Cross-domain data exchange is an important technical approach for realizing the value of data assets. However, lacking a single trusted root CA across domains, cross-domain schemes often encounter difficulties in authentication, controlled data flow, and fine-grained authorization. We propose a cross-domain data sharing scheme that uses decentralized identifiers and threshold proxy re-encryption. This scheme adopts the intra-domain leader node to verify the user identity, and the inter-domain multi-agent nodes collaborate in a threshold manner to handle cross-domain registration requests and re-encryption requests. Through threshold cooperation, the problem of single point of failure is effectively solved. The hash value of cross-domain registration information is stored on the blockchain, leveraging the immutable and traceable characteristics of blockchain to achieve trusted cross-domain data sharing. In addition, we introduce a ciphertext version tag to enable fast updates of re-encryption keys and use zero-knowledge proofs to verify re-encrypted ciphertext correctness. The security analysis indicates that our scheme has IND-CCA2 security under the DBDH assumption and can effectively resist collusion attacks. Performance analysis shows that our scheme is efficient, and can better meet the needs of cross-domain data sharing.
Wu et al. (Tue,) studied this question.