CN-116471091-B - Block chain enabled medical internet of things multi-keyword searchable encryption method

Abstract

The invention discloses a multi-keyword searchable encryption method of a medical Internet of things enabled by a blockchain, which comprises the steps of firstly initializing a distributed blockchain system, placing system public parameters in an initial block, generating a system public key by a blockchain node through a Pedersen secret sharing protocol, initializing a cloud server, generating an index according to a keyword set by a data collector, sending the index to the blockchain, storing the index in the cloud server, sending the keyword set to be searched to the blockchain by the data user, calling a trapdoor generation contract to generate a search trapdoor, sending the search trapdoor to the cloud server to perform keyword-based search by the blockchain, returning a search result to a data user by the cloud server, and enabling the blockchain to be responsible for auditing when integrity disputes occur.

Inventors

• LIU SUHUI
• CHEN LIQUAN
• MA YANG
• ZHANG HAN

Assignees

• 东南大学

Dates

Publication Date

20260508

Application Date

20230423

Claims (2)

1. 1. A multi-keyword searchable encryption method of a medical Internet of things enabled by a blockchain is characterized by comprising the following steps: S1, initializing a system, wherein the system comprises three substeps; S11, initializing a block chain, namely establishing a distributed block chain and placing system parameters in an initial block, wherein the expression of the system parameters PP is as follows: Wherein, the And For order being a large prime number G is the multiplication group of Is used for generating the generation element of (a), Is a random element which is used to generate a random pattern, Is a collision-resistant hash function; s12, generating a system public key by using a blockchain, namely generating the system public key based on a Pedersen secret sharing protocol and storing the system public key in a ledger, namely globally disclosing, wherein the system public key is a global public key The expression is as follows: Where i is the node number, k is the threshold value in the petersen protocol, Is a parameter randomly selected by each node The value of the generated value is used to determine, Is a lagrangian interpolation; S13, initializing a cloud server, wherein the cloud server automatically generates a pair of public and private keys and discloses the public and private keys The expression is as follows: Wherein S2, index generation, data collector (data owner) extracts a set of keyword sets from the collected data Then, a search index is generated according to the group of keywords, and the search index { I }) is expressed as: ; wherein e is the number of keywords in the keyword set, Randomly selected elements of the group; S3, trapdoor generation, namely, the data user generates hash values of a group of keywords Sending the search trapdoor to a block chain, and calling a trapdoor generation contract to generate the search trapdoor The expression of (2) is: wherein f is the number of keywords in the keyword set, Randomly selected elements of the group; and S4, searching, namely after receiving a search trapdoor, the cloud server runs the search, wherein the expression of the search formula is as follows: Wherein R is a part of the index, , /e( ,R); And S5, data integrity audit, wherein when the data is possibly tampered, any participant can apply for the integrity audit to the blockchain, and the blockchain audits the data integrity according to the hash value stored in the ledger to find out a responsible person for data tampering.
2. 2. A blockchain-enabled medical Internet of things multi-keyword searchable encryption product comprising a computer program, wherein the computer program when executed by a processor performs the steps of the method of claim 1.

Description

Block chain enabled medical internet of things multi-keyword searchable encryption method Technical Field The invention belongs to the technical field of information security, and particularly relates to a blockchain enabled medical internet of things multi-keyword searchable encryption method. Background The intelligence of intelligent health systems is not only in being able to provide care to patients at any point in time, but is also in privacy and controlled sharing of medical data. The medical internet of things (internet of MEDICAL THINGS, ioMT) aims to achieve the above functions by benefiting from ubiquitous connections, intelligent internet of things devices and 5G communication technologies. In a smart ward, data generated by the wearable device and the monitoring device may be stored locally in the collector for real-time status monitoring and diagnosis. However, secure data storage and sharing typically relies on cloud servers due to limited storage resources of the internet of things devices. However, for medical data with high privacy and security requirements, for a cloud server that is not fully trusted, a encryption-before-upload mode is typically employed. Encryption does ensure confidentiality of data, but the encrypted data inevitably hinders efficient sharing of data. Even attribute-based encryption primitives (ABE) can only achieve confidentiality and fine-grained access control at the same time, and cannot achieve efficient ciphertext search. Furthermore, plaintext keyword based searches are totally unacceptable for IoMT because medical data requirements prohibit all possible privacy leaks, including privacy leaks from search keywords. Thus, searchable encryption is well suited for data sharing in this area. Since symmetric searchable encryption requires extremely complicated key management, public-key encryption with keyword-based search (PEKS) supporting keyword search is more suitable for multi-device internet of things environments. However, PEKS can only achieve one-to-one sharing, which is still not practical for accessing frequent healthcare scenarios. For example, if n doctors wish to access a patient's data, the data owner needs to encrypt the search index n times based on the public keys of the n doctors, respectively, which puts forward both storage resources and computing resources In addition, the rights of the cloud server in the current cloud assistance I oMT are too centralized because it is simultaneously mastered with the rights of data storage, searching, access control and tracking. The use of blockchains in either the I oT or I oMT has attracted a great deal of attention due to some characteristics of the blockchain, such as distribution, traceability, and non-tamper ability. In one aspect, some blockchain assistance I oMT schemes are proposed for data tracking, access control, and fair payment. On the other hand, blockchains are used for searching, and some work even combines this with PEKS. However, all of these efforts have attempted to exploit the benefits of blockchains to enhance security or to perform functions, but none of the efforts currently have been directed to essentially fusing blockchains with PEKS, making blockchains part of PEKS. In summary, designing a multi-user efficient and secure blockchain searchable encryption scheme for medical internet of things has challenging and realistic value. Disclosure of Invention In order to solve the problems, the invention designs a block chain enabled multi-keyword ciphertext search method. The method adopts a primitive based on searchable encryption to protect the search index to prevent the disclosure of private information. Further, the blockchain entails the generation of search trapdoors, enabling traditional one-to-one searchable encryption to one-to-many while mitigating overhead for data users. In addition, the blockchain also stores hash values of the data for subsequent integrity audits. The method comprises the steps of firstly initializing a distributed blockchain system, placing system public parameters in an initial block, generating a system public key by a blockchain node through a Pedersen secret sharing protocol, initializing a cloud server, generating a pair of secret keys and disclosing the public key, generating an index by a data collector according to a keyword set, sending the index to the cloud server, finally storing the index in the cloud server, sending the keyword set to be searched to the blockchain by a data user, calling a trapdoor generation contract to generate a search trapdoor, sending the search trapdoor to the cloud server to perform search based on the keyword by the blockchain, returning a search result to the data user by the cloud server, and enabling the blockchain to be responsible for auditing when the integrity disputes occur. In order to achieve the purpose, the technical scheme adopted by the invention is that the multi-keyword searchable encryption method of t