A Security-Oriented Data-Sharing Scheme Based on Blockchain

Abstract

Data sharing serves to maximize the efficiency of data resources by facilitating their full utilization and reducing associated costs. However, existing data-sharing schemes are confronted with issues such as data loss, data tampering, difficulties in privacy protection, and high sharing costs. To address these issues, this paper proposes a blockchain-based security-oriented data-sharing scheme. Firstly, an architecture that separates data from data ownership is employed to enhance the security of the scheme and reduce storage overhead. Secondly, a lightweight on-chain and off-chain collaborative data security algorithm based on ECC and ECDHE is designed to ensure confidentiality during data sharing. Finally, a mechanism for tracking the circulation of shared data is proposed, which records the data flow in non-fungible tokens (NFTs), thereby improving the traceability of the proposed scheme. We designed relevant experiments to evaluate the proposed solution, and the results demonstrate that the data-sharing scheme devised in this paper performs well in terms of both security and usability, effectively achieving secure data sharing.

1. Introduction

Data sharing facilitates knowledge dissemination, enhances collaborative research endeavors, and advances the public interest. Data sharing can make full use of data resources by sharing one’s data for others to use [1], reduce the cost of data collection, maximize the social benefits of similar data, and also help to improve the reproducibility and verifiability of data and enhance the credibility and scientific value of research results. However, in practice, data are often segmented and stored by different organizations and individuals and shared only within a specific scope, forming many independent datasets, which forms “data silos” [2], leading to inefficient utilization of data resources and limiting the release of their potential value. Investigating secure data-sharing mechanisms is of utmost importance, as it helps prevent the formation of data silos and privacy breaches.

Despite its advantages, data sharing faces numerous practical challenges and obstacles. Traditional data-sharing models usually rely on a single third-party platform to facilitate data exchange and sharing [3]. Owners of data upload their data to third-party platforms, and data demanders pay these third-party platforms to access the data [4]. This data-sharing model simplifies management and maintenance but requires reliance on a third-party platform responsible for overseeing data-sharing records. Therefore, there are several shortcomings of traditional data-sharing models, such as absence of transparency in data transaction, data ownership may get lost, and data security cannot be guaranteed [5]. In recent years, cloud services have facilitated the storage and sharing of multimedia data [6], but they also bring some security problems, such as attackers tampering with the data and users being unable to ensure the integrity and authenticity of the data. There are also other problems, including poor reliability, poor scalability, high cost, and poor compatibility [7].

Blockchain-based solutions for data sharing are extensively utilized across specialized fields, including healthcare, energy management, and the Internet of Things. Blockchain is the core support technology of the digital cryptocurrency system represented by Bitcoin, which can provide a technical basis for building trusted peer-to-peer data security sharing [8], being open and transparent, tamper-proof, and leaving traces throughout the process. Blockchain technology adopts the structure of a “chain” to store data, which consists of individual blocks connected by a hash function, where each block contains the hash value of the previous block, timestamps, transaction data, etc. [9], and any attempt to tamper with the data will lead to the collapse of the blockchain. In addition, the data stored on the blockchain are jointly maintained by all parties, and any operation information related to the data can be stored on the blockchain to realize the whole trace management of the data [10]. Therefore, blockchain provides a new solution for solving the existing problems in secure data sharing. However, it is difficult to guarantee the security of data because of the open and transparent nature of the data stored in blockchains [10]. The open and transparent nature of the system allows unrestricted data access, thereby increasing exposure risks. Consequently, ensuring data integrity and confidentiality becomes more challenging, necessitating robust security measures to mitigate potential threats and attacks. In addition, each client of the blockchain system must maintain a complete copy of the block data [11], and the increasing size of the data to be shared on the blockchain will lead to increasing storage pressure on the blockchain, which will also result in high overhead for the clients. The immutability of blockchain data, coupled with increasing data volumes, substantially affects querying and storage efficiency.

This paper introduces a secure data-sharing framework leveraging blockchain, the InterPlanetary File System (IPFS), NFTs, and encryption/decryption technologies to efficiently manage and safeguard large data volumes, thereby optimizing performance and security.

The main contributions of this paper are as follows:

(1)

A storage architecture is designed in which data and data ownership are separated. A proof of data ownership is generated for each shared piece of data, which is stored on the blockchain and the data itself are stored off the chain. This storage architecture not only ensures the security and integrity of shared data but also reduces the overhead of data storage on the blockchain.

(2)

A lightweight on-chain/off-chain cooperative data security algorithm based on the Elliptic Curve (ECC) and Temporary Elliptic Curve Diffie Herman (ECDHE) is proposed. With this algorithm, information about shared data is cryptographically preserved in the proof of ownership. This algorithm not only ensures that the plaintext information of shared data wouldn’t be revealed, which improves security, but also ensures the performance of the data sharing.

(3)

A shared data tracking mechanism is designed. With smart contract, the records of data sharing are automatically recorded in the corresponding data ownership proof. The parties involved in the data-sharing process can be traced with this mechanism, and the shared data flow records can be queried as well.

The structure of this paper is as follows: Section 2 provides a review of relevant literature on data sharing. Section 3 details the proposed scheme. Section 4 presents and analyzes the experimental results. Section 5 concludes the paper.

2. Related Works

Initially, electronic tools such as email were primarily used for communication and data sharing, but these lacked systematic data protection, leading to significant security vulnerabilities in transmission and storage. Moreover, the need for repetitive file transfers in multi-user scenarios increased time inefficiencies and reduced the effectiveness of data sharing. As technology has advanced, the importance of secure data sharing has become increasingly evident. In 2018, Elhoseny M. et al. [12] proposed a hybrid cloud IoT model for healthcare applications of IoT, aiming to process and analyze sensor data from different sources without human intervention. The scheme leverages cloud service technology to counter potential attacks, but there remains a significant scope for enhancing security and optimizing real-time performance.

Traditional centralized data sharing suffers from issues such as single points of failure, easy data loss, easy manipulation, and difficulty protecting private data [13]. Scholars began considering the use of distributed methods to investigate data exchange. For instance, in 2017, Jonathan et al. [14] presented a novel distributed data storage strategy to securely and flexibly share data with external parties. This technique, based on identification and encapsulation principles, establishes a robust framework for secure and flexible data sharing. However, the reliance on a trusted third party in current data-sharing research poses a risk of data leakage, highlighting security concerns within the process.

Blockchain technology is catalyzing the advancement of decentralized data sharing, an increasingly significant research domain. Researchers are increasingly integrating blockchain into data-sharing frameworks to enhance the efficiency of transmitting and storing large data sets, reducing associated costs, and enhancing data integrity. In 2017, Tengfei Xue et al. [15] presented a blockchain-based healthcare data-sharing architecture, which realized quick, safe, and easy data exchange by incorporating an enhanced consensus mechanism. In 2018, Xiangqi Dong et al. [5] developed a new decentralized data-sharing model and enhanced security using differential privacy and secure multi-party computation. For more dependable data interchange, Wang et al.’s work [16] proposed a dual-chain blockchain structure in which one chain stores the transaction data and the other stores the original data. This is implemented in conjunction with the proxy re-encryption method. In addition to providing guidance on transferring medical records between healthcare facilities using patient-specified access controls, Amofa S et al. [17] also described a blockchain-enabled method—a dual-chain structure of blockchain—for limiting access to electronic data in order to preserve privacy. The proposed solution involves a dual-chain architecture: a public chain for storing patient health data with temporary IDs and a private chain for securing patient information using real IDs. While this design alleviates data storage pressures, it incurs significant costs and raises concerns about cost escalation and security in inter-chain transactions.

In 2019, Ra Lee et al. [18] proposed a framework for healthcare data sharing that uses blockchain medical centers and Fast Healthcare Interoperability Resource (FHIR) technology. This framework improves operability by storing the registry on the blockchain while keeping the raw data in a database. In 2020, Singh et al. [19] proposed a lightweight, blockchain-based access control scheme for electronic medical records that enables patients to upload and query their medical records through a smart contract API interface. Kumar [20] et al. proposed a scheme for data sharing based on the Hyperledger architecture framework, establishing a blockchain network between patients and healthcare organizations for the safe and secure sharing of patient data. However, the above scheme remains imperfect in terms of authentication and data traceability. The communicating parties are not fully trusted, and there is still a risk of data leakage. In 2021, Majdalawieh et al. [21] proposed a blockchain and IoT-based framework that uses Ethereum smart contracts to develop a transparent, reliable, and tamper-resistant food supply chain. This framework aims to achieve a blockchain-based supply chain data-sharing scheme and ensure secure data sharing and traceability requirements. In 2022, Yang et al. [22] proposed a blockchain-based data-sharing framework for edge data-sharing services between heterogeneous network domains in industrial IoT. This framework introduces a two-layer stacked network topology and an edge computing paradigm, recording all data-sharing activities on a blockchain. Chenli et al. [23] designed a blockchain-based data-sharing platform that improves security and privacy by tracking and recording the history of shared data and collecting and storing valid sharing records in the blockchain network. In 2023, Anas M. R. Alsobeh et al. [24] proposed a novel blockchain model verification method to enhance the security of blockchain systems. This method integrates the advantages of aspect-oriented analysis and model checking into the blockchain architecture, utilizing Aspect-Oriented Programming (AOP) to analyze and monitor the dynamic behavior of blockchain systems, thereby achieving more effective and efficient verification. All proposed schemes utilize blockchain technology to safeguard data integrity and prevent unauthorized data alterations during sharing. However, it is crucial to recognize that blockchain’s inherent openness could increase the risk of data leakage. A robust strategy to enhance data-sharing security is the application of a cryptographic algorithm.

In 2021, Zhaoliang et al. [25] proposed using the symmetric encryption algorithm AES to encrypt the information intended for sharing. Data in cloud storage are encrypted to ensure secure storage, with blockchain technology providing privacy protection. However, the use of a single key for both encryption and decryption in symmetric algorithms poses a risk of key leakage. Additionally, Park et al. [26] proposed a Medchain architecture that utilizes a cloud-based proxy server node to re-encrypt patients’ private data. Proxy re-encryption ensures patient privacy. For enhanced security, the server is decoupled from the blockchain system, reducing the risk of tampering or unauthorized access from external entities. However, the node remains vulnerable to attacks, which could lead to a single point of failure. Wenli Wu et al. [27] introduced a trusted blockchain-based access control scheme focused on security, which addresses the issue of a single point of failure caused by a centralized private key generation. This solution achieves more secure and efficient access control by integrating a decentralized attribute-based encryption algorithm (DABE) algorithm with a private key consensus verification protocol based on zero-knowledge proof. Integrating blockchain technology with data sharing raises a significant concern. In the age of big data, the increasing volume of data on the blockchain requires continuous expansion. Furthermore, the immutability of this data intensifies the storage demands placed on the blockchain.

To address this issue, research has explored the integration of blockchain with cloud computing, advocating for the storage of raw data off-chain to reduce storage pressures. However, cloud-based data-sharing systems face the challenge of a ‘single point of failure’, as third-party cloud providers, being semi-trusted, introduce complexities in ensuring robust data-sharing security. In 2020, Guo et al. [28] introduced a reliable cross-domain authentication mechanism for the Internet of Things (IoT) based on master–slave chaining. This architecture utilizes a master–slave blockchain configuration to facilitate distributed cross-domain authentication. The slave chain stores shared data, with its hash value securely anchored on the master chain to prevent tampering. However, this setup requires complex cross-chain interactions for data storage and retrieval, which may impact efficiency. In 2021, Ye et al. [29] proposed a system that utilizes blockchain and IPFS to store vehicle data securely and efficiently. In this system, IPFS is used for the off-chain storage of vehicle data, and its hash value is recorded on the blockchain to enhance query efficiency. This method eases blockchain storage limitations and provides a degree of security for off-chain data. However, security risks remain, as malicious actors might exploit the blockchain-stored hash value to access the IPFS data. Incorporating the aspect of data changes in the combined on-chain and off-chain data-sharing process leading to overheads, in 2024, Lianhai Wang et al. [30] proposed a blockchain-TEE medical data privacy protection and sharing scheme. This scheme enables reliable incremental updates and validations, thereby enhancing the security and efficiency of the blockchain-mediated data-sharing process.

The aforementioned research highlights the integration of blockchain technology with existing data-sharing frameworks, with some studies focusing on cryptographic algorithm-based mechanisms to secure data on the blockchain. Given the growing volume of data, a hybrid approach is advocated, storing shared data on-chain and critical information off-chain. This security-centric strategy employs lightweight Elliptic Curve Cryptography (ECC) and Elliptic Curve Diffie–Hellman Ephemeral (ECDHE) for encryption and decryption, complemented by IPFS for off-chain storage, thus mitigating blockchain storage constraints. The hash value of the IPFS-stored data is encrypted into ciphertext using lightweight cryptography. Additionally, this paper presents a scheme that enhances security and ensures data traceability through the incorporation of Non-Fungible Token (NFT) technology. The ciphertext of the hash value is embedded within an NFT and recorded on the blockchain, thereby capturing the transaction history of the shared data. This method prevents unauthorized decryption attempts by leveraging the immutability of blockchain hash values, offering both traceability and user authentication.

3. A Security-Oriented Data-Sharing Scheme Based on Blockchain

3.1. Formal Model

In the context of data sharing, consider a scenario involving distributed intrusion detection. Within a network, there exist multiple entities (hosts and security devices), each of which generates its own security data (e.g., alert logs). Intrusion detection systems require the utilization of these data to train a global intrusion detection model. It is important to note that these entities are not inclined to share their data. However, the peculiarity of the network topology necessitates that some entities must transmit data through other entities to reach the central server of the intrusion detection system. This scenario has motivated the data-sharing scheme proposed in this paper.

Based on this specific scenario, the problem is formally defined as follows:

Problem statement: Suppose there are a set $U=\left\{u_1,u_2,\dots ,u_n\right\}$ comprising $n$ users, where each user can be both a data owner and a data requester (transmitter). The data set owned by user $u_i$ is denoted as $D_i=\{d_i^1,d_i^2,\dots ,d_i^m\}$. Additionally, there exists a central server $C$, which serves as the final data consumer. The global intrusion detection model in the example provided above is trained by $C$. A data request $R=<u_i,u_j,d_i^m>$, indicates that data requester $u_j$ is requesting data $d_i^m$ from the data owner $u_i$. Data sharing is the process of fulfilling such requests $R$. Moreover, it should be noted that once the data sharing is completed, $u_i$ will no longer have ownership of the data $d_i^m$, while $u_j$ acquires ownership of $d_i^m$; i.e.,

$${D^{\prime }}_i=\left\{d_i^1,d_i^2,\dots ,d_i^{m-1}\right\}$$

(1)

$${D^{\prime }}_j=\left\{d_j^1,d_j^2,\dots ,d_j^k,d_j^{k+1}\right\}$$

(2)

where $d_j^{k+1}=d_i^m$.

Threat Model: In the data-sharing scheme proposed in this paper, there are two types of adversarial roles: malicious insiders and external attackers. The external attacker, denoted as $EA$, is not a member of the user set $U$ $(EA\notin U)$, and the attack intentions of $EA$ include:

(1)

Breach of Confidentiality: Knowing a user $u_i\in U$, $EA$ aims to steal data $d^{*}$ that belongs to $u_i(d^{*}\in D_i)$.

(2)

Breach of Integrity: $EA$ attempts to tamper with the data $d^{*}$, thereby affecting the performance of the intrusion detection model trained by the central server $C$.

The malicious insider, denoted as $MI$, is a member of $U$ $(MI\in U)$, and the attack intentions are primarily manifested in the breach of integrity. Specifically, when $MI$ is responsible for transmitting shared data $d$ from a user $u$, it may alter the content before transmitting it, which can also impact the performance of the intrusion detection model at $C.$ Based on the constraints of this problem description and threat model, the scheme is designed.

3.2. Design of the Scheme

This study introduces a strategy for secure data sharing through blockchain technology, designed to mitigate the burden on storage resources and simultaneously augment the security of the data-sharing process. The system’s architectural framework is illustrated in Figure 1. As illustrated in Figure 1, there are five roles in the proposed scheme: data owner, data demander, authorization center, blockchain platform, and the IPFS storage system. As defined in Section 3.1, the data owner and data demander can switch roles. Furthermore, the data demander is not the final data user but acts more as a data transmitter. When the system is initialized, the authentication center would generate identity keys for all data owners and data demanders. The data owner would upload the shared data to the IPFS and then mint an NFT with the digest of the shared data via the blockchain. The data demander can obtain the data storage information by acquiring the NFT, thereby gaining access to the data shared by the data owner. In the process, some critical information is encrypted with the identity key of the data owner and data demander. With the proposed scheme, we have designed three important components: a separated storage architecture, a lightweight encryption solution, and a tracking mechanism. Those components are discussed in detail in the subsequent sections.

3.2.1. A Storage Architecture That Separates Data from the Proof of Ownership

The direct embedding of extensive shared data into the blockchain presents significant storage challenges for network nodes and clients, increasing operational expenses. The inherent immutability of blockchain technology leads to an ongoing accumulation of data, which diminishes the efficiency of storage and retrieval processes. To counter these challenges, the proposed framework employs an innovative storage architecture that segregates shared data from its ownership proof. This strategy entails storing data off-chain while managing ownership proofs separately. By separating these elements, the framework not only enhances data security but also significantly decreases storage requirements and associated costs, thereby improving overall system performance. The innovative architecture is visually outlined in Figure 2.

This paper introduces a blockchain framework utilizing a consortium chain. This model, distinct from public and private chains, confines function access to consortium members, resulting in a semi-public ledger. It streamlines transaction confirmation, lowers administrative costs, and bolsters data security via controlled access. New users are authenticated through the allocation of a public–private key pair, ensuring a structured registration process. Data are stored on the InterPlanetary File System (IPFS), leveraging distributed data segmentation to enhance transfer rates and optimize network resource use. Furthermore, IPFS incorporates hash-based deduplication to reduce storage overhead.

After the data owner $u_i$ packages and uploads the shared data $d_i^m$ to IPFS, IPFS returns the hash value of the shared data, as shown in Algorithm 1. First, the public key is read and converted to byte form and then to string form, as shown in lines 1–4 of Algorithm 1. Next, as shown in lines 5–8 of Algorithm 1, the shared key for encrypting and decrypting the file is generated using the Elliptic Curve Key Exchange (ECDHE) algorithm, and the file is uploaded to the specified address. The IPFS address CID of the file is returned, then the CID is encrypted, and the ciphertext hash value is obtained using Base64 encoding. After setting up the blockchain, the file-related information (file address, file name, file ID, token ID, etc.) is stored in the blockchain as outlined in Algorithm 1, lines 9–16. Finally, as shown in line 17 of Algorithm 1, return the corresponding CID of the shared data $d_i^m$ on IPFS, the block number stored in the blockchain, and the shared key.

Algorithm 1: Data-Proof separation algorithm
	Input:	File address: address, File name: filename, Sender publickey address: spublickey, Recipient publickey address: rpublickey, File ID: TokenId, Maximum supply: turnover
	Output:	IPFS File address: CID, the block number in the blockchain where the file is saved: number
1	spublicKeyBytes = Get spublickey
2	rpublicKeyBytes = Get rpublickey
3	Unlock = string (rpublicKeyBytes)
4	Holder = string (spublicKeyBytes)
5	//The shared key for encrypting and decrypting the file is generated using the Elliptic Curve Key Exchange (ECDHE) algorithm Sharekey = ECDHE (spublicKeyBytes, rpublicKeyBytes)
6	CID = uploadFile(address)
7	//The ciphertext hash value is obtained using Base64 encoding HASH = base64(Encryption (Sharekey, CID))
8	Holder = rpublickey; Owner=spublickey
9	Set up blockchain
10	//The file-related information
11	A = [fileName, Holder, Unlock, turnover, Hash, Owner, TokenId]
12	//Initialize the blockchain, store information in it, and then return the count of stored blocks along with any potential errors encountered
13	Number, err = APP.InitLedger(A)
14	B = [fileName, Holder, “ipfs”, spublickey]
15	//Mine new blocks on the blockchain, store the information in B, and return the number of mined blocks along with any possible errors encountered
16	Number, err = APP.mine(B)
17	return CID, Number, Sharekey

This CID will be used as an identifier for location addressing on IPFS, and it is verified to determine whether the data $d_i^m$ has been changed. Additionally, IPFS removes redundant files with the same hash value by comparing them, thereby efficiently utilizing storage space.

In this study, we utilize the hash value of shared data to create an NFT, which serves as a verifiable proof of ownership. Securely contained within smart contracts on the blockchain, NFTs act as reliable custodians, enabling the authentication and circulation of unique assets. The NFTs used in this research, based on the ERC721 standard [31], are uniquely identifiable, indivisible, and possess distinct attributes, thus providing a robust framework for verifying ownership. When a data owner $u_i$ uploads shared data $d_i^m$ to a data-sharing platform, the encrypted hash value of the data storage address for that user is uploaded and minted into an NFT asset warrant, providing proof of ownership of the data owner $u_i$.

This strategy implements a bifurcated storage approach, storing shared data files on distributed nodes and maintaining ownership proofs on the blockchain. This approach enhances the security and efficiency of data sharing while significantly reducing storage requirements and associated costs.

3.2.2. Lightweight On-Chain/Off-Chain Cooperative Data Security Algorithm Based on ECC and ECDHE

The hybrid on-chain/off-chain storage paradigm facilitates efficient data sharing. However, a vulnerability exists in the exposure of plaintext hashes of original data storage addresses on the blockchain, which could lead to data leakage. To address this, our scheme integrates Elliptic Curve Cryptography (ECC) and Elliptic Curve Diffie–Hellman Ephemeral (ECDHE) algorithms to enhance security. This integrated approach ensures data integrity and confidentiality via a comprehensive security algorithm that operates across both on-chain and off-chain environments.

Elliptic Curve Cryptography (ECC) is an asymmetric cryptographic algorithm that provides strong security with smaller key sizes than RSA, allowing for quicker cryptographic operations without compromising security. Meanwhile, this scheme uses the ECDHE key negotiation algorithm, enabling the data owner $u_i$ and the data demander $u_j$ to jointly compute an identical negotiated key value for subsequent communication simply by transmitting their respective public keys. The Elliptic Curve Diffie–Hellman Ephemeral (ECDHE) key exchange protocol secures the negotiated key against unauthorized interception, ensuring confidentiality and integrity. It generates ephemeral, session-specific keys, guaranteeing that each session’s data are encrypted with a unique key. The transient nature of these keys prevents third parties from decrypting past session data, even if they have accessed a particular key. Furthermore, the protocol’s periodic renegotiation or key updates in response to specific events sustain forward security while preserving the security of historical data.

This hybrid encryption and decryption framework combines Elliptic Curve Cryptography (ECC) with Elliptic Curve Diffie–Hellman Ephemeral (ECDHE), employing AES-GCM to encrypt the hashed file storage address using a shared key dynamically generated by ECDHE. ECDHE ensures a unique shared key for each communication session, with key pairs being ephemeral and stored in memory. Consequently, even if a private key is exposed, the compromise is limited to the current session, thereby protecting the confidentiality of future communications and ensuring forward security. To enhance security, after negotiating the shared key, the two private keys of the data owner $u_i$ and the data demander $u_j$ can be discarded, which further improves the security. The flow of this encryption algorithm is illustrated in Figure 3.

As shown in Figure 3, a suitable elliptic curve type is selected to generate a public–private key pair for the data owner $u_i$ and the data demander $u_j$. The data owner $u_i$ selects a random number $d_{u_i}$ as the private key. After generating the private key, $u_i$ uses the private key and the selected base point parameter $G$ to generate the public key $P_{u_i}$ as follows:

$$P_{u_i}=d_{u_i}G$$

(3)

Once the data demander $u_j$ generates the private key $d_{u_j}$ and the public key $P_{u_j}$ in the same way, it proceeds to compute the session key. After generating the public and private keys, the two users exchange their respective public keys. Then, the data owner $u_i$ computes the point $\left(x_1,y_1\right)=d_{u_i}{P}_{u_j}$, and the data demander $u_j$ computes the point $\left(x_2,y_2\right)=d_{u_j}{P}_{u_i}$. Due to the law of multiplicative exchange and union on elliptic curves, it holds that $d_{u_i}{P}_{u_j}=d_{u_i}{d}_{u_j}G=d_{u_j}{d}_{u_i}G{=d}_{u_j}{P}_{u_i}$. Therefore, the x-coordinate obtained by both parties is the same, making it the shared key $S$, which serves as the session key.

After obtaining the shared key, the plaintext content $M$ (the hash value of the original file storage address) is encrypted with AES-GCM, as shown in Algorithm 2. The ciphertext $C$ is obtained as follows:

$$C=E_{AES-GCM}\left(M,S\right)$$

(4)

Algorithm 2: Data security algorithm

Upon completion of the encryption, the scheme transmits the encrypted ciphertext $C$ in the following process, ensuring that the information of the shared data $d_i^m$ is not disclosed and guarantees the confidentiality of the data-sharing process.

3.2.3. Shared Data Flow History Tracking Mechanism Based on NFT

In a blockchain, the data owner $u_i$ and the data demander $u_j$ transfer information about the shared data $d_i^m$ via an NFT transaction flow. Therefore, by keeping a record of the NFT flow, a more intuitive understanding of the whole event process can be provided, and the traceability of the identities of the parties exchanging data can be achieved.

We use the hash value of the shared data to create the NFT as proof of ownership for the data. When a data owner $u_i$ uploads shared data $d_i^m$ to a data-sharing platform, the encrypted hash value of the data storage address for that user is uploaded and minted into an NFT asset warrant, providing proof of ownership of the data owner $u_i$. Smart contracts, functioning as gateways for blockchain interactions, embody automatic and immutable execution mechanisms. These features facilitate the secure storage and efficient querying of data exchange records. Consequently, this paper incorporates a tracking framework within the smart contract design for NFTs, as outlined in

Table 1. Architecture of the smart contracts.

Contract Functions	Contract Logic	Contract Methods	Contract Description
Identity Registration	Register Legal Identity	userRegistration()	Generate public and private keys to register legal identities
NFT Minting	Initialize NFT assets	initLedger()	Initialize NFT assets on the blockchain
	Add NFT	mine()	Add a new NFT after initializing the NFT asset
NFT Transfer	Asset Authorization	approve()	Authorizes the data demander $u_j$
	Asset Transfer	transFrom()	Transfer the NFT asset to the privileged data demander $u_j$
NFT Query	Find NFT Information	getAddress()	Legitimate users look for NFT information and get file address information

, to enhance traceability and transparency. The smart contract initially facilitates the creation of NFT assets on the blockchain through the initLedger() function. The mine() function is then used to mint new NFT instances, each securely embedding the encrypted hash value of the shared data’s storage address provided by the data owner $u_i$. These NFTs also contain metadata with relevant details, including document identifiers and exact transaction timestamps. Data sharing begins with the authorization of eligible recipients. The transfer of NFT assets is initiated only after authorization is confirmed, ensuring secure delivery to the authorized data demander $u_j$. The data-sharing record is stored in the NFT via the smart contract. Both the data owner $u_i$ and the data demander $u_j$ can query the data-sharing flow record $d_i^m$ in the blockchain by searching the short file name. This process is illustrated in Figure 4.

Initially, the data owner $u_i$ and the data demander $u_j$ register their identity information in the system and receive the key. Then, after uploading the data $d_i^m$ to IPFS and obtaining the corresponding hash value, the data owner $u_i$ obtains the ciphertext of the data hash value using the lightweight cryptography algorithm proposed in this paper and saves the ciphertext of the hash value into the NFT. When the data owner $u_i$ and the data demander $u_j$ initiate data sharing, the NFT records the identity information of both parties and the transaction timestamps to save the flow record. Finally, data owner $u_i$ and data demander $u_j$ can query the records related to this shared data $d_i^m$ from the blockchain based on the short name of the file.

4. Experiment and Analysis

4.1. Experimental Environment

To assess the performance and security of our proposed scheme, we conducted experiments that evaluated storage efficiency, encryption/decryption performance, and the time overhead associated with NFT functionalities. We then analyzed the security implications of the data-sharing mechanism. Finally, we compared our scheme with similar approaches, underscoring its usability and security benefits.

This paper introduces a blockchain-based data security sharing framework utilizing Hyperledger Fabric, with IPFS serving as the underlying storage solution. Hyperledger Fabric ensures authenticated access for all participants and features customized permission controls to safeguard sensitive user data. The software configuration of the experimental setup is detailed in

Table 2. Details of software configuration in the experimental environment.

Experimental Environment Component	Configuration Details
Hyperledger Fabric version	Hyperledger Fabric 2.4
IPFS version	IPFS 0.14.9
Smart contract language	Go
Go version	15.7

.

4.2. Storage Performance Analysis

This study evaluated the efficacy of the proposed storage architecture in reducing blockchain storage requirements under various simulated environmental stresses. Comparative analyses were conducted to assess the impact of integrating the off-chain platform versus scenarios without it. We employed a distributed intrusion detection system that leveraged multiple hosts to provide both raw traffic data and preprocessed training data for analysis, with the raw data being of substantial size and the training data of reduced size. In our experiments, we used the CIC-IDS-2017 dataset, in which the traffic data were 8.2 GB, 10 GB, 7.7 GB, 10 G, and 12 GB, and the sizes of the training data were 173 MB, 12.6 MB, 50.4 MB, 14.2 MB, and 56.9 MB, respectively.

Table 3. Storage space occupied by shared data on the blockchain.

Application Scenario	The Size of the Shared Data	Storage Architecture That Separates Shared Data from Proof of Ownership of the Data	No Off-Chain Storage Platform Is Used
Friday-WorkingHours.pcap	8.2 GB	825 B	8,796,094,777 B
Monday-WorkingHours.pcap	10 GB	825 B	10,737,419,065 B
Thursday-WorkingHours.pcap	7.7 GB	825 B	8,291,635,897 B
Thursday-WorkingHours.pcap	10 GB	825 B	10,737,419,065 B
Wednesday-workingHours.pcap	12 GB	825 B	12,884,902,713 B

presents a concise comparison of the blockchain storage space required for shared data across simulated application scenarios, highlighting the differences between systems with and without the implementation of an off-chain storage solution.

As depicted in Table 3, storing the entirety of the shared data directly on the blockchain, devoid of an on-chain/off-chain separation architecture, enlarges block sizes proportionally to the data size, notably hampering blockchain operational efficiency. Conversely, our proposed scheme maintains a constant 825-byte storage requirement on-chain by sequestering only the ciphertext of the shared data’s hash value and essential account details, while the original data resides off-chain in IPFS. This segregation of data from proofs of ownership effectively mitigates blockchain storage overhead.

4.3. Encryption/Decryption Performance Analysis

This paper evaluates the proposed lightweight hybrid on-chain/off-chain data security algorithm by conducting encryption/decryption performance benchmarks in a controlled environment. The algorithm is compared against established methods such as RSA, ECC, and AES-GCM, as well as key exchange protocols including ECDHE, ECDH, and DH. Additionally, the performance of AES-GCM in combination with these key exchange protocols (specifically, ECDHE+AES_GCM, ECDH+AES_GCM, and DH+AES_GCM) is assessed to examine their integrated efficacy.

To validate data reliability, the experiments were conducted 100 times, with the average results presented in Figure 5 and Figure 6.

Figure 5 demonstrates that the ECDH+AES_GCM encryption scheme offers optimal speed, while ECDHE+AES_GCM provides strong forward security without sacrificing efficiency. This highlights the effectiveness of combining ECDHE and AES_GCM for a lightweight encryption approach that enhances security with a minimal impact on performance. Figure 6 illustrates the superior efficiency of AES_GCM in encryption and decryption, attributed to its reliance on straightforward bitwise and matrix operations, in contrast to the complex computations required by RSA and ECC. The performance of AES_GCM is further improved by hardware acceleration available on contemporary processors. Therefore, this study selects AES_GCM for its encryption and decryption tasks.

In conclusion, the proposed hybrid on-chain/off-chain data security algorithm, which is based on ECC and ECDHE, effectively secures blockchain hash values during data sharing while ensuring efficient encryption and decryption of shared data hashes. This approach not only strengthens security but also maintains high performance.

4.4. NFT Time Overhead

In our proposed scheme, the NFT, which serves as a proof of ownership for shared content, is stored on the blockchain with its sharing history recorded via smart contracts. The efficiency of the NFT minting and querying processes significantly impacts the performance of this scheme. To measure the overhead of NFT operations, we performed a series of one hundred experiments for both minting and querying. Averaging the results ensured the reliability of our findings. The outcomes of these experiments are detailed in Figure 7, Figure 8 and Figure 9.

Figure 7 and Figure 8 present results from 100 experimental trials, showing that the ownership proof NFT in our scheme exhibits consistent time overhead for both minting and querying processes, with negligible variation. Figure 9 illustrates that the average duration for NFT operations is approximately two seconds, indicating high efficiency. These findings confirm that our scheme meets the criteria for rapid response times in secure data sharing, ensuring that users can access the required information promptly, and supporting a variety of real-time applications.

4.5. Scalability of the Scheme

To evaluate the usability of the proposed scheme, an analysis of its scalability has been conducted. Scalability is manifested in two aspects: the storage pressure when the volume of stored data increases, and the computational overhead imposed on the blockchain system as the number of users grows. For the first aspect, the architecture that separates data and data ownership disperses the storage pressure both on-chain and off-chain. With only the data ownership proofs stored on the blockchain, the data itself is stored in the off-chain IPFS. As the volume of data increases, the data stored on the blockchain increases linearly, that is, for each shared data, 825 B of storage space is required on the blockchain (see in Table 3). This storage overhead to the blockchain system is minimal. Further, as an extensible distributed storage mechanism, IPFS can be expanded on demand easily to meet the future data storage needs. Therefore, the scheme exhibits excellent scalability from a storage perspective.

For the second aspect, experimental validation was conducted. We used Capliper to perform stress tests on the relevant smart contracts, simulating the response latency for NFT creating and querying under three scenarios: a single user peer, 500 user peers, and 1000 user peers. The results are shown in Figure 10.

As depicted in Figure 10, the response latency for both NFT creating and querying increased with the number of nodes. The response latency for querying is more significantly affected by the number of nodes; for instance, when the number of nodes increased from 1 to 500, the response latency increased by 51.4%. However, regardless of the number of nodes, the response times for NFT construction and querying remained within seconds, indicating that the proposed scheme also possesses good scalability in terms of the number of users.

4.6. Security Analysis of Off-Chain Data

The storage architecture proposed in this paper separates data from data ownership proof. During the process of data sharing, the data owner $u_i$ will store data off-chain in various forms, such as video, audio, image, and text. In order to analyze the security of data in the off-chain part of this architecture, text file data will be taken as an example and analyzed from the perspectives of data tampering prevention, data reliability, and data trustworthiness.

Data Consistency: Since the digest of the data and the data are stored on-chain and off-chain, respectively, data consistency is a critical issue that needs attention. In the scheme designed in this paper, after data demanders obtain the corresponding NFT, it includes the storage address of the requested data in IPFS and the hash value of the data. Data demanders can obtain the data through the storage address and then calculate the hash value of the obtained data to compare it with the hash value stored in the NFT. If they match, it indicates that the integrity of the data has not been compromised. If they do not match, the transaction would be rolled back, and the data provider would be informed that the data was corrupted during the storage process.

Data reliability: In the design of this paper, the off-chain data exhibits higher reliability and availability. Each node in the IPFS network can act as a storage and transmission node for the files, providing higher reliability and availability.

Data trustworthiness: The security feature of data trust is presented by the off-chain data in the scheme proposed in this paper. The hash values returned by IPFS are encrypted with lightweight algorithms based on ECC and ECDHE in this paper. The unencrypted hash value of the shared data storage address has the risk of data leakage. Unauthorized data demander $u_j$ can directly use the hash value to download the ciphertext of the data stored in IPFS. However, the hash value of the shared data storage address, encrypted and processed by the lightweight algorithm proposed in this paper, can only be decrypted by a legitimate user holding the shared key. This ensures access to the data in IPFS and maintains the trustworthiness of the data under the chain.

Potential centralization risks: In our scheme, IPFS is adopted as a centralized storage for data, serving as an alternative to traditional cloud storage methods. However, the difference lies in the fact that IPFS, based on its stronger robustness, offers enhanced security. Since IPFS is inherently decentralized, it is difficult for attackers to launch central attacks, such as DDoS. Even if some blocks of data are compromised, IPFS can still recover it through identical data blocks available on other nodes. Therefore, although the data are stored centrally, the risks associated with data centralization are greatly mitigated with the characteristics of IPFS.

4.7. Analysis of On-Chain Data Security

In this scheme, the security of the data owner $u_i$ sharing his own data $d_i^m$ on the blockchain may be ensured using this technique. First, blockchain technology has the characteristics of decentralization, openness and transparency, and non-tampering, which are related to the principle of blockchain. Therefore, the characteristics of blockchain technology can be utilized to ensure the security of shared data $d_i^m$. However, since the data on the blockchain are visible to everyone and have the nature of openness and transparency, it may raise the risk of data leakage. Therefore, the proposed scheme in this paper improves the security of data on the blockchain using a lightweight on-chain/off-chain collaborative data security storage scheme based on ECC and ECDHE.

The ECC algorithm provides comparable or higher levels of security using smaller keys and can support faster cryptographic operations. On the other hand, the ECDHE key negotiation algorithm has forward security, and the negotiated shared key is time sensitive. When the user gets the encrypted message, the shared key $S$ must be decrypted to get information about the shared data $d_i^m$. The security of the shared key $S$ can be guaranteed in the encryption process. According to the principle of the discrete logarithm, in the process of calculating the public key $P=\mathit{dG}$, it is easy to calculate the public key $P$ by knowing the private key $d$, but it is difficult to calculate the private key $d$ by knowing the public key $P$ and the base point parameter $G$. Therefore, even if a malicious party hijacks the private key $d$ of a communication process, it cannot compute the shared key $S$ and thus cannot decrypt the ciphertext $C$ and ultimately cannot steal any information from the shared data $d_i^m$, which enhances the security of the data-sharing scheme.

The hash value derived from IPFS is encrypted before blockchain storage, protecting it from unauthorized network exposure. Moreover, NFTs serve as digital proof of ownership, enhancing security through their unique non-replicability, tamper-resistance, and indivisibility, which effectively represent unique data assets on the blockchain. The encryption information of the shared data $d_i^m$ is written into the NFT, which improves the security of the shared data on the blockchain. Furthermore, the proposed scheme integrates a tracking mechanism into the NFT structure, encoding data-sharing records within the NFT itself. This capability enables the retrieval of the data’s circulation history on the blockchain, including transaction timestamps and the identities of participating users in each instance, as illustrated in Figure 11. This feature strengthens the security of data stored on the blockchain.

4.8. Analysis of Complexity

The system is primarily composed of four components: key generation, file uploading, file downloading, and record query.

Key generation primarily relies on the efficient elliptic curve algorithm for the creation of identity keys, which is with a constant time complexity, denoted as $O\left(1\right)$.

File uploading is implemented with three modules: file uploading to IPFS, hash encryption, and uploading to blockchain. The file uploading to IPFS is influenced by the size of the file, the number of file blocks, and the size of each block. Hence, the time complexity can be noted as $O(n+K\times B)$, where $K$ represents the number of file blocks and $B$ represents the size of each block. The time complexity of hash encryption depends on the size of the plaintext. In our scheme, the hash returned by IPFS is a fixed 64-bit hexadecimal number; thus, the encryption time complexity is constant, denoted as $O\left(1\right)$. The time complexity of uploading to blockchain is determined by the length of the encrypted file, which is fixed, and therefore the time complexity for uploading to blockchain is at a constant as well, denoted as O$\left(1\right)$. Thus, the time complexity for this part is $O(n+K\times B)+O\left(1\right)+O\left(1\right)$, which simplifies to $O\left(n\right)$.

File downloading relies on three modules: file information retrieval, decryption of the encrypted file, and file downloading from IPFS. The retrieval of file information is with a time complexity ranging from $O\left(1\right)$ to $O\left(logn\right)$, where $n$ is the amount of data in the blockchain. The decryption of the encrypted file, due to the fixed length of the encrypted file, has a time complexity of $O\left(1\right)$. The downloading of files from IPFS relies on the size of the file, the number of file blocks, and the size of each block; hence, the time complexity can be noted as $O(n+K\times B)$, where $K$ is the number of file blocks needed and $B$ is the size of each block. Therefore, the time complexity for this part is also $O(n+K\times B)+O\left(1\right)+O\left(1\right)$, which simplifies to $O\left(n\right)$.

Record query is the process of reading data from the blockchain’s ledger. Hence, the time complexity ranges from $O\left(1\right)$ to $O\left(logn\right)$, where $n$ is the amount of data in the blockchain. Thus, the time complexity for this part is $O\left(1\right)$.

Therefore, the overall time complexity of the proposed scheme is $O\left(1\right)+O\left(n\right)+O\left(n\right)+O\left(1\right)$, which simplifies to $O\left(n\right)$, where $n$ represents the size of the file.

In this scheme, the primary contributors to space complexity are the associated cryptographic operations, including hashing, encryption, and decryption. Although these operations are complex, the data handled are with a fixed length; hence, it is generally accepted that the space complexity is $O\left(1\right)$. Consequently, the spatial complexity of the proposed scheme is denoted as $O\left(1\right)+O\left(1\right)+O\left(1\right)$, simplified to $O\left(1\right)$.

4.9. Comparisons and Discussions

To comprehensively analyze the security of the scheme designed in this paper, this paper compares it with other related schemes ([19,22,25,26,30]), in which [19] is one of the most important schemes in similar approaches, Refs. [22,25,26] are related schemes from recent years, and [30] is the state-of-the-art method. The results of the scheme’s safety comparison are shown in

Table 4. Scheme safety comparison.

	Our Work	[19]	[22]	[25]	[26]	[30]
Off-chain data security	√	×	×	√	×	√
On-chain data security	√	×	√	×	×	√
Integrity of shared data	√	×	×	×	√	√
Traceable record of shared data	√	√	√	×	×	√
Identity authentication	√	√	√	√	√	√
Trusted shared data	√	×	×	×	×	√
Lightweight considerations	√	√	√	√	√	×

.

Off-chain data security: In the scheme proposed in this paper, the secure storage of data $d_i^m$ is ensured by using the IPFS storage platform and combined with cryptographic algorithms to make the subsequent sharing process transfer ciphertexts, which will not disclose the information of the shared data $d_i^m$, improving the security of the data-sharing process.

On-chain data security: The scheme proposed in this paper adopts a lightweight on-chain/off-chain collaborative data security algorithm based on ECC and ECDHE, which encrypts the hash value corresponding to the shared data $d_i^m$ into a ciphertext and then stores it on the blockchain. The hash ciphertext can only be downloaded from IPFS after decryption, thus preventing unauthorized access to the storage address of off-chain data and enhancing the security of on-chain data.

Integrity of shared data: The proposed architecture separates data storage from ownership proof. Data are securely stored off-chain on the IPFS platform, with each piece assigned a unique hash that changes upon any modification, thereby detecting tampering. Moreover, an NFT on the blockchain contains an encrypted version of this hash, ensuring the integrity of the shared data.

Traceable record of shared data: This paper adopts an NFT-based shared data flow history tracking mechanism, which automatically saves the data-sharing record in NFT. As a result, the shared record of shared data $d_i^m$ is stored in the chain without being tampered with, and the identities of the two parties in the process of data sharing can be traced and recorded.

Identity authentication: In the scheme proposed in this paper, it is ensured that only an identity-authorized data demander $u_j$ can obtain the hash ciphertext, decrypt it, and download the shared data $d_i^m$ stored in IPFS. Secondly, the records of each shared data can be queried each time, and the identity can also be verified by querying the shared records of a particular shared data.

Trustworthiness of the shared data: The proposed scheme involves storing the original shared data on IPFS and generating a unique hash. This hash is then encrypted using a custom lightweight cryptographic algorithm, with the resulting ciphertext embedded within an NFT for secure blockchain storage. This methodology ensures data security and tamper-resistance, and upholds the integrity and credibility of the shared data throughout the process. In addition, based on the uniqueness of the hash value, the data demander $u_j$ can compare the hash value of the data under the chain with the decrypted hash value on the chain to verify whether the data is trustworthy again, which improves the trustworthiness of the shared data.

Considerations for lightweight: The scheme proposed in this paper considers lightweight from three perspectives. Firstly, storing data off-chain alleviates the pressure on data storage. Secondly, the use of ECC and ECDHE algorithms reduces the computational overhead of encryption and decryption. Lastly, it does not rely on special hardware, such as Intel SGX.

However, it is important to note that data privacy concerns have not been extensively addressed within the scheme proposed in this paper. This is primarily due to the threat model defined in Section 3.1, where attackers are assumed to be interested in the data of specific users rather than having malicious intent towards all data. When data are stored or distributed on IPFS, it becomes challenging for attackers to derive the correlation between the data and the users, thereby making it difficult for them to achieve their intended attack objectives. Consequently, this paper does not offer a corresponding solution for data privacy. Nevertheless, data privacy is a significant aspect of data security, and we will consider this issue more extensively in future work to design a more universally applicable data security sharing scheme with sophisticated techniques, such as zero-knowledge proofs.

5. Summary

Blockchain technology, with its evolving capabilities, impacts various sectors by offering decentralized solutions to persistent technical challenges. This paper presents a security-focused blockchain-based data-sharing framework that incorporates IPFS, NFTs, and cryptographic mechanisms. Our approach separates off-chain data storage from on-chain ownership proof, thereby reducing storage needs, lowering costs, and strengthening data security. The integration of NFTs enables the tracking of data transactions on the blockchain, while cryptographic algorithms provide efficient encryption/decryption, further securing data in transit. A performance and security evaluation of our framework, compared to similar architectures, highlights its efficiency and robust security measures throughout the data-sharing process.