JP2012058852A - Data management device, power consumption amount calculation system and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a power consumption amount calculation technology capable of calculating a total amount of power consumption while protecting privacy by shielding the power consumption amount tallied by each power meter with a meter data management device.SOLUTION: A data management device which is connected to a power meter tallying a power consumption amount of electric equipment and an application server comprises: a reception section to receive a first code message where the power consumption amount tallied by the power meter is encrypted so as to be decodable by the application server; a first calculation section to calculate a code message of a first total amount of the power consumption amount within a prescribed period of time using the first code message; and a sending section to send the code message of the first total amount to the application server.

Description

  Embodiments described herein relate generally to a data management device, a power consumption calculation system, and a program.

  In order to stabilize the quality of electric power when using renewable energy such as sunlight and wind power in addition to conventional power generation such as nuclear power and thermal power, a next-generation power grid (smart grid) has been constructed. In the next-generation power network, a smart meter (referred to as SM) that collects power consumption and a home server that manages electrical products are installed in each home or office. The SM communicates with a meter data management system (MDMS) via a power network. The MDMS receives the power usage amount from the SM of each home or each office at a constant time interval and stores it in the storage server. The Energy Management System (EMS) suppresses the use of power to SM and home servers in each home and office based on the power usage of multiple homes and offices gathered in MDMS. Power control is performed such as requesting such control or controlling charging / discharging of a storage battery connected to a power network (for example, Patent Document 1).

JP 2004-112868 A

  Incidentally, as an application server that is connected to the power network and implements various applications, for example, there is a billing server managed by a provider. Such a billing server performs billing processing based on the power consumption of each home or office gathered in MDMS. When the MDMS receives a request for browsing the power usage amount from the SM, the MDMS discloses information held by the MDMS. Therefore, it is conceivable that MDMS stores the power consumption of each home or office. However, when an MDMS storage server administrator or an unauthorized user who has entered the storage server sees the amount of power used in each home, it is possible to infer whether the home or office is at home, the state of activity, and the like. This leads to privacy infringement.

  One aspect of the present invention is a data management device capable of calculating the total amount of power usage while protecting the privacy by concealing each power usage totaled by each power meter in the meter data management device, and power usage calculation An object is to provide a system and a program.

  A data management device according to an embodiment is a data management device in which a power meter that counts the power usage of an electric device and an application server are connected, and the power usage that is totaled by the power meter is the application server A receiving unit that receives the first ciphertext encrypted in such a manner that it can be decrypted by the first ciphertext, and a first calculating unit that calculates a ciphertext of a first total amount of power consumption within the predetermined time using the first ciphertext And a transmission unit that transmits the first total amount of ciphertext to the application server.

FIG. 1 is a diagram illustrating a configuration of a power usage amount calculation system according to a first embodiment. FIG. 2 is a diagram illustrating a functional configuration of the SM 102a. FIG. 3 is a diagram illustrating a functional configuration of the MDMS 101. FIG. 4 is a diagram illustrating a functional configuration of the EMS 103. FIG. 5 is a diagram illustrating a functional configuration of the accounting server 104. FIG. 6 is a flowchart showing a procedure of processing in which the SM 102a transmits the ciphertext of the power usage amount. FIG. 7 is a flowchart illustrating a procedure of processing in which the MDMS 101 calculates the ciphertext of the first power usage total amount, and the EMS 103 restores the first power usage total amount and performs power control. FIG. 8 is a flowchart showing the procedure of the accounting system process. FIG. 9 is a flowchart illustrating a procedure of browsing request processing.

  Here, first, an outline of the power usage amount calculation system according to the present embodiment will be described. The power usage amount calculation system includes MDMS connected to the SM described above. The SM calculates and stores the ciphertext necessary to restore the input of the application based on the power usage of each home or office according to the privacy information to be protected. These ciphertexts are desirably information that cannot specify privacy information. For example, when the power usage amount per unit time corresponds to the privacy information, the SM calculates a ciphertext from the power usage amount per unit time and transmits it to the MDMS, which is stored by the MDMS. Alternatively, when the place where power is used corresponds to the privacy information, a plurality of ciphertexts are calculated from the power usage amounts respectively counted by a plurality of SMs and transmitted to MDMS, which is stored by MDMS. Privacy information is information that identifies the preference or behavior of an individual or group. Privacy information includes information that identifies an individual or an organization itself. In addition, the privacy information includes information for specifying a preference or behavior tendency of an individual or group even if the individual or group itself is not specified. The determination as to whether the power usage amount per unit time corresponds to the privacy information may be made in advance or dynamically. Further, even when the amount of power used per unit time or the place where power is used does not correspond to the privacy information, the ciphertext may be calculated or stored in the MDMS.

  For example, an application that performs billing processing in proportion to the amount of power used receives an accurate value of the amount of power used by each home or office. In this case, MDMS does not decrypt the encrypted power usage amount, but calculates the encryption result of an accurate value of the total amount (total power usage amount) which is the sum of the power usage amount of each home or office. Thus, the homomorphic encryption described later is used as the encryption method, and the result is stored.

  In the embodiment described below, the power consumption amount in each home in the first unit time is concealed, and the total amount (first power usage total amount) that is the sum of the power consumption amounts in the plurality of homes in the first unit time. And an accounting server using as input the total amount (referred to as the second total power usage amount) that is the sum of the power consumption amounts in each household in the second unit time. To do. The first unit time represents a time interval at which the EMS controls the power network, and is a time interval such as 30 minutes. The second unit time is basically a unit of time for which the billing server performs billing processing, and is usually one month. Moreover, in each embodiment, the electric power consumption in each household is concealed. However, it is not limited to each household, and it is only necessary to conceal the electric power consumption in the aggregation range (aggregation unit) of the smart meter that uses electric power. In this case, “household” in this specification can be read as “aggregation range (aggregation unit)”.

  FIG. 1 is a diagram illustrating a configuration of a power usage amount calculation system according to the present embodiment. As shown in the figure, the power consumption calculation system includes a meter data management system (MDMS) 101, a home system 102, an energy management system (EMS) 103, and a billing server 104 via a communication path T. It is a configuration to be connected. For simplification of the drawing, only one home system 102 is shown, but a plurality of home systems 102 can be connected to the power usage amount calculation system. The communication path T is, for example, a LAN (Local Area Network), an intranet, Ethernet (registered trademark), the Internet, or the like. The MDMS 101 is a system that collects and manages the power consumption of each household via a network or the like. The home system 102 is a system that counts the amount of electric power used by electrical devices installed in the home and used in the home, and includes a smart meter (SM) 102a. Electric devices in the home system 102 are connected to the SM 102a, and the SM 102a totals the power usage of these electric devices.

  It is assumed that identification information for identifying the home system 102 (referred to as home identification information) is given, and the SM 102a stores the home identification information given to the home system 102. . Further, it is assumed that the MDMS 101, the EMS 103, and the billing server 104 each store all the home identification information of each home system 102 connected to the power usage amount calculation system. Note that the information collected by the SM 102a is information in which at least home identification information and power usage are associated with each other, and the SM 102a calculates ciphertext using the associated information. However, other information may be associated with the home identification information and the power consumption.

  In the power usage calculation system configured as described above, the SM 102a calculates the first ciphertext by encrypting the power usage so that it can be decrypted by the MDMS 101, and encrypts the power usage so that it can be decrypted by the EMS 103. A third ciphertext is calculated by calculating a sentence and encrypting the power usage amount so that the billing server 104 can decrypt it. The MDMS 101 uses the first ciphertext calculated by the SM 102a to correct the power usage amount as necessary, and corrects the second ciphertext and the third ciphertext appropriately based on this correction. Then, the MDMS 101 uses the second ciphertext corrected as appropriate, and the ciphertext of the total amount (first power usage total amount) that is the sum of the power usage amounts respectively aggregated by a plurality of SMs 102a in each region for each first unit time. Is calculated and transmitted to the EMS 103. Further, the MDMS 101 calculates the ciphertext of the total amount (second power usage total amount) that is the sum of the power usage amounts aggregated by the SM 102a within the second unit time using the appropriately corrected third ciphertext. Is transmitted to the accounting server 104. The EMS 103 receives the ciphertext of the first power usage total amount from the MDMS 101 and decrypts it to restore the first power usage total amount, and based on this, performs power control in a certain region. The billing server 104 receives the ciphertext of the second total power usage amount from the MDMS 101 and decrypts it to restore the second total power usage amount, and performs billing processing using this.

  Next, the hardware configuration of the MDMS 101, SM 102a, EMS 103, and accounting server 104 will be described. Here, as with the billing server 104, the EMS 103 and the MDMS 101 are assumed to be servers. The MDMS 101, the EMS 103, and the billing server 104 include a control unit such as a CPU (Central Processing Unit) that performs control of the entire apparatus and basic operations, a ROM (Read Only Memory) and a RAM (Random Access) that store various data and various programs. It has a main storage unit such as Memory, an auxiliary storage unit such as an HDD (Hard Disk Drive) or CD (Compact Disk) drive device that stores various data and various programs, and a bus that connects these. It has a hardware configuration using a computer. Further, the MDMS 101, the EMS 103, and the accounting server 104 further include a communication I / F (Interface) that performs communication via a network or the like. The SM 102a includes a control unit such as a CPU (Central Processing Unit) that controls the entire apparatus, a main storage unit such as a ROM (Read Only Memory) and a RAM (Random Access Memory) that stores various data and various programs, and various data. And an auxiliary storage unit such as a non-volatile memory for storing various programs, a communication I / F (Interface) for communicating with an external device, and a bus for connecting them, and dedicated hardware or embedded devices It has the same configuration. The SM 102a further includes a communication I / F (Interface) that performs communication via a network or the like. Furthermore, the SM 102a is connected to a display unit that displays various types of information such as power consumption, and an operation input unit such as an operation button or a keyboard to which a user operation is input.

  Next, various functions implemented in each of the MDMS 101, SM 102a, EMS 103, and accounting server 104 in such a hardware configuration will be described. First, various functions implemented in the SM 102a will be described. FIG. 2 is a diagram illustrating a functional configuration of the SM 102a. The SM 102a includes a communication control unit 102a1, an encryption / decryption unit 102a2, a power usage amount storage unit 102a3, a measurement unit 102a4, a key storage unit 102a5, and a browsing processing unit 102a6. The function of the communication control unit 102a1 is realized when the communication I / F of the SM 102a and the CPU of the SM 102a execute various programs stored in the main storage unit and the auxiliary storage unit. The functions of the encryption / decryption unit 102a2, the measurement unit 102a4, and the browsing processing unit 102a6 are realized by the CPU of the SM 102a executing various programs stored in the main storage unit and the auxiliary storage unit. Each of the power usage storage unit 102a3 and the key storage unit 102a5 is a storage area secured in, for example, the auxiliary storage unit of the SM 102a.

  In particular, the communication control unit 102a1 transmits the power usage collected by the measurement unit 102a4 described later to the MDMS 101 every first unit time, receives a control command transmitted from the MDMS 101 described later, In response, the encryption / decryption unit 102a2 described later transmits a ciphertext obtained by encrypting the power usage amount to the MDMS 101, transmits a browsing request command for requesting browsing of the power usage amount to the MDMS 101, or according to the browsing request command. For example, the ciphertext of the power usage amount transmitted from the MDMS 101 is received.

  The measuring unit 102a4 aggregates the power usage amount in the home system 102 every first unit time. Then, the measurement unit 102a4 stores the total power usage amount in the power usage amount storage unit 102a3. In addition, the measurement unit 102a4 starts or stops counting the power usage in the home system 102 according to the control command received by the communication control unit 102a1. The power usage amount storage unit 102a3 stores the power usage amount counted by the measurement unit 102a4. The power usage amount stored in the power usage amount storage unit 102a3 is deleted, for example, after the first predetermined time. The communication control unit 102a1 controls communication with other devices such as the MDMS 101.

  The encryption / decryption unit 102a2 encrypts the power usage amount transmitted from the communication control unit 102a1 to the MDMS 101 based on the common key stored in the key storage unit 102a5 and calculates a ciphertext. The communication control unit 102a1 Decrypt the received power usage ciphertext. As described above, in this embodiment, a common key encryption method (AES or the like) is used for encryption and decryption of the power consumption. The key storage unit 102a5 stores a common key for encrypting the power usage amount and decrypting the ciphertext of the power usage amount.

  Here, the common key will be described. The common key is shared only between the charging server 104 and the SM 102a, the common key Ke shared only between the EMS 103 and the SM 102a, and shared only between the MDMS 101 and the SM 102a. A common key Km exists. These common keys Kp, Ke, and Km are stored in the key storage unit 102a5. Note that the common key Kp, the common key Ke, and the common key Km may be common among the plurality of SMs 102a, or may be different from each other. Here, exemplifying a case where a plurality of SMs 102a (SM102aa and SM102ab) are different from each other, a common key Kp-a shared between charging server 104 and SM 102aa, and between charging server 104 and SM 102ab The common key Kp-b shared between the two is a different key, and the SM 102aa and SM 102ab do not know the common key of the other SM 102a. The same applies to the common key Ke and the common key Km. Hereinafter, the common key Kp-a and the common key Kp-b are described as Kp without any particular distinction. The same applies to the common key Ke and the common key Km.

The encryption / decryption unit 102a2 described above does not directly use each of these common keys for power usage encryption, but generates a temporary key using each common key, and uses the temporary key to use the power usage. Is encrypted. The encryption / decryption unit 102a2 generates a temporary key based on the common key and date / time information. Examples of date and time information include “January 1, 2010”, “14:35:46, 3/1/2010”, UNIX (registered trademark) time (January 1, 1970 00:00). 0 seconds (GMT) as the starting point, and the number of seconds that have elapsed since then). The temporary key Kp_t is calculated by the following equation 1 where Kp is the common key and t is the date and time.
Kp_t = h (Kp, t) (Formula 1)
Here, h (x, y) is a one-way function or keyed hash function with x and y as inputs. Examples of the one-way function include sha-1, md5, sha256, etc. Examples of the hash function include hmac.
The temporary key when the common key is Ke is calculated by the following equation 2.
Ke_t = h (Ke, t) (Formula 2)
The temporary key when the common key is Km is calculated by the following equation 3.
Km_t = h (Km, t) (Formula 3)

Next, an encryption method performed by the encryption / decryption unit 102a2 will be described. This encryption is homomorphic. The encryption Enc_P (ek_P, d) that encrypts the data d with the encryption key ek_P is homomorphic.For data d and d ', Enc_P (ek_P, d) * Enc_P (ek_P, d') = Enc_P Satisfies (ek_P, d + d`). + Represents arithmetic addition and * represents an appropriate operator. For example, such encryption methods include Caesar encryption using a sufficiently large radix and encryption described in Reference Document 1 below, where * represents addition and remainder multiplication in a remainder ring, respectively.
(Reference 1) Pascal Paillier, Public-Key Cryptosystems Based on Composite Degree Residuosity Classes, EUROCRYPT 1999, pp223-238

Here, Caesar encryption is used as homomorphic encryption. In this case, addition in the remainder ring is used as the above-mentioned *. When the power usage aggregated by the measurement unit 102a4 at a time t, which is a certain first unit time, is dt, the encryption / decryption unit 102a2 generates a temporary generated using the common key Kp shared with the accounting server 104. Using the key Kp_t, the power usage amount dt is encrypted according to the following Equation 4, and the third ciphertext cp_t is calculated.
cp_t = dt + KpST_t (mod α) (Formula 4)
Here, KpST_t is a key sequence (KpST_t = ST (Kp_t), ST (•) is a stream cipher) obtained by operating a stream cipher using the temporary key Kp_t at time t as a key. The stream cipher ST (•) can be realized by using RC4 or operating in the OFB, CFB, or CTR mode as a block cipher use mode. The parameter α is a large prime number and needs to be shared between the main body performing encryption and the main body performing decryption.

Similarly, the encryption / decryption unit 102a2 uses the temporary key Ke_t generated using the common key Ke shared with the EMS 103 to encrypt the power usage amount dt according to the following Equation 5 to obtain the second Ciphertext ce_t is calculated.
ce_t = dt + KeST_t (mod α) (Formula 5)
Here, KeST_t is a key sequence (KeST_t = ST (Ke_t), ST (•) is a stream cipher) obtained by operating the stream cipher using the temporary key Ke_t at time t as a key.

Similarly, the encryption / decryption unit 102a2 uses the temporary key Km_t generated using the common key Km shared with the MDMS 101 to encrypt the power usage amount dt according to the following equation 6 to obtain the first Ciphertext cm_t is calculated.
cm_t = dt + KmST_t (mod α) (Formula 6)
Here, KmST_t is a key sequence (KmST_t = ST (Km_t), ST (•) is a stream cipher) obtained by operating the stream cipher using the temporary key Km_t at time t as a key.

  The time t required for decryption needs to be transmitted along with the ciphertext. Therefore, the communication control unit 102a1 transmits the first ciphertext, the second ciphertext, and the third ciphertext of the power usage amount to the MDMS 101 in association with the time, and the power in which the time is associated with the MDMS 101. The first ciphertext of the usage amount is received. Note that this may not be specified in the following description on the assumption that the time is associated with the transmitted / received ciphertext.

Next, a method for the encryption / decryption unit 102a2 to decrypt the ciphertext will be described. The encryption / decryption unit 102a2 uses the first ciphertext cm_t and the common key Ke that are obtained by encrypting the power usage amount collected by the measurement unit 102a4 at a certain time t using the temporary key Km_t generated using the common key Km. The second ciphertext ce_t encrypted using the generated temporary key Ke_t and the third ciphertext cp_t encrypted using the temporary key Kp_t generated using the common key Kp are sent to the MDMS 101 via the communication control unit 102a1. Sent. Thereafter, the first ciphertext cm_t, the second ciphertext ce_t, and the third ciphertext cp_t are controlled in accordance with a browse request command transmitted to the MDMS 101 via the communication control unit 102a1 under the control of the browsing processing unit 102a6 described later. At least one of them is transmitted from the MDMS 101 and received by the communication control unit 102a1. For this first ciphertext cm_t, the encryption / decryption unit 102a2 calculates the temporary key Km_t using the common key Km, the date and time, and the time t associated with the first ciphertext cm_t, and calculates the temporary key Km_t and the stream cipher. To calculate the key sequence KmST_t. Then, the encryption / decryption unit 102a2 restores the power usage amount from the first ciphertext cm_t by calculating the power usage amount dt at a certain time t according to the following Expression 7.
dt = cm_t−KmST_t (mod α) (Expression 7)

For the second ciphertext ce_t, the encryption / decryption unit 102a2 calculates the temporary key Ke_t using the common key Ke, the date and time, and the time t associated with the second ciphertext ce_t, and uses the temporary key Ke_t and the stream cipher. To calculate the key sequence KeST_t. Then, the encryption / decryption unit 102a2 restores the power usage amount from the second ciphertext ce_t by calculating the power usage amount dt at a certain time t according to the following Expression 8.
dt = ce_t−KeST_t (mod α) (Equation 8)

For the third ciphertext cp_t, the encryption / decryption unit 102a2 calculates the temporary key Kp_t using the common key Kp, the date and time, and the time t associated with the third ciphertext cp_t, and uses the temporary key Kp_t and the stream cipher. To calculate the key sequence KpST_t. Then, the encryption / decryption unit 102a2 restores the power usage amount from the third ciphertext cp_t by calculating the power usage amount dt at a certain time t according to the following Expression 9.
dt = cp_t−KpST_t (mod α) (Equation 9)

  The browsing processing unit 102a6 controls the browsing process of power consumption. This is performed, for example, in accordance with an operation input that is input via the operation input unit and that requests browsing of power consumption. In the browsing process, first, the browsing processing unit 102a6 generates a browsing request command for requesting browsing of the power usage amount, causes the MDMS 101 to transmit this command from the communication control unit 102a1, and via the communication control unit 102a1. Then, at least one of the first ciphertext, the second ciphertext, and the third ciphertext of the power usage amount in one or more first unit times according to the browsing request command is received from the MDMS 101. Then, the browsing processing unit 102a6 causes the encryption / decryption unit 102a2 to decrypt at least one of the first ciphertext, the second ciphertext, and the third ciphertext, and displays the power usage amount restored by the encryption / decryption unit 102a2 on the display unit. Display. It should be noted that a period for which browsing of power consumption is desired (referred to as a desired browsing period) or a value corresponding to a desired browsing period may be determined in advance, or may be specified by a user operation input via the operation input unit. good. The browsing processing unit 102a6 generates a browsing request command specifying the home identification information given to the home system 102 and the browsing desired period. In addition, although the display part connected to SM102a was used for the display of the electric power consumption in browsing processing, you may utilize the output terminal (not shown) connected to the home system 102. FIG.

  Next, various functions implemented in the MDMS 101 will be described. FIG. 3 is a diagram illustrating a functional configuration of the MDMS 101. As shown in the figure, the MDMS 101 includes a communication control unit 101a, a calculation unit 101b, a decryption unit 101c, a key storage unit 101d, a power usage amount storage unit 101e, and a correction unit 101f. The function of the communication control unit 101a is realized by the communication I / F of the MDMS 101 and the CPU of the MDMS 101 executing various programs stored in the main storage unit and the auxiliary storage unit. The functions of the calculation unit 101b, the decoding unit 101c, and the correction unit 101f are realized by the CPU of the MDMS 101 executing various programs stored in the main storage unit and the auxiliary storage unit. Each of the key storage unit 101d and the power usage storage unit 101e is a storage area secured in, for example, an auxiliary storage unit of the MDMS 101.

  The communication control unit 101a controls communication with other devices such as the SM 102a, the EMS 103, and the billing server 104. In particular, the communication control unit 101a receives the first ciphertext, the second ciphertext, and the third ciphertext of the power usage amount from the SM 102a every first unit time, transmits a control command to the SM 102a, A browsing request command is received as a control command, and in response to the browsing request command, the first ciphertext, the second ciphertext, and the third ciphertext of the power usage amount stored in the power usage amount storage unit 101e described later are stored. At least one of them is transmitted to the SM 102a, a ciphertext of the first power usage total calculated by the arithmetic unit 101b described later is transmitted to the EMS 103, and a charging processing command for instructing execution of charging system processing is charged as a control command. The ciphertext of the second power usage total amount received from the server 104 or calculated by the calculation unit 101b, which will be described later, in accordance with the billing processing command, And it transmits to 104. The control command transmitted to the SM 102a is, for example, information for instructing to stop or start measuring the power usage amount or to transmit the power usage amount. The power usage amount storage unit 101e stores the first ciphertext, the second ciphertext, and the third ciphertext of the power usage amount for each first time unit received from the SM 102a via the communication control unit 101a.

  The key storage unit 101d stores the above-described common key Km shared with the SM 102a. The decryption unit 101c restores the power usage amount by decrypting the first ciphertext received by the communication control unit 101a using the common key km stored in the key storage unit 101d. The method for decrypting the first ciphertext is the same as the method in which the encryption / decryption unit 102a2 of the SM 102a decrypts the first ciphertext.

  The correcting unit 101f checks whether there is an error in the power usage amount restored by the decoding unit 101c, and calculates a correction amount for the power usage amount as necessary. For example, the correction unit 101f stores the power usage amounts for a plurality of first unit times in the main storage unit for the power usage amounts received from the same SM 102a, and the communication control unit 101a uses this time to store the power usage amounts for the first unit time. Check the received power usage for errors. Then, the correction unit 101f appropriately corrects the second ciphertext and the third ciphertext of the power usage received by the communication control unit 101a using the calculated correction amount, and stores this in the power usage storage unit 101e. Let A specific correction method will be described in an operation column described later.

  The calculation unit 101b is configured so that the correction unit 101f performs the second ciphertext of the power usage amount in the first unit time stored in the power usage amount storage unit 101e for a plurality of home systems 102 in a certain region or the second ciphertext. By citing the second ciphertext of the corrected power usage amount, the ciphertext of the total power usage amount (first power usage total amount) in the first unit time is calculated. In addition, the calculation unit 101b includes the third ciphertext of the power usage corresponding to each first unit time within the second unit time stored in the power usage storage unit 101e for each home system 102 or the third ciphertext. By adding the third ciphertext of the power usage corrected by the correcting unit 101f, the ciphertext of the total power usage (second power usage total) within the second unit time for each home system 102 is obtained. calculate. A specific calculation method will be described in the operation column described later.

  Various functions implemented in the EMS 103 will be described. FIG. 4 is a diagram illustrating a functional configuration of the EMS 103. As shown in the figure, the EMS 103 includes a communication control unit 103a, a decryption unit 103b, a key storage unit 103c, a regional power storage unit 103d, and a power control determination unit 103e. The function of the communication control unit 103a is realized by the communication I / F of the EMS 103 and the CPU of the EMS 103 executing various programs stored in the main storage unit and the auxiliary storage unit. The function of the decryption unit 103b is realized by the CPU of the EMS 103 executing various programs stored in the main storage unit and the auxiliary storage unit. The key storage unit 103c and the regional power storage unit 103d are storage areas secured in, for example, the auxiliary storage unit of the EMS 103.

  The communication control unit 103 a receives the ciphertext and control command of the first power usage total transmitted from the MDMS 101, and transmits the control command to the MDMS 101. The control command is information for instructing transmission of the first power usage total amount or instructing transmission of information such as current and voltage necessary for power control, for example. The regional power storage unit 103d stores a ciphertext of the first power usage total received by the communication control unit 103a and a first power usage total restored by a decryption unit 103b described later using the ciphertext. The key storage unit 103c stores the above-described common key Ke shared with the SM 102a.

  The decryption unit 103b restores the first power usage total amount by decrypting the ciphertext of the first power usage total received by the communication control unit 103a using the common key Ke stored in the key storage unit 103c. Specifically, in the same manner as the above-described method in which the encryption / decryption unit 102a2 of the SM 102a decrypts the first ciphertext, the decryption unit 103b determines the common key Ke and the second ciphertext ce_t associated with a certain time t. When the temporary key Ke_t is calculated using the date and time and the time t, and the key sequence KeST_t is calculated using the temporary key Ke_t and the stream cipher, the power usage amount dt at a certain time t can be calculated according to the above equation 8. it can.

  Here, since the first total power usage amount is the total power usage amount collected by the SMs 102a in the plurality of home systems 102, the ciphertext in which each power usage amount is encrypted at a certain time t is the same as each SM 102a. Each can be decrypted with a temporary key generated using a shared common key. Therefore, the decryption unit 103b calculates a key sequence of temporary keys using a common key shared with each SM 102a, and uses these to restore the first power usage total amount from the ciphertext of the first power usage total amount. . A specific restoration method will be described in an operation column described later.

  The power control determination unit 103e determines whether or not to perform power control based on the first total power usage amount restored by the decoding unit 103b. With power control, for example, when the total amount of power used exceeds the upper limit threshold, the use of power in each home is suppressed, or when the total amount of power used is lower than the lower limit threshold, the storage battery Or to charge. The power usage amount storage unit 101e determines that power control is to be performed, and if it is determined to suppress the use of power in each home, a power control command requesting suppression of power use is transmitted from the communication control unit 103a to the SM 102a. To send to.

  Next, various functions implemented in the accounting server 104 will be described. FIG. 5 is a diagram illustrating a functional configuration of the accounting server 104. As shown in the figure, the billing server 104 includes a communication control unit 104a, a decryption unit 104b, a key storage unit 104c, a billing data storage unit 104d, and a billing processing unit 104e. The function of the communication control unit 104a is realized by the communication I / F of the billing server 104 and the CPU of the billing server 104 executing various programs stored in the main storage unit and the auxiliary storage unit. Each function of the decryption unit 104b and the billing processing unit 104e is realized by the CPU of the billing server 104 executing various programs stored in the main storage unit and the auxiliary storage unit. Each of the key storage unit 104c and the charging data storage unit 104d is a storage area secured in, for example, an auxiliary storage unit included in the charging server 104.

  The communication control unit 104a controls communication with other devices such as the MDMS 101. In particular, the communication control unit 104 a receives the ciphertext and control command of the second total power consumption transmitted from the MDMS 101, and transmits the control command to the MDMS 101. The control command is, for example, information for instructing execution of billing system processing or instructing transmission of information such as power unit price necessary for billing. The accounting data storage unit 104d stores a ciphertext of the second power usage total received by the communication control unit 104a or a second power usage total restored by the decryption unit 104b described later using the ciphertext.

  The key storage unit 104c stores the above-described common key Kp shared with the SM 102a. The decryption unit 104b restores the second power usage total amount by decrypting the ciphertext of the second power usage total received by the communication control unit 104a using the common key Kp stored in the key storage unit 104c. Specifically, in the same manner as the above-described method in which the encryption / decryption unit 102a2 of the SM 102a decrypts the first ciphertext, the decryption unit 104b uses the common key Kp and the third ciphertext ct_p associated with a certain time t. When the temporary key Kp_t is calculated using the date and time and the time t, and the key sequence KpST_t is calculated using the temporary key Kp_t and the stream cipher, the power usage amount dt at a certain time t can be calculated using the above-described equation 9. it can.

  Here, the ciphertext of the second power usage total received by the communication control unit 104a can be associated with a plurality of times t for each first unit time within the second unit time in the SM 102a. Therefore, the decryption unit 103b calculates the key sequence of the temporary key using the common key for each time t, and restores the second power usage total amount from the ciphertext of the second power usage total amount using these. . A specific restoration method will be described in an operation column described later.

  The charging processing unit 104e causes the MDMS 101 to transmit a charging processing command from the communication control unit 104a every second unit time, and based on the second total power usage amount of the home system 102 in the second unit time restored by the decoding unit 104b. To charge.

  Next, a procedure of processing performed by the power usage amount calculation system according to the present embodiment will be described. First, the procedure of the process in which the SM 102a transmits the ciphertext of the power usage amount will be described with reference to FIG. When the SM 102a aggregates the power usage amount dt in the first unit time (referred to as time t) (step S1), the SM 102a calculates the temporary key Km_t based on the common key Km shared with the MDMS 101 and the date and time t. The temporary key Ke_t is calculated based on the common key Ke shared with the EMS 103 and the date / time t, and the temporary key Kp_t is calculated based on the common key Kp shared with the charging server 104 and the date / time t. Calculate (step S2).

  The SM 102a operates the stream cipher using the temporary key Km_t calculated in step S2 to calculate the key sequence KmST_t, and operates the stream cipher using the temporary key Ke_t calculated in step S2 to calculate the key sequence KeST_t. Then, the key sequence KpST_t is calculated by operating the stream cipher using the temporary key Kp_t calculated in step S2 (step S3). Then, the SM 102a encrypts the power usage amount dt using the key sequence KmST_t calculated in step S3 to calculate the first ciphertext cm_t, and encrypts the power usage amount dt using the key sequence KeST_t calculated in step S3. The second ciphertext ce_t is calculated and the third ciphertext cp_t is calculated by encrypting the power usage amount dt using the key sequence KpST_t calculated in step S3 (step S4). Then, the SM 102a transmits the first ciphertext cm_t, the second ciphertext ce_t, the third ciphertext cp_t, and the time t of the encrypted power usage amount to the MDMS 101 (step S5). At this time, the SM 102a also transmits home identification information given to the home system 102.

  Next, the procedure of the process in which the MDMS 101 calculates the ciphertext of the first power usage total and the EMS 103 restores the first power usage and performs power control will be described with reference to FIG. When the MDMS 101 receives the first ciphertext cm_t, the second ciphertext ce_t, the third ciphertext cp_t, and the time t of the power usage amount encrypted from the SM 102a, the MDMS 101 stores them (step S10). At this time, the MDMS 101 also receives home identification information given to the home system 102 from the SM 102a, and uses this in association with the first ciphertext cm_t, the second ciphertext ce_t, the third ciphertext cp_t, and the time t. The amount is stored in the amount storage unit 101e. The MDMS 101 decrypts the first ciphertext cm_t using the common key Km stored in the key storage unit 101d, restores the power usage amount dt, and stores it in the power usage amount storage unit 101e (step S11). Thereafter, the MDMS 101 checks whether there is an error in the power usage amount dt, and calculates a correction amount for the power usage amount dt as necessary.

  Here, a method for detecting an error in the power usage amount dt will be described. One example of this method is a method using linear interpolation. The linear interpolation is simply summarized, and the power consumption received from the same SM 102a is more than a certain threshold compared to the power usage before and after the time for the power usage for a plurality of first unit times. If there is, there is a method to consider it as an error. The threshold value at this time may be an absolute value or a relative value (for example, when there is a difference of 30% or more). If there is a deviation greater than a certain threshold, the deviation value is regarded as a correction amount.

Then, the MDMS 101 corrects the second ciphertext ce_t and the third ciphertext cp_t using the correction amounts according to the following equations (10) to (11) (step S12). The correction amount is x, the corrected first ciphertext is cm_t ', the corrected second ciphertext is ce_t', and the corrected third ciphertext is cp_t '.
ce_t ′ = ce_t + x (mod α) (Equation 10)
cp_t ′ = cp_t + x (mod α) (Equation 11)

  In the following, for convenience of explanation, when there is no need to distinguish the second ciphertext before correction and the second ciphertext after correction, it will be described as ce_t, and the third ciphertext before correction and the corrected ciphertext after correction will be described. If there is no need to distinguish the third ciphertext, it may be described as cp_t. Thereafter, the MDMS 101 deletes the first ciphertext that is no longer necessary for the correction and the restored power usage amount dt from the power usage amount storage unit 101e (step S13).

Next, the MDMS 101 calculates the ciphertext of the first total power usage amount by calculating the corrected second ciphertext in the first unit time for a plurality of home systems 102 in a certain area, and calculates the power usage amount. It memorize | stores in the memory | storage part 101e. For example, it is assumed that the SMs of the plurality of home systems 102 are SM102aa, SM102ab,..., SM102aj, and the time when each SM102aa, SM102ab,. The second ciphertext of the power usage amount summed at SM102aa and corrected by MDMS 101 as appropriate is ce_a_ta ', the second ciphertext of SM102ab is summed up at time tb and appropriately corrected by MDMS101 as ce_b_tb', ..., Ce_j_tj ′ is the second ciphertext of the power consumption that is summed up at time tj by the SM 102aj and corrected appropriately by the MDMS 101. At this time, the ciphertext ce (a; j) of the first total power usage at time t is calculated by the following Expression 12.
ce (a; j) = ce_a_ta '+ ce_b_tb' + ... + ce_j_tj '... (Formula 12)

  Then, the MDMS 101 transmits the ciphertext ce (a; j) of the first power usage total amount and the times ta, tb,..., Tj corresponding to the SMs 102aa, SM102ab, ..., SM102aj to the EMS 103 (step S14). After step S14, the MDMS 101 deletes the ciphertext of the first power usage total amount transmitted to the EMS 103 and the second ciphertext used for calculating the ciphertext of the first power usage total amount from the power usage amount storage unit 101e. Anyway.

When the EMS 103 receives the ciphertext ce (a; j) of the first power usage total amount and the times ta, tb,..., Tj corresponding to the SMs 102aa, SM102ab,..., SM102aj (step S15), these are stored in the regional power storage. The ciphertext of the first power usage total amount is decrypted using the common key Ke stored in the unit 103d and stored in the key storage unit 103c, the first power usage total amount is restored, and this is restored to the regional power storage unit 103d is stored (step S16). Specifically, the EMS 103 temporarily uses the one-way raw function or the keyed hash function h (s, x) used for encryption in the SM 102aa based on the common key Ke and the date / time and the time ta. Key Ke_ta = h (Ke, ta) is calculated, and similarly, temporary keys Ke_tb,..., Ke_tj are calculated based on tb,. Then, the EMS 103 operates the stream cipher ST (•) using the temporary key Ke_ta to calculate the key sequence KeST_ta. Similarly, based on the temporary keys Ke_tb,..., Ke_tj, each key sequence KeST_tb,. Are calculated, and their sum KeST is calculated by the following equation (13).
KeST = KeST_ta + ... + KeST_tj (mod α) (Equation 13)

Then, the EMS 103 uses the ciphertext ce (a; j) of the first power usage total amount and the key sequence total KeST to calculate the first power usage total amount de according to the following Expression 14, thereby The first power usage total amount de is restored from the ciphertext ce (a; j) of the total usage amount.
de = ce (a; j) −KeST (mod α) (Formula 14)

  Thereafter, the EMS 103 performs power control based on the first power usage total de (step S17). After step S17, the EMS 103 may delete the ciphertext of the first power usage total amount and the restored first power usage total amount de from the regional power storage unit 103d.

  Next, a charging system processing procedure performed by the power consumption calculation system will be described with reference to FIG. It should be noted that for each first unit time, in step S12 of FIG. 7 described above, the corrected third ciphertext of each home is associated with the time and home identification information in the power usage amount storage unit 101e of the MDMS 101. It is remembered. The billing server 104 transmits a billing processing command for instructing the MDMS 101 to execute billing system processing every second unit time (step S20). In the billing process command, the second unit time to be billed and the home identification information are specified. Note that the charging processing command may be transmitted from the MDMS 101 to the charging server 104 instead of from the charging server 104.

When the MDMS 101 receives the accounting processing command, the MDMS 101 receives from the power usage amount storage unit 101e the third ciphertext corresponding to the designated home identification information and associated with the time of each first unit time within the second unit time. Read (step S21). For example, for the SM 102a, the corrected third ciphertexts associated with the times t1, t2,..., T30 within the second unit time are assumed to be cp_t1 ′, cp_t2 ′,. At this time, the MDMS 101 calculates the ciphertext cp of the total power usage amount (second power usage total amount) within the second unit time by the following Expression 15 (step S22).
cp = cp_t1 '+ cp_t2' + ... + cp_t30 '... (Formula 15)

  Then, the MDMS 101 stores the ciphertext of the second power usage total amount in the power usage amount storage unit 101e in association with the times t1, t2,..., T30, and the ciphertext cp of the second power usage total amount and the time t1, t2,..., t30 are transmitted to the billing server 104 (step S22). The MDMS 101 may delete the ciphertext of the second total power usage amount from the power usage amount storage unit 101e after the second predetermined time has elapsed after transmitting the ciphertext of the second total power usage amount. Here, the second predetermined time is a period during which the second power usage total amount may be retransmitted from the accounting server 104, and is, for example, three months.

When the billing server 104 receives the ciphertext cp of the second power usage total amount and the times t1, t2,..., T30 (step S23), the billing server 104 uses the common key kp stored in the key storage unit 104c to generate the second power The ciphertext of the total usage amount is decrypted to restore the second total power usage amount (step S24). Specifically, the billing server 104 uses the one-way raw function or keyed hash function h (s, x) used for encryption in the SM 102a based on the common key Kp, the date and time, and the time t1. Then, temporary keys “Kp_t1 = h (Kp, t1)” are calculated, and similarly, temporary keys Kp_t2,..., Kp_t30 are calculated based on t2,. Then, the accounting server 104 calculates a key sequence KpST_t1 that operates the stream cipher ST (•) using the temporary key Kp_t1, and similarly, based on the temporary keys Kp_t2,..., Kp_t30, respectively. KpST_t30 is calculated, and the sum KpST thereof is calculated by the following equation (16).
KpST = KpST_t1 + ... + KpST_t30 (mod α) (Equation 16)

Then, the billing server 104 calculates the second power usage total amount dp by calculating the second power usage total amount dp by the following equation 17 using the ciphertext cp of the second power usage total amount and the key sequence sum KpST. The second power usage total amount dp is restored from the ciphertext cp.
dp = cp−KpST (mod α) (Equation 17)

  Thereafter, the billing server 104 performs billing processing for each home based on the second total power usage dp restored in step S24 (step S25). The billing server 104 stores the ciphertext cp of the second power usage total amount or the restored second power usage total amount dp in the billing data storage unit 104d. After the billing process is performed, this is stored in the billing data storage unit 104d. You may delete from.

  Next, the browsing request processing procedure performed by the power consumption calculation system will be described with reference to FIG. It should be noted that in each of the first unit times, in step S12 of FIG. 7 described above, in the power usage amount storage unit 101e of the MDMS 101, the corrected second ciphertext and third ciphertext of each home are time and home identification information Are stored in association with each other. For example, when there is an operation input requesting browsing of the power usage amount during a desired browsing period via the operation input unit, the SM 102a searches the power usage storage unit 102a3 and uses the power usage corresponding to the request. Search for quantity. As a result of the search, when the corresponding power usage is stored in the power usage storage unit 102a3, browsing processing is performed by displaying the power usage on the display unit. On the other hand, if the corresponding power usage amount is not stored in the power usage amount storage unit 102a3 as a result of the search, the SM 102a transmits a browsing request command for requesting browsing of the power usage amount to the MDMS 101 (step S30).

  When the MDMS 101 receives the browsing request command (step S31), the MDMS 101 stores the second ciphertext and the third ciphertext stored in correspondence with the home identification information specified by the browsing request command. At least one of the second ciphertext and the third ciphertext corresponding to one unit time is searched in the power usage amount storage unit 101e, and at least one of the second ciphertext and the third ciphertext obtained as a result of the search is searched for. It transmits to SM102a (step S32). At this time, the MDMS 101 also transmits the time associated with the second ciphertext when transmitting the second ciphertext, and associates with the third ciphertext when transmitting the third ciphertext. The time that is being sent is also transmitted.

  When the SM 102a receives at least one of the second ciphertext and the third ciphertext associated with the time from the MDMS 101, the SM 102a uses the common key stored in the key storage unit 102a5 to perform the second ciphertext and the third ciphertext. At least one of the sentences is restored (step S33). Specifically, for the second ciphertext, the SM 102a determines the temporary key Ke_t based on the common key Ke stored in the key storage unit 102a5 and the date and time t associated with the second ciphertext. A key sequence KeST_t that operates the stream cipher used at the time of encryption is calculated using the temporary key Ke_t, and the second ciphertext is decrypted using the key sequence KeST_t (Equation 8 To restore power consumption. Similarly for the third ciphertext, the SM 102a calculates a temporary key Kp_t based on the common key Kp stored in the key storage unit 102a5 and the date and time t associated with the third ciphertext, By calculating a key sequence KpST_t in which the stream cipher used at the time of encryption is operated using the temporary key Kp_t and decrypting the third ciphertext using the key sequence KpST_t (see Equation 9), Restore power usage. Thereafter, the SM 102a performs a browsing process by displaying the restored power usage amount on the display unit (step S34).

  If the first ciphertext of the power usage is stored in the power usage storage unit 101e of the MDMS 101, in step S31, the MDMS 101 transmits the first ciphertext corresponding to the browsing request command to the SM 102a. May be. In this case, when the SM 102a receives the first ciphertext in step S33, the SM 102a generates a temporary key based on the common key Km stored in the key storage unit 102a5 and the date / time or the time t associated with the first ciphertext. By calculating Km_t, calculating a key sequence KmST_t that operates the stream cipher used at the time of encryption using the temporary key Km_t, and decrypting the second ciphertext using the key sequence KmST_t ( What is necessary is just to restore | restore electric power consumption.

  As described above, according to the present embodiment, it is possible to calculate the total power usage amount while concealing each power usage amount collected by each power meter in the meter data management system to protect privacy.

  Note that the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. Moreover, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the embodiment. For example, you may delete some components from all the components shown by embodiment. Further, various modifications as exemplified below are possible.

  In the above-described embodiment, various programs executed by at least one of MDMS 101, SM 102a, EMS 103, and billing server 104 are stored on a computer connected to a network such as the Internet and downloaded via the network. You may comprise so that it may provide. The various programs are recorded in a computer-readable recording medium such as a CD-ROM, a flexible disk (FD), a CD-R, and a DVD (Digital Versatile Disk) in a file in an installable or executable format. The computer program product may be provided.

  In the above-described embodiment, the SM 102a totals the power consumption every first unit time and is regular. However, the present invention is not limited to this, and any timing may be used.

  In the embodiment described above, the communication between the MDMS 101 and the billing server 104, the communication between the MDMS 101 and the EMS 103, and the communication between the SM 102a and the MDMS 101 are performed using OpenSSL in order to conceal information to be transmitted and received. It is also possible to use cryptographic communication such as In each communication, device authentication for authenticating each other may be performed. Further, depending on the contents of transmission and reception, message authentication may be performed using a message authentication code: MAC (Message Authentication Code) or a digital signature (Digital Signature). Depending on the contents of transmission / reception, either encryption or message authentication may be performed, or both encryption and message authentication may not be applied. In such a configuration, a device that performs encrypted communication stores a key used for encrypted communication and a key used when generating a MAC or a signature. Information encrypted in this encrypted communication includes a control command, power usage, first ciphertext of power usage, second ciphertext and third ciphertext, ciphertext of first power usage total and second power. Any one or more of the ciphertexts of the total amount used may be used. A device that has received the encrypted information in the encrypted communication restores the information and uses the restored information.

  In the above-described embodiment, not only the common key encryption method (AES, etc.) but also a suitable method such as public key encryption method (RSA, etc.) or elliptic curve encryption is used for encryption and decryption of the power consumption. good.

  In the above-described embodiment, the SM 102a may perform encryption by the method described in Reference 1, as described above. In this case, the SM 102a is connected between the charging server 104 and the SM 102a. After transmitting the third ciphertext cp_t of the power usage amount encrypted using the common key Kp that is shared only by the MDMS 101, after receiving the third ciphertext cp_t of the power usage amount and appropriately correcting it as described above Then, the ciphertext cp of the second power usage total amount is updated to “cp * cp_t” and stored in the power usage amount storage unit 101e. The ciphertext cp of the second total power consumption is initialized with Enc_P (Kp, 0) every second unit time, and after being multiplied by the third ciphertext cp {i, j}, cp = Enc_P (Kp, Σcp_t ). When the MDMS 101 receives the charging processing command from the charging server 104, the MDMS 101 transmits the ciphertext cp of the second total power usage stored in the power usage storage unit 101e to the charging server 104, and the charging server 104 receives the common key Kp. The second power usage total may be restored by decrypting the ciphertext cp of the second power usage total.

  In the above-described embodiment, the EMS 103 may use information such as a voltage and a current for a certain period in addition to the amount of power used for power control. In this case, the above-described embodiment is written. This can be dealt with by using a method similar to the calculation of power consumption in

  In the above-described embodiment, the MDMS 101 decrypts the first ciphertext of the power usage amount and corrects the second ciphertext and the third ciphertext. If no correction is necessary, the second ciphertext And it is not necessary to correct the third ciphertext.

  Further, in the embodiment, the SM 102a shares the common key Ke with the EMS 103, encrypts the power usage using the common key Ke, and calculates the second ciphertext ce-t. The power usage amount may not be encrypted with respect to the EMS 103 without sharing the common key Ke with the EMS 103. In this case, the MDMS 101 may appropriately correct the power usage received from the SMs 102 a of the plurality of home systems 102 in the first unit time, and then aggregate the power usages and transmit the data to the EMS 103.

  The configuration according to the above-described embodiment can be applied to the calculation of the usage amount of gas, water, etc. in addition to the calculation of the power usage amount.

101 MDMS
101a Communication control unit 101b Operation unit 101c Decoding unit 101d Key storage unit 101e Power usage storage unit 101f Correction unit 102 Home system 102a1 Communication control unit 102a2 Encryption / decryption unit 102a3 Power usage storage unit 102a4 Measurement unit 102a5 Key storage unit 102a6 Browsing process Part 103 EMS
103a communication control unit 103b decryption unit 103c key storage unit 103d regional power storage unit 103e power control determination unit 104 charging server 104a communication control unit 104b decryption unit 104c key storage unit 104d charging data storage unit 104e charging processing unit

Claims (7)

A data management device to which an electric power meter for counting the electric power consumption of an electric device and an application server are connected,
A receiving unit that receives the first ciphertext in which the power usage aggregated by the power meter is encrypted so as to be decrypted by the application server;
A first calculation unit that calculates a ciphertext of a first total amount of power usage within the predetermined time using the first ciphertext;
A data management apparatus comprising: a transmission unit configured to transmit the first total amount of ciphertext to the application server. A data management device connected to a plurality of power meters and an energy management device,
The receiving unit further receives a second ciphertext in which the power usage amount totaled by the plurality of power meters is encrypted so as to be decryptable by the energy management device,
A second calculation unit that calculates a second total amount of the power usage amount aggregated by each of the plurality of power meters using the second ciphertext;
The data management apparatus according to claim 1, wherein the transmission unit transmits the second total amount of ciphertext to the energy management apparatus. The receiving unit further receives third ciphertexts in which the power usages respectively counted by the power meter are encrypted by the data management device so that they can be decrypted;
A decryption unit that restores the power usage amount by decrypting the third ciphertext;
A third calculator for calculating a correction amount for the restored power usage;
A correction unit that corrects the first ciphertext using the correction amount;
The data management apparatus according to claim 1, wherein the transmission unit calculates the first total amount of ciphertext using the corrected first ciphertext. A storage unit for storing the received third ciphertext;
The data management apparatus according to claim 3, further comprising a deletion unit that deletes the third ciphertext stored in the storage unit after the third calculation unit performs calculation. The storage unit stores the received first ciphertext,
The data management apparatus according to claim 4, wherein the transmission unit transmits the first ciphertext stored in the storage unit to the power meter in response to a request from the power meter. A power usage calculation system comprising a plurality of power meters that aggregate the power usage of electrical equipment, a data management device, and an application server,
The power meter is
A counting unit for counting the power consumption;
A first calculation unit for calculating the first ciphertext by encrypting the power usage amount so as to be decryptable by the application server;
A first transmitter that transmits the first ciphertext to the data management device;
The data management device includes:
A receiving unit for receiving the first ciphertext;
A second calculation unit that calculates a ciphertext of a first total amount of power consumption within the predetermined time using the first ciphertext;
A power usage amount calculation system comprising: a second transmission unit configured to transmit the first total amount of ciphertext to the application server. A computer used in a data management device to which an electric power meter that aggregates the power consumption of electric equipment and an application server is connected,
Receiving means for receiving the first ciphertext in which the power usage aggregated by the power meter is encrypted so as to be decrypted by the application server;
First calculation means for calculating a ciphertext of a first total amount of power consumption within the predetermined time using the first ciphertext;
A program for causing a ciphertext of the first total amount to function as transmission means for transmitting to the application server.

Images