CN110460570A - A kind of smart grid data ciphering method and decryption method with forward security - Google Patents

A kind of smart grid data ciphering method and decryption method with forward security Download PDF

Info

Publication number
CN110460570A
CN110460570A CN201910592762.8A CN201910592762A CN110460570A CN 110460570 A CN110460570 A CN 110460570A CN 201910592762 A CN201910592762 A CN 201910592762A CN 110460570 A CN110460570 A CN 110460570A
Authority
CN
China
Prior art keywords
intelligent electric
electric meter
signature
ciphertext
smart grid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910592762.8A
Other languages
Chinese (zh)
Other versions
CN110460570B (en
Inventor
王远亮
李肯立
徐晓阳
杨志邦
时晴
刘俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Kuangan Network Technology Co ltd
Original Assignee
Hunan Kuangan Network Technology Co Ltd
Hunan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Kuangan Network Technology Co Ltd, Hunan University filed Critical Hunan Kuangan Network Technology Co Ltd
Priority to CN201910592762.8A priority Critical patent/CN110460570B/en
Publication of CN110460570A publication Critical patent/CN110460570A/en
Application granted granted Critical
Publication of CN110460570B publication Critical patent/CN110460570B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/06Energy or water supply
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Economics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Human Resources & Organizations (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Analysis (AREA)
  • Algebra (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Public Health (AREA)
  • Water Supply & Treatment (AREA)
  • Pure & Applied Mathematics (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Small-Scale Networks (AREA)
  • Remote Monitoring And Control Of Power-Distribution Networks (AREA)

Abstract

The invention discloses a kind of smart grid data ciphering method with forward security, it include: that control centre registers the aggregation gateway after receiving the registration request that aggregation gateway is sent to it, and the public key K for being used for encrypting plaintext data is sent to the aggregation gateway, aggregation gateway is receiving i-th of intelligent electric meter IiThe intelligent electric meter is registered after the registration request being sent to it, and sends public key K to the intelligent electric meter, and counter j=0 is set, judges whether j is less than or equal to period of time T, if it is i-th of intelligent electric meter IiIt selects the ID number of its own and generates random number ti,j, according to random number ti,jCalculate time reference variable Ri,jAnd openly, and by random number ti,j, the ID number ID of its owniWith time reference variable Ri,jIt is sent to control centre.The present invention updates signature private key in the fixed period, ensure that the forward security of signing messages, while the polymerization and verifying of digital signature are completed in the case where not using Bilinear map.

Description

A kind of smart grid data ciphering method and decryption method with forward security
Technical field
The invention belongs to smart grid security technical fields, more particularly, to a kind of intelligence with forward security Electric network data encryption method and decryption method.
Background technique
Smart grid is that a kind of modernization that the technologies such as communication, sensing, automation, computer, control combine together is defeated Electric network.Smart grid utilizes the communication technology by the electricity usage situation number of the power supply status data of feed end and user terminal According to being collected, achieve the purpose that reduce loss, energy saving and enhancing communication system of power grids safety by coordinating and controlling.As One of the important public infrastructure of countries and cities development now, smart grid have safe and reliable, two-way interactive, economic height The features such as effect, compatible and self-healing.In recent years, due to the rapid development of China's economy and the network technology, China is each to electric system The demand of aspect is being continuously improved, and intelligent Process is also constantly promoting, and simultaneously, the safety problem of smart grid is also increasingly Paid attention to.
There are a larger automation control management system in smart grid, it is by many a control centres, use The composition such as family and various equipment.Wherein each control centre manages the power grid of a corresponding region, including this region Various equipment and user.Equip various sensors in power grid and intelligent electric meter be responsible for real-time monitoring power grid operating status and User power utilization data are collected, and these information are submitted into control centre's processing in time.Wherein, the intelligent electric meter of user is the same as control There are two-way information flow between center processed, two-way information flow allows user to understand electricity price and power failure in real time by the communication technology Equal every terms of information, to make the electricity consumption plan for being suitble to itself;On the other hand, control centre also can provide user for Utilities Electric Co. Electricity consumption data, facilitate Utilities Electric Co. carry out Real-Time Pricing and balanced load etc. control.But current most of intelligent electric meters are all To be interacted in the form of plaintext with control centre, the safety of data not arrive due guarantee, the privacy of user is believed Breath is easy to be leaked.It on the other hand is often in many-to-one pass with control centre since the intelligent electric meter of user terminal is large number of A possibility that system can bring pressure when a large amount of user data pours in control centre to control centre, and congestion occurs can increase Greatly, it will largely effect on network performance.
Both at home and abroad and proposed numerous electric network data polymerizations in recent years, for ensureing the safety of data transmission, And the performance of transmission network is improved, there are three types of one of the most common polymerizations: polymerization technique based on homomorphic cryptography is based on nothing The encryption aggregating algorithm of Bilinear map and the aggregate signature method based on Key-insulated;However, above-mentioned three kinds of polymerizations are equal Have the defects that some can not ignore: since homomorphic cryptography will use Bilinear map, the expense of calculating process is big;Based on unparalleled Key pair in linear pair of encryption aggregating algorithm for digital signature remains unchanged in entire communication process, once key quilt It steals, data-privacy will be leaked;Aggregate signature method based on Key-insulated introduces helper, will increase equipment and opens Pin, while there is also keys to be easy the problem of revealing.
Summary of the invention
Aiming at the above defects or improvement requirements of the prior art, the present invention provides a kind of intelligence with forward security Electric network data encryption method and decryption method and decryption method, it is intended that solving to deposit in existing electric network data polymerization Computing cost is big, key is easy the technical problem being stolen, cost of device is big.
To achieve the above object, according to one aspect of the present invention, a kind of intelligence electricity with forward security is provided Network data encryption method is to apply to need in the smart grid including multiple intelligent electric meters, multiple aggregation gateways and control centre Ask in side, the smart grid data ciphering method the following steps are included:
(1) control centre registers the aggregation gateway after receiving the registration request that aggregation gateway is sent to it, and to this Aggregation gateway sends the public key K for being used for encrypting plaintext data;
(2) aggregation gateway is receiving i-th of intelligent electric meter IiThe intelligent electric meter is registered after the registration request being sent to it, And public key K is sent to the intelligent electric meter;Wherein [1, n] i ∈, n indicate the sum of intelligent electric meter in smart grid Demand-side;
(3) counter j=0 is set;
(4) judge whether j is less than or equal to period of time T, if yes then enter step (5), else process terminates;
(5) i-th of intelligent electric meter IiSelect the ID number ID of its owni∈ { 0,1 }*, and generate random numberRoot According to random number tI, jCalculate time reference variable RI, j=tI, jP and openly, and by random number tI, j, the ID number ID of its owniAnd when Between reference variable RI, jIt is sent to control centre;Wherein subscript i, j indicate i-th of intelligent electric meter in j-th of period, IDiIt indicates The ID number of i-th of intelligent electric meter,The cyclic group for representing less than q and constituting with q coprime integer, P indicate addition cyclic group G1 Generation member, and G1It is q for order, generates the addition cyclic group that member is P.
(6) control centre is according to the random number t from intelligent electric meterI, j, ID number IDiWith time reference variable RI, jCalculate label Name private key DI, j=tI, j+sH1(IDi, RI, j) it is used as current secret key;
(7) control centre is by current secret key DI, jI-th of intelligent electric meter I is sent to by safe lanei, wherein H1() table Show the first hash function, andS indicates master key, and has
(8) i-th of intelligent electric meter IiAccording to the current secret key D receivedI, jVerify whether it is effective private key, if it is Effective private key, then according to random number tI, jAnd time reference variable R is generated by way of iterationI, j+ 1=tI, j+1P is calculated DI, j+1=DI, j+(tI, j+1-tI, j) * P*K, and D is used respectivelyI, j+1And tI, j+1Substitute DI, jAnd tI, j, subsequently into step (9), such as Fruit is not effective private key, then return step (4);Wherein intermediate variable
(9) i-th of intelligent electric meter IiAccording to time reference variable RI, jTo its user data m to be dealt withiIt is encrypted, It is signed using result of the elliptic curve to encryption, and signature result is sent to aggregation gateway;
(10) aggregation gateway is according to from i-th of intelligent electric meter IiSignature result judge user data miCorresponding user It whether is legitimate user, if yes then enter step (9), else process terminates;
(11) aggregation gateway polymerize the signature from w intelligent electric meter j-th of period having been received, To obtain the polymerization result S that signsi:
(12) ciphertext of the aggregation gateway to w intelligent electric meter j-th of period polymerize, to obtain ciphertext polymerization knot Fruit Cj, and by ciphertext polymerization result CjWith signature polymerization result SjIt is sent to control centre;
(13) counter j=j+1, and return step (4) are set.
Preferably, judge current secret key DI, jIt whether be effective private key is by judging DI, jP==RI, j+P*K*H1(IDi, RI, j) whether realized at Rob Roy, D is indicated if setting upI, jEffectively, otherwise indicate that it is invalid.
Preferably, elliptic curve used in step (9) is SM2 elliptic curve, and step (9) includes following Sub-step:
(9-1) i-th of intelligent electric meter IiBy its user data m to be dealt withiIt is encoded to elliptic curve EpOn a point Mi, and integer r one big is generated at randomi, wherein ri< n, n indicate the length of encryption key used in elliptic curve;
(9-2) i-th of intelligent electric meter IiAccording to the point M on step (7-1)iAnd the big integer r generated generates ciphertext CI, j =(CI, CII), the wherein first part C of ciphertextI=Mi+riK, the second part C of ciphertextII=riG, G are indicated on elliptic curve Basic point.
(9-3) i-th of intelligent electric meter IiGenerate random numberAccording to the random number y of generationI, jObtain signature Second part YI, j=yI, jP, according to the second part Y of obtained signatureI, jObtain the Part III v of signatureI, j=H3(IDi, mi, YI, j), according to the Part III v of signatureI, jWith random number yI, jObtain the first part X of signatureI, j=yI, j+DI, jvI, j, and according to First part, second part and the Part III of obtained signature obtain i-th of intelligent electric meter IiJ-th of period pair User data m to be dealt withiSignature SI, j={ XI, j, YI, j, vI, j};
(9-4) i-th of intelligent electric meter IiThe ciphertext C that step (7-2) is generatedI, jThe signature S generated with step (7-3)I, j As the result (C after signatureI, j, SI, j) it is sent to aggregation gateway.
Preferably, verify whether user is legitimate user, said if setting up by judging whether following equation is true Bright user is legitimate user, otherwise indicates that the user is illegal user:
XI, jP==YI, j+(RI, j+P*K*H1(IDi, RI, j))vI, j
Preferably, ciphertext polymerization result CjCalculating process it is as follows:
It is another aspect of this invention to provide that providing a kind of intelligence electricity corresponding with above-mentioned smart grid data ciphering method Network data decryption method, comprising the following steps:
(1) control centre judges the ciphertext polymerization result C from aggregation gatewayjWith signature polymerization result SjIt is whether reliable, such as Fruit is reliably then transferred to step (2), otherwise by ciphertext polymerization result CjWith signature polymerization result SjIt abandons, then process terminates;
(2) control centre is using private key k to ciphertext polymerization result CjIt is decrypted, with the point M after being decrypted, to decryption Point M afterwards is decoded, to obtain plaintext m.
Preferably, judge ciphertext polymerization result CjWith signature polymerization result SjIt is whether reliable, it is from signature polymerization result first SjExtract parameter X thereinjAnd Yj, then judge whether following equation is true according to the parameter extracted, said if setting up Bright result is reliable, otherwise illustrates that result is unreliable:
XjP==Yj+(RI, j+P*K*H1(IDi, RI, j))vj
Preferably, using private key k to ciphertext polymerization result CjBe decrypted is using following equation:
M=Mi+ri*K-k*ri*G。
It is another aspect of this invention to provide that a kind of smart grid data encryption system with forward security is provided, It is to apply in the smart grid Demand-side for including multiple intelligent electric meters, multiple aggregation gateways and control centre, the intelligence Electric network data encryption system includes:
First module is arranged in control centre, for after receiving the registration request that aggregation gateway is sent to it The aggregation gateway is registered, and sends the public key K for being used for encrypting plaintext data to the aggregation gateway;
Second module is arranged in aggregation gateway, for receiving i-th of intelligent electric meter IiThe registration being sent to it The intelligent electric meter is registered after request, and sends public key K to the intelligent electric meter;Wherein [1, n] i ∈, n indicate smart grid Demand-side The sum of middle intelligent electric meter;
Third module is set to i-th of intelligent electric meter IiIn, for counter j=0 to be arranged;
4th module is set to i-th of intelligent electric meter IiIn, for judging whether j is less than or equal to period of time T, such as Fruit is then to enter the 5th module, and else process terminates;
5th module is set to i-th of intelligent electric meter IiIn, for selecting its own ID number IDi∈ { 0,1 }*, and Generate random numberAccording to random number tI, jCalculate time reference variable RI, j=tI, jP and openly, and by random number tI, j, the ID number ID of its owniWith time reference variable RI, jIt is sent to control centre;Wherein subscript i, j indicate i-th of intelligence electricity Table is in j-th of period, IDiIndicate the ID number of i-th of intelligent electric meter,It represents less than q and is followed with what q coprime integer was constituted Ring group, P indicate addition cyclic group G1Generation member, and G1It is q for order, generates the addition cyclic group that member is P.
6th module, is set in control centre, for according to the random number t from intelligent electric meterI, j, ID number IDiWith Time reference variable RI, jCalculate the signature private key DI, j=tI, j+sH1(IDi, RI, j) it is used as current secret key;
7th module, is set in control centre, is used for current secret key DI, jI-th of intelligence is sent to by safe lane It can ammeter Ii, wherein H1() indicates the first hash function, andS indicates master key, and has
8th module is set to i-th of intelligent electric meter IiIn, for according to the current secret key D receivedI, jVerify it It whether is effective private key, if it is effective private key, then according to random number tI, jAnd time reference variable is generated by way of iteration RI, j+1=tI, j+1P calculates DI, j+1=DI, j+(tI, j+1-tI, j) * P*K, and D is used respectivelyI, j+1And tI, j+1Substitute DI, jAnd tI, j, then Into the 9th module, if not effective private key, then the 4th module is returned to;Wherein intermediate variable
9th module is set to i-th of intelligent electric meter IiIn, for according to time reference variable RI, jTo at it The user data m of reasoniIt is encrypted, is signed using result of the elliptic curve to encryption, and signature result is sent To aggregation gateway;
Tenth module, is set in aggregation gateway, for according to from i-th of intelligent electric meter IiSignature result judgement User data miWhether corresponding user is legitimate user, and if yes then enter the 11st module, else process terminates;
11st module, is set in aggregation gateway, for coming from w intelligent electric meter in jth to what is had been received The signature of a period is polymerize, to obtain the polymerization result S that signsj:
12nd module, is set in aggregation gateway, for w intelligent electric meter j-th of period ciphertext into Row polymerization, to obtain ciphertext polymerization result Cj, and by ciphertext polymerization result CjWith signature polymerization result SjIt is sent to control centre;
13rd module, is set in control centre, for counter j=j+1 to be arranged, and returns to the 4th module.
It is another aspect of this invention to provide that providing a kind of intelligence electricity corresponding with above-mentioned smart grid data encryption system Network data decryption system, comprising:
14th module, is set in control centre, for judging the ciphertext polymerization result C from aggregation gatewayjWith Sign polymerization result SjIt is whether reliable, it is transferred to the 15th module if reliable, otherwise by ciphertext polymerization result CjIt polymerize with signature As a result SjIt abandons, then process terminates;
15th module, is set in control centre, for using private key k to ciphertext polymerization result CjIt is decrypted, With the point M after being decrypted, the point M after decryption is decoded, to obtain plaintext m.
In general, through the invention it is contemplated above technical scheme is compared with the prior art, can obtain down and show Beneficial effect:
(1) present invention utilizes forward security theory, signature private key is dynamically updated with the difference of period DI, j, and the signature private key of previous period is deleted in time, to ensure that the forward security of the signing messages of intelligent electric meter, together When greatly reduce calculation amount, save computing cost.
(2) since present invention employs the close SM2 elliptic curve encryption algorithm of state, which is embedded into intelligent electric meter In, electricity consumption data is encrypted using state's close SM2 elliptic curve encryption algorithm, so that it is poly- to solve existing electric network data It is easy to be stolen using key caused by plaintext transmission in conjunction method, the technical problem of safety difference;
(3) since the present invention is there is no using the helper used in existing method, cost of device is saved;
(4) aggregation gateway joined in smart grid Demand-side due to the present invention, the case where not using Bilinear map Under, ciphertext and digital signature that fixed time period receives are verified and polymerize respectively, and by signature after polymerization and close Text is sent to control centre's processing, avoid a large amount of data import control centre and caused by congestion and network performance decline ask Topic.
Detailed description of the invention
Fig. 1 is that the present invention has the smart grid data ciphering method of forward security and the application environment of decryption method Figure;
Fig. 2 is the flow chart for the smart grid data ciphering method that the present invention has forward security;
Fig. 3 is the flow chart for the smart grid data decryption method that the present invention has forward security.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.As long as in addition, technical characteristic involved in the various embodiments of the present invention described below Not constituting a conflict with each other can be combined with each other.
The invention proposes a kind of smart grid data ciphering method with forward security, this method can be close using state SM2 elliptic curve public key cryptographic algorithm realizes the encryption of electricity consumption data, and can utilize in the case where not using Bilinear map Forward security is theoretical and strong P-congruence pair, with the period Different Dynamic update signature private key, when deleting previous in time The signature private key of section, to ensure that the forward security of intelligent electric meter end signature-related information, while greatly reducing calculating Amount.On the other hand, aggregation gateway is added in the present invention in communication construction, in the case where not using Bilinear map, when to fixing Between section the ciphertext received and digital signature are verified and are polymerize respectively, by after polymerization signature and ciphertext be sent to control Center processing, avoid a large amount of data import control centre and caused by congestion and network performance decline problem.
As shown in Figure 1, it is including multiple intelligent electric meters, multiple aggregation gateways and control centre that the present invention, which applies, In smart grid Demand-side.
Basic ideas of the invention are as follows: the user power utilization data of intelligent electric meter are sent to polymerization after encryption and signature Gateway, aggregation gateway verifying signature, not by then abandoning, request is retransmitted for verifying;It is verified then to fixed time period institute The signature and ciphertext received is polymerize and is sent to control centre's processing.Control centre carries out the aggregate signature received Verifying abandons if verifying does not pass through, and request retransmits;Polymerization ciphertext is decrypted with private key if being verified, then will decryption Result afterwards decodes up in plain text.
As shown in Fig. 2, the present invention provides a kind of smart grid data ciphering method with forward security, is application In the smart grid Demand-side for including multiple intelligent electric meters, multiple aggregation gateways and control centre, and including following step It is rapid:
(1) control centre registers the aggregation gateway after receiving the registration request that aggregation gateway is sent to it, and to this Aggregation gateway sends the public key K for being used for encrypting plaintext data;
(2) aggregation gateway is receiving i-th of intelligent electric meter IiThe intelligent electric meter is registered after the registration request being sent to it, And public key K is sent to the intelligent electric meter;Wherein [1, n] i ∈, n indicate the sum of intelligent electric meter in smart grid Demand-side;
(3) counter j=0 is set;
(4) judge whether j is less than or equal to period of time T, if yes then enter step (5), else process terminates;Wherein T Indicate the time cycle, value range be (0,1000000],
(5) i-th of intelligent electric meter IiSelect the ID number ID of its owni∈ { 0,1 } *, and generate random numberRoot According to random number tI, jCalculate time reference variable RI, j=tI, jP and openly, and by random number tI, j, the ID number ID of its owniAnd when Between reference variable RI, jIt is sent to control centre;
In full text of the invention, subscript i, j indicate i-th of intelligent electric meter j-th of period.
Wherein IDiIndicate the ID number of i-th of intelligent electric meter,The circulation for representing less than q and being constituted with q coprime integer Group, P indicate addition cyclic group G1Generation member, and G1It is q for order, generates the addition cyclic group that member is P.
(6) control centre is according to the random number t from intelligent electric meterI, j, ID number IDiWith time reference variable RI, jCalculate label Name private key DI, j=tI, j+sH1(IDi, RI, j) it is used as current secret key;
(7) control centre is by current secret key DI, jI-th of intelligent electric meter I is sent to by safe lanei, wherein H1() table Show the first hash function, andS indicates master key, and has
(8) i-th of intelligent electric meter IiAccording to the current secret key D receivedI, jVerify whether it is effective private key, if it is Effective private key, then according to random number tI, jAnd time reference variable R is generated by way of iterationI, j+1=tI, j+1P calculates DI, j+1 =DI, j+(tI, j+1-tI, j) * P*K, and D is used respectivelyI, j+1And tI, j+1Substitute DI, jAnd tI, j, subsequently into step (9), if not It is effective private key, then return step (4);Wherein intermediate variable
Specifically, judging current secret key DI, jIt whether be effective private key is by judging DI, jP==RI, j+P*K*H1 (IDi, RI, j) whether realized at Rob Roy, D is indicated if setting upI, jEffectively, otherwise indicate that it is invalid.
(9) i-th of intelligent electric meter IiAccording to time reference variable RI, jTo its user data m to be dealt withiIt is encrypted, It is signed using result of the elliptic curve to encryption, and signature result is sent to aggregation gateway;
Specifically, elliptic curve used in this step is SM2 elliptic curve.
This step includes following sub-step:
(9-1) i-th of intelligent electric meter IiBy its user data m to be dealt withiIt is encoded to elliptic curve EpOn a point Mi, and integer r one big is generated at randomi, wherein ri< n, n indicate the length of encryption key used in elliptic curve;
(9-2) i-th of intelligent electric meter IiAccording to the point M on step (7-1)iAnd the big integer r generated generates ciphertext CI, j =(CI, CII), the wherein first part C of ciphertextI=Mi+riK, the second part C of ciphertextII=riG, G are indicated on elliptic curve Basic point.
(9-3) i-th of intelligent electric meter IiGenerate random numberAccording to the random number y of generationI, jObtain signature Second part YI, j=yI, jP, according to the second part Y of obtained signatureI, jObtain the Part III v of signatureI, j=H3(IDi, mi, YI, j), according to the Part III v of signatureI, jWith random number yI, jObtain the first part X of signatureI, j=yI, j+DI, jvI, j, and according to First part, second part and the Part III of obtained signature obtain i-th of intelligent electric meter IiJ-th of period pair User data m to be dealt withiSignature SI, j={ XI, j, YI, j, vI, j);
(9-4) i-th of intelligent electric meter IiThe ciphertext C that step (7-2) is generatedI, jThe signature S generated with step (7-3)I, j As the result (C after signatureI, j, SI, j) it is sent to aggregation gateway;
(10) aggregation gateway is according to from i-th of intelligent electric meter IiSignature result judge user data miCorresponding user It whether is legitimate user, if yes then enter step (11), else process terminates;
Specifically, whether verifying user is legitimate user, it is by judging whether following equation is true, if setting up Illustrate that user is legitimate user, otherwise indicate that the user is illegal user:
XI, jP==YI, j+(RI, j+P*K*H1(IDi, RI, j))vI,J,
(11) aggregation gateway polymerize the signature from w intelligent electric meter j-th of period having been received, To obtain the polymerization result S that signsj:
(12) ciphertext of the aggregation gateway to w intelligent electric meter j-th of period polymerize, to obtain ciphertext polymerization knot Fruit Cj, and by ciphertext polymerization result CjWith signature polymerization result SjIt is sent to control centre;
Wherein ciphertext polymerization result CjCalculating process it is as follows:
(13) counter j=j+1, and return step (4) are set.
As shown in figure 3, the present invention provides a kind of smart grid data decryption method with forward security, is application In the smart grid Demand-side for including multiple intelligent electric meters, multiple aggregation gateways and control centre, and including following step It is rapid:
(1) control centre judges the ciphertext polymerization result C from aggregation gatewayjWith signature polymerization result SjIt is whether reliable, such as Fruit is reliably then transferred to step (2), otherwise by ciphertext polymerization result CjWith signature polymerization result SjIt abandons, then process terminates;
Specifically, judging ciphertext polymerization result CjWith signature polymerization result SjIt is whether reliable, it is from signature polymerization knot first Fruit SjExtract parameter X thereinjAnd Yj, then judge whether following equation is true according to the parameter extracted, if setting up Illustrate that result is reliable, otherwise illustrate that result is unreliable:
XjP==Yj+(RI, j+P*K*H1(IDi, RI, j))vj
(2) control centre is using private key k to ciphertext polymerization result CjIt is decrypted, with the point M after being decrypted, to decryption Point M afterwards is decoded, to obtain plaintext m;
Specifically, private key k is control centre in system initialisation phase from ZpIn randomly selected integer, and the private key K is corresponding with the public key K for encrypting plaintext data.
In this step, using private key k to ciphertext polymerization result CjBe decrypted is using following equation:
M=Mi+ri*K-k*ri*G;
In conclusion a kind of smart grid data ciphering method with forward security proposed by the present invention, will polymerize Signature and the close SM2 public key encryption algorithm of state have been applied in smart grid, have ensured label on the basis of not using Bilinear map The forward security of name information, simultaneously effective reduces calculation amount.
As it will be easily appreciated by one skilled in the art that the foregoing is merely illustrative of the preferred embodiments of the present invention, not to The limitation present invention, any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should all include Within protection scope of the present invention.

Claims (10)

1. a kind of smart grid data ciphering method with forward security, be apply include multiple intelligent electric meters, it is multiple In the smart grid Demand-side of aggregation gateway and control centre, which is characterized in that the smart grid data ciphering method packet Include following steps:
(1) control centre registers the aggregation gateway after receiving the registration request that aggregation gateway is sent to it, and to the polymerization Gateway sends the public key K for being used for encrypting plaintext data;
(2) aggregation gateway is receiving i-th of intelligent electric meter IiRegister the intelligent electric meter after the registration request being sent to it, and to The intelligent electric meter sends public key K;Wherein [1, n] i ∈, n indicate the sum of intelligent electric meter in smart grid Demand-side;
(3) counter j=0 is set;
(4) judge whether j is less than or equal to period of time T, if yes then enter step (5), else process terminates;
(5) i-th of intelligent electric meter IiSelect the ID number ID of its owni∈ { 0,1 }*, and generate random numberAccording to random Number tI, jCalculate time reference variable RI, j=tI, jP and openly, and by random number tI, j, the ID number ID of its owniAnd time reference Variable RI, jIt is sent to control centre;Wherein subscript i, j indicate i-th of intelligent electric meter in j-th of period, IDiIt indicates i-th The ID number of intelligent electric meter,The cyclic group for representing less than q and constituting with q coprime integer, P indicate addition cyclic group G1Generation Member, and G1It is q for order, generates the addition cyclic group that member is P.
(6) control centre is according to the random number t from intelligent electric meterI, j, ID number IDiWith time reference variable RI, jCalculate the signature is private Key DI, j=tI, j+sH1(IDi, RI, j) it is used as current secret key;
(7) control centre is by current secret key DI, jI-th of intelligent electric meter I is sent to by safe lanei, wherein H1() indicates first Hash function, and H1:S indicates master key, and has
(8) i-th of intelligent electric meter IiAccording to the current secret key D receivedI, jVerify whether it is effective private key, if it is effective private Key, then according to random number tI, jAnd time reference variable R is generated by way of iterationI, j+1=tI, j+1P calculates DI, j+1=DI, j+ (tI, j+1-tI, j) * P*K, and D is used respectivelyI, j+1And tI, j+1Substitute DI, jAnd tI, j, subsequently into step (9), if not effective Private key, then return step (4);Wherein intermediate variable
(9) i-th of intelligent electric meter IiAccording to time reference variable RI, jTo its user data m to be dealt withiIt is encrypted, is used Elliptic curve signs to the result of encryption, and signature result is sent to aggregation gateway;
(10) aggregation gateway is according to from i-th of intelligent electric meter IiSignature result judge user data miWhether corresponding user It is legitimate user, if yes then enter step (9), else process terminates;
(11) aggregation gateway polymerize the signature from w intelligent electric meter j-th of period having been received, to obtain Must sign polymerization result Sj:
(12) ciphertext of the aggregation gateway to w intelligent electric meter j-th of period polymerize, to obtain ciphertext polymerization result Cj, And by ciphertext polymerization result CjWith signature polymerization result SjIt is sent to control centre;
(13) counter j=j+1, and return step (4) are set.
2. smart grid data ciphering method according to claim 1, which is characterized in that judge current secret key DI, jWhether It is effective private key is by judging DI, jP==RI, j+P*K*H1(IDi, RI, j) whether realized at Rob Roy, D is indicated if setting upI, j Effectively, otherwise indicate that it is invalid.
3. smart grid data ciphering method according to claim 1, which is characterized in that ellipse used in step (9) Curved line arithmetic is SM2 elliptic curve, and step (9) includes following sub-step:
(9-1) i-th of intelligent electric meter IiBy its user data m to be dealt withiIt is encoded to elliptic curve EpOn a point Mi, and It is random to generate integer r one bigi, wherein ri< n, n indicate the length of encryption key used in elliptic curve;
(9-2) i-th of intelligent electric meter IiAccording to the point M on step (7-1)iAnd the big integer r generated generates ciphertext CI, j= (CI, CII), the wherein first part C of ciphertextI=Mi+riK, the second part C of ciphertextII=riG, G indicate the base on elliptic curve Point.
(9-3) i-th of intelligent electric meter IiGenerate random numberAccording to the random number y of generationI, jObtain second of signature Divide YI, j=yI, jP, according to the second part Y of obtained signatureI, jObtain the Part III v of signatureI, j=H3(IDi, mi, YI, j), According to the Part III v of signatureI, jWith random number yI, jObtain the first part X of signatureI, j=yI, j+DI, jvI, j, and according to obtaining The first part of signature, second part and Part III obtain i-th of intelligent electric meter IiJ-th of period to being wanted The user data m of processingiSignature SI, j={ XI, j, YI, j, vI, j};
(9-4) i-th of intelligent electric meter IiThe ciphertext C that step (7-2) is generatedI, jThe signature S generated with step (7-3)I, jAs label Result (C after nameI, j, SI, j) it is sent to aggregation gateway.
4. smart grid data ciphering method according to claim 3, which is characterized in that whether verifying user is legal use Family is to illustrate that user is legitimate user by judging whether following equation is true if setting up, otherwise indicate user's right and wrong Method user:
XI, jP==YI, j+(RI, j+P*K*H1(IDi, RI, j))vI, j
5. smart grid data ciphering method according to claim 4, which is characterized in that ciphertext polymerization result CjCalculating Process is as follows:
6. a kind of smart grid data decryption method with forward security, be with according to claim 1 to any one of 5 The smart grid data ciphering method with forward security is corresponding, which is characterized in that the smart grid data deciphering Method the following steps are included:
(1) control centre judges the ciphertext polymerization result C from aggregation gatewayjWith signature polymerization result SjIt is whether reliable, if can By being then transferred to step (2), otherwise by ciphertext polymerization result CjWith signature polymerization result SjIt abandons, then process terminates;
(2) control centre is using private key k to ciphertext polymerization result CjIt is decrypted, with the point M after being decrypted, after decryption Point M is decoded, to obtain plaintext m.
7. smart grid data decryption method according to claim 6, which is characterized in that judge ciphertext polymerization result CjWith Sign polymerization result SjIt is whether reliable, it is from signature polymerization result S firstjExtract parameter X thereinjAnd Yj, then basis mentions The parameter of taking-up judges whether following equation is true, illustrates that result is reliable if setting up, otherwise illustrates that result is unreliable:
XjP==Yj+(RI, j+P*K*H1(IDi, RI, j))vj
8. smart grid data decryption method according to claim 7, which is characterized in that polymerize using private key k to ciphertext As a result CjBe decrypted is using following equation:
M=Mi+ri*K-k*ri*G。
9. a kind of smart grid data encryption system with forward security, be apply include multiple intelligent electric meters, it is multiple In the smart grid Demand-side of aggregation gateway and control centre, which is characterized in that the smart grid data encryption system packet It includes:
First module is arranged in control centre, for registering after receiving the registration request that aggregation gateway is sent to it The aggregation gateway, and the public key K for being used for encrypting plaintext data is sent to the aggregation gateway;
Second module is arranged in aggregation gateway, for receiving i-th of intelligent electric meter IiThe registration request being sent to it After register the intelligent electric meter, and send public key K to the intelligent electric meter;Wherein [1, n] i ∈, n indicate intelligence in smart grid Demand-side The sum of energy ammeter;
Third module is set to i-th of intelligent electric meter IiIn, for counter j=0 to be arranged;
4th module is set to i-th of intelligent electric meter IiIn, for judging whether j is less than or equal to period of time T, if it is Into the 5th module, else process terminates;
5th module is set to i-th of intelligent electric meter IiIn, for selecting its own ID number IDi∈ { 0,1 }*, and generate Random numberAccording to random number tI, jCalculate time reference variable RI, j=tI, jP and openly, and by random number tI, j, its The ID number ID of itselfiWith time reference variable RI, jIt is sent to control centre;Wherein subscript i, j indicate i-th of intelligent electric meter the J period, IDiIndicate the ID number of i-th of intelligent electric meter,The cyclic group for representing less than q and being constituted with q coprime integer, P Indicate addition cyclic group G1Generation member, and G1It is q for order, generates the addition cyclic group that member is P.
6th module, is set in control centre, for according to the random number t from intelligent electric meterI, j, ID number IDiAnd the time Reference variable RI, jCalculate the signature private key DI, j=tI, j+sH1(IDi, RI, j) it is used as current secret key;
7th module, is set in control centre, is used for current secret key DI, jI-th of intelligence is sent to by safe lane Ammeter Ii, wherein H1() indicates the first hash function, and H1:S indicates master key, and has
8th module is set to i-th of intelligent electric meter IiIn, for according to the current secret key D receivedI, jVerify its whether be Effective private key, if it is effective private key, then according to random number tI, jAnd time reference variable R is generated by way of iterationI, j+1= tI, j+1P calculates DI, j+1=DI, j+(tI, j+1-tI, j) * P*K, and D is used respectivelyI, j+1And tI, j+1Substitute DI, jAnd tI, j, then into Enter the 9th module, if not effective private key, then returns to the 4th module;Wherein intermediate variable
9th module is set to i-th of intelligent electric meter IiIn, for according to time reference variable RI, jTo its use to be dealt with User data miIt is encrypted, is signed using result of the elliptic curve to encryption, and signature result is sent to polymerization Gateway;
Tenth module, is set in aggregation gateway, for according to from i-th of intelligent electric meter IiSignature result judge user Data miWhether corresponding user is legitimate user, and if yes then enter the 11st module, else process terminates;
11st module, is set in aggregation gateway, when for having been received from w intelligent electric meter at j-th Between the signature of section polymerize, to obtain the polymerization result S that signsj:
12nd module, is set in aggregation gateway, gathers for the ciphertext to w intelligent electric meter j-th of period It closes, to obtain ciphertext polymerization result Cj, and by ciphertext polymerization result CjWith signature polymerization result SjIt is sent to control centre;
13rd module, is set in control centre, for counter j=j+1 to be arranged, and returns to the 4th module.
10. a kind of smart grid data decryption system with forward security, be with have according to claim 9 it is preceding to The smart grid data encryption system of safety is corresponding, which is characterized in that the smart grid data decryption system includes:
14th module, is set in control centre, for judging the ciphertext polymerization result C from aggregation gatewayjIt is poly- with signature Close result SjIt is whether reliable, it is transferred to the 15th module if reliable, otherwise by ciphertext polymerization result CjWith signature polymerization result Sj It abandons, then process terminates;
15th module, is set in control centre, for using private key k to ciphertext polymerization result CjIt is decrypted, to obtain Point M after decryption is decoded the point M after decryption, to obtain plaintext m.
CN201910592762.8A 2019-07-03 2019-07-03 Smart power grid data encryption method and decryption method with forward security Active CN110460570B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910592762.8A CN110460570B (en) 2019-07-03 2019-07-03 Smart power grid data encryption method and decryption method with forward security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910592762.8A CN110460570B (en) 2019-07-03 2019-07-03 Smart power grid data encryption method and decryption method with forward security

Publications (2)

Publication Number Publication Date
CN110460570A true CN110460570A (en) 2019-11-15
CN110460570B CN110460570B (en) 2021-07-23

Family

ID=68482023

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910592762.8A Active CN110460570B (en) 2019-07-03 2019-07-03 Smart power grid data encryption method and decryption method with forward security

Country Status (1)

Country Link
CN (1) CN110460570B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110868298A (en) * 2019-11-22 2020-03-06 深圳供电局有限公司 Power grid communication encryption method
CN111178986A (en) * 2020-02-18 2020-05-19 电子科技大学 User-commodity preference prediction method and system
CN111770553A (en) * 2020-06-22 2020-10-13 深圳中兴网信科技有限公司 Internet of things equipment access system and method, electronic equipment and storage medium
CN112073406A (en) * 2020-09-03 2020-12-11 北京工业大学 Extensible grouping multidata protection method based on bilinear mapping
CN112702341A (en) * 2020-12-23 2021-04-23 国网山东省电力公司信息通信公司 Privacy protection-based user electricity consumption data sharing method and system
CN113364595A (en) * 2021-05-24 2021-09-07 南方电网数字电网研究院有限公司 Power grid private data signature aggregation method and device and computer equipment
CN114189339A (en) * 2021-12-07 2022-03-15 贵州亨达集团信息安全技术有限公司 Certificateless aggregation signature method and certificateless aggregation signature system supporting parallel key isolation
CN116015751A (en) * 2022-12-08 2023-04-25 武汉理工大学 Intelligent power grid bidirectional authentication system and method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105245326A (en) * 2015-09-10 2016-01-13 电子科技大学 Intelligent power grid safety communication method based on combination cipher
US20180048463A1 (en) * 2017-09-12 2018-02-15 QED-it Systems LTD Method and system for generating private randomness for the creation of public randomness
CN109905371A (en) * 2019-01-24 2019-06-18 国网河南省电力公司电力科学研究院 Two-way encrypted authentication system and its application method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105245326A (en) * 2015-09-10 2016-01-13 电子科技大学 Intelligent power grid safety communication method based on combination cipher
US20180048463A1 (en) * 2017-09-12 2018-02-15 QED-it Systems LTD Method and system for generating private randomness for the creation of public randomness
CN109905371A (en) * 2019-01-24 2019-06-18 国网河南省电力公司电力科学研究院 Two-way encrypted authentication system and its application method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈亮,林永峰: "基于同态加密的智能电网安全数据融合技术", 《现代电子技术》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110868298B (en) * 2019-11-22 2023-02-03 深圳供电局有限公司 Power grid communication encryption method
CN110868298A (en) * 2019-11-22 2020-03-06 深圳供电局有限公司 Power grid communication encryption method
CN111178986A (en) * 2020-02-18 2020-05-19 电子科技大学 User-commodity preference prediction method and system
CN111178986B (en) * 2020-02-18 2023-04-07 电子科技大学 User-commodity preference prediction method and system
CN111770553A (en) * 2020-06-22 2020-10-13 深圳中兴网信科技有限公司 Internet of things equipment access system and method, electronic equipment and storage medium
CN112073406A (en) * 2020-09-03 2020-12-11 北京工业大学 Extensible grouping multidata protection method based on bilinear mapping
CN112073406B (en) * 2020-09-03 2023-01-13 北京工业大学 Extensible grouping multidata protection method based on bilinear mapping
CN112702341A (en) * 2020-12-23 2021-04-23 国网山东省电力公司信息通信公司 Privacy protection-based user electricity consumption data sharing method and system
CN113364595A (en) * 2021-05-24 2021-09-07 南方电网数字电网研究院有限公司 Power grid private data signature aggregation method and device and computer equipment
CN114189339A (en) * 2021-12-07 2022-03-15 贵州亨达集团信息安全技术有限公司 Certificateless aggregation signature method and certificateless aggregation signature system supporting parallel key isolation
CN114189339B (en) * 2021-12-07 2024-01-26 贵州亨达集团信息安全技术有限公司 Certificate-free aggregation signature method and system supporting parallel key isolation
CN116015751A (en) * 2022-12-08 2023-04-25 武汉理工大学 Intelligent power grid bidirectional authentication system and method
CN116015751B (en) * 2022-12-08 2024-05-03 武汉理工大学 Intelligent power grid bidirectional authentication system and method

Also Published As

Publication number Publication date
CN110460570B (en) 2021-07-23

Similar Documents

Publication Publication Date Title
CN110460570A (en) A kind of smart grid data ciphering method and decryption method with forward security
Wang An identity-based data aggregation protocol for the smart grid
Cui et al. An efficient and safe road condition monitoring authentication scheme based on fog computing
CN111131148B (en) Aggregation method and system capable of protecting privacy data and facing smart power grid
Li et al. An efficient merkle-tree-based authentication scheme for smart grid
Zuo et al. Privacy-preserving multidimensional data aggregation scheme without trusted authority in smart grid
CN101807818B (en) Device access authentication method of distribution network automated communication system based on ID
CN110138538A (en) The smart grid security and secret protection data aggregation method calculated based on mist
CN110489982B (en) Smart power grid data aggregation and encryption method with forward security
CN102946603B (en) Based on the unified identity authentication method of social characteristic in power cloud system
CN110430050A (en) A kind of smart grid collecting method based on secret protection
CN105610773B (en) A kind of communication encryption method of electric energy meter remote meter reading
CN103618610A (en) Information safety algorithm based on energy information gateway in smart power grid
Chu et al. Privacy-preserving smart metering with regional statistics and personal enquiry services
CN107483209A (en) A kind of safe label decryption method based on heterogeneous system
CN101958793A (en) Double public key cryptograph identity identification, secrete key verification and digital signing integrated solution
CN111770060A (en) Data transmission method for power internet of things and power internet of things
CN109586924A (en) A kind of intelligent distribution network data safe transmission method based on cloud computing
Zhang et al. PADA: Privacy-aware data aggregation with efficient communication for power injection in 5G smart grid slice
CN114915399B (en) Homomorphic encryption-based energy big data security system
Yukun et al. A security privacy protection scheme for data collection of smart meters based on homomorphic encryption
Ahmed et al. Signcryption based authenticated and key exchange protocol for EI-based V2G environment
CN106790024B (en) Privacy protection method based on power injection under AMI and 5G intelligent power grid
CN115473623A (en) Method for safely aggregating multidimensional user data in smart power grid
CN107231353A (en) Batch authentication method based on binary tree in a kind of intelligent grid

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220708

Address after: 410000 No. 102, Heguang Road, Xianghu street, Furong district, Changsha City, Hunan Province

Patentee after: Hunan Kuangan Network Technology Co.,Ltd.

Address before: 410082 Building 1, Changsha National Supercomputing Center, 252 Lushan South Road, Yuelu District, Changsha City, Hunan Province

Patentee before: Hunan Kuangan Network Technology Co.,Ltd.

Patentee before: Hunan University