Skip to main content
SpringerLink
Log in

An Efficient Searchable Encryption Against Keyword Guessing Attacks for Sharable Electronic Medical Records in Cloud-based System

  • Systems-Level Quality Improvement
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Preserving the privacy of electronic medical records (EMRs) is extremely important especially when medical systems adopt cloud services to store patients’ electronic medical records. Considering both the privacy and the utilization of EMRs, some medical systems apply searchable encryption to encrypt EMRs and enable authorized users to search over these encrypted records. Since individuals would like to share their EMRs with multiple persons, how to design an efficient searchable encryption for sharable EMRs is still a very challenge work. In this paper, we propose a cost-efficient secure channel free searchable encryption (SCF-PEKS) scheme for sharable EMRs. Comparing with existing SCF-PEKS solutions, our scheme reduces the storage overhead and achieves better computation performance. Moreover, our scheme can guard against keyword guessing attack, which is neglected by most of the existing schemes. Finally, we implement both our scheme and a latest medical-based scheme to evaluate the performance. The evaluation results show that our scheme performs much better performance than the latest one for sharable EMRs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., and et al., A view of cloud computing. Communications of the ACM 53(4):50–58, 2010.

    Article  Google Scholar 

  2. Li, M., and et al, Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings, Security and Privacy in Communication Networks, pp. 89–106. Springer , Berlin Heidelberg (2010)

  3. He, D., Chen, J., Hu, J., He, D., Chen, J., and Hu, J., An id-based client authentication with key agreement protocol for mobile clientserver environment on ecc with provable security. Information Fusion 13(3): 223–230, 2012.

    Article  Google Scholar 

  4. Mishra, D., A study on id-based authentication schemes for telecare medical information system. Computer Science 24(6):621–625, 2013.

    Google Scholar 

  5. Chaturvedi, A., Mishra, D., and Mukhopadhyay, S., Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card. Information systems security, pp. 63–77. Springer , Berlin Heidelberg (2013)

  6. Mishra, D., Das, A. K., and Mukhopadhyay, S., A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Systems with Applications 41(18):8129–8143, 2014.

    Article  Google Scholar 

  7. Khan, M. K., Chaturvedi, A., Mishra, D., and Kumari, S., On the security enhancement of integrated electronic patient records information systems. Computer Science and Information Systems 12(2):857–872, 2015.

    Article  Google Scholar 

  8. Xhafa, F., Li, J., Zhao, G., Li, J., Chen, X., and Wong, D. S., Designing cloud-based electronic health record system with attribute-based encryption. Multimedia Tools and Applications 74(10):3441–3458, 2014.

    Article  Google Scholar 

  9. Sun, W., Lou, W., Hou, Y. T., and Li, H., Privacy-preserving keyword search over encrypted data in cloud computing. In: Secure Cloud Computing, pp. 189–212. Springer, New York (2014)

  10. Boneh, D., Crescenzo, G. D., Ostrovsky, R., and Persiano, G., Public key encryption with keyword search. In: EUROCRYPT 2004, pp. 506–522 (2004)

  11. Park, D. J., Kim, K., and Lee, P. J., Public key encryption with conjunctive field keyword search. In: Information security applications, pp. 73–86. Springer, Berlin Heidelberg (2004)

  12. Hwang, Y. H., and Lee, P. J., Public key encryption with conjunctive keyword search and its extension to a multi-user system. In: Pairing-Based CryptographyPairing, pp. 2–22. Springer, Berlin Heidelberg (2007)

  13. Dong, C., Russello, G., and Dulay, N., Shared and searchable encrypted data for untrusted servers. J. Comput. Secur. 19(3):367–397, 2011.

    Article  Google Scholar 

  14. Benaloh, J., Chase, M., Horvitz, E., and Lauter, K., Patient controlled encryption: Ensuring privacy of electronic medical records. In ACM cloud computing security workshop. ACM,103–114, 2009.

  15. Liu, Z., Weng, J., Li, J., Yang, J., Fu, C., and Jia, C., Cloud-based electronic health record system supporting fuzzy keyword search. Soft. Comput. 20(8):1–13, 2015.

    CAS  Google Scholar 

  16. Baek, J., Safavi-Naini, R., and Susilo, W., Public key encryption with keyword search revisited. In: ICCSA 2008, LNCS 5072, pp. 1249–1259 (2008)

  17. Rhee, H. S., Park, J. H., Susilo, W., and Lee, D. H., Improved searchable public key encryption with designated tester. In: ASIACCS 2009, ACM, pp. 376–379 (2009)

  18. Rhee, H. S., Park, J. H., Susilo, W., and Dong, H. L., Trapdoor security in a searchable public-key encryption scheme with a designated tester. J. Syst. Softw. 83(5):763–771, 2010.

    Article  Google Scholar 

  19. Gu, C., Zhu, Y., and Pan, H., Efficient public key encryption with keyword search schemes from pairings. Information security and cryptology, pp. 372–383. Springer, Berlin Heidelberg (2007)

  20. Fang, L. M., Susilo, W., Ge, C. P., and Wang, J. D., A secure channel free public key encryption with keyword search scheme without random oracle. In: CANS 2009, LNCS 5888, pp. 248–258 (2009)

  21. Fang, L. M., Susilo, W., Ge, C. P., and Wang, J. D., Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Inf. Sci. 238(7):221–241, 2013.

    Article  Google Scholar 

  22. Guo, L., and Yau, W. C., Efficient secure-channel free public key encryption with keyword search for EMRs in Cloud Storage. J. Med. Syst. 39(2):1–11, 2015.

    Article  Google Scholar 

  23. Bao, F., Deng, R. H., and Zhu, H., Variations of diffie-hellman problem. In Information and Communications Security. Springer Berlin Heidelberg,301–312, 2003.

  24. PPBC Library, https://crypto.stanford.edu/pbc/

Download references

Author information

Authors and Affiliations

  1. College of Computer, National University of Defense Technology, Changsha, Hunan, People’s Republic of China

    Yilun Wu & Peixin Chen

  2. National Key Laboratory for Parallel and Distributed Processing, National University of Defense Technology, Changsha, Hunan, People’s Republic of China

    Xicheng Lu & Jinshu Su

Authors
  1. Yilun Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xicheng Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jinshu Su
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peixin Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yilun Wu.

Additional information

This article is part of the Topical Collection on Systems-Level Quality Improvement

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, Y., Lu, X., Su, J. et al. An Efficient Searchable Encryption Against Keyword Guessing Attacks for Sharable Electronic Medical Records in Cloud-based System. J Med Syst 40, 258 (2016). https://doi.org/10.1007/s10916-016-0609-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-016-0609-z

Keywords

Search

Navigation