TrustAccess: A Trustworthy Secure Ciphertext-Policy and Attribute Hiding Access Control Scheme Based on Blockchain

Abstract

Ciphertext-policy attribute-based encryption (CP-ABE) is widely used in fine-grained access control to achieve the secure data sharing. However, most of the existing CP-ABE access control schemes involve intermediary entities, which might suffer from a high trust-building cost, single point of failure and so on. Due to the decentralization and transparency of blockchain, some blockchain-based access control schemes are proposed to address these problems, but bring new challenges, such as the privacy leakage of access policy or attribute. In this paper, we propose a new trustworthy secure ciphertext-policy and attribute hiding access control scheme based on blockchain, named TrustAccess, to achieve trustworthy access while guaranteeing the privacy of policy and attribute. For one thing, to make the existing hidden policy CP-ABE more efficient and scalable for blockchain, we propose an optimized hidden policy CP-ABE, named OHP-CP-ABE, to ensure policy privacy while satisfying the large universe access requirement. For another thing, we use the multiplicative homomorphic ElGamal cryptosystem to ensure the attribute privacy during authorization validation. Finally, we theoretically prove the security of our TrustAccess from the aspects of blockchain operations and OHP-CP-ABE. Comprehensive comparisons and extensive experiments are conducted to demonstrate the advantages of our TrustAccess.