Level: MA  
Responsible Person: Mostafa Chegeni
Keywords: Blockchain, Smart Contract, Healthcare, Cryptography 

This thesis aims to implement a secure data sharing scheme on the UZH Ethereum private blockchain, utilizing cryptographic techniques for privacy and access control. The system involves five key components: a smart contract, data owner, data user, data provider, and an attribute authority. 

The cryptographic algorithms will be based on the framework presented in the paper “PAVA: Privacy-Preserving Attribute-Based Verifiable Authentication in Healthcare using Smart Contracts” from the IEEE Blockchain 2024 conference. 

Key components to be implemented: 

1. Smart Contract: A contract on the UZH Ethereum blockchain will handle encryption, decryption, and secure data storage. It will ensure that only authorized users can access the data based on predefined policies. 

2. Mobile App for Data Owners: This app will allow data owners to define access policies for data users and data providers, controlling who can upload and retrieve data. 

3. Mobile App for Data Users: Data users will retrieve encrypted data from the blockchain using this app and decrypt it if they have the proper authorization. 

4. Mobile App for Data Providers: Data providers will use this app to securely upload encrypted data to the blockchain, following the data owner's policies. 

5. Web Application for Attribute Authority: The attribute authority will generate public cryptographic parameters and distribute secret keys to data users and providers through this web interface. 

The thesis will evaluate the design, implementation, and performance of this secure, decentralized data-sharing scheme.