CN112769766A - Safe aggregation method and system for data of power edge internet of things based on federal learning - Google Patents

Safe aggregation method and system for data of power edge internet of things based on federal learning Download PDF

Info

Publication number
CN112769766A
CN112769766A CN202011540046.4A CN202011540046A CN112769766A CN 112769766 A CN112769766 A CN 112769766A CN 202011540046 A CN202011540046 A CN 202011540046A CN 112769766 A CN112769766 A CN 112769766A
Authority
CN
China
Prior art keywords
server
edge
aggregation
power supply
local
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011540046.4A
Other languages
Chinese (zh)
Other versions
CN112769766B (en
Inventor
石扬
李伟青
叶汇镓
黄翠莲
李志华
古钰冰
潘旭扬
陈森伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Meizhou Power Supply Bureau of Guangdong Power Grid Co Ltd
Original Assignee
Meizhou Power Supply Bureau of Guangdong Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Meizhou Power Supply Bureau of Guangdong Power Grid Co Ltd filed Critical Meizhou Power Supply Bureau of Guangdong Power Grid Co Ltd
Priority to CN202011540046.4A priority Critical patent/CN112769766B/en
Publication of CN112769766A publication Critical patent/CN112769766A/en
Application granted granted Critical
Publication of CN112769766B publication Critical patent/CN112769766B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y10/00Economic sectors
    • G16Y10/35Utilities, e.g. electricity, gas or water
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/10Detection; Monitoring
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a safe aggregation method and a safe aggregation system for data of an electric power edge Internet of things based on federal learning, and the safe aggregation method for the data of the electric power edge Internet of things based on the federal learning comprises the following steps: the edge server generates a public key and sends the public key to the power supply office server, and then the power supply office server broadcasts the received public key; the edge server generates a shared key and sends the ciphertext to the power supply office server after calculating the ciphertext; the power supply bureau server broadcasts the received ciphertext; the edge server calculates a local model according to the received ciphertext and sends the local model to the power supply office server; and the power supply office server aggregates the received local models sent by the edge servers to obtain an aggregation model. The federate learning-based power edge Internet of things data security aggregation method and system disclosed by the embodiment of the invention can realize secure data aggregation and ensure data privacy.

Description

Safe aggregation method and system for data of power edge internet of things based on federal learning
Technical Field
The embodiment of the invention relates to the technology of Internet of things, in particular to a safe aggregation method and system for data of an electric power edge Internet of things based on federal learning.
Background
With the rapid development of computer technology and power internet of things technology, the internet of things technology is widely applied to power enterprises. The internet of things accesses entities into the network through a sensing technology, a communication technology and a computer technology, and is a novel network following the internet. Meanwhile, with the maturity of new algorithms such as neural networks and genetic algorithms after the 21 st century and the breakthrough of core problems in the field of machine learning, the heat tide of artificial intelligence comes again and is gradually applied to the power internet of things.
The technology combining the power internet of things and artificial intelligence at the present stage is mainly applied to the fields of power internet of things reliability evaluation, communication scheduling, energy supply, power system safety and control, operation and maintenance, fault diagnosis, power demand, power market and the like by utilizing machine learning. Although traditional machine learning, as an automated learning technique, can save manpower and material resources and improve the accuracy of computation in these application scenarios, it cannot solve the problem of data islanding. In the application of the power internet of things and machine learning, an edge server needs to use a local data training model to realize various requirements, meanwhile, due to the fact that the workload of a power supply bureau is huge, part of tasks also need to be put down to the edge server to be executed, but the data volume of most edge servers is small, the requirements cannot be completely met, and therefore a large amount of external data needs to be obtained to help the edge server to train the local model.
Because of the sensing of information in the internet of things and the particularity of a transmission mode, each node in the internet of things cannot directly share original data, the information is easy to steal and replay in transmission, the safety of the transmitted information directly influences the safety of application, large-area facility faults can be caused, and the normal operation of the society is influenced, so that the data processing mode in the traditional machine learning process is challenged to different degrees.
Disclosure of Invention
The invention provides a federate learning-based power edge Internet of things data security aggregation method and system, which can realize secure data aggregation and ensure data privacy.
In a first aspect, an embodiment of the present invention provides a safe aggregation method for data of an electric power edge internet of things based on federal learning, including:
the edge server generates a public key according to the safety parameters sent by the credible third party server and sends the public key to the power supply office server, and the power supply office server is connected with the edge servers;
the power supply bureau server broadcasts the received public key sent by each edge server;
the edge server generates a shared key according to the received public keys of other edge servers, calculates a ciphertext according to the shared key and then sends the ciphertext to the power supply bureau server;
the power supply bureau server broadcasts the received ciphertext sent by each edge server;
the edge server calculates a random vector according to the received ciphertext of other edge servers, makes a noise on the local parameter according to the random vector, encrypts the local parameter to obtain a local model, and then sends the local model to the power supply office server;
and the power supply office server aggregates the received local models sent by each edge server to obtain an aggregation model, and sends the aggregation model to the rest edge servers.
In a possible implementation manner of the first aspect, the public key of the edge server is
Figure BDA0002854635330000021
The shared secret key is
Figure BDA0002854635330000022
The ciphertext is
Figure BDA0002854635330000023
Where u, v, represent users who share a secret key,
Figure BDA0002854635330000024
represents a public key used for key agreement,
Figure BDA0002854635330000025
representing a public key for secret sharing, bu,vRepresents a random vector for noise addition, ae.enc () represents an encryption function, and ka.agree () represents a key agreement function;
the edge server calculates a random vector according to the received ciphertext of other edge servers, adds noise to local parameters according to the random vector, encrypts the local parameters to obtain a local model, and then sends the local model to the power supply office server, wherein the method comprises the following steps:
the edge server receives the ciphertext e of other edge serversu,vComputing a random vector pu,vAnd puFrom a random vector pu,vAnd puFor local parameter xuAdding noise to obtain yu=xu+pu+∑pu,vTo y foruEncrypting to obtain a local model ZuThen the local model Z isuAnd sending the data to a power supply office server.
In a possible implementation manner of the first aspect, after the power supply office server aggregates the received local models sent by each edge server to obtain an aggregation model, and sends the aggregation model to the remaining edge servers, the method further includes:
the edge server receiving the aggregation model decrypts the aggregation model part to obtain a part of decrypted aggregation model, and sends the part of decrypted aggregation model to the power supply office server;
the power supply bureau server aggregates the received partial decryption aggregation models sent by each edge server to obtain an updated aggregation model, and broadcasts a list of the rest edge servers;
the edge server receiving the residual edge server list sends a public key related to the edge server to the power supply office server according to the residual edge server list;
and the power supply office server recombines the received public key related to the edge server, determines the exited edge server and the rest edge servers, and calculates to obtain the aggregation parameter.
In a possible implementation manner of the first aspect, the sending, by the edge server that receives the remaining edge server list, a public key related to the edge server to the power supply office server according to the remaining edge server list includes:
the edge server receiving the list of the remaining edge servers sends a public key related to the edge server v to the power supply office server according to the list of the remaining edge servers
Figure BDA0002854635330000041
Or bv,u
The power supply bureau server determines the exited edge server and the rest edge servers after recombining the received public key related to the edge server, and calculates to obtain the aggregation parameters, wherein the aggregation parameters comprise:
the power supply office server receives the public key of the edge server
Figure BDA0002854635330000042
Or bv,uDetermining the public key of the exiting edge server after recombination
Figure BDA0002854635330000043
And the public key b of the remaining edge serveruAnd meterThe polymerization parameter X is calculated.
In a possible implementation manner of the first aspect, after the edge server calculates a random vector according to the received ciphertext of the other edge server, adds noise to a local parameter according to the random vector, encrypts the local parameter to obtain a local model, and sends the local model to the power supply office server, the method further includes:
the edge server calculates a local public value according to the public value distributed by the trusted third-party server and sends the local public value to the power supply office server;
the power supply bureau server obtains an aggregation verification model after aggregating the received local models and the local public values sent by each edge server, and sends the aggregation verification model to the rest edge servers;
the edge server receiving the aggregation model calculates the aggregation verification model to obtain a local aggregation verification model, and sends the local aggregation verification model to the power supply office server;
and the power supply office server verifies the local aggregation verification model to determine whether the identity of the edge server sending the local verification model is real or not.
In a possible implementation manner of the first aspect, the calculating, by the edge server, a local public value according to the public value distributed by the trusted third-party server, and sending the local public value to the power supply office server includes:
the edge server distributes a public value a according to the credible third party serveruCalculating local public values
Figure BDA0002854635330000044
And will local public value a'uSending to the power bureau server, wherein Δ f (u) represents the number of users u;
the power supply bureau server obtains an aggregation verification model Z' after aggregating the received local model aggregation and local public value sent by each edge server, and sends the aggregation verification model to the rest edge servers, and the method comprises the following steps:
the power supply office server sends a local model Z according to the received local model Z sent by each edge serveruAnd a 'local public value'uObtaining an aggregation verification model after aggregation, and sending the aggregation verification model Z' to the remaining edge server;
the edge server receiving the aggregation model calculates the aggregation verification model to obtain a local aggregation verification model, and sends the local aggregation verification model to the power supply office server, and the method comprises the following steps:
the edge server receiving the aggregation model Z' calculates the aggregation verification model to obtain a local aggregation verification model
Figure BDA0002854635330000051
And verifies model Z 'by local polymerization'uSending the data to a power supply office server;
the power supply office server verifies the local aggregation verification model to determine whether the identity of the edge server sending the local verification model is real, and the method comprises the following steps:
power supply bureau server judges local aggregation verification model Z'uWhether or not to satisfy
Figure BDA0002854635330000052
And if so, determining the identity of the edge server sending the local verification model to be real.
In a possible implementation manner of the first aspect, after the power supply office server reconstructs the received public keys related to the remaining edge servers, determines the exited edge server and the remaining edge servers, and calculates an aggregation parameter, the method further includes:
the edge server calculates verification data through a homomorphic hash function and a pseudo-random function provided by the trusted third-party server and sends the verification data to the power supply office server;
after receiving the verification data sent by each edge server, the power supply bureau server aggregates the verification data to obtain aggregated verification data, and sends aggregation parameters and the aggregated verification data to the rest edge servers;
and the edge server which receives the aggregation parameters and the aggregation verification data verifies the correctness of the aggregation parameters and the aggregation verification data and determines whether the aggregation parameters are correct or not.
In a possible implementation manner of the first aspect, the calculating, by the edge server, verification data by using a homomorphic hash function and a pseudo-random function provided by the trusted third-party server, and sending the verification data to the power supply office server includes:
the edge server calculates and sends the following verification data to the power supply office server: HF (x)u)=(An,Bn),
Figure BDA0002854635330000061
PFK(n,τ)=(En,Fn),
Figure BDA0002854635330000062
Figure BDA0002854635330000063
ΩnWhere HF () denotes a homomorphic hash function, xuParameter representing transmission of user u, An,BnEtc. represent authentication parameters, PF () represents a pseudo random function;
the method comprises the following steps of aggregating verification data received by a power supply bureau server and sent by each edge server to obtain aggregated verification data, and sending aggregated parameters and aggregated verification data to the rest edge servers, wherein the aggregated verification data comprises the following steps:
the power supply office server obtains the following aggregation verification parameter A ═ Pi An,B=∏Bn,L=∏Ln,Q=∏Qn,Ω=∏ΩnSending an aggregation parameter X and aggregation verification data to the rest edge servers;
the edge server which receives the aggregation parameters and the aggregation verification data verifies the correctness of the aggregation parameters and the aggregation verification data and determines whether the aggregation parameters are correct or not;
the edge server receiving the aggregation parameter and the aggregation verification data calculates (A ', B') from the aggregation parameter X,
Figure BDA0002854635330000064
phi, then, whether (a, B) ═ a ', B'), e (a, h) ═ e (g, B), e (L, h) ═ e (g, Q) are satisfied is calculatedAnd phi is e (a, h) e (L, h), and if satisfied, the polymerization parameters are determined to be correct.
In a possible implementation manner of the first aspect, the federal learning-based power edge internet of things data security aggregation method further includes:
the trusted third-party server sends security parameters for key agreement to each edge server;
the trusted third-party server sends public values to each edge server and the power supply office server;
and the trusted third party server sends the private keys of the homomorphic hash function and the pseudo-random function to each edge server.
In a second aspect, an embodiment of the present invention provides a power edge internet of things data security aggregation system based on federal learning, including: the system comprises a power supply office server, a plurality of edge servers and a trusted third party server;
each edge server is used for generating a public key according to the safety parameters sent by the credible third party server and sending the public key to the power supply office server, and the power supply office server is connected with the edge servers;
the power supply bureau server is used for broadcasting the received public key sent by each edge server;
the edge server is used for generating a shared key according to the received public keys of other edge servers, calculating a ciphertext according to the shared key and then sending the ciphertext to the power supply bureau server;
the power supply bureau server is used for broadcasting the received ciphertext sent by each edge server;
the edge server is used for calculating a random vector according to the received ciphertext of other edge servers, adding noise to the local parameter according to the random vector, encrypting to obtain a local model, and then sending the local model to the power supply office server;
the power supply bureau server is used for aggregating the received local models sent by each edge server to obtain an aggregation model and sending the aggregation model to the rest edge servers;
the trusted third-party server is used for sending security parameters for key agreement to each edge server, sending public values to each edge server and the power supply bureau server, and sending private keys of a homomorphic hash function and a pseudorandom function to each edge server.
According to the safe aggregation method and system for the data of the power edge Internet of things based on the federal learning, provided by the embodiment of the invention, the edge server in the power Internet of things can complete the federal learning task on the premise of protecting local sensitive information from being leaked. Meanwhile, the global model stored in the power supply bureau server can be conveniently used by the edge server, so that the further development of the power internet of things is promoted, and the power edge internet of things data security aggregation method based on the federal learning provided by the embodiment of the invention solves several privacy problems in the federal learning environment: (1) protecting local sensitive data during learning; (2) preventing leakage of intermediate results of learning and final models; (3) the correctness of the result is ensured after the edge server exits halfway. By using the federate learning-based power edge Internet of things data security aggregation method provided by the embodiment of the invention, data aggregation of a plurality of servers can be efficiently realized on the premise of enhancing privacy protection, and offline and aggregation result verification are supported.
Drawings
Fig. 1 is a flowchart of a power edge internet of things data security aggregation method based on federal learning according to an embodiment of the present invention;
fig. 2 is a flowchart of another federate learning-based power edge internet of things data security aggregation method provided in an embodiment of the present invention
Fig. 3 is a flowchart of another federally-learned-based power edge internet-of-things data security aggregation method according to an embodiment of the present invention;
fig. 4 is a flowchart of another federally-learned-based power edge internet-of-things data security aggregation method according to an embodiment of the present invention;
fig. 5 is a system architecture diagram of a federal learning-based power edge internet of things data security aggregation method according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a power edge internet of things data security aggregation system based on federal learning according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Fig. 1 is a flowchart of a method for safely aggregating data of an electric power edge internet of things based on federal learning according to an embodiment of the present invention, and as shown in fig. 1, the method for safely aggregating data of an electric power edge internet of things based on federal learning according to the embodiment includes:
and step S101, the edge server generates a public key according to the security parameters sent by the credible third party server and sends the public key to the power supply office server, and the power supply office server is connected with a plurality of edge servers.
The federal learning-based safe aggregation method for data of the power edge internet of things is used for aggregating data in the power internet of things. Since the security of the power internet of things is extremely important to the safe operation of the society, the privacy protection of various data and information in the power internet of things is extremely important. When data in the power internet of things are aggregated, real data in the power internet of things need to be prevented from being sent out, and data aggregation needs to be performed in other modes, so that local data leakage is avoided.
In this embodiment, a data aggregation method based on federal learning is adopted. The federal learning is also called federal machine learning, and can effectively help a plurality of organizations to carry out data use and machine learning modeling under the condition of meeting the requirements of user privacy protection, data safety and government regulations. Firstly, the architecture of the power internet of things is a multipoint management architecture, the power internet of things in each area is managed by a power supply bureau, and a server of the power supply bureau is responsible for managing all firmware in the power internet of things in the area, wherein all firmware can be called as an edge server. Each of the service bureau servers is responsible for managing a set of edge servers in the local area.
The federal learning field solves the problem of display data use in the power internet of things, and can train a large amount of scattered data, wherein a data holder uses the data to execute a machine learning algorithm locally, and only updates to the model are sent to a central aggregator without transmitting the local data. In the power internet of things, local model parameters of a plurality of edge servers are aggregated by a power supply office server and a new global model is trained. Federal learning can break down the entire machine learning model workflow into modular units that can be learned and improved relatively independently. The federated learning model may provide a degree of privacy protection for the edge server because the data holder does not need to send the raw data. Although the traditional federal learning process significantly enhances privacy protection compared to training with all data centralized, there are still other privacy issues, such as inferring the training data held by a participant through global models and parameters passed by the participant.
In order to improve privacy protection of data during data aggregation in the power internet of things, each edge server uses local data of the edge server to perform model training, model parameters are transmitted to a power supply office server through various privacy protection methods, the power supply office server performs safe aggregation on the model parameters provided by a plurality of edge servers to obtain a more complete global model, and finally an aggregation result is returned to the edge internet of things. And the power supply office server is ensured not to obtain the privacy information of any edge server according to the encryption parameters provided by the edge server in the algorithm implementation process.
In this embodiment, the edge server uses the public key to generate the shared key to calculate the random vector, so as to implement the noise-adding processing on the local model parameter, and implement the secure aggregation of the power supply bureau on the parameter through the designed random vector algorithm.
Firstly, the edge server generates a public key according to the security parameters sent by the credible third party server, and sends the public key to the power supply office server, and the power supply office server is connected with a plurality of edge servers. For a power supply office server in the power internet of thingsWhich connects and manages a group of edge servers including a plurality of edge servers. Each edge server managed by the power supply office server generates a public key and sends the public key to the power supply office server. The public key of the edge server is for example
Figure BDA0002854635330000101
Wherein the public key is generated according to the security parameter k sent by the trusted third party server.
Step S102, the power supply bureau server broadcasts the received public key sent by each edge server.
The power supply bureau server needs to broadcast all the received public keys to all the edge servers, so that all the edge servers managed by the power supply bureau server can know the public keys of other edge servers.
And step S103, the edge server generates a shared key according to the received public keys of other edge servers, calculates a ciphertext according to the shared key and then sends the ciphertext to the power supply bureau server.
The edge server can generate a shared secret key according to the received public keys of other edge servers
Figure BDA0002854635330000111
Then the edge server calculates and sends the ciphertext e according to the calculated shared secret keyu,v
Figure BDA0002854635330000112
Where u, v, represent users who share a secret key,
Figure BDA0002854635330000113
represents a public key used for key agreement,
Figure BDA0002854635330000114
representing a public key for secret sharing, bu,vRepresents a random vector for noising, ae.enc () represents an encryption function, and ka.agree () represents a key agreement function.
Step S104, the power supply bureau server broadcasts the received ciphertext sent by each edge server
The power supply office server receives and broadcasts the ciphertext e of all edge serversu,v
And S105, the edge server calculates a random vector according to the received ciphertext of the other edge servers, makes a noise on the local parameter according to the random vector, encrypts the local parameter to obtain a local model, and then sends the local model to the power supply office server.
The edge server receives the ciphertext e of other edge serversu,vComputing a random vector pu,vAnd puFrom a random vector pu,vAnd puFor local parameter xuAdding noise to obtain yu=xu+pu+∑pu,vTo y foruEncrypting to obtain a local model ZuThen the local model Z isuAnd sending the data to a power supply office server. Wherein the local parameter xuIs pre-stored in the edge server.
And step S106, the power supply bureau server aggregates the received local models sent by each edge server to obtain an aggregation model, and sends the aggregation model to the rest edge servers.
The power supply bureau server receives all the local models ZuAnd performing post-polymerization to obtain a polymerization model Z 'and sending the polymerization model Z' to the rest edge servers. Therefore, safe data aggregation of the power edge Internet of things based on federal learning is achieved, aggregated data are obtained, and the residual edge servers in the power Internet of things also obtain an aggregation model.
Fig. 2 is a flowchart of another federate learning-based power edge internet of things data security aggregation method provided in an embodiment of the present invention, and as shown in fig. 2, the federate learning-based power edge internet of things data security aggregation method provided in this embodiment further includes, on the basis of fig. 1:
and step 107, the edge server receiving the aggregation model decrypts the aggregation model part to obtain a part of decrypted aggregation model, and sends the part of decrypted aggregation model to the power supply office server.
The edge server receives the Z 'rear decomposition secret to obtain Z'uAnd sent to the power supply office server.
And step 108, the power supply bureau server aggregates the received partial decryption aggregation models sent by each edge server to obtain an updated aggregation model, and broadcasts a residual edge server list.
Power supply office server aggregates all Z'uGet Y and send the remaining edge server list.
In step 109, the edge server that receives the list of remaining edge servers sends a public key for the edge server to the power supply office server according to the list of remaining edge servers.
The edge server receiving the list of the remaining edge servers sends a public key related to the edge server v to the power supply office server according to the list of the remaining edge servers
Figure BDA0002854635330000121
Or bv,u
In step 110, the service bureau server reconstructs the received public key about the edge server, determines the exited edge server and the remaining edge servers, and calculates to obtain the aggregation parameter.
The power supply office server receives the public key of the edge server
Figure BDA0002854635330000122
Or bv,uDetermining the public key of the exiting edge server after recombination
Figure BDA0002854635330000123
And the public key b of the remaining edge serveruAnd calculating to obtain a polymerization parameter X.
In the embodiment shown in fig. 1, only the establishment of the aggregation model is completed, and in the embodiment shown in fig. 2, the calculation of the aggregation parameters is further performed, so that the update of the aggregation model is realized.
According to the safe aggregation method for the data of the power edge Internet of things based on the federal learning, provided by the embodiment of the invention, the edge server in the power Internet of things can complete the federal learning task on the premise of protecting local sensitive information from being leaked. Meanwhile, the global model stored in the power supply bureau server can be conveniently used by the edge server, so that the further development of the power internet of things is promoted, and the power edge internet of things data security aggregation method based on the federal learning provided by the embodiment of the invention solves several privacy problems in the federal learning environment: (1) protecting local sensitive data during learning; (2) preventing leakage of intermediate results of learning and final models; (3) the correctness of the result is ensured after the edge server exits halfway. By using the federate learning-based power edge Internet of things data security aggregation method provided by the embodiment of the invention, data aggregation of a plurality of servers can be efficiently realized on the premise of enhancing privacy protection, and offline and aggregation result verification are supported.
It should be noted that, in the process of data security aggregation, the power supply office server verifies whether the identity of the edge server transmitting the intermediate result is true by constructing a zero-knowledge proof, that is, verifies whether the edge server is a true edge server, so as to further improve the security of data in the power internet of things.
Fig. 3 is a flowchart of another federal learning-based power edge internet of things data security aggregation method provided in an embodiment of the present invention, and fig. 2 shows a flowchart of authentication in an edge internet of things firmware fault detection method based on federal learning.
Step S301, the edge server calculates a local public value according to the public value distributed by the trusted third party server, and sends the local public value to the power supply office server.
The edge server distributes a public value a according to the credible third party serveruCalculating local public values
Figure BDA0002854635330000131
And will local public value a'uAnd sending to the power bureau server, wherein delta f (u) represents the number of the users u. The credible third party server distributes a public value a to each edge server and power supply office serveru
Step S302, the power supply bureau server obtains an aggregation verification model after aggregating the received local models and local public values sent by each edge server, and sends the aggregation verification model to the rest edge servers.
The power supply office server sends a local model Z according to the received local model Z sent by each edge serveruAnd a 'local public value'uAnd obtaining an aggregation verification model after aggregation, and sending the aggregation verification model Z' to the rest edge servers.
Step S303, the edge server receiving the aggregation model calculates the aggregation verification model to obtain a local aggregation verification model, and sends the local aggregation verification model to the power supply bureau server.
The edge server receiving the aggregation model Z' calculates the aggregation verification model to obtain a local aggregation verification model
Figure BDA0002854635330000141
And verifies model Z 'by local polymerization'uAnd sending the data to a power supply office server.
Step S304, the power supply bureau server verifies the local aggregation verification model to determine whether the identity of the edge server sending the local verification model is real.
Power supply bureau server judges local aggregation verification model Z'uWhether or not to satisfy
Figure BDA0002854635330000142
And if so, determining the identity of the edge server sending the local verification model to be real.
Fig. 4 is a flowchart of another federal learning-based power edge internet of things data security aggregation method provided in an embodiment of the present invention, and fig. 4 shows a flowchart of model correctness verification in the federal learning-based power edge internet of things data security aggregation method.
After the data security aggregation in the power internet of things is completed according to the embodiments, the aggregation result can be verified. In this embodiment, a specific flow of verifying the aggregation result is shown.
Step S401, the edge server calculates verification data through a homomorphic hash function and a pseudo-random function provided by the trusted third party server, and sends the verification data to the power supply office server.
The edge server calculates and sends the following verification data to the power supply office server: HF (x)u)=(An,Bn),
Figure BDA0002854635330000143
PFK(n,τ)=(En,Fn),
Figure BDA0002854635330000144
Figure BDA0002854635330000145
ΩnWhere HF () denotes a homomorphic hash function, xuParameter representing transmission of user u, An,BnEtc. represent authentication parameters, and PF () represents a pseudo random function. Wherein the private key of the homomorphic hash function (δ, ρ) and the private key of the pseudorandom function K ═ K (K)1,K2) Distributed by a trusted third party server.
Step S402, the power supply bureau server receives the verification data sent by each edge server, then aggregates the verification data to obtain aggregated verification data, and sends the aggregated parameters and the aggregated verification data to the rest edge servers.
The power supply office server obtains the following aggregation verification parameter A ═ Pi An,B=∏Bn,L=∏Ln,Q=∏Qn,Ω=∏ΩnAnd sending the aggregation parameter X and the aggregation verification data to the rest edge servers.
Step S403, the edge server that receives the aggregation parameter and the aggregation verification data performs correctness verification on the aggregation parameter and the aggregation verification data, and determines whether the aggregation parameter is correct.
The edge server receiving the aggregation parameter and the aggregation verification data calculates (A ', B') from the aggregation parameter X,
Figure BDA0002854635330000151
phi is then calculated whether (a, B) ═ a ', B'), e (a, h) ═ e (g, B), e (L, h) ═ e (g, Q), phi ═ e (a, h) · e (L, h) is satisfied, and if so, the polymerization parameters are determined to be correct.
According to the federate learning-based safe aggregation method for data of the electric power edge Internet of things, each edge server uses local data of the edge server to conduct model training, model parameters are transmitted to the power supply office server through various privacy protection methods, the power supply office server conducts safe aggregation on the model parameters provided by the edge servers, a more complete global model is obtained, and finally an aggregation result is returned to the edge Internet of things. The embodiment of the invention ensures that the power supply office server can not acquire the privacy information of any edge server according to the encryption parameters provided by the edge server in the algorithm implementation process. In addition, the embodiment of the invention designs a corresponding homomorphic encryption and random number generation algorithm in the model verification to ensure the reliability of the verification process and the verification result and prevent the verification result from deviating from the actual result.
In addition, in the embodiment of the present invention, the system initialization needs to be performed first, which includes the following three steps: the trusted third-party server sends a security parameter k for key agreement to each edge server; the credible third-party server sends a public value a to each edge server and power supply office serveru(ii) a The trusted third party server sends the private key (delta, rho) of the homomorphic hash function and the private key K of the pseudo-random function to each edge server (K ═ K-1,K2)。
Fig. 5 is a system architecture diagram of the federate learning-based power edge internet of things data security aggregation method provided by the embodiment of the present invention, and as shown in fig. 5, a trusted third party server distributes various parameters including security parameters, public values, homomorphic hash functions, private keys of pseudorandom functions, and the like to an edge server and a power supply bureau server, respectively. And then the edge server locally completes the updating of the local model, the power supply bureau server updates the safety aggregation model aggregated by the local model sent by each edge server to obtain a global model, and then the global model is returned to each edge server, so that the safety data aggregation in the federal learning is completed.
Fig. 6 is a schematic structural diagram of the power edge internet-of-things data security aggregation system based on federal learning according to the embodiment of the present invention, and as shown in fig. 6, the power edge internet-of-things data security aggregation system based on federal learning according to the embodiment of the present invention includes a power supply bureau server, a plurality of edge servers, and a trusted third party server.
Each edge server is used for generating a public key according to the safety parameters sent by the credible third party server and sending the public key to the power supply office server, and the power supply office server is connected with the edge servers;
the power supply bureau server is used for broadcasting the received public key sent by each edge server;
the edge server is used for generating a shared key according to the received public keys of other edge servers, calculating a ciphertext according to the shared key and then sending the ciphertext to the power supply bureau server;
the power supply bureau server is used for broadcasting the received ciphertext sent by each edge server;
the edge server is used for calculating a random vector according to the received ciphertext of other edge servers, adding noise to the local parameter according to the random vector, encrypting to obtain a local model, and then sending the local model to the power supply office server;
the power supply bureau server is used for aggregating the received local models sent by each edge server to obtain an aggregation model and sending the aggregation model to the rest edge servers;
the trusted third-party server is used for sending security parameters for key agreement to each edge server, sending public values to each edge server and the power supply bureau server, and sending private keys of a homomorphic hash function and a pseudorandom function to each edge server.
The federal learning-based power edge internet of things data security aggregation system provided by the embodiment can be used for executing the federal learning-based power edge internet of things data security aggregation method shown in fig. 1-4.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments illustrated herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A safe aggregation method for data of an electric power edge Internet of things based on federal learning is characterized by comprising the following steps:
the edge server generates a public key according to the security parameters sent by the trusted third party server and sends the public key to the power supply office server, and the power supply office server is connected with the edge servers;
the power supply bureau server broadcasts the received public key sent by each edge server;
the edge server generates a shared key according to the received public keys of other edge servers, calculates a ciphertext according to the shared key and then sends the ciphertext to the power supply bureau server;
the power supply bureau server broadcasts the received ciphertext sent by each edge server;
the edge server calculates a random vector according to the received ciphertext of other edge servers, makes a noise on a local parameter according to the random vector, encrypts the local parameter to obtain a local model, and then sends the local model to the power supply office server;
and the power supply office server aggregates the received local models sent by each edge server to obtain an aggregation model, and sends the aggregation model to the rest edge servers.
2. The method of claim 1, wherein the public key of the edge server is
Figure FDA0002854635320000011
The shared secret key is
Figure FDA0002854635320000012
The ciphertext is
Figure FDA0002854635320000013
Where u, v, represent users who share a secret key,
Figure FDA0002854635320000014
represents a public key used for key agreement,
Figure FDA0002854635320000015
representing a public key for secret sharing, bu,vRepresents a random vector for noise addition, ae.enc () represents an encryption function, and ka.agree () represents a key agreement function;
the edge server calculates a random vector according to the received ciphertext of the other edge servers, adds noise to a local parameter according to the random vector, encrypts the local parameter to obtain a local model, and then sends the local model to the power supply office server, and the method comprises the following steps:
the edge server receives the ciphertext e of other edge serversu,vComputing a random vector pu,vAnd puAccording to said random vector pu,vAnd puFor local parameter xuAdding noise to obtain yu=xu+pu+∑pu,vTo y foruEncrypting to obtain a local model ZuThen the local model Z isuAnd sending the data to the power supply office server.
3. The method according to claim 1, wherein the power supply office server aggregates the received local models sent by each edge server to obtain an aggregate model, and sends the aggregate model to the remaining edge servers, further comprising:
the edge server receiving the aggregation model decrypts the aggregation model partially to obtain a partially decrypted aggregation model, and sends the partially decrypted aggregation model to the power supply office server;
the power supply bureau server aggregates the received partial decryption aggregation models sent by each edge server to obtain an updated aggregation model, and broadcasts a list of the rest edge servers;
the edge server receiving the list of the residual edge servers sends a public key related to the edge server to the power supply office server according to the list of the residual edge servers;
and the power supply bureau server recombines the received public key related to the edge server, determines the exited edge server and the rest edge servers, and calculates to obtain the aggregation parameter.
4. The method of claim 3, wherein the edge server receiving the list of remaining edge servers sends a public key for the edge server to the supply office server according to the list of remaining edge servers, comprising:
the edge server receiving the list of the remaining edge servers sends a public key related to the edge server v to the power supply office server according to the list of the remaining edge servers
Figure FDA0002854635320000021
Or bv,u
The power supply bureau server determines the exited edge server and the rest edge servers after recombining the received public key related to the edge server, and calculates to obtain the aggregation parameters, and the method comprises the following steps:
the power supply office server receives the public key of the edge server
Figure FDA0002854635320000022
Or bv,uDetermining the public key of the exiting edge server after recombination
Figure FDA0002854635320000023
And the public key b of the remaining edge serveruAnd calculating to obtain a polymerization parameter X.
5. The method according to claim 1, wherein the edge server calculates a random vector according to the received ciphertext of the other edge server, adds noise to a local parameter according to the random vector, encrypts the local parameter to obtain a local model, and then sends the local model to the power supply office server, and further comprising:
the edge server calculates a local public value according to the public value distributed by the trusted third-party server and sends the local public value to the power supply office server;
the power supply bureau server obtains an aggregation verification model after aggregating the received local models and local public values sent by each edge server, and sends the aggregation verification model to the rest edge servers;
the edge server receiving the aggregation model calculates the aggregation verification model to obtain a local aggregation verification model, and sends the local aggregation verification model to the power supply office server;
and the power supply office server verifies the local aggregation verification model to determine whether the identity of the edge server sending the local verification model is real or not.
6. The method of claim 5, wherein the edge server calculates a local public value from the public value distributed by the trusted third party server and sends the local public value to the power supply office server, comprising:
the edge server distributes a public value a according to the credible third party serveruCalculating local public values
Figure FDA0002854635320000031
And will local public value a'uSending to the power bureau server, wherein Δ f (u) represents the number of users u;
the power supply bureau server obtains an aggregation verification model Z' according to the received local model aggregation and local public value aggregation sent by each edge server, and sends the aggregation verification model to the rest edge servers, and the method comprises the following steps:
the power supply bureau server sends a local model Z according to the received local model Z sent by each edge serveruAnd a 'local public value'uObtaining an aggregation verification model after aggregation, and sending the aggregation verification model Z' to the rest edge servers;
the edge server receiving the aggregation model calculates the aggregation verification model to obtain a local aggregation verification model, and sends the local aggregation verification model to the power supply office server, including:
the edge server receiving the aggregation model Z' calculates the aggregation verification model to obtain a local aggregation verification model
Figure FDA0002854635320000041
And verifying the native polymerization verification model Z'uSending the data to the power supply office server;
the power supply office server verifying the local aggregation verification model to determine whether the identity of the edge server sending the local verification model is real, including:
the power supply bureau server judges a local polymerization verification model Z'uWhether or not to satisfy
Figure FDA0002854635320000042
And if so, determining that the identity of the edge server sending the local verification model is real.
7. The method of claim 3, wherein the power bureau server determines the exiting edge server and the remaining edge servers after recombining the received public keys of the remaining edge servers and calculating the aggregation parameters, further comprising:
the edge server calculates verification data through a homomorphic hash function and a pseudo-random function provided by a trusted third party server and sends the verification data to the power supply office server;
after receiving the verification data sent by each edge server, the power supply bureau server aggregates the verification data to obtain aggregated verification data, and sends the aggregated parameters and the aggregated verification data to the rest edge servers;
and the edge server which receives the aggregation parameter and the aggregation verification data carries out correctness verification on the aggregation parameter and the aggregation verification data and determines whether the aggregation parameter is correct or not.
8. The method of claim 7, wherein the edge server calculates verification data through a homomorphic hash function and a pseudo-random function provided by a trusted third party server and sends the verification data to the power supply office server, and the method comprises:
the edge server calculates and sends the following verification data to the power supply office server: HF (x)u)=(An,Bn),
Figure FDA0002854635320000053
PFK(n,τ)=(En,Fn),
Figure FDA0002854635320000051
ΩnWhere HF () denotes a homomorphic hash function, xuParameter representing transmission of user u, An,BnEtc. represent authentication parameters, PF () represents a pseudo random function;
the method for obtaining the aggregation verification data by aggregating the verification data received by the power supply bureau server and sent by each edge server and sending the aggregation parameters and the aggregation verification data to the rest edge servers comprises the following steps:
the power supply bureau server obtains the following polymerization verification parameter A ═ II An,B=ПBn,L=ПLn,Q=ПQn,Ω=ПΩnAnd sending the aggregation parameter X to the rest edge serversAnd aggregating the validation data;
the edge server which receives the aggregation parameter and the aggregation verification data carries out correctness verification on the aggregation parameter and the aggregation verification data to determine whether the aggregation parameter is correct or not;
the edge server receiving the aggregation parameter and the aggregation verification data calculates (A ', B') from the aggregation parameter X,
Figure FDA0002854635320000052
phi is then calculated whether (a, B) ═ a ', B'), e (a, h) ═ e (g, B), e (L, h) ═ e (g, Q), phi ═ e (a, h) · e (L, h) is satisfied, and if so, the polymerization parameters are determined to be correct.
9. The method according to any one of claims 1 to 8, further comprising:
the trusted third-party server sends security parameters for key agreement to each edge server;
the trusted third-party server sends public values to each edge server and the power supply office server;
and the trusted third party server sends the private keys of the homomorphic hash function and the pseudo-random function to each edge server.
10. The utility model provides a safe polymerization system of electric power edge thing networking data based on federal study which characterized in that includes: the system comprises a power supply office server, a plurality of edge servers and a trusted third party server;
each edge server is used for generating a public key according to the safety parameters sent by the credible third party server and sending the public key to the power supply office server, and the power supply office server is connected with a plurality of edge servers;
the power supply bureau server is used for broadcasting the received public key sent by each edge server;
the edge server is used for generating a shared key according to the received public keys of other edge servers, calculating a ciphertext according to the shared key and then sending the ciphertext to the power supply bureau server;
the power supply bureau server is used for broadcasting the received ciphertext sent by each edge server;
the edge server is used for calculating a random vector according to the received ciphertext of other edge servers, adding noise to local parameters according to the random vector, encrypting the local parameters to obtain a local model, and then sending the local model to the power supply office server;
the power supply bureau server is used for aggregating the received local models sent by each edge server to obtain an aggregation model and sending the aggregation model to the rest edge servers;
the trusted third-party server is used for sending security parameters for key agreement to each edge server, sending public values to each edge server and the power supply bureau server, and sending private keys of homomorphic hash functions and pseudo-random functions to each edge server.
CN202011540046.4A 2020-12-23 2020-12-23 Safe aggregation method and system for data of power edge internet of things based on federal learning Active CN112769766B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011540046.4A CN112769766B (en) 2020-12-23 2020-12-23 Safe aggregation method and system for data of power edge internet of things based on federal learning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011540046.4A CN112769766B (en) 2020-12-23 2020-12-23 Safe aggregation method and system for data of power edge internet of things based on federal learning

Publications (2)

Publication Number Publication Date
CN112769766A true CN112769766A (en) 2021-05-07
CN112769766B CN112769766B (en) 2023-03-24

Family

ID=75695805

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011540046.4A Active CN112769766B (en) 2020-12-23 2020-12-23 Safe aggregation method and system for data of power edge internet of things based on federal learning

Country Status (1)

Country Link
CN (1) CN112769766B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109684855A (en) * 2018-12-17 2019-04-26 电子科技大学 A kind of combined depth learning training method based on secret protection technology
CN110572253A (en) * 2019-09-16 2019-12-13 济南大学 Method and system for enhancing privacy of federated learning training data
CN111212110A (en) * 2019-12-13 2020-05-29 清华大学深圳国际研究生院 Block chain-based federal learning system and method
CN111611610A (en) * 2020-04-12 2020-09-01 西安电子科技大学 Federal learning information processing method, system, storage medium, program, and terminal
US20200295934A1 (en) * 2017-09-27 2020-09-17 Covault Inc. Joint blind key escrow
CN112070240A (en) * 2020-09-07 2020-12-11 清华大学 Layered federal learning framework for efficient communication and optimization method and system thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200295934A1 (en) * 2017-09-27 2020-09-17 Covault Inc. Joint blind key escrow
CN109684855A (en) * 2018-12-17 2019-04-26 电子科技大学 A kind of combined depth learning training method based on secret protection technology
CN110572253A (en) * 2019-09-16 2019-12-13 济南大学 Method and system for enhancing privacy of federated learning training data
CN111212110A (en) * 2019-12-13 2020-05-29 清华大学深圳国际研究生院 Block chain-based federal learning system and method
CN111611610A (en) * 2020-04-12 2020-09-01 西安电子科技大学 Federal learning information processing method, system, storage medium, program, and terminal
CN112070240A (en) * 2020-09-07 2020-12-11 清华大学 Layered federal learning framework for efficient communication and optimization method and system thereof

Also Published As

Publication number Publication date
CN112769766B (en) 2023-03-24

Similar Documents

Publication Publication Date Title
CN111598254B (en) Federal learning modeling method, device and readable storage medium
Xu et al. VerifyNet: Secure and verifiable federated learning
Khan et al. An efficient and provably secure certificateless key-encapsulated signcryption scheme for flying ad-hoc network
Bera et al. Designing blockchain-based access control protocol in IoT-enabled smart-grid system
Zhang et al. Reliable and privacy-preserving truth discovery for mobile crowdsensing systems
Zuo et al. Privacy-preserving multidimensional data aggregation scheme without trusted authority in smart grid
CN112749392B (en) Method and system for detecting abnormal nodes in federated learning
CN114338045A (en) Information data verifiability safety sharing method and system based on block chain and federal learning
CN112733163B (en) Monitorable zero-knowledge proof method and device based on discrete logarithm equality proof
Wang et al. Enhancing privacy preservation and trustworthiness for decentralized federated learning
CN115396115B (en) Block chain data privacy protection method, device, equipment and readable storage medium
Xiong et al. Scalable and forward secure network attestation with privacy-preserving in cloud-assisted internet of things
CN114996762A (en) Medical data sharing and privacy protection method and system based on federal learning
CN116011014A (en) Privacy computing method and privacy computing system
Ni et al. Multi-party dynamic state estimation that preserves data and model privacy
CN112600675A (en) Electronic voting method and device based on group signature, electronic equipment and storage medium
CN105978689A (en) Anti-key-exposure cloud data safe sharing method
CN113420886B (en) Training method, device, equipment and storage medium for longitudinal federal learning model
Huang et al. ZT-Access: A combining zero trust access control with attribute-based encryption scheme against compromised devices in power IoT environments
Lv et al. ESPPTD: An efficient slicing-based privacy-preserving truth discovery in mobile crowd sensing
Lu et al. Transactive energy system deployment over insecure communication links
Hu et al. An efficient and secure data collection scheme for predictive maintenance of vehicles
CN117527183A (en) Power data-oriented decentralization sharing and cross-chain computing method and system
Paverd Enhancing communication privacy using trustworthy remote entities
CN112769766B (en) Safe aggregation method and system for data of power edge internet of things based on federal learning

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant