Abstract

Recently, the concept of a decentralized data marketplace is getting much attention to exchange user data. Multi‐authority attribute‐based encryption (ABE), which can provide flexibility and user‐centric access control, is previously widely used in decentralized data sharing applications and also becoming a foundation to build decentralized data trading applications. It is known that users in a multi‐authority ABE system can collude by sharing their secret information for malicious purposes. To address this issue, the collusion‐resistant multi‐authority ABE model was introduced in which a unique global identifier (GID) is issued by the central authority (CA) to each user. Unfortunately, such approach cannot be used directly to build a decentralized data marketplace as (a) such intervention of the CA is directly against the main motivation of the decentralized trading platform and, mostly importantly, (b) the CA can exploit its full knowledge on users’ GID to launch various attacks against users. Motivated by these observations, this paper introduces a novel user collusion‐resistant decentralized multi‐authority ABE scheme for privacy preserving data trading systems. In the existing multi‐authority ABE systems, users utilize his/her GID that is solely assigned by the CA to generate his/her secret keys throughout the collaboration with authorities and a user can compute multi‐authority keys by combining the secret keys (stem from the same GID) in various ways. In the proposed system, the CA only has a partial knowledge of users’ GIDs, and thus, users’ privacy can be protected. On the other hand, we set the user’s own partial GID as a secret which can be used to withdraw his/her deposit to discourage any possible collusion among users.

Highlights

  • The development of the Internet of Things (IoT) has led people to generate larger amounts of data in their daily lives

  • Deposits locked in the smart contract can be withdrawn by submitting this secret value u global identifier (GID) to the contract

  • Compared to previous researches, our approach can mitigate the dependence of the central authority (CA) but the cost of user participation in the protocol is inevitable

Read more

Summary

Introduction

The development of the Internet of Things (IoT) has led people to generate larger amounts of data in their daily lives. If the user attempts to combine the secret keys generated from different random values, it is not revealed and the algorithm does not return a valid computational result. These approaches assumed a trusted CA that issues a unique identifier for each user and there was a limit to the system being overly dependent on CA. A decentralized attribute-based encryption (DABE) [10, 18,19,20] was proposed to solve the concentration of secrets in the CA during the key generation process, but there remained a problem of the centralized GID. Even if the power of the CA has been weakened, the user’s GID is still determined by CA, so the CA can collude with the user to violate the privacy of other users [21]

Related Work
System Architecture
Deploy SC
Decentralized CP-ABE
Proposed Scheme
Request CT
Analysis and Evaluation
RNG 1hash 1sig
Conclusions

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.