An anti-impersonation attack electronic health record sharing scheme based on proxy re-encryption and blockchain

Jiayuan Zhang; Rongxin Guo; Yifan Shi; Wanting Tang; Jiayuan Zhang; Rongxin Guo; Yifan Shi; Wanting Tang

doi:10.3934/mbe.2024271

Mathematical Biosciences and Engineering

2024, Volume 21, Issue 6: 6167-6189. doi: 10.3934/mbe.2024271

Previous Article Next Article

Research article

An anti-impersonation attack electronic health record sharing scheme based on proxy re-encryption and blockchain

1.
College of Information Science and Engineering, Huaqiao University, Xiamen 361021, China
2.
College of Engineering, Huaqiao University, Quanzhou 362021, China

Received: 21 November 2023 Accepted: 16 April 2024 Published: 03 June 2024

Many current electronic medical record (EMR) sharing schemes that use proxy re-encryption and blockchain do not fully consider the potential threat of malicious node impersonation attacks. This oversight could lead to data leakage as attackers masquerade as legitimate users or proxy nodes during the sharing process. To deal with this problem, we propose an EMR sharing scheme based on proxy re-encryption and blockchain to protect against impersonation attacks. First, we prevent the potential threat of impersonation attacks by generating a shared temporary key and assigning tasks to multiple proxy nodes. Second, we use a random function to ensure that the selection of encrypted proxy nodes is fair. Third, we use a combination of blockchain and the InterPlanetary File System to solve the problem of insufficient storage capacity of shared processes and ensure the storage security of EMRs. Through the security proof, our scheme guarantees anti-impersonation, anti-collusion, and anti-chosen plaintext attack capability in the sharing process of EMRs. Additionally, experiments on the blockchain platform, namely Chain33, show that our scheme significantly increases efficiency.
- anti-impersonation attack,
- blockchain,
- electronic medical record,
- proxy re-encryption,
- data security
Citation: Jiayuan Zhang, Rongxin Guo, Yifan Shi, Wanting Tang. An anti-impersonation attack electronic health record sharing scheme based on proxy re-encryption and blockchain[J]. Mathematical Biosciences and Engineering, 2024, 21(6): 6167-6189. doi: 10.3934/mbe.2024271

Related Papers:

Abstract

Many current electronic medical record (EMR) sharing schemes that use proxy re-encryption and blockchain do not fully consider the potential threat of malicious node impersonation attacks. This oversight could lead to data leakage as attackers masquerade as legitimate users or proxy nodes during the sharing process. To deal with this problem, we propose an EMR sharing scheme based on proxy re-encryption and blockchain to protect against impersonation attacks. First, we prevent the potential threat of impersonation attacks by generating a shared temporary key and assigning tasks to multiple proxy nodes. Second, we use a random function to ensure that the selection of encrypted proxy nodes is fair. Third, we use a combination of blockchain and the InterPlanetary File System to solve the problem of insufficient storage capacity of shared processes and ensure the storage security of EMRs. Through the security proof, our scheme guarantees anti-impersonation, anti-collusion, and anti-chosen plaintext attack capability in the sharing process of EMRs. Additionally, experiments on the blockchain platform, namely Chain33, show that our scheme significantly increases efficiency.

References

[1]	A. ElShafee, W. El-Shafai, Design and analysis of data link impersonation attack for wired LAN application layer services, J. Amb. Intell. Human. Comput., 14 (2023), 13465–13488. https://doi.org/10.1007/s12652-022-03800-5 doi: 10.1007/s12652-022-03800-5
[2]	K. Yang, Y. Shi, Z. Yu, Q. Yang, A. Sangaiah, H. Zeng, Stacked one-class broad learning system for intrusion detection in industry 4.0, IEEE Trans. Industr. Inform., 19 (2023), 251–260. https://doi.org/10.1109/TII.2022.3157727 doi: 10.1109/TII.2022.3157727
[3]	K. Yang, Z. Yu, C. Chen, W. Cao, H. Wong, J. You, et al., Progressive hybrid classifier ensemble for imbalanced data, IEEE Trans. Syst. Man Cybern. Syst., 52 (2022), 2464–2478. https://doi.org/10.1109/TSMC.2021.3051138 doi: 10.1109/TSMC.2021.3051138
[4]	L. Guo, W. Gao, Y. Cao, X. Lai, Research on medical data security sharing scheme based on homomorphic encryption, Math. Biosci. Eng., 20 (2023), 2261–2279. https://doi.org/10.3934/mbe.2023106 doi: 10.3934/mbe.2023106
[5]	Y. Lu, D. Zhao, An anonymous SIP authenticated key agreement protocol based on elliptic curve cryptography, Math. Biosci. Eng., 19 (2022), 66–85. https://doi.org/10.3934/mbe.2022003 doi: 10.3934/mbe.2022003
[6]	J. Xu, Y. Tian, T. Ma, N. Al-Nabhan, Intelligent manufacturing security model based on improved blockchain, Math. Biosci. Eng., 17 (2020), 5633–5650. https://doi.org/10.3934/mbe.2020303 doi: 10.3934/mbe.2020303
[7]	A. Zakzouk, A. El-Sayed, E. Hemdan, A blockchain-based electronic medical records management framework in smart healthcare infrastructure, Mult. Tools Appl., 82 (2023), 35419–35437. https://doi.org/10.1007/s11042-023-15152-z doi: 10.1007/s11042-023-15152-z
[8]	W. Wang, D. Teng, M. Chen, Y. Ge, Y. Zou, A trading matching model for aquatic products based on blockchain and credit mechanisms, Math. Biosci. Eng., 20 (2023), 19732–19762. https://doi.org/10.3934/mbe.2023874 doi: 10.3934/mbe.2023874
[9]	M. Du, Q. Chen, J. Chen, X. Ma, An optimized consortium blockchain for medical information sharing, IEEE Trans. Eng. Manag., 68 (2020), 1677–1689. https://doi.org/10.1109/TEM.2020.2966832 doi: 10.1109/TEM.2020.2966832
[10]	K. Neela, V. Kavitha, Blockchain based chaotic deep gan encryption scheme for securing medical images in a cloud environment, Appl. Intell., 53 (2023), 4733–4747. https://doi.org/10.1007/s10489-022-03730-x doi: 10.1007/s10489-022-03730-x
[11]	J. Qu, Blockchain in medical informatics, J. Industr. Inform. Integr., 25 (2022), 100258. https://doi.org/10.1016/j.jii.2021.100258 doi: 10.1016/j.jii.2021.100258
[12]	H. Huang, P. Zhu, F. Xiao, X. Sun, Q. Huang, A blockchain-based scheme for privacypreserving and secure sharing of medical data, Comput. Secur., 99 (2020), 102010. https://doi.org/10.1016/j.cose.2020.102010 doi: 10.1016/j.cose.2020.102010
[13]	J. Liu, W. Jiang, R. Sun, A. Bashiret, M. Alshehri, Q. Hua, et al., Conditional anonymous remote healthcare data sharing over blockchain, IEEE J. Biomed. Health Inform., 27 (2022), 2231–2242. https://doi.org/10.1109/JBHI.2022.3183397 doi: 10.1109/JBHI.2022.3183397
[14]	M. Wang, Y. Guo, C. Zhang, C. Wang, H. Huang, X. Jia, Medshare: A privacy-preserving medical data sharing system by using blockchain, IEEE Trans. Serv. Comput., 16 (2021). https://doi.org/10.1109/TSC.2021.3114719
[15]	V. Marichamy, V. Natarajan, Blockchain based securing medical records in big data analytics, Data Knowl. Eng., 14 (2023), 102122. https://doi.org/10.1016/j.datak.2022.102122 doi: 10.1016/j.datak.2022.102122
[16]	X. Yang, W. Wang, T. Tian, C. Wang, Cryptanalysis and improvement of a blockchain-based certificateless signature for IIoT devices, IEEE Trans. Industr. Inform., 20 (2024), 1884–1894. https://doi.org/10.1109/TII.2023.3282317 doi: 10.1109/TII.2023.3282317
[17]	X. Yang, H. Wen, R. Diao, X. Du, C. Wang, Improved security of a pairing-free certificateless aggregate signature in healthcare wireless medical sensor networks, IEEE Int. Things J., 10 (2023), 10881–10892. https://doi.org/10.1109/JIOT.2023.3240426 doi: 10.1109/JIOT.2023.3240426
[18]	A. Hisham, Detecting impersonation attacks in cloud computing environments using a centric user profiling approach, Future Gener. Comput. Syst., 117 (2021), 299–320. https://doi.org/10.1016/j.future.2020.12.009 doi: 10.1016/j.future.2020.12.009
[19]	X. Yang, S. Li, M. Li, X. Du, C. Wang, Heterogeneous signcryption scheme from PKI to IBC with multi-ciphertext equality test in internet of vehicles, IEEE Int. Things J., (2023), 1. https://doi.org/10.1109/JIOT.2023.3341146
[20]	M. Ma, M. Luo, S. Fan, D. Feng, An efficient pairing-free certificateless cearchable public key encryption for cloud-based IIoT, Wirel. Commun. Mobile Comput., 2020. https://doi.org/10.1155/2020/8850520
[21]	Z. Zhang, S. Zhou, A decentralized strongly secure attribute-based encryption and authentication scheme for distributed Internet of Mobile Things, Comput. Networks, 201 (2021), 108553. https://doi.org/10.1016/j.comnet.2021.108553 doi: 10.1016/j.comnet.2021.108553
[22]	M. Blaze, G. Bleumer, M. Strauss, Divertible protocols and atomic proxy cryptography, Int. Confer. Theory Appl. Cryptographic Techn., (1998), 127–144. https://doi.org/10.1007/BFb0054122
[23]	H. Guo, Z. Zhang, J. Xu, N. An, X. Lan, Accountable proxy re-encryption for secure data sharing, IEEE Trans. Depend. Secure Comput., 18 (2018), 145–159. https://doi.org/10.1109/TDSC.2018.2877601 doi: 10.1109/TDSC.2018.2877601
[24]	C. Fan, J. Chen, S. Huang, J. Huang, W. Chen, Provably secure timed-release proxy conditional reencryption, IEEE Syst. J., 11 (2015), 2291–2302. https://doi.org/10.1109/JSYST.2014.2385778 doi: 10.1109/JSYST.2014.2385778
[25]	K. Azbeg, O. Ouchetto, S. Andaloussi, Blockmedcare: A healthcare system based on iot, blockchain and ipfs for data management security, Egypt. Inform. J., 23 (2022), 320–343. https://doi.org/10.1016/j.eij.2022.02.004 doi: 10.1016/j.eij.2022.02.004
[26]	A. Manzoor, A. Braeken, S. Kanhere, M. Ylianttila, M. Liyanage, Proxy re-encryption enabled secure and anonymous iot data sharing platform based on blockchain, J. Network Comput. Appl., 176 (2021), 102917. https://doi.org/10.1016/j.jnca.2020.102917 doi: 10.1016/j.jnca.2020.102917
[27]	M. Green, G. Ateniese, Identity-Based proxy re-encryption, Appl. Cryptography Network Secur., 4521 (2007), 288–306. https://doi.org/10.1007/978-3-540-72738-5_19 doi: 10.1007/978-3-540-72738-5_19
[28]	H. Wang, Z. Cao, L. Wang, Multi-use and unidirectional identity-based proxy re-encryption schemes, Inform. Sci., 180 (2010), 4042–4059. https://doi.org/10.1016/j.ins.2010.06.029 doi: 10.1016/j.ins.2010.06.029
[29]	H. Xiong, L. Wang, Z. Zhou, Z. Zhao, X. Huang, S. Kumari, Burn after reading: Adaptively secure puncturable identity-based proxy re-encryption scheme for securing group message, IEEE Int. Things J., 9 (2021), 11248–11260. https://doi.org/10.1109/JIOT.2021.3126230 doi: 10.1109/JIOT.2021.3126230
[30]	S. Maiti, S. Misra, P2b: Privacy preserving identity-based broadcast proxy re-encryption, IEEE Trans. Veh. Technol., 69 (2020), 5610–5617. https://doi.org/10.1109/TVT.2020.2982422 doi: 10.1109/TVT.2020.2982422
[31]	C. Ge, Z. Liu, J. Xia, L. Fang, Revocable identity-based broadcast proxy reencryption for data sharing in clouds, IEEE Trans. Depend. Secure Comput., 18 (2019), 1214–1226. https://doi.org/10.1109/TDSC.2019.2899300 doi: 10.1109/TDSC.2019.2899300
[32]	Y. Zhou, L. Zhao, Y. Jin, F. Li, Backdoor-resistant identity-based proxy reencryption for cloud-assisted wireless body area networks, Inform. Sci., 604 (2022), 80–96. https://doi.org/10.1016/j.ins.2022.05.007 doi: 10.1016/j.ins.2022.05.007
[33]	H. Lin, T. Tsai, P. Ting, Y. Fan, Identity-based proxy re-encryption scheme using fog computing and anonymous key generation, Sensors, 23 (2023), 2706. https://doi.org/10.3390/s23052706 doi: 10.3390/s23052706
[34]	P. Xu, T. Jiao, Q. Wu, W. Wang, H. Jin, Conditional identity-based broadcast proxy reencryption and its application to cloud email, IEEE Trans. Comput., 65 (2015), 66–79. https://doi.org/10.1109/TC.2015.2417544 doi: 10.1109/TC.2015.2417544
[35]	S. Yao, R. Dayot, H. Kim, I. Ra, A novel revocable and identity-based conditional proxy re-encryption scheme with ciphertext evolution for secure cloud data sharing, IEEE Access, 9 (2021), 42801–42816. https://doi.org/10.1109/ACCESS.2021.3064863 doi: 10.1109/ACCESS.2021.3064863
[36]	G, Kan, C. Jin, H. Zhu, Y. Xu, N. Liu, An identity-based proxy re-encryption for data deduplication in cloud, J. Syst. Arch., 121 (2021), 102332. https://doi.org/10.1016/j.sysarc.2021.102332 doi: 10.1016/j.sysarc.2021.102332
[37]	J. Bi, F. Luo, S. He, G. Liang, W. Meng, M. Sun, False data injection- and propagation-aware game theoretical approach for microgrids, IEEE Trans. Smart Grid, 13 (2022), 3342–3353. https://doi.org/10.1109/TSG.2022.3174918 doi: 10.1109/TSG.2022.3174918
[38]	J. Bi, S. He, F. Luo, W. Meng, L. Ji, D. Huang, Defense of advanced persistent threat on industrial internet of things with lateral movement modelling, IEEE Trans. Industr. Inform., 19 (2023), 9619–9630. https://doi.org/10.1109/TII.2022.3231406 doi: 10.1109/TII.2022.3231406
[39]	J. Bi, S. He, F. Luo, J. Chen, D. Huang, M. Sun, Differential game approach for modelling and defense of false data injection attacks targeting energy metering systems, in 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), (2022), 97–104. https://doi.org/10.1109/TrustCom56396.2022.00024
[40]	J. Bi, F. Zhang, A. Dorri, C. Zhang, C. Zhang, A risk management approach to double-virus tradeoff problem, IEEE Access, 7 (2019), 144472–144480. https://doi.org/10.1109/ACCESS.2019.2944985 doi: 10.1109/ACCESS.2019.2944985
[41]	J. Bi, F. Luo, G. Liang, X. Yang, S. He, Z. Dong, Impact assessment and defense for smart grids with FDIA against AMI, IEEE Trans. Network Sci. Eng., 10 (2022), 578–591. https://doi.org/10.1109/TNSE.2022.3197682 doi: 10.1109/TNSE.2022.3197682
[42]	D. Huang, F. Luo, J. Bi, M. Sun, An efficient hybrid IDS deployment architecture for multi-hop clustered wireless sensor networks, IEEE Trans. Inform. Forens. Secur., 17 (2022), 2688–2702. https://doi.org/10.1109/TIFS.2022.3191491 doi: 10.1109/TIFS.2022.3191491
[43]	Y. Shi, K. Yang, Z. Yu, C. Chen, H. Zeng, Adaptive ensemble clustering with boosting BLS-based autoencoder, IEEE Trans. Knowl. Data Eng., 35 (2023), 12369–12383. https://doi.org/10.1109/TKDE.2023.3271120 doi: 10.1109/TKDE.2023.3271120
[44]	K. Yang, Z. Yu, C. Chen, W. Cao, J. You, H. Wong, Incremental weighted ensemble broad learning system for imbalanced data, IEEE Trans. Knowl. Data Eng., 12 (2022), 5809–5824. https://doi.org/10.1109/TKDE.2021.3061428 doi: 10.1109/TKDE.2021.3061428
[45]	K. Yang, Y. Liu, Z. Yu, C. Chen, Extracting and composing robust features with broad learning system, IEEE Trans. Knowl. Data Eng., 35 (2023), 3885–3896. https://doi.org/10.1109/TKDE.2021.3137792 doi: 10.1109/TKDE.2021.3137792
[46]	Y. Shi, Z. Yu, C. Chen, H. Zeng, Consensus clustering with co-association matrix optimization, IEEE Trans. Neural Networks Learn. Syst., (2022), 1–14. https://doi.org/10.1109/TNNLS.2022.3201975

Reader Comments

Your name:*

Email:*
© 2024 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)