SegSub: Balancing Security and Efficiency for Large-Scale Decentralized Data Subscription in Web3

The proliferation of Web3 and Internet of Things (IoT) applications generates unprecedented volumes of real-time data streams, demanding secure and efficient subscription mechanisms that uphold data sovereignty. While decentralized architectures are the logical paradigm to ensure this sovereignty, a prominent class of existing schemes suffers from critical vulnerabilities—notably revocation attacks and prohibitive communication overhead—that severely hinder their practical deployment in large-scale environments. This paper introduces SegSub, a novel decentralized data subscription scheme specifically designed to significantly enhance both security and efficiency. SegSub's core innovations include the Segmented Dual-Key Regression with Binary Hash Trees (SDKR-BHT) mechanism, which partitions key regression chains into isolated segments to effectively contain potential data leakage and optimize token management and a strategic user grouping policy that localizes key updates, thereby substantially reducing system-wide communication overhead during revocation events. We formally quantify security improvements using a proposed security index and demonstrate a configurable trade-off between security and efficiency. Theoretical analysis and extensive experimental results validate that SegSub's security index is inversely proportional to segment length while communication efficiency is directly proportional. Furthermore, our grouping policy significantly reduces communication costs in large-scale scenarios through optimal group sizing. SegSub offers a robust and adaptable foundation for sovereignty-preserving data subscription services in Web3, empowering system designers with precise control over the critical security-efficiency balance to meet diverse deployment requirements.