CN114125831B - 5G smart grid user side data acquisition method and system based on proxy re-encryption - Google Patents
5G smart grid user side data acquisition method and system based on proxy re-encryption Download PDFInfo
- Publication number
- CN114125831B CN114125831B CN202210084095.4A CN202210084095A CN114125831B CN 114125831 B CN114125831 B CN 114125831B CN 202210084095 A CN202210084095 A CN 202210084095A CN 114125831 B CN114125831 B CN 114125831B
- Authority
- CN
- China
- Prior art keywords
- user
- encryption
- data
- encrypted data
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H02—GENERATION; CONVERSION OR DISTRIBUTION OF ELECTRIC POWER
- H02J—CIRCUIT ARRANGEMENTS OR SYSTEMS FOR SUPPLYING OR DISTRIBUTING ELECTRIC POWER; SYSTEMS FOR STORING ELECTRIC ENERGY
- H02J13/00—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network
- H02J13/00006—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network characterised by information or instructions transport means between the monitoring, controlling or managing units and monitored, controlled or operated power network element or electrical equipment
- H02J13/00022—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network characterised by information or instructions transport means between the monitoring, controlling or managing units and monitored, controlled or operated power network element or electrical equipment using wireless data transmission
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/35—Services specially adapted for particular environments, situations or purposes for the management of goods or merchandise
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02E—REDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
- Y02E60/00—Enabling technologies; Technologies with a potential or indirect contribution to GHG emissions mitigation
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/12—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them characterised by data transport means between the monitoring, controlling or managing units and monitored, controlled or operated electrical equipment
- Y04S40/126—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them characterised by data transport means between the monitoring, controlling or managing units and monitored, controlled or operated electrical equipment using wireless data transmission
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The invention provides a 5G smart grid user side data acquisition method and system based on proxy re-encryption, which comprises the following steps: the method comprises the steps that user equipment on a plurality of user sides generates a first user public key and a first user private key based on user identity IDs, and service equipment on a service side generates a first power supply public key and a first power supply private key based on power supply identity IDs; the user equipment at the user side obtains a re-encryption key based on a first user private key and a first conversion key; the service equipment on the service side generates a re-encryption table based on the received re-encryption key; the power data are encrypted by the user equipment of the user sides based on respective first user public keys to obtain encrypted data packets, and the cloud server generates an encrypted data table based on the received encrypted data packets; and the service equipment at the service side acquires the re-encryption key based on the access request, and decrypts the encrypted data based on the re-encryption key to obtain the plaintext power data.
Description
Technical Field
The invention relates to the technical field of encrypted communication, in particular to a method and a system for acquiring 5G smart grid user side data based on proxy re-encryption.
Background
In recent years, with the application of new technologies such as 5G, smart grids are gradually becoming intelligent, unmanned and safe in the power production control process. The 5G technology is becoming mature, and the characteristics of the universal interconnection enable the mobile communication technology to penetrate into wider industries and fields. With the wide application of the intelligent distributed distribution network terminal in the future, more distributed point-to-point connections will appear in the connection mode.
The application of the 5G communication technology is beneficial to realizing the refined development of the user side information acquisition work, thereby providing full and comprehensive user side data information. The power utilization information and data of the user can be used for carrying out load prediction and power marketing research for power companies and third-party research institutions including electric academys, and further improvement of a power system is facilitated. Consequently, the collection frequency and the collection content will also show exponential increase, and the information brought by the massive user-side data generated by the exponential increase is not negligible.
User data is mostly stored in a cloud end in a ciphertext mode at present, and electricity consumption data is mostly transmitted through the internet, so that the greater risks of data leakage and attack exist. This mode brings difficulty to the power supply company to acquire the user data, and cannot directly decrypt the ciphertext data after receiving the ciphertext data. In cloud storage, proxy re-encryption can well solve the problem, and ciphertext data is converted under the condition that encrypted data and a secret key are not leaked by converting outsourced encrypted data. Therefore, a large amount of network resources can be saved, computing resources of the cloud can be fully utilized, and the secure access of encrypted data is realized.
A5G smart grid user side data acquisition system based on agent re-encryption comprises two entities: user, power supply company. In actual practice, five stages are involved: initialization phase, re-encryption key generation phase, encryption phase, re-encryption phase and decryption phase.
In consideration of complex environmental factors of practical application scenes and the practicability and robustness of the system, the 5G smart grid user side data acquisition system based on proxy re-encryption needs to meet the following requirements: (1) the accuracy is as follows: for both communication parties using the scheme, a power supply company is ensured to accurately acquire user data; (2) confidentiality: the content of information cannot be revealed to any unauthorized user, and an adversary cannot acquire the private keys of both communication parties; (3) integrity: the received information is consistent with the sent information and cannot be tampered by a third party.
Obviously, designing a 5G smart grid user side data acquisition scheme based on proxy re-encryption is an important task. Although the existing data transmission scheme can realize data transmission, the existing data transmission scheme has some problems in the aspects of usability and efficiency, and data of a plurality of user sides cannot be acquired simultaneously.
Disclosure of Invention
The embodiment of the invention provides a 5G smart grid user side data acquisition method and system based on proxy re-encryption, which can realize high-efficiency and encrypted data transmission with user equipment of a plurality of user sides at the same time, and have the advantages of easiness in use and high efficiency.
In a first aspect of the embodiments of the present invention, a method for acquiring user-side data of a 5G smart grid based on proxy re-encryption is provided, in which a user device, a service device, and a cloud server are preset, the user device, the service device, and the cloud server are respectively connected through a 5G communication link, and the method for acquiring user-side data includes the following steps:
the method comprises the steps that a plurality of user devices generate a first user public key and a first user private key based on user identity IDs, and service devices generate a first power supply public key and a first power supply private key based on power supply identity IDs;
the service equipment generates a first conversion key based on the first power supply private key and then respectively sends the first conversion key to a plurality of user sides, the user equipment obtains a re-encryption key based on the first user private key and the first conversion key, and the user equipment respectively sends the re-encryption key to the service equipment;
the service equipment generates a re-encryption table based on the received re-encryption key, wherein the re-encryption table comprises the corresponding relation between the user tag of each user equipment and the re-encryption key;
the method comprises the steps that a plurality of user devices encrypt electric power data based on respective first user public keys to obtain encrypted data packets, the encrypted data packets are uploaded to a cloud server, the cloud server generates an encrypted data table based on the received encrypted data packets, and the encrypted data table comprises the corresponding relation between a user tag of each user device and encrypted data;
the service equipment sends a data request to a cloud server based on the received access request, the cloud server selects corresponding encrypted data based on the data request and sends the encrypted data to the service equipment, the service equipment obtains a re-encryption key based on the access request, and the encrypted data is decrypted based on the re-encryption key to obtain plaintext electric power data.
Optionally, in a possible implementation manner of the first aspect, the generating, by the user device on the multiple user sides, a first user public key and a first user private key based on the user identity ID, and the generating, by the service device on the service side, a first power supply public key and a first power supply private key based on the power supply identity ID includes:
presetting a set G of generators, wherein the set G has a plurality of G orders,
Bit prime number, randomly selecting prime number p in set G, and performing hash function H and prime numberpObtaining random numbersS;
Obtaining a user identity ID, obtaining a first user private key and a first user public key through the following formula,
wherein the content of the first and second substances,
is the first user's private key and,
for the purpose of the user identity ID,
is the public key of the first user,
randomly selecting prime numbers in the set G;
acquiring a power supply identity ID, obtaining a first power supply private key and a first power supply public key through the following formula,
wherein the content of the first and second substances,
for the first power supply private key,
in order to supply the power supply identity ID,
for the first public key of the power supply,
is a randomly selected prime number in the set G.
Optionally, in a possible implementation manner of the first aspect, after the service device on the service side generates the first conversion key based on the first power supply private key, the first conversion key is respectively sent to a plurality of user sides, and the obtaining, by the user device on the user side, the re-encryption key based on the first user private key and the first conversion key includes:
obtaining random numbershObtaining a first conversion key and a re-encryption key by the following formulas,
Optionally, in a possible implementation manner of the first aspect, the encrypting, by the user devices of the multiple user sides, the power data based on the respective first user public keys to obtain an encrypted data packet, and uploading the encrypted data packet to the cloud server includes:
user equipment of user side generates random numberrData are processed by the following formulamThe encryption is carried out by the user,
wherein
To datamThe encrypted, encrypted data packet is then transmitted to the host,
is the first cipher text and is the second cipher text,
in the form of the second cipher text,ein the form of a bilinear function, the function,
is a randomly selected prime number in the set G.
Optionally, in a possible implementation manner of the first aspect, the obtaining, by the service device on the service side, a re-encryption key based on the access request, and performing decryption processing on the encrypted data based on the re-encryption key to obtain plaintext power data includes:
the re-encrypted ciphertext is calculated by the following formula,
wherein the content of the first and second substances,
as datamThe re-encrypted ciphertext of (a) may,
is a third ciphertext;
data were obtained by the following formulam,
Wherein the content of the first and second substances,
is plaintext power data.
Optionally, in a possible implementation manner of the first aspect, the sending, by the service device on the service side, a data request to the cloud server based on the received access request, and the selecting, by the cloud server, corresponding encrypted data to send to the service device on the service side based on the data request includes:
the cloud server acquires a user tag in the data request, and determines a data storage unit corresponding to the encrypted data table based on the user tag;
and selecting corresponding encrypted data in the data storage unit and sending the encrypted data to service equipment at a service side, wherein the encrypted data table comprises a corresponding relation between a user tag and the data storage unit.
Optionally, in a possible implementation manner of the first aspect, the method further includes:
acquiring the selected times of the corresponding encrypted data in each data storage unit to obtain encrypted time information, and sequencing the encrypted time information corresponding to all the data storage units according to a bubbling algorithm to obtain a first bubbling sequencing result;
acquiring a user tag corresponding to each data storage unit in the first bubbling sequencing result, and sequencing the user tags corresponding to each data storage unit according to the first bubbling sequencing result to obtain a second bubbling sequencing result;
sequencing the user tags in the encrypted data table based on the second bubbling sequencing result to obtain an updated encrypted data table;
and sequencing the user tags in the re-encryption table based on the updated encryption data table to obtain an updated re-encryption table.
Optionally, in a possible implementation manner of the first aspect, sorting the user tags in the encrypted data table based on the second bubble sorting result to obtain an updated encrypted data table includes:
acquiring a first sorting sequence of all user tags in a second bubbling sorting result, and adjusting the current sorting of the user tags in the encrypted data table at the current moment to a second sorting sequence to obtain an updated encrypted data table, wherein the second sorting sequence is the same as the user tag sequence in the first sorting sequence;
the step of sequencing the user tags in the re-encryption table based on the updated encryption data table to obtain an updated re-encryption table comprises the following steps:
and acquiring a second sorting sequence of all the user tags in the updated encrypted data table, and adjusting the current sorting of the user tags in the re-encryption table at the current time to a third sorting sequence to obtain an updated re-encryption table, wherein the third sorting sequence is the same as the user tag sequence in the second sorting sequence.
Optionally, in a possible implementation manner of the first aspect, obtaining the selected number of times that the corresponding encrypted data in each data storage unit is obtained to obtain the encryption number information, and sorting the encryption number information corresponding to all the data storage units according to a bubble algorithm to obtain the first bubble sorting result includes:
judging that the administrator inputs a label sorting weight value, correcting the encryption frequency information according to the label sorting weight value by the following formula to obtain corrected encryption frequency information,
wherein the content of the first and second substances,Zthe weight values are sorted for the tags and,
for the number of times corresponding to the corrected encryption number information,
the number of times corresponding to the encryption number information before correction,
the first of the adjusted weights is used to adjust,
the weights are adjusted for the second.
In a second aspect of the embodiments of the present invention, a system for acquiring user-side data of a 5G smart grid based on proxy re-encryption is provided, in which a user device, a service device, and a cloud server are preset, the user device, the service device, and the cloud server are respectively connected through a 5G communication link, and the user-side data is acquired through the following modules:
the public and private key generation module is used for enabling the user equipment on the multiple user sides to generate a first user public key and a first user private key based on the user identity ID, and the service equipment on the service side generates a first power supply public key and a first power supply private key based on the power supply identity ID;
the re-encryption key generation module is used for enabling the service equipment at the service side to generate first conversion keys based on the first power supply private key and then respectively send the first conversion keys to a plurality of user sides, the user equipment at the user side obtains re-encryption keys based on the first user private key and the first conversion keys, and the user equipment at the plurality of user sides respectively send the respective re-encryption keys to the service equipment at the service side;
the re-encryption table generating module is used for enabling the service equipment at the service side to generate a re-encryption table based on the received re-encryption key, and the re-encryption table comprises the corresponding relation between the user tag of each piece of user equipment and the re-encryption key;
the system comprises an encrypted data table generating module, a cloud server and a data processing module, wherein the encrypted data table generating module is used for enabling user equipment on a plurality of user sides to encrypt electric power data based on respective first user public keys to obtain encrypted data packets, uploading the encrypted data packets to the cloud server, the cloud server generates an encrypted data table based on the received encrypted data packets, and the encrypted data table comprises the corresponding relation between a user tag of each user equipment and encrypted data;
the decryption module is used for enabling the service equipment at the service side to send a data request to the cloud server based on the received access request, the cloud server selects corresponding encrypted data to send to the service equipment at the service side based on the data request, the service equipment at the service side obtains a re-encryption key based on the access request, and the encrypted data is decrypted based on the re-encryption key to obtain plaintext electric power data.
In a third aspect of the embodiments of the present invention, a readable storage medium is provided, in which a computer program is stored, which, when being executed by a processor, is adapted to carry out the method according to the first aspect of the present invention and various possible designs of the first aspect of the present invention.
The 5G smart grid user side data acquisition method based on proxy re-encryption can respectively generate corresponding public and private keys according to the user identity ID and the power supply identity ID, the user equipment can generate a re-encryption key according to the first conversion key at the service equipment, and the re-encryption key at the moment is fused with the keys at the service equipment and the user equipment, so that the service equipment can finish the decryption of encrypted data of each user equipment based on the re-encryption key. The service equipment does not directly receive the encrypted data sent by the user equipment, but transmits the required encrypted data through the cloud server, so that the service equipment does not store a large amount of data, and the encrypted data stored in the cloud server can be called as required. According to the invention, a proxy re-encryption mode is adopted, so that the cloud server cannot decrypt the encrypted data, and the cloud server only can play a role in storing the encrypted data, thereby effectively improving the confidentiality and the usability.
The cloud server manages the encrypted data of each user device in the form of the encrypted data table, and the service device at the service side manages the re-encryption key of each user device in the form of the re-encryption table, so that the service device in the invention can call the re-encryption key in the re-encryption table as required, and the cloud server calls the encrypted data to send to the service device as required. The method is easy to enable the service equipment to flexibly obtain the encrypted data to be processed, and the local part of the service equipment does not store a large amount of encrypted data, so that the method and the system provided by the invention have stronger robustness and practicability.
The method and the device can sequence the encrypted data table and the user tags in the re-encryption table according to the use habit of the service equipment, so that the re-encryption key and the encrypted data can be quickly positioned when the re-encryption key and the encrypted data are obtained in a traversing manner, the data processing amount when the re-encryption key and the encrypted data are obtained is reduced, and the efficiency of obtaining the re-encryption key and the encrypted data is improved. When the user tags in the encrypted data table and the re-encrypted table are updated and sorted, the times that the encrypted data corresponding to each user tag is selected are considered, and the tag sorting weight value actually input by the user is also considered, so that the cloud server and the service equipment can more preferentially traverse the encrypted data table and the re-encrypted table at the next moment, and the corresponding encrypted data and the re-encrypted key are obtained. And the data acquisition and decryption efficiency is improved.
Drawings
FIG. 1 is a schematic diagram of an application scenario of a 5G smart grid user-side data acquisition method based on proxy re-encryption;
FIG. 2 is a flowchart of a first embodiment of a 5G smart grid user-side data acquisition method based on proxy re-encryption;
FIG. 3 is a schematic diagram of data transmission between a user and a power supply company;
FIG. 4 is a flowchart of a second embodiment of a 5G smart grid user-side data acquisition method based on proxy re-encryption;
fig. 5 is a flowchart of a first embodiment of a 5G smart grid user-side data acquisition device based on proxy re-encryption.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein.
It should be understood that, in the various embodiments of the present invention, the sequence numbers of the processes do not mean the execution sequence, and the execution sequence of the processes should be determined by the functions and the internal logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
It should be understood that in the present application, "comprising" and "having" and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that, in the present invention, "a plurality" means two or more. "and/or" is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "comprises A, B and C" and "comprises A, B, C" means that A, B, C all comprise, "comprises A, B or C" means comprise one of A, B, C, "comprises A, B and/or C" means comprise any 1 or any 2 or 3 of A, B, C.
It should be understood that in the present invention, "B corresponding to a", "a corresponds to B", or "B corresponds to a" means that B is associated with a, and B can be determined from a. Determining B from a does not mean determining B from a alone, but may be determined from a and/or other information. And the matching of A and B means that the similarity of A and B is greater than or equal to a preset threshold value.
As used herein, "if" may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context.
The technical solution of the present invention will be described in detail below with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
As shown in fig. 1, a schematic view of one applicable scenario of the method for acquiring data at the user side of the 5G smart grid based on proxy re-encryption provided by the present invention is provided, and the present invention may be used for data transmission based on an application scenario of the 5G smart grid.
The method comprises the steps that user equipment, service equipment and a cloud server are preset, the user equipment, the service equipment and the cloud server are respectively connected through a 5G communication link, and the user equipment can be multiple.
The user device may be understood as a device provided at an enterprise and a user, and the device provided at the enterprise can acquire respective power data. The user equipment at the user can upload the ciphertext, namely, the power data is encrypted and uploaded.
The service device can be understood as a device set in a department with official management authority, and the service device can acquire power data of one or more enterprises according to needs. The service device of the power supply company can perform the operation of downloading the ciphertext, namely downloading the encrypted power data.
The cloud server can be provided by a third-party server mechanism and also can be erected by official management, the electric power data encrypted by the user equipment can be stored through the cloud server, the storage pressure at the service equipment is prevented from being too large, and the service equipment can call the electric power data stored in the cloud server in advance as required. The department with official administrative authority may be a power supply company.
The invention provides a 5G smart grid user side data acquisition method based on proxy re-encryption, which acquires user side data through the following steps, as shown in FIG. 2, and comprises the following steps:
step S110, the user equipment on the multiple user sides generates a first user public key and a first user private key based on the user identity ID, and the service equipment on the service side generates a first power supply public key and a first power supply private key based on the power supply identity ID. The user identity ID and the power supply identity ID can be preset, and can be a string of numbers or a string of characters consisting of numbers and letters. The specific form of the user ID and the power supply ID is not limited in any way.
In one possible implementation manner of step S110, the technical solution provided by the present invention, step S110 specifically includes:
presetting a set G of generators, wherein the set G has a plurality of G orders,
And (3) randomly selecting a prime number p in the set G for the prime number of the bit, and obtaining a random number S according to the hash function H and the prime number p. The invention can preset the set G of the generating element, and the user equipment at the user side and the service equipment at the service side can respectively have the respective set G or share the same set G. The random number is obtained from the set G.
Obtaining a user identity ID, obtaining a first user private key and a first user public key through the following formula,
wherein the content of the first and second substances,
is the first user's private key and,
for the purpose of the user identity ID,
is the public key of the first user,
is a randomly selected prime number in the set G. The invention obtains the first user private key through the Hash function H and the user identity ID, and obtains the first user according to the first user private key and the randomly selected prime numberA public key.
Acquiring a power supply identity ID, obtaining a first power supply private key and a first power supply public key through the following formula,
wherein the content of the first and second substances,
for the first power supply private key,
in order to supply the power identity ID,
for the first public key of the power supply,
is a randomly selected prime number in the set G. According to the invention, a first power supply private key is obtained through a hash function H and a power supply identity ID, and a first power supply public key is obtained according to the first power supply private key and a randomly selected prime number. Wherein the content of the first and second substances,
can be equal to
。
In another possible implementation manner of step S110, as shown in fig. 3, step S110 specifically includes:
firstly, initializing system parameters, and creating a random value of g order
Prime number of bitspAs a set G of generators. Selecting a hash function
Generate, generateRandom number
。
The intelligent power consumption user performs Hash operation on the identity ID of the intelligent power consumption user, and firstly creates a private key of the intelligent power consumption user
。
User calculates public key by using private key created by user
,
。
The power supply company performs Hash operation on the own identity ID to create a private key
。
Power company calculates public key using private key created by power company
,
. Wherein the content of the first and second substances,
can be equal to
。
Step S120, the service device at the service side generates a first conversion key based on the first power supply private key and then sends the first conversion key to the plurality of user sides, the user device at the user side obtains a re-encryption key based on the first user private key and the first conversion key, and the user devices at the plurality of user sides send the re-encryption keys to the service device at the service side.
In one possible implementation manner of step S120, the technical solution provided by the present invention, step S120 specifically includes:
obtaining random numbershObtaining a first conversion key and a re-encryption key by the following formulas,
wherein, the first and the second end of the pipe are connected with each other,tis a first conversion key for the first time,
is a re-encryption key. The invention may be based on random numbershAnd the first power supply public key obtains a first conversion key, and a re-encryption key generated at the user equipment is obtained according to the first conversion key and the first user private key.
In another possible implementation manner of step S120, the technical solution provided by the present invention, step S120 specifically includes:
power company random selectionh,Computing
. The power supply company willtAnd sending the data to the user. User receivestPost-computation re-encryption key
. The user will
And sending the data to the power supply company in a trusted mode.
Step S130, the service device at the service side generates a re-encryption table based on the received re-encryption key, wherein the re-encryption table comprises the corresponding relation between the user tag of each user device and the re-encryption key.
According to the technical scheme provided by the invention, as the power data obtained by the user equipment of a plurality of users needs to be encrypted, a plurality of re-encryption keys can be obtained. In order to manage the re-encryption key more conveniently, the re-encryption table is generated by the re-encryption key which is sent to the power supply company by the service equipment in a trusted mode, wherein the trusted mode can be that data transmission is carried out by a private channel or that data transmission is realized by manually carrying a storage medium. The re-encryption table provided by the invention has the corresponding relation between the user tag of each user equipment and the re-encryption key, namely, the re-encryption key corresponding to the corresponding user can be selected through the user tag.
Step S140, the user devices of the multiple user sides encrypt the power data based on the respective first user public keys to obtain encrypted data packets, and upload the encrypted data packets to the cloud server, where the cloud server generates an encrypted data table based on the received encrypted data packets, and the encrypted data table includes a correspondence relationship between the user tag of each user device and the encrypted data. The power data are encrypted by each user device based on the respective first user public key to obtain an encrypted data packet, the cloud server manages the encrypted data packet of each user device conveniently, and the cloud server generates a corresponding encrypted data table.
In one possible implementation manner of step S140, the technical solution provided by the present invention, step S140 specifically includes:
user equipment of user side generates random numberrData are processed by the following formulamThe encryption is carried out by the user,
wherein
To datamThe encrypted, encrypted data packet is then transmitted to the host,
is as followsA ciphertext of the message is encrypted,
in the form of the second cipher text,ein the form of a bilinear function, the function,
is a randomly selected prime number in the set G. The invention abstracts the power data required to be encrypted into datam,
Is the datamThe encrypted data packet provided by the invention comprises at least two ciphertexts, namely a first cipher text and a second cipher text, wherein the first cipher text is used for encrypting the data packet
With the first user's private key, random numberrThere is a relationship between the second ciphertext and the datamRandom number of
Randomly selected prime numbershCorrelation and the second ciphertext may be computed in a bilinear mapping. Random number in the present invention
Random number of
And random number
May be the same. The random number referred to in the present invention is understood to be a randomly selected prime number in the set G.
In another possible implementation manner of step S140, the technical solution provided by the present invention, step S140 specifically includes:
first user generates random numberr. User uses own public key to encrypt datamTo obtain
WhereineIs a bilinear map. The user will
And uploading to a cloud server.
Step S150, the service equipment at the service side sends a data request to the cloud server based on the received access request, the cloud server selects corresponding encrypted data based on the data request and sends the corresponding encrypted data to the service equipment at the service side, the service equipment at the service side obtains a re-encryption key based on the access request, and the encrypted data are decrypted based on the re-encryption key to obtain plaintext electric power data.
The administrator on the service side sends an access request to the service device on the service side according to actual needs, and the purpose of the access request is to access the power data sent by a certain user device. The access request may have a user tag in it that the administrator wants to access a certain user device.
And the cloud server selects corresponding encrypted data to be sent to the service equipment at the service side based on the user tag in the data request. And the service equipment at the service side acquires the re-encryption key based on the user label in the access request. The data requests and access requests in the present invention occur in pairs, it being understood that each data request is derived from an access request, and each paired data request and access request have the same user tag.
In one possible implementation manner of step S150, step S140 specifically includes:
the re-encrypted ciphertext is calculated by the following formula,
wherein the content of the first and second substances,
as data
The re-encrypted ciphertext of (a) may,
is the third ciphertext. The service equipment in the invention can obtain the third text secret according to the re-encryption key, and further obtain the re-encrypted ciphertext
。
Data were obtained by the following formulam,
Wherein the content of the first and second substances,
is plain text power data. Due to the fact that
Therefore, the invention can be based on
Obtaining plaintext power datam。
In another possible implementation manner of step S150, step S140 specifically includes:
power supply company downloads ciphertext from cloud server
. Power supply company computing re-encrypted ciphertext
. The power supply company decrypts the re-encrypted ciphertext to obtain user data
. Due to the fact that
Therefore, it is
。
In one possible implementation manner of step S150, as shown in fig. 4, step S150 specifically includes:
step S1501, the cloud server obtains a user tag in the data request, and determines a data storage unit corresponding to the encrypted data table based on the user tag. The cloud server provided by the invention can select the data storage unit corresponding to the encrypted data table according to the user tag in the data request, so that the encrypted power data which needs to be accessed by the management equipment is stored in the selected data storage unit.
Step S1502 selects corresponding encrypted data in the data storage unit to send to a service device on the service side, where the encrypted data table includes a corresponding relationship between a user tag and the data storage unit. After the corresponding data storage unit is determined, the encrypted data stored in the determined data storage unit is selected and sent to the service equipment at the service side, so that the service equipment can obtain the encrypted power data which is required to be accessed.
According to the data storage method and device, the corresponding relation between the user tags and the data storage units is set in the encrypted data table, so that the cloud server can select the corresponding data storage units according to the user tags in the data request.
The technical scheme provided by the invention further comprises the following steps:
and acquiring the selected times of the corresponding encrypted data in each data storage unit to obtain encryption time information, and sequencing the encryption time information corresponding to all the data storage units according to a bubble algorithm to obtain a first bubble sequencing result. The heat of the encrypted data stored in each data storage unit can be reflected by the selected times of the corresponding encrypted data in each data storage unit, and the encrypted data with higher heat has higher probability of being selected. The encryption times information corresponding to all the data storage units is sorted according to the bubble algorithm, and the sorting mode can be a descending mode, namely in the first bubble sorting result, the corresponding encryption data in the data storage unit with the highest selected times is sorted at the first position in the first bubble sorting result.
And obtaining a user tag corresponding to each data storage unit in the first bubbling sequencing result, and sequencing the user tags corresponding to each data storage unit according to the first bubbling sequencing result to obtain a second bubbling sequencing result. According to the technical scheme provided by the invention, the user label corresponding to each data storage unit in the first bubbling sequencing result is obtained, and the second bubbling sequencing result is obtained. It can be understood that the sort in the first bubble sort result is a sort result of the data storage unit, the encrypted data, and the sort in the second bubble sort result is a sort result of the user tag.
And sequencing the user tags in the encrypted data table based on the second bubbling sequencing result to obtain an updated encrypted data table. The cloud server sorts the user tags in the encrypted data table according to the second bubbling sorting result, and updates the encrypted data table.
After receiving the data request, the cloud server can preferentially traverse the user tags with higher heat in the encrypted data table and the corresponding data storage units, so that the data processing amount and the calculation amount of the cloud server for acquiring the data storage units are reduced, and the efficiency of the cloud server for acquiring the data storage units is improved.
And sequencing the user tags in the re-encryption table based on the updated encryption data table to obtain an updated re-encryption table. The service equipment in the invention can sequence the user tags in the re-encryption table according to the updated encryption data table, and further update the user tags in the re-encryption table.
After receiving the access request, the service equipment preferentially traverses the user tags with higher heat in the re-encryption table and the corresponding re-encryption keys, so that the data processing amount and the calculation amount of the re-encryption keys acquired by the service equipment are reduced, and the efficiency of acquiring the re-encryption keys by the service equipment is improved.
In the technical scheme provided by the invention, the ordering the user tags in the encrypted data table based on the second bubble ordering result to obtain an updated encrypted data table comprises the following steps:
and acquiring a first sequencing sequence of all the user tags in a second bubble sequencing result, and adjusting the current sequencing of the user tags in the encrypted data table at the current moment to a second sequencing sequence to obtain an updated encrypted data table, wherein the second sequencing sequence is the same as the sequence of the user tags in the first sequencing sequence.
According to the invention, the current sorting of the user tags in the encrypted data table at the current time is adjusted to be the second sorting order according to the first sorting order of the user tags in the second bubble sorting result, for example, 3 tags are provided, the 3 tags are respectively tag 1, tag 2 and tag 3, the first sorting order is tag 3, tag 2 and tag 1, the current sorting order is tag 1, tag 2 and tag 3, and the adjusted second sorting order is tag 3, tag 2 and tag 1. At this time, the user tags in the encrypted data table and the data storage units corresponding to the user tags are the sorting order of the tags 3, the tags 2 and the tags 1.
In the technical scheme provided by the invention, the step of sequencing the user tags in the re-encryption table based on the updated encryption data table to obtain the updated re-encryption table comprises the following steps:
and acquiring a second sorting sequence of all the user tags in the updated encrypted data table, and adjusting the current sorting of the user tags in the re-encryption table at the current time to a third sorting sequence to obtain an updated re-encryption table, wherein the third sorting sequence is the same as the user tag sequence in the second sorting sequence.
The invention can adjust the current sequence of the user tags in the re-encryption table at the current moment into a third sequence according to the second sequence of all the user tags in the updated encryption data table. For example, there are 3 tags, where the 3 tags are tag 1, tag 2, and tag 3, the second sorting order is tag 3, tag 2, and tag 1, the current sorting order of the user tags in the re-encryption table at the current time is tag 1, tag 2, and tag 3, and the adjusted third sorting order is tag 3, tag 2, and tag 1. At this time, the user tag in the re-encryption table and the re-encryption key corresponding to the user tag are the sequencing order of the tag 3, the tag 2 and the tag 1.
The technical scheme provided by the invention includes that the selected times of the corresponding encrypted data in each data storage unit are obtained to obtain the encrypted times information, and the encrypted times information corresponding to all the data storage units are sequenced according to the bubbling algorithm to obtain a first bubbling sequencing result, and the method comprises the following steps:
judging that the administrator inputs a label sorting weight value, correcting the encryption frequency information according to the label sorting weight value by the following formula to obtain corrected encryption frequency information,
wherein the content of the first and second substances,Zthe tag is sorted into a weight value,
for the number of times corresponding to the corrected encryption number information,
the number of times corresponding to the encryption number information before correction,
the weight is adjusted in a first way in such a way that,
the weights are adjusted for the second. After the encryption frequency information is obtained by obtaining the selected times of the encrypted data, the encryption frequency information is corrected according to the label sequencing weight value input by the user, so that the corrected encryption frequency information can refer to each encrypted data and each data storage unit and can be usedThe number of times that the user tag is selected when the encrypted data is called can refer to a tag sorting weight value input by an administrator actively, and the administrator can configure corresponding tag sorting weight values for each user tag and the power data according to different requirements for the power data in the future, so that the encrypted number information is corrected. And the cloud server and the service equipment are further enabled to traverse the encrypted data table and the re-encryption table with tendency at the next moment to obtain corresponding encrypted data and re-encryption keys. And the data acquisition and decryption efficiency is improved.
The technical scheme provided by the invention is that as shown in fig. 5, the invention provides a 5G smart grid user side data acquisition system based on proxy re-encryption, which presets user equipment, service equipment and a cloud server, wherein the user equipment, the service equipment and the cloud server are respectively connected by a 5G communication link, and the user side data is acquired through the following modules:
the public and private key generation module is used for enabling the user equipment on the multiple user sides to generate a first user public key and a first user private key based on the user identity ID, and the service equipment on the service side generates a first power supply public key and a first power supply private key based on the power supply identity ID;
the re-encryption key generation module is used for enabling the service equipment at the service side to generate first conversion keys based on the first power supply private key and then respectively send the first conversion keys to a plurality of user sides, the user equipment at the user side obtains re-encryption keys based on the first user private key and the first conversion keys, and the user equipment at the plurality of user sides respectively send the respective re-encryption keys to the service equipment at the service side;
the re-encryption table generating module is used for enabling the service equipment at the service side to generate a re-encryption table based on the received re-encryption key, and the re-encryption table comprises the corresponding relation between the user tag of each piece of user equipment and the re-encryption key;
the system comprises an encrypted data table generating module, a cloud server and a data processing module, wherein the encrypted data table generating module is used for enabling user equipment on a plurality of user sides to encrypt electric power data based on respective first user public keys to obtain encrypted data packets, uploading the encrypted data packets to the cloud server, the cloud server generates an encrypted data table based on the received encrypted data packets, and the encrypted data table comprises the corresponding relation between a user tag of each user equipment and encrypted data;
the decryption module is used for enabling the service equipment at the service side to send a data request to the cloud server based on the received access request, the cloud server selects corresponding encrypted data to send to the service equipment at the service side based on the data request, the service equipment at the service side obtains a re-encryption key based on the access request, and the encrypted data is decrypted based on the re-encryption key to obtain plaintext electric power data.
The readable storage medium may be a computer storage medium or a communication medium. Communication media includes any medium that facilitates transfer of a computer program from one place to another. Computer storage media may be any available media that can be accessed by a general purpose or special purpose computer. For example, a readable storage medium is coupled to the processor such that the processor can read information from, and write information to, the readable storage medium. Of course, the readable storage medium may also be an integral part of the processor. The processor and the readable storage medium may reside in an Application Specific Integrated Circuits (ASIC). Additionally, the ASIC may reside in user equipment. Of course, the processor and the readable storage medium may also reside as discrete components in a communication device. The readable storage medium may be a read-only memory (ROM), a random-access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
The present invention also provides a program product comprising execution instructions stored in a readable storage medium. The at least one processor of the device may read the execution instructions from the readable storage medium, and the execution of the execution instructions by the at least one processor causes the device to implement the methods provided by the various embodiments described above.
In the above embodiments of the terminal or the server, it should be understood that the Processor may be a Central Processing Unit (CPU), other general-purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of the hardware and software modules within the processor.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. The 5G smart grid user side data acquisition method based on proxy re-encryption is characterized in that user equipment, service equipment and a cloud server are preset, the user equipment, the service equipment and the cloud server are respectively connected through a 5G communication link, and user side data are acquired through the following steps:
the method comprises the steps that a plurality of user devices generate a first user public key and a first user private key based on user identity IDs, and service devices generate a first power supply public key and a first power supply private key based on power supply identity IDs;
the service equipment generates a first conversion key based on the first power supply private key and then respectively sends the first conversion key to a plurality of user sides, the user equipment obtains a re-encryption key based on the first user private key and the first conversion key, and the user equipment respectively sends the re-encryption key to the service equipment;
the service equipment generates a re-encryption table based on the received re-encryption key, wherein the re-encryption table comprises the corresponding relation between the user tag of each user equipment and the re-encryption key;
the method comprises the steps that a plurality of user devices encrypt electric power data based on respective first user public keys to obtain encrypted data packets, the encrypted data packets are uploaded to a cloud server, the cloud server generates an encrypted data table based on the received encrypted data packets, and the encrypted data table comprises the corresponding relation between a user tag of each user device and encrypted data;
the service equipment sends a data request to a cloud server based on the received access request, the cloud server selects corresponding encrypted data based on the data request and sends the encrypted data to the service equipment, the service equipment obtains a re-encryption key based on the access request, and the encrypted data is decrypted based on the re-encryption key to obtain plaintext electric power data.
2. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 1,
the method for generating the first user public key and the first user private key by the user equipment on the multiple user sides based on the user identity ID, and the method for generating the first power supply public key and the first power supply private key by the service equipment on the service side based on the power supply identity ID comprises the following steps:
presetting a set G of generators, wherein the set G has a plurality of G orders,
Randomly selecting a prime number p in the set G according to the prime number of the bit, and obtaining a random number s according to the hash function H and the prime number p;
obtaining a user identity ID, obtaining a first user private key and a first user public key through the following formula,
wherein the content of the first and second substances,
is the first user's private key and,
for the purpose of the user identity ID,
is the public key of the first user,
randomly selecting prime numbers in the set G;
acquiring a power supply identity ID, obtaining a first power supply private key and a first power supply public key through the following formula,
wherein, the first and the second end of the pipe are connected with each other,
for the first power supply private key,
in order to supply the power identity ID,
for the first public key of the power supply,
is a randomly selected prime number in the set G.
3. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 2,
the service equipment at the service side generates first conversion keys based on the first power supply private key and then respectively sends the first conversion keys to a plurality of user sides, and the step of obtaining the re-encryption key by the user equipment at the user side based on the first user private key and the first conversion keys comprises the following steps:
obtaining random numbershObtaining a first conversion key and a re-encryption key by the following formulas,
wherein the content of the first and second substances,tis a first conversion key, which is a second conversion key,
is a re-encryption key.
4. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 3,
the method comprises the following steps that the user equipment of a plurality of user sides encrypts power data based on respective first user public keys to obtain encrypted data packets, and uploading the encrypted data packets to a cloud server comprises the following steps:
user equipment of user side generates random numberrData are processed by the following formulamThe encryption is carried out by the user,
wherein
To datamThe encrypted, encrypted data packet is then transmitted to the host,
is the first cipher text and is the second cipher text,
in the form of the second cipher text,ein the form of a bilinear function, the function,
is set GOf the random prime numbers.
5. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 4,
the service equipment at the service side acquires a re-encryption key based on the access request, and the decrypting the encrypted data based on the re-encryption key to obtain plaintext power data comprises the following steps:
the re-encrypted ciphertext is calculated by the following formula,
wherein, the first and the second end of the pipe are connected with each other,
as datamThe re-encrypted ciphertext of (a) may,
is a third ciphertext;
data were obtained by the following formulam,
Wherein the content of the first and second substances,
is plaintext power data.
6. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 1,
the method comprises the following steps that the service equipment at the service side sends a data request to the cloud server based on a received access request, and the cloud server selects corresponding encrypted data based on the data request and sends the encrypted data to the service equipment at the service side, wherein the data request comprises the following steps:
the cloud server acquires a user tag in the data request, and determines a data storage unit corresponding to the encrypted data table based on the user tag;
and selecting corresponding encrypted data in the data storage unit and sending the encrypted data to service equipment at a service side, wherein the encrypted data table comprises a corresponding relation between a user tag and the data storage unit.
7. The 5G smart grid user-side data acquisition method based on proxy re-encryption as claimed in claim 6, further comprising:
acquiring the selected times of the corresponding encrypted data in each data storage unit to obtain encrypted time information, and sequencing the encrypted time information corresponding to all the data storage units according to a bubbling algorithm to obtain a first bubbling sequencing result;
obtaining a user tag corresponding to each data storage unit in the first bubble sorting result, and sorting the user tags corresponding to each data storage unit according to the first bubble sorting result to obtain a second bubble sorting result;
sequencing the user tags in the encrypted data table based on the second bubbling sequencing result to obtain an updated encrypted data table;
and sequencing the user tags in the re-encryption table based on the updated encryption data table to obtain an updated re-encryption table.
8. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 7,
sequencing the user tags in the encrypted data table based on the second bubble sequencing result to obtain an updated encrypted data table, wherein the sequencing comprises the following steps:
acquiring a first sorting sequence of all user tags in a second bubble sorting result, and adjusting the current sorting of the user tags in the encrypted data table at the current moment to a second sorting sequence to obtain an updated encrypted data table, wherein the second sorting sequence is the same as the user tag sequence in the first sorting sequence;
the step of sequencing the user tags in the re-encryption table based on the updated encryption data table to obtain an updated re-encryption table comprises the following steps:
and acquiring a second sorting sequence of all the user tags in the updated encrypted data table, and adjusting the current sorting of the user tags in the re-encryption table at the current time to a third sorting sequence to obtain an updated re-encryption table, wherein the third sorting sequence is the same as the user tag sequence in the second sorting sequence.
9. The 5G smart grid user-side data acquisition method based on proxy re-encryption according to claim 7,
acquiring the selected times of the corresponding encrypted data in each data storage unit to obtain encryption time information, and sequencing the encryption time information corresponding to all the data storage units according to a bubble algorithm to obtain a first bubble sequencing result, wherein the first bubble sequencing result comprises the following steps:
judging that the administrator inputs a label sorting weight value, correcting the encryption frequency information according to the label sorting weight value by the following formula to obtain corrected encryption frequency information,
wherein the content of the first and second substances,Zthe weight values are sorted for the tags and,
for the number of times corresponding to the corrected encryption number information,
the number of times corresponding to the encryption number information before correction,
the weight is adjusted in a first way in such a way that,
the weights are adjusted for the second.
10. 5G smart power grids user side data acquisition system based on agent is encrypted again, its characterized in that sets up user equipment, service equipment and high in the clouds server in advance, and user equipment, service equipment and high in the clouds server are connected through 5G communication link respectively, acquire user side data through following module, include:
the public and private key generation module is used for enabling user equipment on multiple user sides to generate a first user public key and a first user private key based on the user identity ID, and the service equipment on the service side generates a first power supply public key and a first power supply private key based on the power supply identity ID;
the re-encryption key generation module is used for enabling the service equipment at the service side to generate first conversion keys based on the first power supply private key and then respectively send the first conversion keys to a plurality of user sides, the user equipment at the user side obtains re-encryption keys based on the first user private key and the first conversion keys, and the user equipment at the plurality of user sides respectively send the respective re-encryption keys to the service equipment at the service side;
the re-encryption table generating module is used for enabling the service equipment at the service side to generate a re-encryption table based on the received re-encryption key, and the re-encryption table comprises the corresponding relation between the user tag of each piece of user equipment and the re-encryption key;
the system comprises an encrypted data table generating module, a cloud server and a data processing module, wherein the encrypted data table generating module is used for enabling user equipment on a plurality of user sides to encrypt electric power data based on respective first user public keys to obtain encrypted data packets, uploading the encrypted data packets to the cloud server, the cloud server generates an encrypted data table based on the received encrypted data packets, and the encrypted data table comprises the corresponding relation between a user tag of each user equipment and encrypted data;
the decryption module is used for enabling the service equipment at the service side to send a data request to the cloud server based on the received access request, the cloud server selects corresponding encrypted data based on the data request and sends the corresponding encrypted data to the service equipment at the service side, the service equipment at the service side obtains a re-encryption key based on the access request, and the encrypted data are decrypted based on the re-encryption key to obtain plaintext electric power data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210084095.4A CN114125831B (en) | 2022-01-25 | 2022-01-25 | 5G smart grid user side data acquisition method and system based on proxy re-encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210084095.4A CN114125831B (en) | 2022-01-25 | 2022-01-25 | 5G smart grid user side data acquisition method and system based on proxy re-encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114125831A CN114125831A (en) | 2022-03-01 |
| CN114125831B true CN114125831B (en) | 2022-05-03 |
Family
ID=80360994
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210084095.4A Active CN114125831B (en) | 2022-01-25 | 2022-01-25 | 5G smart grid user side data acquisition method and system based on proxy re-encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114125831B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115913787B (en) * | 2023-02-16 | 2023-05-16 | 国网浙江省电力有限公司 | File encryption and decryption transmission method suitable for electric power data |
| CN116579005B (en) * | 2023-07-10 | 2023-09-19 | 西安银信博锐信息科技有限公司 | User data safety storage management method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109660555A (en) * | 2019-01-09 | 2019-04-19 | 上海交通大学 | Content safety sharing method and system based on proxy re-encryption |
| CN112865955A (en) * | 2021-01-20 | 2021-05-28 | 深圳技术大学 | Multi-receiver proxy re-encryption method, system, electronic device and storage medium |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8873754B2 (en) * | 2011-12-20 | 2014-10-28 | Huawei Technologies Co., Ltd. | Proxy-based encryption method, proxy-based decryption method, network equipment, network device and system |
| EP2884690A4 (en) * | 2012-08-08 | 2016-03-09 | Toshiba Kk | Re-encryption key generation device, re-encryption device, encryption device, decryption device, and program |
| JP5395938B1 (en) * | 2012-09-25 | 2014-01-22 | 株式会社東芝 | Cooperation service providing system and server device |
| US10277563B2 (en) * | 2016-06-17 | 2019-04-30 | Palo Alto Research Center Incorporated | Computer-implemented system and method for protecting sensitive data via data re-encryption |
| CN109802947A (en) * | 2018-12-27 | 2019-05-24 | 石更箭数据科技(上海)有限公司 | Data processing method, equipment and transaction system |
| CN111541678A (en) * | 2020-04-17 | 2020-08-14 | 上海朝夕网络技术有限公司 | Block chain-based proxy re-encryption method, system and storage medium |
| CN111786786A (en) * | 2020-07-27 | 2020-10-16 | 国网河南省电力公司郑州供电公司 | Agent re-encryption method and system supporting equation judgment in cloud computing environment |
| CN113254981B (en) * | 2021-07-07 | 2021-10-29 | 南京区盟链信息科技有限公司 | Post-quantum-safe outsourcing privacy data publishing method and system |
| CN113961959A (en) * | 2021-11-26 | 2022-01-21 | 北京航空航天大学 | Proxy re-encryption method and system for data sharing community |
-
2022
- 2022-01-25 CN CN202210084095.4A patent/CN114125831B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109660555A (en) * | 2019-01-09 | 2019-04-19 | 上海交通大学 | Content safety sharing method and system based on proxy re-encryption |
| CN112865955A (en) * | 2021-01-20 | 2021-05-28 | 深圳技术大学 | Multi-receiver proxy re-encryption method, system, electronic device and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| Proxy Re-Encryption Schemes with Proxy Having Its Own Public/Private Keys;Ping Wei;《 2010 2nd International Workshop on Database Technology and Applications》;20101128;全文 * |
| 一种可证安全的密钥隔离无证书代理重加密方案;何粒波等;《电子科技大学学报》;20180724(第04期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114125831A (en) | 2022-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Liu et al. | An efficient privacy-preserving outsourced calculation toolkit with multiple keys | |
| US10785019B2 (en) | Data transmission method and apparatus | |
| Liu et al. | Two-factor data security protection mechanism for cloud storage system | |
| Uludag et al. | Secure and scalable data collection with time minimization in the smart grid | |
| CN106487506B (en) | Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption | |
| CN114125831B (en) | 5G smart grid user side data acquisition method and system based on proxy re-encryption | |
| CN105577357B (en) | Smart home data-privacy guard method based on full homomorphic cryptography | |
| CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
| CN108462575B (en) | Uploading data encryption method based on threshold hybrid encryption without trusted center | |
| CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
| JP2004336794A (en) | Method and apparatus for generation of public key based on user-defined id in cryptosystem | |
| CN114528331A (en) | Data query method, device, medium and equipment based on block chain | |
| Senthilkumar et al. | Asymmetric Key Blum-Goldwasser Cryptography for Cloud Services Communication Security | |
| Rangasami et al. | Comparative study of homomorphic encryption methods for secured data operations in cloud computing | |
| CN104992100A (en) | Iris dynamic encryption and decryption system and method for electronic document flowing | |
| Fan et al. | An efficient data protection scheme based on hierarchical ID-based encryption for MQTT | |
| JP2002026892A (en) | Key sharing method, private key generating method, common key generating method, encryption communication method, private key generator, common key generator, encryption communication system and recording medium | |
| Hong et al. | A key-insulated CP-ABE with key exposure accountability for secure data sharing in the cloud | |
| CN108259172B (en) | Ciphertext searching method in cloud storage system | |
| CN115314270A (en) | Power business hierarchical encryption method and communication method based on quantum key | |
| CN112507349A (en) | Data encryption storage, encryption search and application method and related equipment thereof | |
| Kumar | Advanced RSA cryptographic algorithm for improving data security | |
| CN111865578A (en) | SM 2-based multi-receiver public key encryption method | |
| Kanickam et al. | Comparative analysis of hash authentication algorithms and ECC based security algorithms in cloud data | |
| Dodmane | A new hybrid symmetric-key technique to enhance data security of textual information using random number generator |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |