摘要
目的:提出一种单向多跳的身份基条件代理重加密(unidirectional multi-hop identity-based conditional proxy re-encryption,UMH-IB-CPRE)方案,以保障患者电子病历(electronic medical record,EMR)的安全性。方法:基于双线性映射和DBDH(decisional bilinear Diffie-Hellman)困难问题,提出了由系统建立、密钥生成、重加密密钥生成、一级加密、二级加密、重加密、一级解密和二级解密8个算法构成的UMH-IB-CPRE方案,并进行性能验证和一级密文、二级密文的安全性证明。结果:与其他加密方案相比,该方案在实现密文定长、非交互、抗同谋性等属性的基础上,还支持条件控制的代理重加密,且时间消耗少、运行成本低。一级密文、二级密文均满足CPA(chosen-plaintext attack)安全。结论:UMH-IB-CPRE方案在较好地保护用户(患者)隐私安全的前提下大大减少了运算成本,能够解决现实情况下用户隐私不安全和反复授权耗费巨大算力的问题,具有广泛的应用前景。
Objective To propose a unidirectional multi-hop identity-based conditional proxy re-encryption(UMH-IB-CPRE)scheme so as to ensure the safety of electronic medical record(EMR).Methods A UMH-IB-CPRE scheme was put forward with considerations on bilinear pairing and the difficulty of DBDH,which was composed of eight algorithms for system establishment,key generation,re-encryption key generation,first level encryption,second level encryption,re-encryption,first level decryption and second level decryption.The performance verification and the security proof of first-and second-level ciphertexts were carried out.Results When compared with other encryption schemes,the scheme proposed gained advantages in fixed-length ciphertext,non interaction,complicity resistance,conditional proxy re-encryption,time and cost consumption and etc.The first-and second-level ciphertexts both met the requirements for CPA security.Conclusion The UMH-IB-CPRE scheme greatly reduces the calculation cost under the premise of protection of user(patient)privacy security,and is worthy promoting for enhancing user privacy security and avoiding the waste of computing power due to repeated authorization.
作者
范春芳
卜婧
李文超
宋冬
熊虎
钟俊宏
吴佳欣
徐千寓
王振国
FAN Chun-fang;BU Jing;LI Wen-chao;SONG Dong;XIONG Hu;ZHONG Jun-hong;WU Jia-xin;XU Qian-yu;WANG Zhen-guo(Characteristic Medical Center of Peoples Armed Police Force,Tianjin 300162,China;School of Information and Software Engineering,University of Electronic Science and Technology of China,Chengdu 610054,China;Logistics University of Peoples Armed Police Force,Tianjin 300309,China)
出处
《医疗卫生装备》
CAS
2020年第5期51-56,共6页
Chinese Medical Equipment Journal
基金
天津市科技计划项目(15ZXLCY00040)。
关键词
身份基代理重加密
条件代理重加密
单向多跳代理重加密
双线性映射
电子病历
密文
CPA安全
identity-based proxy re-encryption(IB-PRE)
conditional proxy re-encryption(CPRE)
unidirectional multi-hop proxy re-encryption(UMH-PRE)
bilinear pairing
electronic medical record(EMR)
ciphertext
CPA security