Conjunctive multi-key searchable encryption with attribute-based access control for EHR systems

•In this paper, we study conjunctive multi-key searchable encryption with attribute-based access control for HER systems. Compared with the existing multi-key searchable encryption (MKSE) schemes, our solution has the following four advantages:•Our scheme has more flexible attribute access policy. Data owners do not make access control for everyone but for people with certain attribute sets.•Our scheme supports conjunctive keyword search. Data users can obtain results more accurately due to this feature.•Our scheme gets rid of secure channels for key transmission. In some MKSE schemes, users transfer secret keys with secure channels which increases the communication overhead.•Our scheme can resist keyword guessing attack while most other MKSE schemes can not achieve this security. Compared with the existing attribute-based keyword search (ABKS) schemes, our solution has the following two advantages:•We hide the attribute values with just a small price which may reveal the data users privacy.•In our solution, users privacy does not rely on the trusted authority. The secret keys of the data owners and the data users are generated by themselves. With the growing demands of online access to health services, multiple medical institutions store their encrypted electronic health records (EHR) on the cloud and share them with the specified doctors and researchers. Multi-key searchable encryption (MKSE) is very suitable for this case for the sake of the privacy of patients and the system effeciency. In MKSE, multiple data owners can encrypt the data with their own secret keys and upload them to the remote cloud server. In order to search all the encrypted data on the cloud for a keyword, an authorized user only needs to generate a single trapdoor whose length is independent on the number of the data owners. MKSE allows multiple data owners to share their data with users efficiently. In this paper, we present an efficient MKSE scheme which supports fine-grained access control and conjunctive keyword searches. Both the control policy and keyword expressivity of our scheme are more flexible than the existing MKSE schemes. Meanwhile, our scheme can resist the keyword guessing attack. We will simulate our MKSE scheme and show that it is practical in the real world applications.