CN114024685A - Data aggregation method based on ElGamal cryptosystem and Mercker hash tree - Google Patents
Data aggregation method based on ElGamal cryptosystem and Mercker hash tree Download PDFInfo
- Publication number
- CN114024685A CN114024685A CN202111190170.7A CN202111190170A CN114024685A CN 114024685 A CN114024685 A CN 114024685A CN 202111190170 A CN202111190170 A CN 202111190170A CN 114024685 A CN114024685 A CN 114024685A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- hash tree
- aggregation
- control center
- mercker
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004220 aggregation Methods 0.000 title claims abstract description 36
- 230000002776 aggregation Effects 0.000 title claims abstract description 36
- 238000000034 method Methods 0.000 title claims abstract description 12
- 238000012795 verification Methods 0.000 claims abstract description 11
- 238000004364 calculation method Methods 0.000 claims abstract description 6
- 239000000126 substance Substances 0.000 claims description 3
- 230000005611 electricity Effects 0.000 abstract description 6
- 238000013524 data verification Methods 0.000 abstract description 3
- 238000004891 communication Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000003786 synthesis reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Abstract
The invention discloses a data aggregation method based on an ElGamal cryptosystem and a Mercker hash tree. The control center generates a public and private key pair for encryption by utilizing an ElGamal cryptosystem; each user calculates a ciphertext for the multi-dimensional electricity consumption information by using the super-incremental sequence, calculates a hash value by using a Mercker hash tree, and sends the hash value to a fog node; after receiving the encrypted user electricity utilization information, the fog node performs batch verification by using the Mercker hash tree, generates an aggregation ciphertext and sends the aggregation ciphertext to the control center; and after receiving the aggregation ciphertext, the control center decrypts the aggregation ciphertext to finally obtain an aggregation result of the power consumption information of each dimension. The invention utilizes the Mercker hash tree to carry out batch verification of data, the fog node realizes verification according to the comparison of the hash values of all users and the root node of the Mercker hash tree, and heavy double-line type pairing operation is not needed, thereby saving the calculation expense.
Description
Technical Field
The invention belongs to the field of information security technology and smart grid privacy protection data aggregation, and particularly relates to a data aggregation method based on an ElGamal cryptosystem and a Mercker hash tree.
Background
The internet of things (IoT) has brought various ubiquitous service evolutions that are expected to advance in various fields such as medical, logistics, and smart grid. The internet of things (IoT) has become an important component of smart grid systems.
Due to limitations in communication, such as power, storage, computing power of sensors, etc., data aggregation techniques are employed in the internet of things (IoT) to reduce communication overhead for real-time data transmission.
However, due to the large amount of sensitive electricity data transmitted in the smart grid, data security and data privacy as well as data aggregation efficiency are a major issue. In addition, the traditional data aggregation technology using the ElGamal cryptosystem does not support multidimensional data aggregation, and the digital signature technology needs a large amount of calculation overhead. Therefore, it is important to invent an efficient method that supports multidimensional data aggregation and has low computational and communication overhead.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a data aggregation method based on an ElGamal cryptosystem and a Merckel hash tree. The technical scheme adopted by the invention is as follows: the control center generates a public and private key pair for encryption by utilizing an ElGamal cryptosystem; each user calculates a ciphertext for the multi-dimensional electricity consumption information by using the super-incremental sequence, calculates a hash value by using a Mercker hash tree, and sends the hash value to a fog node; after receiving the encrypted user electricity utilization information, the fog node performs batch verification by using the Mercker hash tree, generates an aggregation ciphertext and sends the aggregation ciphertext to the control center; and after receiving the aggregation ciphertext, the control center decrypts the aggregation ciphertext to finally obtain an aggregation result of the power consumption information of each dimension.
The method comprises the following steps:
step one, an initialization stage:
control center utilizationThe ElGamal cryptosystem generates a public and private key pair: based on the security parameter λ, a tuple gk ═ (p, g) is generated1,g2,G,GTE, H); then generating a super-increment sequence a1,a2,...,al(ii) a Randomly selecting variable u per useri∈ZpThen the control center generates a group of public and private key pairs by a key generation algorithmFor encryption;
wherein, GTIs a group of two multiplication cycles, g1,g2Are respectively two multiplication cycle groups G, GTIs g, p is1,g2E is G × G → GTH is a one-way hash function H: {0,1}*→G;ZpRepresents an integer from 0 to p-1;is to calculate the public key of the ciphertext,is the private key of the computed ciphertext;
step two, ciphertext generation stage:
the multidimensional power consumption information of each user is represented as di1,di2,...,dilRandomly choosing the variable ri∈ZpAnd calculating a ciphertext:
wherein, C1、C2Two ciphertexts; m isi=a1·di1+a2·di2+...+al·dil;
Each user calculates a hash value according to the merkel hash tree:
li=H(CTi||TS)
each user will encrypt and signCTi||TS||liSending the data to a fog node;
wherein TS is the current timestamp;
step three, ciphertext aggregation stage:
when the fog node receives the CT of n usersi||TS||liSecondly, verifying the integrity of the data in batches by using a Mercker hash tree;
and then, carrying out ciphertext aggregation to generate an aggregated ciphertext:
then sending the aggregation ciphertext and the aggregation signature CT to a control center;
step four, the control center decrypts the stage:
after the control center receives the CT sent by the fog node, the control center utilizes a private keyAnd (3) carrying out decryption calculation on the aggregate ciphertext CT:
according to super-increment sequence a1,a2,...,alObtaining the aggregation result of the power consumption information of each dimension
Further, in step two, the hash value l calculated by each useriStored on leaf nodes of the merkel hash tree.
Further, in the third step, the batch verification of data integrity specifically includes: the fog node can be based on all usersHash value liAnd comparing with the root node of the Mercker hash tree, and if the root node of the Mercker hash tree is equal, indicating that the verification is successful.
Compared with the prior art, the invention has the beneficial effects that:
the invention utilizes the Mercker hash tree to carry out batch verification of data, the fog node can realize verification by comparing the hash values of all users with the root node of the Mercker hash tree, and heavy double-line type pairing operation is not needed, thereby saving the calculation expense.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
The technical contents of the present invention will be further explained with reference to the accompanying drawings.
As shown in fig. 1, the data aggregation method based on ElGamal cryptosystem and merkel hash tree includes the following steps:
1. initialization phase
In the initialization phase, the control center can boot the entire system. The ElGamal cryptosystem is utilized to generate public-private key pairs. And the public and private key pair is used for encryption generation.
Based on the security parameter λ, a tuple gk ═ (p, g) is generated1,g2,G,GTE, H), then a super-increment sequence a is generated1,a2,...,al. Wherein G, GTIs a group of two multiplication cycles, g1,g2Are respectively the generator of two multiplication cycle groups, p is g1,g2E is G × G → GTH is a one-way hash function H: {0,1}*→G。
User for each useriRandomly selecting a variable ui∈Zp,ZpRepresents an integer from 0 to p-1. Then generating a group of public and private key pairs by a key generation algorithmFor encryption.
2. Ciphertext generation stage
User for each useriExpressed as di1,di2,...,dilRandomly choosing the variable ri∈Zp,ZpRepresents an integer from 0 to p-1, and computes a ciphertext CTi=(C1,C2):
Wherein, C1 and C2 are two ciphertexts, m isi=a1·di1+a2·di2+...+al·dil。
User for each useriThe hash value is calculated according to the merkel hash tree:
li=H(CTi||TS)
the hash value liStored on leaf nodes of the merkel hash tree. Where TS is the current timestamp, it can resist message replay attacks.
We can use the Mercker hash tree to perform batch verification, and each user usesiTo encrypt data and hash value CTi||TS||liAnd sending the data to the fog node.
3. Aggregate ciphertext generation stage
When the fog node receives the CT of n usersi||TS||liThereafter, verification checking of the integrity of the data is first performed. Batch verification can be carried out by utilizing the Mercker hash tree, and the fog nodes can be verified according to the hash values l of all usersiAnd comparing with the root node of the Mercker hash tree, and if the root node of the Mercker hash tree is equal, indicating that the verification is successful. No heavy two-wire type pairing operation is required, thus saving computational overhead.
And then, carrying out ciphertext aggregation to generate an aggregated ciphertext:
and then the aggregate ciphertext CT is sent to the control center.
4. Control center side decryption stage
After the control center receives the aggregated ciphertext CT sent by the fog node, the control center utilizes a private keyAnd (3) carrying out decryption calculation on the aggregate ciphertext CT:
aggregated electricity usage data can thus be obtained. Then obtaining the poly of each dimension according to the super-increasing sequence
Claims (3)
1. A data aggregation method based on an ElGamal cryptosystem and a Merckel hash tree is characterized by comprising the following steps:
step one, an initialization stage:
the control center generates a public and private key pair by utilizing an ElGamal cryptosystem: based on the security parameter λ, a tuple gk ═ (p, g) is generated1,g2,G,GTE, H); then generating a super-increment sequence a1,a2,...,al(ii) a Randomly selecting variable u per useri∈ZpThen the control center generates a group of public and private key pairs by a key generation algorithmFor encryption;
wherein, GTIs a group of two multiplication cycles, g1,g2Are respectively two multiplication cycle groups G, GTIs g, p is1,g2E is G × G →GTH is a one-way hash function H: {0,1}*→G;ZpRepresents an integer from 0 to p-1;is to calculate the public key of the ciphertext,is the private key of the computed ciphertext;
step two, ciphertext generation stage:
the multidimensional power consumption information of each user is represented as di1,di2,...,dilRandomly choosing the variable ri∈ZpAnd calculating a ciphertext:
wherein, C1、C2Two ciphertexts; m isi=a1·di1+a2·di2+...+al·dil;
Each user calculates a hash value according to the merkel hash tree:
li=H(CTi||TS)
each user will encrypt and sign CTi||TS||liSending the data to a fog node;
wherein TS is the current timestamp;
step three, ciphertext aggregation stage:
when the fog node receives the CT of n usersi||TS||liSecondly, verifying the integrity of the data in batches by using a Mercker hash tree;
and then, carrying out ciphertext aggregation to generate an aggregated ciphertext:
then sending the aggregation ciphertext and the aggregation signature CT to a control center;
step four, the control center decrypts the stage:
after the control center receives the CT sent by the fog node, the control center utilizes a private keyAnd (3) carrying out decryption calculation on the aggregate ciphertext CT:
2. The data aggregation method based on the ElGamal cryptosystem and the Mercker hash tree according to claim 1, wherein:
in step two, the hash value l calculated by each useriStored on leaf nodes of the merkel hash tree.
3. The data aggregation method based on the ElGamal cryptosystem and the Mercker hash tree according to claim 1, wherein:
in the third step, the batch verification of the data integrity specifically includes: the fog node can be based on the hash values l of all usersiAnd comparing with the root node of the Mercker hash tree, and if the root node of the Mercker hash tree is equal, indicating that the verification is successful.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111190170.7A CN114024685A (en) | 2021-10-12 | 2021-10-12 | Data aggregation method based on ElGamal cryptosystem and Mercker hash tree |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111190170.7A CN114024685A (en) | 2021-10-12 | 2021-10-12 | Data aggregation method based on ElGamal cryptosystem and Mercker hash tree |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114024685A true CN114024685A (en) | 2022-02-08 |
Family
ID=80056216
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111190170.7A Pending CN114024685A (en) | 2021-10-12 | 2021-10-12 | Data aggregation method based on ElGamal cryptosystem and Mercker hash tree |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114024685A (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150106325A1 (en) * | 2012-01-13 | 2015-04-16 | Amazon Technologies, Inc. | Distributed storage of aggregated data |
CN105488340A (en) * | 2015-11-26 | 2016-04-13 | 国网智能电网研究院 | High efficiency data aggregation method in smart power grid based on multidimensional data |
KR101707602B1 (en) * | 2015-09-25 | 2017-02-17 | 상명대학교 천안산학협력단 | Method for authenticating secure message based on hash tree and apparatus therefor |
CN108683493A (en) * | 2018-05-04 | 2018-10-19 | 西安电子科技大学 | The data aggregation method of secret protection is provided in a kind of intelligent grid |
CN110110537A (en) * | 2019-05-08 | 2019-08-09 | 西安电子科技大学 | The polymerization of multidimensional data encryption and decryption in smart grid |
CN110958109A (en) * | 2019-10-12 | 2020-04-03 | 上海电力大学 | Light dynamic data integrity auditing method based on hierarchical Mercker Hash tree |
CN112637227A (en) * | 2020-12-29 | 2021-04-09 | 浙江工商大学 | Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid |
CN112887095A (en) * | 2021-01-26 | 2021-06-01 | 浙江工商大学 | Block chain-based data privacy protection aggregation method for smart grid secondary network |
-
2021
- 2021-10-12 CN CN202111190170.7A patent/CN114024685A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150106325A1 (en) * | 2012-01-13 | 2015-04-16 | Amazon Technologies, Inc. | Distributed storage of aggregated data |
KR101707602B1 (en) * | 2015-09-25 | 2017-02-17 | 상명대학교 천안산학협력단 | Method for authenticating secure message based on hash tree and apparatus therefor |
CN105488340A (en) * | 2015-11-26 | 2016-04-13 | 国网智能电网研究院 | High efficiency data aggregation method in smart power grid based on multidimensional data |
CN108683493A (en) * | 2018-05-04 | 2018-10-19 | 西安电子科技大学 | The data aggregation method of secret protection is provided in a kind of intelligent grid |
CN110110537A (en) * | 2019-05-08 | 2019-08-09 | 西安电子科技大学 | The polymerization of multidimensional data encryption and decryption in smart grid |
CN110958109A (en) * | 2019-10-12 | 2020-04-03 | 上海电力大学 | Light dynamic data integrity auditing method based on hierarchical Mercker Hash tree |
CN112637227A (en) * | 2020-12-29 | 2021-04-09 | 浙江工商大学 | Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid |
CN112887095A (en) * | 2021-01-26 | 2021-06-01 | 浙江工商大学 | Block chain-based data privacy protection aggregation method for smart grid secondary network |
Non-Patent Citations (3)
Title |
---|
XIANGJIAN ZUO,等: "Privacy-Preserving Multidimensional Data Aggregation Scheme Without Trusted Authority in Smart Grid", IEEE SYSTEMS JOURNAL, vol. 15, no. 1, pages 395 - 406, XP011841769, DOI: 10.1109/JSYST.2020.2994363 * |
周立国: "智能电网中隐私保护数据聚合方案研究", 《中国优秀硕士学位论文全文数据库》 * |
朱丹;温蜜;: "智能电网中面向安全计量的数据聚合方案", 电气应用, no. 04, pages 93 - 101 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111294366B (en) | Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid | |
CN108989053B (en) | Method for realizing certificateless public key cryptosystem based on elliptic curve | |
Wong et al. | Mutual authentication and key exchange for low power wireless communications | |
CN110830236B (en) | Identity-based encryption method based on global hash | |
US9003181B2 (en) | Incorporating data into cryptographic components of an ECQV certificate | |
CN102811125B (en) | Certificateless multi-receiver signcryption method with multivariate-based cryptosystem | |
CN105812141A (en) | Outsourcing encrypted data-orientated verifiable intersection operation method and system | |
JP2001511912A (en) | Circular polynomial structure of discrete logarithmic cryptosystem over finite field | |
CN109962769B (en) | Data security deduplication method based on threshold blind signature | |
CN110896351B (en) | Identity-based digital signature method based on global hash | |
US20130091362A1 (en) | Generating implicit certificates | |
CN113162751B (en) | Encryption method and system with homomorphism and readable storage medium | |
CN107171788B (en) | Identity-based online and offline aggregated signature method with constant signature length | |
CN110138543A (en) | Blind label decryption method under lattice public-key cryptosystem | |
Yin et al. | A New Provable Secure Certificateless Aggregate Signcryption Scheme. | |
Yi et al. | An efficient identity-based signature scheme with provable security | |
CN114125831B (en) | 5G smart grid user side data acquisition method and system based on proxy re-encryption | |
Natanzi et al. | Secure distributed controllers in SDN based on ECC public key infrastructure | |
Yuan | Security analysis of an enhanced certificateless signcryption in the standard model | |
CN110110537B (en) | Aggregation method for encrypting and decrypting multidimensional data in smart power grid | |
Li et al. | A new self-certified signature scheme based on ntrus ing for smart mobile communications | |
Selvi et al. | Identity based online/offline encryption and signcryption schemes revisited | |
CN113014398A (en) | Aggregate signature generation method based on SM9 digital signature algorithm | |
CN114024684A (en) | Multi-dimensional data polymerization method based on bilinear ElGamal cryptosystem | |
Zhang et al. | Lattice-based dual receiver encryption and more |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |