Abstract
Many sanitizable signature schemes have been proposed to facilitate and secure the secondary use of medical data. These schemes allow a patient, authorized by the doctor, to modify and re-sign his/her electronic health record (EHR) to hide sensitive information and the new signature can be verified successfully. However, this may lead to fraud because patients may forge medical records for profit. To further standardize sanitization and reduce the sanitizers power, this paper proposes a new limited sanitizable signature scheme, which allows the signer to not only decide which message blocks can be modified but also determine the maximum of modifiable blocks and the expiration time for sanitization. We also propose a secure EHR sharing scheme suitable for medical scenarios based on the above limited sanitizable signature to realize privacy preserving medical data sharing. Finally, the security analysis and experimental results show that the security and efficiency of our scheme can be accepted.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
\(\textbf{Redact}\) in [20] is also responsible for modifying the message m based on the MOD, but it allows to remove blocks rather than change, and can be considered a special case of \(\textbf{Sanit}\).
References
Xu, Z., Luo, M., Kumar, N., Vijayakumar, P., Li, L.: Privacy-protection scheme based on sanitizable signature for smart mobile medical scenarios. Wireless Commun. Mob. Comput. 2020 (2020)
Shen, W., Qin, J., Yu, J., Hao, R., Hu, J.: Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 14(2), 331–346 (2018)
Xu, Y., Ding, L., Cui, J., Zhong, H., Yu, J.: PP-CSA: a privacy-preserving cloud storage auditing scheme for data sharing. IEEE Syst. J. 15(3), 3730–3739 (2020)
Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005). https://doi.org/10.1007/11555827_10
Thornton, D., Brinkhuis, M., Amrit, C., Aly, R.: Categorizing and describing the types of fraud in healthcare. Procedia Comput. Sci. 64, 713–720 (2015)
Bossuat, A., Bultel, X.: Unlinkable and invisible \(\gamma \)-Sanitizable signatures. In: Sako, K., Tippenhauer, N.O. (eds.) ACNS 2021. LNCS, vol. 12726, pp. 251–283. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78372-3_10
Canard, S., Jambert, A.: On extended sanitizable signature schemes. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 179–194. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11925-5_13
Derler, D., Slamanig, D.: Rethinking privacy for extended sanitizable signatures and a black-box construction of strongly private schemes. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 455–474. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26059-4_25
Klonowski, M., Lauks, A.: Extended sanitizable signatures. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 343–355. Springer, Heidelberg (2006). https://doi.org/10.1007/11927587_28
Bultel, X., Lafourcade, P., Lai, R.W.F., Malavolta, G., Schröder, D., Thyagarajan, S.A.K.: Efficient invisible and unlinkable sanitizable signatures. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11442, pp. 159–189. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17253-4_6
Fuchsbauer, G., Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and constant-size anonymous credentials. J. Cryptol. 32(2), 498–546 (2019)
Bultel, X., Lafourcade, P.: Unlinkable and strongly accountable sanitizable signatures from verifiable ring signatures. In: Capkun, S., Chow, S.S.M. (eds.) CANS 2017. LNCS, vol. 11261, pp. 203–226. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-02641-7_10
Emura, K., Hayashi, T., Ishida, A.: Group signatures with time-bound keys revisited: a new model, an efficient construction, and its implementation. IEEE Trans. Dependable Secure Comput. 17(2), 292–305 (2017)
Liu, J.K., Chu, C.K., Chow, S.S., Huang, X., Au, M.H., Zhou, J.: Time-bound anonymous authentication for roaming networks. IEEE Trans. Inf. Forensics Secur. 10(1), 178–189 (2014)
Camenisch, J., Drijvers, M., Lehmann, A.: Anonymous attestation using the strong Diffie Hellman assumption revisited. In: Franz, M., Papadimitratos, P. (eds.) Trust 2016. LNCS, vol. 9824, pp. 1–20. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45572-3_1
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12
Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_19
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Brzuska, C., Pöhls, H.C., Samelin, K.: Efficient and perfectly unlinkable sanitizable signatures without group signatures. In: Katsikas, S., Agudo, I. (eds.) EuroPKI 2013. LNCS, vol. 8341, pp. 12–30. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-53997-8_2
Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., de Meer, H.: Redactable signatures for independent removal of structure and content. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 17–33. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29101-2_2
Huang, Q., Chen, L., Wang, C.: A parallel secure flow control framework for private data sharing in mobile edge cloud. IEEE Trans. Parallel Distrib. Syst. 33(12), 4638–4653 (2022)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yang, Y., Yi, B., Zhan, Y., Huang, M. (2022). Secure EHR Sharing Scheme Based on Limited Sanitizable Signature. In: Ahene, E., Li, F. (eds) Frontiers in Cyber Security. FCS 2022. Communications in Computer and Information Science, vol 1726. Springer, Singapore. https://doi.org/10.1007/978-981-19-8445-7_19
Download citation
DOI: https://doi.org/10.1007/978-981-19-8445-7_19
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-8444-0
Online ISBN: 978-981-19-8445-7
eBook Packages: Computer ScienceComputer Science (R0)