Multi-User Oriented Data Sharing Scheme for Internet of Medical Things Based on Dual Cryptography Mechanism

Encrypted sharing of Internet of Medical Things (IoMT) data is essential for facilitating collaboration, safeguarding patient privacy, and advancing clinical research. However, existing encryption schemes face numerous challenges in multi-user environments. Traditional proxy re-encryption requires exclusive ciphertext for each user, which is evidently unsuitable for IoMT’s multi-user scenarios. Meanwhile, attribute-based encryption provides flexible data access control, but its complex computations and high resource demands limit its use in large-scale IoMT environments. Additionally, challenges like single-point failure and redundant backups emerge in ciphertext storage. To address these challenges, we propose a dual-cryptography mechanism integrating enhanced proxy re-encryption and attribute-based encryption. Our scheme enables unified ciphertext access for authorized users while applying attribute encryption exclusively to small data keys. To mitigate potential data loss from storage server failures, we propose a decentralized ciphertext storage and recovery mechanism with verifiable secret sharing. Furthermore, we implement decentralized ciphertext storage using verifiable secret sharing, ensuring recoverability from server failures. Formal analysis proves confidentiality under the random oracle model. Experimental results demonstrate high security strength, computational efficiency, and robustness. The solution prevents single-point failures, resists collusion attacks, and maintains traceability through blockchain-integrated audit trails.