A blockchain-based traceable and secure data-sharing scheme

View article
Just published in @PeerJCompSci - A blockchain-based traceable and secure data-sharing scheme Read the full article https://t.co/ctwiUkvX3M #ComputerNetworks #EmergingTechnologies
PeerJ Computer Science

Main article text

 

Introduction

  • (1) We propose a data protection method based on attribute encryption. This method allows the data owner to customize the decryption authority of the encrypted data, enabling “one-to-many” encryption and decryption of shared data.

  • (2) We design a collaborative on-chain and off-chain data security storage scheme. The shared data is encrypted and stored off-chain in InterPlanetary File System (IPFS), and then the hash value of the shared data ciphertext is encrypted again and stored on the blockchain. This scheme not only protects data security but also relieves the pressure of data storage on the chain.

  • (3) We establish a visual data-sharing record system through smart contracts, which automatically stores data-sharing records on the blockchain and allows for identity tracking of both parties involved in the data-sharing process.

Scheme design

System model

  • IPFS: Provides off-chain storage services to data owners.

  • Authorization center: Generates the required parameters and keys for the data owner and the data demander.

  • Data owner: Performs attribute encryption operation on data, transmits the data ciphertext to IPFS, and obtains the hash value of the ciphertext.

  • Blockchain: Performs ECC encryption on the hash value of the off-chain data ciphertext and records the identity information of both parties involved in the data-sharing to generate a data-sharing log record.

  • Data demander: Obtain the encrypted hash value of the data ciphertext from the blockchain, download the data ciphertext from IPFS by decrypting the hash value, and finally restore the original data through attribute decryption.

Data protection method based on attribute encryption

  • (1) Setup (1λ,U)(GP,MSK): The authorization center sets the security parameter λ and the global attribute set U, and generates the required public parameter GP and master key MSK through the initialization function Setup.

  • (2) KeyGen( Au,MSK) SK: The user submits their attribute set Au, and the authorization center outputs the corresponding attribute private key SK for the user through the KeyGen key generation function and the master key MSK.

  • (3) Encrypt (M,GP,T)CH: The data encryption user sets the access structure T and provides the public parameter GP and the data to be encrypted M. Then, the encryption function Encrypt is executed to generate the data ciphertext CH.

  • (4) Decrypt (SK,Au,CH)M: The decryption user uses the attribute private key SK and attribute set Au as inputs to the decryption function Decrypt, which then restores the ciphertext CH to the original data M.

On-chain and off-chain collaborative data security storage scheme

where ai(i=1,2,3,...,5)K and Δ0, K represents the defined rational number field and Δ is the discriminant of the elliptic curve equation:

where (a,b,x,y)Ep, Ep is a finite field and p is a large prime number.

Smart contract-based log tracking mechanism

Experiments and analysis

Experimental environment

Off-chain data security experiment

Performance analysis of the system

Data security comparison

  • (1) Off-chain data security

  • (2) On-chain data security

  • (3) Data integrity

  • (4) Data tracking

  • (5) Trustfulness

  • (6) Authorization

  • (7) Authentication

  • (8) Reliability

  • (9) Validation

Conclusion

Supplemental Information

Experimental code.

DOI: 10.7717/peerj-cs.1337/supp-1

Additional Information and Declarations

Competing Interests

The authors declare that they have no competing interests.

Author Contributions

Zhenqi Wang performed the experiments, analyzed the data, performed the computation work, prepared figures and/or tables, and approved the final draft.

Shaopeng Guan conceived and designed the experiments, analyzed the data, prepared figures and/or tables, authored or reviewed drafts of the article, and approved the final draft.

Data Availability

The following information was supplied regarding data availability:

The code is available in the Supplemental File.

The raw data is available at Zenodo: Zhenqi Wang, Shaopeng Guan. (2023). Raw data. https://doi.org/10.5281/zenodo.7529808.

Funding

The authors received no funding for this work.

7 Citations 3,208 Views 186 Downloads

MIT

Your institution may have Open Access funds available for qualifying authors. See if you qualify

Publish for free

Comment on Articles or Preprints and we'll waive your author fee
Learn more

Five new journals in Chemistry

Free to publish • Peer-reviewed • From PeerJ
Find out more