CN110049000A - A kind of size space Internet of Things communication means and system of polymerization and difference safety in plain text - Google Patents
A kind of size space Internet of Things communication means and system of polymerization and difference safety in plain text Download PDFInfo
- Publication number
- CN110049000A CN110049000A CN201910069048.0A CN201910069048A CN110049000A CN 110049000 A CN110049000 A CN 110049000A CN 201910069048 A CN201910069048 A CN 201910069048A CN 110049000 A CN110049000 A CN 110049000A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- internet
- things
- responsible
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/38—Services specially adapted for particular environments, situations or purposes for collecting sensor information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
A kind of size space of the present invention polymerize in plain text and the Internet of Things communication means and system of difference safety, is responsible for managing whole system by trusted authority;It is responsible for the real-time report data of integrated processing and analysis user by control centre, and comprehensive intelligent Service is provided;It is responsible for report data being transmitted to control centre by gateway and data is polymerize;It is responsible for acquiring and periodically reporting the size plaintext space data of user in real time by the sensing node of Internet of Things sensing terminal, the specific steps are as follows: system initialisation phase;User data reports the stage;The secure data aggregation stage;Aggregated data Restoration stage.Of the invention innovative constructsThe Algebraic Structure of large and small plaintext space data safety polymerization demand is supported on group simultaneously;The difference privacy utility and difference personal secrets for optimizing and balancing data aggregate system, to effectively defend differential attack;By constructing hierarchy type framework, it is effective against the privacy information that attacker steals user by differential attack.
Description
Technical field
The invention belongs to Internet of Things fields of communication technology, and in particular to a kind of size space object of polymerization and difference safety in plain text
Connection believes method and system.
Background technique
In the prior art, by introducing the distributed blind factor, Shi et al. carries out blinding processing to the report data of user,
Control centre passes through again blinds the aggregated data that operation obtains whole users.However, only to realize (ε, δ) difference hidden for the system
Private safety, each user adds noise by distributed mode with certain probability δ, therefore added noise information has
The utility of uncertainty, difference privacy is very low.G.Acs et al. is by devising data aggregate in shared among users privacy key
System, however the storage of privacy key distribution algorithms, communication, computing cost are huge, network delay is serious;For possible network
Packet loss and potential differential attack, the system add additional noise based on imaginary network packet loss rate to meet difference privacy
Safety requirements, since actual communication failure and physical fault are difficult accurately to predict, the average effect of system difference privacy
It is very low with property.Based on BGN homomorphic cryptography technology, related scholar proposes some data aggregation schemes, for protecting Internet of Things logical
The individual privacy of user in letter system.Due to being decrypted based on the data aggregation scheme of BGN mechanism dependent on force search technology
And obtain the polymerization of user in plain text, it is therefore necessary to limit the report data of each user in some small plaintext space, the constraint item
Part high degree limits the practicability of system.In addition, related scholar is based on hiding, logical with modulo addition encryption, multinomial coefficient
The some data aggregation schemes of the Technology designs such as letter data distributed storage.But data with existing paradigmatic system all cannot be simultaneously
Support small plaintext space and big plaintext space data aggregate;Moreover, not being highly resistant to network system especially Internet of Things communication system
It unites potential differential attack, the utility of difference privacy is very low.Therefore, lack for Internet of Things network communication system it is efficient, safe,
Wide area (while supporting size plaintext space information) data aggregate system.
Summary of the invention
Aiming at the problems existing in the prior art, what the present invention designed is designed to provide a kind of size space polymerization in plain text
And the Internet of Things communication means and system of difference safety.Internet of Things network communication system is related to a large amount of smart machine, by information collection,
It transmits and shared, realizes automation and intelligentification monitoring, data analysis and Coordination Decision in the case of unmanned intervention.Due to its tool
Have lower lower deployment cost and universal applicability, therefore, traffic monitoring, intelligent metering, environmental monitoring, Industry Control and
The fields such as weather forecast have broad application prospects.Although the Internet of Things network communication system for different application field exists centainly
Otherness, but overall architecture is substantially similar, usually there are three parts: perception domain, network domains and application domain, as shown in Figure 1.
Under this frame, information is generated by the sensor in perception domain, is then passed by the wire/wireless mode in network domains
It is defeated, it is transferred to application domain finally by gateway, focused on, analyzed and decision.However, open internet makes Internet of Things
Net application system faces the severe challenge in terms of many information securities and secret protection.Therefore, which realizes a safety
Internet of things data communication system, main innovation point include: 1) innovative construct be used for while supporting large and small plaintext space
The Algebraic Structure of data safety polymerization demand;2) be based on theory support, devise protection Internet of Things perception terminal privacy of user,
Practical and efficient secure data aggregation algorithm and application system;3) for the dispersibility of Internet of Things communication node, randomness topology
Structure, the distributed Laplce's noise of ingenious involvement, guarantee it is lower calculate, storage and while communication cost, optimization with
The difference privacy utility (small noise) and difference personal secrets for balancing data aggregate system, to effectively defend difference
Attack;4) bionical to the progress artificial intelligence of typical Internet of Things network communication system, based on perception domain, network domains and application domain, design
The hierarchy type framework of " sensing node --- gateway --- control centre ", and by customizing the design of security software algorithm, have
Effect has resisted the privacy information that inside and outside portion attacker steals user by network attack, data analysis and differential attack.
The present invention is realized by the following technical programs:
A kind of size space polymerize in plain text and the Internet of Things communication means of difference safety, it is characterised in that this method base
In Internet of Things communication system applications scene, it is responsible for managing whole system by trusted authority;By control centre be responsible for integrated, processing and
The real-time report data of user is analyzed, and global comprehensive intelligent Service is provided;It is responsible for by gateway by the report data of each user
The data for being transmitted to control centre and being responsible for submitting each user polymerize;By being sensed with Internet of Things for Internet of Things sensing terminal
N sensing node of device is responsible for acquiring and periodically reporting the big plaintext space data m of user in real timeiWith small plaintext spatial data
xi, the specific steps are as follows:
(1) system initialisation phase
1) trusted authority generates safe prime p at random and meets p=2q+1 according to the security parameter τ of input, wherein | p |=
λ, q are also Big prime;Randomly choose groupGeneration memberCalculate h=gp mod p2;Select cryptography meaning safety
Hash function
2) under conditions of system above parameter setting, in groupIn there are following relationships: i)xp(p-1)=
1mod p2;Ii y=1+p, y) are enabledp=1mod p2;
3) trusted authority executes following operation, distributes all user U={ U1, U2..., Un, gateway and control centre it is secret
Confidential information:
S is randomly choosed for each useri∈Zp(p-1)(wherein i=1,2 ..., n), and respectively by siDistribute to each user Ui;
It selects and calculates sc, sg∈Zp(p-1), meet
Respectively by sc、sgAnd si(wherein i=1,2 ..., n) distributes to control centre, gateway and each user Ui, make
For respective secret information;
4) trusted authority publication PK=(p, g, h, H), as system public key;
(2) user data reports the stage
Each user Ui(wherein i=1,2 ..., n) is in data report time point tγ, following operation is executed, by 2 seed types
Data < mi, xi> report to gateway:
1) it calculates Its
Middle G1(n, λ), G2(n,λ)、G1' (n, λ) and G2' (n, λ) is 4 obedience gamma distributions I.i.d. random variables (wherein x >=0, Γ (1/n) be gamma function point 1/n function
Value;For big plaintext space data;xi∈ 0,1,2 ..., and Δ } it is that small plaintext is empty
Between data, wherein Δ be each user's report data maximum value);
2) willIt reports to gateway;
(3) the secure data aggregation stage
When gateway receive it is allAfter (wherein i=1,2 ..., n), following operation is executed:
1) it calculates
2) willIt reports to control centre;
(4) aggregated data Restoration stage
When control centre receives the aggregation information of encryptionAfter, execute following operation:
1) it calculates
2) it calculates
3) it calculatesI.e.It is the discrete logarithm at bottom based on h, to restore
All users out, small plaintext spatial clustering data comprising noise informationDue to Still exist
Small plaintext space { 0,1,2 ..., n Δ } can be using Pollard methodThe above behaviour is completed in computation complexity
Make;
4) it calculates
BecauseSoTherefore,
5) it calculatesIt recovers
All users', the big plaintext space aggregated data comprising noise information
A kind of size space polymerize in plain text and the Internet of Things communication means of difference safety, it is characterised in that i)xp(p-1)=1mod p2;Ii y=1+p, y) are enabledp=1mod p2It is derived from by following:
According to Euler's function, φ (p2)=p2(1-1/p)=p (p-1)=2pq, so groupIn share 2pq element.
For being less than the integer of pAccording to fermat's little theorem, xp-1Therefore=1mod p for some integer k, meets xp-1=
1+k p.ToAs k=1,Y=1+p is enabled, then gcd (y, p2)=1, therefore yp=1mod
p2。
A kind of size space polymerize in plain text and the Internet of Things network communication system of difference safety, characterized by comprising:
Trusted authority: being responsible for management whole system, is authoritative center with a high credibility, that computing capability is strong;
Control centre: being responsible for integrating, handle and analyzing the real-time report data of each user, and provides global comprehensive intelligence
Service;
Gateway: it is responsible for for the report data of each user being transmitted to the relay function of control centre;It is responsible for submitting each user
The polymerizable functional that is polymerize of data;
Sensing node: Internet of Things sensing terminal shares n node N={ N1,N2,…,NnOr user U={ U1,U2,…,Un,
The maximum value of n is nmax, each node Ni∈ N is provided with internet of things sensors, for acquiring in real time and periodically reporting user's
2 seed type data < mi,xi>, wherein miFor big plaintext space data, xiFor small plaintext spatial data.
A kind of size space polymerize in plain text and the Internet of Things network communication system of difference safety, it is characterised in that also wraps
It includes:
(1) system initialization module
1) with the help of trusted authority, constructionThe generation of large and small plaintext space data aggregate application is supported on group simultaneously
Table structure, the method for privacy and safety for protecting users personal data;
2) with the help of trusted authority, using distributed technology, in sensing node N={ N1,N2,…,Nn, gateway
The shared secret information s between control centrei(wherein i=1,2 ..., n), sgAnd sc, meetConstraint condition, the method for protecting privacy of user;
3) fermat's little theorem, Euler's function, binomial theorem are combined, Structural application is in the generation of Internet of Things secure data communication
Table structure and practical algorithm, the method for privacy and safety for protecting users personal data;
(2) user data reporting module
1) adaptation Internet of Things network communication system dispersibility, randomness topological structure, while supporting that large and small plaintext space data are poly-
The technology that the distributed data of conjunction is reported (its
Middle i=1,2 ..., n), the method for protecting each sensing node personal secrets;
2) Laplce's noise is utilized(wherein G1(n, λ) and G2
(n, λ) is 2 obedience gamma distributionsI.i.d. random variables, x >=0, Γ
(1/n) be gamma function 1/n point functional value) limitlessly detachable solution attribute, gamma is added by distributed mode and is made an uproar
Sound is resisted difference for sensing node and is attacked to obtain the technology that overall effect is equivalent to centralization addition Laplce's noise
The method hit;
(3) secure data aggregation module
1) technology that Internet of Things communication data is routed and relayed by gateway realizes sensing node and control centre
Between bidirectional safe data forwarding method;
2) safe polymeric is carried out by report data of the gateway to sensing node each in Internet of Things Reduce the calculated load of control centre, and mitigate the network overhead of system, thus significantly
The method for promoting Internet of Things communication system data reporting efficiency and safety;
3) pass through the secret information s of implantation gatewayg, connection, collaborative center and sensing node reduce control centre behaviour
The technology for making permission, the method reported for sensing node secret protection and secure data;
(4) aggregated data recovery module
1) pass through the secret information s of involvement control centrec, eliminate and meet The technology of the polymerization ciphertext additional information of constraint condition, for protect users personal data privacy and
Guarantee the method for communication system security;
2) it is based onThe mathematical relationship (1+p) derived on groupp=1mod p2, isolate small plaintext aggregated data ciphertextTechnology, for protect users personal data privacy and guarantee communication system
The method for safety of uniting;
3) small plaintext aggregated data ciphertext is calculated based on Pollard method
It is the discrete logarithm at bottom based on h, recovers small plaintext aggregated dataSkill
Art, for protecting users personal data privacy and guaranteeing the method for communication system security;
4) it is separated by small plaintext aggregated data, obtains big plaintext aggregated data ciphertextAnd then restored greatly in plain text based on fermat's little theorem and binomial theorem
Aggregated dataTechnology, for protecting users personal data privacy and guarantee
The method of communication system security;
5) the limitlessly detachable solution attribute for utilizing Laplce's noise, is equivalent to by being embedded in the aggregated data of user
The technology of the distributed gamma noise of centralized Laplce's noise, the method for resisting user data differential attack.
Compared with the prior art, the present invention has the following beneficial effects:
1) based on number theory and algebraic geometry scheduling theory basis and mathematical characteristic, innovative is constructedIt is propped up simultaneously on group
Hold the Algebraic Structure of large and small plaintext space data safety polymerization demand;
2) conglomeration connected network communication system application demand, devise protection privacy of user, it is practical and efficient while support
The secure data communication method and system of large and small plaintext space data aggregate;
3) for the dispersibility of Internet of Things communication node, randomness topological structure, the distributed Laplce of ingenious involvement makes an uproar
Sound, while guaranteeing lower calculating, storage and communication cost, the difference privacy for optimizing and balancing data aggregate system is imitated
With property (small noise) and difference personal secrets, to effectively defend differential attack.
4) by the hierarchy type framework of building " sensing node --- gateway --- control centre ", to Internet of Things network communication system
It is bionical to carry out hardware artificial intelligence, and by customizing the design of security software algorithm, has been effective against inside and outside portion attacker and has passed through
Differential attack steals the privacy information of user.
Figure of description
Fig. 1 is internet of things system structure figure;
Fig. 2 is system architecture diagram.
Specific embodiment
Below in conjunction with Figure of description, the present invention is described in further details, and provides specific embodiment.
A kind of size space Internet of Things communication means of polymerization and difference safety in plain text, this method is based on typical Internet of Things Netcom
Letter system application scenarios, system overall architecture is as shown in Fig. 2, include following four participant: trusted authority: a confidence level
Management whole system is responsible at authoritative center high, computing capability is strong;Control centre: having high reliability, is responsible for integrated, processing
With analyze the real-time report data of each user, and provide global comprehensive intelligent Service;Gateway: major function includes 2 aspects:
First, relay function is responsible for the report data of each user being transmitted to control centre;Second, polymerizable functional is responsible for each user
The data of submission are polymerize;Sensing node: Internet of Things sensing terminal shares n node N={ N1,N2,…,Nn(or user U=
{U1,U2,…,Un), the maximum value of n is nmax, each node Ni∈ N is provided with internet of things sensors, for acquiring simultaneously week in real time
2 seed type data < m of phase property report useri,xi>, wherein miFor big plaintext space data, xiFor small plaintext spatial data.
This method specifically includes the following steps:
(1) system initialisation phase
1) trusted authority generates safe prime p at random and meets p=2q+1 according to the security parameter τ of input, wherein | p |=
λ, q are also Big prime;Randomly choose groupGeneration memberCalculate h=gp mod p2;Select cryptography meaning safety
Hash function
2) under conditions of system above parameter setting, in groupIn there are following relationships: i)xp(p-1)=
1mod p2;Ii y=1+p, y) are enabledp=1mod p2。
Above-mentioned relation is set up to be derived from by following:
According to Euler's function, φ (p2)=p2(1-1/p)=p (p-1)=2pq, so groupIn share 2pq element.
For being less than the integer of pAccording to fermat's little theorem, xp-1Therefore=1mod p for some integer k, meets xp-1
=1+k p.ToAs k=1,Y=1+p is enabled, then gcd (y, p2)=1, therefore yp=1mod
p2;
3) trusted authority executes following operation, distributes all user U={ U1,U2,…,Un, gateway and control centre it is secret
Confidential information:
S is randomly choosed for each useri∈Zp(p-1)(wherein i=1,2 ..., n), and respectively by siDistribute to each user Ui;
It selects and calculates sc,sg∈Zp(p-1), meet
Respectively by sc、sgAnd si(wherein i=1,2 ..., n) distributes to control centre, gateway and each user Ui, make
For respective secret information;
4) trusted authority publication PK=(p, g, h, H), as system public key;
(2) user data reports the stage
Each user Ui(wherein i=1,2 ..., n) is in data report time point tγ, following operation is executed, by 2 seed types
Data < mi,xi> report to gateway:
1) it calculates Its
Middle G1(n,λ)、G2(n,λ)、G1' (n, λ) and G2' (n, λ) is 4 obedience gamma distributions I.i.d. random variables (wherein x >=0, Γ (1/n) be gamma function point 1/n function
Value;For big plaintext space data;xi∈ 0,1,2 ..., and Δ } it is that small plaintext is empty
Between data, wherein Δ be each user's report data maximum value);
2) willIt reports to gateway;
(3) the secure data aggregation stage
When gateway receive it is allAfter (wherein i=1,2 ..., n), following operation is executed:
1) it calculates
2) willIt reports to control centre;
(4) aggregated data Restoration stage
When control centre receives the aggregation information of encryptionAfter, execute following operation:
1) it calculates
2) it calculates
3) it calculatesI.e.It is the discrete logarithm at bottom based on h, to restore
All users out, small plaintext spatial clustering data comprising noise informationDue to Still exist
Small plaintext space { 0,1,2 ..., n Δ } can be using Pollard methodThe above behaviour is completed in computation complexity
Make;
4) it calculates
BecauseSoTherefore,
5) it calculatesIt recovers
All users', the big plaintext space aggregated data comprising noise information
A kind of size space Internet of Things network communication system of polymerization and difference safety in plain text, comprising:
Trusted authority: being responsible for management whole system, is authoritative center with a high credibility, that computing capability is strong;Control centre: negative
Duty integrates, handles and analyzes the real-time report data of each user, and provides global comprehensive intelligent Service;Gateway: being responsible for will be each
The report data of user is transmitted to the relay function of control centre;It is responsible for the polymerization function being polymerize to the data that each user submits
Energy;Sensing node: Internet of Things sensing terminal shares n node N={ N1,N2,…,NnOr user U={ U1,U2,…,Un, n is most
Big value is nmax, each node Ni∈ N is provided with internet of things sensors, for acquire in real time and periodically report user 2 types
Type data < mi,xi>, wherein miFor big plaintext space data, xiFor small plaintext spatial data.The system further include:
(1) system initialization module
1) with the help of trusted authority, constructionThe generation of large and small plaintext space data aggregate application is supported on group simultaneously
Table structure, the method for privacy and safety for protecting users personal data;
2) with the help of trusted authority, using distributed technology, in sensing node N={ N1,N2,…,Nn, gateway
The shared secret information s between control centrei(wherein i=1,2 ..., n), sgAnd sc, meetConstraint condition, the method for protecting privacy of user;
3) fermat's little theorem, Euler's function, binomial theorem are combined, Structural application is in the generation of Internet of Things secure data communication
Table structure and practical algorithm, the method for privacy and safety for protecting users personal data;
(2) user data reporting module
1) adaptation Internet of Things network communication system dispersibility, randomness topological structure, while supporting that large and small plaintext space data are poly-
The technology that the distributed data of conjunction is reported
(wherein i=1,2 ..., n), the method for protecting each sensing node personal secrets;
2) Laplce's noise is utilized(wherein G1(n, λ) and G2
(n, λ) is 2 obedience gamma distributionsI.i.d. random variables, x >=0, Γ
(1/n) be gamma function 1/n point functional value) limitlessly detachable solution attribute, gamma is added by distributed mode and is made an uproar
Sound is resisted difference for sensing node and is attacked to obtain the technology that overall effect is equivalent to centralization addition Laplce's noise
The method hit;
(3) secure data aggregation module
1) technology that Internet of Things communication data is routed and relayed by gateway realizes sensing node and control centre
Between bidirectional safe data forwarding method;
2) safe polymeric is carried out by report data of the gateway to sensing node each in Internet of Things Reduce the calculated load of control centre, and mitigate the network overhead of system, thus significantly
The method for promoting Internet of Things communication system data reporting efficiency and safety;
3) pass through the secret information s of implantation gatewayg, connection, collaborative center and sensing node reduce control centre behaviour
The technology for making permission, the method reported for sensing node secret protection and secure data;
(4) aggregated data recovery module
1) pass through the secret information s of involvement control centrec, eliminate and meet
The technology of the polymerization ciphertext additional information of constraint condition, for protecting users personal data privacy and guaranteeing communication system security
Method;
2) it is based onThe mathematical relationship (1+p) derived on groupp=1mod p2, isolate small plaintext aggregated data ciphertextTechnology, for protect users personal data privacy and guarantee communication system
The method for safety of uniting;
3) small plaintext aggregated data ciphertext is calculated based on Pollard method
It is the discrete logarithm at bottom based on h, recovers small plaintext aggregated dataSkill
Art, for protecting users personal data privacy and guaranteeing the method for communication system security;
4) it is separated by small plaintext aggregated data, obtains big plaintext aggregated data ciphertextAnd then restored greatly in plain text based on fermat's little theorem and binomial theorem
Aggregated dataTechnology, for protecting users personal data privacy and guarantee
The method of communication system security;
5) the limitlessly detachable solution attribute for utilizing Laplce's noise, is equivalent to by being embedded in the aggregated data of user
The technology of the distributed gamma noise of centralized Laplce's noise, the method for resisting user data differential attack.
The application system has following technical characteristic:
(1) based on number theory and algebraic geometry scheduling theory basis and mathematical characteristic, innovative is constructedIt is propped up simultaneously on group
Hold the Algebraic Structure of large and small plaintext space data safety polymerization demand;
(2) conglomeration connected network communication system application demand, devise protection privacy of user, it is practical and efficient while support
The secure data communication method and system of large and small plaintext space data aggregate;
(3) for the dispersibility of Internet of Things communication node, randomness topological structure, the distributed Laplce of ingenious involvement makes an uproar
Sound, while guaranteeing lower calculating, storage and communication cost, the difference privacy for optimizing and balancing data aggregate system is imitated
With property (small noise) and difference personal secrets, to effectively defend differential attack.
(4) by building " sensing node-gateway-control centre " hierarchy type framework, to Internet of Things network communication system into
Row hardware artificial intelligence is bionical, and by customizing the design of security software algorithm, has been effective against inside and outside portion attacker and has passed through difference
The privacy information for dividing attack to steal user.
Claims (4)
1. a kind of size space polymerize in plain text and the Internet of Things communication means of difference safety, it is characterised in that this method is based on Internet of Things
Communication system applications scene is responsible for managing whole system by trusted authority;Integrated, processing and analysis user are responsible for by control centre
Real-time report data, and provide global comprehensive intelligent Service;It is responsible for the report data of each user being transmitted to control by gateway
Center processed and the data for being responsible for submitting each user polymerize;By the n with internet of things sensors of Internet of Things sensing terminal
Sensing node is responsible for acquiring and periodically reporting the big plaintext space data m of user in real timeiWith small plaintext spatial data xi, specifically
Steps are as follows:
(1) system initialisation phase
1) trusted authority generates safe prime p at random and meets p=2q+1 according to the security parameter τ of input, wherein | p |=λ, q
For Big prime;Randomly choose groupGeneration memberCalculate h=gp mod p2;Select the Kazakhstan of cryptography meaning safety
Uncommon function H:
2) under conditions of system above parameter setting, in groupIn there are following relationships: i)xp(p-1)=1
mod p2;Ii y=1+p, y) are enabledp=1 mod p2;
3) trusted authority executes following operation, distributes all user U={ U1,U2,…,Un, the secret letter of gateway and control centre
Breath:
S is randomly choosed for each useri∈Zp(p-1)(wherein i=1,2 ..., n), and respectively by siDistribute to each user Ui;
It selects and calculates sc,sg∈Zp(p-1), meet
Respectively by sc、sgAnd si(wherein i=1,2 ..., n) distributes to control centre, gateway and each user Ui, as respective
Secret information;
4) trusted authority publication PK=(p, g, h, H), as system public key;
(2) user data reports the stage
Each user Ui(wherein i=1,2 ..., n) in data report time point tγ, following operation is executed, by the data of 2 seed types
<mi, xi > report is to gateway:
1) it calculates Wherein G1
(n,λ)、G2(n,λ)、G1' (n, λ) and G2' (n, λ) is 4 obedience gamma distributions
I.i.d. random variables (wherein x >=0, Γ (1/n) be gamma function point 1/n functional value;For big plaintext space data;xi∈ 0,1,2 ..., and Δ } it is small plaintext space
Data, wherein Δ is the maximum value of each user's report data);
2) willIt reports to gateway;
(3) the secure data aggregation stage
When gateway receive it is allAfter (wherein i=1,2 ..., n), following operation is executed:
1) it calculates
2) willIt reports to control centre;
(4) aggregated data Restoration stage
When control centre receives the aggregation information of encryptionAfter, execute following operation:
1) it calculates
2) it calculates
3) it calculatesI.e.It is the discrete logarithm at bottom based on h, to recover institute
There is user, the small plaintext spatial clustering data comprising noise informationDue to Still exist
Small plaintext space { 0,1,2 ..., n Δ } can be using Pollard methodThe above behaviour is completed in computation complexity
Make;
4) it calculates
BecauseSoTherefore,
5) it calculatesIt recovers all
User's, the big plaintext space aggregated data comprising noise information
2. the Internet of Things communication means of polymerization and difference safety, feature exist in plain text in a kind of size space as described in claim 1
In i)xp(p-1)=1mod p2;Ii y=1+p, y) are enabledp=1mod p2It is derived from by following:
According to Euler's function, φ (p2)=p2(1-1/p)=p (p-1)=2pq, so groupIn share 2pq element.For
Integer less than pAccording to fermat's little theorem, xp-1Therefore=1mod p for some integer k, meets xp-1=1+k
p.ToAs k=1,Y=1+p is enabled, then gcd (y, p2)=1, therefore yp=1mod
p2。
3. a kind of size space polymerize in plain text and the Internet of Things network communication system of difference safety, characterized by comprising:
Trusted authority: being responsible for management whole system, is authoritative center with a high credibility, that computing capability is strong;
Control centre: being responsible for integrating, handle and analyzing the real-time report data of each user, and provides global comprehensive Intellectual garment
Business;
Gateway: it is responsible for for the report data of each user being transmitted to the relay function of control centre;It is responsible for the number submitted to each user
According to the polymerizable functional being polymerize;
Sensing node: Internet of Things sensing terminal shares n node N={ N1,N2,…,NnOr user U={ U1,U2,…,Un, n's
Maximum value is nmax, each node Ni∈ N is provided with internet of things sensors, for acquiring in real time and periodically reporting 2 kinds of user
Categorical data < mi,xi>, wherein miFor big plaintext space data, xiFor small plaintext spatial data.
4. a kind of size space as claimed in claim 3 polymerize in plain text and the Internet of Things network communication system of difference safety, feature
It is further include:
(1) system initialization module
1) with the help of trusted authority, constructionThe algebra knot of large and small plaintext space data aggregate application is supported on group simultaneously
Structure, the method for privacy and safety for protecting users personal data;
2) with the help of trusted authority, using distributed technology, in sensing node N={ N1,N2,…,Nn, gateway and control
Shared secret information s between center processedi(wherein i=1,2 ..., n), sgAnd sc, meetConstraint condition, the method for protecting privacy of user;
3) fermat's little theorem, Euler's function, binomial theorem are combined, Structural application is in the algebra knot of Internet of Things secure data communication
Structure and practical algorithm, the method for privacy and safety for protecting users personal data;
(2) user data reporting module
1) adaptation Internet of Things network communication system dispersibility, randomness topological structure, while supporting large and small plaintext space data aggregate
The technology that distributed data is reported
(wherein i=1,2 ..., n), the method for protecting each sensing node personal secrets;
2) Laplce's noise is utilized(wherein G1(n, λ) and G2(n,λ)
It is distributed for 2 obedience gammasI.i.d. random variables, x >=0, Γ (1/n)
For gamma function 1/n point functional value) limitlessly detachable solution attribute, gamma noise is added by distributed mode, from
And the technology that overall effect is equivalent to centralization addition Laplce's noise is obtained, the side of differential attack is resisted for sensing node
Method;
(3) secure data aggregation module
1) technology that Internet of Things communication data is routed and relayed by gateway is realized between sensing node and control centre
The method of bidirectional safe data forwarding;
2) safe polymeric is carried out by report data of the gateway to sensing node each in Internet of Things
Reduce the calculated load of control centre, and mitigate the network overhead of system, to be obviously improved Internet of Things communication system data
The method of reporting efficiency and safety;
3) pass through the secret information s of implantation gatewayg, connection, collaborative center and sensing node reduce control centre's operating rights
The technology of limit, the method reported for sensing node secret protection and secure data;
(4) aggregated data recovery module
1) pass through the secret information s of involvement control centrec, eliminate and meet
The technology of the polymerization ciphertext additional information of constraint condition, for protecting users personal data privacy and guaranteeing communication system security
Method;
2) it is based onThe mathematical relationship (1+p) derived on groupp=1mod p2, isolate small plaintext aggregated data ciphertextTechnology, for protect users personal data privacy and guarantee communication
The method of system safety;
3) small plaintext aggregated data ciphertext is calculated based on Pollard methodBase
In the discrete logarithm that h is bottom, small plaintext aggregated data is recoveredTechnology,
For protecting users personal data privacy and guaranteeing the method for communication system security;
4) it is separated by small plaintext aggregated data, obtains big plaintext aggregated data ciphertextAnd then restore big bright with binomial theorem based on fermat's little theorem
Literary aggregated dataTechnology, for protecting users personal data privacy and guarantor
The method for demonstrate,proving communication system security;
5) the limitlessly detachable solution attribute for utilizing Laplce's noise, is equivalent to concentrate by being embedded in the aggregated data of user
The technology of the distributed gamma noise of formula Laplce's noise, the method for resisting user data differential attack.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910069048.0A CN110049000B (en) | 2019-01-24 | 2019-01-24 | Internet of things communication method and system for plaintext aggregation and difference security in large and small spaces |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910069048.0A CN110049000B (en) | 2019-01-24 | 2019-01-24 | Internet of things communication method and system for plaintext aggregation and difference security in large and small spaces |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110049000A true CN110049000A (en) | 2019-07-23 |
CN110049000B CN110049000B (en) | 2021-11-23 |
Family
ID=67274147
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910069048.0A Active CN110049000B (en) | 2019-01-24 | 2019-01-24 | Internet of things communication method and system for plaintext aggregation and difference security in large and small spaces |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110049000B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120197856A1 (en) * | 2011-01-28 | 2012-08-02 | Cisco Technology, Inc. | Hierarchical Network for Collecting, Aggregating, Indexing, and Searching Sensor Data |
US8238290B2 (en) * | 2010-06-02 | 2012-08-07 | Erik Ordentlich | Compressing data in a wireless multi-hop network |
CN104007336A (en) * | 2014-05-06 | 2014-08-27 | 昆明理工大学 | Transformer on-line monitoring information polymerization method based on internet of things |
CN104579781A (en) * | 2015-01-12 | 2015-04-29 | 浙江工商大学 | Smart power grid aggregation method and system for differential privacy security and fault tolerance |
CN104580061A (en) * | 2015-01-12 | 2015-04-29 | 浙江工商大学 | Aggregation method and system supporting fault tolerance and resisting differential attacks in smart power grid |
CN104639311A (en) * | 2015-01-12 | 2015-05-20 | 浙江工商大学 | Combining method and system for protecting power utilization privacy and integrity in smart power grid |
CN105279315A (en) * | 2015-09-29 | 2016-01-27 | 昆明理工大学 | Related analysis and Mahalanobis distance based transformer online monitoring information aggregation analysis method |
-
2019
- 2019-01-24 CN CN201910069048.0A patent/CN110049000B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8238290B2 (en) * | 2010-06-02 | 2012-08-07 | Erik Ordentlich | Compressing data in a wireless multi-hop network |
US20120197856A1 (en) * | 2011-01-28 | 2012-08-02 | Cisco Technology, Inc. | Hierarchical Network for Collecting, Aggregating, Indexing, and Searching Sensor Data |
CN104007336A (en) * | 2014-05-06 | 2014-08-27 | 昆明理工大学 | Transformer on-line monitoring information polymerization method based on internet of things |
CN104579781A (en) * | 2015-01-12 | 2015-04-29 | 浙江工商大学 | Smart power grid aggregation method and system for differential privacy security and fault tolerance |
CN104580061A (en) * | 2015-01-12 | 2015-04-29 | 浙江工商大学 | Aggregation method and system supporting fault tolerance and resisting differential attacks in smart power grid |
CN104639311A (en) * | 2015-01-12 | 2015-05-20 | 浙江工商大学 | Combining method and system for protecting power utilization privacy and integrity in smart power grid |
CN105279315A (en) * | 2015-09-29 | 2016-01-27 | 昆明理工大学 | Related analysis and Mahalanobis distance based transformer online monitoring information aggregation analysis method |
Non-Patent Citations (3)
Title |
---|
HAIYONG BAO: "A New Differentially Private Data Aggregation With Fault Tolerance for Smart Grid Communications", 《IEEE INTERNET OF THINGS JOURNAL》 * |
RONGXING LU: "A Lightweight Privacy-Preserving Data Aggregation Scheme for Fog Computing-Enhanced IoT", 《IEEE ACCESS》 * |
RONGXING LU: "Reliable and Privacy-Preserving Selective Data Aggregation for Fog-Based IoT", 《2018 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC)》 * |
Also Published As
Publication number | Publication date |
---|---|
CN110049000B (en) | 2021-11-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Kalidoss et al. | QoS aware trust based routing algorithm for wireless sensor networks | |
Chen et al. | MuDA: Multifunctional data aggregation in privacy-preserving smart grid communications | |
Bao et al. | A new differentially private data aggregation with fault tolerance for smart grid communications | |
Fouda et al. | A lightweight message authentication scheme for smart grid communications | |
CN104092668B (en) | A kind of reconfigurable network security service building method | |
CN105577356B (en) | Based on method of data capture in the smart grid protected to privacy of user | |
CN110650116B (en) | Multi-type multi-dimensional data aggregation method for security smart power grid | |
Dong et al. | An ElGamal-based efficient and privacy-preserving data aggregation scheme for smart grid | |
Alotaibi | Improved blowfish algorithm-based secure routing technique in IoT-based WSN | |
Ni et al. | EDAT: Efficient data aggregation without TTP for privacy-assured smart metering | |
Ibrahem et al. | Privacy preserving and efficient data collection scheme for AMI networks using deep learning | |
Ni et al. | Security-enhanced data aggregation against malicious gateways in smart grid | |
Zhang et al. | PARK: A privacy-preserving aggregation scheme with adaptive key management for smart grid | |
CN109347829A (en) | A kind of intelligent perception network true value discovery method based on secret protection | |
Wang et al. | Lightweight and manageable digital evidence preservation system on bitcoin | |
Haseeb et al. | Efficient data uncertainty management for health industrial internet of things using machine learning | |
Brindha et al. | Fuzzy enhanced secure multicast routing for improving authentication in MANET | |
Abdallah et al. | The impact of stealthy attacks on smart grid performance: Tradeoffs and implications | |
CN116488906A (en) | Safe and efficient model co-building method | |
CN114760023A (en) | Model training method and device based on federal learning and storage medium | |
Dong et al. | Efficient privacy‐preserving temporal and spacial data aggregation for smart grid communications | |
CN102170407A (en) | Method for realizing electronic mail credibility management on the basis of anti-fraud control logic unit | |
CN110661771B (en) | Secure smart power grid access control method and system for resisting differential attack | |
CN110049000A (en) | A kind of size space Internet of Things communication means and system of polymerization and difference safety in plain text | |
CN109889501A (en) | The method and system of multidimensional data polymerization and polygamma function analysis in a kind of communication of Internet of Things |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |