A blockchain-based multi-authority hierarchical attribute encrypted data sharing scheme in the Internet of Medical Things

RESEARCH ARTICLE A blockchain-based multi-authority hierarchical attribute encrypted data sharing scheme in the Internet of Medical Things Hao Yuan1,2, Guofang Dong 1,2 *, Leilei Zhao1,2 1 School of Electrical and Information Technology, Yunnan Minzu University, Kunming, China, 2 Yunnan Key Laboratory of Unmanned Autonomous System, Yunnan Minzu University, Kunming, China * Abstract OPEN ACCESS Citation: Yuan H, Dong G, Zhao L (2026) A blockchain-based multi-authority hierarchical attribute encrypted data sharing scheme in the Internet of Medical Things. PLoS One 21(5): e0349767. https://doi.org/10.1371/journal. pone.0349767 Editor: Asadullah Shaikh, Najran University College of Computer Science and Information Systems, SAUDI ARABIA Received: July 19, 2025 Accepted: May 5, 2026 Published: May 27, 2026 Peer Review History: PLOS recognizes the benefits of transparency in the peer review process; therefore, we enable the publication of all of the content of peer review and author responses alongside final, published articles. The editorial history of this article is available here: https://doi.org/10.1371/journal. pone.0349767 Copyright: © 2026 Yuan et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, With the rapid development of the Internet of Medical Things (IoMT), the secure and efficient sharing of massive amounts of sensitive medical data has become a core challenge. Addressing the limitations of existing Ciphertext-Policy Attribute-Based Encryption (CP-ABE) schemes, such as the lack of data source authentication, computational redundancy, and single-point-of-failure risks when handling hierarchical data, this paper proposes a blockchain-based multi-authority hierarchical attribute-based encryption scheme. First, the scheme integrates a Distributed Key Generation (DKG) protocol and combines threshold BLS signature technology to establish a collaborative authentication mechanism, thereby enhancing the verification of data source authenticity. Additionally, a dynamic update mechanism ensures the long-term security of collaborative key management. Second, the scheme optimizes the encryption logic for structured data by constructing a hierarchical access tree, and introduces a multi-authority collaboration mechanism and proxy reencryption (PRE) technology to mitigate single-point-of-failure risks and enable efficient user permission revocation. Security analysis demonstrates that the scheme is resistant to chosen-plaintext attacks (IND-CPA) and collusion attacks by authorities under standard models. Meanwhile, the DKG protocol has been proven to satisfy validity, robustness, confidentiality, and resistance to Sybil attacks. Performance evaluation indicates that the CP-ABE algorithm in this scheme outperforms existing solutions in terms of computational and storage overhead. In large-scale testing on a 100-node Hyperledger Fabric environment, the system achieved a consensus latency of approximately 280 ms and a key update propagation delay of 1.52 s, validating the feasibility of deploying this solution in real-world IoMT environments with limited resources and certain real-time requirements. PLOS One | https://doi.org/10.1371/journal.pone.0349767 May 27, 2026 1 / 36 and reproduction in any medium, provided the original author and source are credited. Data availability statement: All relevant data are within the manuscript and its Supporting information files. Funding: The author(s) received no specific funding for this work. Competing interests: The authors have declared that no competing interests exist. 1. Introduction With the exponential growth of the IoMT, massive numbers of wearable sensors and remote monitoring devices are driving the transformation of healthcare services toward real-time, intelligent capabilities. While this trend enhances personalized medical care, it also poses significant challenges for the secure sharing and granular governance of medical data [1]. Given the highly sensitive nature of medical data and the need to comply with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR), ABE is regarded as a key cryptographic solution for achieving fine-grained data authorization [2]. This technology primarily comprises two branches: Key Policy Attribute-Based Encryption (KP-ABE) [3], and CP-ABE [4]. In comparison, CP-ABE allows data owners to autonomously define access policies and embed them within the ciphertext, aligning more closely with patients’ stringent privacy controls in healthcare settings. As a result, CP-ABE is widely recognized as the core tool for safeguarding the privacy of IoMT data [5–8]. However, in practical IoMT applications, existing CP-ABE schemes still face the following critical technical bottlenecks when deployed in distributed environments and resource-constrained devices (as illustrated in Fig 1). Firstly, data sources lack lightweight mechanisms for verifying authenticity. As shown in the upper half of Fig 1, IoMT terminals are typically deployed in uncontrolled physical environments. Attackers can easily hijack or tamper with terminal devices to replace genuine physiological data M1 with fabricated data M′1 . Traditional CP-ABE schemes often focus solely on confidentiality protection during static storage, neglecting the legitimacy of the encryption initiator’s identity. If falsified data bypass verification and enter the system directly, they will mislead subsequent clinical decision support. Therefore, integrating a lightweight decentralized traceability mechanism into the encryption process constitutes the first line of defense for securing IoMT systems. Secondly, traditional CP-ABE encryption schemes struggle to accommodate the hierarchical structure of medical data, leading to severe efficiency bottlenecks. In IoMT scenarios, data inherently exhibits logical interconnections. As shown in the lower half of Fig 1, the detailed surgical records M1 and the routine vital sign monitoring data M2 for the same patient correspond to the access policies p1 and p2, respectively. Existing solutions typically require separate encryption processes for each data file, resulting in substantial redundant ciphertext. For IoMT devices constrained by computational power and storage capacity, this non-hierarchical approach not only causes severe storage waste but also significantly increases data processing latency. Leveraging hierarchical data relationships to achieve single encryption with multilevel authorization is key to enhancing IoMT sharing efficiency. Finally, trust models based on a single centralized authorization face single-pointof-failure risks. In complex IoMT management architectures, if key generation and distribution rely entirely on a single authority, an attack or failure at this core node would collapse the entire system (...truncated)