Secure collaborative EHR Sharing using multi-authority attribute-based proxy re-encryption in Web 3.0

Web 3.0 represents a transformative shift toward a decentralized, intelligent, and user-centric Internet. Existing electronic health record (EHR) sharing systems depend on centralized cloud servers for storage and management, with hospitals serving as primary custodians. This centralization often results inpatients losing control and visibility over their EHR data, including who accesses it and how it is utilized, which contradicts the decentralized principles of Web 3.0. In this context, we propose a multi-authority attribute-based proxy re-encryption scheme that facilitates collaborative EHR sharing in Web 3.0. Our design allows the updating of ciphertext policies, thereby eliminating the need for frequent re-encryption of plaintext data amid varying cross-domain access policies. Furthermore, our scheme utilizes blockchain technology to create a decentralized and transparent environment that enables traceable cross-domain EHR sharing records. Additionally, we integrate hybrid encryption with decentralized data hosting platforms, significantly reducing the on-chain storage burden. The use of smart contracts automates the cross-domain EHR sharing and guarantees a fair distribution of benefits among all participants. Security analysis confirms that our scheme is secure against chosen plaintext attacks and resistant to collusion. Performance analysis and simulation experiments validate the efficiency and robustness of our scheme.