Enhancing the privacy and security of Hyperledger Fabric smart contracts using different encryption methods
R.S. Stefanov (TU Delft - Electrical Engineering, Mathematics and Computer Science)
K. Liang – Mentor (TU Delft - Cyber Security)
O.E. Scharenborg – Coach (TU Delft - Multimedia Computing)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Blockchain networks have gained recent popularity among organisations that want to make use of the security aspects that blockchain provides. Fabric is one of the most used distributed network technologies, most commonly applied in scenarios that require confidential data to be stored securely and privately. Use case examples are finance, trading, dispute resolution and healthcare record-keeping. Multiple research has shown that Fabric has vulnerabilities that can allow malicious attackers to obtain access to the data stored in the ledger or the state database. This research presents a symmetric encryption methodology that can be implemented in most of the Fabric smart contracts to protect the stored information in both ledger and state databases. Some drawbacks of the method are increased smart contract execution time, increased storage size, slightly higher code complexity, and limitations when executing CouchDB range queries. In conclusion, although this implementation enhances the security levels of Fabric, other approaches can be used to additionally improve data protection, such as ZKPs and MPC.