CN102594820B - Secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things - Google Patents

Abstract

The diversification of information acquisition terminals in an internet of things causes easy leakage of private information of a user, and the privacy of an evaluator and an evaluated person face serious threat, therefore, the protection of the privacy of evaluation parties becomes an urgent problem in online evaluation of the internet of things. In order to solve the problem, the invention provides a secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things. The method has the beneficial effects that since the authentication of the identity of the evaluated person is carried out by using an identity authentication protocol and simultaneously the encryption and decryption processes of evaluation questionnaires are properly controlled, the security of evaluation is further ensured; since a high-efficiency secure multi-party computation is applied in the design of a secure evaluation system, the secure scoring and ranking of a trusted third party is not needed, the intervention of an evaluation mechanism is reduced, and the privacy of evaluation is guaranteed; and by use of the method for separated storage of evaluation data in an evaluation result data and an evaluated person database, on the basis of secure multi-party summing and scoring, the personal privacy of the evaluator and the evaluated person is protected.

Description

Secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things

Technical field

The implementation method of protecting test and appraisal person and measured person both sides' privacy information to be inviolable while the present invention relates to the test and appraisal of network in Internet of Things, belongs to the crossing domain of Internet of Things and information security technology.

Background technology

Internet of Things is on the basis of computer internet, by information sensing equipment such as radio-frequency (RF) identification (RFID), infrared inductor, global positioning system, laser scanners, by the agreement of agreement, any article and the Internet are coupled together, carry out information exchange and communication, to realize a kind of network of intelligent identification, location, tracking, monitoring and management.The appearance of Internet of Things brings concrete and deep variation to modern society, and its application relates to the various aspects of people's daily life.Therefore in future, the information acquisition terminals such as RFID RFID tag and wireless sensing equipment will be distributed widely in our daily life and work.

Extensive appearance along with Internet of Things application scenarios, embeds by RFID chip the test on line that multi-form input terminal is realized Internet of Things, and this intelligentized test and appraisal mode will become people's participate in testing and assessing main path of questionnaire.For the test and appraisal problem of Internet of Things, on the one hand, each test and appraisal person wishes that the test and appraisal questionnaire of oneself is kept absolutely secret, and does not wish that anyone spies upon the test and appraisal questionnaire of oneself by any way; Meanwhile, measured person does not wish that other people see the test and appraisal details of oneself yet, and their privacy of oneself that all needs protection, in order to avoid cause adverse influence to oneself.On the other hand, due to the variation of input terminal, Internet of Things test on line is more easily under attack than common papery test and appraisal and existing test on line, is also more easily handled.Therefore want protection test and appraisal both sides' privacy information, confirm test and appraisal person identity, avoid that test and appraisal person repeatedly tests and assesses, to carry out the aspects such as mark calculating be very important to secret, simultaneously also should simple and effective, just there is practical value.The present invention proposes a kind of solution for the test on line Privacy Protection based on Internet of Things.

From application point, the Privacy Protection of Internet of Things test on line is mainly present in the following aspects:

The first, due to the extensive use of Internet of Things sensing equipment and RFID radio frequency identification equipment, make people carry out the mode of data acquisition and data processing more diversified.In the test on line based on scenes of internet of things, relate to calculating and the processing of a lot of test and appraisal persons and measured person's sensitive data.Such as: because using different data entry terminal (such as equipment such as computer, mobile phone, PDA), test and appraisal person tests and assesses, input terminal is all equipped with the RFID label of storage test and appraisal person identity information, strict authentication is carried out to test and appraisal person's identity in this center of just need to testing and assessing, and avoids malicious attacker stealing and destroying these sensitive datas.When test and appraisal, also need to stop test and appraisal person as far as possible and repeatedly participate in test and appraisal simultaneously, guarantee the fairness of test and appraisal.This be Internet of Things test on line the problem that must pay attention to.

The present invention is directed to first problem, the diversity of image data terminal, has added Identity verification protocol pre-authentication process, and test and appraisal person issues certificate of certification by authentication center, and contrast registration information database is carried out authentication.Use this agreement can check out easily illegal test and appraisal person, guarantee carrying out smoothly of test and appraisal process.When this Identity verification protocol carries out the authentication of test and appraisal person's identity, malicious attacker can not prove identity by identification protocol, so it cannot construct invalid test and appraisal questionnaire, disturbs normally carrying out of test and appraisal.Meanwhile, after the test and appraisal data of encrypting, add suffix character string and judge whether test and appraisal person repeats test and appraisal, stop same test and appraisal person repeatedly to participate in test and appraisal.

Second, because each input terminal in Internet of Things all will participate in intelligent computation, Internet of Things test on line system by gather test and appraisal person's identity information stage, authentication test and appraisal person's identity stage, test and appraisal person test and assess the stage, collect test and appraisal questionnaire, evaluating result calculation stages forms, every one-phase should be realized its function by corresponding security protocol.Internet of Things test on line is exactly that the problem that test and appraisal questionnaire is proposed is answered, and then carries out the process of computing.Each test and appraisal person and measured person have the right to obtain the ranking of last test and appraisal; but cannot learn again the test and appraisal questionnaire that other people are concrete; protect the private information of oneself to be inviolable, so the gross score of test and appraisal questionnaire calculates, by becoming test on line secret protection, be worth the problem of important research.

Consider above Second Problem, the present invention proposes a kind of in without the third-party situation of safety Secure calculate the method solve obtain finally testing and assessing mark and rank.The mark that the Secure Multi-party Computation Protocols of without TTP is applied to test on line questionnaire calculates, once test and appraisal finish, any test and appraisal person can score, and can obtain evaluating result.Compare score scheme in the past, this scheme has strict fairness, and single test and appraisal person does not cooperate with other test and appraisal person, all cannot score in advance.All test and appraisal persons jointly participate in secure sum and add up mark, if the result that the test and appraisal person of one of existence or minority announces is different from the result that most test and appraisal persons obtain, can illustrate that these test and appraisal persons are dishonest.Efficient Secure Multi-party Computation Protocols is applied to the design of security evaluation system, realizes the secret security score rank of testing and assessing and not needing trusted third party, reduce the intervention of test and appraisal mechanism, guaranteed the privacy of test and appraisal.

The 3rd, during people need to test and assess, suitably protect the privacy of oneself on the net, but can correctly receive the end product of test and appraisal again.For example: in teaching test and appraisal, on the one hand, student, when teaching own teacher and carry out test on line, had both wanted to see the overall test and appraisal rank of all classmates to teacher, did not want again to allow other classmates see oneself concrete evaluation to teacher; On the other hand, teacher wishes to see that student, to the concrete evaluation of oneself and the final ranking of oneself, can not see again other teachers' test and appraisal questionnaire and student's identity information.In epoch at the various application high speed developments of Internet of Things, the suitable protection of privacy information is become to problem demanding prompt solution.

For the 3rd above problem, the present invention uses the evaluating result data method of depositing test and appraisal data separated with measured person's database, on the basis of scoring at the secure sum of Second Problem, each test and appraisal person's evaluating result database can obtain last mark and rank, and filter out test and appraisal person's identity information, this result is sent in measured person's database, and measured person can check end product and about oneself test and appraisal details.Meanwhile, each test and appraisal person can read each measured person's total points numerical value and last rank from own corresponding RFID label, but cannot extract other test and appraisal persons' concrete test and appraisal questionnaire, thereby has protected test and appraisal person's individual privacy.

Summary of the invention

Technical problem: object of the present invention is mainly for the Privacy Protection of Internet of Things test on line; a kind of secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things is proposed; when obtaining correct evaluating result, suitably protect test and appraisal person and measured person's privacy information not revealed.

Technical scheme:

The several definition of given first:

The test on line of Internet of Things: due to the extensive use of Internet of Things sensing equipment and RFID radio frequency identification equipment, make people carry out the mode of data acquisition and data processing more diversified.The test on line of Internet of Things, as the intellectualizing system of common test on line, will become people's participate in testing and assessing main path of questionnaire.Because using different data entry terminal (such as equipment such as computer, mobile phone, PDA), user tests and assesses, input terminal is all equipped with the RFID label of storage subscriber identity information, and test and appraisal center only needs the RFID label in Gather and input terminal can obtain user's identity information.

Test and appraisal person: participate in filling in the crowd of test and appraisal questionnaire, the importer of the data of testing and assessing.For example: in teaching test and appraisal, the student who participates in test and appraisal is exactly test and appraisal person, they enter evaluation system the filling in of questionnaire of testing and assessing by various data terminals, finally can obtain by data terminal the end product of test and appraisal.

Measured person: the test and appraisal object relating on test and appraisal questionnaire, is measured person.For example: in teaching test and appraisal, measured teacher is exactly said measured person here.Student, by filling in relevant test and appraisal questionnaire, tests and assesses to teacher, and teacher can see last test and appraisal rank and the concrete test and appraisal questionnaire of every portion of oneself, but can't see student's identity information and other teachers' test and appraisal questionnaire.

Identity authentication protocol: the trusted party TA (Trusted Authority) of this agreement by an authentication is for user issues certificate, and user Prover (P) can, effectively to the identity of Verifer (V) checking oneself, be described below:

First produce environmental parameter.Choose two large prime number p and q, then select a (a ≠ 1), and a meets a ^q=1 (modp), the security signature of TA and verification algorithm are counted respectively Sign _tAand Ver _tA.

Certificate authority process is as follows:

1) user P selects a random number r, calculates v=a ^r(modp), to TA, provide oneself identity ID and v;

2) TA is to (ID, v) signature s=Sign _tA(ID, v), TA issues certificate C (A)=(ID (A), v, s) to P;

User P proves the process of identity to verifier V:

3) P transmission C (A)=(ID (A), v, s) and v are to V;

4) the verification algorithm Ver of TA for V _tAthe correctness of checking C (A);

5) V selects a number e, 1≤e≤2 at random ^t(t is security parameter), and send to P;

6) P calculates y=(v+ae) (mod q), o=a ^-1(modp), and by y and o send to V;

7) V judgement equation v=a ^yo ^rmodp, if set up, is proved to be successful; Otherwise authentication failed.

Secure sum score agreement: hypothesis has n user to participate in read group total here, each user has the private data of oneself, they wish jointly to calculate a result, the information of the privately owned input of oneself but any one user is unwilling to reveal to other users.Secure sum score agreement is the participant of one group of mutual mistrust of research, they provide the input of some secrets, wish to calculate safely a summing function, each participant wants to obtain correct result of calculation, each participant's input is simultaneously maintained secrecy, and a participant cannot learn another participant's input.

Method flow

The method for secret protection that secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things is used identity authentication protocol and Secure to calculate; when obtaining correct evaluating result; protection test and appraisal person and measured person's privacy information is not revealed, and concrete flow process is as follows:

Step 1) without loss of generality, suppose to have a n test and appraisal person, these test and appraisal persons use different test and appraisal terminals to carry out test on line in Internet of Things, and they are by its identify label S _ibe stored in the RFID tag RFID that its terminal has, when test and appraisal person uses test and appraisal terminal to test and assess, login system is the RFID label of automatic sensing user terminal, and extracts its identify label S _iauthenticate, i=1,2 ..., n;

Step 2) login system is used the certificate authority agreement in identity authentication protocol to complete verification process, and system is to S _iselect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iissue together authentication center, authentication center is to S _iprovide identity signing certificate C (A);

Step 3) S _iend is to v value and identity signing certificate C (A) in registration information database forwarding step 2, and registration information database, by contrast test and appraisal person information database, is used proof procedure approval v and the C (A) of identity authentication protocol, agrees to S _ifurther Data Enter;

Step 4) test and appraisal person S _ito m measured person T _jtest and assess, j=1,2 ..., m, uses w _ijrepresent test and appraisal person S _ito measured person T _jevaluating result, simultaneously registration information database provides each test and appraisal person S to test and appraisal database hub _ichecking data y _ihash operation value H (y _i) and the encryption key x of evaluating result _ijhash operation value H (x _ij);

Step 5) in order to strengthen the confidentiality of test and appraisal process and the appearance of the phenomenon of stopping to repeat to test and assess, need to be to evaluating result w _ijbe encrypted operation; Test and appraisal end S _isend E (w _ij, H (x _ij)) || H (y _i) give test and appraisal database hub, " E " is cryptographic algorithm here, " || " is attended operation; Registration information database can be verified each test and appraisal person's H (y in time _i) whether legal or repeat, prevent illegal person's destruction and the person's of participating in evaluation and electing the test and appraisal that repeat, if there is repetition, be not counted in test and appraisal database;

Step 6) content that test and appraisal database hub sends test and appraisal end passes to measured person T _jdatabase, filter out test and appraisal person's identity information, each measured person's database receives the decrypted private key that registration information database sends, and deciphers allly by the test and appraisal data of checking, obtains test and appraisal person S _ito measured person T _jevaluating result w _ij, and send it to mark computer center;

Step 7) mark computer center is to measured person T _jevaluating result w _ijcorresponding mark carries out summation operation, obtains test and appraisal person S _ito measured person T _jmark G _ij;

Step 8) by the G obtaining in step 7 _ijbe converted into k position binary sequence form, each test and appraisal person's evaluating result is expressed as G _i1g _i2... G _im; Wherein each measured person's mark connects storage, and these results are kept to evaluating result database D _iin;

Step 9) by binary sequence G _i1g _i2... G _imbe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _it, t=1,2 .., n, makes utilize safe lane by P _itsend to other n-1 evaluating result database D _t, t ≠ i; D _iat the P that receives all the other n-1 evaluating result databases _tiafterwards, utilize mark computer center to calculate and formula

Step 10) D _iby the summed result P ' of oneself _ibe broadcast to remaining n-1 evaluating result database; Each D _iafter receiving the data of all the other n-1 evaluating result databases, mark computer center is calculated it respectively, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) according to step 10, obtain test and appraisal person S _itest and appraisal achievement sum M to all measured persons _i, S _icorresponding evaluating result database D _iby M _isend to remaining n-1 evaluating result database; Each D _iall obtain all test and appraisal persons' test and appraisal achievement sum M _i;

Step 12) each evaluating result database D _imore all M _ithe size of value, by M _ibe worth identical S _ideposit in the middle of same set, then compare the element number of each set, draw the set that element number is maximum, S in this set _icorresponding M value is this D _iin final test and appraisal mark sum;

Step 13) D _iconvert decimal number M to binary number, then every k position intercepts M, can obtain respectively all test and appraisal persons to each measured person T _jlast overall score.According to last overall score, obtain each measured person T _jlast test and appraisal rank, and this rank and last overall score are sent in all measured person's databases.In measured person's database use step 12, compare M _ithe method that draws M value is tried to achieve the last mark of measured person and rank, and stores;

Step 14) test and appraisal person logins evaluation system by authentication, from own corresponding RFID tag RFID, read each measured person's total points numerical value and last rank, but cannot extract other test and appraisal persons' concrete test and appraisal questionnaire, protect test and appraisal person's individual privacy;

Step 15) measured person is equally by authentication login system; check measured person's database; can see oneself test and appraisal final ranking and the overall merit of each test and appraisal person to oneself; and cannot see test and appraisal person's identity information and other measured persons' evaluating result; same; other measured persons also can't see his evaluating result, have further protected measured person's individual privacy.

Beneficial effect: the present invention proposes a kind of secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things, the method tool has the following advantages:

(1) by using Identity verification protocol to carry out the authentication of test and appraisal person's identity, make malicious attacker by Identity verification protocol, not authenticate the identity of oneself, cannot construct invalid test and appraisal questionnaire and disturb normally carrying out of test and appraisal.Meanwhile, after the test and appraisal data of encrypting, add suffix character string and judge whether test and appraisal person repeats test and appraisal, stop same test and appraisal person repeatedly to participate in test and appraisal, further guaranteed the fail safe of test and appraisal.

(2) the present invention is calculated and is solved last mark and the rank that obtains test and appraisal by the Secure without in safe third party's situation, has strict fairness.Single test and appraisal person does not cooperate with other test and appraisal person, cannot score in advance.Efficient Secure Multi-party Computation Protocols is applied to the design of security evaluation system, all test and appraisal persons jointly participate in Secure and sue for peace and add up mark, realize the secret security score rank of testing and assessing and not needing trusted third party, reduce the intervention of test and appraisal mechanism, guaranteed the privacy of test and appraisal.

(3) the present invention uses the evaluating result data method of depositing test and appraisal data separated with measured person's database, on the basis of secure sum score, filter out test and appraisal person's identity information, make measured person can check end product and the test and appraisal details of oneself, but can't see other measured persons' test and appraisal questionnaire.Test and appraisal person can read from the RFID of oneself measured person's gross score rank, but cannot extract other test and appraisal persons' concrete test and appraisal questionnaire, has protected test and appraisal person's individual privacy.

Accompanying drawing explanation

The test on line model framework of Fig. 1 based on Internet of Things,

The test on line data acquisition figure of Fig. 2 based on Internet of Things,

The storage of Fig. 3 evaluating result and data transform exemplary plot,

Fig. 4 transmits matrix diagram,

The Secure score summation flow chart of Fig. 5 based on test and appraisal scene.

Embodiment

The flow process of the secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things can be described below:

This scheme forms by participating in these set entities of test and appraisal person, authentication center, registration information database, test and appraisal database hub, evaluating result database, mark computer center and measured person's database, specifically as shown in Figure 1:

Step 1) without loss of generality, suppose to have a n test and appraisal person (n is positive integer), these test and appraisal persons use different test and appraisal terminals to carry out test on line in Internet of Things, and they are by its identify label S _ibe stored in the RFID tag RFID that its terminal has.Test and appraisal person, use test and appraisal terminal while testing and assessing, login system is the RFID label (as shown in Figure 2) of automatic sensing user terminal, and extracts its identify label S _iauthenticate, i=1,2 ..., n.

Step 2) login system is used the certificate authority agreement in identity authentication protocol to complete verification process, and system is to S _iselect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iissue together authentication center, authentication center is to S _iprovide identity signing certificate C (A).

Step 3) S _ito v value and the identity signing certificate C (A) in registration information database forwarding step 2, registration information database, by contrast test and appraisal person information database, is used proof procedure approval v and the C (A) of identity authentication protocol, agrees to S _ifurther Data Enter.

Step 4) test and appraisal person S _ito m measured person T _jtest and assess, j=1,2 ..., m.Use w _ijrepresent test and appraisal person S _ito measured person T _jevaluating result, simultaneously registration information database provides each test and appraisal person S to test and appraisal database hub _ichecking data y _ihash operation value H (y _i) and the encryption key x of evaluating result _ijhash operation value H (x _ij).

Step 5) in order to strengthen the confidentiality of test and appraisal process and the appearance of the phenomenon of stopping to repeat to test and assess, need to be to evaluating result w _ijbe encrypted operation.Test and appraisal end S _isend E (w _ij, H (x _ij)) || H (y _i) give test and appraisal database hub, " E " is cryptographic algorithm here, " || " is attended operation.Registration information database can be verified each test and appraisal person's H (y in time _i) whether legal or repeat, prevent illegal person's destruction and the person's of participating in evaluation and electing the test and appraisal that repeat, if there is repetition, be not counted in test and appraisal database.

Step 6) content that test and appraisal database hub sends test and appraisal end passes to measured person T _jdatabase, filter out test and appraisal person's identity information, each measured person's database receives the decrypted private key that registration information database sends, and deciphers allly by the test and appraisal data of checking, obtains test and appraisal person S _ito measured person T _jevaluating result w _ij, and send it to mark computer center.

Step 7) mark computer center is to measured person T _jevaluating result w _ijcorresponding mark carries out summation operation, obtains test and appraisal person S _ito measured person T _jmark G _ij.

Step 8) by the G obtaining in step 7 _ijbe converted into k position binary sequence form, each test and appraisal person's evaluating result is expressed as G as shown in Figure 3 _i1g _i2... G _im; Wherein each measured person's mark connects storage, and these results are kept to evaluating result database D _iin.

Step 9) by binary sequence G _i1g _i2... G _imbe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _it, t=1,2 ..., n, makes utilize safe lane by P _itsend to other n-1 evaluating result database D _t, t ≠ i.D _iat the P that receives all the other n-1 evaluating result databases _tiafterwards, utilize mark computer center to calculate and formula

Its process can be with transmitting matrix notation, as shown in Figure 4, and i line display D wherein _ithe data that send, i row represent D _ithe data (1≤i≤n) that receive.

Step 10) D _iby the summed result P ' of oneself _ibe broadcast to remaining n-1 evaluating result database.Each D _iafter receiving the data of all the other n-1 evaluating result databases, mark computer center is calculated it respectively, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) according to step 10, obtain test and appraisal person S _itest and appraisal achievement sum M to all measured persons _i, S _icorresponding evaluating result database D _iby M _isend to n-1 evaluating result database; Each D _iall obtain all test and appraisal persons' test and appraisal achievement sum M _i.

Step 12) each evaluating result database D _imore all M _ithe size of value, by M _ibe worth identical S _ideposit in the middle of same set.Then compare the element number of each set, draw the set that element number is maximum, S in this set _icorresponding M value is this D _iin final test and appraisal achievement sum.

Step 13) D _iconvert decimal number M to binary number, then every k position intercepts M, can obtain respectively all test and appraisal persons to each measured person T _jlast overall score.According to last overall score, obtain each measured person T _jlast test and appraisal rank, and this rank and last overall score are sent in all measured person's databases.In measured person's database use step 12, compare M _ithe method that draws M value is tried to achieve the last mark of measured person and rank, and stores.The flow process of more than scoring as shown in Figure 5.

Step 14) test and appraisal person logins evaluation system by authentication; from own corresponding RFID tag RFID, read each measured person's total points numerical value and last rank; but cannot extract other test and appraisal persons' concrete test and appraisal questionnaire, protect test and appraisal person's individual privacy.

Step 15) measured person is equally by authentication login system, check measured person's database, oneself test and appraisal final ranking and the overall merit of each test and appraisal person to oneself can be seen, and test and appraisal person's identity information and other measured persons' evaluating result cannot be seen.Same, other measured persons also can't see his evaluating result, have further protected measured person's individual privacy.

The teacher test and appraisal of certain all course of institute of take are example, in term Mo, the student of school organization tests and assesses to the teacher of oneself on the net, does the enrollment status that the front evaluation system of test and appraisal need to authenticate student, to guarantee what each teacher was tested and assessed by the own student who is taught.

Input: suppose that test and appraisal questionnaire has 10 problem Q ₁, Q ₂..., Q ₁₀describe with 1 overall merit to teacher, total points is 100 minutes, each problem has in good and differs from four evaluation ranks, the corresponding corresponding test and appraisal mark of each grade, 10 minutes, 8 minutes, 6 minutes and 4 minutes, every part of questionnaire can obtain a last test and appraisal gross score, and test and appraisal questionnaire is tested and assessed after terminal is filled in and is delivered to test and appraisal database hub by student.

Export: each student can see the teacher's of each section gross score and final ranking, still cannot know other students' concrete questionnaire content; Each teacher can see test and appraisal rank and the test and appraisal details of student to it of oneself, but can not see student's identity information and other teachers' test and appraisal details, to protect student and other teachers' that participate in evaluation and electing privacy information.

Step 1) suppose that n student uses different test and appraisal terminal (such as mobile phone, computer, PDA etc.) to carry out test on line in Internet of Things, they are by its identify label S _ibe stored in the RFID label that its terminal has, i=1,2 ..., n; RFID tag storage pupilage information, such as student number, name, institute etc.Student, use test and appraisal terminal while testing and assessing, login system is the RFID label of automatic sensing student terminal, and extracts its identify label S _iauthenticate.

Step 2) login system is used the certificate authority agreement in identity authentication protocol to complete verification process, and system is to S _iselect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iissue together authentication center, authentication center is to S _iprovide identity signing certificate C (A).

Step 3) S _iend is to v value and identity signing certificate C (A) in registration information database forwarding step 2.Registration information database is taught student's database by contrasting each teacher, use proof of identification process approval v and the C (A) of identity authentication protocol, agrees to S _ifurther Data Enter, assurance test and appraisal middle school student and teacher's correspondence.

Step 4) student S _ithe teacher T that has m professor oneself _jtest and assess, j=1,2 ..., m, answers corresponding 10 test and appraisal problem Q ₁, Q ₂..., Q ₁₀describe with 1 overall merit to teacher, use w _ijrepresent student S _ito teacher T _jevaluating result, simultaneously registration information database provides each student S to test and appraisal database hub _ichecking data y _ihash operation value H (y _i) and the encryption key x of evaluating result _ijhash operation value H (x _ij).

Step 5) in order to strengthen the confidentiality of test and appraisal process and the appearance of the phenomenon of stopping to repeat to test and assess, use md5 encryption algorithm to evaluating result w _ijbe encrypted operation.Student tests and assesses and holds S _isend E (w _ij, H (x _ij)) || H (y _i) give test and appraisal database hub, " E " is cryptographic algorithm here, " || " is attended operation.Registration information database can be verified each student's H (y in time _i) whether legal or repeat, prevent illegal person's destruction and the student's that participates in evaluation and electing the test and appraisal that repeat, if there is repetition, be not counted in test and appraisal database.

Step 6) content that test and appraisal database hub sends test and appraisal end passes to measured teacher T _jdatabase, filter out student's identity information.Each teacher's database is received the decrypted private key that registration information database sends, and deciphers all test and appraisal data of passing through checking, obtains each student S _ito teacher T _jevaluating result w _ij, and send it to mark computer center.

Step 7) mark computer center is to teacher T _jevaluating result w _ijthe mark of corresponding ten problems carries out summation operation, obtains student S _ito teacher T _jmark G _ij.

Step 8) by the G obtaining in step 7 _ijbe converted into k position binary sequence form, each student S _ievaluating result be expressed as G _i1g _i2... G _im.Wherein each teacher's mark connects storage, and these results are kept to evaluating result database D _iin.

Step 9) by binary sequence G _i1g _i2... G _imbe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _it, t=1,2 ..., n, makes utilize safe lane by P _itsend to other n-1 evaluating result database D _t, t ≠ i; D _iat the P that receives all the other n-1 evaluating result databases _tiafterwards, utilize mark computer center to calculate and formula

Step 10) D _iby the summed result P ' of oneself _ibe broadcast to remaining n-1 evaluating result database.Each D _iafter receiving the result of all the other n-1 evaluating result databases, mark computer center is calculated it respectively, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) according to step 10, obtain student S _itest and appraisal achievement sum M to all teachers _i, S _icorresponding evaluating result database D _iby M _isend to n-1 evaluating result database; Each D _iall obtain all teachers' test and appraisal achievement sum M _i.

Step 12) each evaluating result database D _imore all M _ithe size of value, by M _ibe worth identical S _ideposit in the middle of same set.Then compare the element number of each set, draw the set that element number is maximum, S in this set _icorresponding M value is this D _iin final test and appraisal mark sum.

Step 13) D _iconvert decimal number M to binary number, then every k position intercepts M, can obtain respectively all students to each teacher T _jlast overall score.According to last overall score, obtain each teacher T _jthe teaching last rank of testing and assessing, and this rank and last overall score are sent in all teacher database.In teacher database use step 12, compare M _ithe method that draws M value is tried to achieve the last mark of teacher and rank, and stores.

Step 14) student logins evaluation system by authentication, reads each teacher's total points numerical value and last rank, but cannot extract other students' concrete test and appraisal questionnaire from own corresponding RFID tag RFID, has protected student's individual privacy.

Step 15) teacher is equally by authentication login system, check the test and appraisal database of oneself, oneself the final ranking of teaching achievement and the overall merit of each student to oneself can be seen, and student's identity information and other teachers' evaluating result cannot be seen.Same, other teachers also can't see his evaluating result, have further protected student and teacher's individual privacy, are convenient to teacher and further improve teaching.

Claims (1)

1. the secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things; it is characterized in that the method for secret protection that uses identity authentication protocol and Secure to calculate; when obtaining correct evaluating result; protection test and appraisal person and measured person's privacy information is not revealed, and concrete flow process is as follows:

Step 1) without loss of generality, suppose to have a n test and appraisal person, these test and appraisal persons use different test and appraisal terminals to carry out test on line in Internet of Things, and they are by its identify label S _ibe stored in the RFID tag RFID that its terminal has, when test and appraisal person uses test and appraisal terminal to test and assess, login system is the RFID label of automatic sensing user terminal, and extracts its identify label S _iauthenticate, i=1,2 ..., n;

Step 2) login system is used the certificate authority agreement in identity authentication protocol to complete verification process, and system is to S _iselect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iissue together authentication center, authentication center is to S _iprovide identity signing certificate C (A); P and q are two large prime numbers, and a ≠ 1 and a meet a ^q=1 (modp),

Step 3) S _iend is to registration information database forwarding step 2) in v value and identity signing certificate C (A), registration information database, by contrast test and appraisal person information database, is used proof procedure approval v and the C (A) of identity authentication protocol, agrees to S _ifurther Data Enter;

Step 4) test and appraisal person S _ito m measured person T _jtest and assess, j=1,2 ..., m, uses w _ijrepresent test and appraisal person S _ito measured person T _jevaluating result, simultaneously registration information database provides each test and appraisal person S to test and appraisal database hub _ichecking data y _ihash operation value H (y _i) and the encryption key x of evaluating result _ijhash operation value H (x _ij);

Step 5) in order to strengthen the confidentiality of test and appraisal process and the appearance of the phenomenon of stopping to repeat to test and assess, need to be to evaluating result w _ijbe encrypted operation; Test and appraisal end S _isend E (w _ij, H (x _ij)) || H (y _i) give test and appraisal database hub, " E " is cryptographic algorithm here, " || " is attended operation; Registration information database can be verified each test and appraisal person's H (y in time _i) whether legal or repeat, prevent illegal person's destruction and the person's of participating in evaluation and electing the test and appraisal that repeat, if there is repetition, be not counted in test and appraisal database;

Step 6) content that test and appraisal database hub sends test and appraisal end passes to measured person T _jdatabase, filter out test and appraisal person's identity information, each measured person's database receives the decrypted private key that registration information database sends, and deciphers allly by the test and appraisal data of checking, obtains test and appraisal person S _ito measured person T _jevaluating result w _ij, and send it to mark computer center;

Step 7) mark computer center is to measured person T _jevaluating result w _ijcorresponding mark carries out summation operation, obtains test and appraisal person S _ito measured person T _jmark G _ij;

Step 8) by step 7) in the G that obtains _ijbe converted into k position binary sequence form, each measured person's evaluating result is expressed as G _i1g _i2... G _im; Wherein each measured person's mark connects storage, and these results are kept to evaluating result database D _iin;

Step 9) by binary sequence G _i1g _i2... G _imbe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _it, t=1,2 .., n, makes utilize safe lane by P _itsend to other n-1 evaluating result database D _t, t ≠ i; D _iat the P that receives all the other n-1 evaluating result databases _tiafterwards, utilize mark computer center to calculate and formula

Step 10) D _iby the summed result P of oneself _i' be broadcast to remaining n-1 evaluating result database; Each D _iafter receiving the data of all the other n-1 evaluating result databases, mark computer center is calculated it respectively, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P_i}^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) according to step 10) obtain test and appraisal person S _itest and appraisal achievement sum M to all measured persons _i, S _icorresponding evaluating result database D _iby M _isend to remaining n-1 evaluating result database; Each D _iall obtain all test and appraisal persons' test and appraisal achievement sum M _i;

Step 12) each evaluating result database D _imore all M _ithe size of value, by M _ibe worth identical S _ideposit in the middle of same set, then compare the element number of each set, draw the set that element number is maximum, S in this set _icorresponding M value is this D _iin final test and appraisal mark sum;

Step 13) D _iconvert decimal number M to binary number, then every k position intercepts M, can obtain respectively all test and appraisal persons to each measured person T _jlast overall score, according to last overall score, obtain each measured person T _jlast test and appraisal rank, and this rank and last overall score are sent in all measured person's databases, measured person's database is used step 12) in M relatively _ithe method that draws M value is tried to achieve the last mark of measured person and rank, and stores;

Step 14) test and appraisal person logins evaluation system by authentication, from own corresponding RFID tag RFID, read each measured person's total points numerical value and last rank, but cannot extract other test and appraisal persons' concrete test and appraisal questionnaire, protect test and appraisal person's individual privacy;

Step 15) measured person is equally by authentication login system; check measured person's database; can see oneself test and appraisal final ranking and the overall merit of each test and appraisal person to oneself; and cannot see test and appraisal person's identity information and other measured persons' evaluating result; same; other measured persons also can't see his evaluating result, have further protected measured person's individual privacy.