Sharded Fog Architecture for Scalable CP-ABE with Minimized Policy Trees in Blockchain Systems

Leon Wirz; Pattarasinee Bhattarakosol

doi:10.47852/bonviewJCCE52026785

Authors

Leon Wirz Department of Mathematics and Computer Science, Chulalongkorn University, Thailand https://orcid.org/0009-0000-8132-213X
Pattarasinee Bhattarakosol Department of Mathematics and Computer Science, Chulalongkorn University, Thailand

DOI:

https://doi.org/10.47852/bonviewJCCE52026785

Keywords:

blockchain, fog computing, Attribute-Based Encryption, access control, IoT security, edge computing, lightweight cryptography

Abstract

The protection of Personally Identifiable Information (PII) remains a significant challenge, particularly within financial transactions. Current systems often fail to strike an optimal balance between security, performance, fine-grained access control, and distributed processing. A common dilemma is that some solutions prioritize security at the cost of efficiency, while others struggle with the complexity of managing detailed access controls in decentralized environments. Blockchain technology is widely recognized for its auditability, tamper resistance, and decentralization; however, the limitations of this method are computational efficiency of cryptographic operations and latency. Thus, to solve such limitations, this paper proposes an innovative approach that combines Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with a lightweight fog layer. This hybrid design offloads resource-intensive cryptographic operations to the fog layer, effectively reducing the complexity of the policy tree while also protecting against potential side-channel attacks through a multi-layer encryption strategy. The proposed method not only strengthens data confidentiality but also ensures that the impact on transaction performance is minimal. This approach has been proven to be more secure, efficient, and a significantly distributed solution for managing sensitive information. Additionally, the research validates the effectiveness of this design through practical implementation and experimental comparisons with state-of-the-art systems, conducted across various settings. These experiments highlight the advantages of the proposed approach in terms of both security and operational efficiency regarding decryption and encryption, as experimental results show that this paper achieves near-constant encryption and decryption times at the Data Owner and Data User sides, reducing latency by over 80% compared to existing schemes.

Received: 12 July 2025 | Revised: 10 September 2025 | Accepted: 7 October 2025

Conflicts of Interest

The authors declare that they have no conflicts of interest to this work.

Data Availability Statement

The data that support the findings of this study are openly available in GitHub at https://github.com/Fraunhofer-AISEC/rabe.

Author Contribution Statement

Leon Wirz: Conceptualization, Methodology, Software, Formal analysis, Investigation, Resources, Data curation, Writing – original draft, Writing – review & editing, Visualization. Pattarasinee Bhattarakosol: Validation, Writing – review & editing, Supervision, Project administration.