CN114024685A - Data aggregation method based on ElGamal cryptosystem and Mercker hash tree - Google Patents

Data aggregation method based on ElGamal cryptosystem and Mercker hash tree Download PDF

Info

Publication number
CN114024685A
CN114024685A CN202111190170.7A CN202111190170A CN114024685A CN 114024685 A CN114024685 A CN 114024685A CN 202111190170 A CN202111190170 A CN 202111190170A CN 114024685 A CN114024685 A CN 114024685A
Authority
CN
China
Prior art keywords
ciphertext
hash tree
aggregation
control center
mercker
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111190170.7A
Other languages
Chinese (zh)
Inventor
黄方蕾
胡麦芳
张珂杰
乔沛杨
张帅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Qulian Technology Co Ltd
Original Assignee
Hangzhou Qulian Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Qulian Technology Co Ltd filed Critical Hangzhou Qulian Technology Co Ltd
Priority to CN202111190170.7A priority Critical patent/CN114024685A/en
Publication of CN114024685A publication Critical patent/CN114024685A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Abstract

The invention discloses a data aggregation method based on an ElGamal cryptosystem and a Mercker hash tree. The control center generates a public and private key pair for encryption by utilizing an ElGamal cryptosystem; each user calculates a ciphertext for the multi-dimensional electricity consumption information by using the super-incremental sequence, calculates a hash value by using a Mercker hash tree, and sends the hash value to a fog node; after receiving the encrypted user electricity utilization information, the fog node performs batch verification by using the Mercker hash tree, generates an aggregation ciphertext and sends the aggregation ciphertext to the control center; and after receiving the aggregation ciphertext, the control center decrypts the aggregation ciphertext to finally obtain an aggregation result of the power consumption information of each dimension. The invention utilizes the Mercker hash tree to carry out batch verification of data, the fog node realizes verification according to the comparison of the hash values of all users and the root node of the Mercker hash tree, and heavy double-line type pairing operation is not needed, thereby saving the calculation expense.

Description

Data aggregation method based on ElGamal cryptosystem and Mercker hash tree
Technical Field
The invention belongs to the field of information security technology and smart grid privacy protection data aggregation, and particularly relates to a data aggregation method based on an ElGamal cryptosystem and a Mercker hash tree.
Background
The internet of things (IoT) has brought various ubiquitous service evolutions that are expected to advance in various fields such as medical, logistics, and smart grid. The internet of things (IoT) has become an important component of smart grid systems.
Due to limitations in communication, such as power, storage, computing power of sensors, etc., data aggregation techniques are employed in the internet of things (IoT) to reduce communication overhead for real-time data transmission.
However, due to the large amount of sensitive electricity data transmitted in the smart grid, data security and data privacy as well as data aggregation efficiency are a major issue. In addition, the traditional data aggregation technology using the ElGamal cryptosystem does not support multidimensional data aggregation, and the digital signature technology needs a large amount of calculation overhead. Therefore, it is important to invent an efficient method that supports multidimensional data aggregation and has low computational and communication overhead.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a data aggregation method based on an ElGamal cryptosystem and a Merckel hash tree. The technical scheme adopted by the invention is as follows: the control center generates a public and private key pair for encryption by utilizing an ElGamal cryptosystem; each user calculates a ciphertext for the multi-dimensional electricity consumption information by using the super-incremental sequence, calculates a hash value by using a Mercker hash tree, and sends the hash value to a fog node; after receiving the encrypted user electricity utilization information, the fog node performs batch verification by using the Mercker hash tree, generates an aggregation ciphertext and sends the aggregation ciphertext to the control center; and after receiving the aggregation ciphertext, the control center decrypts the aggregation ciphertext to finally obtain an aggregation result of the power consumption information of each dimension.
The method comprises the following steps:
step one, an initialization stage:
control center utilizationThe ElGamal cryptosystem generates a public and private key pair: based on the security parameter λ, a tuple gk ═ (p, g) is generated1,g2,G,GTE, H); then generating a super-increment sequence a1,a2,...,al(ii) a Randomly selecting variable u per useri∈ZpThen the control center generates a group of public and private key pairs by a key generation algorithm
Figure BDA0003300233450000011
For encryption;
wherein, GTIs a group of two multiplication cycles, g1,g2Are respectively two multiplication cycle groups G, GTIs g, p is1,g2E is G × G → GTH is a one-way hash function H: {0,1}*→G;ZpRepresents an integer from 0 to p-1;
Figure BDA0003300233450000021
is to calculate the public key of the ciphertext,
Figure BDA0003300233450000022
is the private key of the computed ciphertext;
step two, ciphertext generation stage:
the multidimensional power consumption information of each user is represented as di1,di2,...,dilRandomly choosing the variable ri∈ZpAnd calculating a ciphertext:
Figure BDA0003300233450000023
wherein, C1、C2Two ciphertexts; m isi=a1·di1+a2·di2+...+al·dil
Each user calculates a hash value according to the merkel hash tree:
li=H(CTi||TS)
each user will encrypt and signCTi||TS||liSending the data to a fog node;
wherein TS is the current timestamp;
step three, ciphertext aggregation stage:
when the fog node receives the CT of n usersi||TS||liSecondly, verifying the integrity of the data in batches by using a Mercker hash tree;
and then, carrying out ciphertext aggregation to generate an aggregated ciphertext:
Figure BDA0003300233450000024
then sending the aggregation ciphertext and the aggregation signature CT to a control center;
step four, the control center decrypts the stage:
after the control center receives the CT sent by the fog node, the control center utilizes a private key
Figure BDA0003300233450000025
And (3) carrying out decryption calculation on the aggregate ciphertext CT:
Figure BDA0003300233450000026
wherein the content of the first and second substances,
Figure BDA0003300233450000031
according to super-increment sequence a1,a2,...,alObtaining the aggregation result of the power consumption information of each dimension
Figure BDA0003300233450000032
Further, in step two, the hash value l calculated by each useriStored on leaf nodes of the merkel hash tree.
Further, in the third step, the batch verification of data integrity specifically includes: the fog node can be based on all usersHash value liAnd comparing with the root node of the Mercker hash tree, and if the root node of the Mercker hash tree is equal, indicating that the verification is successful.
Compared with the prior art, the invention has the beneficial effects that:
the invention utilizes the Mercker hash tree to carry out batch verification of data, the fog node can realize verification by comparing the hash values of all users with the root node of the Mercker hash tree, and heavy double-line type pairing operation is not needed, thereby saving the calculation expense.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
The technical contents of the present invention will be further explained with reference to the accompanying drawings.
As shown in fig. 1, the data aggregation method based on ElGamal cryptosystem and merkel hash tree includes the following steps:
1. initialization phase
In the initialization phase, the control center can boot the entire system. The ElGamal cryptosystem is utilized to generate public-private key pairs. And the public and private key pair is used for encryption generation.
Based on the security parameter λ, a tuple gk ═ (p, g) is generated1,g2,G,GTE, H), then a super-increment sequence a is generated1,a2,...,al. Wherein G, GTIs a group of two multiplication cycles, g1,g2Are respectively the generator of two multiplication cycle groups, p is g1,g2E is G × G → GTH is a one-way hash function H: {0,1}*→G。
User for each useriRandomly selecting a variable ui∈Zp,ZpRepresents an integer from 0 to p-1. Then generating a group of public and private key pairs by a key generation algorithm
Figure BDA0003300233450000041
For encryption.
2. Ciphertext generation stage
User for each useriExpressed as di1,di2,...,dilRandomly choosing the variable ri∈Zp,ZpRepresents an integer from 0 to p-1, and computes a ciphertext CTi=(C1,C2):
Figure BDA0003300233450000042
Wherein, C1 and C2 are two ciphertexts, m isi=a1·di1+a2·di2+...+al·dil
User for each useriThe hash value is calculated according to the merkel hash tree:
li=H(CTi||TS)
the hash value liStored on leaf nodes of the merkel hash tree. Where TS is the current timestamp, it can resist message replay attacks.
We can use the Mercker hash tree to perform batch verification, and each user usesiTo encrypt data and hash value CTi||TS||liAnd sending the data to the fog node.
3. Aggregate ciphertext generation stage
When the fog node receives the CT of n usersi||TS||liThereafter, verification checking of the integrity of the data is first performed. Batch verification can be carried out by utilizing the Mercker hash tree, and the fog nodes can be verified according to the hash values l of all usersiAnd comparing with the root node of the Mercker hash tree, and if the root node of the Mercker hash tree is equal, indicating that the verification is successful. No heavy two-wire type pairing operation is required, thus saving computational overhead.
And then, carrying out ciphertext aggregation to generate an aggregated ciphertext:
Figure BDA0003300233450000043
and then the aggregate ciphertext CT is sent to the control center.
4. Control center side decryption stage
After the control center receives the aggregated ciphertext CT sent by the fog node, the control center utilizes a private key
Figure BDA0003300233450000051
And (3) carrying out decryption calculation on the aggregate ciphertext CT:
Figure BDA0003300233450000052
wherein the content of the first and second substances,
Figure BDA0003300233450000053
aggregated electricity usage data can thus be obtained. Then obtaining the poly of each dimension according to the super-increasing sequence
Result of synthesis
Figure BDA0003300233450000054

Claims (3)

1. A data aggregation method based on an ElGamal cryptosystem and a Merckel hash tree is characterized by comprising the following steps:
step one, an initialization stage:
the control center generates a public and private key pair by utilizing an ElGamal cryptosystem: based on the security parameter λ, a tuple gk ═ (p, g) is generated1,g2,G,GTE, H); then generating a super-increment sequence a1,a2,...,al(ii) a Randomly selecting variable u per useri∈ZpThen the control center generates a group of public and private key pairs by a key generation algorithm
Figure FDA0003300233440000011
For encryption;
wherein, GTIs a group of two multiplication cycles, g1,g2Are respectively two multiplication cycle groups G, GTIs g, p is1,g2E is G × G →GTH is a one-way hash function H: {0,1}*→G;ZpRepresents an integer from 0 to p-1;
Figure FDA0003300233440000012
is to calculate the public key of the ciphertext,
Figure FDA0003300233440000013
is the private key of the computed ciphertext;
step two, ciphertext generation stage:
the multidimensional power consumption information of each user is represented as di1,di2,...,dilRandomly choosing the variable ri∈ZpAnd calculating a ciphertext:
Figure FDA0003300233440000014
wherein, C1、C2Two ciphertexts; m isi=a1·di1+a2·di2+...+al·dil
Each user calculates a hash value according to the merkel hash tree:
li=H(CTi||TS)
each user will encrypt and sign CTi||TS||liSending the data to a fog node;
wherein TS is the current timestamp;
step three, ciphertext aggregation stage:
when the fog node receives the CT of n usersi||TS||liSecondly, verifying the integrity of the data in batches by using a Mercker hash tree;
and then, carrying out ciphertext aggregation to generate an aggregated ciphertext:
Figure FDA0003300233440000021
then sending the aggregation ciphertext and the aggregation signature CT to a control center;
step four, the control center decrypts the stage:
after the control center receives the CT sent by the fog node, the control center utilizes a private key
Figure FDA0003300233440000022
And (3) carrying out decryption calculation on the aggregate ciphertext CT:
Figure FDA0003300233440000023
wherein the content of the first and second substances,
Figure FDA0003300233440000024
according to super-increment sequence a1,a2,...,alObtaining the aggregation result of the power consumption information of each dimension
Figure FDA0003300233440000025
2. The data aggregation method based on the ElGamal cryptosystem and the Mercker hash tree according to claim 1, wherein:
in step two, the hash value l calculated by each useriStored on leaf nodes of the merkel hash tree.
3. The data aggregation method based on the ElGamal cryptosystem and the Mercker hash tree according to claim 1, wherein:
in the third step, the batch verification of the data integrity specifically includes: the fog node can be based on the hash values l of all usersiAnd comparing with the root node of the Mercker hash tree, and if the root node of the Mercker hash tree is equal, indicating that the verification is successful.
CN202111190170.7A 2021-10-12 2021-10-12 Data aggregation method based on ElGamal cryptosystem and Mercker hash tree Pending CN114024685A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111190170.7A CN114024685A (en) 2021-10-12 2021-10-12 Data aggregation method based on ElGamal cryptosystem and Mercker hash tree

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111190170.7A CN114024685A (en) 2021-10-12 2021-10-12 Data aggregation method based on ElGamal cryptosystem and Mercker hash tree

Publications (1)

Publication Number Publication Date
CN114024685A true CN114024685A (en) 2022-02-08

Family

ID=80056216

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111190170.7A Pending CN114024685A (en) 2021-10-12 2021-10-12 Data aggregation method based on ElGamal cryptosystem and Mercker hash tree

Country Status (1)

Country Link
CN (1) CN114024685A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150106325A1 (en) * 2012-01-13 2015-04-16 Amazon Technologies, Inc. Distributed storage of aggregated data
CN105488340A (en) * 2015-11-26 2016-04-13 国网智能电网研究院 High efficiency data aggregation method in smart power grid based on multidimensional data
KR101707602B1 (en) * 2015-09-25 2017-02-17 상명대학교 천안산학협력단 Method for authenticating secure message based on hash tree and apparatus therefor
CN108683493A (en) * 2018-05-04 2018-10-19 西安电子科技大学 The data aggregation method of secret protection is provided in a kind of intelligent grid
CN110110537A (en) * 2019-05-08 2019-08-09 西安电子科技大学 The polymerization of multidimensional data encryption and decryption in smart grid
CN110958109A (en) * 2019-10-12 2020-04-03 上海电力大学 Light dynamic data integrity auditing method based on hierarchical Mercker Hash tree
CN112637227A (en) * 2020-12-29 2021-04-09 浙江工商大学 Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid
CN112887095A (en) * 2021-01-26 2021-06-01 浙江工商大学 Block chain-based data privacy protection aggregation method for smart grid secondary network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150106325A1 (en) * 2012-01-13 2015-04-16 Amazon Technologies, Inc. Distributed storage of aggregated data
KR101707602B1 (en) * 2015-09-25 2017-02-17 상명대학교 천안산학협력단 Method for authenticating secure message based on hash tree and apparatus therefor
CN105488340A (en) * 2015-11-26 2016-04-13 国网智能电网研究院 High efficiency data aggregation method in smart power grid based on multidimensional data
CN108683493A (en) * 2018-05-04 2018-10-19 西安电子科技大学 The data aggregation method of secret protection is provided in a kind of intelligent grid
CN110110537A (en) * 2019-05-08 2019-08-09 西安电子科技大学 The polymerization of multidimensional data encryption and decryption in smart grid
CN110958109A (en) * 2019-10-12 2020-04-03 上海电力大学 Light dynamic data integrity auditing method based on hierarchical Mercker Hash tree
CN112637227A (en) * 2020-12-29 2021-04-09 浙江工商大学 Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid
CN112887095A (en) * 2021-01-26 2021-06-01 浙江工商大学 Block chain-based data privacy protection aggregation method for smart grid secondary network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
XIANGJIAN ZUO,等: "Privacy-Preserving Multidimensional Data Aggregation Scheme Without Trusted Authority in Smart Grid", IEEE SYSTEMS JOURNAL, vol. 15, no. 1, pages 395 - 406, XP011841769, DOI: 10.1109/JSYST.2020.2994363 *
周立国: "智能电网中隐私保护数据聚合方案研究", 《中国优秀硕士学位论文全文数据库》 *
朱丹;温蜜;: "智能电网中面向安全计量的数据聚合方案", 电气应用, no. 04, pages 93 - 101 *

Similar Documents

Publication Publication Date Title
CN111294366B (en) Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN108989053B (en) Method for realizing certificateless public key cryptosystem based on elliptic curve
Wong et al. Mutual authentication and key exchange for low power wireless communications
CN110830236B (en) Identity-based encryption method based on global hash
US9003181B2 (en) Incorporating data into cryptographic components of an ECQV certificate
CN102811125B (en) Certificateless multi-receiver signcryption method with multivariate-based cryptosystem
CN105812141A (en) Outsourcing encrypted data-orientated verifiable intersection operation method and system
JP2001511912A (en) Circular polynomial structure of discrete logarithmic cryptosystem over finite field
CN109962769B (en) Data security deduplication method based on threshold blind signature
CN110896351B (en) Identity-based digital signature method based on global hash
US20130091362A1 (en) Generating implicit certificates
CN113162751B (en) Encryption method and system with homomorphism and readable storage medium
CN107171788B (en) Identity-based online and offline aggregated signature method with constant signature length
CN110138543A (en) Blind label decryption method under lattice public-key cryptosystem
Yin et al. A New Provable Secure Certificateless Aggregate Signcryption Scheme.
Yi et al. An efficient identity-based signature scheme with provable security
CN114125831B (en) 5G smart grid user side data acquisition method and system based on proxy re-encryption
Natanzi et al. Secure distributed controllers in SDN based on ECC public key infrastructure
Yuan Security analysis of an enhanced certificateless signcryption in the standard model
CN110110537B (en) Aggregation method for encrypting and decrypting multidimensional data in smart power grid
Li et al. A new self-certified signature scheme based on ntrus ing for smart mobile communications
Selvi et al. Identity based online/offline encryption and signcryption schemes revisited
CN113014398A (en) Aggregate signature generation method based on SM9 digital signature algorithm
CN114024684A (en) Multi-dimensional data polymerization method based on bilinear ElGamal cryptosystem
Zhang et al. Lattice-based dual receiver encryption and more

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination