Skip to main content
SpringerLink
Log in

Privacy-Preserving Resource Sharing Using Permissioned Blockchains

(The Case of Smart Neighbourhood)

  • Conference paper
  • First Online:
Financial Cryptography and Data Security. FC 2021 International Workshops (FC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12676))

Included in the following conference series:

  • 2345 Accesses

Abstract

In a resource sharing system users offer goods and services with specified conditions that if met, the access will be granted. Traditional resource sharing systems use a trusted intermediary that mediates users’ interactions. Our work is motivated by a decentralized resource sharing platform (proposed in WTSC’20) that uses a permissioned blockchain to allow users to share their digital items with their specified attributed-based access policies that are enforced through a set of smart contracts, and removes the need for a trusted intermediary. The system however allows users’ accesses to be traced, and has limited availability as access to a resource requires its owner to be on-line. We design a decentralized attribute-based access control system that achieves the same functionality while preserving the privacy of user’s access, and automating access which removes the need for the resource owner to be online. We use two cryptographic primitives, Ciphertext Policy Attribute-Based Encryption (CP-ABE), and ring signatures, and design smart contracts that allow specification and cryptographic enforcement of the users’ specified policies. We analyze the security and privacy of the system, provide the description of smart contracts and give a proof of concept implementation of the smart contracts and cryptographic algorithms that are used in the system. Our design and implementation are general and can be used for privacy-preserving resource sharing with fine-grained access control in other settings including data and information sharing among collaborating parties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    These nodes were referred to as C-nodes in [3].

  2. 2.

    We highlight that the requests of resource owner to BA are also non-anonymous.

  3. 3.

    We can use the ring signature with ring size equal to 1 as a regular signature.

  4. 4.

    The codes of our smart contracts are available in [40].

References

  1. Airbnb, Inc.: Vacation rental company (2020). https://www.airbnb.com

  2. Uber Technologies, Inc.: Transport company (2020). https://www.uber.com

  3. Muni Venkateswarlu, K., Avizheh, S., Safavi-Naini, R.: A blockchain based approach to resource sharing in smart neighbourhoods. In: Bernhard, M., et al. (eds.) FC 2020. LNCS, vol. 12063, pp. 550–567. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-54455-3_39

    Chapter  Google Scholar 

  4. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE (2007)

    Google Scholar 

  5. Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45682-1_32

    Chapter  Google Scholar 

  6. Ganache: Ganache one click blockchain (2019). https://www.trufflesuite.com/ganache

  7. Remix: Remix-solidity ide (2019). https://remix.ethereum.org

  8. Daemen, J., Rijmen, V.: Announcing the advanced encryption standard (AES). In: Federal Information Processing Standards Publication 197, pp. 1–51, 3 (2001)

    Google Scholar 

  9. Baiardi, F., Falleni, A., Granchi, R., Martinelli, F., Petrocchi, M., Vaccarelli, A.: SEAS, a secure e-voting protocol: design and implementation. Comput. Secur. 24(8), 642–652 (2005)

    Article  Google Scholar 

  10. Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)

    Article  Google Scholar 

  11. Xie, Q., Hengartner, U.: Privacy-preserving matchmaking for mobile social networking secure against malicious users. In: 2011 9th Annual International Conference on Privacy, Security and Trust, pp. 252–259. IEEE (2011)

    Google Scholar 

  12. Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. Mag. 32(9), 40–48 (1994)

    Article  Google Scholar 

  13. Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998)

    Google Scholar 

  14. Hu, V.C., et al.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Special Publication 800-162 (2013)

    Google Scholar 

  15. Ahmed, T., Sandhu, R., Park, J.: Classifying and comparing attribute-based and relationship-based access control. In: Proceedings of the 7th ACM on Conference on Data and Application Security and Privacy, pp. 59–70 (2017)

    Google Scholar 

  16. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  17. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98 (2006)

    Google Scholar 

  18. Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_26

    Chapter  Google Scholar 

  19. Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_18

    Chapter  Google Scholar 

  20. Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, pp. 47–52 (2010)

    Google Scholar 

  21. Wan, Z., Deng, R.H., et al.: HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 7(2), 743–754 (2011)

    Article  Google Scholar 

  22. Jung, T., Li, X.-Y., Wan, Z., Wan, M.: Privacy preserving cloud data access with multi-authorities. In: 2013 Proceedings IEEE INFOCOM, pp. 2625–2633. IEEE (2013)

    Google Scholar 

  23. Belguith, S., Kaaniche, N., Jemai, A., Laurent, M., Attia, R.: PAbAC: a privacy preserving attribute based framework for fine grained access control in clouds. In: 13th International Conference on Security and Cryptography, SECRYPT 2016, vol. 4, pp. 133–146. SciTePress (2016)

    Google Scholar 

  24. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_4

    Chapter  Google Scholar 

  25. Zyskind, G., Nathan, O., et al.: Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE Security and Privacy Workshops, pp. 180–184. IEEE (2015)

    Google Scholar 

  26. Di Francesco Maesa, D., Mori, P., Ricci, L.: Blockchain based access control. In: Chen, L.Y., Reiser, H.P. (eds.) DAIS 2017. LNCS, vol. 10320, pp. 206–220. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59665-5_15

    Chapter  Google Scholar 

  27. Ouaddah, A., Elkalam, A.A., Ouahman, A.A.: FairAccess: a new blockchain-based access control framework for the internet of things. Secur. Commun. Netw. 9(18), 5943–5964 (2016)

    Article  Google Scholar 

  28. Zhang, Y., Kasahara, S., Shen, Y., Jiang, X., Wan, J.: Smart contract-based access control for the internet of things. IEEE IoT J. 6(2), 1594–1605 (2018)

    Google Scholar 

  29. Cruz, J.P., Kaji, Y., Yanai, N.: RBAC-SC: role-based access control using smart contract. IEEE Access 6, 12240–12251 (2018)

    Article  Google Scholar 

  30. Xu, R., Chen, Y., Blasch, E., Chen, G.: BlendCAC: a blockchain-enabled decentralized capability-based access control for IoTs. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1027–1034. IEEE (2018)

    Google Scholar 

  31. Guo, H., Meamari, E., Shen, C.-C.: Multi-authority attribute-based access control with smart contract. In: Proceedings of the 2019 International Conference on Blockchain Technology, pp. 6–11 (2019)

    Google Scholar 

  32. Maesa, D.D.F., Mori, P., Ricci, L.: Blockchain based access control services. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1379–1386. IEEE (2018)

    Google Scholar 

  33. Maesa, D.D.F., Mori, P., Ricci, L.: A blockchain based approach for the definition of auditable access control systems. Comput. Secur. 84, 93–119 (2019)

    Article  Google Scholar 

  34. Tapas, N., Longo, F., Merlino, G., Puliafito, A.: Experimenting with smart contracts for access control and delegation in IoT. Fut. Gener. Comput. Syst. 111, 324–338 (2020)

    Article  Google Scholar 

  35. Raikwar, M., Gligoroski, D., Kralevska, K.: SoK of used cryptography in blockchain. IEEE Access 7, 148550–148575 (2019)

    Article  Google Scholar 

  36. Buterin, V., et al.: A next-generation smart contract and decentralized application platform, white paper (2014)

    Google Scholar 

  37. Wood, G., et al.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, vol. 151, pp. 1–32 (2014)

    Google Scholar 

  38. Bonneau, J., Clark, J., Goldfeder, S.: On bitcoin as a public randomness source. IACR Cryptol. ePrint Arch. 2015, 1015 (2015)

    Google Scholar 

  39. Kelsey, J., Brandão, L.T., Peralta, R., Booth, H.: A reference for randomness beacons: format and protocol version 2, Technical report, National Institute of Standards and Technology (2019)

    Google Scholar 

  40. Code: Privacy-preserving resource sharing (2021). https://github.com/mnr-18/Privacy-preserving-Resource-Sharing

  41. The OpenSSL Project: OpenSSL: The open source toolkit for SSL/TLS. www.openssl.org. Accessed April 2003

  42. Bethencourt, J.: Advanced Crypto Software Collection. http://acsc.cs.utexas.edu/cpabe/. Accessed December 2006

  43. Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_28

    Chapter  Google Scholar 

  44. Chase, M., Chow, S.S.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 121–130 (2009)

    Google Scholar 

  45. Bender, A., Katz, J., Morselli, R.: Ring signatures: stronger definitions, and constructions without Random Oracles. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 60–79. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_4

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Calgary, Alberta, Canada

    Sepideh Avizheh, Mahmudun Nabi, Saoreen Rahman, Setareh Sharifian & Reihaneh Safavi-Naini

Authors
  1. Sepideh Avizheh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mahmudun Nabi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Saoreen Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Setareh Sharifian
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Reihaneh Safavi-Naini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sepideh Avizheh .

Editor information

Editors and Affiliations

  1. University of Michigan–Ann Arbor, Ann Arbor, MI, USA

    Matthew Bernhard

  2. Computer Science and Mathematics, Stirling University, Stirling, UK

    Andrea Bracciali

  3. Imperial College London, London, UK

    Lewis Gudgeon

  4. Norwegian University of Science and Technology, Trondheim, Norway

    Thomas Haines

  5. Ithaca College, Ithaca, USA

    Ariah Klages-Mundt

  6. Department of Computer Science, Georgetown University, Washington, WA, USA

    Shin'ichiro Matsuo

  7. Imperial College London, London, UK

    Daniel Perez

  8. Dipartimento di Matematica, University of Trento, Trento, Trento, Italy

    Massimiliano Sala

  9. Imperial College London, London, UK

    Sam Werner

Appendices

A On the Security of Anyonymous Authentication

We consider a ring signature that provides basic anonymity, unlinkability, and existential unforgeability (for the formal definitions please see [45]). Because we have a registration authority which checks the validity of generated keys, and we assume that there are at least two honest members in the ring, the ring signature is not vulnerable to adversarially-chosen key attacks and basic anonymity is sufficient for our system. Choosing part of the ring randomly prevents the BAs from finding a pattern for the ring used by a particular requester in multiple requests and ensures that anonymity is preserved even in multiple executions of the protocol. Additionally, We assume that the random challenge that is concatenated with the message is unpredictable and unbiasable, and it can provide real-time authentication for users. However, in our authentication scheme, all users that are making request in the same time interval use the same random challenge, this is different from existing point to point authentication schemes. The question is whether the multicast of the challenge random value can give an opportunity to the attacker to break the security of the scheme, specifically, to an outsider to replay the message of an honest user. However, we assume that the time interval for generating a beacon is less than the time that is needed for the attacker to capture and resend the message to BA. So, if attacker sends the copied message the authentication fails. For unlinkability, we consider that the chosen rings by different (or even same) requesters has intersection with each other and provides some level of mixing. This prevents the BAs to link the consecutive requests from a requester.

B Interactions in Different Phases

The interactions between different entities of our system are shown in the following Algorithm 1 where the highlighted lines represent the interactions that involve blockchain.

figure a

C Smart Contracts in Our System

We have five smart contracts and the abstract of these contracts are given below (cf. Algorithms 2 to 6).

figure b
figure c
figure d
figure e
figure f

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Avizheh, S., Nabi, M., Rahman, S., Sharifian, S., Safavi-Naini, R. (2021). Privacy-Preserving Resource Sharing Using Permissioned Blockchains. In: Bernhard, M., et al. Financial Cryptography and Data Security. FC 2021 International Workshops. FC 2021. Lecture Notes in Computer Science(), vol 12676. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-63958-0_37

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-63958-0_37

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-63957-3

  • Online ISBN: 978-3-662-63958-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation