| The traditional centralized data sharing systems have potential risks such as single point of failures and excessive working load on the central node.As a distributed platform,blockchain provides a solution for this problem.However,there are still some problems in the existing blockchain-based data sharing systems.First of all,there’s a lack of fine-grained,reliable and flexible access control method for data sharing.Although the Attribute-based Access Control(ABAC)can achieve fine-grained access control,even the most fine-grained designed scheme cannot take into consideration of all possible attributes and policies.Hence a legitimate user’s access may be denied because of the non-existence of associated policy.At the same time,although the immutability nature of blockchain guarantees the integrity of the data,it prevents the legal updating of data,and also poses challenges to the deletion of illegal data and the correction of incorrect data on the blockchain.In addition,due to the anonymity of blockchain and cyberspace,identity authentication technology plays an indispensable role in the security of system and the confidentiality of the data.However,most of the existing authentication protocols are centralized or homogeneous,i.e.,the same cryptosystem is used on both parties,thus making it an obstacle to wider adoption in a distributed and heterogeneous context.Motivated by the above problems,the main contributions of this paper are summarized as follows:(1)At first,this paper proposes a data sharing scheme based on blockchain.The scheme optimizes the attribute-based access control through smart contract,and combines the proposed Accountable Subgroup Multi-Signature algorithm to realize the reliable,fine-grained and flexible access control of the data.Furthermore,this paper proposes a Policy-based Chameleon Hash algorithm.By applying this algorithm,only users who meet the update policy set by the data owner(s)can update the data,which realizes controllable update of the data.The security analysis and the comparison with existing study in terms of computation and communication overhead demonstrate the advantage of the proposed scheme.(2)Focus on the problem that the data on blockchain can’t be edited and deleted,this paper proposes the first Multi-Chameleon Hash(MCH)algorithm,in which the collision of the hash can be found only when multiple users cooperate.It avoids the single user to generate the hash collision rights,random data editing problems on the chain.It avoids the problem that data on the blockchain may be randomly edited if the right to find hash collisions lies in the hands of a single user.Based on the proposed MCH algorithm,this paper also proposes the first Accountable-Subgroup Chameleon Multisignature(ASCM)algorithm.By applying this ASCM algorithm to the blockchain,it not only meets the blockchain’s demand for endorsement nodes,saves the storage of blockchain,but also implements a distributed editable blockchain.(3)At last,this paper proposes an identity-based authentication scheme,which introduces the(t,n)-threshold secret sharing to realize the distributed authentication,and avoids the single point of failure.In addition,the proposed identity-based authentication scheme is extended to a distributed mutual authentication scheme in heterogeneous environment.It can realize the mutual authentication between the users in the Public Key Infrastructure(PKI)-based cryptosystem and the users in the Identity-based cryptosystem.The experiment proves that proposed schemes have advantages in efficiency and communication overhead. |
PDF Full Text Request