Abstract:
The continuous rapid development of Internet technology has brought increasing convenience for data sharing. However, data security and privacy issues have also emerged. Taking healthcare as an example, people hope to seek treatment quickly and claim reimbursement promptly, but do not want to disclose their medical records and expenses in hospitals. To adapt to the above data sharing scenarios, we propose a decentralized identity (DID) model based on blockchain and proxy re-encryption (PRE). Further, we achieve a data sharing framework for smart healthcare. Blockchain is leveraged to avoid the problem of single-node failure, ensuring data availability and data consistency. PRE is employed to achieve the separation of data generation, management and usage. This character is identical to that of the DID model, where verifiable credential (VC) issuance and verification are separated. Besides, PRE helps to achieve the goal of patient-centered healthcare. Furthermore, we obtain verifiable presentation (VP) by using the BLS aggregation signatures, which enable us to combine and authenticate multiple VCs. We incorporate blockchain as a decentralized trusted third party to check the correctness of cryptographic operations, achieving data verifiability and audibility in an encrypted mode. Also, we make a scrupulous security analysis of the proposed framework and compare it with related work. Finally, we conduct comprehensive experiments based on Ethereum and IPFS (inter-planetary file system), demonstrating the feasibility and efficiency of our solution.