A Data Sharing Scheme Based on Blockchain System and Attribute-Based Encryption

Abstract

Blockchain systems offer a decentralized, immutable and transparent architecture that can give the ownership and control of data back to users, empower trusted and accountable data sharing. However, there still exist different scalability, security and potential privacy issues in blockchain networks, such as on-chain data privacy, data origin authentication, or compliance with privacy regulations (e.g. GDPR). To address these challenges, we propose a privacy-preserving and user-controlled architecture for data sharing based on blockchain system and Ciphertext-Policy Attribute-Based Encryption (CP-ABE), called ThemisABE. The proposed scheme has properties including one-to-many data encrypting and fined-grained access control. In the ThemisABE, any party can be an authority and the algorithm of CP-ABE generates the secret key corresponding to attributes for data user through any chosen set of nodes in blockchain system. Moreover, in order to realize accountability of CP-ABE algorithm and avoid performance bottleneck incurred by smart contracts, a kind of data structure of transactions is designed to record in the ledger, following an approaches to off-chain computations. The results of security analysis and experimental simulation show that the proposed scheme can solves the problems of privacy security and localization of data sharing. At the same time, the data sharing scheme has better performance and could be applied in some scenarios, such as eHealth, eGovernment or cross-border paperless trade.