Abstract: The Internet of Medical Things (IoMT) is the interconnection of medical sensors and networks on the basis of existing IoT architecture to accomplish the real-time collection and processing of patient’s physical services. IoMT can not only significantly enhances the quality of healthcare services but also reduces the management costs of the medical industry. However, when patient medical data is outsourced and stored in the cloud, there are security threats such as patient privacy breaches and unauthorized malicious access to medical systems. To address these concerns, this paper proposes a revocable attribute-based proxy re-encryption scheme that supports policy hiding. Patients encrypt their medical data and upload it to the InterPlanetary File System, while hiding attribute values in access policies during attribute encryption, effectively preventing the leakage of sensitive patient information and enabling fine-grained secure sharing of medical data. Additionally, complex computation for verifiable outsourcing is achieved through proxy re-encryption technology. Furthermore, revocation of malicious users is accomplished by embedding a chameleon hash function into user private key generation and employing new random factors for key updates. Finally, under the standard model, it is proven that the scheme satisfies specific access structures and achieves indistinguishability under chosen plaintext attacks. In relation to current practices, Experimental simulations demonstrate that this scheme exhibits higher execution efficiency in the encryption/decryption phase, revocation phase, and file download phase.

Key words: Proxy re-encryption, Chameleon hash function, revocation, policy hiding, Internet of Medical Things

摘要： 医疗物联网(Internet of Medical Things, IoMT)是在现有的物联网架构基础上将医疗传感器与网络互联互通，完成对患者体征数据的实时收集与处理。IoMT不仅可以大幅度提升医疗服务的质量，而且还可以降低医疗产业的管理成本。然而，当患者医疗数据外包存储在云端时，存在患者隐私泄露、医疗系统未授权的恶意访问等安全威胁。针对上述问题，提出了一种支持策略隐藏的可撤销属性代理重加密方案。其中，患者通过对医疗数据加密后上传到星际文件系统，并对属性加密中访问策略的属性值进行隐藏，有效防止患者敏感信息的泄露，实现医疗数据细粒度的安全共享。同时，借助代理重加密技术完成对复杂计算的可验证外包处理。此外，将变色龙哈希函数嵌入用户私钥生成，采用新的随机因子实现密钥的更新，完成对恶意用户的撤销。最后，在标准模型中证明了方案满足特定访问结构和选择明文攻击下的不可区分性。并通过实验仿真，与现有方案相比，该方案在加/解密阶段、撤销阶段以及文件下载阶段具有更高的执行效率。

关键词: 代理重加密, 变色龙哈希, 可撤销, 策略隐藏, 医疗物联网