Uploaded image for project: 'Fabric'
  1. Fabric
  2. FAB-15668

Enhancing Private Data Collections by adding salt to the value part of Key Value Store



    • Story
    • Status: Backlog
    • Medium
    • Resolution: Unresolved
    • None
    • None
    • fabric-crypto, fabric-peer
    • None
    • No
    • Yes
    • Yes


      Current Scenario:

      For every <K, V> pair stored in a PDC, <Hash(key), Hash(value)> is stored in ledger.

      Disadvantage of using Direct Hashing to store <K,V> pair in a PDC:

      Hashing is a one way function which maps data of any length to a fixed length unique string.

      However, since resultant hashes are unique, it is possible for an attacker to construct a comprehensive rainbow table and guess the input string given to the hash function.

      As an example, suppose that asset holdings are stored in a PDC where key is the owner's id and value is the amount of asset being held.  An attacker can simply, generate hashes of all numbers from 1 to 100000 and hashes of user names to see which owner has what amount of holding.

      Using Salting:

      Currently, for every <key, value> pair added to PDC, <Hash(key), Hash(value)> is added to the ledger.

      Instead, we can:

      Case A: Fixed Length Salt

      Step 1: Randomly generate salt of fixed length.

      Step 2: Append salt to the value. Here, append can be simply string append. Assume after salting, the value becomes valueSalt.

      Step 4: Write <key, valueSalt> to PDC.

      Step 5: Write <Hash(key), Hash(valueSalt)> to ledger.

      For retrieval:

      1. Fetch valueSalt using key.
      2. Delete last x characters from valueSalt where x is the length of salt.

      Case B: Variable length salt

      Step 1: Randomly generate salt of any length between certain limits.

      Step 2: Append salt to the value.

      Step 3: Bind valueSalt and salt into a json blob. The resultant json blob can be represented as {valueSalt, salt}. Alternatively, we can also store {valueSalt, length(salt)}.

      Step 4: Write <key, {valueSalt, salt}> to PDC.

      Step 5: Write <Hash(key), Hash({valueSalt, salt})> to ledger.

      For retrieval:

      1. Fetch {valueSalt, salt} using key.
      2. Delete salt from valueSalt.





            sejalpawar sejal pawar
            nishantrupani Nishant Rupani
            0 Vote for this issue
            1 Start watching this issue