CN114866222A - Ciphertext data statistical analysis system and method supporting privacy protection - Google Patents

Ciphertext data statistical analysis system and method supporting privacy protection Download PDF

Info

Publication number
CN114866222A
CN114866222A CN202210681492.XA CN202210681492A CN114866222A CN 114866222 A CN114866222 A CN 114866222A CN 202210681492 A CN202210681492 A CN 202210681492A CN 114866222 A CN114866222 A CN 114866222A
Authority
CN
China
Prior art keywords
ciphertext data
data
ciphertext
digital signature
report
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210681492.XA
Other languages
Chinese (zh)
Other versions
CN114866222B (en
Inventor
孔凡玉
陶云亭
史玉良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong University
Original Assignee
Shandong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong University filed Critical Shandong University
Priority to CN202210681492.XA priority Critical patent/CN114866222B/en
Publication of CN114866222A publication Critical patent/CN114866222A/en
Application granted granted Critical
Publication of CN114866222B publication Critical patent/CN114866222B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)

Abstract

The scheme is based on the adoption of a homomorphic encryption algorithm and a digital signature algorithm, realizes the statistical analysis and energy supply of ciphertext data, supports the functions of statistical analysis function calculation and abnormal value detection statistical analysis in a ciphertext state, and provides data analysis service and system condition early warning for a supervision institution; the scheme reduces the calculation load of a single node by adopting a multilayer aggregation structure, namely, the edge node and the cloud node share the calculation task of statistics; the edge nodes and the cloud nodes perform homomorphic statistical operation in a ciphertext state, so that user data and statistical data are prevented from being stolen by an adversary, and malicious behaviors in a system are resisted; meanwhile, the scheme uses a secret sharing technology to ensure that the total number of the sensor devices cannot be obtained when the edge devices and the control center can calculate the average value.

Description

Ciphertext data statistical analysis system and method supporting privacy protection
Technical Field
The disclosure belongs to the technical field of network information security, and particularly relates to a ciphertext data statistical analysis system and method supporting privacy protection.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
In recent years, the internet of things and the wireless sensor network are widely applied to application scenes such as smart agriculture, industrial manufacturing, smart transportation, smart home, automatic driving of automobiles, medical care and the like. Sensor equipment and terminals in the Internet of things are responsible for sensing real-time data and transmitting the sensed data to a control center for data analysis and intelligent control. Meanwhile, a supervision organization (such as scenes of security, environmental protection, electric power, agriculture, factories and the like) needs to perform real-time statistical analysis on abnormal conditions of terminal equipment and data through the internet of things to make corresponding management measures or emergency response.
In various internet of things and wireless sensor networks, edge computing equipment is deployed near a terminal and a sensor equipment area, and part of data statistics and computing tasks of the terminal and the sensor equipment can be distributed to the edge equipment, so that computing enhancement services are provided for the terminal and the sensor with limited resources. And the edge computing devices of the multiple areas transmit the aggregated data to the cloud control center for further statistical computation.
However, the inventors have found that the data aggregation, transmission and statistical analysis process may encounter some potential attacks and security risks such as illegal eavesdropping, malicious tampering, counterfeit and forgery. Because the internet of things terminal and the wireless sensor are usually deployed in an unattended environment, data may be captured or forged in the transmission process; an adversary can invade the edge gateway to steal the private data of the user; when the statistical analysis data is transmitted in a wireless local area network or the internet, an adversary may eavesdrop. Meanwhile, the cloud control center serves as a third-party service provider, and if the cloud control center knows the statistical data, corresponding business secrets can be deduced and utilized; the monitoring authority only has the right to acquire statistical data in the authority range, and the quantity of the sensors and the represented industrial scale need to be kept secret; in order to realize the security guarantee of data statistical analysis aiming at the security risks, the traditional encryption method cannot effectively solve the problem of ciphertext data statistical analysis of edge calculation enhancement.
Disclosure of Invention
In order to solve the above problems, the present disclosure provides a cryptograph data statistical analysis system and method supporting privacy protection, in the scheme, a plurality of parties including an edge aggregator, a cloud control center, a supervision agency participate in calculation, the number of sensors of the internet of things is not revealed to the cloud control center and the supervision agency, confidentiality and integrity of data are ensured by using an addition homomorphic encryption algorithm and a digital signature algorithm, and the number of sensors is blinded by using linear transformation, so that confidentiality of equipment scale is realized; the scheme supports the functions of statistical analysis function calculation and abnormal value detection statistical analysis in a ciphertext state, and provides data analysis service and system condition early warning for a supervision organization.
According to a first aspect of the embodiments of the present disclosure, there is provided a ciphertext data statistical analysis system supporting privacy protection, including:
a trusted authority for generating independent public and private keys for the sensor device, the edge aggregator, the control center, and the regulatory body;
the sensor equipment is used for performing basic preprocessing on the acquired data, encrypting the data through a homomorphic encryption algorithm, generating a digital signature of the sensor equipment by using a digital signature algorithm based on the ID of the sensor equipment to form a ciphertext data report, and sending the ciphertext data report to the edge aggregator;
the edge aggregator is used for receiving the ciphertext data report of the sensor equipment in the preset area and performing preset operation processing on encrypted data in the ciphertext data report; meanwhile, the equipment number of the current area is subjected to blinding processing based on a blinding number from a supervision mechanism, a ciphertext data report is formed based on the data subjected to the preset operation processing and the digital signature of the edge aggregator, and the ciphertext data report is sent to a control center;
the control center is used for receiving the ciphertext data report from the edge aggregator and carrying out preset operation processing on the encrypted data in the ciphertext data report; based on the processed encrypted data and the digital signature of the control center, a ciphertext data report is formed and sent to a supervision organization;
and the monitoring mechanism is used for receiving the ciphertext data report from the control center, carrying out decryption processing and de-blinding processing on the ciphertext data and obtaining a statistical analysis result.
Further, after receiving the ciphertext data report of the sensor device in the preset area, the edge aggregator specifically executes the following operations: verifying the validity of the signature of the ciphertext data report; for the ciphertext data report passing the verification, performing preset operation on the ciphertext data; and generating a digital signature of the edge aggregator based on the edge aggregator ID; forming a ciphertext data report based on the data subjected to the aggregation operation and the digital signature, and sending the ciphertext data report to a control center;
further, the trusted authority is further configured to: and generating an encryption public key and a decryption private key of a homomorphic encryption algorithm and a signature public key and a signature private key of a digital signature algorithm according to preset safety parameters, and distributing the keys based on preset rules.
Further, the blinding processing is performed on the number of devices in the current area based on the blinding number from the monitoring authority, specifically, the following formula is adopted for processing:
m′ k =αm kk
wherein m' k Number of devices after blinding, m k Alpha and beta are actual number of devices k Together forming the pair of blinded numbers.
Further, the distribution of the key specifically includes: the trusted authorization center encrypts the public key pk through a preset security channel AHE And the signature private key sk DS,i Distributing to sensor equipment; will encrypt the public key pk AHE The signature private key sk DS,EA And a signature public key pk DS,i Sending the data to an edge aggregator; will encrypt the public key pk AHE Signed private key sk DS,CC And a signature public key pk DS,EA Sending the data to a control center; will decrypt the private key sk AHE (p, q, λ) and a public signature verification key pk DS,CC And sending the information to a supervision agency.
Further, the generation of the digital signature specifically includes: and generating a digital signature corresponding to the equipment through a digital signature algorithm based on the equipment ID identification.
Further, the homomorphic encryption algorithm includes, but is not limited to, Paillier homomorphic encryption algorithm, and the digital signature algorithm includes, but is not limited to, ECDSA digital signature algorithm.
Further, the preset operation comprises a summation operation, an arithmetic mean, a quadratic mean, a weighted mean, a variance, a data anomaly number and a data anomaly ratio.
Further, the basic preprocessing includes representing the collected data as a data vector, a squared sensing data vector, a weighted sensing data vector, and determining whether the data is abnormal.
According to a second aspect of the embodiments of the present disclosure, there is provided a ciphertext data statistical analysis method supporting privacy protection, based on the above ciphertext data statistical analysis system supporting privacy protection, including:
the trusted authorization center generates independent public keys and private keys for the sensor equipment, the edge aggregator, the control center and the monitoring authority;
the sensor equipment performs basic preprocessing on the acquired data, encrypts the data through a homomorphic encryption algorithm, generates a digital signature of the sensor equipment by using a digital signature algorithm based on the ID of the sensor equipment to form a ciphertext data report, and transmits the ciphertext data report to an edge aggregator;
the edge aggregator receives a ciphertext data report of the sensor equipment in a preset area, and performs preset operation processing on encrypted data in the ciphertext data report; meanwhile, the equipment number of the current area is subjected to blinding processing based on a blinding number from a supervision mechanism, a ciphertext data report is formed based on the data subjected to preset operation processing and the digital signature of the edge aggregator, and the ciphertext data report is sent to a control center;
the control center receives the ciphertext data report from the edge aggregator and performs preset operation processing on the encrypted data in the ciphertext data report; based on the processed encrypted data and the digital signature of the control center, a ciphertext data report is formed and sent to a supervision organization;
and the supervision mechanism receives the ciphertext data report from the control center, decrypts and de-blinds the ciphertext data, and obtains a statistical analysis result.
Compared with the prior art, the beneficial effect of this disclosure is:
(1) the scheme supports the functions of statistical analysis function calculation and abnormal numerical value detection statistical analysis in a ciphertext state, and provides data analysis service and system condition early warning for a supervision organization.
(2) The scheme disclosed by the invention adopts a multilayer aggregation structure, namely the edge nodes and the cloud nodes share the statistical computing task, so that the computing load at a single node is reduced. Meanwhile, homomorphic statistical operation is carried out on the edge nodes and the cloud nodes in a ciphertext state, user data and statistical data are prevented from being stolen by an adversary, and malicious behaviors in the system are resisted.
(3) The scheme of the disclosure uses a secret sharing technology to ensure that the total number of the sensor devices cannot be known when the edge devices and the control center can calculate the average value. The control center executes statistical function calculation in a ciphertext state by using the encrypted ciphertext and the blinded total number of the equipment; and after receiving the ciphertext, the monitoring mechanism processes the decrypted average value by using an improved extended Euclidean algorithm and calculates a correct average value. The method avoids the control center from explicitly calculating 'numerical value and/or total number' based on plaintext, thereby realizing privacy protection of equipment scale.
Advantages of additional aspects of the disclosure will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the disclosure.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure and are not to limit the disclosure.
Fig. 1 is a data transmission flow diagram of a ciphertext data statistics analysis system supporting privacy protection according to an embodiment of the present disclosure;
FIG. 2 is a flowchart illustrating the generation and distribution of a trusted authority TA key as a whole in an embodiment of the present disclosure;
FIG. 3 is a flow chart illustrating the sensor cluster transmitting a ciphertext data report to the edge aggregator EA, in accordance with an embodiment of the present disclosure;
fig. 4 is a flowchart illustrating the edge aggregator EA transmitting a ciphertext statistical analysis report to the control center CC according to an embodiment of the disclosure;
fig. 5 is a flowchart illustrating the transmission of a ciphertext statistical analysis report to a supervisory authority SV by the control center CC according to an embodiment of the present disclosure.
Detailed Description
The present disclosure is further described with reference to the following drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
The first embodiment is as follows:
the embodiment aims to provide a ciphertext data statistical analysis system supporting privacy protection.
A ciphertext data statistics analysis system that supports privacy protection, comprising:
a trusted authority for generating independent public and private keys for the sensor device, the edge aggregator, the control center, and the regulatory body;
the sensor equipment is used for performing basic preprocessing on the acquired data, encrypting the data through a homomorphic encryption algorithm, generating a digital signature of the sensor equipment by using a digital signature algorithm based on the ID of the sensor equipment to form a ciphertext data report, and sending the ciphertext data report to the edge aggregator;
the edge aggregator is used for receiving the ciphertext data report of the sensor equipment in the preset area and performing preset operation processing on encrypted data in the ciphertext data report; meanwhile, the equipment number of the current area is subjected to blinding processing based on a blinding number from a supervision mechanism, a ciphertext data report is formed based on the data subjected to the preset operation processing and the digital signature of the edge aggregator, and the ciphertext data report is sent to a control center;
the control center is used for receiving the ciphertext data report from the edge aggregator and carrying out preset operation processing on the encrypted data in the ciphertext data report; based on the processed encrypted data and the digital signature of the control center, a ciphertext data report is formed and sent to a supervision organization;
and the monitoring mechanism is used for receiving the ciphertext data report from the control center, carrying out decryption processing and de-blinding processing on the ciphertext data and obtaining a statistical analysis result.
Further, after receiving the ciphertext data report of the sensor device in the preset area, the edge aggregator specifically executes the following operations: verifying the validity of the signature of the ciphertext data report; for the ciphertext data report passing the verification, performing preset operation on the ciphertext data; and generating a digital signature of the edge aggregator based on the edge aggregator ID; forming a ciphertext data report based on the data subjected to the aggregation operation and the digital signature, and sending the ciphertext data report to a control center;
further, the trusted authority is further configured to: and generating an encryption public key and a decryption private key of a homomorphic encryption algorithm and a signature public key and a signature private key of a digital signature algorithm according to preset safety parameters, and distributing the keys based on preset rules.
Further, the blinding processing is performed on the number of devices in the current area based on the blinding number from the monitoring authority, specifically, the following formula is adopted for processing:
m′ k =αm kk
wherein m' k Number of devices after blinding, m k Alpha and beta are actual number of devices k Together forming the pair of blinded numbers.
Further, the distribution of the key specifically includes: the trusted authorization center encrypts the public key pk through a preset security channel AHE And the signature private key sk DS,i Distributing to sensor equipment; will encrypt the public key pk AHE The signature private key sk DS,EA And a signature public key pk DS,i Sending the data to an edge aggregator; will encrypt the public key pk AHE Signed private key sk DS,CC And a signature public key pk DS,EA Sending the data to a control center; will decrypt the private key sk AHE (p, q, λ) and a public signature verification key pk DS,CC And sending the information to a supervision agency.
Further, the generation of the digital signature specifically includes: and generating a digital signature corresponding to the equipment through a digital signature algorithm based on the equipment ID identification.
Further, the homomorphic encryption algorithm includes, but is not limited to, Paillier homomorphic encryption algorithm, and the digital signature algorithm includes, but is not limited to, ECDSA digital signature algorithm.
Further, the preset operation comprises a summation operation, an arithmetic mean, a quadratic mean, a weighted mean, a variance, a data anomaly number and a data anomaly ratio.
Further, the basic preprocessing includes representing the collected data as a data vector, a squared sensing data vector, a weighted sensing data vector, and determining whether the data is abnormal.
Specifically, for the convenience of understanding, the scheme of the present embodiment is described in detail below with reference to the accompanying drawings:
in order to solve the problems in the prior art, this embodiment provides a ciphertext data statistical analysis system supporting privacy protection, where the system includes the following five entities: a trusted authority TA; a sensor device SD; an edge aggregator EA; a control center CC; the regulatory agency SV. As shown in fig. 1, a data transmission flow chart of the system is shown, and the following describes the scheme of this embodiment in detail from the roles of different entities and the interaction among the entities:
trusted authority center TA
As shown in fig. 2, the following steps are specifically performed:
step A: and the TA generates a public and private key pair of the Paillier homomorphic encryption algorithm according to a given security parameter. Two large prime numbers p, q are randomly generated, and let N ═ pq and λ ═ lcm (p-1, q-1). Selecting
Figure BDA0003698592210000061
The order of g is a multiple of N.
And B: and the trusted authority center TA generates a public and private key pair of the ECDSA digital signature algorithm according to a given security parameter. Let G be a finite field
Figure BDA0003698592210000062
Base point of upper elliptic curve with order q 1 TA for each SD i TA selection of a Limited Domain
Figure BDA0003698592210000063
As its private key
Figure BDA0003698592210000064
And calculates out its public key pk DS,i =sk Ds,i ·G,SD i The public and private key pair is (pk) DS,i ,sk DS,i ) (ii) a Similarly, TA generates corresponding public and private key pair (pk) for EA, CC and SV DS,EA ,sk DS,EA )、(pk DS,CC ,sk DS,CC )、(pk DS,SV ,sk DS,SV ) (ii) a The system selects a secure hash function
Figure BDA0003698592210000065
And C: the trusted authority center TA encrypts the public key pair pk through a secure channel AHE (N, g) and the signature private key sk DS,i To sensor devices SD i (ii) a Will encrypt the public key pk AHE The signature private key sk DS,EA And a signature public key pk DS,i To the edge aggregator EA; will encrypt the public key pk AHE Signed private key sk DS,CC And a signature public key pk DS,EA Sending the data to a control center CC; will decrypt the private key sk AHE (p, q, λ) and a public signature verification key pk DS,CC To the regulatory authority SV.
Step D: random selection of a set of random numbers alpha, beta by a supervisory authority SV 12 ,…β n Wherein n is the number of edge gateways and satisfies beta 12 +…+β n When the number is 0, the number is paired with (alpha, beta) k ) Sent to the corresponding edge aggregator EA over a secure channel k
(II) sensor device SD
When the sensor cluster generates the perception data, the multidimensional data is combined into a vector. Meanwhile, in order to realize a diversified statistical function, a square data vector and a weighted data vector are generated at the same time. As shown in fig. 3, the sensor device SD specifically performs the following steps:
step A: optional sensor SD i First, a l-dimensional perceptual data vector d is generated i =(d i,1 ,d i,2 ,...,d i,j ,...d i,l ) (ii) a Then, by calculating the square
Figure BDA0003698592210000071
Generating a squared perceptual data vector
Figure BDA0003698592210000072
Position weight w according to the present sensor i Through d i,j,wei =d i,j w i Calculating to obtain a weighted sensing data vector d i,wei =(d i,1,wei ,d i,2,wei ,...,d i,j,wei ,...,d i,l,wei )。
And B: each sensor has a range interval of normal values, if the value of any dimension of the sensing data exceeds the normal interval of the values, the value is judged to be abnormal, and the SD is judged i Is abnormal counter d i,cnt Set to 1, otherwise set to 0.
And C: at SD i Generation of d i ,
Figure BDA0003698592210000073
d i,wei And d cnt,i Then, the sensor encrypts data of each dimension respectively by using a Paillier homomorphic encryption algorithm to obtain corresponding ciphertext vectors
Figure BDA0003698592210000074
c i,wei =(c i,1,wei ,…,c i,l,wei ) And c i,cnt
Step D: given the current time stamp TS, SD i Identification name ID of i The sensor generates a digital signature using the ECDSA algorithm. SD i Selecting a random number
Figure BDA0003698592210000075
Calculating (r) x,i ,r y,i )=k i G and
Figure BDA0003698592210000076
Figure BDA0003698592210000077
then the signature value sigma is obtained i =(sig i mod q 1 ,r x,i mod q 1 )。
And E, step E: sensor SD i Opt-in to send ciphertext data report to edge aggregator EA (c) i ,
Figure BDA0003698592210000078
c i,wei ,c i,cnti ,TS,ID i )。
(III) edge aggregator EA
Edge aggregator EA received sensor SD i And after the sent data report, carrying out aggregation operation. If the aggregation operation is done in clear text, the private data is exposed to the untrusted edge aggregator. Therefore, we perform these statistical analysis operations on a ciphertext basis. The perceptual data aggregation under the ciphertext is based on the addition homomorphism property of the Paillier encryption algorithm, and a statistical analysis report under the ciphertext is generated, as shown in fig. 4, and specifically includes:
step A: the EA first verifies the validity of the signature received from the report. EA calculation
Figure BDA0003698592210000081
Figure BDA0003698592210000082
EA passed verification of r' x,i mod q 1 =r x,i mod q 1 And judging the validity of the signature if the signature is established.
And B, step B: and after the signature is verified, the edge aggregator EA executes the ciphertext aggregation operation. Utilizing the homomorphic nature of the Paillier algorithm, Dec (Enc (d) 1 )Enc(d 2 )mod N 2 )=d 1 +d 2 mod N, EA calculation of c i =(c i,1 ,…,c i,l ),
Figure BDA0003698592210000083
Figure BDA0003698592210000084
c i,wei =(c i,1,wei ,…,c i,l,wei ) The sum c of each dimension j,sum ,c j,qsum ,c j,wsum (j is more than or equal to 1 and less than or equal to l). With c i For the example of the jth dimension of (c),
Figure BDA0003698592210000085
and C: the edge aggregator EA aggregates the counter ciphertext to obtain the total number ciphertext of the abnormal devices within the administration range of the EA, namely
Figure BDA0003698592210000086
Step D: the edge aggregator EA performs a blind processing on the sensing device number m in the area by using the blind number pair (α, β) transmitted by SV, and obtains m ═ α m + β.
And E, step E: given the current timestamp TS, EA identification ID EA The EA generates a digital signature. EA selects a random number
Figure BDA0003698592210000087
Calculating (r) x,EA ,r y,EA )=k EA G and sig EA =(H(c 1,sum ||…||c l,sum ||c 1,qsum ||…||c l,qsum ||c 1,wsum ||…||c l,wsum ||c i,cnt ||TS||ID i )+sk DS,EA r x,EA )/k EA Then obtain the signature value sigma EA =(sig EA mod q 1 ,r x,EA mod q 1 )。
And E, step E: the edge aggregator EA sends a ciphertext data report to the control center CC (c) j,sum ,c j,qsum ,c j,wsum ,c cnt ,m′,σ EA ,TS,ID EA ),(1≤j≤l)。
(IV) control center CC
And after receiving the statistical analysis report sent by the edge aggregator EA, the control center CC performs ciphertext averaging. Since the total number of devices is blinded and hidden by the EA, the control center CC cannot know each EA k The specific number of devices governed and the total number of devices. Therefore, the average value obtained by CC is a blinded average value. As shown in fig. 5, the control center CC specifically executes the following steps:
step A: the CC verifies the validity of the statistical report signature. Calculating (r' x,EA ,r′ y,EA )=G/(sig EA ·H(c 1,sum ||…||c l,sum ||c 1,qsum ||…||c l,qsum ||c 1,wsum ||…||c l,wsum ||c cnt ||m′||TS||ID EA )+pk EA /sig EA r x,EA EA pass verification of r' x,EA mod q 1 =r x,i mod q 1 And judging the validity of the signature if the signature is established.
And B: after the signature verification is passed, the control center CC transmits the blinded device number m 'for each EA' k And (k is more than or equal to 1 and less than or equal to n) are added. The result of the summation is m 'due to the nature of the blinding parameter' sum =m′ 1 +m′ 2 +…+m′ n =α(m 1 +m 1 +…+m n )+β 12 +…+β n =α(m 1 +m 1 +…+m n )。
And C: utilizing homomorphism property of Paillier homomorphism encryption algorithm
Figure BDA0003698592210000088
And total number of blinded devices m' sum CC calculation of c i ,
Figure BDA0003698592210000091
c i,wei The blinded mean value c of each dimension j,mean ,c j,qmean ,c j,wmean . Taking the j-th dimension as an example,
Figure BDA0003698592210000092
abnormal equipment ratio example after CC calculation blinding
Figure BDA0003698592210000093
Figure BDA0003698592210000094
Step D: given the current timestamp TS, the ID of the identification name of CC CC The EA generates a digital signature. CC selects a random number
Figure BDA0003698592210000095
Calculating (r) x,CC ,r y,CC )=k CC G and sig CC =(H(c 1,mean ||…||c l,mean ||c 1,qmean ||…||c l,qmean ||c 1,wmean ||…||c l,wmean ||c rat,cnt ||TS||ID CC )+sk DS,CC r x,CC )/k CC Then obtain the signature value sigma CC =(sig CC mod q 1 ,r x,CC mod q 1 )。
Step E: the control center CC sends a ciphertext data report to the supervision authority SV (c) j,mean ,c j,qmean ,c j,wmean ,c rat,cntCC ,TS,ID CC ),(1≤j≤l)。
(V) supervision agency SV
And after receiving the statistical analysis report sent by the control center CC, the SV of the supervision institution performs decryption and post-processing work. The supervisory authority SV visualizes the decrypted mean value (ratio). If the statistical data (e.g., mean) is itself a fractional number, decryption will result in a meaningless large number. Therefore, in post-processing, an improved extended euclidean algorithm is introduced to perform reduction to obtain an approximation of the fractional number. The supervision authority SV specifically executes the following steps:
step A: the control center CC first verifies the validity of the signature received with the statistical report. SV calculation (r' x,CC ,r′ y,CC )=G/(sig CC ·H(c 1,mean ||…||c l,mean ||c 1,qmean ||…||c l,qmean ||c 1,wmean ||…||c l,wmean ||c rat,cnt ||TS||ID CC )+pk CC /sig CC ·r x,CC SV passes verification of r' x,CC mod q 1 =r x,i mod q 1 And judging the validity of the signature if the signature is established.
And B: after the signature verification is passed, the supervision agency SV executes Paillier decryption operation. SV calculation d ═ L (c) λ mod n 2 ) μ mod n, here
Figure BDA0003698592210000096
μ=(L(g λ mod n 2 )) -1 mod N. The decrypted mean value and abnormal device proportion of each dimension are still in a blinded and hidden state and are expressed as (d' 1,mean ,…,d′ l,mean ,d′ 1,qmean ,…,d′ l,qmean ,d′ 1,wmean ,…,d′ l,wmean ,d′ rat,cnt )。
And C: after decryption, the supervision authority SV performs a de-blinding operation. D' j,mean De-blinding is exemplified by SV calculation d j,mean =αd′ j,mean . After de-blinding, the mean value of each dimension and the abnormal equipment ratio are expressed as (d) 1,mean ,…,d l,mean ,d 1,qmean ,…,d l,qmean ,d 1,wmean ,…,d l,wmean ,d rat,cnt )。
Step D: and carrying out the expansion Euclidean reduction on the decrypted average value, and converting the average value into a correct floating point number. The reduction algorithm as described in table 1 was performed:
Figure BDA0003698592210000101
the reduced mean value is expressed as (D) 1,mean ,…,D l,mean ,D 1,qmean ,…,D l,qmean ,D 1,wmean ,…,D l,wmean ,D rat,cnt )。
Step D: and calculating quadratic mean and variance. CC calculation of quadratic mean values in different dimensions
Figure BDA0003698592210000102
Calculating the variance D in different dimensions j,var =D j,qmean -(D j,mean ) 2
Example two:
the embodiment aims to provide a ciphertext data statistical analysis method supporting privacy protection.
A ciphertext data statistical analysis method supporting privacy protection is based on the ciphertext data statistical analysis system supporting privacy protection, and comprises the following steps:
the trusted authorization center generates independent public keys and private keys for the sensor equipment, the edge aggregator, the control center and the monitoring authority;
the sensor equipment performs basic preprocessing on the acquired data, encrypts the data through a homomorphic encryption algorithm, generates a digital signature of the sensor equipment by using a digital signature algorithm based on the ID of the sensor equipment to form a ciphertext data report, and sends the ciphertext data report to an edge aggregator;
the edge aggregator receives a ciphertext data report of the sensor equipment in a preset area, and performs preset operation processing on encrypted data in the ciphertext data report; meanwhile, the equipment number of the current area is subjected to blinding processing based on a blinding number from a supervision mechanism, a ciphertext data report is formed based on the data subjected to the preset operation processing and the digital signature of the edge aggregator, and the ciphertext data report is sent to a control center;
the control center receives the ciphertext data report from the edge aggregator and performs preset operation processing on the encrypted data in the ciphertext data report; based on the processed encrypted data and the digital signature of the control center, a ciphertext data report is formed and sent to a supervision organization;
and the supervision mechanism receives the ciphertext data report from the control center, decrypts and de-blinds the ciphertext data, and obtains a statistical analysis result.
Further, the method of this embodiment is based on the system described in the first embodiment, and the technical details thereof have been described in detail in the first embodiment, so that details are not repeated herein.
The cryptograph data statistical analysis system and the cryptograph data statistical analysis method supporting privacy protection can be achieved, and have wide application prospects.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims (10)

1. A ciphertext data statistics analysis system that supports privacy protection, comprising:
a trusted authority for generating independent public and private keys for the sensor device, the edge aggregator, the control center, and the regulatory body;
the sensor equipment is used for performing basic preprocessing on the acquired data, encrypting the data through a homomorphic encryption algorithm, generating a digital signature of the sensor equipment by using a digital signature algorithm based on the ID of the sensor equipment to form a ciphertext data report, and sending the ciphertext data report to the edge aggregator;
the edge aggregator is used for receiving ciphertext data reports of the sensor equipment in the preset area and performing preset operation processing on encrypted data in the ciphertext data reports; meanwhile, the equipment number of the current area is subjected to blinding processing based on a blinding number from a supervision mechanism, a ciphertext data report is formed based on the data subjected to the preset operation processing and the digital signature of the edge aggregator, and the ciphertext data report is sent to a control center;
the control center is used for receiving the ciphertext data report from the edge aggregator and carrying out preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and a digital signature of a control center, and sending the ciphertext data report to a supervision agency;
and the monitoring mechanism is used for receiving the ciphertext data report from the control center, carrying out decryption processing and de-blinding processing on the ciphertext data and obtaining a statistical analysis result.
2. The system for statistical analysis of ciphertext data supporting privacy protection as claimed in claim 1, wherein the edge aggregator, after receiving the ciphertext data report of the sensor device in the preset area, specifically performs the following operations: verifying the validity of the signature of the ciphertext data report; for the ciphertext data report passing the verification, performing preset operation on the ciphertext data; and generating a digital signature of the edge aggregator based on the edge aggregator ID; and forming a ciphertext data report based on the data subjected to the aggregation operation and the digital signature, and sending the ciphertext data report to a control center.
3. The system for statistically analyzing ciphertext data supporting privacy protection as claimed in claim 1, wherein the trusted authority is further configured to: and generating an encryption public key and a decryption private key of a homomorphic encryption algorithm and a signature public key and a signature private key of a digital signature algorithm according to preset safety parameters, and distributing the keys based on preset rules.
4. The system for statistically analyzing ciphertext data supporting privacy protection as claimed in claim 1, wherein the distribution of the key specifically comprises: the trusted authorization center encrypts the public key pk through a preset security channel AHE And the signature private key sk DS,i Distributing to sensor equipment; will encrypt the public key pk AHE The signature private key sk DS,EA And a signature public key pk DS,i Sending the data to an edge aggregator; will encrypt the public key pk AHE Signed private key sk DS,CC And a signature public key pk DS,EA Sending the data to a control center; will decrypt the private key sk AHE (p, q, λ) and a public signature verification key pk DS,CC And sending the information to a supervision agency.
5. The system for statistically analyzing ciphertext data supporting privacy protection as claimed in claim 1, wherein the number of devices in the current area is blinded based on the blinded number from the monitoring authority, and is specifically processed by using the following formula:
m′ k =αm kk
wherein m' k Number of devices after blinding, m k Alpha and beta are actual number of devices k Together forming the pair of blinded numbers.
6. The system for statistically analyzing ciphertext data supporting privacy protection as claimed in claim 1, wherein the digital signature is generated by: and generating a digital signature corresponding to the equipment through a digital signature algorithm based on the equipment ID identification.
7. The ciphertext data statistical analysis system in support of privacy protection as claimed in claim 6, wherein the homomorphic encryption algorithm includes but is not limited to Paillier homomorphic encryption algorithm and the digital signature algorithm includes but is not limited to ECDSA digital signature algorithm.
8. The ciphertext data statistical analysis system supporting privacy protection of claim 1, wherein the predetermined operations include a summation operation, an arithmetic mean, a quadratic mean, a weighted mean, a variance, a number of data anomalies, and a data anomaly percentage.
9. The system for statistical analysis of ciphertext data supporting privacy protection as claimed in claim 1, wherein the basic preprocessing comprises representing the collected data as data vectors, square perceptual data vectors, weighted perceptual data vectors and determining whether the data is abnormal.
10. A ciphertext data statistical analysis method supporting privacy protection, which is based on the ciphertext data statistical analysis system supporting privacy protection as claimed in any one of claims 1-9, and comprises:
the trusted authorization center generates independent public keys and private keys for the sensor equipment, the edge aggregator, the control center and the monitoring authority;
the sensor equipment performs basic preprocessing on the acquired data, encrypts the data through a homomorphic encryption algorithm, generates a digital signature of the sensor equipment by using a digital signature algorithm based on the ID of the sensor equipment to form a ciphertext data report, and sends the ciphertext data report to an edge aggregator;
the edge aggregator receives a ciphertext data report of the sensor equipment in a preset area, and performs preset operation processing on encrypted data in the ciphertext data report; meanwhile, the equipment number of the current area is subjected to blinding processing based on a blinding number from a supervision mechanism, a ciphertext data report is formed based on the data subjected to the preset operation processing and the digital signature of the edge aggregator, and the ciphertext data report is sent to a control center;
the control center receives the ciphertext data report from the edge aggregator and performs preset operation processing on the encrypted data in the ciphertext data report; based on the processed encrypted data and the digital signature of the control center, a ciphertext data report is formed and sent to a supervision organization;
and the supervision mechanism receives the ciphertext data report from the control center, decrypts and de-blinds the ciphertext data, and obtains a statistical analysis result.
CN202210681492.XA 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection Active CN114866222B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210681492.XA CN114866222B (en) 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210681492.XA CN114866222B (en) 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection

Publications (2)

Publication Number Publication Date
CN114866222A true CN114866222A (en) 2022-08-05
CN114866222B CN114866222B (en) 2024-03-15

Family

ID=82624644

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210681492.XA Active CN114866222B (en) 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection

Country Status (1)

Country Link
CN (1) CN114866222B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115271733A (en) * 2022-09-28 2022-11-01 深圳市迪博企业风险管理技术有限公司 Privacy-protecting block chain transaction data anomaly detection method and equipment
CN115549993A (en) * 2022-09-19 2022-12-30 山东大学 Multi-task cost evaluation method and system based on graph path secret calculation
CN115834064A (en) * 2023-02-23 2023-03-21 北京中电普华信息技术有限公司 Secure multi-party computing method, device, system, equipment and storage medium
CN115879139A (en) * 2023-03-08 2023-03-31 四川边缘算力科技有限公司 User data management method based on edge calculation
CN117439731A (en) * 2023-12-21 2024-01-23 山东大学 Privacy protection big data principal component analysis method and system based on homomorphic encryption

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366A (en) * 2020-05-13 2020-06-16 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111931249A (en) * 2020-09-22 2020-11-13 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366A (en) * 2020-05-13 2020-06-16 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111931249A (en) * 2020-09-22 2020-11-13 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MOHSIN SHAH.ET: ""Paillier Cryptosystem based Mean Value Computation for Encrypted Domain Image Processing Operations"", 《ACM》, 30 September 2019 (2019-09-30) *
PING ZHANG.ET: ""Multi-functional secure data aggregation schemes for WSNs"", 《ELSEVIER》, 8 November 2017 (2017-11-08) *
YUNTING TAO.ET: ""EPPSA: Efficient Privacy-Preserving Statistical Aggregation Scheme for Edge Computing-Enhanced Wireless Sensor Networks"", 《THEORY AND ENGINEERING PRACTICE FOR SECURITY AND PRIVACY OF EDGE COMPUTING 2021》, 2 May 2022 (2022-05-02) *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115549993A (en) * 2022-09-19 2022-12-30 山东大学 Multi-task cost evaluation method and system based on graph path secret calculation
CN115549993B (en) * 2022-09-19 2024-04-26 山东大学 Multitasking cost evaluation method and system based on graph path dense state calculation
CN115271733A (en) * 2022-09-28 2022-11-01 深圳市迪博企业风险管理技术有限公司 Privacy-protecting block chain transaction data anomaly detection method and equipment
CN115271733B (en) * 2022-09-28 2022-12-13 深圳市迪博企业风险管理技术有限公司 Privacy-protected block chain transaction data anomaly detection method and equipment
CN115834064A (en) * 2023-02-23 2023-03-21 北京中电普华信息技术有限公司 Secure multi-party computing method, device, system, equipment and storage medium
CN115834064B (en) * 2023-02-23 2023-04-14 北京中电普华信息技术有限公司 Secure multi-party computing method, device, system, equipment and storage medium
CN115879139A (en) * 2023-03-08 2023-03-31 四川边缘算力科技有限公司 User data management method based on edge calculation
CN117439731A (en) * 2023-12-21 2024-01-23 山东大学 Privacy protection big data principal component analysis method and system based on homomorphic encryption
CN117439731B (en) * 2023-12-21 2024-03-12 山东大学 Privacy protection big data principal component analysis method and system based on homomorphic encryption

Also Published As

Publication number Publication date
CN114866222B (en) 2024-03-15

Similar Documents

Publication Publication Date Title
CN114866222B (en) Ciphertext data statistical analysis system and method supporting privacy protection
Ferrag et al. Cyber security for fog-based smart grid SCADA systems: Solutions and challenges
Liu et al. Cyber security and privacy issues in smart grids
CN105812128B (en) A kind of anti-malicious data of intelligent grid excavates the data aggregation method of attack
Wang et al. An efficient privacy‐preserving aggregation and billing protocol for smart grid
CN103118363B (en) A kind of method of mutual biography secret information, system, terminal unit and platform device
Beaver et al. Key management for SCADA
CN110308691A (en) A kind of multidimensional data polymerization of ubiquitous electric power Internet of Things and access control method
AI et al. Privacy-preserving Of Electricity Data Based On Group Signature And Homomorphic Encryption
CN110830514A (en) Detection method for collusion-based false data injection attack of smart power grid
Ge et al. FGDA: Fine-grained data analysis in privacy-preserving smart grid communications
Wen et al. State estimation based energy theft detection scheme with privacy preservation in smart grid
CN108400862A (en) A kind of intelligent power trusted end-user data fusion encryption method
CN111726346B (en) Data secure transmission method, device and system
Hasan et al. Encryption as a service for smart grid advanced metering infrastructure
CN111294793A (en) Data privacy protection method for identity authentication in wireless sensor network
Qian et al. A trusted-ID referenced key scheme for securing SCADA communication in iron and steel plants
Zhang et al. Antiquantum privacy protection scheme in advanced metering infrastructure of smart grid based on consortium blockchain and rlwe
Rottondi et al. A protocol for metering data pseudonymization in smart grids
CN108964894B (en) Power grid electricity stealing detection method based on state estimation and with privacy protection
Oh et al. A secure data processing system in edge computing-powered AIoT
Zhang et al. Privacy-aware data collection and aggregation in IoT enabled fog computing
Ma et al. Edge computing assisted an efficient privacy protection layered data aggregation scheme for IIoT
CN107426176B (en) Safe underwater transmission method supporting confusion and zero knowledge
Keoh et al. Towards secure end-to-end data aggregation in AMI through delayed-integrity-verification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant