Multi-Receiver Conditional Anonymous Singcryption for IoMT Crowdsourcing

The advent of the Internet of Medical Things (IoMT) has greatly fastened the digitization of current medical institutions. Mobile crowdsourcing is an effective strategy for health data collection in IoMT environments to overcome the data-scarce problem. However, due to the openness of IoMT networks, users' identities and sensitive data may be leaked during IoMT crowdsourcing. Meanwhile, IoMT crowdsourcing may introduce low-quality data from unreliable participants. Multireceiver signcryption is a promising mechanism to ensure confidentiality and authenticity in an efficient manner. However, existing multireceiver signcryptions cannot fully meet the needs of IoMT crowdsourcing in terms of privacy protection, on-demand participation, and malicious behavior resistance. In this article, we integrate attribute-based credentials with multireceiver encryption and propose a novel multireceiver conditional anonymous signcryption (MCAS) scheme for crowdsourced IoMT environments to address the above challenge. Specifically, conditional anonymous authentication with selective attribute disclosure is achieved, thereby allowing a worker to self-disclose some attributes and anonymously certify his/her crowdsourcing qualifications, and also achieving the traceability of malicious behaviors. Meanwhile, one-to-many secure data sharing with outsourced data signcryption and unsigncryption is realized to prevent the leakage of sensitive IoMT data and mitigate the computational burden of power-limited mobile devices. Moreover, rigorous security analysis demonstrates that our MCAS scheme achieves the expected properties, i.e., confidentiality, anonymity, fine-grained authentication, traceability, and nonrepudiation. Extensive experimental results show that our MCAS outperforms state-of-the-art schemes, demonstrating our scheme's appropriateness for IoMT crowdsourcing.