关键词: 数据共享, 访问控制, 零知识证明, 区块链, 属性基加密

Abstract: The integration of blockchain technology with ciphertext policy attribute-based encryption (CP-ABE) has to some extent alleviated issues concerning key security auditing and privacy data leakage in data sharing and access control. However, most current solutions still retain authorization authorities on the blockchain, exacerbating the "impossible triangle" problem. Therefore, this paper introduces a zero-knowledge proof mechanism and proposes a blockchain-based ciphertext access control scheme using zero-knowledge proofs. Firstly, this scheme employs a threshold proxy re-encryption protocol, enabling multi-party secure management and distribution of the attribute-based encryption algorithm's main key without the involvement of authorization authorities. Secondly, we design a NIZKP (Non-Interactive Zero-Knowledge Proof) based on the Fiat-Shamir transformation to verify the correctness of off-chain computations for proxy re-encryption. Lastly, we develop a blockchain ciphertext access control transaction aggregation circuit based on zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) to enhance system scalability and reduce on-chain costs. Simulation experiment results demonstrate that the proposed solution achieves secure and efficient data sharing and access control and effectively reduces on-chain overhead, with a gas reduction exceeding 61%.

Key words: Data Sharing, Access Control, Zero-Knowledge Proof, Blockchain, CP-ABE