An Efficient Ciphertext-Policy Weighted Attribute-Based Encryption for the Internet of Health Things

The Internet of Health Things (IoHT) is a concept that describes uniquely identifiable devices connected to the Internet and able to communicate with each other in the medical area. As one of the most important components of smart health monitoring and improvement systems, there are numerous challenges in the IoHT, among which cybersecurity is a major challenge that must be addressed with priority. As a well-received security solution to achieve fine-grained access control, ciphertext-policy weighted attribute-based encryption (CP-WABE) has the potential to ensure data security in the IoHT. However, many issues, such as inflexibility, poor computational capability, and insufficient storage efficiency in attributes comparison, remain. To address these issues, we propose a novel access policy expression method using 0-1 coding technology. Based on this method, a flexible and efficient CP-WABE is constructed for the IoHT. Our scheme supports not only weighted attributes but also any form of comparison of weighted attributes. Furthermore, we use offline/online encryption and outsourced decryption technology to ensure that the scheme can run on an inefficient IoT terminal. Both theoretical and experimental analyses show that our scheme is more efficient and feasible than other schemes. Moreover, security analysis indicates that our scheme achieves security against chosen-plaintext attack.