Received March 14, 2022, accepted May 3, 2022, date of publication May 5, 2022, date of current version May

12, 2022.
Digital Object Identifier 10.1109/ACCESS.2022.3172973

Enabling Trust and Privacy-Preserving e-KYC

System Using Blockchain
SOMCHART FUGKEAW , (Member, IEEE)
Sirindhorn International Institute of Technology, Thammasat University, Bangkok 12000, Thailand
e-mail: [email protected]
This work was supported by the Sirindhorn International Institute of Technology (SIIT) Young Researcher Grant under Contract
SIIT2019-YRG-SF02.

ABSTRACT The electronic know your customer (e-KYC) is a system for the banking or identity provider to
establish a customer identity data verification process between relying parties. Due to the efficient resource
consumption and the high degree of accessibility and availability of cloud computing, most banks implement
their e-KYC system on the cloud. Essentially, the security and privacy of e-KYC related documents stored
in the cloud becomes the crucial issue. Existing e-KYC platforms generally rely on strong authentication
and apply traditional encryption to support their security and privacy requirement. In this model, the KYC
system owner encrypts the file with their host’s key and uploads it to the cloud. This method induces
encryption dependency and communication and key management overheads. In this paper, we introduce
a novel blockchain-based e-KYC scheme called e-KYC TrustBlock based on the ciphertext policy attribute-
based encryption (CP-ABE) method binding with the client consent enforcement to deliver trust, security and
privacy compliance. In addition, we introduce attribute-based encryption to enable the privacy preserving
and fine-grained access of sensitive transactions stored in the blockchain. Finally, we conduct experiments
to show that our system is efficient and scalable in practice.

INDEX TERMS e-KYC, authentication, CP-ABE, key management, access control, blockchain.

I. INTRODUCTION to be validated via the centralized host. This causes a traffic

Electronic-Know Your customer (e-KYC) is a service that bottleneck and single point of failure problem. Also, the
banks or financial institutions (FIs) provide virtual banking traceability of the verified transaction is limited since all
operation related to authentication and verification of identity transactions occurring in the system are entirely managed
electronically to their customers for improving cost efficiency by the provider. Nevertheless, the security and privacy issue
and customer satisfaction. The e-KYC system enables FIs to of a cloud-based solution is a concern for many potential
electronically verify their customer identity and retrieve KYC enterprises. This is because e-KYC system located on the
data for both individual and corporate clients. To implement cloud store customer data documents and it might be viewed
the e-KYC system, financial institutions either employ off- by any public cloud tenants or even the cloud service
the-shelf e-KYC software fully equipped with necessary providers (CSPs). To address this concern, most banks and
functions or develop their own. Then, they can deploy the FIs need to implement an encryption mechanism in addition
system as an on-premise or a cloud-based model. Due to to the strong authentication feature provided by the CSPs.
the trend of the outsourcing model, most enterprises have To this end, banks and FIs possessing the e-KYC system need
adopted the cloud as the preferred platform for housing their to encrypt the e-KYC data files before they are uploaded to
system and data. the cloud. When the relying parties request for verification,
A cloud-based e-KYC system provides a more efficient the host party can either perform the verification by either
and flexible authentication method compared to the host- decrypting the file and sending back the confirmation of the
based e-KYC authentication method where documents need verification result to the requestor or transmitting the copy of
encrypted files along with the decryption key to the requestor.
The associate editor coordinating the review of this manuscript and This first approach introduces the overheads related to
approving it for publication was Mansoor Ahmed . the verification process, communication, and centralized

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
49028 VOLUME 10, 2022
S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

decryption while the latter approach needs to handle key Regarding the data privacy issue, we propose an optimized
management especially secure key sharing. Specifically, cryptographic protocol by applying symmetric encryption
key revocation and key re-generation in the cloud e-KYC with public key encryption to encrypt the customers’ cre-
environment have not been addressed by any research works. dential files and employ the ciphertext policy attribute-based
If the client would like to withdraw his consent from any encryption (CP-ABE) to encrypt the blockchain transactions.
banks or FIs, they have no right to store the client’s identity Since CP-ABE provides a one-to-many encryption with
data anymore. Accordingly, the data should be completely fine-grained access control, it allows several FIs to access
deleted and the decryption key needs to be revoked. Any common encrypted transactional data in the blockchain of the
banks or FIs sharing the revoked key need to regenerate a same client based on the access policy defined. Specifically,
key to fully guarantee that unauthorized banks or FIs cannot we devise the policy update algorithm to enable efficient re-
access the client’s data stored in the cloud. encryption based on a less complicated policy tree structure.
In addition to the aforementioned problems, exiting cloud Finally, our system allows users to update their e-KYC data
e-KYC platforms do not provide shared information for the with any banks or FIs engaging in the blockchain. The
transaction occurring in the e-KYC verification available for updated e-KYC data is broadcasted in the ledger and the
traceability. synchronization of the updated data is done by the responsible
Recently, blockchain technology has attracted huge inter- smart contract.
est by a number of enterprises in many industries including This paper is structured as follows. Section 2 presents
the banking and financial sector. There is a growing interest in related works. Section 3 explains the theoretical background
using e-KYC platforms that use blockchain and cloud system. used in our proposed approach. Section 4 presents our
Blockchain technology truly promotes the decentralized sys- proposed system model. Section 5 provides the security
tem enabling transparency, agility, trustworthiness, and cost- analysis of our scheme. Section 6 provides the evaluation
effectiveness for transaction processing and management in analysis and experiments. Section 7 gives conclusion and
multi-user and multi-provider environment. In the blockchain future work.
system, a smart contract which is a self-executing program
that can be implemented on the blockchain enables the II. RELATED WORKS
automated execution of system logics or functions efficiently. At present, blockchain technology and smart contracts have
This empowers the usability and programmability of any been leveraged in many application areas. Particularly,
systems running on the blockchain network. blockchain-based identification and authentication frame-
For years, a number of research works related to work have been proposed by many works [1], [2], [7], [8],
blockchain-based KYC have proposed to deliver the decen- [12], [15] and it has been demonstrated that a blockchain is
tralized authentication and verification process. However, efficient for identification and authentication management.
there are shortcomings that have not been fully solved However, the process of e-KYC is much more complicated
by existing works. First, there are no works that provide than simple authentication task. Rather, it involves secure
electronic client’s consent function with the solid non- credential registration, KYC document management, secure
repudiation property which is an essential requirement of and lightweight verification process between clients, multiple
privacy regulations such as General Data Protection Act FIs, and a dedicated blockchain platform. In addition, new
(GDPR) [18] in the KYC registration process. Second, most kinds of remote and spoofing attack to the KYC system
existing works overlook the privacy of transaction stored in need to be countered [4]. Recent research works related to a
the smart contract and blockchain. In addition to the identity blockchain-based e-KYC focus on devising a framework for
or credential documents that are encrypted on the cloud secure user identity management and credentials verification
storage, the privacy of all e-KYC processing transactions as well as optimizing the communication overhead of the
such as transaction status sharing, data origin authentication, interaction among financial institutes.
and smart contract that contains personal data stored in the In [3], the authors proposed a KYC document verification
blockchain should be preserved. Finally, most works have a scheme using the IPFS system and blockchain technology.
limited feature to allow the customers to access and update In this approach, the customers register their identity
their credentials located on the cloud service paid by the FI. information with the bank and their credentials are hashed
In this paper, we aim to address such research gaps and encrypted by using gpg4win as an encryption tool.
by introducing a secure and efficient blockchain-based e- However, this paper does not concern itself with the privacy
KYC documents registration and verification process with and traceability of transactions in the blockchains.
lightweight key cryptographic protocols run in the cloud In [5], Shabair et al. proposed a blockchain-based KYC
Interplanetary File System (IPFS). To facilitate the foun- in the form of proof-of-concept (PoC) system. The proposed
dational privacy requirement regarding the user’s consent system was conducted in private blockchain environments
collection, we develop a smart contract to generate and over the Grid’5000 a large-scale distributed platform. In [6],
enforce the consent to be digitally signed by the customer. Norvill et al. presented a system that allows automation and
The consents will be systematically stored in a blockchain permissioned document sharing over the blockchain to reduce
having tamper-proof property which is useful for auditing. the KYC process. In [9], Allah et al. proposed a Hyperledger

VOLUME 10, 2022 49029

 S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

Fabric network for KYC optimization model. In this model, Recently, Dwevedi et al. [25] proposed a Zero-Knowledge
the customer has full right to own the smart contracts in Proof (ZKP) authentication scheme and the encryption
which customer KYC data is stored in the distributed ledger scheme called ZKNimple for supporting lightweight encryp-
database. However, these works did not address the security tion in IoT-based applications. With the proposed scheme, the
and key management issue of KYC process. authentication is achieved through the ZKP property while
In [10], Kapsoulis et al. proposed a way to implement e- the security of key exchange and data is preserved through
KYC system using smart contracts and IPFS. In this work, password-authenticated method and Feistel encryption.
KYC document operations such as create, read, update and In [26], Bhaskaran et al. proposed a design and implemen-
delete are done through the set of smart contacts. The tation of a smart contract for consent-driven and double-blind
KYC documents are stored in the IPFS and through the data sharing on the Hyperledger Fabric blockchain platform.
private contract method. The security of the KYC transaction The smart contract for generating customer’s consent was
is managed by specific nodes in the blockchain with developed and published on the blockchain. The authors also
administrator privileges. However, there are no encryption presented public key sharing on the blockchain to multiple
used to protect the KYC data. providers for encrypting the document. However, the consent
Regarding the privacy preserving technique applied for provided by the customer has no digital signature binding.
securing blockchain database, CP-ABE has received the To the best of our knowledge, we provide the first attempt
attention of several research works [17]–[21], [24], [26], applying CP-ABE for a blockchain-based KYC management
[27]. In [17], Bramm et al. proposed a Blockchain-based with the user-controlled capability for protecting sensitive
Distributed Attribute-Based Encryption (BDABE) scheme data contained in the blockchain. Existing schemes focus on
allows the attributes to be created and deleted dynamically protecting data files shared in cloud while the privacy of
at any time by a transaction on the blockchain. The pro- transaction data in the blockchain is overlooked. In addition,
posed scheme supports mapping between multiple attribute none of the above research has addressed the practical
authorities to assign the attributes to the users. It offers the security and privacy issue with the aim of achieving
flexibility for supporting secure and efficient user attributes both efficient security and privacy management compliance
management in the blockchain system. related to customer consent using digital signature in the e-
In [18], Fan et al. proposed a traceable data sharing KYC system.
scheme using blockchain and CP-ABE. In this scheme, data
is encrypted by a CP-ABE method and a secret key can be III. BACKGROUND
generated based on the system parameters available in the This section describes the concept of blockchain used to
private blockchain. In the blockchain, the data owner can support identity and access management system. Then,
obtain the identity of data consumer and control data sharing we provide the basic theory of CP-ABE.
based on the predefined access policy.
Yuan et al. [19] and Wu et al. [20] employed a CP-ABE
approach to support data privacy protection and fine-grained A. KYC PRIVACY AND SECURITY COMPLIANCE
sharing in the blockchain system. In these schemes, any As the emergence of FinTech innovation and virtual banking
changes to the data are recorded on the blockchain and the has revolutionized the global financial service industry,
access policy is enforced to manage the different permissions several front-end services have shifted online. e-KYC is
of access. If there is any key abuse case initiated by any one such service that regulators of many countries have
malicious users or authorities, the system provides audit trails implemented policies that allow FIs to implement e-KYC
to support the traceability of cryptographic operations and verifications and approve customer applications. Based on the
transaction activities. thorough review of a survey of KYC regulations done by Price
Guo et al. [21] proposed a traceable attribute-based encryp- Waterhouse and Coopers [28], Technical Standard for Digital
tion with dynamic access control (TABE-DAC) scheme based Identification Systems published by World Bank Group [29],
on the combination of CP-ABE based linear secret sharing and the report on existing remote on-boarding solutions in
scheme (LSSS) and blockchain. The proposed scheme the banking sector by EU commissions [30], the security and
achieves fine-grained sharing of encrypted private data on privacy-related compliance regulated by financial institutions
cloud, traceability of users’ private key leakage, and flexible around the globe take customer due diligence as the
policy update. The authors also introduced a hash function in core consideration and emphasize the following four com-
the key and ciphertext generation to reduce the computation mon requirements for digital identification including KYC
cost of such operations. compliance.
In [24], Gao et al. proposed a secure ciphertext-policy • Verification of customer identification informationmust
and attribute hiding access control scheme and blockchain. be truly authenticated multiple factors and data sources.
The CP-ABE is used to protect the data stored in the The proof of identity (POI) must be identifiable
blockchain. However, this scheme uses composite order and technically and legally valid without tampering.
groups for their crypto implementation which results in Multiple sources of POI issued by government units and
expensive computation cost. trusted ID providers are required.

49030 VOLUME 10, 2022

S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

TABLE 1. KYC security requirements and our e-KYC trustblock features. It thus came into the public’s view as a proven technology
that facilitates secure and distributed cryptocurrency.
In addition to the decentralized transactional data stor-
age and sharing, blockchain technology can empower its
technical use and implementation flexibility with ‘‘smart
contracts’’. Smart contracts are programmable and self-
executable code that enforce predefined actions whenever a
given set of conditions is met [14]. With the benefits of decen-
tralized model, transparency, traceability, and immutability,
blockchain has been now employed by many application
areas including KYC platform.

C. CIPHERTEXT POLICY ATTRIBUTE-BASED ENCRYPTION

(CP-APE)
Bethencourt et al. [11] originally proposed the formal concept
of ciphertext policy attribute-based encryption in 2007.
Technically, the core construct of CP-ABE construct is relied
on bilinear maps where its mathematical formulation is
shown below.
Bilinear Map: Let G0 and G1 be two multiplicative cyclic
groups of prime order p and e be a bilinear map e : G0 ×G0 →
G1 . Let g be a generator of G0 . Let H : {0, 1}∗ → G0 be a
hash function that the security model is in random oracle.
The bilinear map e has the following properties:
1. Bilinearity: for all u, v ∈ G1 and a, b ∈ Zp , e(ua , vb ) =
e(u, v)ab
2. Non-degeneracy: e(g, g) 6 = 1.
Definition 1: Let a set {P1 , P2 , . . . , Pn } be given. A col-
lection A ⊂ 2{P1, P2,... ,Pn } is monotone if ∈ ∀B, C : if B ∈
A and B ⊂ C −→ CA.
An access structure is a monotone collection A of non-
empty subsets of {P1 , P2 , . . . , Pn }, i.e. A ⊂ 2{P1, P2,... ,Pn }/∅.
• Privacy of customers’ credentials or PII should be Definition2 (Access Tree T [11]): Let T be a tree
protected. Encryption and digital signing based on PKI representing an access structure. Each non-leaf node of the
should be employed [29]. tree represents a threshold gate, described by its children and
• Auditing feature for all transactions and its lineage must a threshold value. If numx is the number of children of a node
be provided. x and kx is its threshold value, then 0 < kx ≤ numx . When
• Collecting the customers ‘credentials must obtain con- kx = 1, the threshold gate is an OR gate and when kx = numx ,
sent from the customers. it is an AND gate. Each leaf node x of the tree is described by
an attribute and a threshold value kx = 1. The kofn threshold
With the above requirements, we introduce a blockchain- gate is also allowed in T, in this case kx = k where k is the
based e-KYC to enhance accessibility, verification efficiency threshold value determined in the kofn gate.
with high trust and accountability. Our proposed scheme
satisfies the requirements as shown in the Table 1. IV. OUR PROPOSED APPROACH
A. SYSTEM OVERVIEW
B. BLOCKCHAIN IN IDENTITY MANAGEMENT SYSTEM This section describes the system model of e-KYC Trust-
Blockchain technology delivers a decentralized database Block and provides the details of its system components.
where multiple nodes are linked to one another by the Figure 1 presents the overview of our e-KYC TrustBlock
communication network. Blockchains are constructed from System Model
cryptographic mechanism, data storage, networking, and The system model consists of the following entities:
incentive schemes to support decentralized transaction man- authority, clients, financial institutes, IPFS, blockchain, and
agement where multiple parties can check, execute, and store three smart contracts.
the data. Specifically, the blockchain stores transaction details • Authority: The authority generates the public parameter
and each completed block is assigned with a cryptographic PK and the master private key MSK of the system.
ID called hash value. Since 2009 Satoshi [13] introduced the The authority keeps the MSK secret and publishes
BitCoin concept based on the use of blockchain technology. PK available for the subscribers. The authority also

VOLUME 10, 2022 49031

 S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

2. The wallet in the blockchain platform returns a key pair

(PubK Client_id , PrivK Client_id )to a client.
3. FI calls Master contract to generate e-consent.
4. The Client digitally signs e-consent by using
PrivKeyclient_ID
5. FI calls the Register contract to enroll the client in the
system.
6. The client submits her credential documents Crenden
Files to the FI. Then, FI stores the Crenden files in its
local database
7. Register contract generates an AES session key to
encrypt the e-KYC document and asks the client to
encrypt the session key by using a client’s public
FIGURE 1. e-KYC trustblock system model. key PubKeyclient_ID . The encrypted Crendenfile (Enc-
CredenFile) and the encrypted session key (ESK) are
uploaded to the IPFS storage and the blockchain
generates a secret key generated based on the CP-ABE respectively.
method and that key is issued to each financial institution 8. The IPFS storage stores the data file into a corre-
(FI). sponding storage node and generates hash value of file
• Clients are the customers of financial institutes who id, client’s citizen id with SHA-256 and automatically
join the blockchain-based KYC. Each customer has her returns a hash value h which is kept in the DHT table
own key pair used to encrypt and decrypt her credential and the Master contract. This hash value is used as the
data. To allow the credentials to be stored in any FI’s index to link to the EncCredenFile located in IPFS.
database or in the cloud system, the FI must get the The detail of the Register contract is presented as follows.
consent digitally signed by the client. Algorithm 1 Register
• IPFS is a cloud database that stores encrypted docu-
ments of KYC bound to each user account. It serves for Procedure
user’s credentials to generate transaction for cryptocur- struct AESData{bytes encryptedKey;}
rency. It houses distributed hash table (DHT) keeping the function registerIdentity (clientAddress, userId,
address of the hash value of the clients’ credential files clientName, country, Image, PassportID, userAccount)
which are encrypted in the IPFS storage. Userstorage client= clients[userAddress];
• Blockchain is used to store the transactions of all KYC-
//to check that the client did not already exist
related activities. All sensitive transactions of the clients require(! client.set);
are encrypted. The data on the blockchain is tamper- //store the client
proof based on hash value and cryptography mechanism, users[userAddress] = Client({
which also prevents some illegal activities. id: clientId,
• Smart contracts are used to control and automate all
name: clientName,
KYC processes. In our system, there are three smart publickey: publicKey,
contracts including (1) Register contract is responsible Image: CrendenFile
for authenticating users, enrolling new users, and });
uploading the encrypted credentials to the IPFS, (2) emit EncryptFiles(Image, AESKey);
Master contract is responsible for controlling client EncryptKey(AESKey, PubKeyclient_ID )
profiles, keeping hash value of the citizen ID of //Store a collected image and encrypted key ESK
all clients for interacting with IPFS, and e-consent into IPFS distributed system with a hash of CredenFileID
generation, and (3) Verify contract is responsible for FileID = StoreImage(EncCrenden)
KYC verification. //Transform the ID and other personal info (e.g.,
In the next section, we describe two core processes of our PassportID to a new hash value)
system. It includes client registration and e-KYC document h = TransformData(CredenFileID, userId)
uploading, and e-KYC verification. We describe the details ContractAddress = Deploy(clientId,
of each process through the smart contracts developed for clientAddress, clientAccount, h)
automating core e-KYC processes. }
function deleteIdentity(clientAddress )
B. CLIENT REGISTRATION external;
The client registration process comprises the following steps. functionstoreClientDataHash(cientId, dataHash) public {
1. The client registers to the system with her identity clientDataHashes[clientId] = dataHash;
information and public key. end procedure

49032 VOLUME 10, 2022

S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

Below shows the function of the Master contract that 3. The Verify contract compares the hash value of the
supports e-consent generation and enforcement for the newly submitted value and checks with the one stored
process of client registration and verification process. in Master contract.
4. If the hash value is found, the Verify contract checks
Algorithm 2 Create e-Consent
the address of the files in the DHT in the IPFS to get
Input: Parameter P = (pu1 , . . . , pun ) where p is the purpose the address of the corresponding EncCrenden file and
for processing personal e-KYC credentials Creden, corresponding ESK.
parameter CP denotes the consent process which can be the 5. The Verify contract sends a request to the Master
consent used for registration stage (InReg) or the consent contract to generate e-consent.
used for verification stage (InVer), DS is the data subject or 6. The Verify contract transmits the EncCrenden file
the client, FI is the financial institute, S is the sensitivity and ESK with e-consent to the FI requesting KYC
level which can be Low, Medium, High or Critical verification.
7. The client digitally signs an e-consent and decrypts her
Output:e-Consent C ESK by using the client’s private key PrivKeyclient_id
and use the session key to decrypt the EncCredenFile.
C ← e-Consent() 8. The requesting FI stores the CredentFile of the client
for each purpose P ∈ (p1 , . . . , pn ) ^consent process CP into their local database.
9. The system records the verified transaction and the
do state of the smart contracts in the blockchain.
The details of the Verify contract are shown below.
P,CP ←pu, CP{InReg, InVer}
Algorithm 4 Verification
S ← SensitivityLevel(Low, Medium, High, Critical) Procedure VerifyProcess(requestID, citizenID)
emit DecryptFile(h, privatekey);
CD=ConsentData(Creden, FI,DS) FileEnc = GetImage(h)
return C ← Consent ( CD, P, CP) DecryptAESKey= (ESK, PrivKClient_id )
DecryptImg = TransformData(EncCredenFile, AESKey)
The above algorithm is used to create e-consent where currentClient=Verify(citizenID)
the purpose such as storing, disclosing, transferring, and match=compare(h, currentUser)
exporting credential data of the data subject or client if match == true then
is specified for the registration or verification processing Address = ContractAddress(h)
transaction. The output is an e-consent generated to ask the clientEncCreden =
client to digitally sign. Below is the function for enforcing Address.IPFS.getFile(h.FileID)
e-consent to the client. e-consent(h.userID)
Algorithm 3 Enforce e-Consent CredentFile = DecryptFile(h, privateKey)
Procedure end if
Function enforce_e-consent(clientId) SaveToLocal(CredentFile)
if (msg.sender!= owner) {throw; } end procedure
let privateKey = new
clientId(accounts[selectedAccountIndex].key, ’hex’) D. PRIVACY-PRESERVATION OF SENSITIVE DATA IN
ifconsent==true then BLOCKCHAIN
registerIdentity sign = Due to the decentralized nature of blockchains, e-KYC
registerIdentity(PrivKClient_id ) transaction data related to personal information of clients,
end if state of smart contract are replicated and stored on untrusted
if consent==false {throw;} nodes. This makes the transaction data insecure and it causes
} the issue of personal data privacy compliance.
end procedure In our scheme, we propose an attribute-value encryption
scheme to structure the transaction data in the blockchain
that is encrypted by a transaction key which is a sym-
C. e-KYC VERIFICATION PROCESS
metric encryption for protecting the sensitive data in the
The specific steps of the protocol in this process are as e-KYC blockchain. Since blockchains are tamper-proof,
follows: manipulating and deleting data in the blockchain is difficult.
1. The client submits the request for the e-KYC verifica- The attribute-value pair of PII and smart contract state is
tion by using her citizen id to the FI she is contacting. encrypted by the Master contract done during the TLS
2. The requesting FI calculates the hash value and communication. For instance, the transaction structure of e-
transfers it to the Verify contract. KYC done at time t consists of <TransID, {e-KYC operation,

VOLUME 10, 2022 49033

 S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

The cryptographic construct for secure access control to

sensitive data in the blockchain consists of five phases as
follows.
Phase 1 (System Setup): CreateAttributeAuthority(k) →
PK k , SKk , PKx.k . This algorithm uses an attribute authority
ID(k) and selects a bilinear group G0 of prime order p with
generator g. Then, it selects two randomα, β ∈ Zp to compute
FIGURE 2. Access policy. the public key defined as follows:
n 1 o
PK k = G0 , g, h = gβ , f = g β , e (g, g)α .
TABLE 2. Notations used in our scheme.
Then the authority computes the secret key SKk as (β, gα ).
Phase 2 (Key Generation): In our model, we define two
key types used by the data owner and financial institutes. The
crypto process of key generation is as follows.
• SymKeyGen(AESKeyGen, randomstring)→ AES_ key.
The Master Contract takes as inputs SymKeyGen
algorithm and random string to generate a 256-bit AES
key. Then, the data owner uses public key encryption
method by taking user’s public key to encrypt the
generated AES_key or SymKey and it is uploaded to the
cloud.
• FIKeyGen(Sfi_d, , SKk , PubKfi_id ) → EDKfi_id . FIKey-
Gen algorithm consists of two steps:
(1) FISKGen. It takes as input a set of attributes
(Sfi_id,k ) identifying the FI_id’s decryption key,
AA’s secret key (SKk ), and PubKfi_id of FI fi_id.
For each FI fi_id, the AA chooses a random r and
rj ∈ Zp , for each attribute j ∈ S. Then the FI
decryption key (FISKfi_id ) is computed as:
FISK j,k = (D = g(αk +r)/βk, Ai ∈ Sk :
Di = gr .H (i)ri , D0 i = gri ).
(2) EDKGen. The algorithm encrypts the FISK fi_id
type}, {FI Name, Value}, {ClientID, Value}, {ClientName, by using the public key of FI. The encryption is
Value}, {Address, Value}, {FinancialService, Value}, . . . , computed as:
{SmartContract State, Value}>. The tuple of transaction is ENCRSA (PubKfi_id , FISKfi_id ) ≡EDKfi_id
encrypted and written in the blockchain. Then, EDK fi_id is sent to each client.
To provide secure and fine-grained access to transaction Phase 3 (Encryption): We present a two-layer encryption
data stored in the blockchain, the transaction key is encrypted scheme comprising symmetric key encryption and CP-ABE
with the CP-ABE method and the encrypted transaction key encryption. The detail of the algorithm is described as
(Enc_TranKey) is stored in the blockchain. In our scheme, follows:
the client id and the block used are managed by the Master ENC(PKk , SymKey, M, ACPPid ) →( CTM , CTK ).
contract. The FIs participating in the e-KYC platform can Each encryption layer is done through the following
verify the transaction, if needed. To this end, the transactions steps.
can be updated by adding financial institution ID FIid to the (1) Encrypt Message M : the algorithm is run by
access policy configured in the master contract. Then, the the Register contract. It takes symmetric key
encrypted transaction key is re-encrypted. The new FI then SymKey to encrypt transaction data M. The
can decrypt the transaction stored in the blockchain without algorithm produces ciphertext CTM and stores
updating any information in the blockchain. it in the IPFS on cloud. The function is defined
Figure 2 shows the access policy used to encrypt the as:
transaction key.
M 7 → ENCAES (SymKey,M ) ≡ CT M
As shown in Fig.2, the access policy consists of the FI
ids and OR gate. The number of attributes is optimized and (2) Encrypt SymKey: the algorithm takes as inputs
its structure becomes less complex for the encryption and authority public key PKk , ACPpid, and
decryption process. SymKey. Then, the encrypted SymKey CTK

49034 VOLUME 10, 2022

S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

is produced by the following encryption 1. Privacy-preserving e-KYC credentials with client

function: consent. Our scheme applies a combination of sym-
SymKey.7 →ENCCP−ABE (PKk , ACPPid , SymKey) ≡ metric encryption and public key encryption for
CTK protecting the e-KYC documents before they are stored
The CTK is then stored in the blockchain. in the cloud. To conform some privacy regulations
Phase 4 (Decryption): The decryption phase is done by the related to cloud data privacy and auditing [22], the
Master Contract and legitimate FI. responsible smart contract generates e-consent and asks
DEC(PKk , FISKfi_id , CTM , CTK ) → M . The the client to sign the consent to allow the FI to use
algorithm performs two following steps. and store their personal data. This fully satisfies privacy
(1) Decrypt CTK The algorithm takes as inputs a preserving feature with non-repudiation.
FISKFI _id and CTK . The output is a symmetric 2. Secure and Fine-grained access control to transac-
key SymKey. The function is defined as tion data stored in the blockchains. Our scheme uses
follows. symmetric key encryption and CP-ABE encryption
to encrypt the transaction data and secret key of FIs
SymKey= DECCP−ABE (CTK , FISKfi_id ) respectively. This ensures that the confidentiality of
transaction data is only accessed by legitimate FIs.
(2) Decrypt CTM . The algorithm takes as inputs Since we apply the CP-ABE method, the detailed
SymKey and CTM . It then produces data M . proof of its security can be referred to the original
M = DECAES (SymKey, CTM ) CP-ABE [11].
3. Collusion attacks Resistance:Assuming that two
Upon the successful decryption, the legitimate FI different FIs, FI A and FI B collude to attack our system
can verify the client credentials and make decision by using their secret keys which contain different
on KYC validation. attribute sets, CSP (Cloud Service Provider) still sends
Phase 5 (Update Policy): In this phase, our scheme them the CTK . However, they cannot combine the
accommodates the policy change for supporting e-KYC by attributes to gain access to the encrypted symmetric key
adding a new FI or revoking the existing FI. The new or because of the CP-ABE key construction property [11]
existing attribute of the fi_id is updated. The policy update and the access policy specification.
process is as follows. 4. Traceability:All user access activities regardless of
(1) Update attribute in the policy clients and participating FIs are available in the
Case Adding a new fi_id into the policy. blockchain. Any authorization information and smart
ACP0Pid = ACPPid U {newfi_id} contract state are retained as immutable transactions.
Or Any FI member or third party auditors will know
Case Deleting existing who performed the activities or accessed the locally
ACP0Pid = ACPPid − {fi_id} stored data and they cannot deny the access operation.
(2) Re-encrypt SymKey with a new ACP0Pid Also, legitimate FIs can detect unauthorized accesses
CT0K 7 → ENCCP−ABE (PK k , ACP0Pid , SymKey) ≡ CTK0 or illegal attempts through verification.
The cost of policy update of our scheme thus deals with
only single encryption layer for re-encrypting the symmetric
key. VI. EVALUATION AND EXPERIMENT
This section describes the evaluation of our implementation
V. SECURITY ANALYSIS of our proposed scheme through the evaluation analysis and
In this section, we present the security analysis of our experiments.
proposed scheme by presenting the security model and
security features. A. FUCTIONAL ANALYSIS
We compare the functional system between our proposed
A. SECURITY MODEL scheme with two blockchain-based KYC schemes [3], [26],
In our model, we assume that the e-KYC platform in and two blockchain-based IDM schemes including
run on consortium blockchain. All blockchain nodes and L. Guo et al.’s scheme [21] and S. Gao et al.’scheme [24].
the cloud are considered as honest but curious. Since our As shown in Table 3, all schemes use blockchain and
core cryptographic protocol for protecting the content of cloud storage. To protect the shared data, scheme [3] and [26]
blockchain transaction is based on CP-ABE, the security apply public key encryption to encrypt the KYC documents
model and its proof is shown in [11]. and upload the ciphertext to store in cloud and blockchain
respectively. Scheme [24] also provides the features of
B. SECURITY FEATURES customer consent shared in the blockchain. In scheme [21]
In addition to the security model shown above, our proposed and [24], LSSS based CP-ABE is used to encrypt the key
scheme also achieves the following security features. and file while our scheme is based on tree-based CP-ABE

VOLUME 10, 2022 49035

 S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

TABLE 3. Comparison of system functions. TABLE 4. Comparison of the computation cost.

which provides more intuitive expression of the policy and file for verification. In this scheme, the cost of encryption
less complexity. and decryption are subject to the size of the key and the
In addition, our scheme provides the e-consent based on file. The encryption cost of scheme [21] and [24] relies on
digital signing along with the e-KYC and IDM process. the size of the matrix while our scheme is subject to the no.
Hence, our scheme can satisfy privacy compliance without of leaf nodes in the access tree. In the decryption process,
implementing additional consent management form this the major cost of all schemes varies on the bilinear pairing
application. Regarding the privacy-preserving KYC data and operations and the no. of attributes contained in the key.
transaction, our scheme supports the confidentiality of both However, our scheme is designed to use only the ID attributes
ID data files located in the cloud and sensitive transactions of the legitimate financial institutes joining the blockchain.
stored in the blockchain while the other two schemes only Hence the number of attributes used in the access policy and
concern the privacy of the ID data files. Finally, only our attribute-based decryption is much fewer than those in [21]
scheme allows the policy update to be done efficiently by the and [24] where the number of attributes in the access policies
authorized party. are characterized by the data owners and authorized users.

B. COMPUTATION COST ANALYSIS C. COMMUNICATION COST ANALYSIS

We compare the computation cost of our proposed scheme The communication cost of accessing plain data for the
with [3], [21] and [24]. The following notations are used to cryptographic-based access control is generally subject to the
describe the computation cost of all schemes. size and times of sending and receiving the cryptographic
elements such as the signature and secret key sent between
Ce : Exponentiation and XOR operation cost the data user, the cloud, and the blockchain. In [21], the user
Cp : Pairing operation cost needs to access the encrypted key stored in the blockchain and
Cm : Multiplication operation cost decrypt the key. Hereafter, the user then accesses the cloud
|S|: The size of user attribute set where the ciphertext of data is stored and uses the symmetric
|T |: The number of leaf nodes in access key to decrypt the data. In [24], the signature proof based on
control policy. the ElGamal public key cryptosystem is generated and sent
|N |: The number of nodes in access control to the user every time the user requests access to the system.
policy. Then, the user can use a secret key to decrypt the ciphertext
|l|: The number of rows in the LSSS stored in the cloud. In Mamun et al.’s scheme [3] and ours,
matrix. the system checks the request of users to verify the identity
|n|: The number of columns in the LSSS documents and returns the ciphertext and encrypted key to
matrix. the client. Hence, there is no communication cost on the client
|Att|: The number of attributes satisfying side to connect to the cloud or blockchain to get the ciphertext
the policy. for the decryption. Therefore, the communication cost of [21]
SymEnc/Dec: Symmetric Encryption/Decryption cost and [24] are higher than [3] and ours.
based on 256-AES
PubEnc/Dec: Public key encryption cost based on
1024-bit RSA D. PERFORMACE ANALYSIS
For the experiment, the evaluation was focused on two
As shown in Table 4, scheme [3] and [26] use the user’s scenarios: measuring the encryption and verification (request
public key encryption to encrypt KYC documents and they verification and decryption) performance of the ID document
are stored in the cloud and blockchain respectively. Only the and the blockchain transaction. In our experiment, we did a
user that has the corresponding private key can decrypt the simulation to compare the performance test of the encryption

49036 VOLUME 10, 2022

S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

TABLE 5. Simulation parameters.

FIGURE 3. Encryption time.

and document verification time between our scheme and three

other works including [3], [21], and [24].
All experiments were conducted on Intel R Xeon R E-2224
3.4GHz, 8M cache. We used the VM to run Ethereum
blockchain in the Linux ubuntu16.04 TLS. The smart
contracts were developed using the Solidity language [31].
FIGURE 4. Decryption time.
The standard AES and RSA encryption and signing provided
by the Ethereum blockchain are used for [21] and our scheme.
The CP-ABE toolkit and Java Pairing-Based Cryptography
[23] are used to implement all schemes. Table 5 summarizes ciphertext. The performance is greater than ours and it is
the simulation parameters used in our experiments. propositional to the file size. L. Gao et al.’s scheme [21]
In the experiment setting, we conducted the performance with five attributes of the access policy yield a comparable
evaluation by comparing the e-KYC documents encryption encryption and decryption time to [3] as this scheme applies
and decryption or the verification performance of our scheme a symmetric key to encrypt the data and uses the CP-ABE
and three works including Mamun et al.’ scheme [3], technique to encrypt the symmetric key. However, when the
Guo et al.’s scheme [21], and Gao et al.’s scheme [24]. number of attributes was increased to 10, the runtimes of both
To compare the run times of different schemes, the file sizes encryption and decryption are linearly increased. The scheme
of the identity document were varied and the processing [24] has the highest encryption and decryption time since it
time was measured. Since the performance of the identity applies the ABE method to encrypt and decrypt the data and
documents encryption and decryption in scheme [21] and ciphertext directly. When the attribute size increases to 10,
[24] is subject to the number of attributes used in the access the runtime increases double of the 5 attributes.
policy and the secret key, we also included this factor in their For the blockchain transaction encryption and decryption
test results. After running the test 100 times, the average time performance, ours is comparable to [21] where symmetric
of the encryption and decryption of our scheme and related encryption and CP-ABE are used. However, our scheme
works Fig. 3 and Fig.4 respectively. invokes CP-ABE method to encrypt transaction key by using
Figure 3 and Figure 4 show that our scheme consumed an access policy consisting of a fixed number of financial
least processing time of both encryption and decryption. institutes which is generally much fewer than the number
This is because our scheme applies symmetric encryption of client attributes in real scenario. In real practice, our
to encrypt and decrypt the data and use a public key scheme should provide more efficient running time for both
method for encrypting and decrypting the symmetric key. The credential documents and transaction encryption/decryption
performance is thus efficient as the property of symmetric than existing schemes.
encryption and decryption and the processing time is only In addition to evaluating the performance of encryption
dependent on the file size. In [3], the RSA encryption and decryption, we also set up the experiment to measure
is applied directly to encrypt and decrypt the data and the policy update cost of three schemes including scheme

VOLUME 10, 2022 49037

 S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

Significantly, the experimental results confirmed that our

proposed e-KYC TrustBlock is efficient and scalable in
supporting e-KYC registration and verification process with
transaction traceability.
VII. CONCLUSION
We have presented the privacy-preserving e-KYC approach
based on the blockchain. Our proposed scheme delivers
secure and decentralized authentication and verification of
the e-KYC process with the user’s consent enforcement
feature. In our scheme, the privacy of both customers’ identity
documents stored in the cloud is guaranteed by the symmetric
FIGURE 5. Policy update cost. key and public key encryption while the sensitive transaction
data stored in the blockchain is encrypted by symmetric
key encryption and CP-ABE. Our scheme also allows the
KYC data to be updated by the data owner or the customer.
In addition, we devised an access policy update algorithm
to enable dynamic access authorization. For the evaluation,
we performed comparative analysis between our scheme
and related works in terms of the computation cost, the
communication cost, and performance. The experimental
results showed that our scheme outperforms existing schemes
in terms of performance, comprehensive KYC compliance
features, and the scalable access control mechanism. For
future works, we will test a larger sample of data in the
real cloud environment and measure the throughput of the
FIGURE 6. Throughput of policy update.
system in accommodating high number of e-KYC registration
and verification requests. In addition, we will investigate the
technique to enable batch verification of e-KYC transactions
[21], [24], and ours. We measured the policy update time stored in the blockchain with the searchable encryption
by considering the update setup cost and ciphertext re- feature.
encryption. The ciphertext size is 50 KB. Fig. 5 and Fig.6 REFERENCES
show the policy update cost when the number of attributes in [1] Y. Zhong, M. Zhou, J. Li, J. Chen, Y. Liu, Y. Zhao, and M. Hu,
the policy was increased and the policy update throughput ‘‘Distributed blockchain-based authentication and authorization protocol
when there were the increased requests for policy update for smart grid,’’ Wireless Commun. Mobile Comput., vol. 2021, pp. 1–15,
Apr. 2021, doi: 10.1155/2021/5560621.
respectively. For the throughput test, the policy size was fixed [2] S. Y. Lim, P. T. Fotsing, A. Almasri, O. Musa, M. L. M. Kiah, T. F. Ang,
at five attributes and we used Apache JMeter to measure the and R. Ismail, ‘‘Blockchain technology the identity management and
performance. authentication service disruptor: A survey,’’ Int. J. Adv. Sci. Eng. Inf. Tech.,
vol. 8, pp. 1735–1745, Sep. 2018.
As displayed in Fig. 5, the processing time for all scheme [3] A. A. Mamun, A. Al Mamun, S. R. Hasan, S. R. Hasan, M. S. Bhuiyan,
is propositional to the increased policy size. Clearly, our M. S. Bhuiyan, M. S. Kaiser, M. S. Kaiser, M. A. Yousuf, and
scheme outperforms [21] and [24] because our scheme does M. A. Yousuf, ‘‘Secure and transparent KYC for banking system
using IPFS and blockchain technology,’’ in Proc. IEEE Region Symp.
not deal with the re-generation of signature as in [21] and re- (TENSYMP), Jun. 2020, pp. 348–351.
computation of hidden policy to update the ciphertext. In our [4] M. Pic, G. Mahfoudi, and A. Trabelsi, ‘‘Remote KYC: Attacks and counter-
scheme, when there is a change of policy, the re-encryption measures,’’ in Proc. Eur. Intell. Secur. Informat. Conf. (EISIC), Nov. 2019,
pp. 126–129.
of the transaction key is required without additional cost for [5] W. Shbair, M. Steichen, and J. François, ‘‘Blockchain orchestration
re-computation of any cryptographic elements. and experimentation framework: A case study of KYC,’’ in Proc. 1st
Thanks to the least effect of the policy update cost IEEE/IFIP Int. Workshop Manag. Managed Blockchain (Man Block),
Jeju Island, South Korea, Aug. 2018, pp. 23–25.
described above, our scheme provides the highest throughput
[6] R. Norvill, M. Steichen, W. M. Shbair, and R. State, ‘‘Demo: Blockchain
performance as it can accommodate more requests which for the simplification and automation of KYC result sharing,’’ in Proc.
are the workloads emanated from the policy update impact. IEEE Int. Conf. Blockchain Cryptocurrency (ICBC), May 2019, pp. 9–10,
As shown in Fig.6, our scheme yielded the best throughput doi: 10.1109/BLOC.2019.8751480.
[7] T. Mikula and R. H. Jacobsen, ‘‘Identity and access management with
at around 400 tps when there were 5,000 requests while blockchain in electronic healthcare records,’’ in Proc. 21st Euromicro
scheme [21] and scheme [24] achieved 295 tps with 3,200 Conf. Digit. Syst. Design (DSD), Prague, Czech Republic, Aug. 2018,
requests and 200 tps with 2,800 requests respectively. After pp. 699–706.
[8] S. Wang, R. Pei, and Y. Zhang, ‘‘EIDM: A ethereum-based cloud user
they reached the max throughput, their performance kept identity management protocol,’’ IEEE Access, vol. 7, pp. 115281–115291,
declining as the computation resources were exhausted. 2019, doi: 10.1109/ACCESS.2019.2933989.

49038 VOLUME 10, 2022

S. Fugkeaw: Enabling Trust and Privacy-Preserving e-KYC System Using Blockchain

[9] N. Ullah, K. A. Al-Dhlan, and W. M. Al-Rahmi, ‘‘KYC optimization [26] K. Bhaskaran, P. Ilfrich, D. Liffman, C. Vecchiola, P. Jayachandran,
by blockchain based hyperledger fabric network,’’ in Proc. 4th Int. A. Kumar, F. Lim, K. Nandakumar, Z. Qin, V. Ramakrishna, E. G. Teo, and
Conf. Adv. Electron. Mater., Comput. Softw. Eng. (AEMCSE), Mar. 2021, C. H. Suen, ‘‘Double-blind consent-driven data sharing on blockchain,’’ in
pp. 1294–1299. Proc. IEEE Int. Conf. Cloud Eng. (IC E), Apr. 2018, pp. 385–391.
[10] N. Kapsoulis, A. Psychas, G. Palaiokrassas, A. Marinakis, A. Litke, [27] F. Ghaffari, E. Bertin, N. Crespi, S. Behrad, and J. Hatin, ‘‘A novel
and T. Varvarigou, ‘‘Know your customer (KYC) implementation with access control method via smart contracts for internet-based service
smart contracts on a privacy-oriented decentralized architecture,’’ Future provisioning,’’ IEEE Access, vol. 9, pp. 81253–81273, 2021.
Internet, vol. 12, no. 41, pp. 1–13, 2020. [28] (Jan. 2016). Know Your Customer: Quick Reference Guide, Understanding
[11] J. Bethencourt, A. Sahai, and B. Waters, ‘‘Ciphertext-policy attribute-based Global KYC differences by PWC. Accessed: Feb. 28, 2022. [Online].
encryption,’’ in Proc. IEEE Symp. Secur. Privacy, Oakland, CA, USA, Available: https://www.pwc.com/gx/en/financial-services/publications/
May 2007, pp. 321–334. assets/pwc-anti-money-laundering-know-your-customer-quick-reference-
[12] I. Gutierrez-Aguero, S. Anguita, X. Larrucea, A. Gomez-Goiri, and guide.pdf
B. Urquizu, ‘‘Burnable pseudo-identity: A non-binding anonymous iden- [29] (2018). Technical Standard for Digital Identification Systems Published
tity method for ethereum,’’ IEEE Access, vol. 9, pp. 108912–108923, 2021. by World Bank Group. Accessed: Feb. 28, 2022. [Online]. Avail-
[13] S. Nakamoto. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. able: https://olc.worldbank.org/system/files/129743-WP-PUBLIC-ID4D-
Accessed: Jan. 8, 2022. [Online]. Available: https://bitcoin.org/bitcoin.pdf Catalog-of-Technical-Standards.pdf
[14] J. P. Moyano and O. Ross, ‘‘KYC optimization using distributed ledger [30] European Commission’s Expert Sub Working Group 1, Electronic
technology,’’ Bus. Inf. Syst. Eng., vol. 59, no. 6, pp. 411–423, Dec. 2017. Identification and Remote Know Your Customer Processes.
[15] A. Chowdhary, S. Agrawal, and B. Rudra, ‘‘Blockchain based framework Accessed: Feb. 28, 2022. [Online]. Available: https://ec.europa.eu/info/
for Student identity and educational certificate verification,’’ in Proc. sites/default/files/business_economy_euro/banking_and_
2nd Int. Conf. Electron. Sustain. Commun. Syst. (ICESC), Aug. 2021, finance/documents/report-on-existing-remote-on-boarding-solutions-
pp. 916–921. in-the-banking-sector-december2019_en.pdf
[16] GDPREuropeanUnionGuidelines. Accessed: Aug. 12, 2021. [Online]. [31] C. Dannen, Introducing Ethereum and Solidity. Berkeley, CA,
Available: https://gdprinfo.eu/ USA: Apress, 2017. [Online]. Available: https://link.springer.
[17] G. Bramm, M. Gall, and J. Schütte, ‘‘BDABE-blockchain-based dis- com/book/10.1007/978-1-4842-2535-6
tributed attribute based encryption,’’ in Proc. 15th Int. Conf. e-Bus.
Telecommun., 2018, pp. 99–110.
[18] Y. Fan, X. Lin, W. Liang, J. Wang, G. Tan, X. Lei, and L. Jing,
‘‘TraceChain: A blockchain-based scheme to protect data confidentiality
and traceability,’’ Softw., Pract. Exper., vol. 52, no. 1, pp. 115–129,
Jan. 2022, doi: 10.1002/spe.2753.
[19] C. Yuan, M. Xu, X. Si, and B. Li, ‘‘Blockchain with accountable CP-ABE:
How to effectively protect the electronic documents,’’ in Proc. IEEE 23rd
Int. Conf. Parallel Distrib. Syst. (ICPADS), Dec. 2017, pp. 800–803. SOMCHART FUGKEAW (Member, IEEE)
[20] A. Wu, Y. Zhang, X. Zheng, R. Guo, Q. Zhao, and D. Zheng, ‘‘Efficient and received the bachelor’s degree in management
privacy-preserving traceable attribute-based encryption in blockchain,’’ information systems from Thammasat University,
Ann. Telecommun., vol. 74, nos. 7–8, pp. 401–411, Aug. 2019. Bangkok, Thailand, the master’s degree in com-
[21] L. Guo, X. Yang, and W.-C. Yau, ‘‘TABE-DAC: Efficient traceable puter science from Mahidol University, Thailand,
attribute-based encryption scheme with dynamic access control based and the Ph.D. degree in electrical engineering
on blockchain,’’ IEEE Access, vol. 9, pp. 8479–8490, 2021, doi: and information systems from The University of
10.1109/ACCESS.2021.3049549. Tokyo, Japan, in 2017. He is currently an Assis-
[22] M. Barati, G. S. Aujla, J. T. Llanos, K. A. Duodu, O. F. Rana, M. Carr, tant Professor with the Sirindhorn International
and R. Ranjan, ‘‘Privacy-aware cloud auditing for GDPR compliance Institute of Technology, Thammasat University.
verification in online healthcare,’’ IEEE Trans. Ind. Informat., vol. 18, His research interests include information security, access control, cloud
no. 7, pp. 4808–4819, Jul. 2022, doi: 10.1109/TII.2021.3100152. computing security, big data analysis, and high performance computing.
[23] PBC (Pairing-Based Cryptography) Library. Accessed: Jan. 5, 2022. He has served as a reviewer for several international journals, such
[Online]. Available: https://crypto.stanford.edu/pbc/
as IEEE ACCESS, the IEEE TRANSACTIONS ON INFORMATION FORENSICS AND
[24] S. Gao, G. Piao, J. Zhu, X. Ma, and J. Ma, ‘‘TrustAccess: A trustworthy
secure ciphertext-policy and attribute hiding access control scheme based
SECURITY, the IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,
on blockchain,’’ IEEE Trans. Veh. Technol., vol. 69, no. 6, pp. 5784–5798, the IEEE TRANSACTIONS ON CLOUD COMPUTING, the IEEE TRANSACTIONS ON
Jun. 2020. BIG DATA, the IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING,
[25] A. D. Dwivedi, R. Singh, U. Ghosh, R. R. Mukkamala, A. Tolba, the IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, the IEEE
and O. Said, ‘‘Privacy preserving authentication system based on non- TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, COMPUTER & SECURITY,
interactive zero knowledge proof suitable for Internet of Things,’’ J. Ambi- the IEEE SYSTEM JOURNAL, and ACM Transactions on Multimedia Computing
ent Intell. Humanized Comput., pp. 1–11, Sep. 2021, doi: 10.1007/s12652- Communications and Applications.
021-03459-4.

VOLUME 10, 2022 49039