CN110233826A - Based on the method for secret protection of data obfuscation, terminal data paradigmatic system between user - Google Patents
Based on the method for secret protection of data obfuscation, terminal data paradigmatic system between user Download PDFInfo
- Publication number
- CN110233826A CN110233826A CN201910379262.6A CN201910379262A CN110233826A CN 110233826 A CN110233826 A CN 110233826A CN 201910379262 A CN201910379262 A CN 201910379262A CN 110233826 A CN110233826 A CN 110233826A
- Authority
- CN
- China
- Prior art keywords
- user
- data
- sequence
- pairing
- secret protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Abstract
The invention belongs to data-privacy protection technique fields, disclose a kind of based on the method for secret protection of data obfuscation, terminal data paradigmatic system between user;Data aggregate is completed by matching between participating user and data mixing.It is matched between user and user by authentication center, and the partial information of interaction itself segmentation is mixed, and is uploaded to polymerization site and is carried out matching aggregation.Each participating user is half believable, completes data aggregate in the case where guarantee does not reveal individual information in the present invention.Compared to the data processing method of homomorphic cryptography, the present invention has the characteristics that calculating is simple, and solves a certain link failure bring polymerization failure problem, and partial failure does not influence rest part polymerization.Multi-party computations method is compared, the present invention does not need additional server, and can guarantee that polymerization site is not conspired with user, prevents information leakage.
Description
Technical field
The invention belongs to data-privacy protection technique field more particularly to a kind of privacy guarantors based on data obfuscation between user
Maintaining method, terminal data paradigmatic system.
Background technique
Currently, the immediate prior art: in the environment of current network world data volume sends out fried formula growth, data aggregate quilt
Every field is used, in financial field, user account statistics and transaction audit need data aggregate, medical field, medical number
According to needing in aggregate set, in mobile frequency spectrum perception, collaborative sensing data are also required to be combined using the method for data aggregate
Judgement.Especially in wireless sensor network, various types of data need to collect in fringe node, and be uploaded to cloud into
Row data aggregate, sensor are usually power limited, and node is calculated, the limitation of communication and power.Sensor needs
It is cooperated in network to reduce the original data volume sent, saves the resource of such as communication bandwidth and energy etc, this luck
Link overhead can be reduced with safe and efficient data aggregation technique and calculate power challenge, guarantee the reliability of data.Data aggregate needs
It to establish and communicate between user and polymerization site, this process is once eavesdropped by malicious user, and data will be compromised, and is more had
Privacy of user may be exposed.And with the development of network application, more and more sensitive datas need to count, certain data aggregates
If process can not carry out without secret protection appropriate at all, therefore, protection data-privacy is more and more important as one
Subject under discussion.
In response to this, the considerations of some technologies joined secret protection during data aggregate.However, existing
Several different type schemes all there is respective some problems.If the prior art one is directed to the characteristic of wireless sensor network,
Consider to be used for RSA and ECC homomorphic cryptography method to protect data-privacy.Homomorphic cryptography technology guarantees data under plaintext state
Polymerization result is identical with the polymerization result under ciphertext state, and frequent encryption and decryption operation is not needed in data transmission procedure.
ECC algorithm is improved, but the problems such as there are still system complexity height and low link expansibilities, and for being based on homomorphic cryptography
This kind of technology, once netkey is cracked by illegal user.The prior art two changes the SMART algorithm divided based on data
Into, so that it is greatly improved in performance, SMART scheme data transmit when be divided into three steps, data cutting Slice, data are melted
Close Mix, data fusion Aggregate.The problem of computation complexity high The method avoids homomorphic cryptography, but work as network data
When the traffic is larger, the problem of increase there is also data link probability of damage.When a certain partial data is destroyed, overall data is also
Former difficulty is larger.Available data secret protection technology three is based on multi-party computations scheme SMC, needs additional server auxiliary
It helps, increases erection cost, in addition, SMC scheme carries out data aggregate under conditions of server and fusion center are not conspired, such as
Both fruits are conspired, then the information of all users will be leaked.
In conclusion problem of the existing technology is: the process of existing data aggregate realizes that process is complicated, expense compared with
Greatly, it needs additional third party device to assist, does not propose very good solution method aiming at the problem that part of links failure.
Solve the problems, such as the difficulty of above-mentioned technical problem: the high computation complexity of homomorphic cryptography technology bring can be based on
It is reduced in the scheme of multi-party computations, but there are still some problems brings higher computing cost and network requirement.
It solves the meaning of above-mentioned technical problem: if data can be handled using a kind of convenient and fast method, completing data aggregate, reach
The effect same to data encryption can then be protected without huge overhead under the premise of guaranteeing that network calculation power is well-to-do
Protect data-privacy.
Summary of the invention
In view of the problems of the existing technology, the present invention provides a kind of secret protection sides based on data obfuscation between user
Method, terminal data paradigmatic system.
The invention is realized in this way a kind of method for secret protection based on data obfuscation between user, described to be based on user
Between the method for secret protection of data obfuscation data aggregate is completed by matching between all participation users and data mixing, participate in using
Family and other users are matched, and the partial information of interaction itself segmentation is simultaneously mixed;Then polymerization site is uploaded to be matched
Polymerization;Participating user is half believable, requires to be communicated and polymerize according to polymerization site.
Further, the method for secret protection based on data obfuscation between user specifically includes the following steps:
Step 1, establishing includes certificate server, the network communications environment of polymerization site and user;
Step 2, all participation data aggregate users send to certificate server and participate in application;
Step 3, matches to user and generates matched sequence, and certificate server receives after user applies according to number of users
Unique and pairs of existing sequence is generated to each user;
Matched sequence is distributed to user by step 4, and certificate server sends out matched sequence and pairing user's status information
Give corresponding user;
Step 5, certificate server send the matched sequence collection of encryption to polymerization site;
Step 6, pairing user carry out pairing check, and user finds it and matches user and interaction cryptographic Hash, true if matching
Recognize pairing, otherwise will abandon;
Step 7, pairing user carry out data mixing, the partition of progress data and switching part between user are matched, by data weight
Combination nova;
Step 8 matches user for mixed data and own sequence and is sent to polymerization site;
Step 9 verifies matched data, and user's sequence of polymerization site comparative certification finds out pairing user, and correspondence is received
Data be added aggregate set;
All data by authenticating and matching polymerize by step 10, data aggregate, obtain aggregated data result.
Further, matched sequence is matched to user and generated to the step 3, and certificate server receives root after user's application
Generate unique and existing sequence in pairs method to each user according to number of users to specifically include: authentication center CA receives all
After the application of n participating user, random pair is carried out to user, it is random with being if n is even numberRight, CA generates arrangement set
K={ k1, k2..., kn, wherein ki≠kj(i ≠ j), to all ki, the k of existence anduniquessj∈ K, so thatIf n is odd number, n-1 user is paired into two-by-twoIt is right, by a remaining use
Family is added at randomThe one pair of them of centering, CA generate arrangement set K*={ k1, k2..., kn, wherein ki≠kj(i≠
J),K1=K*-{kp, kq, kr, K1Property it is identical as K;1,
2 ... n are user's serial number.
Further, the step 4 is by sequence k1, k2..., knDistribute to user u1, u2..., un, method specifically includes:
IfThen ui, ujIt is one group, authentication center CA is by sequence kiWith user ujIdentity ID be packaged, and make
Use uiPublic key encryption atIt is sent to ui;By sequence kjWith user uiIdentity ID be packaged, and use uj's
Public key encryption atIt is sent to uj;If up, uq, urIt is one group, then willIt is sent to up,
It willIt is sent to uq, willIt is sent to ur。
Further, the step 5 certificate server is specifically included to the matched sequence collection that polymerization site sends encryption: CA
Cryptographic Hash is calculated to n sequence, set is added, obtains { H (k1), h (k2) ... H (kn), and the set is used into polymerization site FC
Public key encryption, obtain EFC(H (K))=EFC({H(k1), H (k2) ... H (kn)) and be sent to FC, FC is using private key to it
Decryption, obtains matched sequence collection.
Further, the user that CA encryption information is received in the step 6, is decrypted using the private key of itself, is used
In the sequence of pairing and in the identity ID of its pairing user, into user pond to be paired, user UiIt retrieves it and matches user Uj, and
With UjInteraction cryptographic Hash H (ki), H (k if it existsj)=H (~ki), then confirm UiWith UjSuccessful matching, and exit in pairs to be paired
User pond;For up, uq, urIt is one group, similarly;If pairing user is not found after user in pond has been traversed yet, at this
Give up U in data aggregateiData participate in next round and polymerize and apply for matched sequence again.
Further, user U has been matched in the step 7iWith UjIt will be participated in the data M of polymerizationiWith MjIt carries out respectively
Variation, UiBy MiSplit into Mi=Mi1+Mi2, UjBy data MjIt is split, Mj=Mj1+Mj2, UiAnd UjExchange Mi1And Mj1, and will
Data reconfigure are as follows: Ui: Mi'=Mj1+Mi2, Uj: Mj'=Mi1+Mj2;For the U of three users pairingp、UqAnd Ur, counted
According to splitting M respectivelyp=Mp1+Mp2, Mq=Mq1+Mq2, Mr=Mr1+Mr2, and reconfigure are as follows: Mp'=Mq1+Mp2, Mq'=Mr1+Mq2,
Mr'=Mp1+Mr2。
Further, mixed data and self pair sequence are respectively packaged by user in the step 8, use FC's
E is obtained after public key encryptionFC(ki, M 'i), issue FC;
FC decrypts the user data received using private key in the step 9, by verify its matched sequence verify its come
The legitimacy in source, and the pairing user of the user is found, polymerization set Ag is added in a pair of of blended data.If not receiving pairing to use
The data at family, then this abandons data;
All certification paired data such as step 9 received polymerize by FC in the step 10, obtain bulk polymerization number
According to result.
Another object of the present invention is to provide the method for secret protection based on data obfuscation between user described in a kind of application
Terminal data paradigmatic system.
Another object of the present invention is to provide the method for secret protection based on data obfuscation between user described in a kind of application
Information data processing terminal.
In conclusion advantages of the present invention and good effect are as follows: the data aggregate method for secret protection base that the present invention uses
It is calculated in multi-party, between each user in all half believable situation, restricts thought using mutual, by between user being several
Data-privacy is protected according to mixing.Once there are user and polymerization site to conspire to obtain the information of other users, this user's itself
Data also will leakage.
Since the overall data value of single user is related to its privacy information, and after this data is split, by dividing
Data cannot get the associated privacy data information of user completely.The user of each participation matches with other users, interaction
Blended data is uploaded to polymerization site by mixing by the partial information itself being partitioned into.Polymerization site is according to the data received
Matching aggregation is carried out, if being lost certain link information, only the data that the user matches user with it can be lost, without influencing remaining
The polymerization of the data of user.If polymerization site wants that A must by conspiring to obtain the data with A pairing user B with certain user A
The data that must first stick one's chin out, therefore, A do not reveal the motivation of the data of B.It ensure that polymerization site is not conspired with user.
It is the index for three kinds of technologies that method for secret protection and background technique based on data obfuscation between user are mentioned below
Comparison.Hereinafter referred to as this technology, technology one, technology two, technology three.N user of comparison transmits data aggregate when vbits data
Situation.It can be seen that the low feature of computation complexity of the present invention and giving up the high feature of mechanism bring data aggregate feasibility and having obviously
It embodies.
Detailed description of the invention
Fig. 1 is the method for secret protection flow chart provided in an embodiment of the present invention based on data obfuscation between user.
Fig. 2 is application scenarios schematic diagram provided in an embodiment of the present invention.
Fig. 3 is the method for secret protection realization principle signal provided in an embodiment of the present invention based on data obfuscation between user
Figure.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention
It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to
Limit the present invention.
Realize that process is complicated for the process of existing data aggregate, expense is larger, needs additional third party device auxiliary
The problem of helping, not proposing very good solution method aiming at the problem that part of links failure.The data aggregate that the present invention uses is hidden
Private guard method is based on multi-party calculating, between each user in all half believable situation, restricts thought using mutual, passes through use
Between family is data mixing to protect data-privacy.
Application principle of the invention is explained in detail with reference to the accompanying drawing.
As shown in Figure 1, the method for secret protection provided in an embodiment of the present invention based on data obfuscation between user includes following
Step:
S101: establishing includes certificate server, the network communications environment of polymerization site and user;
S102: all participation data aggregate users send to certificate server and participate in application;
S103: matching to user and generate matched sequence, and certificate server receives after user applies according to number of users pair
Each user generates unique and pairs of existing sequence;
S104: matched sequence is distributed into user, certificate server sends matched sequence and pairing user's status information
To corresponding user;
S105: certificate server sends the matched sequence collection of encryption to polymerization site;
S106: pairing user carries out pairing check, and user finds it and matches user and interaction cryptographic Hash, confirms if matching
Otherwise pairing will abandon;
S107: pairing user carries out data mixing, matches the partition of progress data and switching part between user, again by data
Combination;
S108: mixed data and own sequence are sent to polymerization site by pairing user;
S109: verifying matched data, user's sequence of polymerization site comparative certification find out pairing user, and correspondence is received
Aggregate set is added in data;
S110: all data by authenticating and matching polymerize by data aggregate, obtain aggregated data result.
Application principle of the invention is further described with reference to the accompanying drawing.
As shown in Fig. 2, application scenarios of the invention are the data aggregate processes in communication network, network includes participating in polymerization
User, polymerization site FC, certificate server CA.The user for needing to participate in polymerization submits to CA to be applied, CA generates matched sequence
User is distributed to, and is sent to FC, matches and blended data is sent to FC after carrying out data mixing between user, FC is verified simultaneously
Polymerization.The overall data value of single user is related to its privacy information, and after this data is split, it is complete by the data divided
The associated privacy data information that cannot get user entirely protects data-privacy safe.
As shown in figure 3, the method for secret protection provided in an embodiment of the present invention based on data obfuscation between user specifically includes
Following steps:
The case where step 1 establishes network communications environment, and the present invention relates to two user's pairings and three user's pairings,
It needs to be taken into account when number of users is arranged.
Step 2, unpaired user send application to CA and polymerization are added,
Step 3 after authentication center CA receives the application of all n participating users, generates pairing sequence according to the parity of n
Participating user is matched at random if n is even number and is by columnRight, CA generates arrangement set K={ k1, k2..., kn, wherein ki≠kj
(i ≠ j), to all ki, the k of existence anduniquessj∈ K, so thatIf n is odd number, n-1 is used
Family is paired into two-by-twoIt is right, a remaining user is added at randomThe one pair of them of centering, CA generate sequence
Set K*={ k1, k2..., kn, wherein ki≠kj(i ≠ j),K1=
K*-{kp, kq, kr, K1Property it is identical as K.
Step 4, ifThen ui, ujIt is set as one group, authentication center CA is by sequence kiWith user uj
Identity ID be packaged, and use uiPublic key encryption atIt is sent to ui;By sequence kjWith user uiIdentity
ID is packaged, and uses ujPublic key encryption atIt is sent to uj.If up, uq, urIt is one group, then willIt is sent to up, willIt is sent to uq, willIt is sent to ur.Each use
After the data secret that family is sent CA using the private key of oneself, the matched sequence and pairing user identity ID of oneself are obtained, is used for
Later retrieval.It avoids pairing User ID to a certain extent using client public key encryption to reveal, listener-in is difficult to crack each use
The private key at family.
Step 5, CA calculate cryptographic Hash to matched sequence, reuse the public key encryption of polymerization site FC, obtain EFC(H
(K))=EFC({H(k1), H (k2) ... H (kn)) it is sent to FC, FC decrypts it using private key, obtains the pairing of each user
Sequence sets.Hash check is irreversible procedure, even if H (K) is ravesdropping, listener-in also can not reverse push export user's sequence and mould
It is quasi-, it ensure that safety.
Step 6, the user for possessing matched sequence enter user pond to be paired, user UiIt is retrieved in pond matches user Uj
ID, calculate the cryptographic Hash and U of own sequencejIt interacts, if it exists H (kj)=H (~ki), H (ki)=H (~kj), then confirm Ui
With UjUser pond to be paired is exited in successful matching in pairs;For up, uq, urIt is one group, similarly;If user is by user time in pond
Pairing user is not found after having gone through yet, then gives up U in this data aggregateiData.But it can apply matching again in next round
To sequence and participate in polymerizeing.
Step 7 has matched user UiWith UjIt will be participated in the data M of polymerization respectivelyiWith MjIt is changed, UiBy MiIt tears open
It is divided into Mi=Mi1+Mi2, UjBy data MjIt is split, Mj=Mj1+Mj2, UiAnd UjExchange Mi1And Mj1, and data are reconfigured
Are as follows: Ui: Mi'=Mj1+Mi2, Uj: Mj'=Mi1+Mj2;For the U of three users pairingp、UqAnd Ur, its data is split into M respectivelyp
=Mp1+Mp2, Mq=Mq1+Mq2, Mr=Mr1+Mr2, and reconfigure are as follows: Mp'=Mq1+Mp2, Mq'=Mr1+Mq2, Mr'=Mp1+Mr2。
The blended data that each user possesses does not have truthful data feature.
Mixed data and self pair sequence are respectively packaged by step 8, user, using sending after the public key encryption of FC
To FC,
Step 9, the data that FC sends user are decrypted using private key, are verified its matched sequence and are verified the legal of its source
Property.According to above step, even if listener-in imitates user's attack, it is also not possible to complete sequences match.FC finds matching for the user
To user, polymerization set Ag is added in blended data.If not receiving the data of pairing user, this abandons data, and the user is also
Next round polymerization can be added.
Step 10, all certification paired data polymerizations as described in step 9 that FC will be received, according to data in legacy network
Type fusion method obtains bulk polymerization data result.
Effect of the invention is further described below with reference to specific experiment.
1. experiment condition
This experiment is in wireless frequency spectrum perception scene.Platform is divided into perception data and obtains and data processing two parts, perception
Data acquisition platform is USRP hardware adaptor combination GNU Radio environment, and data processing uses Matlab2014a.
2. experimental result and analysis
The present invention is emulated using USRP, 11 local perception datas for selecting time user 1 to arrive time user 11 to primary user.If
Attacker intercepts and captures above data, can position to secondary user.The accurate positioning obtained in the experiment of Matlab software emulation
Rate is 90%.
Above 11 data are divided into four groups two one group and one group of ternary data to form, using of the invention
Technology, data obfuscation and FC data aggregate between analog subscriber, perception data polymerization result can successfully be obtained by finally simulating FC.When
These data obscured leak, and are modeled attacker for time user positioning, locating accuracy is lower than 5%.User position
Privacy is set successfully to be protected.
In experiment, the data aggregate network model of foundation faces the threat of data-privacy leakage.Data aggregate user with
Communication is established between polymerization site, this process is once eavesdropped by malicious user, and data will be compromised, and more likely exposure is used
Family privacy.And with the development of network application, more and more sensitive datas need to count, if certain data aggregate processes do not have
There is secret protection appropriate that can not carry out at all.The problems such as that there are realization processes is complicated for existing technology, and expense is larger, usually needs
It wants additional third party device to assist, does not propose very good solution method aiming at the problem that part of links failure.The present invention is logical
The matching crossed between user and data mixing complete data aggregate, and participating user matches with other users and interacts itself segmentation
Partial information mixed, be uploaded to polymerization site carry out matching aggregation, exposed data are not real information, guarantee data
The safety of polymerization process.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.
Claims (10)
1. a kind of method for secret protection based on data obfuscation between user, which is characterized in that described based on data obfuscation between user
Method for secret protection data aggregate, participating user and other use are completed by matching between all participation users and data mixing
Family pairing, the partial information of interaction itself segmentation are simultaneously mixed;Then it is uploaded to polymerization site and carries out matching aggregation;It participates in using
Family is half believable, requires to be communicated and polymerize according to polymerization site.
2. the method for secret protection as described in claim 1 based on data obfuscation between user, which is characterized in that described based on use
Between family data obfuscation method for secret protection specifically includes the following steps:
Step 1, establishing includes certificate server, the network communications environment of polymerization site and user;
Step 2, all participation data aggregate users send to certificate server and participate in application;
Step 3, matches to user and generates matched sequence, and certificate server receives after user applies according to number of users to every
A user generates unique and pairs of existing sequence;
Matched sequence is distributed to user by step 4, and matched sequence and pairing user's status information are sent to by certificate server
Corresponding user;
Step 5, certificate server send the matched sequence collection of encryption to polymerization site;
Step 6, pairing user carry out pairing check, and user finds it and matches user and interaction cryptographic Hash, confirms if matching and match
It is right, otherwise it will abandon;
Step 7, pairing user carry out data mixing, the partition of progress data and switching part between user are matched, by data again group
It closes;
Step 8 matches user for mixed data and own sequence and is sent to polymerization site;
Step 9 verifies matched data, and user's sequence of polymerization site comparative certification finds out pairing user, by the corresponding number received
According to addition aggregate set;
All data by authenticating and matching polymerize by step 10, data aggregate, obtain aggregated data result.
3. the method for secret protection as claimed in claim 2 based on data obfuscation between user, which is characterized in that the step 3
Matched sequence is matched and generated to user, and certificate server generates only each user according to number of users after receiving user's application
One and the method for existing sequence specifically includes in pairs: after authentication center CA receives the application of all n participating users, to user
Random pair is carried out, it is random with being if n is even numberRight, CA generates arrangement set K={ k1, k2..., kn, wherein ki≠
kj(i ≠ j), to all ki, the k of existence anduniquessj∈ K, so thatIf n is odd number, n-1 is used
Family is paired into two-by-twoIt is right, a remaining user is added at randomThe one pair of them of centering, CA generate sequence
Set K*={ k1, k2..., kn, wherein ki≠kj(i ≠ j),kp, kq, kr∈ K, K1=
K*-{kp, kq, kr, K1Property it is identical as K;1,2......n is user's serial number.
4. the method for secret protection as claimed in claim 2 based on data obfuscation between user, which is characterized in that the step 4
By sequence k1, k2..., knDistribute to user u1, u2..., un, method specifically includes: ifThen
ui, ujIt is one group, authentication center CA is by sequence kiWith user ujIdentity ID be packaged, and use uiPublic key encryption atIt is sent to ui;By sequence kjWith user uiIdentity ID be packaged, and use ujPublic key encryption atIt is sent to uj;If up, uq, urIt is one group, then willIt is sent to up, willIt is sent to uq, willIt is sent to ur。
5. the method for secret protection as claimed in claim 2 based on data obfuscation between user, which is characterized in that the step 5
Certificate server is specifically included to the matched sequence collection that polymerization site sends encryption: CA calculates cryptographic Hash to n sequence and collection is added
It closes, obtains { H (k1), H (k2) ... H (kn), and the set is obtained into E using the public key encryption of polymerization site FCFC(H(K))
=EFC({H(k1), H (k2) ... H (kn)) and be sent to FC, FC decrypts it using private key, obtains matched sequence collection.
6. the method for secret protection as claimed in claim 2 based on data obfuscation between user, which is characterized in that the step 6
In receive the user of CA encryption information, decrypted using the private key of itself, obtain using for the sequence of pairing and in its pairing
The identity ID at family, into user pond to be paired, user UiIt retrieves it and matches user Uj, and and UjInteraction cryptographic Hash H (ki), if depositing
In H (kj)=H (~ki), then confirm UiWith UjSuccessful matching, and user pond to be paired is exited in pairs;For up, uq, urIt is one group
, similarly;If not finding pairing user after user in pond has been traversed yet, give up U in this data aggregateiData, ginseng
It polymerize with next round and applies for matched sequence again.
7. the method for secret protection as claimed in claim 2 based on data obfuscation between user, which is characterized in that the step 7
In matched user UiWith UjIt will be participated in the data M of polymerizationiWith MjIt is changed respectively, UiBy MiSplit into Mi=Mi1+Mi2,
UjBy data MjIt is split, Mj=Mj1+Mj2, UiAnd UjExchange Mi1And Mj1, and data are reconfigured are as follows: Ui: Mi'=Mj1+
Mi2, Uj: Mj'=Mi1+Mj2;For the U of three users pairingp、UqAnd Ur, its data is split into M respectivelyp=Mp1+Mp2, Mq=Mq1
+Mq2, Mr=Mr1+Mr2, and reconfigure are as follows: Mp'=Mq1+Mp2, Mq'=Mr1+Mq2, Mr'=Mp1+Mr2。
8. the method for secret protection as claimed in claim 2 based on data obfuscation between user, which is characterized in that the step 8
Mixed data and self pair sequence are respectively packaged by middle user, using obtaining E after the public key encryption of FCFC(ki, M 'i),
Issue FC;
FC decrypts the user data received using private key in the step 9, verifies its source by verifying its matched sequence
Legitimacy, and the pairing user of the user is found, polymerization set Ag is added in a pair of of blended data;If not receiving pairing user's
Data, then this abandons data;
All certification paired data such as step 9 received polymerize by FC in the step 10, obtain bulk polymerization data knot
Fruit.
9. a kind of terminal using based on the method for secret protection of data obfuscation between user described in claim 1~8 any one
Data aggregate system.
10. a kind of letter using based on the method for secret protection of data obfuscation between user described in claim 1~10 any one
Cease data processing terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910379262.6A CN110233826B (en) | 2019-05-08 | 2019-05-08 | Privacy protection method based on data confusion among users and terminal data aggregation system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910379262.6A CN110233826B (en) | 2019-05-08 | 2019-05-08 | Privacy protection method based on data confusion among users and terminal data aggregation system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110233826A true CN110233826A (en) | 2019-09-13 |
| CN110233826B CN110233826B (en) | 2021-09-03 |
Family
ID=67861189
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910379262.6A Active CN110233826B (en) | 2019-05-08 | 2019-05-08 | Privacy protection method based on data confusion among users and terminal data aggregation system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110233826B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112367170A (en) * | 2021-01-12 | 2021-02-12 | 四川新网银行股份有限公司 | Data hiding query security sharing system and method based on multi-party security calculation |
| CN113660197A (en) * | 2021-07-02 | 2021-11-16 | 西安电子科技大学广州研究院 | Obfuscated data aggregation privacy protection method, system, device, medium and terminal |
| CN113886458A (en) * | 2021-09-23 | 2022-01-04 | 浙江至元数据科技有限公司 | Distributed hiding query method and system based on task aggregation |
| CN114615024A (en) * | 2022-02-22 | 2022-06-10 | 北京理工大学 | Data aggregation system and method for protecting privacy without trusted authority |
| CN115688185A (en) * | 2022-12-30 | 2023-02-03 | 成方金融科技有限公司 | Multi-party privacy summation method and device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104967517A (en) * | 2015-07-24 | 2015-10-07 | 电子科技大学 | Network data aggregation method for wireless sensor |
| CN108683493A (en) * | 2018-05-04 | 2018-10-19 | 西安电子科技大学 | The data aggregation method of secret protection is provided in a kind of intelligent grid |
| CN108769023A (en) * | 2018-05-30 | 2018-11-06 | 苏州大学 | A kind of method for secret protection and system applied to intelligent perception |
-
2019
- 2019-05-08 CN CN201910379262.6A patent/CN110233826B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104967517A (en) * | 2015-07-24 | 2015-10-07 | 电子科技大学 | Network data aggregation method for wireless sensor |
| CN108683493A (en) * | 2018-05-04 | 2018-10-19 | 西安电子科技大学 | The data aggregation method of secret protection is provided in a kind of intelligent grid |
| CN108769023A (en) * | 2018-05-30 | 2018-11-06 | 苏州大学 | A kind of method for secret protection and system applied to intelligent perception |
Non-Patent Citations (2)
| Title |
|---|
| JIANWEI QIAN: ""Privacy-Preserving Selective Aggregation of Online User Behavior Data"", 《IEEE TRANSACTIONS ON COMPUTERS》 * |
| XIAOYING ZHANG等: ""Rotation-based Privacy-preserving Data Aggregation in Wireless Sensor Networks"", 《2014 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATION(ICC)》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112367170A (en) * | 2021-01-12 | 2021-02-12 | 四川新网银行股份有限公司 | Data hiding query security sharing system and method based on multi-party security calculation |
| CN113660197A (en) * | 2021-07-02 | 2021-11-16 | 西安电子科技大学广州研究院 | Obfuscated data aggregation privacy protection method, system, device, medium and terminal |
| CN113886458A (en) * | 2021-09-23 | 2022-01-04 | 浙江至元数据科技有限公司 | Distributed hiding query method and system based on task aggregation |
| CN114615024A (en) * | 2022-02-22 | 2022-06-10 | 北京理工大学 | Data aggregation system and method for protecting privacy without trusted authority |
| CN114615024B (en) * | 2022-02-22 | 2023-04-18 | 北京理工大学 | Data aggregation system and method for protecting privacy without trusted authority |
| CN115688185A (en) * | 2022-12-30 | 2023-02-03 | 成方金融科技有限公司 | Multi-party privacy summation method and device, electronic equipment and storage medium |
| CN115688185B (en) * | 2022-12-30 | 2023-04-28 | 成方金融科技有限公司 | Multiparty privacy summation method, multiparty privacy summation device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110233826B (en) | 2021-09-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110233826A (en) | Based on the method for secret protection of data obfuscation, terminal data paradigmatic system between user | |
| Sadhukhan et al. | A secure and privacy preserving lightweight authentication scheme for smart-grid communication using elliptic curve cryptography | |
| Boyd et al. | Protocols for authentication and key establishment | |
| US7725730B2 (en) | Cryptographic methods and apparatus for secure authentication | |
| CN103095696B (en) | A kind of authentication and cryptographic key negotiation method being applicable to power information acquisition system | |
| Frankel et al. | Security issues in a CDPD wireless network | |
| CN105577377B (en) | The authentication method and system of identity-based with key agreement | |
| CN102017510A (en) | Method and structure for self-sealed joint proof-of-knowledge and Diffie-Hellman key-exchange protocols | |
| CN109194523A (en) | The multi-party diagnostic model fusion method and system, cloud server of secret protection | |
| Wang et al. | A secure and efficient multiserver authentication and key agreement protocol for internet of vehicles | |
| CN103023911A (en) | Authentication method for access of trusted network devices to trusted network | |
| CN102685749A (en) | Wireless safety authentication method orienting to mobile terminal | |
| CN103118363A (en) | Method, system, terminal device and platform device of secret information transmission | |
| CN109756877A (en) | A kind of anti-quantum rapid authentication and data transmission method of magnanimity NB-IoT equipment | |
| CN107360124A (en) | Access authentication method and device, WAP and user terminal | |
| Huang et al. | An efficient ECC-based authentication scheme against clock asynchronous for spatial information network | |
| Kumar et al. | A secure and efficient authentication protocol for wireless applications in multi-server environment | |
| Costea et al. | Secure opportunistic multipath key exchange | |
| Wu et al. | Efficient authentication for Internet of Things devices in information management systems | |
| Yan et al. | A certificateless efficient and secure group handover authentication protocol in 5G enabled vehicular networks | |
| CN101938491B (en) | Password-based three-party key exchange method | |
| CN115459975A (en) | Certificate-free access authentication method for industrial edge equipment based on Chebyshev polynomial | |
| Zhang et al. | Dssp: Efficient dual-server secret sharing protocol based on password authentication for cloud storage services | |
| Zhang et al. | Mobile payment protocol based on dynamic mobile phone token | |
| Wang et al. | A provable secure and lightweight ECC-based authenticated key agreement scheme for edge computing infrastructure in smart grid |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |