Author
Listed:
- Yao Xiao
(School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China)
- Lei Xu
(School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China)
- Zikang Chen
(School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China)
- Can Zhang
(School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China)
- Liehuang Zhu
(School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China
Southeast Academy of Information Technology, Beijing Institute of Technology, Putian 351100, China)
Abstract
Cloud platforms provide a low-cost and convenient way for users to share data. One important issue of cloud-based data sharing systems is how to prevent the sensitive information contained in users’ data from being disclosed. Existing studies often utilize cryptographic primitives, such as attribute-based encryption and proxy re-encryption, to protect data privacy. These approaches generally rely on a centralized server which may cause a single point of failure problem. Blockchain is known for its ability to solve such a problem. Some blockchain-based approaches have been proposed to realize privacy-preserving data sharing. However, these approaches did not fully explore the auditability provided by the blockchain. The dishonest cloud server can share data with a requester without notifying the data owner or being logged by the blockchain. In this paper, we propose a blockchain-based privacy-preserving data sharing system with enhanced auditability. The proposed system follows the idea of hybrid encryption to protect data privacy. The data to be shared are encrypted with a symmetric key, and the symmetric key is encrypted with a joint public key which is the sum of multiple blockchain nodes’ public keys. Only if a data requester is authorized, the blockchain nodes will be triggered to execute a verifiable key switch protocol. By using the output of the protocol, the data requester can get the plaintext of the symmetric key. The blockchain nodes participate in both the authorization process and the key switch process, which means the behavior of the data requester is witnessed by multi-parties and is auditable. We implement the proposed system on Hyperledger Fabric. The simulation results show that the performance overhead is acceptable.
Suggested Citation
Yao Xiao & Lei Xu & Zikang Chen & Can Zhang & Liehuang Zhu, 2022.
"A Blockchain-Based Data Sharing System with Enhanced Auditability,"
Mathematics, MDPI, vol. 10(23), pages 1-23, November.
Handle:
RePEc:gam:jmathe:v:10:y:2022:i:23:p:4494-:d:987050
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:10:y:2022:i:23:p:4494-:d:987050. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.