The integration of blockchain technology into healthcare presents a paradigm shift for secure data management, enabling decentralized and tamper-proof storage and sharing of sensitive Electronic Health Records (EHRs). However, existing blockchain-based healthcare systems, while providing robust access control, commonly overlook the high latency in user-side re-computation of hashes for integrity verification of large multimedia data, impairing their practicality, especially in time-sensitive clinical scenarios. In this paper, we propose FAITH, an innovative scheme for \underline{F}ast \underline{A}uthenticated and \underline{I}nteroperable mul\underline{T}imedia \underline{H}ealthcare data storage and sharing over hybrid-storage blockchains. Rather than user-side hash re-computations, FAITH lets an off-chain storage provider generate verifiable proofs using recursive Zero-Knowledge Proofs (ZKPs), while the user only needs to perform lightweight verification. For flexible access authorization, we leverage Proxy Re-Encryption (PRE) and enable the provider to conduct ciphertext re-encryption, in which the re-encryption correctness can be verified via ZKPs against the malicious provider. All metadata and proofs are recorded on-chain for public verification. We provide a comprehensive analysis of FAITH's security regarding data privacy and integrity. We implemented a prototype of FAITH, and extensive experiments demonstrated its practicality for time-critical healthcare applications, dramatically reducing user-side verification latency by up to $98\%$, bringing it from $4$ s down to around $70$ ms for a $5$ GB encrypted file.

翻译：区块链技术与医疗保健的融合为安全数据管理带来了范式转变，实现了敏感电子健康记录的去中心化、防篡改存储与共享。然而，现有的基于区块链的医疗系统虽提供了稳健的访问控制，却普遍忽视了用户端为验证大型多媒体数据完整性而重新计算哈希值所产生的高延迟，这削弱了其实际应用性，尤其在时间敏感的临床场景中。本文提出FAITH方案，这是一种基于混合存储区块链的快速认证与互操作多媒体医疗数据存储与共享创新方案。FAITH不再依赖用户端哈希重计算，而是让链下存储提供商使用递归零知识证明生成可验证证明，用户仅需执行轻量级验证。为实现灵活的访问授权，我们利用代理重加密技术，使提供商能够执行密文重加密，且重加密的正确性可通过零知识证明来验证，以防范恶意提供商。所有元数据与证明均记录在链上以供公开验证。我们对FAITH在数据隐私与完整性方面的安全性进行了全面分析。我们实现了FAITH的原型系统，大量实验证明其适用于时间关键的医疗应用，用户端验证延迟最高可降低98%，对于一个5 GB的加密文件，验证时间从4秒大幅缩短至约70毫秒。