CN102594820A - Secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things - Google Patents

Abstract

The diversification of information acquisition terminals in an internet of things causes easy leakage of private information of a user, and the privacy of an evaluator and an evaluated person face serious threat, therefore, the protection of the privacy of evaluation parties becomes an urgent problem in online evaluation of the internet of things. In order to solve the problem, the invention provides a secure multi-party computation privacy-protecting evaluation method based on scenes of internet of things. The method has the beneficial effects that since the authentication of the identity of the evaluated person is carried out by using an identity authentication protocol and simultaneously the encryption and decryption processes of evaluation questionnaires are properly controlled, the security of evaluation is further ensured; since a high-efficiency secure multi-party computation is applied in the design of a secure evaluation system, the secure scoring and ranking of a trusted third party is not needed, the intervention of an evaluation mechanism is reduced, and the privacy of evaluation is guaranteed; and by use of the method for separated storage of evaluation data in an evaluation result data and an evaluated person database, on the basis of secure multi-party summing and scoring, the personal privacy of the evaluator and the evaluated person is protected.

Description

Safety based on the Internet of Things scene is calculated the secret protection assessment method in many ways

Technical field

Protection test and appraisal person and the implementation method that is inviolable by test and appraisal person both sides privacy information when the present invention relates to the test and appraisal of network in the Internet of Things belong to the crossing domain of Internet of Things and information security technology.

Background technology

Internet of Things is on the basis of computer internet; Through information sensing equipment such as radio frequency identification (RFID), infrared inductor, global positioning system, laser scanners; Agreement by agreement; Get up any article and Internet connection, carry out information exchange and communication, to realize a kind of network of intelligent identification, location, tracking, monitoring and management.The appearance of Internet of Things brings concrete and deep variation to modern society, and its application relates to the various aspects of people's daily life.Therefore in future, RFID RFID tag and wireless sensing devices and other information acquisition terminal will be distributed widely in our daily life and work.

Along with the extensive appearance of Internet of Things application scenarios, the RFID chip is embedded the online test and appraisal that multi-form input terminal is realized Internet of Things, this intelligentized test and appraisal mode will become people's participate in testing and assessing main path of questionnaire.To the test and appraisal problem of Internet of Things, on the one hand, each test and appraisal person hopes that the test and appraisal questionnaire of oneself is kept absolutely secret, and does not hope that anyone spies upon the test and appraisal questionnaire of oneself by any way; Simultaneously, do not hoped also that by test and appraisal person other people see the test and appraisal details of oneself, their privacy of oneself that all needs protection is in order to avoid cause adverse influence to oneself.On the other hand, because the variation of input terminal, the online test and appraisal of Internet of Things are under attack more easily than common papery test and appraisal and existing online test and appraisal, also handled more easily.Therefore want to protect test and appraisal both sides' privacy information, confirm test and appraisal person identity, to avoid aspects such as test and appraisal person repeatedly tests and assesses, secret is carried out fractional computation be very important, simultaneously also should simple and effective, just have practical value.The present invention proposes a kind of solution to the online test and appraisal secret protection problem based on Internet of Things.

The secret protection problem of the online test and appraisal of Internet of Things mainly is present in the following aspects from application point:

The first, because the extensive use of Internet of Things sensing equipment and RFID radio frequency identification equipment makes people carry out the mode variation more of data acquisition and data processing.In online test and appraisal, relate to a lot of test and appraisal persons and by the calculating of test and appraisal person's sensitive data and processing based on the Internet of Things scene.For example: because test and appraisal person uses different data entry terminal (such as equipment such as computer, mobile phone, PDA) to test and assess; Input terminal all is equipped with the RFID label of storage test and appraisal person identity information; This carries out strict authentication with regard to needing the test and appraisal center to test and appraisal person's identity, avoids malicious attacker stealing and destroying these sensitive datas.When test and appraisal, also need stop test and appraisal person as far as possible and repeatedly participate in test and appraisal simultaneously, guarantee the fairness of test and appraisal.This be Internet of Things test and assess on the net the problem that must pay attention to.

The present invention is directed to first problem, promptly the diversity at image data terminal has added identification agreement pre-authentication process, and test and appraisal person issues certificate of certification through the authentication center, and authentication is carried out in contrast registration information data storehouse.Use this agreement can check out illegal test and appraisal person easily, guarantee carrying out smoothly of test and appraisal process.During the authentication of this identification agreement person of test and appraisal identity, malicious attacker can not be disturbed normally carrying out of test and appraisal so it can't construct invalid test and appraisal questionnaire through identification protocol proof identity.Simultaneously, add the suffix character string at the back in the test and appraisal data of encrypting and judge whether test and appraisal person repeats test and appraisal, stop same test and appraisal person repeatedly to participate in test and appraisal.

Second; Because each input terminal all will be participated in intelligence computation in the Internet of Things; The online evaluation system of Internet of Things by gather test and appraisal person's identity information stage, authentication test and appraisal person identity stage, test and appraisal person test and assess the stage, collect the test and appraisal questionnaire, the evaluating result calculation stages is formed, each stage should be by corresponding its function of security protocol realization.The online test and appraisal of Internet of Things are exactly that the problem that the test and appraisal questionnaire proposes is answered, and then carry out the process of computing.Each test and appraisal person and measured person all have the right to the end test and appraisal ranking; But can't learn the test and appraisal questionnaire that other people are concrete again; Protect the private information of oneself to be inviolable, will become the problem that online test and appraisal secret protection is worth research so the gross score of test and appraisal questionnaire calculates.

Consider second above problem, the present invention proposes a kind of do not have safety under the third-party situation of safety calculate in many ways find the solution the method for test and assess to the end mark and rank.The safety of no trusted third party is calculated the fractional computation of protocol application in online test and appraisal questionnaire in many ways, in case test and appraisal finish, any test and appraisal person can score, and can obtain evaluating result.Compare score scheme in the past, this scheme has strict fairness, and single test and appraisal person does not cooperate with other test and appraisal person, all can't score in advance.All test and appraisal person's fellowship safety is sued for peace in many ways and is added up mark, if the result who exists the test and appraisal person of or minority to announce is different with the result that most test and appraisal persons obtain, can explain that then these test and appraisal persons are dishonest.With calculating the design of protocol application efficiently safely in many ways in the security evaluation system, realize the secret security score rank of testing and assessing and not needing trusted third party, reduce the intervention of the mechanism that tests and assesses, guaranteed the privacy of test and appraisal.

The 3rd, people need the privacy of due care oneself in the test and appraisal on the net, but can both correctly receive the end product of test and appraisal again.For example: in the teaching test and appraisal, on the one hand, the student had both wanted to see the overall test and appraisal rank of all classmates to teacher on the net when the teacher who teaches oneself is tested and assessed, and did not want to let other classmates see own concrete evaluation to teacher again; On the other hand, teacher hopes to see that the student to concrete evaluation of oneself and the final ranking of oneself, can not see other teachers' test and appraisal questionnaire and student's identity information again.In the epoch of the various application high speed developments of Internet of Things, the due care of privacy information is become problem demanding prompt solution.

To the 3rd above problem; The present invention uses the evaluating result data and is separated the method for depositing the test and appraisal data by test and appraisal person's database; On the safety of second problem was sued for peace the basis of scoring in many ways, each test and appraisal person's evaluating result database can both get mark and rank to the end, and filters out test and appraisal person's identity information; This result is sent to by in test and appraisal person's database, can both be checked end product and about oneself test and appraisal details by test and appraisal person.Simultaneously, each test and appraisal person can read each measured person's total points numerical value and last rank from own corresponding RFID label, but can't extract other test and appraisal persons' concrete test and appraisal questionnaire, thereby has protected test and appraisal person's individual privacy.

Summary of the invention

Technical problem: the object of the invention is primarily aimed at the secret protection problem of the online test and appraisal of Internet of Things; Propose a kind of safety and calculate the secret protection assessment method in many ways based on the Internet of Things scene; When obtaining correct evaluating result, due care test and appraisal person and do not revealed by test and appraisal person's privacy information.

Technical scheme:

At first provide several definition:

The online test and appraisal of Internet of Things: because the extensive use of Internet of Things sensing equipment and RFID radio frequency identification equipment makes people carry out the mode variation more of data acquisition and data processing.The online test and appraisal of Internet of Things as the intellectualizing system of testing and assessing on the common net, will become people's participate in testing and assessing main path of questionnaire.Because the user uses different data entry terminal (such as equipment such as computer, mobile phone, PDA) to test and assess; Input terminal all is equipped with the RFID label of storage subscriber identity information, and the identity information that RFID label on the input terminal can obtain the user only need be gathered in the test and appraisal center.

Test and appraisal person: participate in filling in the crowd of test and appraisal questionnaire, the importer of the data of promptly testing and assessing.For example: in teaching test and appraisal, the student who participates in test and appraisal is exactly test and appraisal person, and they get into evaluation systems the filling in of questionnaire of testing and assessing through various data terminals, the end product that finally can obtain testing and assessing through data terminal.

Measured person: the test and appraisal object that relates on the test and appraisal questionnaire is measured person.For example: the teacher who is tested and assessed in the teaching test and appraisal is exactly said here by test and appraisal person.The student tests and assesses to the teacher through filling in relevant test and appraisal questionnaire, and teacher can see oneself last test and appraisal rank and the concrete test and appraisal questionnaire of each part, but can't see student's identity information and other teachers' test and appraisal questionnaire.

The authentication agreement: the trusted party TA (Trusted Authority) of this agreement through an authentication is for the user issues certificate, and user Prover (P) can be described below effectively to the identity of Verifer (V) checking oneself:

At first produce environmental parameter.Choose two big prime number p and q, select a (a ≠ 1) again, and a satisfies a ^q=1 (modp), the security signature of TA and verification algorithm are counted Sign respectively _TAAnd Ver _TA

The certificate authority process is following:

1) user P selects a random number r, calculates v=a ^r(modp), oneself identity ID and v are provided to TA;

2) TA is to (ID, s=Sign v) signs _TA(ID, v), TA to P issue certificate C (A)=(ID (A), v, s);

User P proves the process of identity to verifier V:

3) P transmission C (A)=(ID (A), v s) give V with v;

4) V is with the verification algorithm Ver of TA _TAThe correctness of checking C (A);

5) V selects a number e, 1≤e≤2 at random ^t(t is a security parameter), and send to P;

6) P calculates y=(v+ae) (mod q), o=a ^-1(modp), and with y and o send to V;

7) V judges equality v=a ^yo ^rModp if set up, then verifies successfully; Otherwise authentication failed.

Safety is summation score agreement in many ways: hypothesis has n user to participate in anded here; Each user has the private data of oneself; They hope to calculate a result jointly, the information of the privately owned input of oneself but any one user is unwilling to reveal to other users.Safety summation score agreement in many ways is the participant of one group of mutual mistrust of research; They provide some secret inputs; Hope to calculate safely a summing function; Each participant wants to obtain correct result of calculation, and each participant's input is simultaneously maintained secrecy, and a participant can't learn another participant's input.

Method flow

In many ways calculate the method for secret protection that the secret protection assessment method uses authentication agreement and safety to calculate in many ways based on the safety of Internet of Things scene; When obtaining correct evaluating result; Protection test and appraisal person and do not revealed by test and appraisal person's privacy information, concrete flow process is following:

Step 1) is without loss of generality, and supposes to have a n test and appraisal person, and these test and appraisal persons use different test and appraisal terminals to test and assess in Internet of Things on the net, and they are with its identify label S _iBe stored in the RFID tag RFID of having at its terminal, use the test and appraisal terminal when testing and assessing test and appraisal person, login system is the RFID label of automatic perception user terminal, and extracts its identify label S _iCarry out authentication, i=1,2 ..., n;

Step 2) login system uses the certificate authority agreement in the authentication agreement to accomplish verification process, and system gives S _iSelect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iIssue the authentication center together, authentication center is to S _iProvide identity signing certificate C (A);

Step 3) S _iV value and the identity signing certificate C (A) of end in registration information data storehouse forwarding step 2, the registration information data storehouse is through contrast test and appraisal person information database, and the proof procedure approval v and the C (A) of utilization authentication agreement agree S _iFurther information typing;

Step 4) test and appraisal person S _iIndividual to m by test and appraisal person T _jTest and assess, j=1,2 ..., m uses w _IjExpression test and appraisal person S _iTo by test and appraisal person T _jEvaluating result, simultaneously the registration information data storehouse provides each test and appraisal person S to the test and appraisal database hub _iChecking data y _iHash operation value H (y _i) and the encryption key x of evaluating result _IjHash operation value H (x _Ij);

Step 5) need be to evaluating result w for the appearance with the phenomenon of stopping to repeat to test and assess of the confidentiality that strengthens the test and appraisal process _IjCarry out cryptographic operation; Test and appraisal end S _iSend E (w _Ij, H (x _Ij)) || H (y _i) give the test and appraisal database hub, " E " is AES here, " || " is attended operation; Each test and appraisal person's H (y can be in time verified in the registration information data storehouse _i) whether legal or repeat, prevent illegal person destruction and the person of participating in evaluation and electing repeat test and appraisal, if repetition arranged then be not counted in the test and appraisal database;

Step 6) test and appraisal database hub will be tested and assessed and held the content of sending to pass to the T by test and appraisal person _jDatabase, filter out test and appraisal person's identity information, each is received the decrypted private key that send in the registration information data storehouse by test and appraisal person's database, deciphers all test and appraisal data through checking, obtains test and appraisal person S _iTo by test and appraisal person T _jEvaluating result w _Ij, and send it to the fractional computation center;

Step 7) fractional computation center is to by test and appraisal person T _jEvaluating result w _IjCorresponding mark carries out summation operation, obtains test and appraisal person S _iTo by test and appraisal person T _jMark G _Ij

Step 8) is with the G that obtains in the step 7 _IjBe converted into k position binary sequence form, each test and appraisal person's evaluating result is expressed as G _I1G _I2... G _ImWherein each is connected storage by test and appraisal person's mark, and these results are kept at the evaluating result database D _iIn;

Step 9) is with binary sequence G _I1G _I2... G _ImBe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _It, t=1,2 .., n makes Utilize safe lane with P _ItSend to other n-1 evaluating result database D _t, t ≠ i; D _iAt the P that receives all the other n-1 evaluating result databases _TiAfterwards, utilize fractional computation center calculation and formula

Step 10) D _iWith the summed result P ' of oneself _iBe broadcast to remaining n-1 evaluating result database; Each D _iAfter receiving all the other n-1 evaluating result data of database, calculate it respectively at the fractional computation center, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) obtains test and appraisal person S according to step 10 _iTo all by test and appraisal person's test and appraisal achievement sum M _i, S _iCorresponding evaluating result database D _iWith M _iSend to remaining n-1 evaluating result database; Each D _iAll obtain all test and appraisal persons' test and appraisal achievement sum M _i

Each evaluating result database D of step 12) _iAll M wherein _iThe size of value is with M _iBe worth identical S _iDeposit in the middle of the same set, compare the element number of each set then, draw the maximum set of element number, S in this set _iCorresponding M value is this D _iIn final test and appraisal mark sum;

Step 13) D _iM converts binary number to decimal number, and every then k carries out intercepting to M in the position, can obtain respectively all test and appraisal persons to each by test and appraisal person T _jLast overall score.Obtain each by test and appraisal person T according to last overall score _jLast test and appraisal rank, and this rank and last overall score be sent to all by in test and appraisal person's database.Compared M in test and appraisal person's database use step 12 _iThe method that draws the M value is tried to achieve last mark and rank by test and appraisal person, and stores;

Step 14) test and appraisal person logins evaluation system by authentication; Read each measured person's total points numerical value and last rank from own corresponding RFID tag RFID; But can't extract other test and appraisal persons' concrete test and appraisal questionnaire, protect test and appraisal person's individual privacy;

Step 15) by test and appraisal person equally through the authentication login system; Check database by test and appraisal person; The test and appraisal final ranking that can see oneself and each test and appraisal person be to own overall merit, and identity information and other that can't see test and appraisal person are same by test and appraisal person's evaluating result; Other have further been protected by test and appraisal person's individual privacy by the evaluating result that test and appraisal person also can't see him.

Beneficial effect: the present invention proposes a kind of safety based on the Internet of Things scene and calculate the secret protection assessment method in many ways, this method has following advantage:

(1), make malicious attacker can't not construct invalid test and appraisal questionnaire and to disturb normally carrying out of test and appraisal through the identity of identification protocol authentication oneself through using the authentication of the identification agreement person of test and appraisal identity.Simultaneously, add the suffix character string at the back in the test and appraisal data of encrypting and judge whether test and appraisal person repeats test and appraisal, stop same test and appraisal person repeatedly to participate in test and appraisal, further guaranteed the fail safe of test and appraisal.

(2) the present invention does not calculate in many ways and finds the solution last mark and the rank that obtains testing and assessing through there being safety under safe third party's situation, has strict fairness.Single test and appraisal person does not cooperate with other test and appraisal person, can't score in advance.With calculating the design of protocol application efficiently safely in many ways in the security evaluation system; All test and appraisal person's fellowships are sued for peace safely in many ways and are added up mark; Realize the secret security score rank of testing and assessing and not needing trusted third party, reduce the intervention of test and appraisal mechanism, guaranteed the privacy of test and appraisal.

(3) the present invention uses the evaluating result data and is separated the method for depositing the test and appraisal data by test and appraisal person's database; On safety is sued for peace the basis of scoring in many ways; Filter out test and appraisal person's identity information; Make and to be checked end product and the test and appraisal details of oneself, but can't see other by test and appraisal person's test and appraisal questionnaire by test and appraisal person.Test and appraisal person can read measured person's gross score rank from the RFID of oneself, but can't extract other test and appraisal persons' concrete test and appraisal questionnaire, has protected test and appraisal person's individual privacy.

Description of drawings

Fig. 1 is based on the online test and appraisal model framework of Internet of Things,

Fig. 2 is based on the online test and appraisal data acquisition figure of Internet of Things,

Storage of Fig. 3 evaluating result and data conversion exemplary plot,

Fig. 4 transmits matrix diagram,

Fig. 5 is based on the safety summation flow chart of scoring in many ways of test and appraisal scene.

Embodiment

In many ways the flow process of calculating the secret protection assessment method based on the safety of Internet of Things scene can be described below:

This scheme is by participating in test and appraisal person, authentication center, registration information data storehouse, test and appraisal database hub, evaluating result database, fractional computation center and formed by these set entities of test and appraisal person's database, and is specifically as shown in Figure 1:

Step 1) is without loss of generality, and supposes to have a n test and appraisal person (n is a positive integer), and these test and appraisal persons use different test and appraisal terminals to test and assess in Internet of Things on the net, and they are with its identify label S _iBe stored in the RFID tag RFID of having at its terminal.Use the test and appraisal terminal when testing and assessing test and appraisal person, login system is the RFID label (as shown in Figure 2) of automatic perception user terminal, and extracts its identify label S _iCarry out authentication, i=1,2 ..., n.

Step 2) login system uses the certificate authority agreement in the authentication agreement to accomplish verification process, and system gives S _iSelect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iIssue the authentication center together, authentication center is to S _iProvide identity signing certificate C (A).

Step 3) S _iV value in registration information data storehouse forwarding step 2 and identity signing certificate C (A), the registration information data storehouse is through contrast test and appraisal person information database, and the proof procedure approval v and the C (A) of utilization authentication agreement agree S _iFurther information typing.

Step 4) test and appraisal person S _iIndividual to m by test and appraisal person T _jTest and assess, j=1,2 ..., m.Use w _IjExpression test and appraisal person S _iTo by test and appraisal person T _jEvaluating result, simultaneously the registration information data storehouse provides each test and appraisal person S to the test and appraisal database hub _iChecking data y _iHash operation value H (y _i) and the encryption key x of evaluating result _IjHash operation value H (x _Ij).

Step 5) need be to evaluating result w for the appearance with the phenomenon of stopping to repeat to test and assess of the confidentiality that strengthens the test and appraisal process _IjCarry out cryptographic operation.Test and appraisal end S _iSend E (w _Ij, H (x _Ij)) || H (y _i) give the test and appraisal database hub, " E " is AES here, " || " is attended operation.Each test and appraisal person's H (y can be in time verified in the registration information data storehouse _i) whether legal or repeat, prevent illegal person destruction and the person of participating in evaluation and electing repeat test and appraisal, if repetition arranged then be not counted in the test and appraisal database.

Step 6) test and appraisal database hub will be tested and assessed and held the content of sending to pass to the T by test and appraisal person _jDatabase, filter out test and appraisal person's identity information, each is received the decrypted private key that send in the registration information data storehouse by test and appraisal person's database, deciphers all test and appraisal data through checking, obtains test and appraisal person S _iTo by test and appraisal person T _jEvaluating result w _Ij, and send it to the fractional computation center.

Step 7) fractional computation center is to by test and appraisal person T _jEvaluating result w _IjCorresponding mark carries out summation operation, obtains test and appraisal person S _iTo by test and appraisal person T _jMark G _Ij

Step 8) is with the G that obtains in the step 7 _IjBe converted into k position binary sequence form, each test and appraisal person's evaluating result is expressed as G as shown in Figure 3 _I1G _I2... G _ImWherein each is connected storage by test and appraisal person's mark, and these results are kept at the evaluating result database D _iIn.

Step 9) is with binary sequence G _I1G _I2... G _ImBe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _It, t=1,2 ..., n makes Utilize safe lane with P _ItSend to other n-1 evaluating result database D _t, t ≠ i.D _iAt the P that receives all the other n-1 evaluating result databases _TiAfterwards, utilize fractional computation center calculation and formula

Its process can be used the transmission matrix notation, and is as shown in Figure 4, wherein i line display D _iThe data of sending, the i row are then represented D _iThe data that receive (1≤i≤n).

Step 10) D _iWith the summed result P ' of oneself _iBe broadcast to remaining n-1 evaluating result database.Each D _iAfter receiving all the other n-1 evaluating result data of database, calculate it respectively at the fractional computation center, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) obtains test and appraisal person S according to step 10 _iTo all by test and appraisal person's test and appraisal achievement sum M _i, S _iCorresponding evaluating result database D _iWith M _iSend to n-1 evaluating result database; Each D _iAll obtain all test and appraisal persons' test and appraisal achievement sum M _i

Each evaluating result database D of step 12) _iAll M wherein _iThe size of value is with M _iBe worth identical S _iDeposit in the middle of the same set.Compare the element number of each set then, draw the maximum set of element number, S in this set _iCorresponding M value is this D _iIn final test and appraisal achievement sum.

Step 13) D _iM converts binary number to decimal number, and every then k carries out intercepting to M in the position, can obtain respectively all test and appraisal persons to each by test and appraisal person T _jLast overall score.Obtain each by test and appraisal person T according to last overall score _jLast test and appraisal rank, and this rank and last overall score be sent to all by in test and appraisal person's database.Compared M in test and appraisal person's database use step 12 _iThe method that draws the M value is tried to achieve last mark and rank by test and appraisal person, and stores.More than the score flow process is as shown in Figure 5.

Step 14) test and appraisal person is through authentication login evaluation system; Read each by test and appraisal person's total points numerical value and last rank from own corresponding RFID tag RFID; But can't extract other test and appraisal persons' concrete test and appraisal questionnaire, protect test and appraisal person's individual privacy.

Step 15) by test and appraisal person equally through the authentication login system; Check database by test and appraisal person; The test and appraisal final ranking that can see oneself and each test and appraisal person be to own overall merit, and can't see test and appraisal person's identity information and other are by test and appraisal person's evaluating result.Same, other have further been protected by test and appraisal person's individual privacy by the evaluating result that test and appraisal person also can't see him.

Teacher's test and appraisal with certain all course of institute are example; In term Mo; The student of school organization tests and assesses to the teacher of oneself on the net, does the enrollment status that the preceding evaluation system of test and appraisal needs the authentication student, to guarantee what each teacher was tested and assessed by the own student who is taught.

Input: suppose that the test and appraisal questionnaire has 10 problem Q ₁, Q ₂..., Q ₁₀Describe with 1 overall merit teacher; Total points is 100 minutes; Each problem has and differs from four in good and pass judgment on grades, the corresponding corresponding test and appraisal mark of each grade, promptly 10 minutes, 8 minutes, 6 minutes and 4 minutes; Every part of questionnaire can obtain a last test and appraisal gross score, and the test and appraisal questionnaire is tested and assessed by the student and is delivered to the test and appraisal database hub after fill at the terminal.

Output: each student can see each teacher's of section gross score and final ranking, but can't know other students' concrete questionnaire content; Each teacher can see oneself test and appraisal rank and the student test and appraisal details to it, but can not see student's identity information and other teachers' test and appraisal details, with protection student and other teachers' that participate in evaluation and electing privacy information.

N student of step 1) hypothesis uses different test and appraisal terminal (such as mobile phone, computer, PDA etc.) to test and assess in Internet of Things on the net, and they are with its identify label S _iBe stored in the RFID label of having at its terminal, i=1,2 ..., n; RFID tag storage pupilage information, for example student number, name, institute etc.Use the test and appraisal terminal when testing and assessing the student, login system is the RFID label of automatic perception student terminal, and extracts its identify label S _iCarry out authentication.

Step 2) login system uses the certificate authority agreement in the authentication agreement to accomplish verification process, and system gives S _iSelect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iIssue the authentication center together, authentication center is to S _iProvide identity signing certificate C (A).

Step 3) S _iV value and the identity signing certificate C (A) of end in registration information data storehouse forwarding step 2.The registration information data storehouse is through contrasting the database that each teacher teaches the student, and the proof of identification process approval v and the C (A) of utilization authentication agreement agree S _iFurther information typing, assurance test and appraisal middle school student and teacher's correspondence.

Step 4) student S _iThe teacher T that m professor oneself arranged _jTest and assess, j=1,2 ..., m promptly answers corresponding 10 test and appraisal problem Q ₁, Q ₂..., Q ₁₀Describe with 1 overall merit, use w teacher _IjExpression student S _iTo teacher T _jEvaluating result, simultaneously the registration information data storehouse provides each student S to the test and appraisal database hub _iChecking data y _iHash operation value H (y _i) and the encryption key x of evaluating result _IjHash operation value H (x _Ij).

Step 5) uses the md5 encryption algorithm to evaluating result w for the appearance with the phenomenon of stopping to repeat to test and assess of the confidentiality that strengthens the test and appraisal process _IjCarry out cryptographic operation.The student tests and assesses and holds S _iSend E (w _Ij, H (x _Ij)) || H (y _i) give the test and appraisal database hub, " E " is AES here, " || " is attended operation.Each student's H (y can be in time verified in the registration information data storehouse _i) whether legal or repeat, prevent illegal person's the destruction and the student's that participates in evaluation and electing the test and appraisal that repeat, if repetition is arranged then be not counted in the test and appraisal database.

Step 6) test and appraisal database hub will be tested and assessed and held the content of sending to pass to the T by the test and appraisal teacher _jDatabase, filter out student's identity information.Each teacher's database is received the decrypted private key that send in the registration information data storehouse, deciphers all test and appraisal data through checking, obtains each student S _iTo teacher T _jEvaluating result w _Ij, and send it to the fractional computation center.

Step 7) fractional computation center is to teacher T _jEvaluating result w _IjThe mark of ten corresponding problems carries out summation operation, obtains student S _iTo teacher T _jMark G _Ij

Step 8) is with the G that obtains in the step 7 _IjBe converted into k position binary sequence form, each student S _iEvaluating result be expressed as G _I1G _I2... G _ImWherein each teacher's mark connects storage, and these results are kept at the evaluating result database D _iIn.

Step 9) is with binary sequence G _I1G _I2... G _ImBe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _It, t=1,2 ..., n makes

Utilize safe lane with P _ItSend to other n-1 evaluating result database D _t, t ≠ i; D _iAt the P that receives all the other n-1 evaluating result databases _TiAfterwards, utilize fractional computation center calculation and formula

Step 10) D _iWith the summed result P ' of oneself _iBe broadcast to remaining n-1 evaluating result database.Each D _iAfter the result who receives all the other n-1 evaluating result databases, calculate it respectively at the fractional computation center, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) obtains student S according to step 10 _iTest and appraisal achievement sum M to all teachers _i, S _iCorresponding evaluating result database D _iWith M _iSend to n-1 evaluating result database; Each D _iAll obtain all teachers' test and appraisal achievement sum M _i

Each evaluating result database D of step 12) _iAll M wherein _iThe size of value is with M _iBe worth identical S _iDeposit in the middle of the same set.Compare the element number of each set then, draw the maximum set of element number, S in this set _iCorresponding M value is this D _iIn final test and appraisal mark sum.

Step 13) D _iM converts binary number to decimal number, and every then k carries out intercepting to M in the position, can obtain all students respectively to each teacher T _jLast overall score.Obtain each teacher T according to last overall score _jThe teaching last rank of testing and assessing, and this rank and last overall score be sent in all teacher database.Teacher database is used and is compared M in the step 12 _iThe method that draws the M value is tried to achieve last mark of teacher and rank, and stores.

Step 14) student reads each teacher's total points numerical value and last rank, but can't extract other students' concrete test and appraisal questionnaire through authentication login evaluation system from own corresponding RFID tag RFID, protected student's individual privacy.

Step 15) teacher checks the test and appraisal database of oneself equally through the authentication login system, can see oneself final ranking of teaching achievement and the overall merit of each student to oneself, and can't see student's identity information and other teachers' evaluating result.Same, other teachers also can't see his evaluating result, have further protected student and teacher's individual privacy, are convenient to the teacher and further improve teaching.

Claims (1)

1. the safety based on the Internet of Things scene is calculated the secret protection assessment method in many ways; It is characterized in that using authentication agreement and the method for secret protection that calculates in many ways safely; When obtaining correct evaluating result; Protection test and appraisal person and do not revealed by test and appraisal person's privacy information, concrete flow process is following:

Step 1) is without loss of generality, and supposes to have a n test and appraisal person, and these test and appraisal persons use different test and appraisal terminals to test and assess in Internet of Things on the net, and they are with its identify label S _iBe stored in the RFID tag RFID of having at its terminal, use the test and appraisal terminal when testing and assessing test and appraisal person, login system is the RFID label of automatic perception user terminal, and extracts its identify label S _iCarry out authentication, i=1,2 ..., n;

Step 2) login system uses the certificate authority agreement in the authentication agreement to accomplish verification process, and system gives S _iSelect random number r, calculate v=a ^r(modp), and v and its identification identifier S _iIssue the authentication center together, authentication center is to S _iProvide identity signing certificate C (A);

Step 3) S _iV value and the identity signing certificate C (A) of end in registration information data storehouse forwarding step 2, the registration information data storehouse is through contrast test and appraisal person information database, and the proof procedure approval v and the C (A) of utilization authentication agreement agree S _iFurther information typing;

Step 4) test and appraisal person S _iIndividual to m by test and appraisal person T _jTest and assess, j=1,2 ..., m uses w _IjExpression test and appraisal person S _iTo by test and appraisal person T _jEvaluating result, simultaneously the registration information data storehouse provides each test and appraisal person S to the test and appraisal database hub _iChecking data y _iHash operation value H (y _i) and the encryption key x of evaluating result _IjHash operation value H (x _Ij);

Step 5) need be to evaluating result w for the appearance with the phenomenon of stopping to repeat to test and assess of the confidentiality that strengthens the test and appraisal process _IjCarry out cryptographic operation; Test and appraisal end S _iSend E (w _Ij, H (x _Ij)) || H (y _i) give the test and appraisal database hub, " E " is AES here, " || " is attended operation; Each test and appraisal person's H (y can be in time verified in the registration information data storehouse _i) whether legal or repeat, prevent illegal person destruction and the person of participating in evaluation and electing repeat test and appraisal, if repetition arranged then be not counted in the test and appraisal database;

Step 6) test and appraisal database hub will be tested and assessed and held the content of sending to pass to the T by test and appraisal person _jDatabase, filter out test and appraisal person's identity information, each is received the decrypted private key that send in the registration information data storehouse by test and appraisal person's database, deciphers all test and appraisal data through checking, obtains test and appraisal person S _iTo by test and appraisal person T _jEvaluating result w _Ij, and send it to the fractional computation center;

Step 7) fractional computation center is to by test and appraisal person T _jEvaluating result w _IjCorresponding mark carries out summation operation, obtains test and appraisal person S _iTo by test and appraisal person T _jMark G _Ij

Step 8) is with the G that obtains in the step 7 _IjBe converted into k position binary sequence form, each test and appraisal person's evaluating result is expressed as G _I1G _I2... G _ImWherein each is connected storage by test and appraisal person's mark, and these results are kept at the evaluating result database D _iIn;

Step 9) is with binary sequence G _I1G _I2... G _ImBe converted into decimal system numerical value P _i, and these decimal system numerical value are splitted into n number P at random _It, t=1,2 .., n makes

Utilize safe lane with P _ItSend to other n-1 evaluating result database D _t, t ≠ i; D _iAt the P that receives all the other n-1 evaluating result databases _TiAfterwards, utilize fractional computation center calculation and formula

Step 10) D _iWith the summed result P ' of oneself _iBe broadcast to remaining n-1 evaluating result database; Each D _iAfter receiving all the other n-1 evaluating result data of database, calculate it respectively at the fractional computation center, can calculate all test and appraisal achievement sum M:

$M=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i^{\′}=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_{\mathrm{ti}}=\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{P}_t=\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{P}_i$

Step 11) obtains test and appraisal person S according to step 10 _iTo all by test and appraisal person's test and appraisal achievement sum M _i, S _iCorresponding evaluating result database D _iWith M _iSend to remaining n-1 evaluating result database; Each D _iAll obtain all test and appraisal persons' test and appraisal achievement sum M _i

Each evaluating result database D of step 12) _iAll M wherein _iThe size of value is with M _iBe worth identical S _iDeposit in the middle of the same set, compare the element number of each set then, draw the maximum set of element number, S in this set _iCorresponding M value is this D _iIn final test and appraisal mark sum;

Step 13) D _iM converts binary number to decimal number, and every then k carries out intercepting to M in the position, can obtain respectively all test and appraisal persons to each by test and appraisal person T _jLast overall score.Obtain each by test and appraisal person T according to last overall score _jLast test and appraisal rank, and this rank and last overall score be sent to all by in test and appraisal person's database.Compared M in test and appraisal person's database use step 12 _iThe method that draws the M value is tried to achieve last mark and rank by test and appraisal person, and stores;

Step 14) test and appraisal person logins evaluation system by authentication; Read each measured person's total points numerical value and last rank from own corresponding RFID tag RFID; But can't extract other test and appraisal persons' concrete test and appraisal questionnaire, protect test and appraisal person's individual privacy;

Step 15) by test and appraisal person equally through the authentication login system; Check database by test and appraisal person; The test and appraisal final ranking that can see oneself and each test and appraisal person be to own overall merit, and identity information and other that can't see test and appraisal person are same by test and appraisal person's evaluating result; Other have further been protected by test and appraisal person's individual privacy by the evaluating result that test and appraisal person also can't see him.

Images