Verifiable Outsourced Attribute-Based Encryption Scheme for Cloud-Assisted Mobile E-health System

The cloud-assisted mobile electronic health (e-health) system facilitates e-health data sharing between healthcare providers and patients, but also raises the security and privacy concerns of e-health data. Although Ciphertext-Policy Attribute-Based Encryption (CP-ABE) has been a promising technique to achieve fine-grained access control over encrypted e-health data, it still incurs high encryption and decryption burdens on mobile users such as smartphones and sensors. In addition, malicious cloud servers may conduct incorrect operations due to various interest incentives (e.g., leaking sensitive information to illegal users, saving computation and storage costs). To solve the above issues, in this paper we first propose an Outsourced CP-ABE (OABE) with verifiable encryption scheme by splitting secret keys corresponding to an attribute set and using the short signature, which not only reduces the encryption and decryption complexities of mobile users but also guarantees that cloud servers correctly perform encryption operations. Then, we extend OABE to construct outsourced CP-ABE with verifiable decryption (OABE+) by utilizing the verifiable tag mechanism, which guarantees that cloud servers correctly conduct the ciphertext transformation. Formal security analysis proves that our schemes are selectively secure against unauthorized accesses and malicious operations. Extensive experiments using various real-world datasets demonstrate that our schemes are efficient and feasible in real applications.