CN111162894A - Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection - Google Patents

Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection Download PDF

Info

Publication number
CN111162894A
CN111162894A CN201911420366.3A CN201911420366A CN111162894A CN 111162894 A CN111162894 A CN 111162894A CN 201911420366 A CN201911420366 A CN 201911420366A CN 111162894 A CN111162894 A CN 111162894A
Authority
CN
China
Prior art keywords
medical data
data
ciphertext
aggregation
medical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911420366.3A
Other languages
Chinese (zh)
Other versions
CN111162894B (en
Inventor
张晓均
张经伟
李岚茜
周子玉
郑爽
黄超
赵芥
杨文井
刘婉怡
黄琴
郝云溥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Priority to CN201911420366.3A priority Critical patent/CN111162894B/en
Publication of CN111162894A publication Critical patent/CN111162894A/en
Application granted granted Critical
Publication of CN111162894B publication Critical patent/CN111162894B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/23Clustering techniques
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H50/00ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics
    • G16H50/70ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics for mining of medical data, e.g. analysing previous cases of other patients
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Abstract

The invention discloses a statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection, which is used for carrying out homomorphic aggregation operation on outsourcing encrypted medical data to a remote cloud server while effectively ensuring confidentiality and privacy of user sensitive data, so that a medical data analysis center can effectively verify the integrity and correctness of cloud server outsourcing homomorphic encrypted data aggregation. And the medical data analysis center can obtain statistical analysis results such as variance, mean value and the like of the original medical data of all corresponding users only by two times of decryption calculation, so that the calculation cost of the medical data analysis center is greatly reduced.

Description

Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection
Technical Field
The invention relates to the field of medical big data analysis and information security guarantee, in particular to a statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection.
Background
Development and change of emerging information communication technologies and information perception modes such as mobile internet, internet of things, cloud computing and robots profoundly change the traditional medical and health service mode. In the process, medical data is gradually released, intelligent medical treatment and accurate medical treatment brought by big data are started to cover more directions, and the method plays more important roles in the aspects of comparative effect research of clinical operation, clinical decision support systems, medical data transparency, remote patient monitoring, advanced analysis of patient files and the like. Meanwhile, with the application and development of emerging technologies such as regional medical treatment, mobile medical treatment and conversion medical treatment, the clinical detection data in electronic medical records, electronic health files, conversion genes and intensive care units, and even the data such as personal health state records sensed by wearable sensors are all increased explosively. Cloud storage and cloud computing technologies in a manner that alleviates the storage pressure of a sudden increase in medical data by virtue of their ease of access and lower cost. While cloud storage has these advantages, it also poses a new security threat to outsourced medical data for patients.
Meanwhile, the pressure of the big data is converted into the data advantage by carrying out big data analysis on the medical data, so that billions of accumulated medical data become standard medical decision bases which can be called at any time when a doctor diagnoses, and the method becomes an effective way for improving diagnosis and treatment efficiency, reducing avoidable personal errors and relieving the problem of uneven distribution of medical resources. However, most of the data of the health care data is usually in a ciphertext mode due to the sensitivity of the health care data. When ciphertext data is analyzed, the ciphertext data needs to be decrypted first and then analyzed due to the unavailability of the ciphertext, and in the case of larger data, it is impractical to sequentially decrypt the ciphertext data. How to analyze data in the case of ciphertext is a problem to be solved.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection, which effectively ensures the confidentiality and privacy of user sensitive data and simultaneously sends outsourcing encrypted medical data to a remote cloud server to perform homomorphic aggregation operation on the outsourcing encrypted medical data, so that a medical data analysis center can effectively verify the integrity and the correctness of the cloud server outsourcing homomorphic encrypted data aggregation, and can analyze the variance and the mean of the sensitive medical data by only two times of decryption, thereby greatly reducing the calculation overhead.
The purpose of the invention is realized by the following technical scheme:
the statistical analysis method for the outsourcing cloud storage medical data aggregation with privacy protection comprises the following steps:
s1: initializing a system:
the trusted center TA sets password security parameters related in the method, including bilinear pairings, elliptic curves and generating elements defined on the elliptic curves; meanwhile, the TA distributes a public key and a private key for the medical data analysis center, generates a public and private key pair for signing a medical data ciphertext for each medical user, and distributes the private key to the corresponding user through a secure channel;
s2: medical data encryption and signature uploading:
designing a homomorphic encryption algorithm, so that a user can encrypt sensitive medical data by using a public key of a medical data analysis center to generate a ciphertext; meanwhile, a homomorphic linear aggregation signature algorithm based on an elliptic curve is designed, and a corresponding digital signature is generated for the ciphertext of each sensitive medical data; finally, outsourcing and storing the sensitive medical data ciphertext and the digital signature of each user in a remote cloud server;
s3: homomorphic aggregation of encrypted medical data:
in the data aggregation stage, when a medical data analysis center needs to analyze a certain type of sensitive medical data, the medical data analysis center generates a random number which is used as challenge information and sent to a cloud server, and then the cloud server aggregates the signature data of the type of sensitive medical data by combining the challenge information to obtain a single signature aggregation value; meanwhile, the cloud server multiplies each ciphertext data by using the addition homomorphism and multiplication homomorphism characteristics of the encryption system to obtain a ciphertext aggregate value, and multiplies each ciphertext by a result obtained by executing bilinear pairing operation once per se to obtain another ciphertext aggregate value; finally, the cloud storage end sends the signature aggregation value and the aggregation ciphertext to the medical data analysis center;
s4: verification and homomorphic aggregated data decryption:
the signature verification algorithm based on the elliptic curve has the characteristic of batch verification, and the medical data analysis center can verify the integrity of data only through three times of bilinear pairing operation; then, decrypting the aggregated data to obtain the cumulative sum of all the medical data and the original square sum;
s5: medical statistical analysis:
the medical data analysis center obtains the variance and the mean value of the sensitive medical data through statistical analysis, so that the health condition of the user is analyzed.
In step S1, the specific initialization steps are as follows:
s101: in trustHeart TA sets bilinear pairings map e Ga×Ga→GbWherein G isaIs a cyclic group of n factorial method, G is GaA generator of (1), GbIs a bilinear pairwise mapped image set; selecting large prime p with equal length1And p2Satisfy n ═ p1p2(ii) a Get GaP of (a)1Generator of order subgroup
Figure BDA0002352219420000021
TA public key pk ═ (n, G)a,GbE, g, x), the private key p is bound via a secure channel1Sending the data to a medical data analysis center;
s102: is defined in a finite field FPThe elliptic curve E above, where p is a large prime number, and another bilinear pairwise mapping is set based on the elliptic curve:
Figure BDA0002352219420000022
where V is an elliptic curve-based q-order addition cycle group G1A generator of (2);
the number of users with certain type of medical data uploaded to the cloud server is set as N, and for the ith user, the trusted center generates a private key z for the ith useri∈ZqAnd calculates the public key Ui=ziV, setting two anti-collision hash functions H1:{0,1}*→G1
Figure BDA0002352219420000031
Trusted center TA disclosure { V, UiAnd pass the private key z through a secure channeliAnd sending the data to the corresponding user.
In step S2, when the ith user wants to upload medical data to the cloud server, first, the medical data is encrypted by using the public key and using a homomorphic encryption algorithm to generate a ciphertext; secondly, performing digital signature on the ciphertext data by using a private key according to the type of the medical data; finally, the ciphertext and the corresponding signature data are uploaded to a cloud server; the specific encryption and signature steps include:
s201: for message m needing encryptioniTo wantCalculating miThe maximum value T taken is less than p2Selecting a random number s ∈ ZnThen calculates the ciphertext
Figure BDA0002352219420000032
Wherein Enc is an improved BGN homomorphic encryption algorithm;
s202: calculating the digital signature sigma of the ciphertexti=(zi+H2(ci))H1(type), wherein type is a type of medical data;
s203: combining signature data and ciphertext data [ sigma ]i,ciSend them together to the cloud server.
In step S3, when a medical data analysis center needs to analyze a certain type of sensitive medical data, a random sequence { t ] containing l pseudo random numbers is generated by a pseudo random number generator1,t2,…,tl-2α, sending the medical data type and the random number as challenge information to the cloud server, and then the cloud server respectively aggregating the ciphertext data of N users on the type medical data, the signatures corresponding to the data and the public keys of the users, wherein the specific aggregation process comprises the following steps:
s301: the cloud server aggregates the N encrypted data by applying homomorphism addition property of the improved BGN algorithm:
Figure BDA0002352219420000033
s302: applying homomorphism multiplication property of improved BGN algorithm and operation property of bilinear pairs to each ciphertext Enc (m)i,si) Performing bilinear pairing operation and then aggregating:
Figure BDA0002352219420000034
Figure BDA0002352219420000041
s303: based on aggregated values and challenge information, cloudThe server calculates a new random number tl-1=H2(SC + α) and tl=H2(QSC + β) further based on a random sequence { t }1,t2,…,tl-2,tl-1,tlAggregating N signature data
Figure BDA0002352219420000042
Where j ═ i-1) mod +1, and calculating
Figure BDA0002352219420000043
And { σ12…σNWill correspond to the public key U1,U2…UNConducting polymerization
Figure BDA0002352219420000044
And finally, sending the { sigma, c, U, N, SC, QSC } to a medical data analysis center.
In step S4, after the medical data analysis center receives the aggregated data sent by the cloud server, the medical data analysis center performs data integrity verification and decrypts the aggregated ciphertext SC and the QSC, which specifically includes the following steps:
s401: calculating tl-1=H2(SC + α) and tl=H2(QSC + β), and then aggregating the random numbers
Figure BDA0002352219420000045
Where j ═ i-1) mod +1, it is verified whether the following equation holds:
Figure BDA0002352219420000046
s402: once the validation equation is established, the medical data analysis center adopts an improved Pollard lambda decryption method, namely, the plaintext m is limited to T, and a private key p is utilized1Performing conditional exhaustive brute force cracking, in the case of time complexity
Figure BDA0002352219420000047
Can effectively solve discrete logarithm
Figure BDA0002352219420000048
And then the sum of the medical data can be recovered
Figure BDA0002352219420000049
Also in time complexity
Figure BDA00023522194200000410
Can effectively solve discrete logarithm
Figure BDA00023522194200000411
The sum of squares of the medical data can be recovered
Figure BDA00023522194200000412
In step S5, the medical data analysis center performs analysis of variance on the medical data according to the statistical analysis method for the medical data:
Figure BDA00023522194200000413
and (3) mean value analysis:
Figure BDA00023522194200000414
the statistical analysis of outsourcing cloud storage medical data aggregation with privacy protection is achieved.
The invention has the beneficial effects that:
the invention provides a statistical analysis method for the aggregation of outsourcing cloud storage medical data with privacy protection. Meanwhile, a ciphertext aggregation method is constructed according to the addition homomorphism property and the multiplication homomorphism property of the improved BGN algorithm, so that the medical data analysis center can perform variance analysis and mean analysis on data only by decrypting twice. And most of calculation can be finished at the cloud end, so that the calculation pressure of the medical data analysis center is greatly reduced, and the calculation efficiency is improved. On the other hand, in order to realize verifiable functions, the method designs a signature verification method based on elliptic curves to ensure the integrity of medical data of the user. When the user uploads the ciphertext medical data to the cloud, the user needs to sign the ciphertext data and then upload the ciphertext data. When the medical data analysis center needs to verify the integrity of the medical data, the medical data analysis center executes a verification equation according to the signature value and the ciphertext aggregated by the cloud and the user public key, and whether the data is tampered, replaced and destroyed in the processing and transmission process can be judged only by three times of bilinear pairing operation. The method has good application prospect in the field of medical big data analysis and information security fusion.
The method can effectively ensure confidentiality and privacy of the user sensitive data, and simultaneously outsource encrypted medical data to the remote cloud server for homomorphic aggregation operation. Therefore, the medical data analysis center can effectively verify the integrity and the correctness of the cloud server outsourced homomorphic encrypted data aggregation, and the medical data analysis center can obtain statistical analysis results such as the variance and the mean of the original medical data of all corresponding users only by carrying out decryption calculation twice, so that the calculation overhead of the medical data analysis center is greatly reduced.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
The invention provides a technical scheme that: a statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection specifically comprises the following five steps: the method comprises the steps of system initialization, medical data encryption and signature uploading, homomorphic aggregation of encrypted medical data, verification and homomorphic aggregation data decryption, and medical statistical analysis.
A system initialization stage: the trust center TA sets the cryptographic security parameters involved in the inventive method, including bilinear pairings, elliptic curves, and generator elements defined on the elliptic curves. Meanwhile, the trusted center TA distributes a public key and a private key to the medical data analysis center, generates a public-private key pair for signing the medical data ciphertext for each medical user, and distributes the private key to the corresponding user through a secure channel.
Medical data encryption and signature uploading: the homomorphic encryption algorithm is designed in the method, so that a user can encrypt sensitive medical data by using a public key of a medical data analysis center to generate a ciphertext; meanwhile, the homomorphic linear aggregation signature algorithm based on the elliptic curve is designed in the method, and a corresponding digital signature is generated for the ciphertext of each sensitive medical data. And finally, outsourcing and storing the sensitive medical data ciphertext and the digital signature of each user in a remote cloud server.
Homomorphic aggregation of encrypted medical data: in the data aggregation stage, when the medical data analysis center needs to analyze a certain type of sensitive medical data, the medical data analysis center generates a random number which is used as challenge information and sent to the cloud server, and then the cloud server combines the challenge information to aggregate signature data of the type of sensitive medical data to obtain a single signature aggregation value. Meanwhile, the cloud server multiplies each ciphertext data by using the addition homomorphism and multiplication homomorphism characteristics of the encryption system to obtain a ciphertext aggregate value, and multiplies each ciphertext by a result obtained by executing bilinear pairing operation once per se to obtain another ciphertext aggregate value. And finally, the cloud storage end sends the signature aggregation value and the aggregation ciphertext to the medical data analysis center.
In the verification and data aggregation decryption stages, the elliptic curve-based signature verification algorithm designed by the invention has the characteristic of batch verification, and the medical data analysis center can verify the integrity of data only through three bilinear pairwise operations. And then decrypting the aggregated data to obtain the cumulative value and the original sum of squares of all the medical data, and further obtaining the variance and the mean of the sensitive medical data through statistical analysis by a medical data analysis center, thereby analyzing the health condition of the user.
Specifically, the steps of the invention are divided into five parts:
initializing a system: the trust center TA generates system public parameters for encryption and signature verification. Some of the secret parameters are then sent to the medical data analysis center, and the corresponding user. The specific initialization steps are as follows:
(1) trusted center TA sets bilinear pairings mapping e Ga×Ga→GbWherein G isaIs a cyclic group of n factorial method, G is GaA generator of (1), GbIs a bilinear pair mapped image set. Selecting large prime p with equal length1And p2Satisfy n ═ p1p2. Get GaP of (a)1Generator of order subgroup
Figure BDA0002352219420000061
TA public key pk ═ (n, G)a,GbE, g, x), the private key p is bound via a secure channel1And sending the data to a medical data analysis center.
(2) Is defined in a finite field FP(p is a large prime number) and sets another bilinear pairwise mapping based on the elliptic curve E:
Figure BDA0002352219420000062
where V is an elliptic curve-based q-order addition cycle group G1The generator of (1). The number of users with certain type of medical data uploaded to the cloud server is set as N, and for the ith user, the trusted center generates a private key z for the ith useri∈ZqAnd calculates the public key Ui=ziAnd V. Setting two collision-resistant hash functions H1:{0,1}*→G1
Figure BDA0002352219420000063
Trusted center (TA) publishes { V, UiAnd pass the private key z through a secure channeliAnd sending the data to the corresponding user.
Medical data encryption and signature uploading: when the ith user uploads medical data to the cloud server, the medical data is encrypted by using a homomorphic encryption algorithm by using the public key to generate a ciphertext. And secondly, digitally signing the ciphertext data by using a private key according to the category of the medical data. And finally, uploading the ciphertext and the corresponding signature data to a cloud server. The specific encryption and signature steps are as follows:
1. for message m needing encryptioniRequires miThe maximum value T taken is less than p2Selecting a random number s ∈ ZnThen calculates the ciphertext
Figure BDA0002352219420000064
Wherein Enc is a modified BGN homomorphic encryption algorithm.
2. Then, the digital signature sigma of the ciphertext is calculatedi=(zi+H2(ci))H1(type), wherein type is the type of medical data.
3. Finally, signature data and ciphertext data { sigmai,ciSend them together to the cloud server.
Homomorphic aggregation of encrypted medical data: when a medical data analysis center needs to analyze sensitive medical data of a certain type, a random sequence t containing l pseudo-random numbers is generated by a pseudo-random number generator1,t2,…,tl-2α, the medical data type and the random number are used as challenge information to be sent to the cloud server, then the cloud server carries out aggregation respectively according to the ciphertext data of N users on the type medical data, the signatures corresponding to the data and the public keys of the users, and the specific aggregation process is as follows:
(1) firstly, the cloud server uses the homomorphism addition property of the improved BGN algorithm to aggregate N encrypted data:
Figure BDA0002352219420000071
(2) and applying homomorphic multiplication property of the improved BGN algorithm and operating property of bilinear pairs to each ciphertext Enc (m)i,si) Performing bilinear pairing operation and then aggregating:
Figure BDA0002352219420000072
(3) based on the aggregated value and the challenge information, the cloud server calculates a new random number tl-1=H2(SC + α) and tl=H2(QSC + β) further based on a random sequence { t }1,t2,…,tl-2,tl-1,tlAggregating N signature data
Figure BDA0002352219420000073
Where j ═ i-1) mod +1, and calculating
Figure BDA0002352219420000074
And { σ12…σNWill correspond to the public key U1,U2…UNConducting polymerization
Figure BDA0002352219420000075
And finally, sending the { sigma, c, U, N, SC, QSC } to a medical data analysis center.
Authentication and aggregated data decryption: after the medical data analysis center receives the aggregated data sent by the cloud server, the medical data analysis center performs data integrity verification and decrypts the aggregated ciphertext SC and the QSC.
(1) First calculate tl-1=H2(SC + α) and tl=H2(QSC + β), and then aggregating the random numbers
Figure BDA0002352219420000081
Where j ═ i-1) mod +1, it was verified whether the following equation holds
Figure BDA0002352219420000082
(2) Once the validation equation is established, the medical data analysis center adopts an improved Pollard lambda decryption method, namely, the plaintext m is limited to T, and a private key p is utilized1Performing conditional exhaustive brute force cracking, in the case of time complexityIs composed of
Figure BDA0002352219420000083
Can effectively solve discrete logarithm
Figure BDA0002352219420000084
And then the sum of the medical data can be recovered
Figure BDA0002352219420000085
Also in time complexity
Figure BDA0002352219420000086
Can effectively solve discrete logarithm
Figure BDA0002352219420000087
The sum of squares of the medical data can be recovered
Figure BDA0002352219420000088
The code of the improved lambda decryption method of Pollard is as follows:
Figure BDA0002352219420000089
Figure BDA0002352219420000091
medical statistical analysis: finally, the medical data analysis center performs variance analysis on the medical data according to a medical data statistical analysis method:
Figure BDA0002352219420000092
and (3) mean value analysis:
Figure BDA0002352219420000093
therefore, the method provided by the invention realizes the statistical analysis of outsourcing cloud storage medical data aggregation with privacy protection.
And (3) correctness proof:
Figure BDA0002352219420000094
the invention provides a statistical analysis method for the aggregation of outsourcing cloud storage medical data with privacy protection. Meanwhile, a ciphertext aggregation method is constructed according to the addition homomorphism property and the multiplication homomorphism property of the improved BGN algorithm, so that the medical data analysis center can perform variance analysis and mean analysis on data only by decrypting twice. And most of calculation can be finished at the cloud end, so that the calculation pressure of the medical data analysis center is greatly reduced, and the calculation efficiency is improved. On the other hand, in order to realize verifiable functions, the method designs a signature verification method based on elliptic curves to ensure the integrity of medical data of the user. When the user uploads the ciphertext medical data to the cloud, the user needs to sign the ciphertext data and then upload the ciphertext data. When the medical data analysis center needs to verify the integrity of the medical data, the medical data analysis center executes a verification equation according to the signature value and the ciphertext aggregated by the cloud and the user public key, and whether the data is tampered, replaced and destroyed in the processing and transmission process can be judged only by three times of bilinear pairing operation. The method has good application prospect in the field of medical big data analysis and information security fusion.
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (6)

1. The statistical analysis method for the outsourcing cloud storage medical data aggregation with privacy protection is characterized by comprising the following steps:
s1: initializing a system:
the trusted center TA sets password security parameters related in the method, including bilinear pairings, elliptic curves and generating elements defined on the elliptic curves; meanwhile, the TA distributes a public key and a private key for the medical data analysis center, generates a public and private key pair for signing a medical data ciphertext for each medical user, and distributes the private key to the corresponding user through a secure channel;
s2: medical data encryption and signature uploading:
designing a homomorphic encryption algorithm, so that a user can encrypt sensitive medical data by using a public key of a medical data analysis center to generate a ciphertext; meanwhile, a homomorphic linear aggregation signature algorithm based on an elliptic curve is designed, and a corresponding digital signature is generated for the ciphertext of each sensitive medical data; finally, outsourcing and storing the sensitive medical data ciphertext and the digital signature of each user in a remote cloud server;
s3: homomorphic aggregation of encrypted medical data:
in the data aggregation stage, when a medical data analysis center needs to analyze a certain type of sensitive medical data, the medical data analysis center generates a random number which is used as challenge information and sent to a cloud server, and then the cloud server aggregates the signature data of the type of sensitive medical data by combining the challenge information to obtain a single signature aggregation value; meanwhile, the cloud server multiplies each ciphertext data by using the addition homomorphism and multiplication homomorphism characteristics of the encryption system to obtain a ciphertext aggregate value, and multiplies each ciphertext by a result obtained by executing bilinear pairing operation once per se to obtain another ciphertext aggregate value; finally, the cloud storage end sends the signature aggregation value and the aggregation ciphertext to the medical data analysis center;
s4: verification and homomorphic aggregated data decryption:
the signature verification algorithm based on the elliptic curve has the characteristic of batch verification, and the medical data analysis center can verify the integrity of data only through three times of bilinear pairing operation; then, decrypting the aggregated data to obtain the cumulative sum of all the medical data and the original square sum;
s5: medical statistical analysis:
the medical data analysis center obtains the variance and the mean value of the sensitive medical data through statistical analysis, so that the health condition of the user is analyzed.
2. The statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection according to claim 1, wherein the statistical analysis method comprises the following steps: in step S1, the specific initialization steps are as follows:
s101: trusted center TA sets bilinear pairings mapping e Ga×Ga→GbWherein G isaIs a cyclic group of n factorial method, G is GaA generator of (1), GbIs a bilinear pairwise mapped image set; selecting large prime p with equal length1And p2Satisfy n ═ p1p2(ii) a Get GaP of (a)1Generator of order subgroup
Figure FDA0002352219410000021
TA public key pk ═ (n, G)a,GbE, g, x), the private key p is bound via a secure channel1Sending the data to a medical data analysis center;
s102: is defined in a finite field FPThe elliptic curve E above, where p is a large prime number, and another bilinear pairwise mapping is set based on the elliptic curve:
Figure FDA0002352219410000022
G1×G1→G2where V is an elliptic curve-based q-order addition cycle group G1A generator of (2);
the number of users with certain type of medical data uploaded to the cloud server is set as N, and for the ith user, the trusted center generates a private key z for the ith useri∈ZqAnd calculates the public key Ui=ziV, setting two anti-collisionHash function of (H)1:{0,1}*→G1
Figure FDA0002352219410000023
Trusted center TA disclosure { V, UiAnd pass the private key z through a secure channeliAnd sending the data to the corresponding user.
3. The statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection according to claim 2, wherein the statistical analysis method comprises the following steps: in step S2, when the ith user wants to upload medical data to the cloud server, first, the medical data is encrypted by using the public key and using a homomorphic encryption algorithm to generate a ciphertext; secondly, performing digital signature on the ciphertext data by using a private key according to the type of the medical data; finally, the ciphertext and the corresponding signature data are uploaded to a cloud server; the specific encryption and signature steps include:
s201: for message m needing encryptioniRequires miThe maximum value T taken is less than p2Selecting a random number s ∈ ZnThen calculates the ciphertext
Figure FDA0002352219410000024
Wherein Enc is an improved BGN homomorphic encryption algorithm;
s202: calculating the digital signature sigma of the ciphertexti=(zi+H2(ci))H1(type), wherein type is a type of medical data;
s203: combining signature data and ciphertext data [ sigma ]i,ciSend them together to the cloud server.
4. The statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection according to claim 3, wherein the statistical analysis method comprises the following steps: in step S3, when a medical data analysis center needs to analyze a certain type of sensitive medical data, a random sequence { t ] containing l pseudo random numbers is generated by a pseudo random number generator1,t2,…,tl-2α, by combining the type of medical data with a random numberSending the challenge information to a cloud server; then the cloud server carries out aggregation respectively according to the ciphertext data of the N users on the type medical data, the signatures corresponding to the data and the public keys of the users; the specific polymerization process comprises the following steps:
s301: the cloud server aggregates the N encrypted data by applying homomorphism addition property of the improved BGN algorithm:
Figure FDA0002352219410000025
Figure FDA0002352219410000031
s302: applying homomorphism multiplication property of improved BGN algorithm and operation property of bilinear pairs to each ciphertext Enc (m)i,si) Performing bilinear pairing operation and then aggregating:
Figure FDA0002352219410000032
s303: based on the aggregated value and the challenge information, the cloud server calculates a new random number tl-1=H2(SC + α) and tl=H2(QSC + β) further based on a random sequence { t }1,t2,…,tl-2,tl-1,tlAggregating N signature data
Figure FDA0002352219410000033
Where j ═ i-1) mod +1, and calculating
Figure FDA0002352219410000034
And { σ12…σNWill correspond to the public key U1,U2…UNConducting polymerization
Figure FDA0002352219410000035
Finally, the { sigma, c, U, N, SC, QSC } is sent to the medical treatmentA data analysis center.
5. The statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection according to claim 1, wherein the statistical analysis method comprises the following steps: in step S4, after the medical data analysis center receives the aggregated data sent by the cloud server, the medical data analysis center performs data integrity verification and decrypts the aggregated ciphertext SC and the QSC, which specifically includes the following steps:
s401: calculating tl-1=H2(SC + α) and tl=H2(QSC + β), and then aggregating the random numbers
Figure FDA0002352219410000036
Where j ═ i-1) mod +1, it is verified whether the following equation holds:
Figure FDA0002352219410000037
s402: once the validation equation is established, the medical data analysis center adopts an improved Pollard lambda decryption method, namely, the plaintext m is limited to T, and a private key p is utilized1Performing conditional exhaustive brute force cracking, in the case of time complexity
Figure FDA0002352219410000038
Can effectively solve discrete logarithm
Figure FDA0002352219410000039
And then the sum of the medical data can be recovered
Figure FDA00023522194100000310
Also in time complexity
Figure FDA00023522194100000311
Can effectively solve discrete logarithm
Figure FDA00023522194100000312
The sum of squares of the medical data can be recovered
Figure FDA0002352219410000041
6. The statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection according to claim 5, wherein the statistical analysis method comprises the following steps: in step S5, the medical data analysis center performs analysis of variance on the medical data according to the statistical analysis method for the medical data:
Figure FDA0002352219410000042
and (3) mean value analysis:
Figure FDA0002352219410000043
CN201911420366.3A 2019-12-31 2019-12-31 Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection Active CN111162894B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911420366.3A CN111162894B (en) 2019-12-31 2019-12-31 Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911420366.3A CN111162894B (en) 2019-12-31 2019-12-31 Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection

Publications (2)

Publication Number Publication Date
CN111162894A true CN111162894A (en) 2020-05-15
CN111162894B CN111162894B (en) 2020-11-10

Family

ID=70560391

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911420366.3A Active CN111162894B (en) 2019-12-31 2019-12-31 Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection

Country Status (1)

Country Link
CN (1) CN111162894B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931249A (en) * 2020-09-22 2020-11-13 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112491529A (en) * 2020-11-12 2021-03-12 安徽工业大学 Data file encryption and integrity verification method and system used in untrusted server environment
CN113114451A (en) * 2021-03-04 2021-07-13 西安交通大学 Data statistical analysis method and system for enterprise cloud ERP system based on homomorphic encryption
CN115225357A (en) * 2022-07-12 2022-10-21 浙江工商大学 Verifiable privacy protection multi-subset data aggregation method

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023637A (en) * 2012-12-25 2013-04-03 电子科技大学 Encryption and search method for revocable keyword search public keys in cloud storage
CN104601586A (en) * 2015-01-29 2015-05-06 西安电子科技大学 Publicly verifiable outsourcing statistical method
CN104967517A (en) * 2015-07-24 2015-10-07 电子科技大学 Network data aggregation method for wireless sensor
CN107592311A (en) * 2017-09-18 2018-01-16 西南石油大学 Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network
CN109474610A (en) * 2018-12-07 2019-03-15 西南石油大学 The identifiable key exchange method of anonymity based on smart grid
CN109584978A (en) * 2018-10-26 2019-04-05 西安邮电大学 Based on signature Polymeric medical health monitoring network model information processing method and system
CN109714153A (en) * 2019-02-01 2019-05-03 铜陵学院 A kind of efficient aggregate signature method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023637A (en) * 2012-12-25 2013-04-03 电子科技大学 Encryption and search method for revocable keyword search public keys in cloud storage
CN104601586A (en) * 2015-01-29 2015-05-06 西安电子科技大学 Publicly verifiable outsourcing statistical method
CN104967517A (en) * 2015-07-24 2015-10-07 电子科技大学 Network data aggregation method for wireless sensor
CN107592311A (en) * 2017-09-18 2018-01-16 西南石油大学 Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network
CN109584978A (en) * 2018-10-26 2019-04-05 西安邮电大学 Based on signature Polymeric medical health monitoring network model information processing method and system
CN109474610A (en) * 2018-12-07 2019-03-15 西南石油大学 The identifiable key exchange method of anonymity based on smart grid
CN109714153A (en) * 2019-02-01 2019-05-03 铜陵学院 A kind of efficient aggregate signature method

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
ANEES ARA等: "A Secure Privacy-Preserving Data Aggregation Scheme Based on Bilinear ElGamal Cryptosystem for Remote Health Monitoring Systems", 《IEEE》 *
XIAOJUN ZHANG等: "CIPPPA: Conditional Identity Privacy-Preserving Public Auditing for Cloud-Based WBANs against Malicious Auditors", 《IEEE》 *
XIAOJUN ZHANG等: "DOPIV: Post-quantum Secure Identity-based Data Outsourcing with Public Integrity Verification in Cloud Storage", 《IEEE》 *
李文娟: "私有信息检索中若干关键技术的研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931249A (en) * 2020-09-22 2020-11-13 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism
CN111931249B (en) * 2020-09-22 2021-01-08 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism
CN111930688A (en) * 2020-09-23 2020-11-13 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112491529A (en) * 2020-11-12 2021-03-12 安徽工业大学 Data file encryption and integrity verification method and system used in untrusted server environment
CN113114451A (en) * 2021-03-04 2021-07-13 西安交通大学 Data statistical analysis method and system for enterprise cloud ERP system based on homomorphic encryption
CN115225357A (en) * 2022-07-12 2022-10-21 浙江工商大学 Verifiable privacy protection multi-subset data aggregation method
CN115225357B (en) * 2022-07-12 2023-09-01 浙江工商大学 Verifiable privacy protection multi-subset data aggregation method

Also Published As

Publication number Publication date
CN111162894B (en) 2020-11-10

Similar Documents

Publication Publication Date Title
CN111162894B (en) Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection
Wang et al. An efficient and privacy-preserving outsourced support vector machine training for internet of medical things
CN108737115B (en) Private attribute set intersection solving method with privacy protection
Zhou et al. ExpSOS: Secure and verifiable outsourcing of exponentiation operations for mobile cloud computing
Lee et al. Secure key management scheme based on ECC algorithm for patient's medical information in healthcare system
Ji et al. An efficient and certificateless conditional privacy-preserving authentication scheme for wireless body area networks big data services
Nagarajan et al. Secure data transmission in internet of medical things using RES-256 algorithm
Zhang et al. Identity-based proxy-oriented outsourcing with public auditing in cloud-based medical cyber–physical systems
CN111931249B (en) Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism
JP3794457B2 (en) Data encryption / decryption method
US20040086113A1 (en) Methods for point compression for jacobians of hyperelliptic curves
CN115987592A (en) Block chain-based mobile medical internet of things fine-grained access control method and system
CN109120606B (en) Method and device for processing characteristic attribute with privacy protection
Hahn et al. Trustworthy delegation toward securing mobile healthcare cyber-physical systems
CN111079178B (en) Method for desensitizing and backtracking trusted electronic medical record
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
Xu et al. Cryptoanalysis on a cloud-centric Internet-of-medical-things-enabled smart healthcare system
CN114697042A (en) Block chain-based Internet of things security data sharing proxy re-encryption method
CN113364595B (en) Power grid private data signature aggregation method and device and computer equipment
Aswathy et al. A design of lightweight ECC based cryptographic algorithm coupled with linear congruential method for resource constraint area in IoT
Kibiwott et al. Privacy Preservation for eHealth Big Data in Cloud Accessed Using Resource-Constrained Devices: Survey.
RU2533087C2 (en) Cryptography with parameterisation on elliptic curve
CN111797907B (en) Safe and efficient SVM privacy protection training and classification method for medical Internet of things
Li et al. An efficient and provably-secure certificateless proxy-signcryption scheme for electronic prescription system
Purnamasari et al. Secure data sharing scheme using identity-based encryption for e-health record

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant