An Immunity Passport Scheme Based on the Dual-Blockchain Architecture for International Travel

The implementation of immunity passport has been hampered by the controversies over vaccines in various countries, the privacy of vaccinators, and the forgery of passports. While some existing schemes have been devoted to accelerating this effort, the problems above are not well solved in existing schemes. In this paper, we present an immunity passport scheme based on the dual-blockchain architecture, which frees people from the cumbersome epidemic prevention process while traveling abroad. Specially, the dual-blockchain architecture is established to fit with the scenarios of immunity passport. Searchable encryption and anonymous authentication are utilized to ensure users’ privacy. In addition, the performance and security evaluations show that our scheme achieves the proposed security goals and surpasses other authentication schemes in communicational and computational overheads.

Multi-Keyword Searchable Encryption for E-Health System With Multiple Data Writers and Readers

E-health is a cloud-based system to store and share medical data with the stakeholders. From a security perspective, the stored data are in encrypted form that could further be searched by the stakeholders through searchable encryption (SE). Practically, an e-health system with support of multiple stakeholders (that may work as either data owner [writer] or user [reader]) along with the provision of multi-keyword search is desirable. However, the existing SE schemes either support multi-keyword search in multi-reader setting or offer multi-writer, multi-reader mechanism along with single-keyword search only. This chapter proposes a multi-keyword SE for an e-health system in multi-writer multi-reader setting. With this scheme, any registered writer could share data with any registered reader with optimal storage-computational overhead on writer. The proposed scheme offers conjunctive search with optimal search complexity at server. It also ensures security to medical records and privacy of keywords. The theoretical and empirical analysis demonstrates the effectiveness of the proposed work.

Database Padding for Dynamic Symmetric Searchable Encryption

Dynamic symmetric searchable encryption (DSSE) that enables the search and update of encrypted databases outsourced to cloud servers has recently received widespread attention for leakage-abuse attacks against DSSE. In this paper, we propose a dynamic database padding method to mitigate the threat of data leakage during the update operation of outsourcing data. First, we introduce an outlier detection technology where bogus files are generated for padding according to the outlier factors, hiding the document information currently matching search keywords. Furthermore, we design a new index structure suitable for the padded database using the bitmap index to simplify the update operation of the encrypted index. Finally, we present an application scenario of the padding method and realize a forward and backward privacy DSSE scheme (named PDB-DSSE). The security analysis and simulation results show that our dynamic padding algorithm is suitable for DSSE scheme and PDB-DSSE scheme maintains the security and efficiency of the retrieval and update of the DSSE scheme.

BFR-SE: A Blockchain-Based Fair and Reliable Searchable Encryption Scheme for IoT with Fine-Grained Access Control in Cloud Environment

Due to capacity limitations, large amounts of data generated by IoT devices are often stored on cloud servers. These data are usually encrypted to prevent the disclosure, which significantly affects the availability of this data. Searchable encryption (SE) allows a party to store his data created by his IoT devices or mobile in encryption on the cloud server to protect his privacy while retaining his ability to search for data. However, the general SE techniques are all pay-then-use. The searchable encryption service providers (SESP) are considered curious but honest, making it unfair and unreliable. To address these problems, we combined ciphertext-policy attribute-based encryption, Bloom filter, and blockchain to propose a blockchain-based fair and reliable searchable encryption scheme (BFR-SE) in this paper. In BFR-SE, we constructed an attribute-based searchable encryption model that can provide fine-grained access control. The data owner stores the indices on SESP and stores some additional auxiliary information on the blockchain. After a data user initiates a request, SESP must return the correct and integral search results before the deadline. Otherwise, the data user can send an arbitration request, and the blockchain will make a ruling. The blockchain will only perform arbitrations based on auxiliary information when disputes arise, saving the computing resources on-chain. We analyzed the security and privacy of BFR-SE and simulated our scheme on the EOS blockchain, which proves that BFR-SE is feasible. Meanwhile, we provided a thorough analysis of storage and computing overhead, proving that BFR-SE is practical and has good performance.