An Access Control Scheme Based on Blockchain and Ciphertext Policy-Attribute Based Encryption

Ciphertext policy–attribute-based encryption (CP-ABE), which provides fine-grained access control and ensures data confidentiality, is widely used in data sharing. However, traditional CP-ABE schemes often choose to outsource data to untrusted third-party cloud service providers for storage or to verify users’ access rights through third parties, which increases the risk of privacy leakage and also suffers from the problem of opaque permission verification. This paper proposes an access control scheme based on blockchain and CP-ABE, which is based on multiple authorization centers and supports policy updating. In addition, blockchain technology’s distributed, decentralized, and tamper-proof features are utilized to solve the trust crisis problem in the data-sharing process. Security analysis and performance evaluation show that the proposed scheme improves the computational efficiency by 18%, 26%, and 68% compared to previous references. The proposed scheme also satisfies the indistinguishability under chosen-plaintext attack (IND-CPA).