CN112434336A

Movatterモバイル変換

Info

Publication number: CN112434336A
Application number: CN202011343451.7A
Authority: CN
Inventors: 贺双洪; 莫楠; 石翔; 王�章; 郭锐; 李辉忠; 张开翔; 范瑞彬
Original assignee: WeBank Co Ltd
Current assignee: WeBank Co Ltd
Priority date: 2020-11-25
Filing date: 2020-11-25
Publication date: 2021-03-02

Abstract

Translated fromChinese

本发明涉及区块链技术领域，并公开了一种基于区块链的电子病历共享方法、装置、系统及存储介质，该方法包括：接收患者客户端发送的病历密文的哈希值和授权密钥，根据哈希值在联盟链中获取病历签名和存储地址；若病历签名和患者公钥匹配，则根据存储地址获取病历密文，对病历密文和授权密钥进行重加密，以获取重加密密文；根据机构客户端的私钥对重加密密文进行解密，以获取电子病历明文，基于电子病历明文获取新增病历信息，对新增病历信息进行重加密，以获取新病历密文；确定新病历密文对应的新病历密文信息，将新病历密文信息发送至患者客户端。本发明实现了在保障电子病历的安全性的同时，提高电子病历的高可用性。

The invention relates to the technical field of blockchain, and discloses a blockchain-based electronic medical record sharing method, device, system and storage medium. The method includes: receiving a hash value and authorization of a medical record ciphertext sent by a patient client The key, obtain the medical record signature and storage address in the alliance chain according to the hash value; if the medical record signature matches the patient's public key, obtain the medical record ciphertext according to the storage address, and re-encrypt the medical record ciphertext and authorization key to obtain Re-encrypt the ciphertext; decrypt the re-encrypted ciphertext according to the private key of the institution client to obtain the plaintext of the electronic medical record, obtain the new medical record information based on the plaintext of the electronic medical record, and re-encrypt the new medical record information to obtain the ciphertext of the new medical record ; Determine the new medical record ciphertext information corresponding to the new medical record ciphertext, and send the new medical record ciphertext information to the patient client. The invention realizes the improvement of the high availability of the electronic medical record while ensuring the security of the electronic medical record.

Description

Block chain-based electronic medical record sharing method, device and system and storage medium

Technical Field

The present invention relates to the field of blockchain technologies, and in particular, to a method, an apparatus, a system, and a storage medium for sharing an electronic medical record based on a blockchain.

Background

With the development of cloud computing and block chain technology, the requirement of traditional application informatization and digitization transformation is urgent, for example, medical records are electronized to obtain corresponding electronic medical records, and the electronic medical records are mainly maintained by the own information management systems of all medical institutions, but safe and effective data sharing cannot be performed among all medical institutions. Therefore, how to improve the high availability of the electronic medical record while ensuring the safety of the electronic medical record becomes a problem which needs to be solved urgently at present.

Disclosure of Invention

The invention mainly aims to provide a block chain-based electronic medical record sharing method, device, system and storage medium, and aims to solve the technical problem of improving the high availability of an electronic medical record while ensuring the safety of the electronic medical record.

In order to achieve the above object, the present invention provides an electronic medical record sharing method based on a block chain, which is applied to an organization client, and the electronic medical record sharing method based on the block chain comprises the following steps:

receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in an alliance chain connected with the mechanism client according to the hash value;

if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext;

decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;

and determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client.

Optionally, the step of determining new medical record ciphertext information corresponding to the new medical record ciphertext includes:

and uploading the new medical record ciphertext to a cloud platform connected with the mechanism client to determine a new storage address of the new medical record ciphertext, performing hash signature on the new medical record ciphertext, and taking the new storage address and the hash signature as new medical record ciphertext information.

Optionally, the step of re-encrypting the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext includes:

and determining a preset encryption function, and calculating by taking the medical record ciphertext and the authorization key as the input of the encryption function to obtain a re-encrypted ciphertext.

Optionally, the step of decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain a plaintext of the electronic medical record includes:

and determining a decryption function corresponding to the encryption function, and calculating by taking a private key of the mechanism client and the re-encrypted ciphertext as the input of the decryption function to obtain the plaintext of the electronic medical record.

In order to achieve the above object, the present invention provides an electronic medical record sharing method based on a blockchain, which is applied to a patient client, and the electronic medical record sharing method based on the blockchain comprises the following steps:

generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;

receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not;

and if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.

Optionally, the step of generating an authorization key based on the query request sent by the client of the institution includes:

acquiring an institution client public key of the institution client based on a query request sent by the institution client, and determining a patient client private key of the patient client;

and encrypting the public key of the institution client and the private key of the patient client, and taking the encrypted public key of the institution client and the encrypted private key of the patient client as authorization keys.

In addition, to achieve the above object, the present invention further provides an electronic medical record sharing device based on a block chain, including:

the acquisition module is used for receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in an alliance chain connected with an organization client according to the hash value;

the re-encryption module is used for acquiring a medical record ciphertext according to the storage address and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext if the medical record signature is matched with the patient public key corresponding to the authorization key;

the decryption module is used for decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;

and the sending module is used for determining new medical record ciphertext information corresponding to the new medical record ciphertext and sending the new medical record ciphertext information to the patient client.

the determining module is used for generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;

the detection module is used for receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key and detecting whether the new medical record ciphertext information is legal or not;

and the signature module is used for signing the new medical record ciphertext information if the new medical record ciphertext information is legal and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.

In addition, in order to achieve the above object, the present invention further provides an electronic medical record sharing system based on a blockchain, where the electronic medical record sharing system based on a blockchain includes a patient client, an institution client, a federation chain and a cloud platform, and the electronic medical record sharing system based on a blockchain includes:

the mechanism client side sends a query request to the patient client side, the patient client side generates an authorization key based on the query request sent by the mechanism client side, determines a medical record ciphertext corresponding to the query request, and sends a hash value of the medical record ciphertext and the authorization key to the mechanism client side;

the mechanism client receives a hash value and an authorization key of a medical record ciphertext sent by the patient client, and acquires a medical record signature and a storage address in the alliance chain connected with the mechanism client according to the hash value;

when the medical record signature is matched with the patient public key corresponding to the authorization key, the mechanism client acquires a medical record ciphertext according to the storage address, re-encrypts the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext, decrypts the re-encrypted ciphertext according to a private key of the mechanism client to acquire an electronic medical record plaintext, acquires newly-added medical record information based on the electronic medical record plaintext, and re-encrypts the newly-added medical record information to acquire a new medical record ciphertext;

the mechanism client side sends the new medical record ciphertext to the cloud platform, the cloud platform stores the received new medical record ciphertext and sends the stored new storage address to the mechanism client side, and therefore the mechanism client side can determine new medical record ciphertext information according to the new storage address;

and the mechanism client sends the new medical record ciphertext information to the patient client, and the patient client receives the new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, signs the new medical record ciphertext information when the new medical record ciphertext information is legal, and uploads the signed new medical record ciphertext information to an alliance chain connected with the patient client.

In addition, in order to achieve the above object, the present invention further provides a storage medium, where the storage medium stores an electronic medical record sharing program based on a block chain, and the electronic medical record sharing program based on the block chain, when executed by a processor, implements the steps of the electronic medical record sharing method based on the block chain as described above.

The invention obtains the medical record signature and the storage address according to the hash value sent by the patient client through the mechanism client, obtains the medical record ciphertext according to the storage address when the medical record signature is matched with the patient public key, then re-encrypts the authorization key and the medical record ciphertext sent by the patient client, then decrypts according to the private key of the mechanism client to obtain the electronic medical record plaintext, determines the new medical record ciphertext of the newly added medical record information according to the electronic medical record plaintext, and sends the new medical record ciphertext information corresponding to the new medical record ciphertext to the patient client, thereby avoiding the phenomenon that the node load of the alliance chain is large in the prior art and the usability of the electronic medical record is limited, and by uploading the important information to the block chain without uploading the whole electronic medical record to the alliance chain, thereby ensuring the authenticity and traceability of the data in the electronic medical record, realizing the safety of the electronic medical record is ensured, the high availability of the electronic medical record is improved.

Drawings

FIG. 1 is a block chain-based electronic medical record sharing device in a hardware operating environment according to an embodiment of the present invention;

FIG. 2 is a flowchart illustrating a first embodiment of a method for sharing electronic medical records based on a blockchain according to the present invention;

FIG. 3 is a flowchart illustrating a third embodiment of a method for sharing electronic medical records based on a blockchain according to the present invention;

FIG. 4 is a block diagram of an apparatus module of the electronic medical record sharing apparatus according to the present invention;

FIG. 5 is a block diagram of another apparatus module of the electronic medical record sharing apparatus based on the blockchain according to the present invention;

fig. 6 is a schematic diagram of a system architecture of the electronic medical record sharing system based on the blockchain according to the present invention.

The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

As shown in fig. 1, fig. 1 is a schematic structural diagram of an electronic medical record sharing device based on a block chain in a hardware operating environment according to an embodiment of the present invention.

The electronic medical record sharing equipment based on the block chain can be a PC (personal computer) or server equipment, and a Java virtual machine runs on the electronic medical record sharing equipment.

As shown in fig. 1, the block chain-based electronic medical record sharing device may include: aprocessor 1001, such as a CPU, anetwork interface 1004, auser interface 1003, amemory 1005, acommunication bus 1002. Wherein acommunication bus 1002 is used to enable connective communication between these components. Theuser interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and theoptional user interface 1003 may also include a standard wired interface, a wireless interface. Thenetwork interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). Thememory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). Thememory 1005 may alternatively be a storage device separate from theprocessor 1001.

Those skilled in the art will appreciate that the blockchain-based electronic medical record sharing device architecture shown in fig. 1 does not constitute a limitation of the device, and may include more or less components than those shown, or combine some components, or arrange different components.

As shown in fig. 1, thememory 1005, which is a type of computer storage medium, can include an operating system, a network communication module, a user interface module, and a blockchain-based electronic medical record sharing program.

In the block chain-based electronic medical record sharing device shown in fig. 1, thenetwork interface 1004 is mainly used for connecting to a background server and communicating data with the background server; theuser interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; and theprocessor 1001 may be configured to call the blockchain-based electronic medical record sharing program stored in thememory 1005 and perform the following operations in the blockchain-based electronic medical record sharing method.

Based on the hardware structure, the embodiment of the electronic medical record sharing method based on the block chain is provided.

Referring to fig. 2 and fig. 2 are schematic flow diagrams illustrating a first embodiment of a block chain-based electronic medical record sharing method according to the present invention, where the block chain-based electronic medical record sharing method is applied to an organization client, and includes:

step S10, receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in a alliance chain connected with the mechanism client according to the hash value;

at present, because the existing electronic medical record sharing scheme is a medical data security sharing method based on a block chain, the availability of the electronic medical record is easily limited, and the electronic medical record information is directly stored in the block, and each transaction in the block chain contains complete electronic medical record information, when the block chain is identified, network congestion is easily caused, so that the system is unavailable, the application range of the electronic medical record is limited, and the medical record information is directly stored in the block chain, so that the storage cost of consuming block chain nodes is increased, and the availability of the electronic medical record is limited. Therefore, in order to avoid the above problem, in this embodiment, a plurality of medical institutions may first form a federation chain, and only the hash of the electronic medical record, the signatures of the patient and the medical institution (i.e., the institution client), and the cloud platform storage address of the encrypted electronic medical record are recorded in the federation chain, where the federation chain is used to ensure the authenticity and traceability of each record. The electronic medical record information of the patient is encrypted by each mechanism by using the public key of the patient and is stored on the cloud platform, and different mechanisms can adopt different cloud platforms. In addition, in the embodiment, the alliance link is combined with a cloud storage technology, and necessary information is linked up, so that the system has extremely high availability while authenticity and traceability of electronic medical record data are guaranteed. And the electronic medical record of the patient can be encrypted by using a public key of the patient client, and the mechanism client of the medical mechanism can check the medical record information only under the condition of patient authorization, so that fine-grained control of private data is realized. Wherein the institution client is a client used by a medical institution. The patient client is the client used by the patient. The blockchain comprises a federation chain.

Therefore, in this embodiment, when a medical institution treats a patient, an inquiry request may be sent to a patient client through an institution client, and the patient client may determine the hash value of the medical record ciphertext according to the inquiry request, construct an authorization key in a re-encryption manner, and then send the authorization key to the institution client. And after receiving the hash value and the authorization key of the medical record ciphertext sent by the patient client, the mechanism client can directly acquire the medical record signature and the storage address of the electronic medical record in the cloud platform in the alliance chain connected with the mechanism client. That is, when a patient goes to an institution to see a doctor, the institution needs to check some historical medical record information of the patient, and the patient generates an authorization key sk for the institution through a patient client_p→hThen, the hash of the ciphertext of the medical record to be shared and the newly generated authorization key sk are combined_auAnd sending the data to the client of the institution. The mechanism queries on the alliance chain as key (byte) according to the hash received by the mechanism client to obtain a character string Sig (sk) with the following format_p，hash)||Sig(sk_hHash) | | url, where | | | is a string concatenation match. Wherein, in the embodiment, the patient public and private key (sk)_p，pk_p) Public and private keys of medical institution (sk)_h，pk_h) Patient authorized institution Key sk_p→hThe signature s is Sig (sk, hash), the encryption c1 is Enc (pk, m), and the re-encryption c2 is Renc (sk)_p→hC1), decryption m ═ Dec (sk, c 2).

Step S20, if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext;

after the medical record signature and the storage address are obtained in the institution client, the public key in the medical record signature can be obtained first, and then the public key in the medical record signature and the patient public key corresponding to the authorization key can be obtainedAnd (6) matching. Wherein, the public key of the patient is the public key of the node where the patient client is located. And if the public key in the medical record signature is not matched with the patient public key, stopping the operation of acquiring the medical record ciphertext and outputting prompt information of medical record signature error. If the public key in the medical record signature is matched with the patient public key, the medical record ciphertext can be obtained according to the storage address. I.e. the authority client, according to the signature Sig (sk)_pHash) recovery public key pk_pAnd comparing the data with the public key corresponding to the patient to judge that the data really belongs to the patient, and downloading encrypted medical record information c1, namely medical record ciphertext in the cloud platform according to the storage address if the data passes verification. Then, the encrypted medical record information c1 (i.e. medical record ciphertext) and the authorization key sk are processed_p→hRe-encrypting to obtain re-encrypted ciphertext Renc (sk)_p→hC1) to obtain re-encrypted ciphertext c 2.

The agent re-encryption is a re-encrypted ciphertext which can be decrypted by an appointed receiver after the authorization of a data owner under the condition that an original ciphertext is not decrypted. Proxy re-encryption mainly consists of three participating proxies, a sender (i.e., a patient client) and a receiver (i.e., an institution client). The process of proxy re-encryption can be that a user can select different control granularities according to different data types and randomly select a symmetric key for each sharable data unit; the user encrypts data by using the symmetric key, encrypts the symmetric key by using the public key of the user, and then organizes a data ciphertext and a key ciphertext together to send to the agent party; when a user initiatively initiates a sharing request or receives a sharing request of a third party, an authorization key is generated for data needing to be shared by using a private key of the user and a public key of a receiving party, and then the key is sent to an agent party; after receiving the key, the agent side generates a re-encrypted ciphertext for the specified data and sends the ciphertext to a specified receiver; the receiving party decrypts the received ciphertext using its own private key.

In addition, in the proxy re-encryption scenario, although the data owner delegates the physical control right of the data to the proxy, since the proxy stores the ciphertext and does not need to decrypt the data during sharing, the confidentiality of the user data can still be ensured even if the proxy wants to steal the user data or intentionally and unintentionally leak the stored data.

Step S30, decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext;

after the mechanism client side obtains the re-encrypted ciphertext c2, the re-encrypted ciphertext can be decrypted according to a private key of the mechanism client side to obtain an electronic medical record plaintext. Namely computing Dec (sk)_hAnd c2) obtaining the plaintext m of the electronic medical record. And the medical institution corresponding to the institution client acquires the electronic medical record plaintext m, treats the patient client according to the electronic medical record plaintext m, and uses the public key pk of the patient to the new increment medical record information m' of the patient by the institution client after the patient finishes the treatment_pComputing Enc (pk) by proxy re-encryption algorithm_pM ') to obtain a new medical record ciphertext c1', namely, re-encrypting the information of the newly added medical record to obtain the re-encrypted new medical record ciphertext. In the re-encryption system, each user has a pair of public and private keys, the public key is used for encryption, and the private key is used for decryption, for example, if the patient client has a ciphertext C1 encrypted by its own public key, and wants to share the data of the ciphertext C1 to the institution client, the patient client may calculate an authorization key sk by using its own private key and the public key of the institution client based on a re-encryption key generation algorithm of proxy re-encryption first, the authorization key sk does not reveal its own private key of the patient client, then the patient client sends the authorization key sk and the ciphertext C1 to the institution client, the institution client generates a re-encryption ciphertext C2 based on the re-encryption algorithm of proxy encryption, and decrypts C2 by using the private key of the institution client, so as to obtain the data shared by the patient client.

And step S40, determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client.

Obtaining new data at an organization clientAfter the medical record ciphertext, the new medical record ciphertext can be uploaded to the cloud platform to be stored, and a new storage address (namely, a storage position of the new medical record ciphertext in the cloud platform) for storing the new medical record ciphertext, which is fed back by the cloud platform, is received. Then, the mechanism client signs the new medical record ciphertext piece in a Hash mode to obtain the hash' of the new medical record ciphertext and the signature Sig (sk) of the hash_hHash') and sends it to the patient client as the new medical record ciphertext information. The patient client can verify the legality of the signature (namely, the Hash signature) in the ciphertext of the new medical record, and if the received information is illegal, the illegal operation of the organization can be fed back to the supervision organization; if the patient client selects to uplink the new medical record ciphertext information, the signature Sig (sk) is carried out on the received hash_pHash ') and take hash' as key, Sig (sk)_p，hash')||Sig(sk_hHash ') is stored in the federation chain as value, and hash' is stored in the hash list of the client. And when medical disputes occur, the arbitrator can determine the responsibility main body according to the records on the alliance chain.

In the embodiment, the re-encryption part of the ciphertext is not completed by the agent side, namely the cloud platform, but is directly executed by the client of the organization. Therefore, a safe and high-availability electronic medical record system can be directly and quickly built on the basis of the existing cloud storage system and the existing alliance chain platform without any adaptation of the cloud storage platform.

In the embodiment, by receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, a medical record signature and a storage address are acquired in a alliance chain connected with the mechanism client according to the hash value; if the medical record signature is matched with the patient public key corresponding to the authorization key, acquiring a medical record ciphertext according to the storage address, and re-encrypting the medical record ciphertext and the authorization key to acquire a re-encrypted ciphertext; decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining newly added medical record information based on the electronic medical record plaintext, and re-encrypting the newly added medical record information to obtain a new medical record ciphertext; and determining new medical record ciphertext information corresponding to the new medical record ciphertext, and sending the new medical record ciphertext information to the patient client. The medical record signature and the storage address are obtained through the mechanism client according to the hash value sent by the patient client, when the medical record signature is matched with the public key of the patient, the medical record ciphertext is obtained according to the storage address, the authorization key and the medical record ciphertext sent by the patient client are re-encrypted, the decryption is carried out according to the private key of the mechanism client, the electronic medical record plaintext is obtained, the new medical record ciphertext of the newly added medical record information is determined according to the electronic medical record plaintext, and the new medical record ciphertext information corresponding to the new medical record ciphertext is sent to the patient client, so that the phenomenon that the node load of a federation chain in the prior art is large, the usability of the electronic medical record is limited is avoided, the important information is uploaded to the block chain, the whole electronic medical record is not required to be uploaded to the federation chain, the authenticity and traceability of data in the electronic medical record are guaranteed, the safety of the electronic medical record is guaranteed, the high availability of the electronic medical record is improved.

Further, based on the first embodiment of the block chain-based electronic medical record sharing method of the present invention, a second embodiment of the block chain-based electronic medical record sharing method of the present invention is provided. This embodiment is a refinement of the step of determining the new medical record ciphertext information corresponding to the new medical record ciphertext in step S40 in the first embodiment of the present invention, and includes:

and a, uploading the new medical record ciphertext to a cloud platform connected with the mechanism client to determine a new storage address of the new medical record ciphertext, performing hash signature on the new medical record ciphertext, and taking the new storage address and the hash signature as new medical record ciphertext information.

In this embodiment, after the mechanism client acquires the new medical record ciphertext, the new medical record ciphertext may be sent to a cloud platform connected to the mechanism client for storage, and a new storage address for storing the new medical record ciphertext fed back by the cloud platform is received, and then the mechanism client performs hash signature on the new medical record ciphertext to obtain hash 'of the new medical record ciphertext and a signature Sig (sk) of the hash'_hHash') and sends it to the patient client as the new medical record ciphertext information.

In this embodiment, the new medical record ciphertext is sent to the cloud platform, the new storage address is determined, the hash signature is performed on the new medical record ciphertext, and the new storage address and the hash signature are used as new medical record ciphertext information, so that the accuracy of the obtained new medical record ciphertext information is guaranteed.

Further, the step of re-encrypting the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext includes:

and b, determining a preset encryption function, and calculating by taking the medical record ciphertext and the authorization key as the input of the encryption function to obtain a re-encrypted ciphertext.

In this embodiment, when re-encrypting according to the medical record ciphertext and the authorization key, an Encryption function set in advance by the user, such as an AES Encryption function (Advanced Encryption Standard, symmetric Encryption algorithm), may be determined, and the medical record ciphertext and the authorization key may be input to the Encryption function for calculation, so as to obtain a re-encrypted ciphertext. For example, if the AES encryption function is E, C ═ E (K, P), where P is plaintext, K is a key, and C is ciphertext. That is, the encryption function E outputs the ciphertext C by inputting the plaintext P and the key K as parameters of the encryption function.

In this embodiment, the medical record ciphertext and the authorization key are input to the encryption function to be calculated, so that the re-encrypted ciphertext is obtained, and the accuracy of the obtained re-encrypted ciphertext is guaranteed.

Further, the step of decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext includes:

and c, determining a decryption function corresponding to the encryption function, and calculating by taking a private key of the mechanism client and the re-encrypted ciphertext as the input of the decryption function to obtain the plaintext of the electronic medical record.

In this embodiment, after the mechanism client acquires the re-encrypted ciphertext, it is further required to determine a decryption function corresponding to the encryption function, such as an AES decryption function, and input the private key of the mechanism client and the re-encrypted ciphertext into the decryption function for calculation, so as to obtain the plaintext of the electronic medical record. For example, if the AES decryption function is D, P ═ D (K, C), where C is the ciphertext, K is the key, and P is the plaintext. That is, the ciphertext C and the key K are input as parameters of the decryption function, and the decryption function outputs the plaintext P.

In the embodiment, the private key and the re-encrypted ciphertext of the mechanism client are input into the decryption function for calculation to obtain the electronic medical record plaintext, so that the accuracy of the obtained electronic medical record plaintext is guaranteed.

In addition, referring to fig. 3, fig. 3 is a schematic flowchart of a third embodiment of the method for sharing electronic medical records based on a blockchain according to the present invention, where the method for sharing electronic medical records based on a blockchain is applied to a patient client, and includes:

step S100, generating an authorization key based on the query request sent by the mechanism client, determining a medical record ciphertext corresponding to the query request, and sending the hash value of the medical record ciphertext and the authorization key to the mechanism client;

because the availability of the electronic medical records is low at present, in this embodiment, a plurality of medical institutions form a federation chain, and only the hash of the electronic medical records, the signatures of the patient and the medical institutions (i.e., institution clients), and the cloud platform storage addresses for encrypting the electronic medical records are recorded in the federation chain, and the federation chain is used for ensuring the authenticity and traceability of each record. The electronic medical record information of the patient is encrypted by each mechanism by using the public key of the patient and is stored on the cloud platform, and different mechanisms can adopt different cloud platforms. In addition, in the embodiment, the alliance link is combined with a cloud storage technology, and necessary information is linked up, so that the system has extremely high availability while authenticity and traceability of electronic medical record data are guaranteed. And the electronic medical record of the patient can be encrypted by using a public key of the patient client, and the mechanism client of the medical mechanism can check the medical record information only under the condition of patient authorization, so that fine-grained control of private data is realized. Wherein the institution client is a client used by a medical institution. The patient client is the client used by the patient.

In this embodiment, the patientPublic and private keys (sk)_p，pk_p) Public and private keys of medical institution (sk)_h，pk_h) Patient authorized institution Key sk_p→hThe signature s is Sig (sk, hash), the encryption c1 is Enc (pk, m), and the re-encryption c2 is Renc (sk)_p→hC1), decryption m ═ Dec (sk, c 2).

In this embodiment, when a patient visits an institution, the institution needs to check some historical medical record information of the patient, and sends a corresponding query request to a patient client through an institution client, and when the patient client receives the query request sent by the institution client, the patient client determines a medical record ciphertext corresponding to the query request first, and generates a corresponding authorization key sk in an agent re-encryption manner according to the query request_p→hThen, the hash value of the medical record ciphertext is obtained, and the hash value of the medical record ciphertext and the authorization key sk are obtained_p→hAnd sending the information to the mechanism client. The proxy re-encryption is a re-encrypted ciphertext which can be decrypted by a designated receiver after the authorization of a data owner and the proxy party can re-encrypt the ciphertext under the condition that an original ciphertext is not decrypted. For example, if the patient client has a ciphertext C1 encrypted by its own public key, and wants to share the data of the ciphertext C1 with the organization client, the patient client may first use its own private key and the public key of the organization client to calculate an authorization key sk based on a re-encryption key generation algorithm of proxy re-encryption, where the authorization key sk does not reveal its own private key of the patient client, then the patient client sends the authorization key sk and the ciphertext C1 to the organization client, the organization client generates a re-encrypted ciphertext C2 based on the re-encryption algorithm of proxy encryption, and decrypts C2 with the private key of the organization client to obtain the data shared by the patient client.

Step S200, receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not;

when the patient client receives new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, whether the new medical record ciphertext information is legal or not can be detected, and different operations can be executed according to different detection results. Wherein, the new case history ciphertext information comprises a new storage address of the new case history ciphertext, the hash' of the new case history ciphertext and a signature Sig (sk) of the hash_hHash'). The mode for detecting whether the new medical record ciphertext information is legal is to detect the signature in the new medical record ciphertext information.

And step S300, if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client.

When the new medical record ciphertext information is found to be illegal through judgment, the signature in the new medical record ciphertext information can be determined to be illegal, the received information can be discarded, and illegal operation of the organization can also be fed back to the supervision organization. If the new case history ciphertext information is legal, the new case history ciphertext information can be signed, namely the signature Sig (sk) is carried out on the received hash_pHash ') and take hash' as key, Sig (sk)_p，hash')||Sig(sk_hHash ') is stored in the federation chain as value, and hash' is stored in the hash list of the client. And when medical disputes occur, the arbitrator can determine the responsibility main body according to the records on the alliance chain.

In this embodiment, an authorization key is generated based on a query request sent by the mechanism client, a medical record ciphertext corresponding to the query request is determined, and a hash value of the medical record ciphertext and the authorization key are sent to the mechanism client; receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key, and detecting whether the new medical record ciphertext information is legal or not; and if the new medical record ciphertext information is legal, signing the new medical record ciphertext information, and uploading the signed new medical record ciphertext information to an alliance chain connected with the patient client. The hash value and the authorization key of the medical record ciphertext are sent to the mechanism client side through the patient client side, the new medical record ciphertext information fed back by the mechanism client side is received, the signature is carried out when the new medical record ciphertext information is legal, and the new medical record ciphertext information is uploaded to the alliance chain, so that the phenomenon that the usability of the electronic medical record is limited due to the fact that the node load of the alliance chain in the prior art is large is avoided, the important information is uploaded to the block chain, the electronic medical record is not required to be uploaded to the alliance chain integrally, authenticity and traceability of data in the electronic medical record are guaranteed, the safety of the electronic medical record is guaranteed, and meanwhile the high usability of the electronic medical record is improved.

Further, the step of generating an authorization key based on the query request sent by the client of the organization includes:

step x, acquiring an institution client public key of the institution client based on a query request sent by the institution client, and determining a patient client private key of the patient client;

in this embodiment, after the patient client receives the query request sent by the institution client, it is necessary to extract the institution client public key of the institution client in the query request, and extract the patient client private key in the patient client.

And step y, encrypting the public key of the institution client and the private key of the patient client, and taking the encrypted public key of the institution client and the encrypted private key of the patient client as authorization keys.

Then, the public key of the institution client and the private key of the patient client are encrypted by adopting an encryption algorithm such as an AES encryption function, and the encrypted public key of the institution client and the encrypted private key of the patient client are used as authorization keys. For example, if the patient client has a ciphertext C1 encrypted by its own public key, and wants to share the data of the ciphertext C1 with the organization client, the patient client may first use its own private key and the public key of the organization client to calculate an authorization key sk based on a re-encryption key generation algorithm of proxy re-encryption, where the authorization key sk does not reveal its own private key of the patient client, then the patient client sends the authorization key sk and the ciphertext C1 to the organization client, the organization client generates a re-encrypted ciphertext C2 based on the re-encryption algorithm of proxy encryption, and decrypts C2 with the private key of the organization client to obtain the data shared by the patient client.

In the embodiment, the authorization key is obtained by encrypting the public key of the client side of the organization and the private key of the client side of the patient, so that the accuracy of the obtained authorization key is guaranteed.

The invention also provides an electronic medical record sharing device based on the block chain, and referring to fig. 4, the electronic medical record sharing device based on the block chain comprises:

the acquisition module A10 is used for receiving a hash value and an authorization key of a medical record ciphertext sent by a patient client, and acquiring a medical record signature and a storage address in a alliance chain connected with an organization client according to the hash value;

a re-encryption module A20, configured to, if the medical record signature matches the patient public key corresponding to the authorization key, obtain a medical record ciphertext according to the storage address, and re-encrypt the medical record ciphertext and the authorization key to obtain a re-encrypted ciphertext;

the decryption module A30 is used for decrypting the re-encrypted ciphertext according to a private key of the mechanism client to obtain an electronic medical record plaintext, obtaining new medical record information based on the electronic medical record plaintext, and re-encrypting the new medical record information to obtain a new medical record ciphertext;

and the sending module A40 is configured to determine new medical record ciphertext information corresponding to the new medical record ciphertext, and send the new medical record ciphertext information to the patient client.

Optionally, the sending module a40 is configured to:

Optionally, a re-encryption module a20, configured to:

In addition, the present invention further provides an electronic medical record sharing apparatus based on a block chain, and referring to fig. 5, the electronic medical record sharing apparatus based on the block chain includes:

a determining module a100, configured to generate an authorization key based on the query request sent by the mechanism client, determine a medical record ciphertext corresponding to the query request, and send a hash value of the medical record ciphertext and the authorization key to the mechanism client;

the detection module A200 is used for receiving new medical record ciphertext information fed back by the mechanism client based on the hash value and the authorization key and detecting whether the new medical record ciphertext information is legal or not;

the signature module a300 is configured to sign the new medical record ciphertext information if the new medical record ciphertext information is legal, and upload the signed new medical record ciphertext information to an alliance chain connected to the patient client.

Optionally, the determining module a100 is configured to:

The method executed by each program unit can refer to each embodiment of the block chain-based electronic medical record sharing method of the present invention, and is not described herein again.

In addition, the invention also provides an electronic medical record sharing system based on the block chain, which is used for executing the electronic medical record sharing method based on the block chain, the electronic medical record sharing system based on the block chain comprises a patient client, an institution client, a alliance chain and a cloud platform, and the electronic medical record sharing system based on the block chain comprises:

And in the block chain-based electronic medical record sharing system, the system mainly comprises clients (an organization client and a patient client), a alliance chain, a cloud platform and an arbitrator.

A client: the patient client is responsible for signing the hash of the electronic medical record ciphertext; saving a hash list of the patient; an authorization key is generated for an organization, and access control of medical record information is realized; and saving the medical record hash, the signature of the patient, the signature of the organization and the file storage address url in a key-value mode into a federation chain. The mechanism client side is responsible for encrypting and uploading case information of the patient to a cloud storage system; after the patient authorization is obtained, the patient medical records stored in the cloud storage systems can be pulled and decrypted locally.

Federation chain: a plurality of organizations are selected by a health department of government as block outlet nodes, and other organizations only participate in the synchronization of blocks; the information of each transaction record of the chain union chain comprises: the address stored by the electronic medical record in an encryption way, and the patient and the medical institution sign the ciphertext hash.

Cloud platform: the system is in charge of storing encrypted medical record information of each mechanism, different mechanisms can select different cloud storage systems, and the cloud storage systems operate independently and do not interfere with each other.

An arbitrating party: the method is used by health departments of governments, and mainly aims to determine responsibility subjects according to records on a chain when medical disputes occur.

And the system architecture of the electronic medical record sharing system based on the blockchain can be as shown in fig. 6, and includes clients (institution clients and patient clients), a federation chain (composed of nodes where each medical institution is located), a cloud platform and an arbitrator. The implementation step is 1, the patient client sends the hash and the authorization key to the mechanism client; 2. the mechanism client side obtains a medical record signature and a storage address according to the hash inquiry alliance chain; 3. the institution client verifies whether the signature and the patient public key are matched; 4. when the signature is matched with the public key, the mechanism client downloads the ciphertext into the cloud platform according to the storage address; 5, the mechanism client re-encrypts the ciphertext by using the authorization key and then decrypts the ciphertext by using a private key to obtain the medical record; 6. the organization client encrypts the newly added case by using the public key of the patient and uploads the ciphertext to the cloud platform; 7. the mechanism client returns the ciphertext address, the hash of the ciphertext and the signature to the patient client; 8. the patient client verifies the validity of the signature and reports the validity to the arbitrator if the signature is not valid; 9. if the patient agrees to the uplink, the patient client signs and sends the transaction to the alliance chain; 10. nodes in the alliance chain collect transactions to verify the validity, and an arbitrator can position a responsible body according to data on the chain to solve medical disputes. The federation chain may include, among other things, a plurality of bicks (nodes), including a prevhash and data.

In addition, the invention also provides a storage medium, namely a computer storage medium.

The computer storage medium of the present invention stores an electronic medical record sharing program based on a block chain, and the electronic medical record sharing program based on the block chain realizes the steps of the electronic medical record sharing method based on the block chain when being executed by a processor.

The method implemented when the block chain-based electronic medical record sharing program running on the processor is executed can refer to various embodiments of the block chain-based electronic medical record sharing method of the present invention, and details are not described here.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.

The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.