Backdoor-resistant identity-based proxy re-encryption for cloud-assisted wireless body area networks

The wireless body area network (WBAN) provides users with real-time medical services. Meanwhile, the cloud technology provides greater storage space and computing power for medical data. Both of them have contribute to the development of telemedicine. In a cloud-assisted WBAN, the open network environment and the semi-trust cloud service providers expose the user’s private medical data to backdoor adversaries who can make exfiltration attacks, such as the algorithm substitution attack (ASA) through the process of data sharing. Therefore, it is necessary to find a secure and efficient medical data sharing scheme for the huge amount of medical data. In this paper, we first design an identity-based proxy re-encryption scheme with cryptographic reverse firewall (IBPRE-CRF), then show the application in a multiple-access telemedicine data sharing scenario. Security analysis shows that the IBPRE-CRF scheme provides chosen plaintext attack security and resists exfiltration attacks. Performance analysis shows that the IBPRE-CRF scheme has a significant communication and computational cost advantage while being resistant to exfiltration attacks in clouds. Therefore, our IBPRE-CRF scheme is suitable for telemedicine data sharing in a cloud-assisted WBAN.