A certificate-based proxy re-encryption plus scheme for secure medical data sharing

The sharing of medical data is crucial for advancing medical research, but the risk of sharing medical data with malicious users poses a significant problem for smooth sharing among medical institutions. To address this issue, we propose a certificate-based proxy re-encryption plus (CBPRE+) scheme based on certificate-based proxy re-encryption (CBPRE) and message level fine-grained controllable and non-transferable proxy re-encryption plus (PRE+). This scheme allows medical organizations to securely distribute their encrypted data to recipients through public cloud storage. The proposed scheme maintains the benefits of CBPRE, while additionally enabling fine-grained message-level sharing and non-transferability. This ensures that user data is only available to authorized health services, thereby preventing malicious disclosure. We validate and analyze the correctness, safety, and performance of our scheme, and our results show that the scheme has chosen-ciphertext security for the original ciphertext and chosen-plaintext security for the re-encrypted ciphertext. Our proposed scheme offers more advantages than the existing CBPRE scheme.