Revocable Attribute-Based Encryption Scheme with Efficient Deduplication for Ehealth Systems

Abstract

The deduplication based on attribute-based encryption can be well used in eHealth systems to save storage space and share medical records. However, the excessive computation costs of existing schemes lead to inefficient deduplication. In addition, the frequent changes of clients' attribute weaken the forward secrecy of data, and thus, how to achieve the attribute revocation in deduplication is a problem that remains to be solved. In this paper, we propose a variant of the attribute-based encryption scheme that supports efficient deduplication and attributes revocation for eHealth systems. Specifically, an efficient deduplication protocol based on the nature of prime number is used to alleviate the computation burden on the private cloud, and attribute revocation is realized by updating the attribute agent key and the ciphertext. Moreover, outsourcing decryption is introduced to reduce the computation overhead of clients. The security analysis argues that the proposed scheme can reach the desired security requirements, and the visual experiment result indicates the excellent performance of the proposed scheme while realizing deduplication and attribute revocation.