Title | Towards Efficient Co-audit of Privacy-Preserving Data on Consortium Blockchain via Group Key Agreement |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Hu, Xiaoyan, Song, Xiaoyi, Cheng, Guang, Gong, Jian, Yang, Lu, Chen, Honggang, Liang, Zhichao |
Conference Name | 2021 17th International Conference on Mobility, Sensing and Networking (MSN) |
Keywords | co-audit, compositionality, consortium Blockchain, data privacy, distributed ledger, encryption audits, Fabrics, Group key agreement, Industries, Predictive Metrics, privacy, privacy preservation, Prototypes, pubcrawl, Public key, Resiliency |
Abstract | Blockchain is well known for its storage consistency, decentralization and tamper-proof, but the privacy disclosure and difficulty in auditing discourage the innovative application of blockchain technology. As compared to public blockchain and private blockchain, consortium blockchain is widely used across different industries and use cases due to its privacy-preserving ability, auditability and high transaction rate. However, the present co-audit of privacy-preserving data on consortium blockchain is inefficient. Private data is usually encrypted by a session key before being published on a consortium blockchain for privacy preservation. The session key is shared with transaction parties and auditors for their access. For decentralizing auditorial power, multiple auditors on the consortium blockchain jointly undertake the responsibility of auditing. The distribution of the session key to an auditor requires individually encrypting the session key with the public key of the auditor. The transaction initiator needs to be online when each auditor asks for the session key, and one encryption of the session key for each auditor consumes resources. This work proposes GAChain and applies group key agreement technology to efficiently co-audit privacy-preserving data on consortium blockchain. Multiple auditors on the consortium blockchain form a group and utilize the blockchain to generate a shared group encryption key and their respective group decryption keys. The session key is encrypted only once by the group encryption key and stored on the consortium blockchain together with the encrypted private data. Auditors then obtain the encrypted session key from the chain and decrypt it with their respective group decryption key for co-auditing. The group key generation is involved only when the group forms or group membership changes, which happens very infrequently on the consortium blockchain. We implement the prototype of GAChain based on Hyperledger Fabric framework. Our experimental studies demonstrate that GAChain improves the co-audit efficiency of transactions containing private data on Fabric, and its incurred overhead is moderate. |
DOI | 10.1109/MSN53354.2021.00079 |
Citation Key | hu_towards_2021 |