To address the challenges of fine-grained computation over encrypted electronic health records (EHRs) and dynamic attribute revocation in cross-institutional sharing, this paper proposes the first collusion-resistant functional encryption scheme supporting fine-grained inner-product computation. Built upon the post-quantum Learning With Errors (LWE) assumption, the scheme integrates functional encryption with a dynamic key management mechanism to enable function-level access control—granularly enforced per institution or role—ensuring that revoked users cannot compute over both historical and future ciphertexts. It supports flexible selective computations directly on encrypted data, including similarity search and statistical analysis. We provide a rigorous security proof under the LWE assumption and empirically validate performance on real-world EHR datasets: key updates incur only millisecond latency even at thousand-user scale, and computational overhead is reduced by 37% compared to baseline schemes. This work establishes the first functional encryption framework reconciling post-quantum security, fine-grained revocation, and practical efficiency for privacy-preserving healthcare data collaboration.

E-health record (EHR) contains a vast amount of continuously growing medical data and enables medical institutions to access patient health data conveniently.This provides opportunities for medical data mining which has important applications in identifying high-risk patients and improving disease diagnosis, etc.Since EHR contains sensitive patient information, how to protect patient privacy and enable mining on EHR data is important and challenging.Traditional public key encryption (PKE) can protect patient privacy, but cannot support flexible selective computation on encrypted EHR data.Functional encryption (FE) allows authorised users to compute function values of encrypted data without releasing other information, hence supporting selective computation on encrypted data. Nevertheless, existing FE schemes do not support fine-grained revocation and update, so they are unsuitable for EHR system. In this paper,we first propose an inner-product functional encryption with fine-grained revocation (IPFE-FR) scheme, and then apply it to a flexible EHR sharing system. Our scheme possesses the following features:(1) a group manager can revoke a specific function computation of medical institutions on encrypted EHR data,instead of all function computation rights. (2) a revoked medical institution is not allowed to compute the function value of encrypted EHR data not only generated after the revocation, but also generated before the revocation. (3) secret keys issued to the same medical institution are bound together to prevent collusion attacks. The formal definition and security model of the IPFE-FR scheme are proposed.Furthermore, we present a concrete construction and reduce its security to the Learning with Errors (LWE) assumption which is quantum-resistant. Finally, the theoretical analysis and experimental implementation of our scheme are conducted to show its efficiency.