Obfuscatable multi-recipient re-encryption for secure privacy-preserving personal health record services

BACKGROUND: With the rapid development of cloud computing techniques, it is attractive for personal health record (PHR) service providers to deploy their PHR applications and store the personal health data in the cloud. However, there could be a serious privacy leakage if the cloud-based system is intruded by attackers, which makes it necessary for the PHR service provider to encrypt all patients' health data on cloud servers. OBJECTIVE: Existing techniques are insufficiently secure under circumstances where advanced threats are considered, or being inefficient when many recipients are involved. Therefore, the objectives of our solution are (1) providing a secure implementation of re-encryption in white-box attack contexts and (2) assuring the efficiency of the implementation even in multi-recipient cases. METHODS: We designed the multi-recipient re-encryption functionality by randomness-reusing and protecting the implementation by obfuscation. RESULTS: The proposed solution is secure even in white-box attack contexts. Furthermore, a comparison with other related work shows that the computational cost of the proposed solution is lower. CONCLUSIONS: The proposed technique can serve as a building block for supporting secure, efficient and privacy-preserving personal health record service systems.