BPVSE: Publicly Verifiable Searchable Encryption for Cloud-Assisted Electronic Health Records

Cloud-assisted electronic health records (EHRs) provide convenient medical services for patients by storing and analyzing medical data records in the cloud, but searching for sensitive data (e.g., identity, medical history) in the cloud conflicts with privacy protection requirements. Searchable encryption (SE) is a good cryptographic primitive for solving this conflict, which allows the user to store their encrypted data in the cloud and search them later in encrypted domain. However, the direct applications of most existing SE schemes in cloud-assisted EHRs may result in challenges, for example in terms of functionality, security and efficiency. In this paper, we propose BPVSE, a new verifiable and dynamic SE scheme for cloud-assisted EHR. BPVSE has the following advantages over existing approaches. First, leveraging blockchain and hash-proof chain, BPVSE allows the user to publicly verify the search result returned by the cloud without a trusted authority. Second, BPVSE supports dynamic datasets with forward and backward security, using our newly designed new hidden data structure. Third, BPVSE enables the user to launch parallel search with efficient encryption. We formally prove the security of the proposed BPVSE, and also conduct theoretical comparison and experimental evaluation to show its superiority of functionality, security, and efficiency.

Automated summary

In this paper, we propose BPVSE, a new verifiable and dynamic searchable encryption scheme for cloud-assisted EHR. BPVSE leverages blockchain and hash-proof chain to enable public verification of search results without a trusted authority. It supports dynamic datasets with forward and backward security, using a newly designed hidden data structure. Additionally, BPVSE allows for efficient encryption and parallel search.