SCIENCE CHINA Information Sciences, Volume 63 , Issue 3 : 130101(2020) https://doi.org/10.1007/s11432-018-9781-0

Blockchain-based multiple groups data sharing with anonymity and traceability

More info
  • ReceivedOct 31, 2018
  • AcceptedJan 23, 2019
  • PublishedAug 9, 2019


Group data sharing enables information sharing between multiple parties for cooperative purposes. However, the existing schemes only consider scenarios in which all parties in the same organization want to share data. Achieving secure data sharing between users of different groups is also a relevant research issue. In this paper, we propose a blockchain-based data sharing scheme for multiple groups with anonymity and traceability. Owing to the consortium blockchain technique, any user in the system can easily verify the validity of the shared data without interacting with a third-party auditor. Additionally, the proposed scheme can not only enable data sharing between different groups with enhanced security anonymously but also achieve traceability and non-frameability.


This work was supported by National Cryptography Development Fund ( Grant No. MMJJ20180110).


[1] Wang C, Wang Q, Ren K, et al. Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of Infocom 2010, San Diego, 2010. 1--9. Google Scholar

[2] Chen X F, Li J, Ma J F. New Algorithms for Secure Outsourcing of Modular Exponentiations. IEEE Trans Parallel Distrib Syst, 2014, 25: 2386-2396 CrossRef Google Scholar

[3] Liu X F, Zhang Y Q, Wang B Y. Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud. IEEE Trans Parallel Distrib Syst, 2013, 24: 1182-1191 CrossRef Google Scholar

[4] Wang C, Chow S S M, Wang Q. Privacy-Preserving Public Auditing for Secure Cloud Storage. IEEE Trans Comput, 2013, 62: 362-375 CrossRef Google Scholar

[5] Chen X F, Huang X Y, Li J. New Algorithms for Secure Outsourcing of Large-Scale Systems of Linear Equations. IEEE Trans Inform Forensic Secur, 2015, 10: 69-78 CrossRef Google Scholar

[6] Zhang X Y, Jiang T, Li K C. New publicly verifiable computation for batch matrix multiplication. Inf Sci, 2019, 479: 664-678 CrossRef Google Scholar

[7] Wang J F, Chen X F, Huang X Y. Verifiable Auditing for Outsourced Database in Cloud Computing. IEEE Trans Comput, 2015, 64: 3293-3303 CrossRef Google Scholar

[8] Chen X F, Li J, Weng J F. Verifiable Computation over Large Database with Incremental Updates. IEEE Trans Comput, 2016, 65: 3184-3195 CrossRef Google Scholar

[9] Zhang Z W, Chen X F, Ma J F, et al. SLDS: secure and location-sensitive data sharing scheme for cloud-assisted cyber-physical systems. Future Gener Comput Syst, 2018. doi: 10.1016/j.future.2018.01.025. Google Scholar

[10] Shen J, Zhou T Q, Chen X F. Anonymous and Traceable Group Data Sharing in Cloud Computing. IEEE TransInformForensic Secur, 2018, 13: 912-925 CrossRef Google Scholar

[11] Chen X F, Li J, Huang X Y. New Publicly Verifiable Databases with Efficient Updates. IEEE Trans Dependable Secure Comput, 2015, 12: 546-556 CrossRef Google Scholar

[12] Zhang Z W, Chen X F, Li J. HVDB: a hierarchical verifiable database scheme with scalable updates. J Ambient Intell Human Comput, 2018, 53 CrossRef Google Scholar

[13] Yves D, Jean-Jacque Q, Ayda S. Remote integrity checking. In: Integrity and internal control in information systems VI. 2004. 1--11. Google Scholar

[14] Gazzoni Filho D L, Barreto P S L M. Demonstrating data possession and uncheatable data transfer. IACR Cryptology ePrint Archive, 2006, 2006: 150. Google Scholar

[15] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 598--609. Google Scholar

[16] Yang K, Jia X H. An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing. IEEE Trans Parallel Distrib Syst, 2013, 24: 1717-1726 CrossRef Google Scholar

[17] Yuan J, Yu S. Efficient public integrity checking for cloud data sharing with multi-user modification. In: Proceedings of INFOCOM 2014, Toronto, 2014. 2121--2129. Google Scholar

[18] Erway C C, Küp?ü A, Papamanthou C. Dynamic Provable Data Possession. ACM Trans Inf Syst Secur, 2015, 17: 1-29 CrossRef Google Scholar

[19] Yuan H R, Chen X F, Jiang T. DedupDUM: Secure and scalable data deduplication with dynamic user management. Inf Sci, 2018, 456: 159-173 CrossRef Google Scholar

[20] Wang J F, Chen X F, Li J. Towards achieving flexible and verifiable search for outsourced database in cloud computing. Future Generation Comput Syst, 2017, 67: 266-275 CrossRef Google Scholar

[21] Zhang X Y, Chen X F, Wang J F. Verifiable privacy-preserving single-layer perceptron training scheme in cloud computing. Soft Comput, 2018, 22: 7719-7732 CrossRef Google Scholar

[22] Ma X, Zhang F G, Chen X F. Privacy preserving multi-party computation delegation for deep learning in cloud computing. Inf Sci, 2018, 459: 103-116 CrossRef Google Scholar

[23] Wang Q, Wang C, Ren K. Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing. IEEE Trans Parallel Distrib Syst, 2011, 22: 847-859 CrossRef Google Scholar

[24] Huang H, Chen X F, Wu Q H. Bitcoin-based fair payments for outsourcing computations of fog devices. Future Generation Comput Syst, 2018, 78: 850-858 CrossRef Google Scholar

[25] Huang H, Li K C, Chen X F. Blockchain-based fair three-party contract signing protocol for fog computing. Concurrency Computat Pract Exper, 2018, 28: e4469 CrossRef Google Scholar

[26] Yang C S, Chen X F, Xiang Y. Blockchain-based publicly verifiable data deletion scheme for cloud storage. J Network Comput Appl, 2018, 103: 185-193 CrossRef Google Scholar

[27] Liang J, Han W L, Guo Z Q. DESC: enabling secure data exchange based on smart contracts. Sci China Inf Sci, 2018, 61: 049102 CrossRef Google Scholar

[28] Gaetani E, Aniello L, Baldoni R, et al. Blockchain-based database to ensure data integrity in cloud computing environments. In: Proceedings of Italian Conference on Cybersecurity, Venice, 2017. 1816: 146--155. Google Scholar

[29] Ghoshal S, Paul G. Exploiting block-chain data structure for auditorless auditing on cloud data. In: Proceedings of International Conference on Information Systems Security, Jaipur, 2016. 10063: 359--371. Google Scholar

[30] Chaum D, van Heyst E. Group signatures. In: Proceedings of Workshop on the Theory and Application of of Cryptographic Techniques, Berlin, 1991. 257--265. Google Scholar

[31] Nakamoto S. Bitcoin: A peer-to-peer electronic cash system. 2008. Google Scholar

[32] Merkle R. Secrecy, authentication, and public key systems. Dissertation for Ph.D. Degree. Stanford: Stanford University, 1979. Google Scholar

[33] Coelho F. An (almost) constant-effort solution-verification proof-of-work protocol based on merkle trees. In: Proceedings of International Conference on Cryptology in Africa, Casablanca, 2008. 80--93. Google Scholar

[34] Ateniese G, Camenisch J, Joye M, et al. A practical and provably secure coalition-resistant group signature scheme. In: Proceedings of Annual International Cryptology Conference, Berlin, 2000. 255--270. Google Scholar

  • Figure 1

    (Color online) The system model of our scheme.

  • Figure 2

    The structure of the blocks.

  • Figure 3

    (Color online) (a) Time cost of a user and manager in initialization; (b) time cost of a user and manager in data sharing.

  • Figure 4

    (Color online) (a) The impact of data blocks size on the user audit overhead; (b) the impact of group members size on the user trace overhead.

  • Table 1   Comparison of the schemes in terms of the verification process
    Scheme [15] Scheme [18] Scheme [29] Scheme [23]Our scheme
    Communication $O(1)$ $tO({\rm~log}L)$ $tO({\rm~log}L)$ $tO({\rm~log}L)$ $tO({\rm~log}L)$
    Server computation $O(t)$ $~tO({\rm~log}L)$ $tO({\rm~log}L)$ $tO({\rm~log}L)$ $tO({\rm~log}L)$
    Verifier computation $O(t)$ $~tO({\rm~log}L)$$tO({\rm~log}L)$ $tO({\rm~log}L)$ $tO({\rm~log}L)$

    Algorithm 1 KeyGen()

    Require:Prime numbers $p,q$ with $l$ bits;

    Output:pk, sk;

    Compute $P=2p+1,~Q=2q+1$, let $n=PQ$;

    Select random elements $g,h,a_1,a_2,g_1,g_2,\delta_1,~\delta_2~\in_R~QR(n)$, where $QR(n)$ denotes the quadratic residue of group $\mathbb{Z}_{q}^{*}$;

    Select random $X_{j}~\in~\mathbb{Z}^{*}_{q}$, and compute $Y_{j}=g^{X_{j}},~j\in[1,N]$;

    Let ${\rm~pk}=\{Y_{j},g,h,a_1,a_2,g_1,g_2,\delta_1,~\delta_2,n\},~{\rm~sk}=\{X_j,~j\in~[1,N]\}$;

    return pk, sk;

  • Table 2   Functionality comparison of the schemes
    Scheme [15] Scheme [18] Scheme [29] Scheme[23]Our scheme
    Anonymity No No No Yes Yes
    TraceabilityNo No No YesYes
    Number of groups One OneOne One Multiple
    Public auditing No Yes Yes Yes Yes
    Non-frameability No No No NoYes
    Third-party auditor Yes YesNo Yes No

    Algorithm 2 GenSign()

    Require:Secret key $\{A_i,e_i\}$, system parameters $\{Y_j,g,h,a_1,a_2,g_1,g_2,\delta_1,~\delta_2,n\}$, and message $M$;

    Output:Signature $\sigma$ on message $M$;

    Select random number $r~\in~\{0,1\}^{2l}$, and compute the following values:$T_1=A_iY_{j}^{r}$, $T_2=g^r$, $T_3=g^{e_{i}}h^r$;

    Select random numbers:newline $r_1\in~\pm~\{0,1\}^{\kappa(\gamma_1+k)}$;newline $r_2\in~\pm~\{0,1\}^{\kappa(\lambda_2+k)}$;newline $r_3\in~\pm~\{0,1\}^{\kappa(\gamma_1+2l+k+1)}$;newline $r_4\in~\pm~\{0,1\}^{\kappa(2l+k)}$;newline then, compute the following values:newline $d_1=T_1^{r_1}/(a_1^{r_2}Y_{j}^{r_3})$;newline $d_2=T_2^{r_1}/(g^{r_3})$;newline $d_3=g^{r_4}$;newline $d_4=g^{r_1}h^{r_4}$;

    Generate a hash valuenewline $c=H_1(g\|h\|Y\|a_1\|a_2\|T_1\|T_2\|T_3\|d_1\|d_2\|d_3\|d_4\|M)$;

    Compute the following values:newline $s_1=r_1-c(e_i-2^{\gamma_1})$;newline $s_2=r_2-c(x_i-2^{\lambda_2})$;newline $s_3=r_3-cre_i$;newline $s_4=r_4-cr$;

    Generate the signature:newline $\sigma=(c,s_1,s_2,s_3,s_4,T_1,T_2,T_3)$;

    return $\sigma$.


    Algorithm 3 Ver()

    Require:System parameters $\{Y_{j},g,h,a_1,a_2,g_1,g_2,\delta_1,~\delta_2,n\}~$ and message $M$ with signature $\sigma$.

    Output:True or False;

    Compute the following values:newline $d'_1=a_1^{c}T_{1}^{s_1-c2^{\gamma_1}}/a_1^{s_2-c2^{\gamma_1}}Y_{j}^{s_3}$;newline $d'_2=T_2^{s_1-c2^{\gamma_1}}/g^{s_3}$;newline $d'_3=T_{2}^{c}g^{s_4}$;newline $d'_4=T_{3}^{c}g^{s_1-c2^{\gamma_1}}h^{s_4}$;

    Generate a hash valuenewline $c'=H_1(g\|h\|Y_{j}\|a_1\|a_2\|T_1\|T_2\|T_3\|d'_1\|d'_2\|d'_3\|d'_4\|M)$;

    if $c=c'$ then

    return `T';


    return `F';

    end if

    return $\sigma$;

Copyright 2020  CHINA SCIENCE PUBLISHING & MEDIA LTD.  中国科技出版传媒股份有限公司  版权所有

京ICP备14028887号-23       京公网安备11010102003388号