A Blockchain-Based Data Sharing System with Enhanced Auditability

Cloud platforms provide a low-cost and convenient way for users to share data. One important issue of cloud-based data sharing systems is how to prevent the sensitive information contained in users’ data from being disclosed. Existing studies often utilize cryptographic primitives, such as attribute-based encryption and proxy re-encryption, to protect data privacy. These approaches generally rely on a centralized server which may cause a single point of failure problem. Blockchain is known for its ability to solve such a problem. Some blockchain-based approaches have been proposed to realize privacy-preserving data sharing. However, these approaches did not fully explore the auditability provided by the blockchain. The dishonest cloud server can share data with a requester without notifying the data owner or being logged by the blockchain. In this paper, we propose a blockchain-based privacy-preserving data sharing system with enhanced auditability. The proposed system follows the idea of hybrid encryption to protect data privacy. The data to be shared are encrypted with a symmetric key, and the symmetric key is encrypted with a joint public key which is the sum of multiple blockchain nodes’ public keys. Only if a data requester is authorized, the blockchain nodes will be triggered to execute a verifiable key switch protocol. By using the output of the protocol, the data requester can get the plaintext of the symmetric key. The blockchain nodes participate in both the authorization process and the key switch process, which means the behavior of the data requester is witnessed by multi-parties and is auditable. We implement the proposed system on Hyperledger Fabric. The simulation results show that the performance overhead is acceptable.