BANGLADESH UNIVERSITY OF PROFESSIONALS

A PROJECT REPORT ON SECURE FILE SHARING

SYSTEM USING BLOCK CHAIN AND IPFS
TECHNOLOGY *1.5cm
By
Abu Hayat Mohammed Abul Hasnat (1905018)
Shahinur Alam (1905025)
Nasim Uddin (1905027)
Shamima Nasrin (1905029)
*1.5cm
MASTERS IN INFORMATION SYSTEM SECURITY DEPARTMENT OF
INFORMATION AND COMMUNICATION TECHNOLOGY

JUNE 2020
 BOARD OF EXAMINERS

1. Mohammad Abu Yousuf

Professor

Institute of Information Technology (IIT),

Jahangirnagar University, Savar, Dhaka

1
 ACKNOWLEDGEMENT

We hereby declare that this thesis is our original work and that it has been written by
all of us.

2
 ACKNOWLEDGEMENT

This project would not have been possible without the help and cooperation of many. I
would like to thank the people who helped us directly and indirectly in the completion

of this project work.

First and foremost, We would like to express our gratitude to our beloved
teacher, Dr. Mohammad Abu Yousuf, for providing his kind support in various

aspects.
We would like to express our gratitude to the head of department, Department of ICT,
for providing his kind support in various aspects.

We would also like to thank all the faculty members in the Department of ICT and
our classmates for their steadfast and strong support and engagement with this project.

3
 ABSTRACT

Content sharing is a mandatory footprint to gather utmost knowledge from the past
work.Present content sharing platforms lean on trusted third party-(TTP). Due to en-

gagement of third party similar systems lack of trust, immutability, transparency and
security. To get rid of these problems,this paper proposes a Blockchain-based guarded
content sharing platform by clouting the advantages of interplanetary file system(IPFS).

IPFS is a file sharing system that can be used to more efficiently store and share large
files. It depends on cryptographic hashes that can easily be stocked on a Blockchain.
However, IPFS does not allow users to share files with selected parties. This is crucial,

if sensitive or personal data needs to be shared. Hence, this paper presents a customized
version of the Interplanetary File System (IPFS) that advantages the Ethereum smart
contracts to provide access-controlled Content sharing. The smart contract is used to

provide the access control list, while the modified IPFS software enforces it. For this
reason, it collaborates with the smart contract whenever a file is uploaded, downloaded
or transferred.

In this paper, we would like to present an application framework on a secure decen-

tralized File Sharing System with the help of IPFS for content sharing.
Keywords: Blockchain, IPFS system, Ethereum smart contract,

4
Contents

1 INTRODUCTION 7
1.1 Background of the Study . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

1.2 Limitation of Existing System . . . . . . . . . . . . . . . . . . . . . . . . 7

1.3 Research Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1.4 Objective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

1.5 Scope of the Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

1.6 Report Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

2 LITERATURE REVIEW 9

2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 Blockchain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3 Interplanetary File System (IPFS) . . . . . . . . . . . . . . . . . . . . . . 10

2.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

3 TECHNOLOGY CONCEPTS 12
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

3.2 Blockchain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.3 IPFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.4 Smart Contract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

3.5 Solidity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.6 Metamask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.7 Python . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

4 PROPOSED SOLUTION ARCHITECTURE 15

5
 4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.2 Design Principle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

4.3 System Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

5 IMPLEMENTATION AND RESULT 24

6 CONCLUSIONS AND FUTURE WORK 25

6
Chapter 1

INTRODUCTION

1.1 Background of the Study

To create a robust decentralized Blockchain technology, Blockchain technology is an easy

way where clients are invited with an incentive to contribute themselves.The main appli-
cation of Blockchain technology is in the financial industry for secure transactions among
the different parties. We are thinking of its application to other businesses like a document

or content security for small to large organizations. In those types of organizations, there
are some confidential documents as well as general documents that are shared among the

employees. Also, document redundancy and version control are the key concern of that
company where multiple copies of the same document are stored in different locations.
We can apply the Blockchain technology and Interplanetary file system (IPFS) to there

to secure document sharing, version control and to reduce the document redundancy.

1.2 Limitation of Existing System

1.3 Research Question

1.4 Objective

The project was started with a few specific goals to ensure that the project is moving in
the right direction. Here,
1. To secure transactions among the different parties, a suitable model is proposed.

2. To protect of a document or content of both small and large organizations, a Ethereum

Blockchain based structure is designed.
3. To reduce redundancy, optimal data is stored in the Blockchain smart contract.

7
1.5 Scope of the Project

1.6 Report Structure

8
Chapter 2

LITERATURE REVIEW

2.1 Introduction

The project explored the world leading universities most recent journals, books and con-

ference papers published on IEEE,research gate and Pfizer etc. and studied 25 research
papers based on Blockchain technology. The aim of this project is to find the suitable
tools, approaches, methodologies related to content sharing using Blockchain technology.

In this literature review we found that Blockchain is a latest technology and evolving so
rapidly in industrial scale.In past few years, technology advancement have made signif-

icant progress in data security and recently gained robust popularity to use Blockchain
technology for addressing content sharing issues.

2.2 Blockchain

Blockchain is a distributed peer to peer ledger which maintains the transaction records
and it manages the list of transactions that form a block protected by cryptography tech-
nique to make transactions more secure and ensure the data integrity and immutability.

After forming the block, it creates a hash value of the entire block itself and makes a
cryptography image including the preceding block. Every block has the record of previ-
ous block hash in the Blockchain. Data section enclosed smart contracts, transactions

and other confidential records. Block is identified using hash value only. There is no
middle man between two parties to make the transaction more secure. The process of
transaction in data consists of rules, logic’s and source and destination as well as other

validated information[1].

9
2.3 Interplanetary File System (IPFS)

Interplanetary file System (IPFS) is a peer to peer distributed file sharing platform that
identifies the file through its content. IPFS has a distributed hash table to locate the

file and node connectivity information [2]. All nodes are independent and do not need to
trust each other, at the same time, IPFS has no single point of failure[3]. when uploaded

a file to the IPFS system, it creates a unique cryptography hash string through which
the file can be retrieved. IPFS system has a great advantage over the centralized storage
system, it has no central server, and files are distributed in different storage’s all over

the world. Hash string is sometimes called as Uniform Resource Locator (URL) in the
web.We will refer to the hash string as the file location in the following. In practical
applications, Blockchain are not suitable for storing large files (video,audio, etc.) due to

block bloated and transaction fees. In the scheme, therefore, we store the encrypted file
in the IPFS.
A few metadata are stored on the Ethereum Blockchain. Only when the users attributes

set meets the access policy defined by the data owner, the users will able to read the data
from the Ethereum Blockchain and decrypt the file location, download the encrypted file
from the IPFS via the file location, and then decrypt it[3].

2.4 Security

Blockchain uses the consensus mechanism to achieve content security, the consensus mech-
anism is a proof of work (POW) where it requires a vote for all transactions. When more

50 percent vote in favour of transaction that adds the data into the Blockchain.[2] When
decentralization eliminates central power on the network, it also prevents a supply chain
from breaking down, because a single point failure will not lead to the failure of the

whole network, which can reduce the chance of hacking. Technically, hacking can only
be achieved when the majority of the users are taken over, which will take a considerable
amount of energy/time. Therefore, the more complicated Blockchain network is with

more users, the more difficult it is for the hacking behavior to happen. When applied
to the food supply chain, Blockchain can keep records and data safe, and eliminates the

10
risks of hacking and data stealing.
Therefore, the more complicated Blockchain network is with more users, the more diffi-

cult it is for the hacking behavior to happen. When applied to the food supply chain,
Blockchain can keep records and data safe, and eliminates the risks of hacking and data
stealing.

11
Chapter 3

TECHNOLOGY CONCEPTS

3.1 Introduction

In our project we have used Blockchain with IPFS for larger content sharing capability,

private Ethereum network with smart contract, Remix IDE etc.

3.2 Blockchain

Blockchain brings a distributed ledger or database which is shared among all participants
in the network based on the consensus mechanism. The demand for a third party checker
is phased out, making the system secure and completely decentralized. Any transaction

which results in a modification to the Blockchain ledger is digitally signed, verified and
validated by miner nodes which keep a replica of the ledger. This produces completely
decentralized, secure, time-stamped and shared tamper-proof ledgers. Blockchain tech-

nology has been applied in many industries such as finance, healthcare, supply chain,
logistics, document management and accounting .

3.3 IPFS

Blockchain has become one of the trending technologies these days. However, storing
large contents is still very pricey as the 1MB size limit per block in Bitcoin’s Blockchain

would limit the file size that can be uploaded. A vital need for storing large size files
was addressed using decentralized storage systems such as Interplanetary File System (or
IPFS), Storj, SWARM, and Sia. However, in this project work, we are using the most

prominent and well-established platform namely, IPFS. The IPFS is content addressable,

12
peer-to-peer, open source, a globally distributed file system that can be utilized for storing
and sharing a large volume of files with high throughput. The Blockchain is inept in

storing large volumes of data. However, it has been justified to be effective when it stores
hashes of documents in the chain, instead of the document itself. A hash is engendered
every time a document is uploaded to the IPFS and this hash is stored in the smart

contract which is used to access the document. The hash value changes each time, for
any changes made in the content of the document.

3.4 Smart Contract

Smart Contracts are codes that can be run by the Blockchain mining nodes. A smart
contract is a self-executing code that can verify the imposition of predefined terms and
conditions. Instead of legitimizing digital currencies, as in Bitcoin, a Blockchain mining

node executes, verifies and stores data in blocks. A smart contract is triggered by entrust-
ing a transaction to its Ethereum address and executing it depending on the input given
for that transaction. Ethereum is a Blockchain-based, open source, distributed platform

that features smart contract functionality. Ethereum permits users to develop their code
on the head of the Ethereum platform enabling the development of bespoke applications.
Ethereum uses Ether as a cryptocurrency for making payments for the transactions car-

ried out on the Ethereum Blockchain. Each member in the Ethereum network is uniquely
identified by an Ethereum Address (EA).

3.5 Solidity

Solidity is an object-oriented, high-level language for applying smart contracts. Smart

contracts are programs which control the behaviour of accounts within the Ethereum

state. Solidity was influenced by C++, Python and JavaScript and is intended to focus
the Ethereum Virtual Machine (EVM). Solidity language is statically typed, supports
inheritance, libraries and sophisticated user-defined types among other features. With

Solidity you can create contracts for uses like voting, crowdfunding, blind auctions, and
multi-signature wallets.

13
3.6 Metamask

MetaMask is a browser extension designed to access Ethereum’s Dapp ecosystem easily. It

also serves as a crypto wallet for holding ERC-20 tokens allowing users to access services

built on the network via the wallet.

3.7 Python

Python is a general-purpose interpreted, interactive, object-oriented, and high-level pro-

gramming language. Python’s simple, easy to learn syntax emphasizes readability and so
reduces the price of program maintenance. Python provides modules and packages, which

inspires program modularity and code reuse. Following are the key features of Python
language : It supports functional and structured programming methods additionally as
OOP. It may be employed as a scripting language or compiled to byte-code for building

large-scale applications. It aids very high-level dynamic data types and underpins dy-
namic type checking. It sustains automatic trash collection. It can be easily incorporated
with C, C++, COM, ActiveX, CORBA, and Java.

14
Chapter 4

PROPOSED SOLUTION
ARCHITECTURE

4.1 Introduction

File sharing system is the process of distribution of digital media to the individuals, com-

puter programs and process. It is a combination of process and best practices that provide
security to the shared digital media. Nowadays, file sharing is an essential part of any
public, private and government organization to protect their intellectual property. Most

of the sharing system are centralized where a single authority such as an organization
owns the repository of the files and provide access to the user according to the sharing
user’s request. To proposed a solution of secure file sharing system, focusing on the secu-

rity, integrity, confidentiality and decentralized system, we have chosen the blockchain,
Interplanetary File System (IPFS) which can deploy in the private blockchain and ac-
cessible to any organization that is a member of the blockchain. In our proposed system

which is not depend on the centralized authority, user or organization can maintain their
sharing file repository safely and can share the digital content as per the organization’s
sharing policy.

This chapter is all about to describe in detail the use of blockchain and IPFS to solve
the secure file sharing system along with the security principles. Finally proposed some
architecture considering the security principles of digital content sharing discussed in the

literature review.

15
4.2 Design Principle

The design principle of the proposed solution is based the principle of information secu-
rity such authentication, confidentiality, integrity, and availability. Our proposed system

will provide the authentication, authorization and Integrity through the blockchain, con-
fidentiality by encryption and provides availability by storing file in the Interplanetary

File system or distributed file system.

1. Authentication and Authorization

For secure file sharing system, an individual or any organization want to know who they
are sharing the file or digital content with. As we are going to use private blockchain

network, so everyone in the network are well know to each other. We have proposed a
blockchain based cryptographic authentication and authorization process which provide
better security compare to the traditional challenge response approach. Also, we have

proposed to save authorization information to the blockchain system which provide better
integrity than others.

2. Confidentiality

The purpose of confidentiality is to deliver that content is secreted from individual’s

unauthorized to access it. This principle states that digital content only visible to the
user who has the privilege to do it. This property is the key for any type of sharing

system. Without confidentiality nobody uses the system. To provide confidentiality,

encryption is used along with the identity management system. In our prosed system we
have used the both synchronous and asynchronous system to protect the file content and

security key.

3. Integrity

This is the key concern to maintain the consistency, accuracy and trustworthiness of the
digital content. Nobody unauthorizedly can change data or file content during the sharing

process including the permission of the file. It also provides the mechanism to detect the
changes done the by the suspicious user. In our proposed system, we have used the block

16
chain (Ethereum) technology to ensure the integrity of the sharing file content as well
as the permission to view or access the file system. We will keep file permission data to

the smart contract of the Ethereum blockchain so that none can change the block data
unauthorizedly.

4. Availability

To make the system useful, it should be available to the authorized user on demand.

Nowadays, availability or responsiveness is the high priority to the user. Disruptions to

the system for a moment can lead to the serious consequences to for an individual or
an organization. In our proposed solution, we have used the Interplanetary File system

(IPFS) to store the file which is distributed file system and store file across the node.
Failure of any node does not disrupt service of the file sharing system.
The above pillars of information security system, we have implemented in our proposed

system to ensure the security and reliability of the system.

4.3 System Design

1. Entity of the system

There are four entity of the system those are involved in the secure file sharing system.

a. Content Owner

Here, content owner is the owner of the document who has uploaded the content to the
IPFS to intention in mind to share it to the others. Owner decides who to share the
document. He has list of users to whom he/she want to share the document or content.

Figure: Entity involved in the secure file sharing system

17
b. Content User

The user who will received shared from the content owner. The content owner who can

only play as a user of the document, he cannot change any part of the document or
cannot access other document who don’t have access those documents. The document
owner can also play as content owner can use the document that the owner shared with

him.

c. Blockchain

Here, blockchain is a technology that we have added here as an entity to hold the au-
thorization information and a record keeper and play as arbitrator entity who involve to

connect both content owner and receiver of the file sharing system.

d. IPFS Repository

This is a sharing repository of the proposed distributed application (Dapp) where user

upload file and IPFs provide the unique identity to the user to access the file. It is in
the center position of the system and maintain both way relationship among the content
owner, user and the blockchain entity.

2. Architecture of the proposed system

There are different components of the proposed system. The brief system design diagram

of the system is given below:

18
 Figure: System design architecture

3. Component descriptions

There are six components of the proposed system

A. Login System

Instead of traditional challenge response approach of login process into the file system, we
have used the cryptographical process to identify the user in the system. We are talking
about the one-click cryptographically login process. It is possible to cryptographically

identify the ownership of an account int the blockchain system. To do this process, we
have used the Metamask which is a browse enable application that help to singing a piece
of information. Then, system is getting the account who has singed the information by

verifying the signature. The whole process is depicted in the below:

19
 Figure: Flow diagram of login system in the file sharing system

To understand the workflow diagram, we have to through step by step:

Step-1: Login system model of the file sharing Dapp

To implement this process, we have built our Dapp login database model with the fol-
lowing mandatory file 1. Ethereum public account 2. Random Nonce 3. Public key
of the encryption system In addition of those key field, we have also kept user email

address and phone which are optional. Here, Ethereum public account is the unique of
the Blockchain system. The user who will participate in the file sharing application must
have the Ethereum public account. The second one the random string value called nonce.

The third one is the PKI public key against the Ethereum account which will be use to
encrypt the shared key to secure the content of the file.

Step-2: Generating nonce from backend

System generate nonce which is a random string and keep against the account. After
each successful login system is generating the nonce and update against the account so

that none can use it second time. This nonce take part in the signing process. Actually,
user sign the nonce and system verify the nonce and signature to authenticate the use in
the system.

20
Step-3: System get nonce from the Dapp

When user try to login into the system using the Ethereum account that time system

tries to get the nonce of that account. As we have told earlier, we are keeping the nonce
against each public account of the blockchain.

Step-4: User sign the nonce for authentication

After getting the nonce for the login account, system sign the nonce using the Metamask
and send the signing string to the backend process to verify.

Step-5: Signature verification to identify the user

In this step, system is verifying the signature who has signed the nonce. To do so, system

first, retrieve the signature account then system retrieve the nonce from the Dapp’s
database model against the account. If nonce get from the Dapp database and the nonce
found from the signature is the same then the use is authenticated.

Step-6: Signature verification to identify the user

Once the user verification is done. System change the nonce against the account so that

none can use the nonce for the second time. Finally, file sharing Dapp issue and JWT
token to the user to perform the further activity of the system.

B. File upload to the Dapp

We have proposed following approach to upload file to the IPFS through the file sharing
system. The content owner needs to select the file which is planning to upload the Dapp
to sharing with others need to perform the following step:

21
 Figure: Upload file to the IPFS to share file to others

1. Select the file that would be shared to the other user.

2. User need to choose a shared key which will be use to encrypt the file
content. In our proposed system, we have the AES encryption algorithm
to encrypt the file content. In the AES encryption process, we will use the
128-bit key.

3. System encrypted the file content using the selected key. Here, user need
to keep the provide key to share the file with other.

4. Then the encrypted file needs to upload to IPFS which will return a string
of hash ID of the document. User can download file from the IPFS using the
hash.

5. In the final step, IPFS document hash and the account of the owner of the
document will be save in the smart contract of the Ethereum Blockchain.

A. File upload to IPFS

B. File sharing system

C. Download file for use

D. Key generation system

22
E. Ethereum Blockchain

C.

D.

23
Chapter 5

IMPLEMENTATION AND
RESULT

24
Chapter 6

CONCLUSIONS AND FUTURE

WORK

25
References

26