CN103680111A - Method and system capable of verifying intelligent sensing terminal data aggregation - Google Patents

Abstract

The invention discloses a method and a system capable of verifying intelligent sensing terminal data aggregation. The method comprises the following steps of firstly, generating and publishing global parameters by a network data aggregation server, collecting and generating registration information and encrypted spare data item sets of all the intelligent sensing terminals, and distributing the registration information and the encrypted spare data item sets to different data aggregation nodes; secondly, verifying the intelligent sensing terminals through the data aggregation nodes and alternately finishing a data aggregation process; finally, finishing verification on the correctness and the integrity of data statistic and a network data collecting process by using all the data published in the whole network data collecting process. The method is mainly characterized in that the data submitted by the intelligent sensing terminals in the data collecting process has the characteristics of privacy safety, statistic simplicity and verifiability.

Description

Can verify Intellisense terminal data method for congregating and system

Technical field

Briefly, the present invention relates to computer information safety technique field, and relate to particularly a kind of Intellisense terminal data method for congregating and system thereof with features such as verifiabilities.

Background technology

At present, data gathering system is conventionally by the aggregation server that is positioned at center, and a plurality of aggregation nodes and a plurality of terminal formation that are distributed to various places.Terminal gather after data at the scene, through simple, process, data are passed through wired, or the wireless mode such as WIFI, bluetooth, ZigBee is submitted to nearest aggregation node, aggregation node generates the data report of encrypting, then by computer network, sends these reports to aggregation server.After accumulation process finishes, aggregation server is added up, is analyzed all field data reports that collect, and announces statistics.Terminal can be wire communication terminal, as common PC, may be mobile terminal more, as smart mobile phone, PDA, panel computer, notebook computer etc.By configuring different sensing modules, terminal can gather polytype field data, comprises COMMUNICATION NETWORK PERFORMANCES parameter, environment temperature at the scene, air quality, traffic, free market commodity price etc.Therefore terminal data lens system can be applied under several scenes, and the statistic analysis result of aggregate data is held macroscopical situation to decision maker strong help is provided.

Compare with traditional lens system based on wireless sensor network (WSN:Wireless Sensor Network), the sensing node of terminal data lens system has intelligent and movability, can carry out pre-service to data, and can in moving process, gather more data, do not worry power issue yet, can also utilize in addition the existing mobile terminal that has been distributed to various places, without the extra sensing node of disposing.But in large-scale distributed data acquisition, adopt terminal also can bring new security threat.First be privacy concern.Participate in the terminal of data acquisition, as mobile phone etc., be accompanied by often that its user moves, so these terminals are when submitting image data to, also exposed its user's the privacy informations such as identity, position, mechanics.Next is data integrity issues, and because terminal is not subject to the control of central server, some malicious nodes can pretend to be legal terminal repeatedly to send data, to affect the integrality of statistics.Data also may revised by the via node of malice in central server transport process.In addition, carry out the server of data statistics and also may distort statistics, make the be uncertain about authenticity of statistics of the final user of data.

, in prior art, exist when hiding individual terminal and submitting data to for this reason, still can obtain the statistics of aggregate data, and the integrality of this result does not rely on lens system and the method for the honesty of data gathering server.

Summary of the invention

Intellisense terminal data lens system described in the invention can be protected the privacy of perception terminal; when hiding individual terminal submission data; still can obtain the statistics of aggregate data; and the integrality of this result does not rely on the honesty of data gathering server, any third party can verify according to public data the authenticity of statistics.Each data intelligence perception terminal can also verify whether the data of oneself are counted final statistics, and this feature has increased the transparency of accumulation process, has strengthened the confidence of domestic consumer's participation data gathering.

The problem to be solved in the present invention is to provide a kind of new intelligent terminal network data method for congregating and related system thereof, makes this Intellisense terminal data method for congregating and system thereof have personal secrets, can verify etc. that network data assembles required important advantage in application.

Important component part and main flow process involved in the data gathering process of above-mentioned Intellisense terminal data lens system are described in detail as follows:

Preferably, the formation of data gathering system is: Intellisense terminal data lens system is by the data gathering server that is positioned at center, a plurality of data gathering nodes, and the Intellisense terminal that is distributed to various places forms.After Intellisense terminal collection site data, through simple, process, data are passed through wired, or the wireless mode such as wIFI, bluetooth, zigBee is submitted to nearest data gathering node, data gathering node generates enciphered data report, then by computer network, sends these data reports to data gathering server.After accumulation process finishes, data gathering server is added up, is analyzed all field datas of collecting, and announces statistics.The client of data gathering system is query and statistical analysis result and raw data from data gathering server.

The function of each chief component in this system is described below.

Preferably, data gathering server comprises:

Bulletin unit: bulletin unit is for each participant broadcast to system, and leaving data on bulletin unit in can be inquired about at any time by anyone.Data gathering server can only append new message at bulletin unit messaging list afterbody, and each message attached the digital signature of data gathering server, to prevent that assailant from distorting with server, denies.

Registering unit: each intelligent terminal that participates in data gathering before accumulation process starts, first utilize under line and the mode combining online to data gathering server registration.Each terminal T _igenerate a pair of public private key pair (v _i, x _i), and by PKI y _iassumed name as oneself sends to data gathering server, private key x _iby terminal oneself is secret, preserve.T _ito utilize x _ithe data report that oneself is submitted to carries out digital signature, to guarantee the reliability of Data Source.After the legitimacy of this terminal of server authentication, by its PKI y _ibe saved in legal Intellisense terminal assumed name list T_List.

Initialization unit: the alternative collection of data items of being responsible for generating common parameter, secret random number, encryption.After the alternative collection of data items of encrypting generates, secret random number can abandon.After initialization procedure finishes, common parameter is appended to the afterbody of bulletin unit messaging list.

Data gathering unit: (1) removes by the alternative collection of data items of encrypting the background data base that a plurality of subsets are input to respectively each data gathering node.(2) the authentication information list T_List of all legal Intellisense terminals is input to the background data base of each data gathering node.(3) from each data gathering node, collect data.

Data statistics release unit: carry out data statistics according to the enciphered data report that in network, all data intelligence perception terminals are submitted to, provide statistical conclusions according to data statistics result.Meanwhile, utilize the data report that BBS (Bulletin Board System) system is submitted all data intelligence perception terminals to announce, so that client's inquiry and checking statistics.

Preferably, data gathering node comprises:

The function that data gathering node will complete comprises: the alternative collection of data items that (1) safe storage is encrypted.(2) legitimacy of Intellisense terminal is verified.Taking precautions against some malice terminals pretends to be legal terminal repeatedly to participate in data gathering process to destroy the integrality of assembling result.(3) receive the data of Intellisense terminal, translated into corresponding enciphered data report.(4) utilize the enciphered data report that interactive mode generates to terminal proof to encapsulate truly the data that terminal is submitted to.

Preferably, Intellisense terminal comprises:

Intellisense terminal is obtained field data and is generated the data options of being approved by data gathering node accordingly by sensing module.When moving in the transmission range of certain data gathering node, data options is sent to this node, the validity of the enciphered data report simultaneously generating with interactive mode checking node.Last Intellisense terminal is utilized the private key x of oneself _ifor final definite enciphered data report generation digital signature.

According to a further aspect in the invention, a kind of method that provides network data to assemble, described method comprises following process: basic data gathering process was comprised of initial phase, endpoint registration stage, data gathering stage and statistics stage.(1), at initial phase, data gathering server is responsible for generating the alternative collection of data items of common parameter, secret random number, encryption.After the alternative collection of data items of encrypting generates, secret random number can abandon.After initialization procedure finishes, common parameter is appended to the afterbody of bulletin unit messaging list, for other participants, downloads.The alternative collection of data items of encrypting is removed the background data base that a plurality of subsets are input to respectively each data gathering node.At each data gathering node of this stage, need to generate the public private key pair (Y for authenticating of oneself _i, X _i).The PKI Y of all legal data gathering nodes _iform list N_List, and N_List is appended to the bulletin unit of data gathering server.(2) at registration phase, each intelligent terminal that participates in data gathering before the gathering stage starts first to data gathering server registration.Each terminal T _igenerate a pair of public private key pair (y _i, x _i), PKI y _ias Intellisense terminal assumed name, be saved in terminal authentication information list T_List.Private key x _iby terminal oneself, be responsible for secret preservation.(3), in the data gathering stage, first Intellisense terminal carries out interactive authentication with the nearest data gathering node of distance oneself, then the data of collection in worksite is sent to this data gathering node.This node receives after the data of terminal, is translated into corresponding enciphered data report.Terminal can be verified with interactive mode the validity of the enciphered data report that this node generates.The last data report form generating of data gathering node is 4 tuples (Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signatures of data gathering node).Active data report finally sends to data gathering server by computer network, by server, they is published to bulletin unit.(4) in the data statistics stage, all data report counting statistics results that data gathering server by utilizing was collected.Other participants can not have under the condition of decruption key the integrality with verification msg according to the simple algorithm counting statistics of the data report utilization result on bulletin unit yet.

According to a preferred embodiment of the invention, the method for described network data gathering further comprises:

Initial phase

The groundwork in data gathering procedure initialization stage is by data gathering server, to be responsible for generating the alternative collection of data items of common parameter, secret random number, encryption.The PKI PK of tentation data aggregation server _vAall participants of data gathering system by reliable mode, have been distributed to.With PKI PK _vAcorresponding private key SK _vAby a plurality of child servers, utilize threshold secret sharing scheme jointly to hold.The initial work that data gathering server specifically will complete is as follows.

Generate common parameter

Data gathering server is responsible for generating following common parameter:

1. generate two large prime number p, q, meet 2q=p-1, and group

upper discrete logarithm problem is difficult to resolve.That is, generate two large prime number p, q, meet 2q=p-1, and require according to the group of p formation on discrete logarithm problem difficulty hypothesis set up, thereby guarantee that the data item of encrypting is not cracked.

2. exist

, in choose at random q rank element g, h, and establish and generated by g

cyclic subgroup be G.Nobody because being the child servers of a plurality of data gathering servers, g and h jointly chooses at random, so under discrete logarithm problem difficulty hypothesis, can know that h is about the discrete logarithm of g.

3. secure Hash function H ₁: { 0,1} ^*→ Z _q, when it will be used to generate the alternative data item of encryption, construct non-interactive zero-knowledge proof.

4. the terminal of supposition participation data gathering has at most n (reality is less than or equal to n certainly), and data gathering server needs to determine in advance number N=ε n of the alternative data item of encryption, and wherein ε >=2 are a safety coefficient.The number that each Intellisense terminal on average can be arranged alternative data item is ε, wherein only has one as valid option, and other option can be used for the confidence level of check data aggregation node by Intellisense terminal.ε is larger, and the terminal that participates in checking work is more, and the cheating of data gathering node is more easily tested out.Obviously, ε is larger, and the expense of system is also larger, so will between security and efficiency, do a balance during actual deployment.Suggestion ε gets 5 or 10.

The above-mentioned common parameter that data gathering server generates, comprises p, q, g, h, n, N, hash function H ₁descriptor, alternative collection of data items { C ₁, C ₂..., C _m, before data gathering starts, all to be published to bulletin unit, and enclose the digital signature of data gathering server.Any participant can obtain these common parameters, and utilizes PKI PK _vAthe authority of checking public information.

In addition, the normal operation of system must suppose that parameter N and m satisfy condition:

wherein

with

represent respectively get whole and take off whole.

Generate the alternative collection of data items of encrypting

Suppose that alternative collection of data items is { C ₁, C ₂..., C _m, and parameter N and m satisfy condition

if

before the data gathering stage starts, the following mode of each participant utilization of data gathering server is combined the alternative collection of data items that generates N encryption.

From integer set [0,1 ..., 2 ^e] in get 2m group (every group N-1) random number:

{k _1，1，k _1，2，...，k _1，N-1}，{k _2，1，k _2，2,...，k _2，N-1},...，{k _m，1,k _m，2,...，k _m，N-1}，

{t _1，1，t _1，2，...，t _1，N-1}{t _2,1，t _2,2，...，t _2,N-1}，...，{t _m，1，t _m,2，...，t _m,N-1}

Then calculate:

$k_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\Σ}}}{k}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\·\·\·,m)$

$t_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\Σ}}}{t}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\·\·\·,m)$

Based on above result, calculate again:

$k_j=\underset{i=1}{\overset{m}{\mathrm{\Σ}}}{2}^{e(i-1)}{k}_{i,j}(j=\mathrm{1,2},\·\·\·,N)$

$t_j=\underset{i=1}{\overset{m}{\mathrm{\Σ}}}{2}^{e(i-1)}{t}_{i,j}(j=\mathrm{1,2},\·\·\·,N)$

{ the k that easily proof generates according to the method described above ₁, k ₂..., k _n, { t ₁, t ₂..., t _nmust meet:

$\left(\underset{j=1}{\overset{N}{\mathrm{\Σ}}}{k}_j\right){\mathrm{mod}2}^e=0,\left(\underset{j=1}{\overset{N}{\mathrm{\Σ}}}{t}_j\right){\mathrm{mod}2}^e=0$

{ k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nin generating the alternative collection of data items process of encryption, as secret value secured fashion, preserve.

2. data gathering server calculates:

$W_j=g^{k_j}{h}^{t_j},j=\mathrm{1,2},...,N$

Be easy to proof { W ₁, W ₂..., W _nmeet:

$\underset{j=1}{\overset{N}{\mathrm{\Π}}}{W}_j=\underset{j=1}{\overset{N}{\mathrm{\Π}}}{g}^{k_j}{h}^{t_j}=1$

Can be by { W ₁, W ₂..., W _nregard as about secret random number { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nsafety certificate (Commitment).Can not betray the pot to the roses any information of random number of safety certificate, and under discrete logarithm problem difficulty hypothesis, once announce safety certificate, data gathering server cannot adopt one group of different random numbers k ' ₁, k ' ₂..., k ' _n, t ' ₁, t ' ₂..., t ' _nfor the production of alternative collection of data items.

3. data gathering server generates and encrypts alternative collection of data items:

$v_{j,0}=k_j,P_{j,0}=\mathrm{NIZK}\left\{t_j\right|h^{t_j}=W_j{g}^{-v_{j,0}}\}$

v _j，i=k _j+2 ^e(i-1)，

i=1，2，…，m，

j=1，2，…，N

P in above formula _{j, i}=NIZK{t _j| A (t _j) represent about secret value t _jnon-interactive zero-knowledge proof.Pass through P _j,i, data gathering server can be at the value of betraying the pot to the roses t not _jprerequisite under, prove to meet and assert A (t _j) set up, thereby do not revealing k _jprerequisite under prove v _{j, i}building method protocol compliant regulation.Construct this non-interactive zero-knowledge proof and will use hash function H ₁: { 0,1} ^*→ Z _q.

{ (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _{j, m}, P _{j, m}) forming the alternative groups of data items of an encryption, total N of such alternate item group, forms the alternative collection of data items of encrypting: { (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m) (j=1,2 ..., N).When submitting data to, if Intellisense terminal is selected C _i, by data gathering node by option (v _j,i, P _j,i) report to data gathering server.And (v _{j, 0}, P _{j, 0}) comparatively special, will be used to Validation of Data.

4. data gathering server can be encrypted alternative data item { (v by the N of above-mentioned generation _{j, 0}, P _j,,0), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _{j, m}) (j=1,2 ..., N) be divided into a plurality of subsets (according to data gathering interstitial content), and with secured fashion, import in the background data base of a plurality of data gathering nodes respectively.

5. data gathering server is by { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _netc. secret value delete, by { W ₁, W ₂..., W _nbe published on bulletin unit and enclose oneself digital signature.Any participant can be by checking whether set up the whether protocol compliant requirement of the alternative collection of data items of encryption that check data aggregation server generates.

Registration phase

At registration phase, each intelligent terminal that participates in data gathering before the gathering stage starts, first utilize under line and the mode combining online to data gathering server registration.Concrete register method is:

1. the supvr of data gathering server utilizes the legitimacy of mode under line (Offline) checking intelligent terminal, for example, check terminal possessor's I.D. or the product IDs of terminal.Check unsuccessfully, stop immediately registration process.

2. each terminal T _igenerate a pair of public private key pair (y _i, x _i).The public key signature algorithm adopting can be any safe algorithm that is proved to be, as RSA Algorithm, DSA algorithm etc.Which class algorithm data gathering server and intelligent terminal both sides to adopting arrange in advance.

3. terminal T _iby PKI y _isend to data gathering server.For proving this terminal, hold and PKI y _icorresponding private key, server generates a random number r, and usings r||timestamp as challenge message m, and wherein timestamp represents timestamp.Server makes terminal generate the digital signature sig (m) about m, then the validity of check signature sig (m).Check unsuccessfully, stop immediately registration process, otherwise proceed next step.

4. pass through after check PKI y _ithe assumed name that is used as this intelligent terminal is saved in the authentication information list AC_List of data gathering server.Private key x _iby terminal oneself, be responsible for secret preservation.

5. the list of public keys N_List of all legal back end is downloaded in the storer of intelligent terminal.Registration process finishes.

In above-mentioned registration process, only have data gathering server to know assumed name y _iwith the corresponding relation of physical end ID, and cannot obtain this corresponding relation for the user of data gathering node, data gathering system.Therefore, provide certain terminal user's privacy protecting here.

The data gathering stage

In the data gathering stage, first Intellisense terminal carries out interactive authentication with the nearest data gathering node of distance oneself, then the data of collection in worksite is sent to this data gathering node.Data gathering node sends these data to data gathering server by computer network again.The concrete course of work is as follows.

1. after data perception intelligent terminal reaches within the scope of the efficient communication of certain data gathering node, first complete interactive authentication with this node.Because terminal is held the list of public keys N_List of all legal data gathering nodes, so can utilize " addressing inquires to-response " method to authenticate legal data gathering node.On the other hand, because data gathering node can obtain from data gathering server the list T_List of legal terminal, so can utilize " addressing inquires to-response " method to authenticate legal data perception intelligent terminal.

2. after interactive authentication passes through, data gathering node sends all alternative data item expressly to intelligent terminal, is about to set { C ₁, C ₂..., C _msend to terminal.

Terminal according to field measurement data from { C ₁, C ₂..., C _min select corresponding option (to be assumed to C _i), and the selection of oneself is sent to data gathering node.

4. data gathering node is from alternative the collection of data items { (v of encryption _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _{j, m}) (j=1,2 ..., appoint in N) and get an option group { (v _{k, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m), then will with C _icorresponding (v _j,i, P _{j, i}) as the final alternative data item of encryption generating.

Data gathering node is by v _{j, i}corresponding binary string is divided into m part from low level to a high position, and each part comprises e bit (most significant digit part comprises bit number and may be greater than e), then with m partial binary, concatenates into m corresponding tens digit (d ₁, d ₂..., d _m).

Data gathering node is by option (v _j,i, P _{j, i}), (d ₁, d ₂..., d _m) and oneself digital signature S _nsend to terminal.

5. after terminal checking node digital signature validity, there are two kinds of selections: " re-entering " and " submission ".

If selected " submission ", terminal is utilized the private key x of oneself _ito the data { (v that will submit to _j,i, P _j,i), (d ₁, d ₂..., d _m) generating digital signature S _t, S then will sign _tsend to data gathering node.Data gathering node generates final data report Report={y _i, (v _j,i, P _{j, i}), (d ₁, d ₂..., d _m), S _n, S _t, y wherein _iit is the assumed name of terminal.Data gathering node sends to data gathering server by data report, and returns success message to terminal.After submitting to successfully, the report of Intellisense terminal save data, and leave.

If terminal is selected " re-entering ", data gathering node starts the encrypted data item { (v that " data report validation verification " flow process (finishing its detailed process below) verification msg aggregation node generates _j,i, P _j,i), (d ₁, d ₂..., d _m) the data C to submission that should terminal whether really _i.After being verified, return the 3rd step, terminal resubmits data, and node regenerates corresponding encrypted data item.

6. after the data gathering phase finishes, each data gathering node will own remaining standby alternative collection of data items { (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m) (v _{j, 0}, P _{j, 0}) part sends to data gathering server, and be labeled as " calcellation ".

Through above 6 steps, the data report of each Intellisense terminal has been submitted to the bulletin unit of the standby devices of data gathering clothes with the form of encrypting, and anyone can inquire about.

Above the idiographic flow of " data report validation verification " of the 5th step as follows:

(1) after data gathering node receives the terminal request of " re-entering ", data gathering node is by (v _j,0, P _{j, 0}) and v _{j, 0}m corresponding decimal number d ' ₁, d ' ₂..., d ' _msend to terminal.

(2) Intellisense terminal is verified then and there: for two groups of numeral { d ₁, d ₂..., d _mand d ' ₁, d ' ₂..., d ' _m, except d _i-d ' _i=1, other a m-1 numeral all equates.If do not met, illustrate that data gathering node is in cheating.

(3) P of Intellisense terminal checking node output _{j, 0}, P _{j, i}and the digital signature S of data gathering node _nwhether effective.If invalid, terminal stops submitting data to this node, and can retain relevant evidence and think that data gathering server complains this node later.

(4) if data item (v _j,i, P _j,i) be used to do validation verification, this data item is equivalent to be cancelled.Data gathering node is only by (v _{i, 0}, P _{j, 0}) be submitted to data gathering server.

The data statistics stage

After data gathering process finishes, the information on data gathering server announcement unit is locked.First data gathering server checks in the data report list on bulletin unit whether comprise N item, if be less than N, some preliminary data item loss is described.After the preliminary data item polishing of losing, anyone can be according to the information counting statistics result on bulletin unit.

If the item set of announcing on bulletin unit is combined into { (v ₁, P ₁), (v ₂, P ₂) ..., (v _n, P _n), each v _im the tens digit that (1≤i≤N) is corresponding is { d _{i, 1}, d _{i, 2}..., d _i,m.

So, option C _jthe statistics R that (1≤j≤m) is final _jfor

$R_i=\left(\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{d}_{i,j}\right)\mathrm{mod}{2}^e(1\≤j\≤m)$

By simple modulo addition, can obtain statistics.And the validity of each data report can be passed through zero-knowledge proof P _iand the validity of correlated digital signature is tested.

Principle from statistic algorithm is as follows: according to the process that generates the preliminary data option set of encrypting, can find out the data options v of each encryption _j(1≤j≤N), if be not marked as calcellation, can be expressed as

form, b wherein _j∈ 1,2 ..., m}; If be marked as calcellation, can be expressed as v _j=k _jform.B _jvalue depend on the actual selection of corresponding Intellisense terminal.If Intellisense terminal has been selected alternate item C _i, b _j=i.

Further, k _jcan be expressed as form.Therefore, with v _jm corresponding tens digit d _j,i(i=1,2 ..., m) can be expressed as k _{i, j}+ b _{i, j}form.B wherein _i,j value 0 or 1, if 1, be expressed as and select alternative data item C _i.If b _j=i, b _i,j=1, and b _k,j=0 (k ≠ i).At v _jduring for calcellation, b _{i, j}(i=1,2 ..., m) all equal 0, do not select any alternative data item.

According to the process that generates the set of standby suggestion option, known

therefore,

$R_i=\left(\underset{j=1}{\overset{N}{\mathrm{\Σ}}}{d}_{j,i}\right)\mathrm{mod}{2}^e=\left[\underset{j=1}{\overset{N}{\mathrm{\Σ}}}(k_{i,j}+b_{i,j})\right]\mathrm{mod}{2}^e=\underset{j=1}{\overset{N}{\mathrm{\Σ}}}{b}_{i,j}\mathrm{mod}{2}^e$

Be R _ifor alternate item C _inumber of support.

Data gathering method according to the present invention has the following advantages compared with the conventional method:

Statistics is simple

One of advantage of designed data gathering system is that statistics is simple.This feature is mainly reflected in following two aspects.

1. from statistical.After data gathering process finishes, any system user can be according to the public information counting statistics result on data gathering server announcement unit.Whole statistic processes does not need to trust and rely on any statistics center, has therefore greatly increased the transparency of data gathering.

2. statistic algorithm is simple.In statistic processes, only need to use very simple modulo addition.The computer program of realizing statistic algorithm also will be easily understood very much, without the software that relies on security expert's realization of minority, therefore further increase the confidence level of statistics.

Verifiability

According to designed data gathering method, almost at whole data gathering process links, all there is verifiability, observer or participant can check this link whether to have cheating.The verifiability of this reinforcement guaranteed data gathering result integrality and credibility.

1. the checking of pair alternative collection of data items generative process

In the generative process of alternative collection of data items, can announce disclosed random commitment value (W on unit by check ₁, W ₂..., W _nwhether meet:

$\underset{j=1}{\overset{N}{\mathrm{\Π}}}{W}_j=\underset{j=1}{\overset{N}{\mathrm{\Π}}}{g}^{k_j}{h}^{t_j}=1$

Verify the secret random value { k that generates alternative collection of data items ₁, k ₂..., k _n, { t ₁, t ₂..., t _nwhether meet following condition:

$\left(\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{k}_i\right){\mathrm{mod}2}^e=0,\left(\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{t}_i\right){\mathrm{mod}2}^e=0.$

Above-mentioned two conditions are the keys that realize from statistics.In addition, under discrete logarithm problem difficulty hypothesis, once announce safety certificate { W ₁, W ₂..., W _n, data gathering server cannot adopt a different set of random number k ' ₁, k ' ₂..., k ' _n, t ' ₁, t ' ₂..., t ' _nfor generation of alternative collection of data items, therefore taken precautions against the cheating of data gathering server in suggestion collection stage and the alternative data item of data gathering node conspiracy modification.

2. alternative data item verification of correctness

Any participant can be by check zero-knowledge proof P _{j, i}the data item v that generates of validation verification data gathering server _j,icorrectness, verify v _{j, i}whether the middle alternate item with cipher mode encapsulation belongs to the alternate item set { C of appointment ₁, C ₂..., G _m, and only encapsulated one of them alternate item.

3. data gathering node honesty checking

In aggregate data submission process, if participate in the intelligent terminal of data gathering, selected alternate item C _i, a corresponding alternate item C of data report possibility that dishonest data gathering node generates _k(k ≠ i), has so just run counter to the wish of Intellisense terminal.

System adopts following verification method to take precautions against above-mentioned cheating: Intellisense terminal is selected an alternate item C first at random _i, data gathering node will with C _icorresponding enciphered data report (comprises { d ₁, d ₂..., d _mand (v _j,i, P _{j, i})) output, and enclosed the signature of oneself.If terminal is abandoned afterwards " confirming to submit to ", node is by (v _{j, 0}, P _{j, 0}) and v _{j, 0}m corresponding decimal number d ' ₁, d ' ₂..., d ' _moutput.By contrasting two groups of numerals and check P _{j, i}and P _{j, 0}validity, just can check the whether real and C of the data report of node output _icorresponding.At this, start to generate after report, node cannot determine that Intellisense terminal selects " confirming to submit to " still " to abandon ", once guess wrong, node cannot be denied, because node has been exported the digital signature of oneself.Therefore for the checking of single Intellisense terminal, the node successful probability of practising fraud only has 1/2.If there be f Intellisense terminal to do check, node can be practised fraud successful probability for (1/2) ^f.The process being generated from alternative collection of data items, number N=ε n of standby alternative data item, ε gets 5 or 10.Therefore each Intellisense terminal on average can be used 5 or 10 standby suggestion options, on average has 4 or 9 checking machine meetings.During large-scale data is assembled, as long as there is fraction Intellisense terminal to do check to the honesty of node, the probability that node can successfully be practised fraud is very little.

4. Intellisense terminal legality checking

Anyone can be according to disclosed Information Authentication on data gathering server: only have through the terminal in the legal Intellisense terminal assumed name list T_List of authentication and submitted data report to, each data report has attached and assumed name y _imatch digital signature.。

5. whether the data report of Intellisense terminal checking oneself is counted net result

After completing suggestion submission, Intellisense terminal can obtain the data of data gathering server announcement unit output.Intellisense terminal can check whether the data report of oneself appears in the data report list of announcing on bulletin unit.If no, can be to the complaint of data gathering server, the evidence (signature that has data gathering data gathering node in data report) that data gathering server is preserved according to terminal finds cheating node.

Personal secrets

Personal secrets in data gathering process refer to except terminal user oneself, and assailant cannot determine actual which the alternative data item of having submitted to of this terminal.Set data gathering system is protected terminal privacy from following several aspects:

1. the data report that is published to data gathering server announcement unit has all adopted encrypted form.(data item form is v _j=k _j+ 2 ^{e (bj-1)}, k wherein _jcan be regarded as encryption key), the reliability prove P of data item _jcan not expose alternate item information (this is to be guaranteed by the characteristic of zero-knowledge proof), therefore except data gathering server, (know k yet _i), anyone cannot judge by the data report of announcing on bulletin unit the data of the actual submission of Intellisense terminal.

2. although data gathering node is known data options v _jthe alternate item of middle encryption, but they only know the assumed name of Intellisense terminal, can not be by data options v _jget up with the true identity information association of Intellisense terminal.

It should be noted that structure and/or material that these accompanying drawings are intended to the general characteristic of describing method, use in certain exemplary embodiments, and the description being intended to providing supplements below.Yet these accompanying drawings are not pro rata, and neither accurately reflect fine structure or the Performance Characteristics of the embodiment providing arbitrarily, and also should not be construed as by illustrative embodiments comprised numerical range or attribute are defined or limited.In each accompanying drawing, use same or identical Reference numeral to be intended to indication and have same or identical element or feature.

Accompanying drawing explanation

Generally described the present invention, referring now to accompanying drawing, it is scale according to the rules, wherein:

Fig. 1 is the structural representation of Intellisense terminal data lens system according to the preferred embodiment of the present invention;

Fig. 2 is the structural representation of data gathering server according to the preferred embodiment of the present invention;

Fig. 3 utilizes network data lens system to carry out the process flow diagram of the method for data gathering according to the preferred embodiment of the present invention;

Fig. 4 is that the network data lens system of utilizing of another preferred implementation according to the present invention is carried out the process flow diagram of the method for data gathering; And

Fig. 5 be according to the present invention again the network data lens system of utilizing of a preferred implementation carry out the process flow diagram of the method for data gathering.

Embodiment

Although illustrative embodiments can be carried out various modifications and be adopted alternative form, its embodiment provides in the accompanying drawings as embodiment, and will be described in detail here.Yet, should be understood that, illustrative embodiments should be defined as to particular forms disclosed, on the contrary, illustrative embodiments is intended to contain and falls into right and will remove all modifications, equivalent and the substitute in scope.In the description of whole accompanying drawing, identical Reference numeral represents identical element.

Below in conjunction with the drawings and specific embodiments, the network data accumulation process on a large scale of take is once example, and network data lens system and correlation technique thereof described in the invention are described further.

Fig. 1 is the structural representation of Intellisense terminal data lens system according to the preferred embodiment of the present invention.As shown in Figure 1, Intellisense terminal data lens system 100 comprises: client terminal 101, data gathering server 102, a plurality of data gathering node 103 (103a, 103b,, 103n) with a plurality of Intellisense terminal (104a, 104b, 104c, 104d, 104e and 104f).Preferably, client terminal 101 can be any type device that can move and store various application, for example personal digital assistant (PDA), smart mobile phone, flat computer, wireless telephone, mobile computing device, camera, video recorder, audio/video player, positioning equipment (for example, GPS (GPS) equipment), game station, wireless device or various other similar equipment or its combination.

Preferably, data gathering server 102 is any computer equipments that can realize data gathering, can be independent server or the cluster server of a plurality of server composition.Data gathering server 102 comprises: bulletin unit, registering unit, initialization unit, data gathering unit and data statistics unit, wherein will be described in detail below the concrete function of unit.Preferably, a plurality of data gathering node 103 (103a, 103b, each 103n) is suitable for utilizing the log-on message of a plurality of Intellisense terminals of storing in network data aggregation server to authenticate corresponding Intellisense terminal, Intellisense terminal by authentication is determined the data that are associated with described Intellisense terminal in the alternative data item of encrypting, described data gathering nodes records four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node, as data report, submit to data gathering server.Preferably, each in a plurality of data gathering nodes all meets the data of collecting from least one Intellisense terminal.As shown in Figure 1, data gathering node 103a is connected with 104b with Intellisense terminal 104a, is responsible for collecting the data from Intellisense terminal 104a and 104b.Data gathering node 103b is connected with Intellisense terminal 104c, is responsible for collecting the data from Intellisense terminal 104c.Data gathering node 103n is connected with 104f with Intellisense terminal 104d, 104e, is responsible for collecting the data from Intellisense terminal 104d, 104e and 104f.The Intellisense terminal that each data gathering node is responsible for respectively it to connect separately authenticates.

Preferably, each in a plurality of Intellisense terminals (104a, 104b, 104c, 104d, 104e and 104f) is suitable for determining in the alternative data item of encrypting the data that are associated with described Intellisense terminal.Described a plurality of Intellisense terminal can be that geographically disperse or geographically contiguous.Preferably, Intellisense terminal can be various types of sensors, such as sound transducer, humidity sensor, temperature sensor, pressure transducer etc.Preferably, Intellisense terminal can be various service terminals, for example ATM automatic cash dispenser, ATM ATM (automatic teller machine), ATM automatic teller machine.Preferably, Intellisense terminal can be any type device that can move and store various application, for example personal digital assistant (PDA), smart mobile phone, flat computer, wireless telephone, mobile computing device, camera, video recorder, audio/video player, positioning equipment (for example, GPS (GPS) equipment), game station, wireless device or various other similar equipment or its combination.

Preferably, data gathering server is responsible for the corresponding relation (for example annexation) between service data aggregation node and Intellisense terminal, and above-mentioned relation is stored in corresponding storage unit.When Intellisense terminal is switched to another data gathering node, rolls off the production line or when new Intellisense terminal is reached the standard grade, data gathering server is responsible for the corresponding relation between distribution, modification, record data aggregation node and Intellisense terminal when Intellisense terminal from a data aggregation node.

Fig. 2 is the structural representation of data gathering server according to the preferred embodiment of the present invention.Preferably, data gathering server 102 comprises: bulletin unit, registering unit, initialization unit, data gathering unit and data statistics unit.

Preferably, registering unit is for before network data accumulation process starts, and utilizes under line and the mode that combines is online registered each Intellisense terminal.Preferably, can utilize online mode by internet, each Intellisense terminal to be registered.Or, can by under line in appointed place the mode of written signature log-in protocol register.After registration step, be that each Intellisense terminal generates public, private key pair, using PKI as the assumed name of himself and send to data gathering server, and preserve private key in the storage unit of himself.Preferably, described assumed name refers to the another name of Intellisense terminal.Preferably, described Intellisense terminal is carried out digital signature by the data report that utilizes private key to submit to himself, to guarantee that data are not tampered.Described in data gathering server authentication, after the legitimacy of Intellisense terminal, the PKI of described Intellisense terminal is saved in legal assumed name list.Preferably, by described digital signature, prevent that data gathering node and data gathering server from distorting data.

Preferably, initialization unit is used for generating common parameter, and chooses random number according to common parameter, thereby calculates and generate secret random number according to random number.Preferably, initialization unit calculates according to described common parameter and secret random number the safety certificate being associated with secret random number.Preferably, initialization unit generates according to described common parameter, secret random number and the safety certificate that is associated with secret random number the alternative collection of data items of encrypting;

Preferably, data gathering unit is for being input to the alternative collection of data items of described encryption in the background data base of each data gathering node of network.Preferably, data gathering unit is input to the list of the authentication information of all legal Intellisense terminals the background data base of each data gathering node;

Preferably, data statistics unit is for the four-tuple < Intellisense terminal assumed name of the Intellisense terminal collected according to network, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node carries out data statistics, according to described data statistics specified data, assembles result.The Fig. 1 of take describes as example, the four-tuple of Intellisense terminal 104a can be the PKI of < Intellisense terminal 104a, the data item of encrypting, the signature of Intellisense terminal 104a, the signature > of data gathering node 103a.Wherein, the data item of encryption is the actual valid data that data gathering system will be collected, the data that Intellisense terminals such as the network bandwidth, junctor usage, node load can be collected.

In addition, data gathering node, utilize the log-on message of a plurality of Intellisense terminals of storing in network data aggregation server to authenticate corresponding Intellisense terminal, Intellisense terminal by authentication is determined the data that are associated with described Intellisense terminal in the alternative data item of encrypting, described data gathering nodes records four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node, submits to data gathering server as data report.Data intelligence perception terminal is determined the data that are associated with described Intellisense terminal for the alternative data item encrypting.

Fig. 3 utilizes network data lens system to carry out the process flow diagram of the method for data gathering according to the preferred embodiment of the present invention.As shown in Figure 3, described method comprises following four-stage:

1. initial phase:

At the initial phase of data gathering process, first establish data gathering server, by this data gathering server, be responsible for generating afterwards the alternative collection of data items of common parameter, secret random number, encryption.The PKI PK of tentation data aggregation server herein _vAall participants of data gathering system by reliable mode, have been distributed to.With PKI PK _vAcorresponding private key SK _vAby a plurality of child servers, utilize threshold secret sharing scheme jointly to hold.Data gathering server specifically completes following initial work.

1.1. generate common parameter

Data gathering server generates following common parameter:

1) generate two large prime number p, q, meet 2q=p-1, and group

upper discrete logarithm problem is difficult to solve.That is, two large prime number p, q, meet 2q=p-1, and require the group that forms according to p

on discrete logarithm problem difficulty hypothesis set up, thereby guarantee that the data item of encrypting is not cracked.

2) exist

in choose at random q rank element g, h, and establish and generated by g

cyclic subgroup be G, guarantee that nobody can know that h is about the discrete logarithm of g simultaneously.

3) secure Hash function H ₁: { 0,1} ^*→ z _q, when it will be used to generate the alternative data item of encryption, construct non-interactive zero-knowledge proof.

4) terminal of supposition participation data gathering has at most n (reality is less than or equal to n certainly), and data gathering server needs to determine in advance number N=ε n of the alternative data item of encryption, and wherein ε >2 is a safety coefficient.

The above-mentioned common parameter that data gathering server generates, comprises p, q, g, h, n, N, hash function H ₁descriptor, alternative collection of data items { C ₁, C ₂..., C _m, before starting, data gathering is all published to bulletin unit, and the digital signature of enclosing data gathering server.

In addition, the normal operation of system must suppose that parameter N and m satisfy condition: wherein

with represent respectively get whole and take off whole.

1.2. generate the alternative collection of data items of encrypting:

Suppose that alternative collection of data items is { C ₁, C ₂..., C _m, and parameter N and m satisfy condition if

before the data gathering stage starts, the following mode of each participant utilization of data gathering server is combined the alternative collection of data items that generates N encryption.

1) from integer set [0,1 ..., 2 ^e] in get 2m group (every group N-1) random number:

{k _1，1，k _1，2，...，k _1，N-1}，{k _2，1，k _2，2，...，k _2,N-1}，...，{k _m，1，k _m，2，...，k _m，N-1}，

{t _1，1，t _1，2，...，t _1,N-1}，{t _2，1，t _2，2，...，t _2，N-1}，…，{t _m，1，t _m，2，...，t _m,N-1}

Then calculate:

$k_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\&Sigma;}}}{k}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,m)$

$t_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\&Sigma;}}}{t}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,m)$

Based on above result, calculate again:

$k_j=\underset{i=1}{\overset{m}{\mathrm{\&Sigma;}}}{2}^{e(i-1)}{k}_{i,j}(j=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,N)$

$t_j=\underset{i=1}{\overset{m}{\mathrm{\&Sigma;}}}{2}^{e(i-1)}{t}_{i,j}(j=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,N)$

{ the k that easily proof generates according to the method described above ₁, k ₂..., k _n, { t ₁, t ₂..., t _nmust meet:

$\left(\underset{j=1}{\overset{N}{\mathrm{\&Sigma;}}}{k}_j\right){\mathrm{mod}2}^e=0,\left(\underset{j=1}{\overset{N}{\mathrm{\&Sigma;}}}{t}_j\right){\mathrm{mod}2}^e=0$

{ k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nin generating the alternative collection of data items process of encryption, as secret value secured fashion, preserve.

2) data gathering server calculates:

$W_j=g^{k_j}{h}^{t_j},j=\mathrm{1,2},...,N$

Be easy to proof { W ₁, W ₂..., W _nmeet:

$\underset{j=1}{\overset{N}{\mathrm{\&Pi;}}}{W}_j=\underset{j=1}{\overset{N}{\mathrm{\&Pi;}}}{g}^{k_j}{h}^{t_j}=1$

Can be by { W ₁, W ₂..., W _nregard as about secret random number { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nsafety certificate (Commitment).

3) data gathering server generates and encrypts alternative collection of data items:

$v_{j,0}=k_j,P_{j,0}=\mathrm{NIZK}\left\{t_j\right|h^{t_j}=W_j{g}^{-v_{j,0}}\}$

i=1，2，…，m，

j=1，2，…，N

P in above formula _{j, i}=NIZK{t _j| A (t _j) represent about secret value t _jnon-interactive zero-knowledge proof.Pass through P _{j, i}, data gathering server can be at the value of betraying the pot to the roses t not _jprerequisite under, prove to meet and assert A (t _j) set up, thereby do not revealing k _jprerequisite under prove v _{j, i}building method protocol compliant regulation.Construct this non-interactive zero-knowledge proof and will use hash function H ₁: { 0,1} ^*→ z _q.

{ (v _{j, 0}p _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _{j, m}p _{j, m}) forming the alternative groups of data items of an encryption, total N of such alternate item group, forms the alternative collection of data items of encrypting: { (v _{j, 0}, P _{j, 0}), (v _{j, i}p _{j, 1}) ..., (y _{j, m}, P _{j, m}) (j=1,2 ..., N).When submitting data to, if Intellisense terminal is selected C _i, by data gathering node by option (v _{j, i}, P _{j, i}) report to data gathering server.And (v _{j, 0}, P _{j, 0}) comparatively special, will be used to Validation of Data.

4) data gathering server is encrypted alternative data item { (v by the N of above-mentioned generation _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (P _{j, m}, P _{j, m}) (j=1,2 ..., N) be divided into a plurality of subsets (according to data gathering interstitial content), and with secured fashion, import in the background data base of a plurality of data gathering nodes respectively.

5) data gathering server is by { k ₁, k ₂..., t _n, { t ₁, t ₂..., t _netc. secret value delete, by { W ₁, W ₂..., W _nbe published on bulletin unit and enclose oneself digital signature.Any participant can be by checking

whether set up the whether protocol compliant requirement of the alternative collection of data items of encryption that check data aggregation server generates.

2. registration phase:

At registration phase, each intelligent terminal that participates in data gathering before the gathering stage starts, first utilize under line and the mode combining online to data gathering server registration.Concrete register method is:

2.1. the supvr of data gathering server utilizes mode under line (Offline), and the product IDs of check terminal is verified the legitimacy of intelligent terminal.Check unsuccessfully, stop immediately registration process.

2.2. each terminal T _iadopt the RSA Algorithm of appointing in advance with data gathering server to generate a pair of public private key pair (y _i, x _i).

2.3. terminal T _iby PKI y _isend to data gathering server.For proving this terminal, hold and PKI y _icorresponding private key, server generates a random number r, and usings r||timestamp as challenge message m, and wherein timestamp represents timestamp.Server makes terminal generate the digital signature sig (m) about m, then the validity of check signature sig (m).Check unsuccessfully, stop immediately registration process, otherwise proceed next step.

2.4. pass through after check PKI y _ithe assumed name that is used as this intelligent terminal is saved in the authentication information list AC_List of data gathering server.Private key x _iby terminal is secret, preserve.

2.5. the list of public keys N_List of all legal back end is downloaded in the storer of intelligent terminal.Registration process finishes.

3. data gathering stage:

In the data gathering stage, first Intellisense terminal carries out interactive authentication with the nearest data gathering node of distance oneself, then the data of collection in worksite is sent to this data gathering node.Data gathering node sends these data to data gathering server by computer network again.The concrete course of work is as follows.

3.1. after data perception intelligent terminal reaches within the scope of the efficient communication of certain data gathering node, first complete interactive authentication with this node.Because terminal is held the list of public keys N_List of all legal data gathering nodes, so can utilize " addressing inquires to-response " method to authenticate legal data gathering node.On the other hand, because data gathering node can obtain from data gathering server the list T_List of legal terminal, so can utilize " addressing inquires to-response " method to authenticate legal data perception intelligent terminal.

3.2. after interactive authentication passes through, data gathering node sends all alternative data item expressly to intelligent terminal, is about to set { C ₁, C ₂..., C _msend to terminal.

3.3. terminal according to field measurement data from { C ₁, C ₂..., C _min select corresponding option (to be assumed to C _i), and the selection of oneself is sent to data gathering node.

3.4. data gathering node is from alternative the collection of data items { (v of encryption _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m) (j=1,2 ..., appoint in N) and get an option group { (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m), then will with C _icorresponding (v _j,i, P _{j, i}) as the final alternative data item of encryption generating.

Data gathering node is by v _{j, i}corresponding binary string is divided into m part from low level to a high position, and each part comprises e bit (most significant digit part comprises bit number and may be greater than e), then with m partial binary, concatenates into m corresponding tens digit (d ₁, d ₂..., d _m).

Data gathering node is by option (v _j,i, P _j,i), (d ₁, d ₂..., d _m) and oneself digital signature S _nsend to terminal.

3.5. after terminal checking node digital signature validity, there are two kinds of selections: " re-entering " and " submission ".

If selected " submission ", terminal is utilized the private key x of oneself _ito the data { (v that will submit to _j,i, P _{j, i}), (d ₁, d ₂..., d _m) generating digital signature S _t, S then will sign _tsend to data gathering node.Data gathering node generates final data report Report={y _i, (v _j,i, P _{j, i}), (d ₁, d ₂..., d _m), S _n, S _t, y wherein _iit is the assumed name of terminal.Data gathering node sends to data gathering server by data report, and returns success message to terminal.After submitting to successfully, the report of Intellisense terminal save data, and leave.

If terminal is selected " re-entering ", data gathering node starts the encrypted data item { (v that " data report validation verification " flow process (finishing its detailed process below) verification msg aggregation node generates _j,i, P _{j, i}), (d ₁, d ₂..., d _m) the data C to submission that should terminal whether really _i.After being verified, return the 3.3rd step, terminal resubmits data, and node regenerates corresponding encrypted data item.

3.6. after the data gathering phase finishes, each data gathering node will own remaining standby alternative collection of data items { (v _{j, 0}, P _{j, 0}), (v _j,i, P _{j, 1}) ..., (v _j,m, P _j,m) (v _{j, 0}, P _{j, 0}) part sends to data gathering server, and be labeled as " calcellation ".

Through above 6 steps, the data report of each Intellisense terminal has been submitted to the bulletin unit of data gathering server with the form of encrypting, and anyone can inquire about.

Above the idiographic flow of " data report validation verification " of the 5th step as follows:

(1) data gathering node receives after the terminal request of " re-entering ", and data gathering node is by (v _{j, 0}, P _{j, 0}) and v _{j, 0}m corresponding decimal number d ' ₁, d ' ₂..., d ' _msend to terminal.

(2) Intellisense terminal is verified then and there: for two groups of numeral { d ₁, d ₂..., d _mand d ' ₁, d ' ₂..., d ' _m, except d _i-d ' _i=1, other a m-1 numeral all equates.If do not met, illustrate that data gathering node is in cheating.

(3) P of Intellisense terminal checking node output _{j, 0}, P _j,iand the digital signature S of data gathering node _nwhether effective.If invalid, terminal stops submitting data to this node, and can retain relevant evidence and think that data gathering server complains this node later.

(4) if data item (v _j,j, P _j,i) be used to do validation verification, this data item is equivalent to be cancelled.Data gathering node is only by (v _{j, 0}, P _{j, 0}) be submitted to data gathering server.

4. data statistics stage:

After data gathering process finishes, the information on data gathering server announcement unit is locked.First data gathering server checks in the data report list on bulletin unit whether comprise N item, if be less than N, some preliminary data item loss is described.After the preliminary data item polishing of losing, anyone can be according to the information counting statistics result on bulletin unit.Circular is as follows.

If the item set of announcing on bulletin unit is combined into { (v ₁, P ₁), (v ₂, P ₂) ..., (v _n, P _n), each v _im the tens digit that (1≤i≤N) is corresponding is { d _{i, 1}, d _{i, 2}..., d _{i, m}.

So, option C _jthe statistics R that (1≤j≤m) is final _jfor

$R_j=\left(\underset{i=1}{\overset{N}{\mathrm{\&Sigma;}}}{d}_{i,j}\right){\mathrm{mod}2}^e(1\&le;j\&le;m)$

By simple modulo addition, can obtain statistics.And the validity of each data report can be passed through zero-knowledge proof P _ivalidity and the validity of digital signature test.

Fig. 4 is that the network data lens system of utilizing of another preferred implementation according to the present invention is carried out the process flow diagram of the method for data gathering.Described method is from step 401, and data gathering starts as starting point.Then proceed to step 402, first Intellisense terminal carries out interactive authentication with the nearest data gathering node of distance oneself, then the data of collection in worksite is sent to this data gathering node.Data gathering node sends these data to data gathering server by computer network again.After data perception intelligent terminal reaches within the scope of the efficient communication of certain data gathering node, first complete interactive authentication with this node.Because terminal is held the list of public keys N_List of all legal data gathering nodes, so can utilize " addressing inquires to-response " method to authenticate legal data gathering node.On the other hand, because data gathering node can obtain from data gathering server the list T_List of legal terminal, so can utilize " addressing inquires to-response " method to authenticate legal data perception intelligent terminal.

In step 403, judge whether to pass through interactive authentication.When not by interactive authentication, proceed to step 412, process finishes.When by interactive authentication, carry out step 404, data gathering node sends all alternative data item expressly to intelligent terminal, is about to set { C ₁, C ₂..., C _msend to terminal.

Terminal according to field measurement data from { C ₁, C ₂..., C _min select corresponding option (to be assumed to C _i), and the selection of oneself is sent to data gathering node.

Alternative the collection of data items { (v of data gathering node from encrypting _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m) (j=1,2 ..., appoint in N) and get an option group { (v _{j, 0}, Pj _{, 0}), (v _j.1, P _{j, 1}) ..., (v _j,m, P _j,m), then will with C _icorresponding (v _j,i, P _{j, i}) as the final alternative data item of encryption generating.

Data gathering node is by v _j,icorresponding binary string is divided into m part from low level to a high position, and each part comprises e bit (most significant digit part comprises bit number and may be greater than e), then with m partial binary, concatenates into m corresponding tens digit (d ₁, d ₂..., d _m).Data gathering node is by option (v _j,i, P _{j, i}), (d ₁, d ₂..., d _m) and oneself digital signature S _nsend to terminal.

In step 405, the report of aggregation node generated data.

In step 406, after terminal checking node digital signature validity, select: " re-entering " and " pinch friendship ".

If selected " submission ", carry out step 407, terminal is utilized the private key x of oneself _ito the data { (v that will submit to _j,j, P _{j, i}), (d ₁, d ₂..., d _m) generating digital signature S _t, S then will sign _tsend to data gathering node.In step 408, data gathering node generates final data report Report={y _i, (v _j,i, P _{j, i}), (d ₁, d ₁..., d _m), S _n, S _t, y wherein _iit is the assumed name of terminal.Data gathering node sends to data gathering server by data report, and returns success message to terminal.After submitting to successfully, the report of Intellisense terminal save data, and leave.

If select " re-entering " in step 406, carry out step 409, require data gathering and announce evidence.Step 410, data gathering node starts " data report validation verification " flow process and (finishes the encrypted data item { (v that its detailed process two verification msg aggregation nodes generate below _j,i, P _{j, i}), (d ₁, d ₂..., d _m) the data C to submission that should terminal whether really _i.In step 411, determine whether by checking, if not by checking, carry out step 412, process finishes; If by checking, turn back to step 404, terminal resubmits data, and node regenerates corresponding encrypted data item.

Preferably, at step 412 place, after the data gathering phase finishes, each data gathering node will own remaining standby alternative collection of data items { (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m) (v _{j, 0}, P _{j, 0}) part sends to data gathering server, and be labeled as " calcellation ".

Through step, the data report of each Intellisense terminal has been submitted to the bulletin unit of data gathering server with the form of encrypting, and anyone can inquire about.

Preferably, the idiographic flow of " data report validation verification " is above as follows:

(1) data gathering node receives after the terminal request of " re-entering ", and data gathering node is by (v _{j, 0}, P _{j, 0}) and v _{j, 0}m corresponding decimal number d ' ₁, d ' ₂..., d ' _msend to terminal.

(2) Intellisense terminal is verified then and there: for two groups of numeral { d ₁, d ₂..., d _mand d ' ₁, d ' ₂..., d ' _m, except d _i-d ' _i=1, other a m-1 numeral all equates.If do not met, illustrate that data gathering node is in cheating.

(3) P of Intellisense terminal checking node output _{j, 0}, P _j,iand the digital signature S of data gathering node _nwhether effective.If invalid, terminal stops submitting data to this node, and can retain relevant evidence and think that data gathering server complains this node later.

(4) if data item (v _j,i, P _{j, i}) be used to do validation verification, this data item is equivalent to be cancelled.Data gathering node is only by (v _{j, 0}, P _{j, 0}) be submitted to data gathering server.

Fig. 5 be according to the present invention again the network data lens system of utilizing of a preferred implementation carry out the process flow diagram of the method for data gathering.Method 500 is applicable to comprise the system of network data aggregation server, a plurality of network data aggregation node and a plurality of Intellisense terminals.Method 500 is from step 501, before network data accumulation process starts, the mode of utilizing under line and combining is online registered each the Intellisense terminal in a plurality of Intellisense terminals, for each Intellisense terminal generates public, private key pair, using PKI as the assumed name of himself and send to data gathering server, and preserve private key in the storage unit of himself, wherein said Intellisense terminal will utilize private key to carry out digital signature to the data report of its submission, to guarantee that data are not tampered, described in data gathering server authentication after the legitimacy of Intellisense terminal, the PKI of described Intellisense terminal is saved in legal assumed name list.

In step 502, to a plurality of Intellisense terminal broadcasts in network data lens system, to start network data accumulation process, the digital signature of the subsidiary described network data aggregation server of described message, to prevent assailant's distorting described message.

In step 503, utilize the initialization unit of network data aggregation server to generate common parameter.

In step 504, according to common parameter, choose random number, and calculate and generate secret random number according to random number.

In step 505, according to described common parameter and secret random number, calculate the safety certificate being associated with secret random number.

In step 506, according to described common parameter, secret random number and the safety certificate that is associated with secret random number, generate the alternative collection of data items of encrypting.

In step 507, the data gathering unit of network data aggregation server is input to the alternative collection of data items of described encryption in the background data base of each data gathering node in network, the list of the authentication information of all legal Intellisense terminals is input to the background data base of each data gathering node.

In step 508, the log-on message that each in described a plurality of data gathering node is utilized a plurality of Intellisense terminals of storing in network data aggregation server authenticates each in a plurality of Intellisense terminals, Intellisense terminal intelligent perception terminal by authentication is determined the data that are associated with described Intellisense terminal in the alternative data item of encrypting, described data gathering nodes records four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node, as data report, submit to data gathering server.

In step 509, the data statistics unit of network data aggregation server is according to the four-tuple < Intellisense terminal assumed name of the Intellisense terminal of collecting in network, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node carries out data statistics, according to described data statistics specified data, assembles result.

In step 510, established data is assembled to result and utilize BBS (Bulletin Board System) mode to announce, and inquiry and the checking of described established data being assembled to result is provided.

Yet, it should be noted in the discussion above that all these terms and the similar term that are associated with suitable physical quantity are only the labels easily that is applied to this tittle.Unless specifically stated otherwise, or obviously obtain from discuss, term such as " processing ", " calculating ", " estimation ", " determining ", " demonstration " etc., relate to action and the processing of computer system or similar electronic computing device, the data that are expressed as physical quantity, amount of electrons in the RS of computer system are handled and to be converted to other similar data that are expressed as physical quantity in the such information-storing device of computer system memory or register or other, transmission or display device.

Also it should be noted that, the software of illustrative embodiments is realized aspect and on the program recorded medium of some forms, is encoded typically, or realizes on the transmission medium of some types.Computer-readable medium can be magnetic (for example, floppy disk or hard disk drive) or light (for example, compact disk ROM (read-only memory), or " CD ROM "), and can be read-only or random-access.Similarly, transmission medium can be twisted-pair feeder, concentric cable, optical fiber or other suitable transmission medium well known in the art.Illustrative embodiments is not limited to these aspects that any appointment realizes.

Claims (10)

1. utilize network data lens system to carry out a method for network data gathering, described system comprises network data aggregation server, a plurality of network data aggregation node and a plurality of Intellisense terminal, it is characterized in that described method comprises:

Before network data accumulation process starts, utilize under line mode and/or online mode to register each the Intellisense terminal in a plurality of Intellisense terminals, for each Intellisense terminal generates public, private key pair, using PKI as the assumed name of himself and send to data gathering server, and preserve private key in the storage unit of Intellisense terminal self, wherein said Intellisense terminal will utilize private key to carry out digital signature to the data report of its submission, to guarantee that data are not tampered, described in data gathering server authentication after the legitimacy of Intellisense terminal, the PKI of described Intellisense terminal is saved in legal assumed name list,

To a plurality of Intellisense terminal broadcasts in network data lens system, to start network data accumulation process, the digital signature of the subsidiary described network data aggregation server of described message, to prevent assailant's distorting described message;

Utilize the initialization unit of network data aggregation server to generate common parameter,

According to common parameter, choose random number, and calculate and generate secret random number according to random number;

According to described common parameter and secret random number, calculate the safety certificate being associated with secret random number;

According to described common parameter, secret random number and the safety certificate that is associated with secret random number, generate the set of the alternative data item of encrypting;

The data gathering unit of network data aggregation server is input to the alternative collection of data items of described encryption in the background data base of each data gathering node in network, the list of the authentication information of all legal Intellisense terminals is input to the background data base of each data gathering node;

The log-on message that each in described a plurality of data gathering node is utilized a plurality of Intellisense terminals of storing in network data aggregation server authenticates each in a plurality of Intellisense terminals, Intellisense terminal by authentication is determined the data that are associated with described Intellisense terminal in the alternative data item of encrypting, described data gathering nodes records four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node, using described quaternary ancestral as data report, submit to data gathering server,

The data statistics unit of network data aggregation server is according to the four-tuple < Intellisense terminal assumed name of the Intellisense terminal of collecting in network, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node carries out data statistics, according to described data statistics specified data, assembles result; And established data is assembled to result and utilize BBS (Bulletin Board System) mode to announce, and provide inquiry and the checking of described established data being assembled to result.

2. method according to claim 1, is characterized in that:

Described common parameter comprises following part: 1) two large prime number p, q, meet 2q=p-1, and require the group that forms according to p

on discrete logarithm problem difficulty hypothesis set up, thereby guarantee that the alternative data item of encrypting is not cracked; 2) exist

in the q rank element g, the h that choose at random: by g, generated cyclic subgroup G; 3) the maximum possible value n of Intellisense terminal, alternative data item number N=ε n of encryption, wherein ε>=2 are safety coefficient; 4) secure Hash function H ₁: { 0,1} ^*→ z _q, while being used to generate the alternative data item of encrypting, construct non-interactive zero-knowledge proof; With 5) set of the alternative data item of encrypting is { C ₁, C ₂..., C _m, m is the number of the alternative data item of encryption;

Wherein parameter q, m and N satisfy condition: wherein

with

represent respectively get whole and take off whole;

From set [0,1 ..., 2 ^e] in choose random number, wherein

3. method according to claim 1, is characterized in that:

Described Intellisense terminal is in sensor, point-of-sale terminal, personal digital assistant, smart mobile phone, flat computer and wireless telephone.

4. method according to claim 1, the set that wherein generates the alternative data item of encrypting specifically comprises:

1) according to common parameter, choose random number, and comprise according to random number calculating generation secret random number:

From integer set [0,1 ..., 2 ^e] in get 2m group, every group of N-1 random number wherein:

{k _1，1，k _1，2，...，k _1，N-1}，{k _2，1，k _2,2,，..，k _2,N-1}，...，{k _m,1，k _m,2，...，k _m，N-1}，

{t _1,1，t _1，2，...，t _1,N-1}，{t _2,1，t _2,2，...，t _2,N-1}，...，{t _m，1，t _m,2，...，t _m,N-1}

Wherein k and t represent random number;

Then calculate:

$k_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\&Sigma;}}}{k}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,m)$

$t_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\&Sigma;}}}{t}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,m)$

Based on above result, calculate again:

$k_j=\underset{i=1}{\overset{m}{\mathrm{\&Sigma;}}}{2}^{e(i-1)}{k}_{i,j}(j=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,N)$

$t_j=\underset{i=1}{\overset{m}{\mathrm{\&Sigma;}}}{2}^{e(i-1)}{t}_{i,j}(j=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,N)$

{ the k generating according to the method described above ₁, k ₂..., k _n, { t ₁, t ₂..., t _nmeet:

$\left(\underset{j=1}{\overset{N}{\mathrm{\&Sigma;}}}{k}_j\right){\mathrm{mod}2}^e=0,\left(\underset{j=1}{\overset{N}{\mathrm{\&Sigma;}}}{t}_j\right){\mathrm{mod}2}^e=0$

In the process of the set of the alternative data item of generate encrypting with secured fashion by { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nas secret random number, preserve;

2) according to described common parameter and secret random number, calculating the safety certificate being associated with secret random number comprises:

Calculate:

$W_j=g^{k_j}{h}^{t_j},j=\mathrm{1,2},...,N$

{ W wherein ₁, W ₂..., W _nmeet:

$\underset{j=1}{\overset{N}{\mathrm{\&Pi;}}}{W}_j=\underset{j=1}{\overset{N}{\mathrm{\&Pi;}}}{g}^{k_j}{h}^{t_j}=1$

By { W ₁, W ₂..., W _nfor about secret random number { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nsafety certificate; Can not betray the pot to the roses any information of random number of safety certificate, once announce safety certificate, assailant cannot adopt different secret random number to produce the alternative data item of encryption;

3) set that generates the alternative data item of encrypting according to described common parameter, secret random number and the safety certificate that is associated with secret random number comprises:

$v_{j,0}=k_j,P_{j,0}=\mathrm{NIZK}\left\{t_j\right|h^{t_j}=W_j{g}^{-v_{j,0}}\}$

v _j，i=k _j+2 ^e(i-1)，

i=1，2，…，m，

j=1，2，…，N

The small set { (v more than generating _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _{j, m}, P _j,m) forming the alternative data item of encrypting, the total N of alternative data item of described encryption is individual: { (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _{j, m}, P _{j, m}) (j=1,2 ..., N), it forms the set of the alternative data item of encrypting.

5. method according to claim 4, is characterized in that:

Can carry out validation verification to the alternative data item of encrypting, detailed process is as follows:

1) when determining the alternative data item of the encryption being associated with described Intellisense terminal, if Intellisense terminal has been selected " the alternative data item C of encryption _i", data gathering node will with C _ialternative data item { the d of corresponding encryption ₁, d ₂..., d _mand (v _j,i, P _{j, i}) export, and enclose the digital signature of Intellisense terminal:

2) when Intellisense terminal is selected to confirm, if selected " reselecting " option, data gathering node is by (v _{j, 0}, P _{j, 0}) and v _{j, 0}m corresponding decimal number d ' ₁, d ' ₂..., d ' _moutput, and reselect;

3) Intellisense terminal can be verified in real time: for two groups of numeral { d ₁, d ₂..., d _mand d ' ₁, d ' ₂..., d ' _m, except d _i-d ' _i=1, other a m-1 numeral all equates; If do not meet, illustrate that the encrypted data item of data gathering node exists mistake;

4), after the alternative data item of having selected to encrypt, Intellisense terminal can also be verified the P of output _{j, 0}, P _j,iand whether the digital signature of data gathering node is effective; If invalid, terminal reports that to data gathering server the alternative data item of the encryption of this data gathering node exists mistake;

5) if the alternative data item subitem (v encrypting _j,i, P _{j, i}) be used as validation verification, the alternative data item of the encryption of its correspondence is equivalent to be cancelled; Data gathering node is only by (v _{j, 0}, P _{j, 0}) be submitted to data gathering server.

6. a network data lens system, described system comprises network data aggregation server, a plurality of network data aggregation node and a plurality of Intellisense terminal, it is characterized in that,

Described network data aggregation server comprises:

Bulletin unit, to a plurality of Intellisense terminal broadcasts in network data lens system, to start network data accumulation process, the digital signature of the subsidiary described network data aggregation server of described message, to prevent assailant's distorting described message; And, established data is assembled to result and utilize BBS (Bulletin Board System) mode to announce, and inquiry and the checking of described established data being assembled to result is provided;

Registering unit, before network data accumulation process starts, utilize under line mode and/or online mode to register each Intellisense terminal, for each Intellisense terminal generates public, private key pair, using PKI as the assumed name of himself and send to data gathering server, and preserve private key in the storage unit of Intellisense terminal self, wherein said Intellisense terminal will utilize private key to carry out digital signature to the data report of its submission, to guarantee that data are not tampered, described in data gathering server authentication after the legitimacy of Intellisense terminal, the PKI of described Intellisense terminal is saved in legal assumed name list,

Initialization unit, generates common parameter, according to common parameter, chooses random number, and calculates and generate secret random number according to random number; According to described common parameter and secret random number, calculate the safety certificate being associated with secret random number; According to described common parameter, secret random number and the safety certificate that is associated with secret random number, generate the set of the alternative data item of encrypting;

Data gathering unit, is input to the alternative collection of data items of described encryption in the background data base of each data gathering node in network; The list of the authentication information of all legal Intellisense terminals is input to the background data base of each data gathering node;

Data statistics unit, according to the four-tuple < Intellisense terminal assumed name of the Intellisense terminal of collecting in network, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node carries out data statistics, according to described data statistics specified data, assembles result;

Data gathering node, utilize the log-on message of a plurality of Intellisense terminals of storing in network data aggregation server to authenticate corresponding Intellisense terminal, Intellisense terminal by authentication is determined the data that are associated with described Intellisense terminal in the alternative data item of encrypting, described data gathering nodes records four-tuple < Intellisense terminal assumed name, encrypted data item, the signature of Intellisense terminal, the signature > of data gathering node, submits to data gathering server using described quaternary ancestral as data report;

Data intelligence perception terminal is determined the data that are associated with described Intellisense terminal in the alternative data item of encrypting.

7. network data lens system according to claim 6, is characterized in that:

Described common parameter comprises following part: 1) two large prime number p, q, meet 2q=p-1, and require the group that forms according to p

on discrete logarithm problem difficulty hypothesis set up, thereby guarantee that the alternative data item of encrypting is not cracked; 2) exist

in the q rank element g, the h that choose at random: by g, generated

cyclic subgroup G; 3) the maximum possible value n of Intellisense terminal, alternative data item number N=ε n of encryption, wherein ε >2 is a safety coefficient; 4) secure Hash function H ₁: { 0,1} ^*→ z _q, while being used to generate standby suggestion option, construct non-interactive zero-knowledge proof; With 5) set { C of the alternative data item of encrypting ₁, C ₂..., C _m, m is the number of the alternative data item of encryption;

Wherein parameter q, m and N satisfy condition:

wherein

with

represent respectively get whole and take off whole;

From set [0,1 ..., 2 ^e] in choose random number, wherein

8. network data lens system according to claim 6, is characterized in that:

Described Intellisense terminal is in sensor, point-of-sale terminal, personal digital assistant, smart mobile phone, flat computer and wireless telephone.

9. network data lens system according to claim 6, the set that wherein generates the alternative data item of encrypting specifically comprises:

1) according to common parameter, choose random number, and comprise according to random number calculating generation secret random number:

From integer set [0,1 ..., 2 ^e] in get 2m group, every group of N-1 random number wherein:

{k _1，1，k _1，2，...，k _1，N-1}，{k _2,1，k _2，2，...，k _2，N-1}，…，{k _m,1，k _m,2，...，k _m,N-1}，

{t _1,1，t _1,2，...，t _1，,N-1}，{t _2,1，t _2,2，...，t _2,N-1}，...，{t _m,1，t _m,2，....t _m,N-1}

Wherein k and t represent random number;

Then calculate:

$k_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\&Sigma;}}}{k}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,m)$

$t_{i,N}=(0-\underset{j=1}{\overset{N-1}{\mathrm{\&Sigma;}}}{t}_{i,j}){\mathrm{mod}2}^e(i=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,m)$

Based on above result, calculate again:

$k_j=\underset{i=1}{\overset{m}{\mathrm{\&Sigma;}}}{2}^{e(i-1)}{k}_{i,j}(j=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,N)$

$t_j=\underset{i=1}{\overset{m}{\mathrm{\&Sigma;}}}{2}^{e(i-1)}{t}_{i,j}(j=\mathrm{1,2},\&CenterDot;\&CenterDot;\&CenterDot;,N)$

{ the k generating according to the method described above ₁, k ₂..., k _n, { t ₁, t ₂..., t _nmeet:

$\left(\underset{j=1}{\overset{N}{\mathrm{\&Sigma;}}}{k}_j\right){\mathrm{mod}2}^e=0,\left(\underset{j=1}{\overset{N}{\mathrm{\&Sigma;}}}{t}_j\right){\mathrm{mod}2}^e=0$

In the aggregation process of the alternative data item of generate encrypting with secured fashion by { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nas secret random number, preserve;

2) according to described common parameter and secret random number, calculating the safety certificate being associated with secret random number comprises:

Calculate:

$W_j=g^{k_j}{h}^{t_j},j=\mathrm{1,2},...,N$

Determine { W ₁, W ₂..., W _nmeet:

$\underset{j=1}{\overset{N}{\mathrm{\&Pi;}}}{W}_j=\underset{j=1}{\overset{N}{\mathrm{\&Pi;}}}{g}^{k_j}{h}^{t_j}=1$

By { W ₁, W ₂..., W _nas about secret random number { k ₁, k ₂..., k _n, { t ₁, t ₂..., t _nsafety certificate; Can not betray the pot to the roses any information of random number of safety certificate, once announce safety certificate, assailant cannot adopt different secret random number for generation of the alternative data item of encrypting;

3) set that generates the alternative data item of encrypting according to described common parameter, secret random number and the safety certificate that is associated with secret random number comprises:

$v_{j,0}=k_j,P_{j,0}=\mathrm{NIZK}\left\{t_j\right|h^{t_j}=W_j{g}^{-v_{j,0}}\}$

v _j，i=k _j+2 ^e(i-1)，

i=1，2，…，m，

j=1，2，…，N

The small set { (v more than generating _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _{j, m}) forming the alternative data item of encrypting, the total N of alternative data item of described encryption is individual: { (v _{j, 0}, P _{j, 0}), (v _{j, 1}, P _{j, 1}) ..., (v _j,m, P _j,m) (j=1,2 ..., N), it forms the set of the alternative data item of encrypting.

10. network data lens system according to claim 9, is characterized in that:

The detailed process of the alternative data item validation verification of described encryption is as follows:

Can carry out validation verification to the alternative data item of encrypting, detailed process is as follows:

1) when determining the alternative data item of the encryption being associated with described Intellisense terminal, if Intellisense terminal has been selected " the alternative data item C of encryption _i", data gathering node will with C _ialternative data item { the d of corresponding encryption ₁, d ₂..., d _mand (v _j,i, P _j,i) export, and enclose the digital signature of Intellisense terminal;

2) when Intellisense terminal is selected to confirm, if selected " reselecting " option, data gathering node is by (v _{j, 0}, P _{j, 0}) and v _{j, 0}m corresponding decimal number d ' ₁, d ' ₂..., d ' _moutput, and reselect;

3) Intellisense terminal can be verified in real time: for two groups of numeral { d ₁, d ₂..., d _mand d ' ₁, d ' ₂..., d ' _m, except d _i-d ' _i=1, other a m-1 numeral all equates; If do not meet, illustrate that the encrypted data item of data gathering node exists mistake;

4), after the alternative data item of having selected to encrypt, Intellisense terminal can also be verified the P of output _{j, 0}, P _j,iand whether the digital signature of data gathering node is effective; If invalid, terminal reports that to data gathering server the alternative data item of the encryption of this data gathering node exists mistake;

5) if the alternative data item subitem (v encrypting _j,i, P _{j, i}) be used as validation verification, the alternative data item of the encryption of its correspondence is equivalent to be cancelled; Data gathering node is only by (v _{j, 0}, P _{j, 0}) be submitted to data gathering server.

Images