TDS-NA: Blockchain-based trusted data sharing scheme with PKI authentication

Data sharing has received much attention and research as an excellent way to unlock the value of data. Trusted data storage servers will participate in the data-sharing system to provide users with convenient data access and storage services. Currently, the vast majority of researchers design data-sharing systems based on centralized trusted authorities and key management centers, but they tend to ignore the problems of trust dependency and data leakage that exist in centralized trust and lead to the overall untrustworthiness of the system. To solve the above problems, this paper considers the use of public key infrastructure (PKI) to provide trusted authentication for data-sharing entities, but the traditional PKI has CA root trust and scenario adaptation problems, so we optimize the traditional PKI model for data-sharing scenarios and call it an improved PKI. Combining the decentralized trust property of blockchain, this paper proposes a TDS-NA scheme based on blockchain and improved PKI to build a distributed trusted, and secure data-sharing system in a semi-trusted network environment. TDS-NA can secure shared data in data sharing, and provide digital certificates that support entity-trusted authentication and reliable access control while designing digest blocks for efficient data auditing. In this paper, we demonstrate that the TDS-NA scheme is able to resist man-in-the-middle attacks and certificate forgery attacks through formal security analysis while satisfying the necessary security properties of data-sharing systems. We implement a prototype of the TDS-NA scheme in ethereum smart contracts and finally verify the security and feasibility of TDS-NA through experimental comparison and analysis.