Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.6.999

Verifiable Could-Based Personal Health Record with Recovery Functionality Using Zero-Knowledge Proof  

Kim, Hunki (Graduate School of Information Security, Korea University)
Kim, Jonghyun (Graduate School of Information Security, Korea University)
Lee, Dong Hoon (Graduate School of Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.6, 2020 , pp. 999-1012 More about this Journal
Abstract
As the utilize of personal health records increases in recent years, research on cryptographic protocol for protecting personal information of personal health records has been actively conducted. Currently, personal health records are commonly encrypted and outsourced to the cloud. However, this method is limited in verifying the integrity of personal health records, and there is a problem with poor data availability because it is essential to use it in decryption. To solve this problem, this paper proposes a verifiable cloud-based personal health record management scheme using Redactable signature scheme and zero-knowledge proof. Verifiable cloud-based personal health record management scheme can be used to verify the integrity of the original document while preserving privacy by deleting sensitive information by using Redactable signature scheme, and to verify that the redacted document has not been deleted or modified except for the deleted part of the original document by using the zero-knowledge proof. In addition, it is designed to increase the availability of data than the existing management schemes by designing to recover deleted parts only when necessary through the Redact Recovery Authority. And we propose a verifiable cloud-based personal health record management model using the proposed scheme, and analysed its efficiency by implementing the proposed scheme.
Keywords
Verifiable Computation; zk-SNARK; Redactable Signature; Cloud-based Personal Health Record;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Tang, Paul C., et al, "Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption," Journal of the American Medical Informatics Association, 13.2, pp. 121-126, 2006   DOI
2 SM. Li, S. Yu, N. Cao, W. Lou, "Authorized private keyword search over encrypted data in cloud computing," 2011 31st International Conference on Distributed Computing Systems, pp. 383-392, 2011
3 Goldwasser, Shafi, Silvio Micali, and Charles Rackoff, "The knowledge complexity of interactive proof systems," SIAM Journal on computing, 18.1, pp. 186-208, 1989   DOI
4 Gennaro, Rosario, Craig Gentry, and Bryan Parno, "Non-interactive verifiable computing: Outsourcing computation to untrusted workers," In Annual Cryptology Conference, pp. 465-482, 2010
5 Johnson, Robert, et al, "Homomorphic signature schemes," Cryptographers' track at the RSA conference, pp. 244-262, 2002
6 Slamanig, Daniel, and Stefan Rass, "Generalizations and extensions of redactable signatures with applications to electronic healthcare," IFIP International Conference on Communications and Multimedia Security, pp. 201-213, 2010
7 Chabanne, Herve, Rodolphe Hugel, and Julien Keuffer, "Verifiable document redacting," European Symposium on Research in Computer Security, pp. 334-351, 2017
8 Bethencourt, John, Amit Sahai, and Brent Waters, "Ciphertext-policy attribute-based encryption," 2007 IEEE symposium on security and privacy (SP'07), pp. 321-334, 2007
9 Wang, Changji, Xuan Liu, and Wentao Li, "Design and implementation of a secure cloud-based personal health record system using," International Journal of Intelligent Information and Database Systems 4, 7(5), pp.389-399, 2013   DOI
10 Gondkar, Deepali A., and V. S. Kadam, "Attribute based encryption for securing personal health record on cloud," 2014 2nd International Conference on Devices, Circuits and Systems (ICDCS), pp. 1-5, 2014
11 Rao, Y. Sreenivasa, "A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing," Future Generation Computer Systems, 67, pp. 133-151, 2017   DOI
12 GitHub, "libsnark: a C++ library for zkSNARK proofs," https://github.com/scipr-lab/libsnark, Oct. 2019
13 Deng, Fuhu, et al, "Ciphertext-policy attribute-based signcryption with verifiable outsourced designcryption for sharing personal health records," IEEE Access 6, pp. 39473-39486, 2018   DOI
14 N. Bitansky, A. Chiesa, Y. Ishai, O. Paneth, and R. Ostrovsky, "Succinct non-interactive arguments via linear interactive proofs," Theory of Cryptography Conference, pp. 315-333, 2013
15 Naveh, Assa, and Eran Tromer, "PhotoProof: Cryptographic image authentication for any set of permissible transformations," 2016 IEEE Symposium on Security and Privacy (SP), pp. 255-271, 2016
16 GitHub, "SAVER," https://github.com/snp-lab/SAVER, 2019
17 Parno, Bryan, et al, "Pinocchio: Nearly practical verifiable computation," 2013 IEEE Symposium on Security and Privacy, pp. 238-252, 2013.
18 J. Groth, "On the size of pairing-based non-interactive arguments," EUROCRYPT 2016, pp. 305-326, May. 2016
19 M. Ajtai, "Generating hard instances of lattice problems (extended abstract)," ACM Symposium on Theory of Computing, pp. 99-108, Jul. 1996