NANO: Cryptographic Enforcement of Readability and Editability Governance in Blockchain Databases

Recently, increasing personal data has been stored in blockchain databases, ensuring data integrity by consensus. Although transparent and immutable blockchains are mainly adopted, the need to deploy preferences on which users can <italic>read</italic> and <italic>edit</italic> the data is growing in importance. Based on chameleon hashes, recent blockchains support editability governance but can hardly prevent data breaches because the data is readable to all participants in plaintexts. This motivates us to propose NANO, the first permissioned blockchain database that provides downward compatible readability and editability governance (i.e., users who can <italic>edit</italic> the data can also <italic>read</italic> the data). Two challenges are protecting policy privacy and efficiently revoking malicious users (e.g., users who abuse their editability privileges). The punchline is leveraging Newton&#x0027;s interpolation formula-based secret sharing to hide policies into polynomial parameters and govern the distribution of data decryption keys and chameleon hash trapdoors. Inspired by proxy re-encryption, NANO integrates unique user symbols into user keys, achieving linear user revocation overhead. Security analysis proves that NANO provides comprehensive privacy preservation under the chosen-ciphertext attack. Experiments on the FISCO blockchain platform demonstrate that compared with state-of-the-art related solutions, NANO achieves a 7&#x00D7; improvement on average regarding computational costs, gas consumption, and communication overhead.