基于CP-ABE算法的区块链数据访问控制方案

doi:10.11959/j.issn.2096-109x.2020037

Abstract

Abstract:

Different from the public chain,the consortium blockchain Hyperledger Fabric integrates the additional member management service(MSP) mechanism to provide channel-based data isolation protection.However,the data isolation protection mechanism still synchronizes the plaintext data within a channel,so there is a risk of data leakage.Besides,the channel-based data access control mechanism does not apply to some fine-grained privacy protection scenarios.To solve the problems of data privacy and security involved in the consortium chain Hyperledger mentioned above,a blockchain data access control scheme based on the CP-ABE algorithm was proposed.Based on the original existing Fabric-CA module in the Hyperledger,our scheme can realize the secure distribution of user attribute keys in the CP-ABE scheme while implementing the fine-grained security access control of blockchain data at the user level.The security analysis shows that the scheme achieves the security goals of ABE user attribute private key security distribution and data privacy protection.The performance analysis also shows that the proposed scheme has good usability.

Key words: blockchain, Hyperledger, CP-ABE, data access control

CLC Number:

TP309.2

Yunxiang QIU,Hongxia ZHANG,Qi CAO,Jiancong ZHANG,Xingshu CHEN,Hongjian JIN. Blockchain data access control scheme based on CP-ABE algorithm[J]. Chinese Journal of Network and Information Security, 2020, 6(3): 88-98.

Figures/Tables 9

References 23

[1]	ANDROULAKI E , BARGER A , BORTNIKOV V ,et al. Hyperledger fabric:a distributed operating system for permissioned blockchains[C]// European Conference on Computer Systems, 2018： 1-15.
[2]	NAKAMOTO S . Bitcoin:a peer-to-peer electronic cash system[R]. 2008.
[3]	WOOD G . Ethereum:a secure decentralised generalised transaction ledger[R]. 2014.
[4]	闫莺, 郑凯, 郭众鑫 . 以太坊技术详解与实战[M]. 北京: 机械工业出版社, 2018.
	YAN Y , ZHENG K , GUO Z X . Ethereum technical details and actual combat[M]. Beijing: China Machine PressPress, 2018.
[5]	陈剑雄, 张董朱 . 深度探索区块链 Hyperledger 技术与应用[M]. 北京: 机械工业出版社, 2018.
	CHEN J X , ZHANG D Z . In-depth exploration of blockchain hyperledger technology and application[M]. BeiJing: China Machine PressPress, 2018.
[6]	Channels. Hyperledger fabric channels[EB].
[7]	Enccc_example. 2019 Hyperledger fabric enccc_example[EB].
[8]	Private data. 2019 Hyperledger fabric private data[EB].
[9]	沈鑫, 裴庆祺, 刘雪峰 . 区块链技术综述[J]. 网络与信息安全学报, 2016,2(11): 11-20.
	SHEN X , PEI Q Q , LIU X F . Survey of block chain[J]. Chinese Journal of Network and Information Security, 2016,2(11): 11-20.
[10]	JAKOBSSON M , JUELS A . Proofs of work and bread pudding protocols.in secure information networks:communications and multimedia security[C]// IFIP TC6/TC11 Joint Working Conference on Communications and Multimedia Security (CMS '99). 1999.
[11]	VASIN P . Blackcoin’s proof-of-stake protocol v2[EB].
[12]	KING S , NADAL S . PPCoin:peer-to-peer crypto-currency with proof-of-stake[J]. Self-published Paper, 2012(8):19.
[13]	YE C , . Analysis of security in blockchain:case study in 51%-attack detecting[C]// 2018 5th International Conference on Dependable Systems and Their Applications (DSA). 2018.
[14]	章峰, 史博轩, 蒋文保 . 区块链关键技术及应用研究综述[J]. 网络与信息安全学报, 2018,4(4): 26-33.
	ZHANG F , SHI B X , JIANG W B . Review of key technology and its application of blockchain[J]. Chinese Journal of Network and Information Security, 2018,4(4): 26-33.
[15]	中国信息通信研究院. 区块链白皮书[R]. 2018.
	China Academy of Information and Communication Technology. White paper of blockchain[R]. 2018.
[16]	SUKHWANI H , MARTINEZ J M , CHANG X ,et al. Performance modeling of PBFT consensus process for permissioned blockchain network (Hyperledger Fabric)[C]// Symposium on Reliable Distributed Systems. 2017: 253-255.
[17]	KREPS J , NARKHEDE N , RAO J . Kafka:a distributed messaging system for log processing[C]// The NetDB. 2011(11): 1-7.
[18]	Certificate Authorities. 2019 Hyperledger fabric certificate authorities[EB].
[19]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// Symposium on Computer and Communications Security. 2006: 89-98.
[20]	BOLDYREVA A , GOYAL V , KUMAR V ,et al. Identity-based encryption with efficient revocation[C]// Symposium on Computer and Communications Security. 2008: 417-426.
[21]	林素青 . 支持访问更新的可验证外包属性加密方案[J]. 网络与信息安全学报, 2019,5(1): 41-53.
	LIN S Q . Verifiable outsourced attribute-based encryption with access update[J]. Chinese Journal of Network and Information Security, 2019,5(1): 41-53.
[22]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// IEEE symposium on security and privacy (SP'07). 2007.
[23]	张兴兰, 崔遥 . 基于群签名的属性加密方案[J]. 网络与信息安全学报, 2019,5(1): 19-25.
	ZHANG X L , CU Y . Attribute-based encryption schema with group signatures[J]. Chinese Journal of Network and Information Security, 2019,5(1): 19-25.

Metrics

Recommended 0

No Suggested Reading articles found!

属性	属性值
通道ID	Chanel1、Channel2
组织ID	Org1、Org2
用户ID	User1、User2

符号	符号定义
SK	用户对应的CP-ABE方案中的属性私钥
MK,PK	CP-ABE方案中的主密钥和公开参数
U_PK,U_SK	原有超级账本网络中用户的公钥和私钥
U_cert	原有超级账本网络中的用户证书
M ,CT	明文数据以及经过加密形成的密文

方案	类型	用户级访问控制粒度	数据隐私性	密钥安全分发	加/解密密钥管理简易性
方案[7]	对称加密	√	√	×	×
方案[8]	哈希同步	×	×	—	—
本文方案	属性基加密	√	√	√	√

Blockchain data access control scheme based on CP-ABE algorithm

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 9

References 23

Related Articles 15

Metrics

Recommended 0

[1]	Zhao CAI, Tao JING, Shuang REN. Survey on Ethereum phishing detection technology [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 21-32.
[2]	Heli WANG, Qiao YAN. Selfish mining detection scheme based on the characters of transactions [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 104-114.
[3]	Beiyuan YU, Shanyao REN, Jianwei LIU. Overview of blockchain assets theft attacks and defense technology [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 1-17.
[4]	Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG. Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 9-19.
[5]	Dan LIN, Kaixin LIN, Jiajing WU, Zibin ZHENG. Bytecode-based approach for Ethereum smart contract classification [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 111-120.
[6]	Liquan CHEN, Xiao LI, Zheyi YANG, Sijie QIAN. Blockchain-based high transparent PKI authentication protocol [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 1-11.
[7]	Wenbo ZHANG, Simin CHEN, Lifei WEI, Wei SONG, Dongmei HUANG. State-of-the-art survey of smart contract verification based on formal methods [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 12-28.
[8]	Feng LIU, Jie YANG, Jiayin QI. Survey on blockchain privacy protection techniques in cryptography [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 29-44.
[9]	Xiaoling SONG, Yong LIU, Jingnan DONG, Yongfei HUANG. Application and prospect of blockchain in Metaverse [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 45-65.
[10]	Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76.
[11]	Pengkun JIANG, Wenyin ZHANG, Jiuru WANG, Shanyun HUANG, Wanshui SONG. Blockchain covert communication scheme based on the cover of normal transactions [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 77-86.
[12]	Jianlin NIU, Zhiyu REN, Xuehui DU. Cross-domain authentication scheme based on consortium blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 123-133.
[13]	Baoqin ZHAI, Jian WANG, Lei HAN, Jiqiang LIU, Jiahao HE, Tianhao LIU. Hierarchical proxy consensus optimization for IoV based on blockchain and trust value [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 142-153.
[14]	Jiaren YU, Youliang TIAN, Hui LIN. Design of miner type identification mechanism based on reputation management model [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 128-138.
[15]	Zhensheng GAO, Lifeng CAO, Xuehui DU. Research progress of access control based on blockchain [J]. Chinese Journal of Network and Information Security, 2021, 7(6): 68-87.