Collusion-resistant and privacy-preserving data sharing scheme on outsourced data in e-healthcare system

E-healthcare system has been introduced to provide real-time patient health monitoring using IoT sensors and efficiently share patient data with multiple users. Patients need to outsource their health data over the cloud due to the resource-constrained nature of IoT devices and patient devices. While accessing the data from a trusted cloud or distributed users makes health data susceptible and leads to leakage and manipulation. Therefore, we need secure data sharing with fine-grained access control and authentication schemes. The existing proxy re-encryption data sharing schemes use the same key to re-encrypt the patient’s health data more than once, leading to a collusion attack with users. This paper proposes an efficient and collusion-resistant re-encryption scheme (CRRE) with mutual authentication to address the collusion attack that provides privacy-preserving secure data sharing with fine-grained access control. Integrating the CRRE scheme with blockchain provides data integrity, verifiability, accountability, and interoperability between all entities in the e-healthcare system. The random oracle model and AVISPA tool are used to validate the formal and informal security of the CRRE scheme. The proposed scheme is implemented and compared with existing PRE-based schemes on various parameters. The results prove that the proposed CRRE scheme is more efficient and suitable for resource-constrained devices in the e-healthcare system.