CN109121134B - Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network - Google Patents

Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network Download PDF

Info

Publication number
CN109121134B
CN109121134B CN201811060913.7A CN201811060913A CN109121134B CN 109121134 B CN109121134 B CN 109121134B CN 201811060913 A CN201811060913 A CN 201811060913A CN 109121134 B CN109121134 B CN 109121134B
Authority
CN
China
Prior art keywords
fusion
data
base station
node
mac
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811060913.7A
Other languages
Chinese (zh)
Other versions
CN109121134A (en
Inventor
周强
秦小麟
成秀珍
杨庚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chuzhou University
Original Assignee
Chuzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chuzhou University filed Critical Chuzhou University
Priority to CN201811060913.7A priority Critical patent/CN109121134B/en
Publication of CN109121134A publication Critical patent/CN109121134A/en
Application granted granted Critical
Publication of CN109121134B publication Critical patent/CN109121134B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

The invention discloses a privacy protection and integrity detection method suitable for multi-application data fusion of a wireless sensor network, and belongs to the technical field of information security and Internet of things application. According to the invention, the problems that the privacy data is stolen and tampered in the fusion and transmission processes are solved by carrying out privacy protection and integrity detection on the collected and fused multi-application data in the multi-application environment of the sensing network. The invention realizes the privacy protection of the fusion data by using a homomorphic Paillier encryption method, detects the integrity of the fusion data at a base station by using a homomorphic MAC method, and finally separates different application data from the fusion ciphertext by the base station through Chinese Remainder Theorem (CRT). Analysis shows that the method has higher safety and lower energy consumption while having error tolerance to node failure or data loss, and is simple to implement, low in cost and easy to popularize.

Description

Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network
Technical Field
The invention relates to a privacy protection and integrity detection method for resisting attack in the process of fusion and transmission of multiple application data of a sensor network, and belongs to the technical field of information security and Internet of things application.
Background
The wireless sensor network is an important component of a sensing layer of the Internet of things, and information sensing, acquisition and transmission can be carried out on a target by utilizing the sensor nodes, so that a data source is provided for application of the Internet of things. Data fusion is one of the important technologies for energy conservation of the wireless sensor network, but in the data acquisition and fusion process, the data privacy leakage and tampering are easy to occur, and many applications have high requirements on data security and privacy, such as smart power grids, smart homes, telemedicine and the like, so that privacy protection and integrity detection are performed on the acquired and fused data, the data is prevented from being stolen and tampered in the fusion and transmission process, a base station is ensured to acquire safe and reliable data, and finally an application layer of the internet of things makes a correct decision.
In actual application of the internet of things, application environments and sensing equipment types are diverse, and the existing data privacy protection and integrity detection technology is mainly designed in a data fusion scene of a single application environment and sensing nodes of the same type of a sensing network, so that data fusion of hybrid nodes based on multiple applications in the sensing network cannot be effectively supported. The recoverable data fusion scheme proposed by the existing latest document does not consider the data fusion of a multi-application environment and a hybrid node of a sensor network, the length of the transmitted fusion data is in direct proportion to the number of nodes, and the communication traffic and the calculation amount are large. Although the method such as CDAMA considers the fusion data privacy under the multi-application environment of the sensor network, the integrity protection of the fusion data is not considered, the communication overhead linearly increases along with the increase of application groups, and the communication traffic is large.
Aiming at the defects in the method, the invention provides a lightweight privacy protection and integrity detection method suitable for hybrid data fusion in a sensor network multi-application environment.
Disclosure of Invention
Technical problem to be solved by the invention
The invention provides a privacy protection and integrity detection method for lightweight multi-application data fusion and transmission, which ensures the privacy and integrity of hybrid data acquired by different types of sensor nodes in the fusion and transmission processes in a sensor network multi-application environment and can tolerate node errors and data loss.
Technical scheme
In order to solve the technical problems, the invention adopts the following technical scheme:
a privacy protection and integrity detection method suitable for multi-application data fusion of a wireless sensor network is characterized by comprising the following steps:
step S1, initializing the wireless sensor network system;
step S2, key distribution;
step S3, generating a node data homomorphic MAC;
step S4, node data encryption transmission;
step S5, fusing multi-application data;
step S6, the base station decrypts the data;
step S7, the base station splits the multi-application data;
in step S8, the base station analyzes the integrity of the data.
Step S1 includes the following steps:
step S11, the base station initializes the security parameters of the system by adopting a homomorphic Paillier encryption method, which comprises the following steps:
given a safety parameter k0K ', l, the base station randomly selects two security large prime numbers p and q, and calculates n ═ pq assuming that p ' and q ' are arbitrary prime numbers that make p ═ 2p ' +1 and q ═ 2q ' +1,
calculating the least common multiple λ of p-1 and q-1, expressed as λ lcm (p-1, q-1) ═ 2p 'q', and defining l (x) 1/n;
step S12, each sensing node sends the sensing data to the adjacent fusion node, and N sensing nodes are shared in the sensing network
Figure BDA0001797077020000026
r fusion nodes containing k application groups
Figure BDA0001797077020000024
Each application group
Figure BDA0001797077020000025
(j is more than or equal to 1 and less than or equal to k) the transmitted data range is |0, Mj|,MjDefining maximum M ═ max { M ] of all data of the wireless sensor network for maximum data in jth application group1,M2,…MkWhere the binary bit length of M is denoted as | M | ═ lM
Step S13, detecting the integrity of the fusion data by using a homomorphic information verification code method, and detecting the sensing data m of each node iiSplitting into d components (m)i1,mi2,…mid) And make
Figure BDA0001797077020000021
The maximum value of each component is set as b, b<M, perception data MiAvailable finite field
Figure BDA0001797077020000022
To represent;
step S14, the base station uses Chinese remainder theorem to extract the fusion result of each application from the multi-application fusion data, the base station selects beta0,q1,q2,…qkA total of k +1 prime numbers, each prime number qiThe binary bit lengths of (i is more than or equal to 1 and less than or equal to k) are all k',
calculating Q ═ Q1×q2×…qk
Figure BDA0001797077020000023
βi=Qi·yi
In the step of S15,
is provided with h1And h2For two hash functions, the base station selects a random number kiAs shared key of node i and fusion node, combined with key kiAnd a time parameter txCalculating kix=h1(ki||tx),
The base station distributes a random key { sk ] to each node1,sk2And (4) calculating homomorphic MAC by using two pseudo-random function generators G and F, and finally setting a system public key pms:
pms={n,qi:i=1,2…k,βj:j=0,1,2…k,h1,h2,L(x)}
step S2 includes the following steps:
step S21, the base station assigns the MAC key { sk ] through the secure channel1,sk2}, random key kiAnd public keypms to each node SiEach node SiRespectively generate random numbers riCarrying out random encryption;
step S22, the base station is distributed to the jth fusion node DAjIt and node SiShared random key kiAnd a secret key shared by the base station and the fusion node
Figure BDA0001797077020000038
And a public key pms;
step S23, the MAC key { sk shared by the deployment nodes at the base station end1,sk2Key shared by base station and fusion node
Figure BDA0001797077020000039
Public key pms and private key λ generated in step S11;
step S3 includes the following steps:
step S31, the node i collects the data miSplitting into d pieces with maximum length of lMComponent (m) ofi1,mi2,…mid) At time txInternal use random function generator G and key sk1Generating a random number vector u-G (sk)1);
Step S32, using the random function generator F and the key sk2Node ID IDiGenerating random number v with packet ID ridi=F(sk2,idi,rid);
Step S33, using the generated random number vector u and random number viAnd a plaintext miGenerating node data miIs expressed as TiThe generation method comprises the following steps:
Figure BDA0001797077020000031
(symbol)
Figure BDA0001797077020000032
representing vectors u and miIn a limited domain
Figure BDA0001797077020000033
Inner product of;
Step S34, the generated homomorphic MAC is connected with the original plaintext, and the connected plaintext
Figure BDA0001797077020000034
Comprises the following steps:
Figure BDA0001797077020000035
step S4 includes the following steps:
step S41, for belonging to application set
Figure BDA00017970770200000310
Sensing node SiN in step S11 and β in step S14 are used0And betaiThe hash function h in step S152Random number r in step S21iT in step S33iIn step S34
Figure BDA0001797077020000036
And a time parameter txComputing the ciphertext cixThe method comprises the following steps:
Figure BDA0001797077020000037
step S42, using the key k in step S15ixAnd a hash function h1Computing the ciphertext cixMAC value of (d): macix=h1(cix||kix);
Step S43, node SiTransmission (c)ix,macix) To the fusion node.
Step S5 includes the following steps:
step S51, the fusion node calculates kix=h1(ki||tx) And then calculating MAC value MAC 'of received ciphertext'ix=h1(cix||kix) Comparing the received MAC value with the received MAC value, if the two MAC values are equal, receiving the ciphertext, otherwise refusing to receive;
step S52, fusing the nodes DAjReceivingAfter all the ciphertext data of the child nodes are obtained, accumulating and multiplying all the received ciphertext data, and accumulating and multiplying the result with n2Performing modular search to obtain the final fusion ciphertext CjxThen combined with that in step S22
Figure BDA0001797077020000041
And a time parameter txComputing the fused ciphertext CjxMAC value MAC ofjxThe method comprises the following steps:
Figure BDA0001797077020000042
and step S53, after all the fusion nodes complete the data fusion operation, uploading the fusion result and the MAC value thereof to the base station.
Step S6 includes the following steps:
step S61, the base station at time txReceiving a fusion value (C) sent by a fusion node jjx,macjx) Then through
Figure BDA0001797077020000043
Calculating MAC value MAC of data'jxJudging whether the calculated MAC value is the same as the received MAC value, if so, receiving the fusion value, otherwise, discarding;
and step S62, decrypting the data by using the property of homomorphic Paillier encryption.
Step S62 includes the following steps:
step S621, the base station at time txCalculating fused ciphertexts C 'of k application environments by using private key lambda after receiving fused values uploaded by all r fused nodes'xThe method comprises the following steps:
Figure BDA0001797077020000044
in step S622, define the function L as
Figure BDA0001797077020000045
The base station is according to a fusion value C'xCalculating fusion results Y of k application environments:
Figure BDA0001797077020000046
where n is calculated in step S11 and Q is calculated in step S14.
Step S7 includes the following steps:
step S71, the base station calculates each application group using the nature of Chinese Remainder Theorem (CRT)
Figure BDA0001797077020000047
Fusion result of (2)jThe method comprises the following steps:
Figure BDA0001797077020000048
step S72, the base station extracts the fusion plaintext from the fusion result
Figure BDA0001797077020000049
And its fused homomorphic MAC values
Figure BDA00017970770200000410
The method comprises the following steps:
Figure BDA0001797077020000051
Figure BDA0001797077020000052
step S8 includes the following steps:
step S81, the base station uses (sk)1,sk2,rid,idi) Calculating homomorphic MAC parameters u 'and v':
Figure BDA0001797077020000053
Figure BDA0001797077020000054
step S82, the base station uses the parameters u 'and v' to pass
Figure BDA0001797077020000055
Calculating a homomorphic MAC;
in step S83, the base station compares the calculated homomorphic MAC value with the received MAC value, i.e., determines
Figure BDA0001797077020000056
If the two values are equal, the base station receives the fusion result, otherwise, the fusion result is discarded.
Advantageous effects
The invention has the significance that a privacy protection and integrity detection method is provided for a multi-application data fusion environment of a wireless sensor network, and the problems that privacy data is stolen and tampered in the fusion and transmission process are solved by carrying out privacy protection and integrity detection on collected and fused multi-application data in the multi-application environment of the sensor network.
The invention integrates the homomorphic Paillier encryption, homomorphic MAC, the unidirectionality of HASH functions, Chinese remainder theorem and other technologies and methods, simultaneously realizes the privacy protection and integrity detection of the fused data aiming at the multi-application data fusion environment of the sensor network for the first time, and has the advantages of high system safety and low energy consumption.
Drawings
FIG. 1 is a flow chart of the method of the present invention.
FIG. 2 is a diagram illustrating a multi-application data fusion method according to the present invention.
Detailed Description
For a further understanding of the invention, reference should be made to the following detailed description taken in conjunction with the accompanying drawings.
As shown in fig. 1, the method adopted by the present invention is divided into 8 steps of system initialization, key distribution, node data homomorphic MAC generation, node data encryption transmission, multi-application data fusion, base station data decryption, base station multi-application data splitting, and data integrity analysis.
1. System initialization
System setting safety parameter k0K ', l, the base station randomly selects a security large prime number p, q so that p ═ 2p ' +1, q ═ 2q ' +1, | p | ═ q | ═ k0Then, n ═ pq, λ ═ lcm (p-1, q-1) ═ 2p 'q' is calculated, and l (x) ═ x-1)/n is defined.
According to the technical scheme, the specific parameters are set as follows:
parameter(s) Value taking
k0,p,q |p|=|q|=k0
n,n2 n=pq,|n|=2k0=1024,|n2|=4k0=2048
k',qi |qi|=k'=60
β0 β0=30
N,Nj,k,r N=1000,Nj=100,k=10,r=4
lM,l,d lM=|M|=16,|l|=160,|d|=3
Assuming that a sensor network needs to collect 3 environmental data of temperature, luminosity and smoke, the sensor network has 1000 nodes
Figure BDA0001797077020000061
Comprising 10 application groups
Figure BDA0001797077020000062
Each sensor node will send sensed data to its neighboring fusion node, each application group
Figure BDA0001797077020000063
The data range of transmission is |0, Mj| define M ═ max { M1,M2,…M10}. To detect data integrity, sense data miSplitting into 8 components (m)i1,mi2,…mi8) So that
Figure BDA0001797077020000064
The base station selects 11 prime numbers: beta is a0,q1,q2,…q10Each prime number qiAre 60 bits in length, i.e. | qiI is equal to or more than 1 and is equal to or less than 10, and the following calculation is carried out:
Figure BDA0001797077020000065
in order to ensure that the sensing data can be fused into a ciphertext, the parameters all satisfy the following conditions:
Figure BDA0001797077020000066
the method sets the data space to [0, M ═ 216]The number of sensors is N-210,|β030 to satisfy the condition N.M.ltoreq.beta0(ii) a Setting | qiK' 60 and d 3 to satisfy the condition N · ((d +1) · M · β)0+M)<qi(ii) a Passing condition log2k+k'(k+1)<| n | the number k of application groups to be set is 15 at maximum, where k is set to 10.
The method uses two hash functions h1And h2Generating a secret key and a random number, h1:{0,1}*→{0,1}lAnd
Figure BDA0001797077020000071
base station selects random number kiK is calculated as a shared key of the node i and the fusion node thereofix=h1(ki||tx),kix∈{0,1}lAnd the MAC value is used for generating the MAC value of the perception data so as to avoid the illegal nodes from implementing error data injection attacks.
The base station distributes a secret key { sk ] to each node1,sk2Two pseudo-random function generators
Figure BDA0001797077020000072
And
Figure BDA0001797077020000073
Figure BDA0001797077020000074
the method is used for calculating homomorphic MAC (media access control) so as to carry out integrity detection on fused data, and finally, a system public key pms is set to { n, q ═ n, q }i:i=1,2…k,βj:j=0,1,2…k,h1,h2,L(x)}。
2. Key distribution
A sensing node end: base station distributes MAC key { sk through secure channel1,sk2}, random key kiAnd a public key pms to each node SiEach node SiRespectively generate random numbers riRandom encryption is performed.
A fusion node end: distribution of the fusion node DA by the base stationjAnd node SiShared random key kiBase station and fusion node DAjShared secret key
Figure BDA0001797077020000075
And a public key pms.
A base station end: deploying a MAC Key { sk shared with a node1,sk2}, secret key shared with the fusion node
Figure BDA0001797077020000076
Public key pms and private key λ.
3. Generating node data homomorphic MAC
Data m collected by the node iiSplit into 8 components (m) of length 16 bitsi1,mi2,…mi8),
Figure BDA0001797077020000077
b<M。
At each time period txEach node generates a node data homomorphic MAC by:
Figure BDA0001797077020000078
using a random function generator F, a secret key sk2Node ID IDiGenerating random number v with packet ID ridi=F(sk2,idi,rid)
Using the previously generated random number vector u, random number viAnd a plaintext miGenerating node data miIs expressed as TiThe generation method comprises the following steps:
Figure BDA0001797077020000079
(symbol)
Figure BDA00017970770200000710
representing vectors u and miIn a limited domain
Figure BDA00017970770200000711
Inner product of (d).
Connecting the generated homomorphic MAC with the original plaintext, and obtaining the connected plaintext
Figure BDA00017970770200000712
Comprises the following steps:
Figure BDA00017970770200000713
4. node data encrypted transmission
(1) If sensing node
Figure BDA0001797077020000081
Then SiUsing a random number riAnd (beta)0j) The ciphertext is calculated as follows:
Figure BDA0001797077020000082
(2)Siusing a secret key kixCalculating macix=h1(cix||kix)。
(3)SiTransmission (c)ix,macix) To the fusion node.
5. Multi-application data fusion, as shown in figure 2,
(1) fusion node calculation kix=h1(ki||tx) And then calculating MAC value MAC 'of received ciphertext'ix=h1(cix||kix) Detects whether it is equal to the received MAC value
Figure BDA0001797077020000083
If they are equal, the cipher text is received, otherwise the reception is refused.
(2) Fusion node DAjAfter receiving the sensing data of all the child nodes, performing the following fusion operation:
Figure BDA0001797077020000084
and after all the fusion nodes (r nodes in total) finish the data fusion operation, uploading the fusion result and the MAC value thereof to the base station.
6. Base station deciphered data
Base station in time window txReceiving a fusion node j (1)<j is less than or equal to r) transmitted fusion value (C)jx,macjx) Then, calculate
Figure BDA0001797077020000085
Determine if the calculated MAC value is the same as the received MAC value, i.e.
Figure BDA0001797077020000086
If the two are the same, the fused value is received, otherwise, the fused value is discarded.
And (3) decrypting the data after detection is finished:
(1) base station in time window txCalculating C 'after receiving all fused values'x
Figure BDA0001797077020000091
(2) And the base station calculates:
Figure BDA0001797077020000092
further, it is possible to obtain:
Figure BDA0001797077020000093
7. base station splitting multi-application data
The base station calculates each application group
Figure BDA0001797077020000094
The fusion result and homomorphic MAC thereof:
Figure BDA0001797077020000095
Figure BDA0001797077020000096
Figure BDA0001797077020000097
8. data integrity analysis
Base station usage (sk)1,sk2,rid,idi) Calculating u 'and v'
Figure BDA0001797077020000098
Figure BDA0001797077020000101
The base station calculates a homomorphic MAC using u 'and v', compares it with the received MAC, i.e., determines
Figure BDA0001797077020000102
If the equation is true, the base station receives the result, otherwise discards the fusion result.
The present invention and its embodiments have been described above schematically, without limitation, and what is shown in the drawings is only one of the embodiments of the present invention, and the actual structure is not limited thereto. Therefore, if the person skilled in the art receives the teaching, without departing from the spirit of the invention, the person skilled in the art shall not inventively design the similar structural modes and embodiments to the technical solution, but shall fall within the scope of the invention.

Claims (1)

1. A privacy protection and integrity detection method suitable for multi-application data fusion of a wireless sensor network is characterized by comprising the following steps:
step S1, initializing the wireless sensor network system, the method includes:
firstly, a base station initializes the security parameters of a system by adopting a homomorphic Paillier encryption method, and the method comprises the following steps:
given a safety parameter k0K ', l, the base station randomly selects two security large prime numbers p and q, and let p ' and q ' be arbitrary prime numbers that make p 2p ' +1 and q 2q ' +1 hold, calculates n pq, calculates the least common multiple λ of p-1 and q-1, expressed as λ lcm (p-1, q-1) ═ 2p ' q ', and defines l (x) -1)/n;
secondly, each sensing node sends sensing data to adjacent fusion nodes, and N sensing nodes are shared in the sensing network
Figure FDA0003017299820000011
r fusion nodes containing k application groups
Figure FDA0003017299820000012
Each application group
Figure FDA0003017299820000013
The data range of transmission is |0, Mj|,MjDefining maximum M ═ max { M ] of all data of the wireless sensor network for maximum data in jth application group1,M2,…MkWhere the binary bit length of M is denoted as | M | ═ lM
Thirdly, detecting the integrity of the fusion data by using a homomorphic information verification code method, and enabling the sensing data m of each node iiSplitting into d components (m)i1,mi2,…mid) And make
Figure FDA0003017299820000014
The maximum value of each component is set as b, b<M, perception data MiAvailable finite field
Figure FDA0003017299820000015
To represent;
fourthly, the base station applies Chinese remainder theorem to respectively extract the fusion result of each application from the multi-application fusion data, and selects beta0,q1,q2,…qkA total of k +1 prime numbers, each prime number qi(1. ltoreq. i. ltoreq.k)The bit lengths are all k',
calculating Q ═ Q1×q2×…qk
Figure FDA0003017299820000016
βi=Qi·yi
The fifth step is to set h1And h2For two hash functions, the base station selects a random number kiAs shared key of node i and fusion node, combined with key kiAnd a time parameter txCalculating kix=h1(ki||tx) The base station distributes a random key { sk ] to each node1,sk2And (4) calculating homomorphic MAC by using two pseudo-random function generators G and F, and finally setting a system public key pms: pms ═ n, qi:i=1,2…k,βj:j=0,1,2…k,h1,h2,L(x)};
Step S2, key distribution, the method is:
first, the base station assigns the MAC key { sk in step S1 through a secure channel1,sk2}, random key kiAnd a public key pms to each node SiEach node SiRespectively generate random numbers riCarrying out random encryption;
secondly, the base station distributes to the jth fusion node DAjIt and node SiShared random key kiAnd a secret key shared by the base station and the fusion node
Figure FDA0003017299820000017
And a public key pms;
thirdly, the base station terminal deploys the MAC key { sk shared by the nodes1,sk2Key shared by base station and fusion node
Figure FDA0003017299820000021
Public key pms and private key λ generated in the first step of step S1;
step S3, generating a node data homomorphic MAC, the method includes:
in the first step, node i collects data miSplitting into d pieces with maximum length of lMComponent (m) ofi1,mi2,…mid) At time txInternal use random function generator G and key sk1Generating a random number vector u-G (sk)1);
Second, using random function generator F, key sk2Node ID IDiGenerating random number v with packet ID ridi=F(sk2,idi,rid);
Thirdly, using the random number vector u and the random number v generated previouslyiAnd a plaintext miGenerating node data miIs expressed as TiThe generation method comprises the following steps:
Figure FDA0003017299820000022
(symbol)
Figure FDA0003017299820000023
representing vectors u and miIn a limited domain
Figure FDA0003017299820000024
Inner product of (d);
fourthly, the generated homomorphic MAC is connected with the original plaintext, and the connected plaintext
Figure FDA0003017299820000025
Is composed of
Figure FDA0003017299820000026
Step S4, the node data is encrypted and transmitted, the method includes:
first, for belonging to the application set
Figure FDA0003017299820000027
Sensing node SiUsing n in the first step of step S1 and β in the fourth step of step S10And betaiStep S1 fifthHash function h in step2Random number r in the first step in step S2iT in the third step in step S3iIn the fourth step in step S3
Figure FDA0003017299820000028
And a time parameter txComputing the ciphertext cixThe method comprises the following steps:
Figure FDA0003017299820000029
second, using the key k in the fifth step of step S1ixAnd a hash function h1Computing the ciphertext cixMAC value of (d): macix=h1(cix||kix);
Third step, node SiTransmission (c)ix,macix) Giving the fusion node;
step S5, fusing multi-application data, the method is:
first, the fusion node calculates kix=h1(ki||tx) And then calculating MAC value MAC 'of received ciphertext'ix=h1(cix||kix) Comparing the received MAC value with the received MAC value, if the two MAC values are equal, receiving the ciphertext, otherwise refusing to receive;
second, the nodes DA are fusedjAfter receiving the ciphertext data of all child nodes, accumulating and multiplying all the received ciphertext data, and accumulating and multiplying the result with n2Performing modular search to obtain the final fusion ciphertext CjxThen combined with that in the second step of step S2
Figure FDA00030172998200000210
And a time parameter txComputing the fused ciphertext CjxMAC value MAC ofjxThe method comprises the following steps:
Figure FDA0003017299820000031
thirdly, after all the fusion nodes complete the data fusion operation, uploading the fusion result and the MAC value thereof to the base station;
step S6, the base station decrypts the data, the method is:
first, the base station at time txReceiving a fusion value (C) sent by a fusion node jjx,macjx) Then through
Figure FDA0003017299820000032
Calculating MAC value MAC of data'jxJudging whether the calculated MAC value is the same as the received MAC value, if so, receiving the fusion value, otherwise, discarding;
secondly, decrypting the data by using the property of homomorphic Paillier encryption, wherein the method comprises the following steps:
first, the base station is at time txCalculating fused ciphertexts C 'of k application environments by using private key lambda after receiving fused values uploaded by all r fused nodes'xThe method comprises the following steps:
Figure FDA0003017299820000033
then, define the function L as
Figure FDA0003017299820000034
The base station is according to a fusion value C'xCalculating fusion results Y of k application environments:
Figure FDA0003017299820000035
wherein n is calculated in the first step of step S1, and Q is calculated in the fourth step of step S1;
step S7, the base station splits the multi-application data, the method includes:
in the first step, the base station calculates each application group using the properties of the Chinese Remainder Theorem (CRT)
Figure FDA0003017299820000036
Fusion result of (2)jThe method comprises the following steps:
Figure FDA0003017299820000037
secondly, the base station extracts a fusion plaintext from the fusion result
Figure FDA0003017299820000038
And its fused homomorphic MAC values
Figure FDA0003017299820000039
The method comprises the following steps:
Figure FDA00030172998200000310
Figure FDA00030172998200000311
step S8, the base station analyzes the data integrity, the method includes:
first, base station uses (sk)1,sk2,rid,idi) Calculating homomorphic MAC parameters u 'and v':
Figure FDA00030172998200000312
Figure FDA0003017299820000041
second, the base station passes the parameters u' and v
Figure FDA0003017299820000042
Calculating a homomorphic MAC;
thirdly, the base station compares the calculated homomorphic MAC value with the received MAC value, namely, the judgment is carried out
Figure FDA0003017299820000043
If the two values are equal, the base station receives the fusion result, otherwise, the fusion result is discarded.
CN201811060913.7A 2018-09-12 2018-09-12 Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network Active CN109121134B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811060913.7A CN109121134B (en) 2018-09-12 2018-09-12 Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811060913.7A CN109121134B (en) 2018-09-12 2018-09-12 Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network

Publications (2)

Publication Number Publication Date
CN109121134A CN109121134A (en) 2019-01-01
CN109121134B true CN109121134B (en) 2021-06-29

Family

ID=64859320

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811060913.7A Active CN109121134B (en) 2018-09-12 2018-09-12 Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network

Country Status (1)

Country Link
CN (1) CN109121134B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110135196B (en) * 2019-05-10 2020-07-17 内蒙古工业大学 Data fusion tamper-proof method based on input data compression representation correlation analysis
CN110839028B (en) * 2019-11-14 2022-04-05 南京邮电大学 Privacy protection method for fog-assisted industrial Internet of things
CN111611623B (en) * 2020-07-03 2020-10-30 腾讯科技(深圳)有限公司 Private data processing method and device
CN112566059B (en) * 2020-12-04 2022-06-14 江西师范大学 Homomorphic fingerprint-based wireless sensor network data fusion method and system
CN113254989B (en) * 2021-04-27 2022-02-15 支付宝(杭州)信息技术有限公司 Fusion method and device of target data and server
CN114219052A (en) * 2022-02-23 2022-03-22 富算科技(上海)有限公司 Graph data fusion method and device, electronic equipment and storage medium
CN115333721B (en) * 2022-10-13 2023-02-03 北京融数联智科技有限公司 Privacy set intersection calculation method, device and system
CN115629783B (en) * 2022-10-27 2023-05-26 北方工业大学 Model updating method for protecting privacy and resisting abnormal data in mobile crowd sensing

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102638791A (en) * 2012-04-11 2012-08-15 南京邮电大学 Protection method for fusion integrity of sensor network data
CN103826223A (en) * 2014-01-06 2014-05-28 杭州职业技术学院 Authentication method suitable for clustering wireless sensing network
CN104967517A (en) * 2015-07-24 2015-10-07 电子科技大学 Network data aggregation method for wireless sensor
CN107231628A (en) * 2017-05-12 2017-10-03 南京邮电大学 A kind of secure data fusion method suitable for many application scenarios

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6886047B2 (en) * 1998-11-13 2005-04-26 Jp Morgan Chase Bank System and method for managing information retrievals for integrated digital and analog archives on a global basis

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102638791A (en) * 2012-04-11 2012-08-15 南京邮电大学 Protection method for fusion integrity of sensor network data
CN103826223A (en) * 2014-01-06 2014-05-28 杭州职业技术学院 Authentication method suitable for clustering wireless sensing network
CN104967517A (en) * 2015-07-24 2015-10-07 电子科技大学 Network data aggregation method for wireless sensor
CN107231628A (en) * 2017-05-12 2017-10-03 南京邮电大学 A kind of secure data fusion method suitable for many application scenarios

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
CDAMA: Concealed Data Aggregation Scheme for Multiple Applications in Wireless Sensor Networks;Yue-Hsun Lin;Shih-Ying Chang;Hung-Min Sun;《IEEE Transactions on Knowledge and Data Engineering》;20120501;全文 *
WSNs中可保护数据完整性和隐私的数据融合算法;周强;《计算机应用研究》;20130731;全文 *
一种可检测数据完整性的隐私数据融合算法;周强;《电子与信息学报》;20130630;全文 *
基于同态 MAC 的无线传感网安全数据融合方案;周强;《电子与信息学报》;20140731;全文 *

Also Published As

Publication number Publication date
CN109121134A (en) 2019-01-01

Similar Documents

Publication Publication Date Title
CN109121134B (en) Privacy protection and integrity detection method suitable for multi-application data fusion of wireless sensor network
CN105812369B (en) A kind of traceable anonymous authentication method based on elliptic curve
CN109672517B (en) Encryption and decryption method of OFDM-PON system based on cellular neural network
CN111447053B (en) Data secure transmission method and system
CN111092717A (en) Group authentication-based safe and reliable communication method in smart home environment
Zhao et al. RSA-based digital image encryption algorithm in wireless sensor networks
Lytvyn et al. Information encryption based on the synthesis of a neural network and AES algorithm
Wang et al. Securing messaging services through efficient signcryption with designated equality test
CN108880783B (en) Combined attack method aiming at SM4 algorithm
Li et al. Detection of false data injection attacks on smart grids: A resilience-enhanced scheme
Mantoro et al. Securing the authentication and message integrity for Smart Home using smart phone
CN106850566A (en) A kind of method and device of consistency verification of data
Jolfaei et al. A lightweight integrity protection scheme for low latency smart grid applications
Iqbal et al. Low-cost and secure communication system for remote micro-grids using AES cryptography on ESP32 with LoRa module
Zhu et al. An efficient identity-based proxy blind signature for semioffline services
CN114401153B (en) Authentication method and system of intelligent well lid equipment
Joshi et al. Secure authentication approach using Diffie-Hellman key exchange algorithm for WSN
Badar et al. Secure authentication protocol for home area network in smart grid-based smart cities
Jolfaei et al. A lightweight integrity protection scheme for fast communications in smart grid
Zhou et al. A secure data transmission scheme for wireless sensor networks based on digital watermarking
Abdolinezhad et al. A lightweight mutual authentication protocol based on physical unclonable functions
Dhiman et al. Watermarking schemes for secure data aggregation in wireless sensor networks: A review paper
Wang et al. Information security in the smart grid: Survey and challenges
Nanda et al. Secure and efficient key management scheme for wireless sensor networks
Alam A novel non-cryptographic security services for advanced metering infrastructure in smart grid

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant