Blockchain-Backed Searchable Proxy Signcryption for Cloud Personal Health Records

Patient-centered data management and sharing of personal health records (PHRs) are difficult to be realized as data is controlled by doctors/hospitals. In addition, security and privacy, oppressive costs, search and tracing unreliability, and complicated access authorization caused by traditional encryption severely hinder the widespread adoption of PHRs. To overcome these challenges, we propose a blockchain-backed data sharing framework for PHRs, where the blockchain achieves reliable search and tracing. Furthermore, we design a hybrid b lock c hain-backed s earchable p roxy s ign c ryption scheme, named BC-SPSC . Specifically, an identity-based proxy signature (IBPS) is utilized to perform the authorization from patients to doctors to achieve authentic patient-centricity, therefore the blockchain can relate data with associated patients and doctors during data tracing. Moreover, BC-SPSC supports two search modes. The first mode adopts attribute-based encryption with keyword-based search (SABE), where all legitimate users can implement searches, but only users whose attributes satisfy the access structure can successfully decrypt. By contrast, the second mode utilizes attribute-based searchable encryption (ABSE) to accomplish fine-grained authorization in both search and data access/decryption, that is, who can search is also constrained by data owners. Adequate performance comparisons and simulation experiments indicate significant advantages of the BC-SPSC scheme in storage and computation overheads.