CN111082920A - Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid - Google Patents

Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid Download PDF

Info

Publication number
CN111082920A
CN111082920A CN201911379075.4A CN201911379075A CN111082920A CN 111082920 A CN111082920 A CN 111082920A CN 201911379075 A CN201911379075 A CN 201911379075A CN 111082920 A CN111082920 A CN 111082920A
Authority
CN
China
Prior art keywords
data
aggregation
control center
type
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911379075.4A
Other languages
Chinese (zh)
Inventor
张晓均
黄超
唐尧
龚捷
张经伟
郑爽
周子玉
付红
廖文才
郝云溥
赵芥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Priority to CN201911379075.4A priority Critical patent/CN111082920A/en
Publication of CN111082920A publication Critical patent/CN111082920A/en
Priority to CN202011387992.XA priority patent/CN112636896B/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/06Electricity, gas or water supply
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention discloses a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid, which comprises four steps of system initialization, multi-type encrypted data reporting, encrypted data aggregation, verification and aggregated data decryption. The encryption technology with the addition homomorphic characteristic is integrated into an aggregation scheme, and a large amount of data ciphertexts are aggregated into a value by data aggregation through an aggregation gateway, so that the use amount of communication bandwidth can be greatly reduced. And finally, data decryption is carried out at the control center, and the control center can obtain the sum value of each type of data in the data of all users due to the fact that the used encryption algorithm has the characteristic of addition homomorphism. The method and the device have the advantages that the privacy and the integrity of the user data are ensured, meanwhile, the multi-type encrypted data of users in the same area are aggregated, and the data generated by the user intelligent electric meter can be analyzed in a deep and fine-grained manner. The invention designs the homomorphic encryption algorithm for keeping addition, and improves the redundancy and the safety of the system.

Description

Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
Technical Field
The invention relates to the field of smart power grids, in particular to a non-interactive verifiable multi-type encrypted data aggregation method for a smart power grid.
Background
Smart grids are considered as next generation grid systems due to their high adaptability, reliability and high efficiency, which make grid systems more efficient and reliable through the transmission of bidirectional power and communication data streams. Compared with a traditional power grid system, the smart power grid integrates advanced technologies in various fields, such as mobile communication, cloud computing and the like, and collects and processes electric energy data in real time. In addition, smart grids open the way to better utilize the power stations, enabling power consumers to better control their consumption costs, which would greatly improve the system architecture of traditional grids.
In a typical smart grid architecture, there is a device called a smart meter that has a processing chip and a non-volatile memory with limited space for performing operations on power data. The smart meter is generally installed in a smart home system of a household, monitors electricity data of the household, and periodically provides an electric energy service provider with an electric energy consumption report through a wireless or wired network communication infrastructure. In addition, the power service provider can feed back some important information to the smart meter so that they can interactively communicate in real time.
The smart grid provides many benefits to consumers of electric energy and service providers, thanks to the advantages of smart meters. But the various security threats involved in the smart grid are also becoming more serious, which may prevent its widespread deployment. In fact, the smart meter is installed near the house of the household and only limited protection is provided, any external adversary can destroy and control it by physical means. More seriously, the smart meter may be associated with personal sensitive information of the household, such as the household's power usage status and usage statistics, which are stored in the smart meter. Therefore, an external adversary can trace the daily life of a target household or infer an individual's electricity usage habits and activities through some big data analysis method. Meanwhile, more and more problems and faults occur in the current smart grid system because the information cannot be sent to a specific system component within a fixed and limited time due to the fact that the information transmission time delay is too long, and therefore the data processing efficiency is another very important problem in the smart grid.
Public key encryption and symmetric encryption technologies can be integrated into smart grids for protecting information security and user privacy. However, how to balance the privacy and the availability of data is also a problem to be solved, and since the data is changed into a ciphertext form after being encrypted by using an encryption technology, and part or even most of the availability of the data is lost, the problem is not only a problem of academic research, but also a technical bottleneck in the practical application of the smart grid. Meanwhile, the power usage data generally includes a plurality of types, such as voltage, current, power, displacement power factor, apparent power, and the like. Therefore, how to effectively aggregate multi-type data while protecting the privacy of user data is a popular research problem, and research on a data aggregation method with privacy protection characteristics becomes more and more important in information security research of a smart grid.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid, which can be used for aggregating multi-type encrypted data of users in the same area while ensuring the privacy and integrity of the user data, so that a smart grid control center can be used for deeply and finely analyzing the data generated by a smart meter of the user under the condition of protecting the privacy of the data.
The purpose of the invention is realized by the following technical scheme:
the non-interactive verifiable multi-type encrypted data aggregation method facing the smart grid comprises the following steps:
s1: system initialization, comprising the following substeps:
s101: the TTP generates system public parameters for aggregation and signature verification and sends some secret parameters to the control center CC and the smart meter;
s102: the control center CC generates a super-increment sequence which can be used for privacy protection data aggregation;
s2: multi-type encrypted data reporting:
the intelligent electric meter firstly encrypts the collected electric energy use data of multiple types by using a public key encryption algorithm keeping the addition homomorphism to obtain corresponding ciphertext; meanwhile, generating an authentication value for each ciphertext data by using a linear homomorphic digital signature algorithm; finally, the intelligent electric meter sends the encrypted electric energy use data of multiple types and corresponding authentication values to an aggregation gateway AG in the intelligent power grid;
s3: and (3) encryption data aggregation:
the control center CC and the aggregation gateway AG share a pseudo-random number generator and a shared secret key, so that the aggregation gateway generates a random vector based on an aggregation state serial number, combines the random vector, and aggregates verification values of all types of data of each user by the aggregation gateway AG, and then further aggregates the aggregated verification values of all users to obtain a single verification value; finally, the control center CC can verify the integrity of the encrypted data of all users by using the final verification value, meanwhile, the aggregation gateway AG multiplies the multi-type ciphertext data of all users to obtain a single ciphertext aggregation value, and finally, the aggregation gateway AG sends the aggregation verification value and the aggregation ciphertext to the remote control center;
s4: authentication and aggregated data decryption:
the intelligent power grid control center CC uses an auditing technology to verify the integrity of all user ciphertext data, and meanwhile, the control center CC can decrypt the aggregation ciphertext by using an iterative algorithm to obtain the sum value of each type in all user multi-type electric energy use data.
In step S1, the system sets the password security parameters required in the following steps:
the TTP of a trusted third party selects security parameters of a public key encryption algorithm keeping addition homomorphism, sets bilinear pairwise password parameters and public and private keys of all communication entities, and distributes private keys of all communication entities through a security channel;
the control center CC of the intelligent power grid constructs a special super-increment sequence, and the sequence can enable the control center to use an iterative algorithm to calculate the sum value of each type in multi-type electric energy use data of all users after receiving the aggregation ciphertext, so that any electric energy use data information of a single user cannot be recovered; meanwhile, the control center CC is also provided with a pseudo-random number generator, wherein the key of the pseudo-random number generator is kept secret by the aggregation gateway AG and the control center CC in the smart grid.
In step S101, the step of specifically initializing the TTP of the trusted third party includes:
s1011: TTP selects three different large prime numbers q according to security parameter k1,q2And p, and calculating the public key N ═ q of the public key encryption algorithm maintaining the additive homomorphism1q2And g ═ 1+ N, and the corresponding private key (λ, μ);
s1012: TTP sets a bilinear pairwise mapping G1×G1→G2Wherein G is1And G2Is two p factorial cyclic groups, p is G1While the TTP sets three collision-resistant hash functions: h: {0,1}*→G1
Figure BDA0002341792260000031
Figure BDA0002341792260000032
S1013: TTP uniformly selects n random numbers
Figure BDA0002341792260000033
Wherein n is the number of smart meters in the designated residential area, and calculates a secret value
Figure BDA0002341792260000034
The calculation formula is as follows:
Figure BDA0002341792260000035
where k is the number of types of power consumption data, while the TTP calculates the common parameter
Figure BDA0002341792260000036
And common parameter β ═ ρπSecret parameter psi for ensuring data integrity verification1=h21)·π,ψ2=h22)·π,…,ψn=h2n) π, and randomly selecting a cyclic group G1V, a common element of (1);
s1014: TTP sends the private key gamma through a secure channel0Sends it to the control center CC and sends each private key gamma separately through a secure channeliTo the corresponding ith intelligent electric meter (SM)i) Where i is 1,2, …, n, the secret parameter ψ is transmitted over a secure channel12,…,ψnSending to the aggregation gateway AG, the TTP issues a system parameter Ω ═ N, G, e, G1,G2,ρ,H,h1,h2,ν,β)。
In step S102, the specific initialization step of the control center CC includes:
s1021: in order to enable the smart meter to report multiple types of power consumption data to the CC simultaneously, the CC generates a set of coefficients { omega }12,…,ωkWhere k is the number of types of power consumption data, these coefficients need to satisfy the following constraints:
Figure BDA0002341792260000037
wherein, ω is1=1,α=2,3,…,k,ηjIs the upper limit value of the j-th power consumption data, CC is from G1To generate a set of common elements
Figure BDA0002341792260000041
S1022: to verify the integrity of the power consumption data, the CC is provided with a pseudo-random number generator
Figure BDA0002341792260000042
Wherein SKprgA set of keys representing prg, I represents the aggregation state sequence number, and then CC randomly selects a key skprg∈SKprgAnd shared secretly to the aggregation gateway AG.
In step S2, for each i ═ 1,2, …, n, SMiEncrypting k types of power consumption data (m) using an additively homomorphic public key encryption algorithmi1,mi2,…,mik) And meanwhile, carrying out signature calculation on the ciphertext, wherein the detailed process comprises the following steps:
s201-1, 2, …, k, SM for each type αiEncrypt each kind of power consumption data mIs composed of
Figure BDA0002341792260000043
S202:SMiComputing linear homomorphic digital signatures
Figure BDA0002341792260000044
Wherein, attiRAID is SMiA residential zone identifier of where the residential zone is located;
S203:SMiwill { CT}1≤α≤kTo the corresponding aggregation gateway AG.
In step S3, aggregation gateway AG receives all { CT } from n users}1≤α≤kAfter 1, 2.. times, n, the following steps are performed:
s301: the AG generates a random vector (τ) using a pseudo-random number generator prg12,...,τk-1)←prg(skprgNonce) and τk=h3(CT||nonce);
S302: for i 1, 2.., n, AG, a combined ciphertext is computed:
Figure BDA0002341792260000045
and set ξ ═ ξi}1≤i≤nThen, the AG computes for each user an aggregate signature:
Figure BDA0002341792260000046
and further calculate
Figure BDA0002341792260000047
S303: the AG calculates the aggregate ciphertext:
Figure BDA0002341792260000051
finally, the AG sends these aggregated information (ξ, σ, CT) to the control center CC.
In step S4, after the control center CC receives (ξ, σ, CT) from the AG, the CC performs data integrity verification and decrypts the aggregated ciphertext, which specifically includes the following steps:
s401: verify whether the following equation holds
Figure BDA0002341792260000052
S402: once the verification equation is established, the control center CC uses its private key γ0And (3) calculating:
Figure BDA0002341792260000053
order to
Figure BDA0002341792260000054
Then W is equal to gQmod N2According to the binomial expansion method, the following can be obtained: (1+ N)Q=1+NQ modN2
Because W is gQmodN2=(1+N)QmodN2The CC may recover the aggregated power data by the following method:
Figure BDA0002341792260000055
then, CC calculates the sum of each type { M } in all users' multi-type power usage data1,M2,...,MkTherein of
Figure BDA0002341792260000056
The invention has the beneficial effects that:
(1) the invention designs the homomorphic encryption algorithm keeping addition, and allocates a private key meeting specific constraints to each intelligent ammeter and the control center, and the innovative design ensures that even if an external enemy or a malicious user exists in the system, the enemy cannot calculate the decryption private key of the control center and cannot decrypt aggregated data unless the enemy attacks all the intelligent ammeters, acquires the private key and steals a key value of the homomorphic encryption algorithm. The method provided by the invention improves the redundancy and the safety of the system.
(2) The encryption data aggregation method provided by the invention realizes the non-interactive verifiable functions of user data integrity and gateway data aggregation correctness: by utilizing the thought of data auditing in cloud storage, a homomorphic linear digital signature algorithm is used at the intelligent electric meter end to generate an authentication value for each type of data ciphertext of a user, and all the authentication values are aggregated by the aggregation gateway and sent to the control center. In the existing data aggregation scheme facing to the smart grid, the verification of data integrity must require that each smart meter and an aggregation gateway (or the aggregation gateway and a control center) perform multiple synchronous online interactive communications, and in the context of large user volume and large data volume of the smart grid, such synchronous high-frequency interaction is very inefficient, which will severely limit the system throughput and the processing performance of the control center. The invention adopts a data auditing mechanism, the aggregation gateway and the control center adopt a pseudo-random number generator, and a random vector value for data integrity challenge is generated based on a shared secret key.
(3) In the aspects of encrypted data aggregation and authentication value aggregation, firstly, the multi-type encrypted data of the same user in the same area and the corresponding authentication values are aggregated, and then, the multi-type encrypted data aggregation values of all the users in the same area and the corresponding aggregation authentication values are aggregated again.
Encryption techniques with addition homomorphism in cryptography can be integrated into an aggregation scheme and then data aggregation is performed through an aggregation gateway to aggregate a large amount of data ciphertexts into a value, which can greatly reduce the usage amount of communication bandwidth. And finally, data decryption is carried out at the control center, and the control center can obtain the sum value of each type of data in the data of all users due to the fact that the used encryption algorithm has the characteristic of addition homomorphism.
Therefore, the smart grid control center can carry out deep and fine-grained analysis on the data generated by the user smart electric meter under the condition of data privacy protection. Particularly, the smart grid control center only needs two constant bilinear pairings for operation time when verifying the integrity of the multi-type encrypted data, and the calculation efficiency is very high, so that the smart grid control center has a wide application prospect.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
The invention provides a technical scheme that: a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid comprises the following steps:
initializing a system: this phase consists of two steps. First, a Trusted Third Party (TTP) generates system public parameters for aggregation and signature verification. Some of the secret parameters are then sent to the Control Center (CC) and to the smart meter. Second, CC generates super-increment sequences that can be used for privacy preserving data aggregation.
TTP specific initialization step:
TTP selects three different large prime numbers q according to security parameter k1,q2And p, and calculating the public key N ═ q of the public key encryption algorithm maintaining the additive homomorphism1q2And g ═ 1+ N, and the corresponding private key (λ, μ).
TTP sets a bilinear pairwise mapping G1×G1→G2Wherein G is1And G2Is two p factorial cyclic groups, p is G1The generator of (1). At the same time, the TTP sets three collision-resistant hash functions: h: {0,1}*→G1
Figure BDA0002341792260000071
Figure BDA0002341792260000072
TTP evenly selects n random numbers
Figure BDA0002341792260000073
Wherein n is the number of the intelligent electric meters in the specified residential area. And calculates a secret value
Figure BDA0002341792260000074
The calculation formula is as follows:
Figure BDA0002341792260000075
where k is the number of types of power consumption data. Simultaneous TTP calculation of common parameters
Figure BDA0002341792260000076
And common parameter β ═ ρπSecret parameter psi for ensuring data integrity verification1=h21)·π,ψ2=h22)·π,…,ψn=h2n) π, and randomly selecting a cyclic group G1V, of (1).
TTP secure channel to secret key gamma0Sends it to the CC and sends each private key gamma separately over a secure channeliTo the corresponding ith intelligent electric meter (SM)i) Where i is 1,2, …, n, the secret parameter ψ is transmitted over a secure channel12,…,ψnAnd sending the message to the aggregation gateway. TTP distribution system parameter Ω ═ N, G, e, G1,G2,ρ,H,h1,h2,ν,β)。
Specifically initializing the CC:
1. in order to enable the smart meter to report various types of power consumption data to the CC at the same time. CC generates a set of coefficients { omega }12,…,ωkWhere k is the number of types of power consumption data. These coefficients need to satisfy the following constraints:
Figure BDA0002341792260000077
wherein ω is1=1,α=2,3,…,k,ηjIs the upper limit value of the j-th power consumption data. CC from G1To generate a set of common elements
Figure BDA0002341792260000081
2. To verify the integrity of the power consumption data, the CC is provided with a pseudo-random number generator
Figure BDA0002341792260000082
In which SKprgA set of keys representing prg, I represents the aggregation state sequence number, and then CC randomly selects a key skprg∈SKprgAnd shared privately to the Aggregation Gateway (AG).
Multi-type encrypted data reporting: at this stage, for each i ═ 1,2, …, n, SMiEncrypting k types of power consumption data (m) using an additively homomorphic public key encryption algorithmi1,mi2,…,mik). And simultaneously, carrying out signature calculation on the ciphertext. The detailed process is as follows:
1. for each type α ═ 1,2, …, k, SMiEncrypt each kind of power consumption data mIs composed of
Figure BDA0002341792260000083
2.SMiComputing linear homomorphic digital signatures
Figure BDA0002341792260000084
Wherein attiRAID is SMiA residential zone identifier of the residence.
3. Last SMiWill { CT}1≤α≤kTo the corresponding Aggregation Gateway (AG).
And (3) encryption data aggregation: at this stage, the Aggregation Gateway (AG) receives all { CT's from n users}1≤α≤kAfter 1, 2.. times, n, the following steps are performed:
AG generates a random vector (τ) using a pseudo-random number generator prg12,...,τk-1)←prg(skprgNonce) and τk=h3(CT||nonce)。
2. For i 1, 2.., n, AG, a combined ciphertext is computed:
Figure BDA0002341792260000085
and set ξ ═ ξi}1≤i≤n. The AG then computes for each user an aggregate signature:
Figure BDA0002341792260000086
and further calculate
Figure BDA0002341792260000087
AG calculation of aggregate ciphertext:
Figure BDA0002341792260000091
finally, the AG sends these aggregated information (ξ, σ, CT) to the control center.
Verification and aggregated data decryption at this stage, after the Control Center (CC) receives (ξ, σ, CT) from the AG, the CC performs data integrity verification and decrypts the aggregated ciphertext:
1. verify whether the following equation holds
Figure BDA0002341792260000092
2. Once the verification equation is established, the control center CC uses its private key γ0And (3) calculating:
Figure BDA0002341792260000093
order to
Figure BDA0002341792260000094
Then W is equal to gQmod N2. According to a binomial expansion method, the following can be obtained: (1+ N)Q=1+NQ mod N2
Because W is gQmod N2=(1+N)Qmod N2The CC may restore the aggregated power data by the following method:
Figure BDA0002341792260000095
CC then calculates the sum of each type { M } for all users of the multi-type power usage data using Algorithm 11,M2,...,MkTherein of
Figure BDA0002341792260000096
Figure BDA0002341792260000101
And (3) correctness proof:
Figure BDA0002341792260000102
for MkBecause:
Figure BDA0002341792260000103
thus, we can get:
Figure BDA0002341792260000104
using the same method, CC can be finally calculated using Algorithm 1 to obtain { M }1,M2,...,Mk}。
The invention provides a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid. After the intelligent electric meter encrypts the multi-type electric energy use data by adopting a public key encryption algorithm keeping the addition homomorphism, the aggregation gateway aggregates ciphertexts from a large number of users by utilizing the addition homomorphism, and finally obtains an aggregation value. The control center can finally decrypt the aggregation ciphertext through an iterative algorithm to obtain the sum value of each type of data in all the user original data, and the iterative algorithm is constructed based on the super-increment sequence adopted in the scheme. On the other hand, in order to realize verifiable functions while realizing data aggregation, the invention ensures the integrity of the electric energy use data of the user by using the idea of a data auditing mechanism in cloud storage. After the intelligent electric meter encrypts the multi-type data, a linear homomorphic digital signature algorithm is designed to generate an authentication value for each ciphertext, then the control center and the aggregation gateway share a secret key of a pseudo-random number generator, based on the shared secret key and an offline challenge serial number, the control center and the aggregation gateway generate a random vector, the aggregation gateway uses the random vector to aggregate a large number of authentication values of a user into a single random authentication value, and meanwhile, the control center can flexibly detect whether the aggregation gateway correctly executes aggregation operation. Meanwhile, the control center can also determine that the encrypted multi-type data is not subjected to any tampering, replacement or destruction in the processing and transmission processes.
In addition, the method of the invention also has the following innovative characteristics:
the homomorphic encryption algorithm capable of keeping addition distributes a private key meeting specific constraints for each intelligent ammeter and the control center, and the innovative design ensures that even if an external enemy or a malicious user exists in the system, the enemy cannot calculate the decryption private key of the control center and cannot decrypt aggregated data unless the enemy attacks all the intelligent ammeters, acquires the private key and steals a key value of the homomorphic encryption algorithm. The method provided by the invention improves the redundancy and the safety of the system.
The encryption data aggregation method provided by the invention realizes the non-interactive verifiable functions of user data integrity and gateway data aggregation correctness: by utilizing the thought of data auditing in cloud storage, a homomorphic linear digital signature algorithm is used at the intelligent electric meter end to generate an authentication value for each type of data ciphertext of a user, and all the authentication values are aggregated by the aggregation gateway and sent to the control center. In the existing data aggregation scheme facing to the smart grid, the verification of data integrity must require that each smart meter and an aggregation gateway (or the aggregation gateway and a control center) perform multiple synchronous online interactive communications, and in the context of large user volume and large data volume of the smart grid, such synchronous high-frequency interaction is very inefficient, which will severely limit the system throughput and the processing performance of the control center. The invention adopts a data auditing mechanism, the aggregation gateway and the control center adopt a pseudo-random number generator, and a random vector value for data integrity challenge is generated based on a shared secret key.
In addition, in the aspects of encrypted data aggregation and authentication value aggregation, the multi-type encrypted data of the same user in the same area and the corresponding authentication values are aggregated at first, and then the multi-type encrypted data aggregation values of all users in the same area and the corresponding aggregation authentication values are aggregated again. Therefore, the smart grid control center can carry out deep and fine-grained analysis on the data generated by the user smart electric meter under the condition of data privacy protection.
The method can enable the smart grid control center to carry out deep and fine-grained analysis on the data generated by the user smart electric meter under the condition of data privacy protection, thereby carrying out effective electric energy scheduling. Particularly, the smart grid control center only needs two constant bilinear pairings for operation time when verifying the integrity of the multi-type encrypted data, and the calculation efficiency is very high, so that the smart grid control center has a wide application prospect.
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (7)

1. The non-interactive verifiable multi-type encrypted data aggregation method facing the smart grid is characterized by comprising the following steps of:
s1: system initialization, comprising the following substeps:
s101: the TTP generates system public parameters for aggregation and signature verification and sends some secret parameters to the control center CC and the smart meter;
s102: the control center CC generates a super-increment sequence which can be used for privacy protection data aggregation;
s2: multi-type encrypted data reporting:
the intelligent electric meter firstly encrypts the collected electric energy use data of multiple types by using a public key encryption algorithm keeping the addition homomorphism to obtain corresponding ciphertext; meanwhile, generating an authentication value for each ciphertext data by using a linear homomorphic digital signature algorithm; finally, the intelligent electric meter sends the encrypted electric energy use data of multiple types and corresponding authentication values to an aggregation gateway AG in the intelligent power grid;
s3: and (3) encryption data aggregation:
the control center CC and the aggregation gateway AG share a pseudo-random number generator and a shared secret key, so that the aggregation gateway generates a random vector based on an aggregation state serial number, combines the random vector, and aggregates verification values of all types of data of each user by the aggregation gateway AG, and then further aggregates the aggregated verification values of all users to obtain a single verification value; the control center CC can verify the integrity of the encrypted data of all users by using the final verification value, meanwhile, the aggregation gateway AG multiplies the multi-type ciphertext data of all users to obtain a single ciphertext aggregation value, and finally, the aggregation gateway AG sends the aggregation verification value and the aggregation ciphertext to the remote control center;
s4: authentication and aggregated data decryption:
the intelligent power grid control center CC uses an auditing technology to verify the integrity of all user ciphertext data, and meanwhile, the control center CC can decrypt the aggregation ciphertext by using an iterative algorithm to obtain the sum value of each type in all user multi-type electric energy use data.
2. The smart grid-oriented non-interactive verifiable multi-type encrypted data aggregation method according to claim 1, characterized in that: in step S1, the system sets the password security parameters required in the following steps:
the TTP of a trusted third party selects security parameters of a public key encryption algorithm keeping addition homomorphism, sets bilinear pairwise password parameters and public and private keys of all communication entities, and distributes private keys of all communication entities through a security channel;
the control center CC of the intelligent power grid constructs a special super-increment sequence, and the sequence can enable the control center to use an iterative algorithm to calculate the sum value of each type in multi-type electric energy use data of all users after receiving the aggregation ciphertext, so that any electric energy use data information of a single user cannot be recovered; meanwhile, the control center CC is also provided with a pseudo-random number generator, wherein the key of the pseudo-random number generator is kept secret by the aggregation gateway AG and the control center CC in the smart grid.
3. The smart grid-oriented non-interactive verifiable multi-type encrypted data aggregation method according to claim 2, characterized in that: in step S101, the step of specifically initializing the TTP of the trusted third party includes:
s1011: TTP selects three different large prime numbers q according to security parameter k1,q2And p, and calculating the public key N ═ q of the public key encryption algorithm maintaining the additive homomorphism1q2And g ═ 1+ N, and the corresponding private key (λ, μ);
s1012: TTP sets a bilinear pairwise mapping G1×G1→G2Wherein G is1And G2Is two p factorial cyclic groups, p is G1While the TTP sets three collision-resistant hash functions: h: {0,1}*→G1
Figure FDA0002341792250000021
Figure FDA0002341792250000022
S1013: TTP uniformly selects n random numbers
Figure FDA0002341792250000023
Wherein n is the number of smart meters in the designated residential area, and calculates a secret value
Figure FDA0002341792250000024
The calculation formula is as follows:
Figure FDA0002341792250000025
where k is the number of types of power consumption data, while the TTP calculates the common parameter
Figure FDA0002341792250000026
And common parameter β ═ ρπSecret parameter psi for ensuring data integrity verification1=h21)·π,ψ2=h22)·π,…,ψn=h2n)·πAnd randomly selecting a cyclic group G1V, a common element of (1);
s1014: TTP sends the private key gamma through a secure channel0Sends it to the control center CC and sends each private key gamma separately through a secure channeliTo the corresponding ith intelligent electric meter (SM)i) Where i is 1,2, …, n, the secret parameter ψ is transmitted over a secure channel12,…,ψnSending to the aggregation gateway AG, the TTP issues a system parameter Ω ═ N, G, e, G1,G2,ρ,H,h1,h2,ν,β)。
4. The smart grid-oriented non-interactive verifiable multi-type encrypted data aggregation method according to claim 3, characterized in that: in step S102, the specific initialization step of the control center CC includes:
s1021: in order to enable the smart meter to report multiple types of power consumption data to the CC simultaneously, the CC generates a set of coefficients { omega }12,…,ωkWhere k is the number of types of power consumption data, these coefficients need to satisfy the following constraints:
Figure FDA0002341792250000027
wherein, ω is1=1,α=2,3,…,k,ηjIs the upper limit value of the j-th power consumption data, CC is from G1To generate a set of common elements
Figure FDA0002341792250000028
S1022: to verify the integrity of the power consumption data, the CC is provided with a pseudo-random number generator
Figure FDA0002341792250000031
Wherein SKprgA set of keys representing prg, I represents the aggregation state sequence number, and then CC randomly selects a key skprg∈SKprgAnd shared secretly to the aggregation gateway AG.
5. The smart grid-oriented non-interactive verifiable multi-type encrypted data aggregation method according to claim 1, characterized in that: in step S2, for each i ═ 1,2, …, n, SMiEncrypting k types of power consumption data (m) using an additively homomorphic public key encryption algorithmi1,mi2,…,mik) And meanwhile, carrying out signature calculation on the ciphertext, wherein the detailed process comprises the following steps:
s201-1, 2, …, k, SM for each type αiEncrypt each kind of power consumption data mIs composed of
Figure FDA0002341792250000032
S202:SMiComputing linear homomorphic digital signatures
Figure FDA0002341792250000033
Wherein, attiRAID is SMiA residential zone identifier of where the residential zone is located;
S203:SMiwill { CT}1≤α≤kTo the corresponding aggregation gateway AG.
6. The smart grid-oriented non-interactive verifiable multi-type encrypted data aggregation method according to claim 5, characterized in that: in step S3, aggregation gateway AG receives all { CT } from n users}1≤α≤kAfter 1, 2.. times, n, the following steps are performed:
s301: the AG generates a random vector (τ) using a pseudo-random number generator prg12,...,τk-1)←prg(skprgNonce) and τk=h3(CT||nonce);
S302: for i 1, 2.., n, AG, a combined ciphertext is computed:
Figure FDA0002341792250000034
and set ξ ═ ξi}1≤i≤nThen, the AG computes for each user an aggregate signature:
Figure FDA0002341792250000035
and further computing an aggregate signature
Figure FDA0002341792250000036
S303: the AG calculates the aggregate ciphertext:
Figure FDA0002341792250000041
finally, the AG sends these aggregated information (ξ, σ, CT) to the control center CC.
7. The smart grid-oriented non-interactive verifiable multi-type encrypted data aggregation method according to claim 6, wherein in step S4, after the control center CC receives (ξ, σ, CT) from the AG, the CC performs data integrity verification and decrypts the aggregation ciphertext, specifically comprising the steps of:
s401: verify whether the following equation holds
Figure FDA0002341792250000042
S402: once the verification equation is established, the control center CC uses its private key γ0And (3) calculating:
Figure FDA0002341792250000043
order to
Figure FDA0002341792250000044
Then W is equal to gQmod N2According to the binomial expansion method, the following can be obtained: (1+ N)Q=1+NQ mod N2
Because W is gQmod N2=(1+N)Qmod N2The CC may recover the aggregated power data by the following method:
Figure FDA0002341792250000045
then, CC calculates the sum of each type { M } in all users' multi-type power usage data1,M2,...,MkTherein of
Figure FDA0002341792250000046
CN201911379075.4A 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid Pending CN111082920A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201911379075.4A CN111082920A (en) 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
CN202011387992.XA CN112636896B (en) 2019-12-27 2020-12-01 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911379075.4A CN111082920A (en) 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid

Publications (1)

Publication Number Publication Date
CN111082920A true CN111082920A (en) 2020-04-28

Family

ID=70318658

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201911379075.4A Pending CN111082920A (en) 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
CN202011387992.XA Active CN112636896B (en) 2019-12-27 2020-12-01 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN202011387992.XA Active CN112636896B (en) 2019-12-27 2020-12-01 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid

Country Status (1)

Country Link
CN (2) CN111082920A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366A (en) * 2020-05-13 2020-06-16 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111786978A (en) * 2020-06-22 2020-10-16 深圳市赛为智能股份有限公司 Electric power data aggregation acquisition method and device, computer equipment and storage medium
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
CN112637227A (en) * 2020-12-29 2021-04-09 浙江工商大学 Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid
CN112800459A (en) * 2021-01-26 2021-05-14 浙江工商大学 Intelligent power grid multidimensional multi-subset privacy protection data aggregation method based on block chain
CN113747425A (en) * 2021-11-04 2021-12-03 晨越建设项目管理集团股份有限公司 RFID label anonymous authentication and key agreement method based on smart city security system
WO2022116314A1 (en) * 2020-12-03 2022-06-09 深圳大学 Lightweight active cross-level verification method for smart grid

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115085940A (en) * 2022-07-25 2022-09-20 中国长江三峡集团有限公司 Private data aggregation method and system for smart power grid

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013189619A1 (en) * 2013-04-05 2013-12-27 Nec Europe Ltd. Method and system for modifying an authenticated and/or encrypted message
US20140310524A1 (en) * 2013-04-16 2014-10-16 Kabushiki Kaisha Toshiba Data management device, power usage calculation system, data management method, and computer program product
CN105488340A (en) * 2015-11-26 2016-04-13 国网智能电网研究院 High efficiency data aggregation method in smart power grid based on multidimensional data
CN105577356A (en) * 2015-12-17 2016-05-11 西安电子科技大学 Data collection method in smart power grid based on user privacy protection
CN107257342A (en) * 2017-06-23 2017-10-17 成都鼎智汇科技有限公司 A kind of data safety processing method based on cloud computing
US20190266343A1 (en) * 2018-02-28 2019-08-29 International Business Machines Corporation Protecting study participant data for aggregate analysis

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7215772B2 (en) * 1999-11-09 2007-05-08 Chaoticom, Inc. Method and apparatus for remote digital key generation
CN102122410A (en) * 2010-12-01 2011-07-13 河南省科学院应用物理研究所有限公司 Method and device for remotely recharging prepaid smart electricity meter indoors
CN102937663B (en) * 2011-08-16 2016-04-27 北京天中磊智能科技有限公司 The encapsulating structure of kernel module of intelligent electricity meter and method for packing
CN103490880B (en) * 2013-10-07 2016-04-13 西安电子科技大学 There is in intelligent grid electricity statistics and the charging method of secret protection
CN104767763B (en) * 2015-04-28 2017-10-24 湖北工业大学 The zone user electricity paradigmatic system and method for secret protection in a kind of intelligent grid
CN105844172B (en) * 2016-03-22 2018-12-14 湖北工业大学 A kind of more community's multidimensional user's electricity paradigmatic systems and method of secret protection
CN106845960B (en) * 2017-01-24 2018-03-20 上海壹账通区块链科技有限公司 Method for secure transactions and system based on block chain
CN107734054A (en) * 2017-11-06 2018-02-23 福州大学 Encryption data searching system in safe cloud storage
CN110650116B (en) * 2019-07-04 2021-08-31 浙江工商大学 Multi-type multi-dimensional data aggregation method for security smart power grid

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013189619A1 (en) * 2013-04-05 2013-12-27 Nec Europe Ltd. Method and system for modifying an authenticated and/or encrypted message
US20140310524A1 (en) * 2013-04-16 2014-10-16 Kabushiki Kaisha Toshiba Data management device, power usage calculation system, data management method, and computer program product
CN105488340A (en) * 2015-11-26 2016-04-13 国网智能电网研究院 High efficiency data aggregation method in smart power grid based on multidimensional data
CN105577356A (en) * 2015-12-17 2016-05-11 西安电子科技大学 Data collection method in smart power grid based on user privacy protection
CN107257342A (en) * 2017-06-23 2017-10-17 成都鼎智汇科技有限公司 A kind of data safety processing method based on cloud computing
US20190266343A1 (en) * 2018-02-28 2019-08-29 International Business Machines Corporation Protecting study participant data for aggregate analysis

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
YANG MING: "Efficient Privacy-Preserving Multi-Dimensional Data Aggregation Scheme in Smart Grid", 《IEEE ACCESS》 *
YUWEN CHEN: "A Homomorphic-Based Multiple Data Aggregation Scheme for Smart Grid", 《IEEE SENSORS JOURNAL》 *
周华: "智能电网中用户多维数据聚合研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366A (en) * 2020-05-13 2020-06-16 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111294366B (en) * 2020-05-13 2020-07-28 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111786978A (en) * 2020-06-22 2020-10-16 深圳市赛为智能股份有限公司 Electric power data aggregation acquisition method and device, computer equipment and storage medium
CN111786978B (en) * 2020-06-22 2022-10-28 深圳市赛为智能股份有限公司 Electric power data aggregation acquisition method and device, computer equipment and storage medium
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
WO2022116314A1 (en) * 2020-12-03 2022-06-09 深圳大学 Lightweight active cross-level verification method for smart grid
CN112637227A (en) * 2020-12-29 2021-04-09 浙江工商大学 Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid
CN112800459A (en) * 2021-01-26 2021-05-14 浙江工商大学 Intelligent power grid multidimensional multi-subset privacy protection data aggregation method based on block chain
CN113747425A (en) * 2021-11-04 2021-12-03 晨越建设项目管理集团股份有限公司 RFID label anonymous authentication and key agreement method based on smart city security system
CN113747425B (en) * 2021-11-04 2022-02-18 晨越建设项目管理集团股份有限公司 RFID label anonymous authentication and key agreement method based on smart city security system

Also Published As

Publication number Publication date
CN112636896B (en) 2022-01-18
CN112636896A (en) 2021-04-09

Similar Documents

Publication Publication Date Title
CN112636896B (en) Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
CN111294366B (en) Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
Saleem et al. FESDA: Fog-enabled secure data aggregation in smart grid IoT network
CN111131148B (en) Aggregation method and system capable of protecting privacy data and facing smart power grid
Liu et al. A lightweight authenticated communication scheme for smart grid
CN111541677B (en) Safe hybrid encryption method based on narrowband Internet of things
EP3345335B1 (en) Homomorphic based method and system for securely aggregating data
Badra et al. Lightweight and efficient privacy-preserving data aggregation approach for the smart grid
CN110536259A (en) A kind of lightweight secret protection data multilevel polymerization calculated based on mist
Li et al. PDA: a privacy‐preserving dual‐functional aggregation scheme for smart grid communications
Anzalchi et al. A survey on security assessment of metering infrastructure in smart grid systems
Ali et al. A lightweight privacy-aware iot-based metering scheme for smart industrial ecosystems
CN111385306B (en) Anonymous authentication method and system based on anti-tampering device in smart power grid
Saxena et al. Integrated distributed authentication protocol for smart grid communications
CN110308691B (en) Multidimensional data aggregation and access control method for ubiquitous power Internet of things
CN112202544B (en) Smart power grid data security aggregation method based on Paillier homomorphic encryption algorithm
Romdhane et al. At the cross roads of lattice-based and homomorphic encryption to secure data aggregation in smart grid
CN112291191A (en) Lightweight privacy protection multidimensional data aggregation method based on edge calculation
CN105812128A (en) Malicious data mining attack-resisting data aggregation system and method for smart grid
Gupta et al. Security for wireless sensor networks in military operations
Agarkar et al. LRSPPP: lightweight R-LWE-based secure and privacy-preserving scheme for prosumer side network in smart grid
Liu et al. Fault-tolerant privacy-preserving data aggregation for smart grid
Saxena et al. Secure and privacy-preserving concentration of metering data in AMI networks
CN115085940A (en) Private data aggregation method and system for smart power grid
Wang et al. Fully accountable data sharing for pay-as-you-go cloud scenes

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200428