (w k ) Wherein Search () is a Search algorithm that functions according to the keyword +.>Searching out a result set RS (w) successfully matched with the keyword from a file encryption index data set EDB stored on a blockchain k );
MDU executionOutputting a file index set I;
the MDU sends the I to a medical cloud server MCS, and the MCS returns a related ciphertext set C;
the MDU uses the decryption key to decrypt C and outputs the medical record file D to obtain the original medical data;
where Decrypt () is a decryption algorithm that functions according to the input parameters Param,w k And RS (w) k ) And obtaining a file index set I.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310524743.8A CN116861449A (en) | 2023-05-10 | 2023-05-10 | Medical data searchable encryption system based on blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310524743.8A CN116861449A (en) | 2023-05-10 | 2023-05-10 | Medical data searchable encryption system based on blockchain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116861449A true CN116861449A (en) | 2023-10-10 |
Family
ID=88232875
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310524743.8A Pending CN116861449A (en) | 2023-05-10 | 2023-05-10 | Medical data searchable encryption system based on blockchain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116861449A (en) |
-
2023
- 2023-05-10 CN CN202310524743.8A patent/CN116861449A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sukhodolskiy et al. | A blockchain-based access control system for cloud storage | |
| CN112019591B (en) | Cloud data sharing method based on block chain | |
| CN108418681B (en) | Attribute-based ciphertext retrieval system and method supporting proxy re-encryption | |
| CN108647964B (en) | Block chain data processing method and device and computer readable storage medium | |
| CN106330865B (en) | The attribute base keyword searching method efficiently cancelled and cloud computing application system are supported under cloud environment | |
| US20200404023A1 (en) | Method and system for cryptographic attribute-based access control supporting dynamic rules | |
| Li et al. | A searchable symmetric encryption scheme using blockchain | |
| CN107948146B (en) | Connection keyword retrieval method based on attribute encryption in hybrid cloud | |
| US20140344572A1 (en) | Secure cloud storage and synchronization systems and methods | |
| JP2019500645A (en) | Protecting SQL-based databases using cryptographic protocols | |
| CN108632385B (en) | Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure | |
| CN114048448A (en) | Block chain based dynamic searchable encryption method and device | |
| KR20130085491A (en) | Multi-user searchable encryption system with index validation and tracing and method thereof | |
| CN112989375B (en) | Hierarchical optimization encryption lossless privacy protection method | |
| CN114826703B (en) | Block chain-based data search fine granularity access control method and system | |
| CN110392038A (en) | The multi-key cipher that can verify that under a kind of multi-user scene can search for encryption method | |
| CN112365945A (en) | Block chain-based electronic medical record fine-grained access control and ciphertext searchable method | |
| CN105049196A (en) | Searchable encryption method of multiple keywords at specified location in cloud storage | |
| CN112000632B (en) | Ciphertext sharing method, medium, sharing client and system | |
| CN113098683B (en) | Data encryption method and system based on attributes | |
| CN108092766A (en) | A kind of cipher text searching method for verifying authority and its system | |
| CN115473715B (en) | Forward secure ciphertext equivalent test public key encryption method, device, system and medium | |
| CN106326666A (en) | Health record information management service system | |
| CN116663046A (en) | Private data sharing and retrieving method, system and equipment based on blockchain | |
| CN116611083A (en) | Medical data sharing method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |