Abstract
Multi-party authorization (MPA) typically involves multiple parties to
control and grant access to shared data. MPA is used to solve the
insider’s attack problem by ensuring that a single authority or party is
not acting alone. Currently, almost all existing implementations of MPA
are centralized and fall short in providing logs and events related to
provenance of granting permissions in a trusted, secure, immutable,
auditable, and decentralized manner. Moreover, for sharing data, proxy
re-encryption algorithms are often used to give secure access to
encrypted shared data. These schemes and algorithms are also centralized
and cannot be trusted. In this paper, we propose a fully decentralized
blockchain-based solution in which MPA is implemented using Ethereum
smart contracts, and proxy re-encryption algorithms (which are
computationally expensive) are implemented using multiple oracles to
give access to encrypted shared data stored on a public and
decentralized storage platform, such as the Interplanetary File Systems
(IPFS). The smart contracts help to validate results based on the
majority of encrypted results determined by the oracles. For this, we
incorporate reputation mechanisms in the proposed smart contracts to
rate the oracles based on their malicious and non-malicious behaviors.
We present algorithms along with their full implementation, testing, and
validation details. We evaluate the proposed system in terms of
security, cost, and generalization to show its reliability and
practicality. We make the smart contract source code publicly available
on Github.