Ciphertext-Policy Hierarchical Attribute-Based Encryption against Key-Delegation Abuse for IoT-Connected Healthcare System

Abstract

With the maturity of technologies such as Internet of Things (IoT) and Cloud Computing, more and more medical institutions share patient's medical data in the IoT-connected healthcare system, whereas it also brings hidden dangers to data security and privacy protection. The application of Hierarchical Attribute-Based Encryption (HABE) in IoT-connected healthcare system helps to solve the problem of data sharing with a large number of users. Delegation is a function of HABE, which can realize the transfer of hierarchical user access rights, effectively reducing the workload of the trusted authority. However, when 'delegation' is used to generate decryption keys for users who do not comply with the access structure, the 'key-delegation abuse' problem arises, which can seriously damage the privacy of patient's data. Nevertheless, it has not attracted much attention in previous research. This paper proposes the problem of key-delegation abuse in Ciphertext-Policy Hierarchical Attribute-Based Encryption (CP-HABE). After the cryptanalysis of typical schemes, we conclude two reasons for key-delegation abuse in CP-HABE, which are randomizing the original key elements or keeping parts of them in a new decryption key. This paper proposes a new mechanism specifically by using directed graph and construct a CP-HABE scheme against key-delegation abuse (CP-HABE-AKDA). Aiming at the scenario of key leaking, we further present the traceable CP-HABE-AKDA solution for the IoT-connected healthcare system, which has the additional function of tracking and verifying the identity of key leaker.