Secure digital documents sharing using blockchain and attribute-based cryptosystem

Abstract

Education is developing very fast with the advancement of technology and the process of the smart era. One can store all educational certificates and credentials in the form of an electronic wallet or a folder. By using this electronic transformation of certificates, users can transfer the certificates from one place to another very easily. The “data island” phenomenon, central data storing, confidentiality, reduced security, and integrity are common problems of electronic data transfer. This study presents a safe sharing of digital documents which uses blockchain technology and an attributed-based cryptosystem to offer a creative solution to the abovementioned issues. The proposed scheme uses Ethereum smart contracts and achieves fine-grain access control by using attribute-based encryption. Finally, we verified our model using the test network and compared the performance with some existing state-of-arts. The results of proposed scheme generated by simulations are more feasible and effective in challenging environments.

Keywords

Digital document blockchain attributed-based cryptosystem smart contract

1. Introduction

Documents or certificates in physical form provide a variety of challenges as they are cumbersome to exchange and have a chance of being destroyed and misplaced. With the progression of technology and the expansion of the smart era, more and more people are using electronic wallets to store their educational certificates. The main benefit of keeping certificates electronically is the ease of accessing, storing, and using them anywhere, anytime, without the burden of carrying them manually [1, 2]. Nowadays, it is gaining popularity day by day because of the use of digital educational certificates and other certificates such as registration certificates of vehicles, PAN Cards, etc., making people’s lives more convenient and easy [1, 3]. It is also getting support from the government. But with various advantages, it has some problems also.

The digital documents are stored as normal electronic data bits and bytes. When the data is transmitted from one place to another or stored on the cloud or any other storage, then data security, authenticity, and data integrity are difficult to maintain. This kind of information is easily hacked by hackers or accessible by unauthorized users.

Generally, the storage used for these documents is centralized. The main problem with this type of storage is the central point of failure.

Nowadays, most of the digital document databases are centered on organizations or different regions. This can create a “data island” phenomenon, which creates less security and reliability channelization between different databases.

The cost of investment will be high if the data center is created within the organization.

Access to digital documents is quite easy using the public key of the original user. This can happen due to the lack of a secure and reliable access control system.

By seeing all the above issues the privacy becomes the most important issue for sharing of digital document on cloud platform. In latest years, most of the organizations are interested to use blockchain technology other than the financial field [3, 4]. The main reason for attraction towards blockchain and smart contracts is distributed storage and its immutable nature [5]. Blockchain was hypothesized in 2008 and the main implementation of it was used to enable a financial system in the form of crypto currency called as Bitcoin. Blockchain authorizes different untrusted parties to come together and create a lasting, consistent and apparent record of exchange [5, 6, 7]. The parties can process these records without relying on any centralized authority. The blockchain’s security is improved by the use of the hashing algorithm and the consensus mechanism called as proof of work. Additionally, it is a type of distributed network that needs at least 50% of peers to agree before accepting even a modest modification in data [8, 9].

In the year 2018, Zhu et al., proposed an access control model [8]. In the model author’s proposed various type of transactions design, such as registration of object, grant or access request, etc. In the year 2019, Paillisse et al., used blockchain in to provide distributed access control by applying multi-administrative domain concept [9]. Some policies defined group-based and blockchain has been utilized to store them by transactions. In addition to blockchain, a variety of techniques used for access control can be employed to restrict the access to data or information stored in the cloud [10, 11, 39, 46]. In the year 2018, Wang et al., introduced a model based on blockchain, Ethereum smart contracts and ABE for data sharing [12]. The scheme was able to eliminate the problems of key hacking or modification, and also ensures the privacy of data. In the year 2019, Eltayieb et al., proposed a model for secure sharing of data over cloud using ABE signcryption protocol and blockchain [13]. Eltayieb et al., used the smart contracts to give a solution for the problem of wrong result generation of conventional cloud system. Interplanetary File System (IPFS) is a peer-to-peer distributed file system, which is another intriguing concept in addition to blockchain [14]. It offers a content-addressed block storage model and incorporates a number of previously successful solutions. The goal of IPFS is to enhance HTTP, one of the most popular file-distributed systems in use today. [15, 16] suggested a reliable and scalable mechanism for file sharing. It offers a scalable key management system and makes use of yet another re-encryption method to facilitate the accessibility of numerous users. The encryption key is kept in a dispersed manner that can withstand attempts at collusion by users with access restrictions. The encryption key’s single subkey is supplied to the authorized user, increasing the security concerns because the user must control the key.

To improvise all the inefficiencies and limitations, the study proposes a novel model based on blockchain for securely sharing digital documents in the cloud. The model also uses the ABE scheme for providing fully secure access control. The main advantages of the proposed model will be secure access of data; traceability of data; fine-grained access control and data integrity. Also, the proposed model offers confidentiality, collision attack resistance, and self-auditability of data. We summarize our main contribution to this work as follows.

This paper proposed secure digital certificates sharing system based on blockchain and IPFS.

The documents are encrypted by searchable encrypted keyword schema for access control in sharing digital documents for fine-grained access control.

The centralized authority will obtain the key by using the attributes of the owner certificates, i.e., (students, employees, etc.), which is further used for the encryption of data and setting of access policies. Further, the owner of the certificate can obtain a key for decryption by using its specified attributes.

The scheme uses a storage platform called the InterPlanetary File System (IPFS). The problem of single-point failure, authentication, and data integrity are reduced by using blockchain technology.

The scheme uses the Ethereum smart contracts to realize the search for encryption keys of the certificates.

The remaining paper is organized as follows. The related work ABE and blockchain is described in Section 2. Section 3 outlines preliminaries concepts required to understand the proposed model. Section 4 proposes the model and smart contracts. Section 5 illustrates and simulation, results received after simulation, and the performance comparison of the proposed model with some existing work. Security analysis on the basis of confidentiality, collision attack and auditability is done in Section 6. Finally, Section 7 presents the conclusion of the work.

Abbreviations used throughout the manuscript:

ABE	Attribute Based encryption
DA	Document Authority
DHT	Distributed Hash Table
DO	Document Owner
DU	Document User
EHR	Electronic health records
ETH	Ether
IBE	Identity-based encryption
IPFS	Inter Planetary File System
KGC	Key Generation Center

2. Literature review

2.1 Attribute-based encryption (ABE)

The ABE considered as special type of encryption technique, which comes under the category of public key cryptosystem. The techniques take user attribute as a public key. The ABE embedded the encryption technique called as identity-based, proposed by Shamir in 1984 [17]. The reason behind is the identity information of the user can be considered as attributes in maximum cases, such as fingerprint, PAN number, etc. Boneh et al., had introduced IBE scheme considered as first scheme based on the concept of signature scheme [18]. Their scheme considered the bilinear maps as a base concept. On the guidelines of identity based encryption several studies have been carried out by various researchers’ likes Waters, Lew ko etc. [19, 20, 21]. After introduction of IBE concept in 2005, Sahai et al., proposed threshold based IBE [11]. The concept proposed by Sahai et al., was considered as the base for ABE technique. ABE access control is the most effective and proven encryption technique [10, 11]. During the current decade various researchers published their work on ABE [22, 23, 24, 25]. The attribute-based encryption technique can be explored based on the keyword search technique over the encrypted data. Various models for this searchable ABE were presented in literature [26, 27, 28, 29, 30]. Utilizing encrypted keywords, the provided model accesses the data over the cloud using the ABE with searchable encryption. In the year 2014, Sun et al., proposed a secure ABE scheme by using non-monotonic access policy [27]. On the same guidelines of ABE (Attribute-Based Encryption) in year 2014, Yamada et al., had proposed searchable ABE scheme based on keyword search technique for cloud environment [31]. They have also implemented two re-encryption techniques in the model – lazy re-encryption and proxy re-encryption. The only problem with the scheme was the decentralization of rights and integrity of data. Also, the scheme uses the 3 ${}^{\text{rd}}$ party for the sharing of data. In the year 2014, Namasudra, proposed an improved ABE model for cloud environment. The proposed model was using the concept of distributed hash table (DHT) and self-destructing structures. The main benefit of using this scheme due to the availability of cipher text and restriction till only a given time duration. But the main problem with this scheme as it is not considered immutability of data, and CSP attack [23].

2.2 Blockchain technology

When sensitive data such as financial data, credential data in the form of digital documents, or health care data is transferred over the network, there is always a trust issue. In the year 2008, Nakamoto et al., presented two novel models based on peer-to-peer electronic cash systems. One is called Bitcoin, which is also considered the first virtual currency, and the second is called Blockchain. The blockchain technology uses the TCP/IP protocol as the base platform to work over the Internet [4]. A distributed ledger is referred to as a decentralized network that is used to store and exchange all kinds of information in a distributed manner. These ledgers are immutable, secure, not hackable, and easily auditable whenever it is required [4, 5]. This feature of blockchain gives a massive level of transparency in comparison to the traditional system. Each block in the blockchain is recognized by its cryptographic signature using a secure hash algorithm, called as SHA 256. SHA 256 algorithm produces a message digest of 256 bits using a block size of 512 bit [6]. Figure 1 shows the simple blockchain structure. According to the architectural view, the blockchain presents an ordered list. Every block in the blockchain is connected with the previous block of the chain. Currently, the blockchain is used by various researchers in versatile fields of research such as IoT, cloud computing, e-voting, health care, transferring of digital documents, etc. [31, 32, 33, 34, 35]. In the year 2018, Elisa et al., developed a model which was based on blockchain and used for handling the government affairs system [33]. The key objective of the proposed scheme was to overcome the trust defiance in the organizations that come under the category of the public sector by enhancing security. Wang et al. proposed a cloud-based model for electronic health records (EHR) [34]. Their proposed model worked on ABE and blockchain. However, the major issue with that model is that it did not consider smart contracts. Hence, it was not fully automated. In the year 2019, Mahore et al., proposed an EHR management system [35]. The model uses the concept of a permissioned blockchain and proxy re-encryption technique. The issue with that model when it was implemented on the cloud, it could not follow the proper access control rules. If any user wishes to access data, he/she could be accessed by using a key. In the year 2020, Sun et al., proposed a scheme based on blockchain technology for storing EHR records. Also, Sun et al., have used the Interplanetary File System (IPFS) to solve the problem of centralized storage [36]. In the year 2019, Wang et al., proposed a cloud storage model based on blockchain technology to provide more security and data integrity [37]. In the scheme, the valid access time can be set by the data owner (DO) to access the information smoothly from storage. Also, the Ethereum-based smart contracts are used to store the cypher text.

2.3 Features and challenges in related work

Table 1 presents the summary of some preexisting work in a related domain. The major components are various features, proposed methodology, and challenges.

Table 1
Features and challenges in related work

Methodology	Feature	Challenges	Authors, year
Searchable ABE scheme	Keyword search on cloud environment. Two re-encryption techniques-proxy and Lazy.	Decentralization of rights and integrity of data. Uses the 3 ${}^{\text{rd}}$ party for the sharing of data.	Yamada et al., 2014
Block chain-based decentralised peer-to-peer (P2P) e-government system	Both information security and privacy.	Only theoretical analysis is available.	Elisa et al., 2018
Technology based on blockchain and attributes	Integrity and traceability of health data.	Not considered the smart contracts, hence not fully automated.	Wang et al., 2018
Re-encryption method for sharing private medical data	Statistical analysis to healthcare data.	Lacking of proper access control rules over the cloud environment.	Mahore et al., 2019
A cloud computing access control model that is effective and safe	Identity-based encryption with the concept of time release and distributed hash table (DHT) network.	Immutability of data, and CSP (content security policy) attack.	Namasudra, 2019
Decentralized InterPlanetary File System (IPFS)	Ciphertext Policy Attribute-Based Encryption (CP-ABE).	Access privileges and the timeliness of expired users.	Jin Sun et al., 2020
Combining blockchain and attribute-based encryption	Data security and data sharing with attribute-based encryption.	Implementing a real P2P application, and protecting the central server.	Nhan Tam Dang et al., 2021
Provides attribute-based safe data exchange with integrity auditing via blockchain	Malicious cloud servers.	Data ownership management and access control preservation.	V. Ezhil Arasi et al., 2022

Figure 1.

Blockchain.

3. Premitives

3.1 Bilinear maps

Let us $G$ be a multiplicative group of prime order $p$ , and $g$ be a generator of $G$ .

We agree to use (‘ $\cdot$ ’ dot operator) as symbol for the composition.

Let us consider a bilinear map $e:G\times G\to G_{T}$ , such that $e(u,v)\in G$ where, $e(u,v)\in G$ . Since, $e$ is a bilinear map $G\times G\to G_{T}$ for each $a\in G$ , and $x\in G$ , the mapping $x\to e(a,x)$ is linear and $x\to e(x,a)$ is also a linear. It also follows the below properties, the bilinear property is satisfied if, $e(u^{a},v^{b})=e(u,v)^{ab}$ hold true $\forall u,v\in G$ , and $\forall a,b\in\mathbb{Z}_{p}$ , $p$ is a prime number.

Lemma 1: If $g_{1}$ , $g_{2}$ are the generators of $G$ , and bilinear mapping is $e$ then $e(g_{1},g_{2})$ is also a generator of $G$ i.e., $e(g_{1},g_{2})\neq 1$ . Where the integer 1 is the multiplicative identity. Now for all $(u,v)\in G\times G$ we can evaluate $e(u,v)$ .

Proof:

Let $g$ is the generator of $G$ with respect to multiplication ( $\cdot$ ) operator

$\Rightarrow\left\langle g\right\rangle=\{g^{1},g^{2},g^{3},\ldots\}\in G$ and $g^{i}$ for $1\leqslant i\leqslant n$ represent unique elements of set $G$ . According to the assumption $e:G\times G\to G_{T}$ , here $e$ is a bilinear function or mapping. If $g_{1}\in G$ and $g_{2}\in G$ are the generators

$\Rightarrow e(g_{1},g_{2})\in G_{T}$ and $e(g_{1}^{1},g_{2}^{1})=e(g_{1},g_{2})^{1\times 1}=e(g_{1},g_{2})^{1}=e(g_{1},g% _{2})$ , according to the bilinear properties $e(u^{a},v^{b})=e(u,v)^{ab}$

So, $e(g_{1},g_{2})$ is the generator of $G$ and $e(g_{1},g_{2})\neq 1$ as it is nontrivial.

$u\in\{g_{1}^{1},g_{1}^{2},g_{1}^{3},\ldots\}\subseteq G$ and $v\in\{g_{2}^{1},g_{2}^{2},g_{2}^{3},\ldots\}\subseteq G$

So, $e(u,v)=e(g_{1}^{i},g_{2}^{j})=e(g_{1},g_{2})^{i\times j}$ , for $1\leqslant i\leqslant n$ and $1\leqslant j\leqslant n$

Since, $e(g_{1},g_{2})\in G\times G\Rightarrow e(g_{1},g_{2})^{i\times j}\in G\times G$

So $e(u,v)$ is computable as $i\times j$ or ( $i\cdot j$ ) product is computable also the mapping $g_{2}\to(g_{1}\to(e(g_{1},g_{2}))$ is an isomorphism and finite dimension

$\Rightarrow$ Non degenerate

3.2 Secret Sharing Scheme (SSS)

The SSS was introduced by Shamir [34]. It is used as a base for ABE schemes. The SSS has two main processes, one is the share and the other is recovery. When the owner wants to share ${}^{\prime}s^{\prime}$ is called as secret value $s\in\mathbb{Z}_{p}$ among number of users $\{u_{1},u_{2},u_{3},\ldots,u_{n}\}$ , such that $p>n$ , $p$ is a prime number. Let, consider $t$ is a threshold value for the number of users. The scheme is called as ( $t, n$ ) threshold scheme, when ( $t$ ) number of users come together, then they should be able to regenerate the secret key. First, it will choose a ( $t-1$ ) as degree of polynomial, now the real valued function $f(x)$ can be expressed as a polynomial $f(x)=k+a_{1}x+a_{2}x^{2}+\ldots+a_{t-1}x^{t-1}$ , here $k$ a constant is, and all coefficients $\{a_{1},a_{2},\ldots,a_{t-1}\}$ are randomly chosen from $\mathbb{Z}_{p}$ and $x\in\mathbb{R}$ , $x$ is a secret value. Now, if ( $t$ ) number of users decide to come together, then they can recover the secret value ${}^{\prime}s^{\prime}$ , using sharing of $\{f(x_{1}),\ldots,f(x_{t})\}$ values. The whole polynomial can be generated using Lagrange’s interpolation formula for unequal space points [38, 39].

3.3 Smart contracts

Smart contracts are like traditional contracts, but the only difference is that they are in the form of a digital form of a program. An Ethereum smart contract is a program that is a collection of functions and states (data) present on the blockchain and a specific address. The whole code or part of the code runs automatically for some agreement. For example, the transfer of funds from one party to another. The main benefit of using smart contracts is that it removes the requirement of a 3rd party. However, it is stored in the blockchain, so everything is completely distributed. It is not controlled by a single user and is also immutable [40, 41].

3.4 IPFS

The distributed storage protocol is called IPFS. IPFS is designed to handle all kinds of unnecessary file redundancy. It generates a hash value that is unique for each file stored in the system. The required file of the user can be found by using the respective hash address. Since IPFS is distributed, therefore, it avoids the problem of centralized failure in the storage system, also called single-point failure [36, 16].

4. System model

The model is split into two sections: document storage and document search. The model contains five different kinds of entities. The document owner (DO), the document user (DU), the key generation center (KGC), the document authority (DA), and the blockchain. The Fig. 2 represents the system architecture diagram. In the model, public key of DO is used to encrypt all the digital documents and the encrypted documents will be stored on an IPFS storage device. All the key creations will be handled by the KGC. The DA will be treated as a gateway between all the entities to establish communication and security. The metadata (transaction details) of the digital documents will be stored on the blockchain with the help of smart contracts for handling storing and searching of data and maintaining tamper-resistant features. The digital documents can be accessed only by DO and DU.

4.1 Workflow of the proposed model

KGC – It will deploy the smart contract and create system parameters. Additionally, it gives the DA permission and assigns attribute keys to the DOU. It will be the KGC’s responsibility to send the required secret keys for the DOU and DOC.

It chooses $G,G_{T},p,g_{1},g,g_{2}$ and $e$ according to the parameters of bilinear map, discussed in Section 3. Here, $p$ is taken as a prime number, two multiplicative cyclic groups, $G$ , and $G_{T}$ are of order $p$ , consider, generator is $g$ , bilinear map is $e$ , and generator for $G_{1}$ is $g_{1}$ and $g_{2}$ is considered as the generator for $G_{2}$ . $\alpha,\beta\in\mathbb{Z}_{p}$ are two random exponent values and $H$ is a hash function. $H_{1}$ , and $H_{2}$ are considered as keyed hash functions. Where $H,H_{1}:\{0,1\}^{\ast}\to G$ , and $H_{2}:\{0,1\}^{l}\to G_{2}$ , where the minimum number of shares represented by l. Public parameters is represented as (pub_para)

$\displaystyle\textit{pub\_para}=G,p,G_{2},g_{1},g,g_{2},H,H_{1},H_{2},\alpha,% \beta,e,l)$

Mater Key – $MT_{k}=(\beta,g^{\alpha})$ and Public key is represented as – $\textit{Pub}_{k}=(g,G,G_{1},w,h=g^{\beta})$ , where $w=(g,g)^{\alpha}$

$\displaystyle Sk_{i}=(D=g^{(\alpha+r)/\beta},\forall_{j}\in A_{i}:b+r_{j},D_{j% }=g^{r}\cdot H(j)^{b},D_{j}=g^{b})$ (1)

In Eq. (1) $r$ is a random number. $r,b\in\mathbb{Z}_{p}$ and $i,j\in\mathbb{N}$ , for the chosen attribute string $A_{i}$ .

Figure 2.

System architecture.

The labeling of the system architecture in Fig. 2 is presented as below.

(1)

DO sends documents and other information through DOC.

(2)

DA retrieves encrypted documents and associated information.

(3)

DA sends encrypted documents to IPFS.

(4)

Metadata (transaction data) will stored in Blockchain using smart contract.

(5)

DU searches metadata using tokens in blockchain.

(6)

If tokens are valid and found then DUC request to DA for data.

(7)

DA retrieves data from IPFS.

(8)

DA sends requested encrypted data to DUC.

(9)

DUC sends data to DU

(10)

Any time DO can verify logs on blockchain through DOC.

DOC – DOC does the encryption and creates the cypher text (CT) using plain text M, parameters, public key, an attribute access tree, etc. DOC will choose a polynomial $f_{k}$ with a degree $d_{k}$ . The access policy used in the model is represented as $\Gamma$ . The polynomials used are chosen in a way such that first the node should start from the root ( $R$ ). The threshold value of node $N_{x}$ is $t_{x}$ . The random number $s\in\mathbb{Z}_{p}$ is selected by CO, and $f_{R}(0)=\{s\}$ . The DOC will randomly select $d_{R}$ and other coefficients of $f_{R}$ , which will generate the polynomial $f_{R}(x)$ . Set $f_{R}(0)=f_{\textit{parent}(x)}(\textit{index}(x))$ , it represents index of $x$ node in its parent node [4]. Consider that set of leaf nodes in the access tree $\Gamma$ are $x$ . The CT is presented in expression (1) as follows –

$\displaystyle CT=\left\{{\begin{array}[]{l}\Gamma,\bar{C}=ck.e(g,g^{\beta}),s,% C=g^{s}\\ \forall x\in X:C_{x}=g^{\alpha,f_{x}(0)},C^{\prime}_{x}=H(a(x))^{f_{x}(0)}\\ \end{array}}\right\}$ (2)

DA – The index of smart contracts must be uploaded by DA. To confirm the validity of the data, it uploads the transactions and stores ciphertext in the cloud. The DA chooses some keywords from the certificate data (such as – Roll_No, data of birth, etc.), produces the DOC’s key $k_{i}$ , encrypts the certificate’s data using an encryption technique, and then computes its hash value. SHA256 is used as the key (K) now hashed data is represented as $h_{\textit{data}}=\textit{SHA256}(\textit{data})$ . The DA stores CT and Ethereum transaction keys in the InterPlanetary File System (IPFS), and returns $(H_{\textit{addr}})$ as a hash address. The blockchain stores $\{h_{\textit{data}},H_{\textit{addr}},\Phi\}$ and all kind of transactions will be stored in smart contracts on the index $\Phi$ .

Keyword search – Once the transaction ID and index have been transferred to the cloud, the DO and DU can use keyword search to look for certificates. The DA selects $K_{s}$ as search key and stores encrypted keywords in $\{kw_{1},kw_{2},kw_{3},\ldots,kw_{n}\}$ smart contracts. When tokens are needed to search for keywords in smart contracts, they are determined using a real valued function called $F$ .

$\displaystyle F(\{w_{i}\}_{i=1,\ldots,n}\in\mathbb{R})=\{||kw_{1}||,||kw_{2}||% ,\ldots,||kw_{n}||\}$ (3)

Every time a token is passed from a CU or CO to a smart contract, and as a return value the location and ID of the satisfied set will be received.

Decryption of document – Two entities, DOC and DUC, are capable of decrypting the document’s data. The DOC and DUC can get the decrypted document in accordance with the access rules, and each DUC has its own private attribute key. Decryption will be the reverse of encryption, i.e., it will be done in a bottom-up manner. The decrypted document ‘M’ is presented in the expression (4) with consideration of expressions (1) and (2) as follows.

$\displaystyle\frac{CT}{\frac{c(CT,D)}{a(x)}}=\frac{CT}{\frac{e(h^{a(x)},g^{% \frac{(\alpha+r)}{\beta}}}{e(g,g)^{rs}}}=M$ (4)

Validation of tempering of data – The DUC or DOC locates the ( $h_{\textit{data}}$ ) from the Ethereum transaction ID and then recalculates the $h^{\prime}=\textit{SHA256}(\textit{received\_data})$ in order to confirm the tampering of the original data. Once the hash values have been compared, the data is either tempered or not tempered depending on whether they are equal.

4.2 Creation of smart contracts

For creating the smart contracts Ethereum is used as the platform. The smart contract includes adduser, deleteuser, addindex, and searchindex. The adduser will allow CA for creating the contract, to update the userlist and variables. The deleteuser method is used by CA at the time, if the entry of any user from the list is required to be removed. As input parameters, the addindex-will consider searching keywords, IDs, and $H_{\textit{addr}}$ input parameters. CO can use this interface to upload the encrypted information by creating the respective index for the encrypted keyword and that will be stored in the smart contract. In the serachindex method – any CU can use this interface to access a particular document by using keywords. Among all the four interfaces the first three interfaces are used to change the value of variables used internally, while the searchindex is used to only display required data.

Algorithm 1: Procedure Adduser
Adduser ( $U_{i}$ , $n$ )
Begin
1. If (verifylist ( $U_{i}$ , $n$ ) $==$ True)
2. then
3. userlist [ $i$ ] $\leftarrow$ $U_{i}$ // add user in the list
4. $i=i+1$
5. else
6. continue
7. End if
End

Algorithm 2: Procedure Deleteuser
Deleteuser ( $U_{i}$ , $n$ )
Begin
1. If verify_list ( $U_{i}$ , $n$ ) $=$ True then
2. // delete user from the list
3. $n=n-1$
4. else
5. continue
6. End if
End

Algorithm 3: Procedure Addindex
Addindex (K, ID, $H_{\textit{addr}}$ )
Begin
1. // create index and store
2. If ( $H_{\textit{addr}}$ and ID $==$ true) then
3. Createindex (K, $H_{\textit{addr}}$ )
4. Else
5. Continue
6. Endif
End

Algorithm 4: Procedure Searchindex
Searchindex (K, ID)
Begin
1. $K\in\{\textit{set\_of\_keywords}\}$
2. If (K && ID) $==$ true) then
3. {access the document}
4. Else
5. search continue
6. Endif
End

5. Experiment results and discussions

All simulations are carried out using an Intel(R) Core(TM) CPU i7-8750H and 16 GB of RAM to calculate the performance of our suggested strategy. Ethereum is operated on a virtual machine that is running Ubuntu 14.04 LTS.

5.1 Performance evaluation

For the purpose of building a smart contract, we used the Ethereum test network and the Solidity programming language. Gas had a starting price of 9Gwei (1Gwei is equal to 10-9 ether (ETH)). We used our certificate data for the trial for testing purposes. We’ve just used single threads in all of our investigations. On the TestRpc Ethereum blockchain environment, which offers a local simulated environment, we implemented the system model. Five distinct files, each measuring in kilobits, were used to create the encrypted index. The total gas consumed in creating the contract was 908608. The total gas consumed for the addition of the encrypted index has increased linearly as per the number of tasks added. For adding one index, the cost was 80416, for adding five indexes, the cost increased to 422130, for adding 10 indexes, the cost increased to 844052, etc. The overhead in the computation has been compared with some other schemes [27, 31, 34] concerning the time taken in key generation and the time taken for index generation. The computation cost for key generation is depicted in Fig. 3. The plot clearly shows that the scheme takes quite less time for key generation in comparison to other schemes. The performance of the scheme proposed by Sun et al. is very close to our proposed scheme [27]. Figure 4 illustrates the computational time required for index generation. The plot clearly indicates that proposed scheme has better performance than the schemes proposed by Sun et al., and Yamada [27, 31]. Further, we have done a comparison concerning the throughput of search operations with the schemes proposed by Mahore et al., and Sun et al. [35, 36]. The total number of transactions that are modified in the ledger in one second is referred to as throughput. Figure 5 shows the comparison plot for the throughput of the search operation. The performance of our scheme is quite improved in comparison to other state-of-arts proposed by Mahore et al., and Sun et al. [35, 36].

Figure 3.

Plot of key generation time.

Figure 4.

Plot of index generation time.

Figure 5.

Plot of throughput for search operation.

5.2 Performance comparison

This section describes the performance of our scheme in terms of the computational cost. We compared the computational costs evolved at various stages of the schemes to those found in the literature [27, 31, 36]. The comparison is shown in Table 2, where upper bond of the cost for exponential operation is represented by $O$ . The $B$ is used to represents the paring operation. The number of keywords denoted by $k$ , and $n$ is used to denote the number of attributes. From Table 1, it can be very easily analyzed that our proposed scheme uses only, $O(2n+1)$ which is quite less in comparison to other schemes. Also, the search cost is less than all the considered schemes. In addition, our system relies on the blockchain to guarantee data immutability and the absence of a single point of failure.

Table 2
Comparison of computational cost

Scheme	Setup phase	Private key Gen	Indexing	Searching	Use of blockchain
Yamada [2014]	$O(3)+B$	$O(3n+3)$	$O(2n+2)+B$	–	No
Sun [2014]	$O(3n)+B$	$O(2n+3)$	$O(nk+1)+B$	$O(n+2)$	No
Sun [2020]	$B$	$O(3n+6)$	$O(n+1)$	$O(n+2)$	Yes
Our scheme	$O(3)$	$O(2n+1)$	$O(2n)+B$	$O(1)$	Yes

6. Security analysis

In our system, secure transactions are carried out using the full grain access control method. After completing the registration process, the owners and users who wish to participate in the secure file sharing system are recognized as trustworthy. The Blockchain and IPFS servers, however, are untrustworthy since anyone with internet connection can view their data. Although data on the IPFS server and Blockchain can be accessed by unauthorized users, encrypted files downloaded from the IPFS server cannot be decoded without the group key. The suggested model offers collision attack resistance, auditability, and confidentiality. Additionally, the CSP attack can be detected because to auditability. This section talks about our blockchain-based model’s security analysis. The security analysis of the proposed model is analyzed on the basis of the following questions: by taking the assumption that the servers used in the proposed model are semi-trusted and assuming the following procedure is defined in the model, sometimes it can be tried to know the data [42, 43, 44, 45, 46, 47, 48, 49, 50, 51]. Further, the following questioners require to be addressed.

1)
Does the proposed model provide confidentiality or not?
2)
Does the proposed model resist the collision attack or not?
3)
Does the proposed model provide auditability of data or not?

Case-1. The proposed model will provide full confidentiality for the sensitive information saved in the cloud.

Argument – Users of cloud-based services are constantly most concerned about data security. Because it was constructed on an unreliable network, it raises the possibility of data hacking and leaking. The data is encrypted in the suggested model, and decryption is only feasible if the user has legitimate attribute tokens, which are kept in the smart contract and transaction ID is stored in the blockchain. Every authorized user has been assigned a unique random value $r$ ( $r$ is randomly chosen from $\mathbb{Z}_{p}$ ). If any hacker or unauthorized user does not satisfy the specified access policy of the CO then mapping $e(g,g)^{rs}$ cannot be generated in the process of decryption according to the Eq. (4). Hence, unauthorized user cannot generate the original message.

Case-2. The proposed model will provide security against a collision attack between two users or any illegal advisory.

Argument – When some malicious user enters the system and collides with some other user, there is a possibility that they may share key attributes that are secret. It is used to calculate key tokens. The hash data will be recalculated and verified with the existing data, i.e. $h^{\prime}=\textit{SHA256}(\textit{received\_data})$ . If both hash values ( $h$ and $h^{\prime}$ ) are equal, it means data is not tempered else tempered. Thus, it is almost impossible to attack by collision [38].

Case-3. The proposed model will provide the proper auditability log.

Argument – In our data sharing model, we have used blockchain. Whenever any user initiates the request for access, a trustable access log will be created and recorded, which is immutable. The stored record can be verified by both the data owner and the data user as per the access policy and access request. Therefore, the proposed scheme adopts a process of auditability from predefined blockchain technology.
7. Conclusion

In this paper, we have proposed a secure framework for digital document sharing using blockchain and the ABE cryptosystem. The framework proposes the use of blockchain for digital document management. It provides secure download (searching) and storage of digital documents using IPFS, Ethereum smart contracts, and searchable ABE algorithms. The key advantage of employing the ABE cryptography technology is that only users whose attributes meet the specified conditions of the access policy are able to access documents. When storing and accessing data, the implementation of blockchain assures security, traceability, and non-tempering qualities. Using smart contracts eliminates the need for a third party to record transactions and establish consensus. With this plan, document sharing may be accomplished affordably and securely. In the future, we’ll test the model using a public dataset. The model can be used by educational institutes and government organizations to create a digital wallet for storing all the education certificates of students.

Footnotes

Declaration of statement

We confirm that this manuscript has not been published elsewhere and is not under review or consideration by another journal.

Author’s Bios

Dr. Garima Verma working as Assistant Professor in the School of Computing, DIT University, INDIA. Garima Verma received her Ph.D in Computer Science Engineering from DIT University in 2018 and M.Tech in Computer Science Engineering from Uttarakhand Technical University in 2011. Garima has Qualified UGC Net in Computer Science and received a Gold Medal (First Merit) in M.Tech. Garima’s research interest includes cloud computing, Blockchain, and machine learning.

Dr. Soumen Kanrar currently working as Associate Professor in the Department of Computer Science & Engineering, Amity University Jharkhand, India. He is also attached to the department of computer Science at Vidyasagar University India. Soumen does research in Computer Communications (Networks), Artificial Intelligence and Algorithms, Data Science and Natural Language processing. His current projects are ‘Stream data classification,’ Target Location, Data analytics. He has done his Bachelor from Calcutta University, India. Master both in Science and Technology from Jadavpur University, India, and Indian Institute of Technology (I.I.T) Kharagpur, India. He has done his Ph.D. in Computer Science from Vidyasagar University, India. He was the former research associate of King Saud University (KSA) and Ex. research staff member of Vehere India.

References

Pachpande

B.R.

and Kamble

A.A.

, Study of e-wallet awareness and its usage in Mumbai, Journal of Commerce and Management Thought 9(1) (2018), 33–45. doi: 10.5958/0976-478X.2018.00004.6.

Padiya

and Bantwa

, Adoption of e-wallets: A post demonetisation study in ahmedabad city, Pacific Business Review International 10(10) (2018), 84–95. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3735394.

and Tan

, Electronic certificate sharing scheme with searchable attribute-based encryption on blockchain, In Journal of Physics: Conference Series 1757(1) (2021), 012161. doi: 10.1088/1742-6596/1757/1/012161.

Namasudra

Deka

G.C.

Johri

Hosseinpour

and Gandomi

A.H.

, The revolution of blockchain: State-of-the-art and research challenges, Archives of Computational Methods in Engineering 28(3) (2021), 1497–1515. doi: 10.1007/s11831-020-09426-0.

Qin

Huang

Yang

and Li

, A Blockchain-based access control scheme with multiple attribute authorities for secure cloud data sharing, Journal of Systems Architecture 112 (2021), 101854. doi: 10.1016/j.sysarc.2020.101854.

Murthy

C.V.

Shri

M.L.

Kadry

and Lim

, Blockchain based cloud computing: Architecture and research challenges, IEEE Access 8 (2020), 205190–205205. doi: 10.1109/ACCESS.2020.3036812.

Verma

, A Secure Framework for E-Voting Using Blockchain, in: Second International Conference on Computer Science, Engineering and Applications (ICCSEA), Sep. 2022, pp. 1–5. doi: 10.1109/ICCSEA54677.2022.9936073.

Zhu

Qin

Zhou

Song

Liu

and Chu

W.C.C.

, Digital asset management with distributed permission over blockchain and attribute-based access control, in: IEEE International Conference on Services Computing (SCC), July 2018, pp. 193–200. doi: 10.1109/SCC.2018.00032.

Paillisse

Subira

Lopez

Rodriguez-Natal

Ermagan

Maino

and Cabellos

, Distributed access control with blockchain, in: IEEE International Conference on Communications (ICC), May 2019, pp. 1–6. doi: 10.1109/ICC.2019.8761995.

10.

Mhatre

and Nimkar

A.V.

, Secure cloud-based federation for EHR using multi-authority ABE, Advanced Computing and Intelligent Engineering 714 (2019), 3–15. doi: 10.1007/978-981-13-0224-4_1.

11.

Sahai

and Waters

, Fuzzy identity-based encryption, in: Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2005, pp. 457–473. doi: 10.1007/11426639_27.

12.

Wang

Zhang

and Zhang

, A blockchain-based framework for data sharing with fine-grained access control in decentralized storage systems, IEEE Access 6 (2018), 38437–38450. doi: 10.1109/ACCESS.2018.2851611.

13.

Eltayieb

Elhabob

Hassan

and Li

, A blockchain-based attribute-based signcryption scheme to secure data sharing in the cloud, Journal of Systems Architecture 102 (2020), 101653. doi: 10.1016/j.sysarc.2019.101653.

14.

Benet

, Ipfs-content addressed, versioned, p2p file system, arXiv preprint (2014), arXiv:1407.3561. doi: 10.48550/arXiv.1407.3561.

15.

Cui

Asghar

M.R.

and Russello

, Towards blockchain-based scalable and trustworthy file sharing, in: 27th International Conference on Computer Communication and Networks (ICCCN), 2018, pp. 1–2. doi: 10.1109/ICCCN.2018.8487379.

16.

Dong

Russello

and Dulay

, Shared and searchable encrypted data for untrusted servers, Journal of Computer Security 19(3) (2011), 367–397. doi: 10.3233/JCS-2010-0415.

17.

Shamir

, Identity-based cryptosystems and signature schemes, in: Workshop on the Theory and Application of Cryptographic Techniques, 1984, pp. 47–53. doi: 10.1007/3-540-39568-7_5.

18.

Boneh

and Franklin

, Identity-based encryption from the Weil pairing, in: Annual International Cryptology Conference, 2001, pp. 213–229. doi: 10.1007/3-540-44647-8_13.

19.

Waters

, Efficient identity-based encryption without random oracles, in: Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2005, pp. 114–127. doi: 10.1007/11426639_7.

20.

Waters

, Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions, in: Annual International Cryptology Conference, 2009, pp. 619–636. doi: 10.1007/978-3-642-03356-8_36.

21.

Lewko

and Waters

, New techniques for dual system encryption and fully secure HIBE with short ciphertexts, in: Theory of Cryptography Conference, 2010, pp. 455–479. doi: 10.1007/978-3-642-11799-2_27.

22.

Hohenberger

and Waters

, Online/offline attribute-based encryption, in: International Workshop on Public Key Cryptography, 2014, pp. 293–310. doi: 10.1007/978-3-642-54631-0_17.

23.

Namasudra

, An improved attribute-based encryption technique towards the data security in cloud computing, Concurrency and Computation: Practice and Experience 31(3) (2019), e4364. doi: 10.1002/cpe.4364.

24.

Wang

Shen

Zheng

Yang

and Au

M.H.

, Fuzzy matching and direct revocation: A new CP-ABE scheme from multilinear maps, Soft Computing 22(7) (2018), 2267–2274. doi: 10.1007/s00500-017-2488-8.

25.

Wang

Zheng

and Li

, New directly revocable attribute-based encryption scheme and its application in cloud storage environment, Cluster Computing 20(3) (2017), 2385–2392. doi: 10.1007/s10586-016-0701-7.

26.

Khader

, Introduction to attribute based searchable encryption, in: IFIP International Conference on Communications and Multimedia Security, 2014, pp. 131–135. doi: 10.1007/978-3-662-44885-4_11.

27.

Sun

Lou

Hou

Y.T.

and Li

, Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud, in: IEEE INFOCOM Conference on Computer Communications, 2014, pp. 226–234. doi: 10.1109/INFOCOM.2014.6847943.

28.

Wang

Dong

and Cao

, Multi-value-independent ciphertext-policy attribute based encryption with fast keyword search, IEEE Transactions on Services Computing 13(6) (2020), 1142–1151. doi: 10.1109/TSC.2017.2753231.

29.

Liang

and Susilo

, Searchable attribute-based mechanism with efficient data sharing for secure cloud storage, IEEE Transactions on Information Forensics and Security 10(9) (2015), 1981–1992. doi: 10.1109/TIFS.2015.2442215.

30.

Yin

Zhang

Xiong

Liao

and Li

, CP-ABSE: A ciphertext-policy attribute-based searchable encryption scheme, IEEE Access 7 (2019), 5682–5694. doi: 10.1109/ACCESS.2018.2889754.

31.

Yamada

Attrapadung

Hanaoka

and Kunihiro

, A framework and compact constructions for non-monotonic attribute-based encryption, Lecture Notes in Computer Science 8383 (2014), 275–292. doi: 10.1007/978-3-642-54631-0_16.

32.

Nakamoto

, Bitcoin: A peer-to-peer electronic cash system, Decentralized Business Review, 2008, 21260. https://klausnordby.com/bitcoin/Bitcoin_Whitepaper_Document_HD.pdf.

33.

Elisa

Yang

Chao

and Cao

, A framework of blockchain-based secure and privacy-preserving E-government system, Wireless Networks, 2018, 1–11. doi: 10.1007/s11276-018-1883-0.

34.

Wang

and Song

, Secure cloud-based EHR system using attribute-based cryptosystem and blockchain, Journal of Medical Systems 42(8) (2018), 1–9. doi: 10.1007/s10916-018-0994-6.

35.

Mahore

Aggarwal

Andola

and Venkatesan

, Secure and Privacy Focused Electronic Health Record Management System using Permissioned Blockchain, in: IEEE Conference on Information and Communication Technology, 2019, pp. 1–6. doi: 10.1109/CICT48419.2019.9066204.

36.

Sun

Yao

Wang

and Wu

, Blockchain-based secure storage and access scheme for electronic medical records in IPFS, IEEE Access 8 (2020), 59389–59401. doi: 10.1109/ACCESS.2020.2982964.

37.

Wang

and Zhang

, A secure cloud storage framework with access control based on blockchain, IEEE Access 7 (2019), 112713–112725. doi: 10.1109/ACCESS.2019.2929205.

38.

Shamir

, How to share a secret, Communications of the ACM 22(11) (1979), 612–613. doi: 10.1145/359168.359176.

39.

Rastogi

and Sushil

, Cloud computing security and homomorphic encryption, IUP Journal of Computer Sciences 9(3) (2015), 48–58.

40.

CryptoCompare, “What is the ‘gas’ in Ethereum?” CryptoCompare, 2021. https://www.cryptocompare.com/coins/guides/what-is-the-gas-in-ethereum.

41.

Ethereum, Ethereum Project, 2021. https://www.ethereum.org.

42.

Verma

Pathak

and Sharma

, A Secure Framework for Health Record Management Using Blockchain in Cloud Environment, in: Journal of Physics: Conference Series, Vol. 1998, 2021, p. 012019. doi: 10.1088/1742-6596/1998/1/012019.

43.

Verma

and Adhikari

, Cloud Computing Security Issues: A Stakeholder’s Perspective, SN Computer Science 1(6) (2020), 1–8. doi: 10.1007/s42979-020-00353-2.

44.

Dang

N.T.

Tran

H.M.

Nguyen

S.V.

Maleszka

and Le

H.D.

, Sharing secured data on peer-to-peer applications using attribute-based encryption, Journal of Information and Telecommunication 5(4) (2021), 440–459. doi: 10.1080/24751839.2021.1941574.

45.

Ezhil Arasi

V.K.

Gandhi

and Kulothungan

, Auditable attribute-based data access control using blockchain in cloud storage, J Supercomput 78 (2022), 10772–10798. doi: 10.1007/s11227-021-04293-3.

46.

Verma

and Kanrar

, A novel model to enhance the data security in cloud environment, Multiagent and Grid Systems 18(1) (2022), 45–63. doi: 10.3233/MGS-220361.

47.

Verma

, Blockchain-based privacy preservation framework for healthcare data in cloud environment, Journal of Experimental & Theoretical Artificial Intelligence, 2022, 1–14. doi: 10.1080/0952813X.2022.2135611.

48.

Kanrar

, Dimension Compactness in Speaker Identification, in: International Conference on Informatics and Analytics ICIA-16, 2016, pp. 1–6. doi: 10.1145/2980258.2980296.

49.

Kanrar

, Enhancement of job allocation in private Cloud by distributed Processing, in: Proceedings of the Second International Conference on Computational Science Engineering and Information Technology (CCSEIT’12), pp. 94–98. doi: 10.1145/2393216.2393233.

50.

Kanrar

and Mandal

P.K.

, E-health monitoring system enhancement with Gaussian mixture model, Multimedia Tools and Applications 76 (2017), 10801–10823. doi: 10.1007/s11042-016-3509-9.

51.

Kanrar

and Mandal

N.K.

, Video traffic analytics for large scale surveillance, Multimedia Tools and Applications 76 (2017), 13315–13342. doi: 10.1007/s11042-016-3752-0.

Secure digital documents sharing using blockchain and attribute-based cryptosystem

Abstract

Keywords

1. Introduction

2. Literature review

2.1 Attribute-based encryption (ABE)

2.2 Blockchain technology

2.3 Features and challenges in related work

Table 1 Features and challenges in related work

3.1 Bilinear maps

3.2 Secret Sharing Scheme (SSS)

3.3 Smart contracts

3.4 IPFS

4. System model

4.1 Workflow of the proposed model

5. Experiment results and discussions

5.1 Performance evaluation

Table 2 Comparison of computational cost

Footnotes

Declaration of statement

Author’s Bios

References

Table 1
Features and challenges in related work

Table 2
Comparison of computational cost