Crowdsourcing is a new way to solve complex problems by using human intelligence. However, the tasks and user information privacy concerned in crowdsourcing have not been adequately addressed. It is necessary to design a privacy protection mechanism for tasks that need to be restricted to specific user groups. Ciphertext-policy attribute-based encryption (CP-ABE) is an efficient and feasible cryptographic tool, particularly for crowdsourcing systems. The encryptor can choose the access policy independently, which limits the scope of decryption users. At present, most CP-ABE schemes adopt a centralized management platform, which poses problems such as high trust-building costs, DDoS attacks, and single point of failure. In this paper, we propose a new access control scheme based on CP-ABE and blockchain, which has the properties of policy hiding and attribute updating. To protect the privacy of worker’s attributes, we adopt a test algorithm based on a fully homomorphic cryptosystem to confidentially judge whether the worker’s attribute lists match the hidden attributes policy in ciphertext or not before the decryption. Experiment results and comprehensive comparisons show that our mechanism is more flexible, private, and scalable than existing schemes.
Read full abstract