GDPR-Aware Revocable P2P File-Sharing System Over Consortium Blockchain

With the rise of blockchain technology, the peer-to-peer (P2P) network system has once again caught people's attention to equipping a blockchain with a big storage capacity. In the traditional P2P file-sharing network systems, such as InterPlanetary File System (IPFS), data stored in the other nodes cannot be revoked by the owner and can only be removed by other nodes themselves. To comply with the criteria of the European Union's General Data Protection Regulation, it is important to ensure that personal data can be completely removed by their owners. To improve the privacy and security of the P2P file-sharing system, we propose a revocable and monitorable P2P file-sharing system over a consortium blockchain to achieve revocation of files in the decentralized environment. By using a trusted execution environment, such as Intel Software Guard Extensions (SGX), the proposed scheme can verify the integrity of the executables of the P2P file-sharing system and generate a file authentication code for each IPFS node to make sure that the system is synchronized correctly. This scheme elaborately integrates the autonomous smart contracts and Intel SGX hardware to obtain the monitorable merit. The experimental results suggest that enhancing the security and privacy take modest computing costs into consideration. To the best of our knowledge, this scheme is the first attempt to achieve the P2P file-sharing system with securely revocable functions.