loading page

Blockchain-based Multi-Party Authorization for Accessing IPFS Encrypted Data
  • +3
  • Ammar Battah ,
  • Mohammad Madine ,
  • Hamad Alzaabi ,
  • Ibrar Yaqoob ,
  • Khaled Salah ,
  • Raja Jayaraman
Ammar Battah
Author Profile
Mohammad Madine
Author Profile
Hamad Alzaabi
Author Profile
Ibrar Yaqoob
Khalifa University of Science and Technology

Corresponding Author:[email protected]

Author Profile
Khaled Salah
Author Profile
Raja Jayaraman
Author Profile

Abstract

Multi-party authorization (MPA) typically involves multiple parties to control and grant access to shared data. MPA is used to solve the insider’s attack problem by ensuring that a single authority or party is not acting alone. Currently, almost all existing implementations of MPA are centralized and fall short in providing logs and events related to provenance of granting permissions in a trusted, secure, immutable, auditable, and decentralized manner. Moreover, for sharing data, proxy re-encryption algorithms are often used to give secure access to encrypted shared data. These schemes and algorithms are also centralized and cannot be trusted. In this paper, we propose a fully decentralized blockchain-based solution in which MPA is implemented using Ethereum smart contracts, and proxy re-encryption algorithms (which are computationally expensive) are implemented using multiple oracles to give access to encrypted shared data stored on a public and decentralized storage platform, such as the Interplanetary File Systems (IPFS). The smart contracts help to validate results based on the majority of encrypted results determined by the oracles. For this, we incorporate reputation mechanisms in the proposed smart contracts to rate the oracles based on their malicious and non-malicious behaviors. We present algorithms along with their full implementation, testing, and validation details. We evaluate the proposed system in terms of security, cost, and generalization to show its reliability and practicality. We make the smart contract source code publicly available on Github.
2020Published in IEEE Access volume 8 on pages 196813-196825. 10.1109/ACCESS.2020.3034260