CN112636896B - Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid - Google Patents

Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid Download PDF

Info

Publication number
CN112636896B
CN112636896B CN202011387992.XA CN202011387992A CN112636896B CN 112636896 B CN112636896 B CN 112636896B CN 202011387992 A CN202011387992 A CN 202011387992A CN 112636896 B CN112636896 B CN 112636896B
Authority
CN
China
Prior art keywords
data
aggregation
control center
ciphertext
grid control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011387992.XA
Other languages
Chinese (zh)
Other versions
CN112636896A (en
Inventor
黄超
张晓均
唐尧
龚捷
张经伟
郑爽
周子玉
付红
廖文才
郝云溥
赵芥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Publication of CN112636896A publication Critical patent/CN112636896A/en
Application granted granted Critical
Publication of CN112636896B publication Critical patent/CN112636896B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/06Energy or water supply
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • General Health & Medical Sciences (AREA)
  • Tourism & Hospitality (AREA)
  • Public Health (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Water Supply & Treatment (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Remote Monitoring And Control Of Power-Distribution Networks (AREA)

Abstract

The invention discloses a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid, which comprises four steps of system initialization, multi-type encrypted data reporting, encrypted data aggregation, verification and aggregated data decryption. The encryption technology with the addition homomorphic characteristic is integrated into an aggregation scheme, and a large amount of data ciphertexts are aggregated into a value by data aggregation through an aggregation gateway, so that the use amount of communication bandwidth can be greatly reduced. And finally, data decryption is carried out at the control center, and the control center can obtain the sum value of each type of data in the data of all users due to the fact that the used encryption algorithm has the characteristic of addition homomorphism. The method and the device have the advantages that the privacy and the integrity of the user data are ensured, meanwhile, the multi-type encrypted data of users in the same area are aggregated, and the data generated by the user intelligent electric meter can be analyzed in a deep and fine-grained manner. The invention designs the homomorphic encryption algorithm for keeping addition, and improves the redundancy and the safety of the system.

Description

Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
Technical Field
The invention relates to the field of smart power grids, in particular to a non-interactive verifiable multi-type encrypted data aggregation method for a smart power grid.
Background
Smart grids are considered as next generation grid systems due to their high adaptability, reliability and high efficiency, which make grid systems more efficient and reliable through the transmission of bidirectional power and communication data streams. Compared with a traditional power grid system, the smart power grid integrates advanced technologies in various fields, such as mobile communication, cloud computing and the like, and collects and processes electric energy data in real time. In addition, smart grids open the way to better utilize the power stations, enabling power consumers to better control their consumption costs, which would greatly improve the system architecture of traditional grids.
In a typical smart grid architecture, there is a device called a smart meter that has a processing chip and a non-volatile memory with limited space for performing operations on power data. The smart meter is generally installed in a smart home system of a household, monitors electricity data of the household, and periodically provides an electric energy service provider with an electric energy consumption report through a wireless or wired network communication infrastructure. In addition, the power service provider can feed back some important information to the smart meter so that they can interactively communicate in real time.
The smart grid provides many benefits to consumers of electric energy and service providers, thanks to the advantages of smart meters. But the various security threats involved in the smart grid are also becoming more serious, which may prevent its widespread deployment. In fact, the smart meter is installed near the house of the household and only limited protection is provided, any external adversary can destroy and control it by physical means. More seriously, the smart meter may be associated with personal sensitive information of the household, such as the household's power usage status and usage statistics, which are stored in the smart meter. Therefore, an external adversary can trace the daily life of a target household or infer an individual's electricity usage habits and activities through some big data analysis method. Meanwhile, more and more problems and faults occur in the current smart grid system because the information cannot be sent to a specific system component within a fixed and limited time due to the fact that the information transmission time delay is too long, and therefore the data processing efficiency is another very important problem in the smart grid.
Public key encryption and symmetric encryption technologies can be integrated into smart grids for protecting information security and user privacy. However, how to balance the privacy and the availability of data is also a problem to be solved, and since the data is changed into a ciphertext form after being encrypted by using an encryption technology, and part or even most of the availability of the data is lost, the problem is not only a problem of academic research, but also a technical bottleneck in the practical application of the smart grid. Meanwhile, the power usage data generally includes a plurality of types, such as voltage, current, power, displacement power factor, apparent power, and the like. Therefore, how to effectively aggregate multi-type data while protecting the privacy of user data is a popular research problem, and research on a data aggregation method with privacy protection characteristics becomes more and more important in information security research of a smart grid.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid, which can be used for aggregating multi-type encrypted data of users in the same area while ensuring the privacy and integrity of the user data, so that a smart grid control center can be used for deeply and finely analyzing the data generated by a smart meter of the user under the condition of protecting the privacy of the data.
The purpose of the invention is realized by the following technical scheme:
the non-interactive verifiable multi-type encrypted data aggregation method facing the smart grid comprises the following steps:
s1: system initialization, comprising the following substeps:
s101: the method comprises the steps that a trusted third party TTP generates system public parameters for aggregation and signature verification, and sends some secret parameters to a smart grid control center CC and a smart electric meter;
s102: the method comprises the steps that a smart grid Control Center (CC) generates a super-increment sequence which can be used for privacy protection data aggregation;
s2: multi-type encrypted data reporting:
the intelligent electric meter firstly encrypts the collected electric energy use data of multiple types by using a public key encryption algorithm keeping the addition homomorphism to obtain corresponding ciphertext; meanwhile, generating an authentication value for each ciphertext data by using a linear homomorphic digital signature algorithm; finally, the intelligent electric meter sends the encrypted electric energy use data of multiple types and corresponding authentication values to an aggregation gateway AG in the intelligent power grid;
s3: and (3) encryption data aggregation:
the method comprises the steps that a pseudo-random number generator and a shared secret key are shared by a smart grid Control Center (CC) and an Aggregation Gateway (AG), so that the aggregation gateway generates a random vector based on an aggregation state serial number, the Aggregation Gateway (AG) aggregates verification values of all types of data of each user by combining the random vector, and then the aggregation verification values of all users are further aggregated to obtain a single verification value; finally, the intelligent power grid control center CC can verify the integrity of the encrypted data of all the users by using the final verification value, meanwhile, the aggregation gateway AG multiplies the multi-type ciphertext data of all the users to obtain a single ciphertext aggregation value, and finally, the aggregation gateway AG sends the aggregation verification value and the aggregation ciphertext to the intelligent power grid control center CC;
s4: authentication and aggregated data decryption:
the intelligent power grid control center CC verifies the integrity of all user ciphertext data by using an auditing technology, and meanwhile, the intelligent power grid control center CC can decrypt the aggregation ciphertext by using an iterative algorithm to obtain a sum value of each type in all user multi-type electric energy use data.
In step S1, the system sets the password security parameters required in the following steps:
the TTP of a trusted third party selects security parameters of a public key encryption algorithm keeping addition homomorphism, sets bilinear pairwise password parameters and public and private keys of all communication entities, and distributes private keys of all communication entities through a security channel;
the method comprises the steps that a special super-increment sequence is constructed by a smart grid Control Center (CC), and the sequence can enable the control center to use an iterative algorithm to calculate the sum value of each type in multi-type electric energy use data of all users after receiving a polymerization ciphertext, so that any electric energy use data information of a single user cannot be recovered; meanwhile, the smart grid control center CC is also provided with a pseudo-random number generator, wherein a secret key of the pseudo-random number generator is stored in a secret manner by the aggregation gateway AG and the smart grid control center CC in the smart grid.
In step S101, the step of specifically initializing the TTP of the trusted third party includes:
s1011: TTP selects three different large prime numbers q according to security parameter k1,q2And p, and calculating the public key N ═ q of the public key encryption algorithm maintaining the additive homomorphism1q2And g ═ 1+ N, and the corresponding private key (λ, μ);
s1012: TTP sets a bilinear pairwise mapping G1×G1→G2Wherein G is1And G2Is two p factorial cyclic groups, p is G1While the TTP sets four collision-resistant hash functions: h: {0,1}*→G1
Figure BDA0002810320010000031
Figure BDA0002810320010000032
S1013: TTP uniformly selects n random numbers
Figure BDA0002810320010000033
Wherein n is the number of the intelligent electric meters in the designated residential area, and the private key is calculated
Figure BDA0002810320010000034
The calculation formula is as follows:
Figure BDA0002810320010000035
where k is the number of types of power consumption data, while the TTP calculates the common parameter
Figure BDA0002810320010000036
And the common parameter β ═ ρπSecret parameter psi for ensuring data integrity verification1=h21)·π,ψ2=h22)·π,…,ψn=h2n) π, and randomly selecting a cyclic group G1V, a common element of (1);
s1014: TTP sends the private key gamma through a secure channel0Sending to the smart grid control center CC and respectively sending each private key gamma through a secure channeliTo the corresponding ith intelligent electric meter (SM)i) Where i is 1,2, …, n, the secret parameter ψ is transmitted over a secure channel12,…,ψnSending to the aggregation gateway AG, the TTP issues a system parameter Ω ═ N, G, e, G1,G2,ρ,H,h1,h2V, β), where e is a bilinear pair.
In step S102, the specific initialization step of the smart grid control center CC includes:
s1021: in order to enable the smart meter to report multiple types of power consumption data to the CC at the same time, the CC generates a super-increment sequence, i.e. a set of coefficients { omega }12,…,ωkWhere k is the number of types of power consumption data, these coefficients need to beThe following constraints are satisfied:
Figure BDA0002810320010000041
wherein, ω is1=1,α=2,3,…,k,ηjIs the upper limit value of the j-th power consumption data, CC is from G1To generate a set of common elements
Figure BDA0002810320010000042
Wherein, yαFinger slave G1The common element generated in (1);
s1022: to verify the integrity of the power consumption data, the CC is provided with a pseudo-random number generator
Figure BDA0002810320010000043
Wherein SKprgA set of keys representing prg, I represents the aggregation state sequence number, and then CC randomly chooses a key skprg∈SKprgAnd shared secretly to the aggregation gateway AG.
In step S2, for each i ═ 1,2, …, n, SMiEncrypting k types of power consumption data (m) using an additively homomorphic public key encryption algorithmi1,mi2,…,mik) And meanwhile, carrying out signature calculation on the ciphertext, wherein the detailed process comprises the following steps:
s201: for each type α ═ 1,2, …, k, SMiEncrypt each kind of power consumption data mIs composed of
Figure BDA0002810320010000044
Wherein T is the current timestamp of the system;
S202:SMicomputing linear homomorphic digital signatures
Figure BDA0002810320010000045
Wherein, attiRAID is SMiA residential zone identifier of where the residential zone is located;
S203:SMiwill { CT}1≤α≤kSendingTo the corresponding aggregation gateway AG.
In step S3, aggregation gateway AG receives all { CT } from n users}1≤α≤kAfter 1, 2.. times, n, the following steps are performed:
s301: the AG generates a random vector (τ) using a pseudo-random number generator prg12,…,τk-1)←prg(skprgNonce) and τk=h3(CT||nonce);
S302: for i 1, 2.., n, AG, a combined ciphertext is computed:
Figure BDA0002810320010000046
and setting ξ ═ ξi}1≤i≤nThen, the AG computes for each user an aggregate signature:
Figure BDA0002810320010000047
and further calculate
Figure BDA0002810320010000048
S303: the AG calculates the aggregate ciphertext:
Figure 1
finally, the AG sends these aggregated information (ξ, σ, CT) to the smart grid control center CC.
In step S4, after the smart grid control center CC receives ξ, σ, CT from the AG, the CC performs data integrity verification and decrypts the aggregation ciphertext, which specifically includes the following steps:
s401: verify whether the following equation holds
Figure BDA0002810320010000052
S402: once the verification equation is established, the smart grid control center CC uses its private key γ0And (3) calculating:
Figure BDA0002810320010000053
order to
Figure BDA0002810320010000054
Then W is equal to gQ modN2According to the binomial expansion method, the following can be obtained: (1+ N)Q=1+NQ mod N2
Because W is gQ modN2=(1+N)Q modN2The CC may recover the aggregated power data by the following method:
Figure BDA0002810320010000055
then, CC calculates the sum of each type { M } in all users' multi-type power usage data1,M2,...,MkTherein of
Figure BDA0002810320010000056
The invention has the beneficial effects that:
(1) the invention designs the homomorphic encryption algorithm keeping addition, and allocates a private key meeting specific constraints to each intelligent ammeter and the control center, and the innovative design ensures that even if an external enemy or a malicious user exists in the system, the enemy cannot calculate the decryption private key of the control center and cannot decrypt aggregated data unless the enemy attacks all the intelligent ammeters, acquires the private key and steals a key value of the homomorphic encryption algorithm. The method provided by the invention improves the redundancy and the safety of the system.
(2) The encryption data aggregation method provided by the invention realizes the non-interactive verifiable functions of user data integrity and gateway data aggregation correctness: by utilizing the thought of data auditing in cloud storage, a homomorphic linear digital signature algorithm is used at the intelligent electric meter end to generate an authentication value for each type of data ciphertext of a user, and all the authentication values are aggregated by the aggregation gateway and sent to the control center. In the existing data aggregation scheme facing to the smart grid, the verification of data integrity must require that each smart meter and an aggregation gateway (or the aggregation gateway and a control center) perform multiple synchronous online interactive communications, and in the context of large user volume and large data volume of the smart grid, such synchronous high-frequency interaction is very inefficient, which will severely limit the system throughput and the processing performance of the control center. The invention adopts a data auditing mechanism, the aggregation gateway and the control center adopt a pseudo-random number generator, and a random vector value for data integrity challenge is generated based on a shared secret key.
(3) In the aspects of encrypted data aggregation and authentication value aggregation, firstly, the multi-type encrypted data of the same user in the same area and the corresponding authentication values are aggregated, and then, the multi-type encrypted data aggregation values of all the users in the same area and the corresponding aggregation authentication values are aggregated again.
Encryption techniques with addition homomorphism in cryptography can be integrated into an aggregation scheme and then data aggregation is performed through an aggregation gateway to aggregate a large amount of data ciphertexts into a value, which can greatly reduce the usage amount of communication bandwidth. And finally, data decryption is carried out at the control center, and the control center can obtain the sum value of each type of data in the data of all users due to the fact that the used encryption algorithm has the characteristic of addition homomorphism.
Therefore, the smart grid control center can carry out deep and fine-grained analysis on the data generated by the user smart electric meter under the condition of data privacy protection. Particularly, the smart grid control center only needs two constant bilinear pairings for operation time when verifying the integrity of the multi-type encrypted data, and the calculation efficiency is very high, so that the smart grid control center has a wide application prospect.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
The invention provides a technical scheme that: a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid comprises the following steps:
initializing a system: this phase consists of two steps. First, a Trusted Third Party (TTP) generates system public parameters for aggregation and signature verification. Some of the secret parameters are then sent to the Control Center (CC) and to the smart meter. Second, CC generates super-increment sequences that can be used for privacy preserving data aggregation.
TTP specific initialization step:
TTP selects three different large prime numbers q according to security parameter k1,q2And p, and calculating the public key N ═ q of the public key encryption algorithm maintaining the additive homomorphism1q2And g ═ 1+ N, and the corresponding private key (λ, μ).
TTP sets a bilinear pairwise mapping G1×G1→G2Wherein G is1And G2Is two p factorial cyclic groups, p is G1The generator of (1). Meanwhile, the TTP sets four collision-resistant hash functions: h: {0,1}*→G1
Figure BDA0002810320010000071
Figure BDA0002810320010000072
TTP Uniform selection of n randomNumber of
Figure BDA0002810320010000073
Wherein n is the number of the intelligent electric meters in the specified residential area. And calculates the private key
Figure BDA0002810320010000074
The calculation formula is as follows:
Figure BDA0002810320010000075
where k is the number of types of power consumption data. Simultaneous TTP calculation of common parameters
Figure BDA0002810320010000076
And the common parameter β ═ ρπSecret parameter psi for ensuring data integrity verification1=h21)·π,ψ2=h22)·π,…,ψn=h2n) π, and randomly selecting a cyclic group G1V, of (1).
TTP secure channel to secret key gamma0Sends it to the CC and sends each private key gamma separately over a secure channeliTo the corresponding ith intelligent electric meter (SM)i) Where i is 1,2, …, n, the secret parameter ψ is transmitted over a secure channel12,…,ψnAnd sending the message to the aggregation gateway. TTP distribution system parameter Ω ═ N, G, e, G1,G2,ρ,H,h1,h2,ν,β)。
Specifically initializing the CC:
1. in order to enable the smart meter to report various types of power consumption data to the CC at the same time. CC generates a super-increment sequence, i.e. a set of coefficients omega12,…,ωkWhere k is the number of types of power consumption data. These coefficients need to satisfy the following constraints:
Figure BDA0002810320010000077
wherein ω is1=1,α=2,3,…,k,ηjIs the upper limit value of the j-th power consumption data. CC from G1To generate a set of common elements
Figure BDA0002810320010000081
Wherein, yαFinger slave G1The generated common element.
2. To verify the integrity of the power consumption data, the CC is provided with a pseudo-random number generator
Figure BDA0002810320010000082
In which SKprgA set of keys representing prg, I represents the aggregation state sequence number, and then CC randomly chooses a key skprg∈SKprgAnd shared privately to the Aggregation Gateway (AG).
Multi-type encrypted data reporting: at this stage, for each i ═ 1,2, …, n, SMiEncrypting k types of power consumption data (m) using an additively homomorphic public key encryption algorithmi1,mi2,…,mik). And simultaneously, carrying out signature calculation on the ciphertext. The detailed process is as follows:
1. for each type α ═ 1,2, …, k, SMiEncrypt each kind of power consumption data mIs composed of
Figure BDA0002810320010000083
Wherein T is the current timestamp of the system.
2.SMiComputing linear homomorphic digital signatures
Figure BDA0002810320010000084
Wherein attiRAID is SMiA residential zone identifier of the residence.
3. Last SMiWill { CT}1≤α≤kTo the corresponding Aggregation Gateway (AG).
And (3) encryption data aggregation: at this stage, the Aggregation Gateway (AG) receives all { CT's from n users}1≤α≤kAfter 1, 2.. times, n, the following steps are performed:
AG generates a random vector (τ) using a pseudo-random number generator prg12,...,τk-1)←prg(skprgNonce) and τk=h3(CT||nonce)。
2. For i 1, 2.., n, AG, a combined ciphertext is computed:
Figure BDA0002810320010000085
and setting ξ ═ ξi}1≤i≤n. The AG then computes for each user an aggregate signature:
Figure BDA0002810320010000086
and further calculate
Figure BDA0002810320010000087
AG calculation of aggregate ciphertext:
Figure 2
finally, the AG sends these aggregated information (ξ, σ, CT) to the control center.
Authentication and aggregated data decryption: at this stage, after the Control Center (CC) receives (ξ, σ, CT) from the AG, the CC performs data integrity verification and decrypts the aggregated ciphertext:
1. verify whether the following equation holds
Figure BDA0002810320010000092
2. Once the verification equation is established, the smart grid control center CC uses its private key γ0And (3) calculating:
Figure BDA0002810320010000093
order to
Figure BDA0002810320010000094
Then W is equal to gQ modN2. According to a binomial expansion method, the following can be obtained: (1+ N)Q=1+NQ mod N2
Because W is gQ modN2=(1+N)Q modN2The CC may restore the aggregated power data by the following method:
Figure BDA0002810320010000095
then, CC calculates the sum of each type in all the users' multi-type electric energy use data by using algorithm 1
{M1,M2,...,MkTherein of
Figure BDA0002810320010000096
Algorithm 1 calculates the sum of the individual types in all user multi-type power usage data: mα,α=1,2,...,k
forα=k to 1do
Mα=(Q-Q modωα)/ωα
Q=Q-(Mα·ωα)
end for
return{M1,M2,...,Mk}
And (3) correctness proof:
Figure BDA0002810320010000101
for MkBecause:
Figure BDA0002810320010000102
thus, we can get:
Figure BDA0002810320010000103
using the same method, CC can be finally calculated using Algorithm 1 to obtain { M }1,M2,...,Mk}。
The invention provides a non-interactive verifiable multi-type encrypted data aggregation method facing a smart grid. After the intelligent electric meter encrypts the multi-type electric energy use data by adopting a public key encryption algorithm keeping the addition homomorphism, the aggregation gateway aggregates ciphertexts from a large number of users by utilizing the addition homomorphism, and finally obtains an aggregation value. The control center can finally decrypt the aggregation ciphertext through an iterative algorithm to obtain the sum value of each type of data in all the user original data, and the iterative algorithm is constructed based on the super-increment sequence adopted in the scheme. On the other hand, in order to realize verifiable functions while realizing data aggregation, the invention ensures the integrity of the electric energy use data of the user by using the idea of a data auditing mechanism in cloud storage. After the intelligent electric meter encrypts the multi-type data, a linear homomorphic digital signature algorithm is designed to generate an authentication value for each ciphertext, then the control center and the aggregation gateway share a secret key of a pseudo-random number generator, based on the shared secret key and an offline challenge serial number, the control center and the aggregation gateway generate a random vector, the aggregation gateway uses the random vector to aggregate a large number of authentication values of a user into a single random authentication value, and meanwhile, the control center can flexibly detect whether the aggregation gateway correctly executes aggregation operation. Meanwhile, the control center can also determine that the encrypted multi-type data is not subjected to any tampering, replacement or destruction in the processing and transmission processes.
In addition, the method of the invention also has the following innovative characteristics:
the homomorphic encryption algorithm capable of keeping addition distributes a private key meeting specific constraints for each intelligent ammeter and the control center, and the innovative design ensures that even if an external enemy or a malicious user exists in the system, the enemy cannot calculate the decryption private key of the control center and cannot decrypt aggregated data unless the enemy attacks all the intelligent ammeters, acquires the private key and steals a key value of the homomorphic encryption algorithm. The method provided by the invention improves the redundancy and the safety of the system.
The encryption data aggregation method provided by the invention realizes the non-interactive verifiable functions of user data integrity and gateway data aggregation correctness: by utilizing the thought of data auditing in cloud storage, a homomorphic linear digital signature algorithm is used at the intelligent electric meter end to generate an authentication value for each type of data ciphertext of a user, and all the authentication values are aggregated by the aggregation gateway and sent to the control center. In the existing data aggregation scheme facing to the smart grid, the verification of data integrity must require that each smart meter and an aggregation gateway (or the aggregation gateway and a control center) perform multiple synchronous online interactive communications, and in the context of large user volume and large data volume of the smart grid, such synchronous high-frequency interaction is very inefficient, which will severely limit the system throughput and the processing performance of the control center. The invention adopts a data auditing mechanism, the aggregation gateway and the control center adopt a pseudo-random number generator, and a random vector value for data integrity challenge is generated based on a shared secret key.
In addition, in the aspects of encrypted data aggregation and authentication value aggregation, the multi-type encrypted data of the same user in the same area and the corresponding authentication values are aggregated at first, and then the multi-type encrypted data aggregation values of all users in the same area and the corresponding aggregation authentication values are aggregated again. Therefore, the smart grid control center can carry out deep and fine-grained analysis on the data generated by the user smart electric meter under the condition of data privacy protection.
The method can enable the smart grid control center to carry out deep and fine-grained analysis on the data generated by the user smart electric meter under the condition of data privacy protection, thereby carrying out effective electric energy scheduling. Particularly, the smart grid control center only needs two constant bilinear pairings for operation time when verifying the integrity of the multi-type encrypted data, and the calculation efficiency is very high, so that the smart grid control center has a wide application prospect.
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (1)

1. The non-interactive verifiable multi-type encrypted data aggregation method facing the smart grid is characterized by comprising the following steps of:
s1: system initialization, comprising the following substeps:
s101: the method comprises the steps that a trusted third party TTP generates system public parameters for aggregation and signature verification, and sends some secret parameters to a smart grid control center CC and a smart electric meter;
s102: the method comprises the steps that a smart grid Control Center (CC) generates a super-increment sequence which can be used for privacy protection data aggregation;
in step S1, the system sets the password security parameters required in the following steps:
the TTP of a trusted third party selects security parameters of a public key encryption algorithm keeping addition homomorphism, sets bilinear pairwise password parameters and public and private keys of all communication entities, and distributes private keys of all communication entities through a security channel;
the method comprises the steps that a special super-increment sequence is constructed by a smart grid Control Center (CC), and the sequence can enable the control center to use an iterative algorithm to calculate the sum value of each type in multi-type electric energy use data of all users after receiving a polymerization ciphertext, so that any electric energy use data information of a single user cannot be recovered; meanwhile, the intelligent power grid control center CC is also provided with a pseudo-random number generator, wherein a secret key of the pseudo-random number generator is stored in a secret manner by a convergence gateway AG and the intelligent power grid control center CC in the intelligent power grid;
in step S101, the step of specifically initializing the TTP of the trusted third party includes:
s1011: TTP selects three different large prime numbers q according to security parameter k1,q2And p, and calculating the public key N ═ q of the public key encryption algorithm maintaining the additive homomorphism1q2And g ═ 1+ N, and the corresponding private key (λ, μ);
s1012: TTP sets a bilinear pairwise mapping G1×G1→G2Wherein G is1And G2Is two p factorial cyclic groups, p is G1While the TTP sets four collision-resistant hash functions: h: {0,1}*→G1
Figure FDA0003334116660000011
Figure FDA0003334116660000012
Wherein the content of the first and second substances,
Figure FDA0003334116660000013
representing the remaining group of classes modulo N,
Figure FDA0003334116660000014
represents a modulus N2The remaining groups of the group are,
Figure FDA0003334116660000015
representing modulo p rest class cycle groups;
s1013: TTP uniformly selects n random numbers
Figure FDA0003334116660000016
Wherein n is the number of the intelligent electric meters in the designated residential area, and the private key is calculated
Figure FDA0003334116660000017
The calculation formula is as follows:
Figure FDA0003334116660000018
where k is the number of types of power consumption data, while the TTP calculates the common parameter
Figure FDA0003334116660000019
And the common parameter β ═ ρπSecret parameter psi for ensuring data integrity verification1=h21)·π,ψ2=h22)·π,…,ψn=h2n) π, and randomly selecting a cyclic group G1V, a common element of (1);
s1014: TTP sends the private key gamma through a secure channel0Sending to the smart grid control center CC and respectively sending each private key gamma through a secure channeliTo the corresponding ith intelligent electric meter (SM)i) Where i is 1,2, …, n, the secret parameter ψ is transmitted over a secure channel12,…,ψnSending to the aggregation gateway AG, the TTP issues a system parameter Ω ═ N, G, e, G1,G2,ρ,H,h1,h2V, β), where e is a bilinear pair;
in step S102, the specific initialization step of the smart grid control center CC includes:
s1021: in order for the smart meter to simultaneously report various types of power consumption data to the CC,CC generates a super-increment sequence, i.e. a set of coefficients omega12,…,ωkWhere k is the number of types of power consumption data, these coefficients need to satisfy the following constraints:
Figure FDA0003334116660000021
wherein, ω is1=1,α=2,3,…,k,ηjIs the upper limit value of the j-th power consumption data, CC is from G1To generate a set of common elements
Figure FDA0003334116660000022
Wherein, yαFinger slave G1The common element generated in (1);
s1022: to verify the integrity of the power consumption data, the CC is provided with a pseudo-random number generator
Figure FDA0003334116660000023
Wherein SKprgA set of keys representing prg, I represents an aggregation state sequence number,
Figure FDA0003334116660000024
representing a vector of dimension k-1 modulo p, and then CC randomly selects a key skprg∈SKprgAnd is shared secretly to the aggregation gateway AG;
s2: multi-type encrypted data reporting:
the intelligent electric meter firstly encrypts the collected electric energy use data of multiple types by using a public key encryption algorithm keeping the addition homomorphism to obtain corresponding ciphertext; meanwhile, generating an authentication value for each ciphertext data by using a linear homomorphic digital signature algorithm; finally, the intelligent electric meter sends the encrypted electric energy use data of multiple types and corresponding authentication values to an aggregation gateway AG in the intelligent power grid;
in step S2, for each i ═ 1,2, …, n, SMiEncrypting k types of power consumption data (m) using an additively homomorphic public key encryption algorithmi1,mi2,…,mik) And meanwhile, carrying out signature calculation on the ciphertext, wherein the detailed process comprises the following steps:
s201: for each type α ═ 1,2, …, k, SMiEncrypt each kind of power consumption data mIs composed of
Figure FDA0003334116660000025
Wherein T is the current timestamp of the system;
S202:SMicomputing linear homomorphic digital signatures
Figure FDA0003334116660000026
Wherein, attiRAID is SMiA residential zone identifier of where the residential zone is located;
S203:SMiwill { CT}1≤α≤kSending the information to a corresponding aggregation gateway AG;
s3: and (3) encryption data aggregation:
the method comprises the steps that a pseudo-random number generator and a shared secret key are shared by a smart grid Control Center (CC) and an Aggregation Gateway (AG), so that the aggregation gateway generates a random vector based on an aggregation state serial number, the Aggregation Gateway (AG) aggregates verification values of all types of data of each user by combining the random vector, and then the aggregation verification values of all users are further aggregated to obtain a single verification value; the intelligent power grid control center CC can verify the integrity of the encrypted data of all the users by using the final verification value, meanwhile, the aggregation gateway AG multiplies the multi-type ciphertext data of all the users to obtain a single ciphertext aggregation value, and finally, the aggregation gateway AG sends the aggregation verification value and the aggregation ciphertext to the intelligent power grid control center CC;
in step S3, aggregation gateway AG receives all { CT } from n users}1≤α≤kAfter 1, 2.. times, n, the following steps are performed:
s301: the AG generates a random vector (τ) using a pseudo-random number generator prg12,...,τk-1)←prg(skprg,nonce) and τk=h3(CT||nonce);
S302: for i 1, 2.., n, AG, a combined ciphertext is computed:
Figure FDA0003334116660000031
and setting ξ ═ ξi}1≤i≤nThen, the AG computes for each user an aggregate signature:
Figure FDA0003334116660000032
wherein psiiIs a secret parameter and further calculates an aggregate signature
Figure FDA0003334116660000033
S303: the AG calculates the aggregate ciphertext:
Figure FDA0003334116660000034
finally, the AG sends the aggregated information (xi, sigma, CT) to a smart grid control center CC;
s4: authentication and aggregated data decryption:
the intelligent power grid control center CC verifies the integrity of all user ciphertext data by using an auditing technology, and meanwhile, the intelligent power grid control center CC can decrypt the aggregation ciphertext by using an iterative algorithm to obtain a sum value of each type in all user multi-type electric energy use data;
in step S4, after the smart grid control center CC receives ξ, σ, CT from the AG, the CC performs data integrity verification and decrypts the aggregation ciphertext, which specifically includes the following steps:
s401: verify whether the following equation holds
Figure FDA0003334116660000041
S402: once the validation equation is established, intelligenceEnergy grid control center CC uses its private key gamma0And (3) calculating:
Figure FDA0003334116660000042
order to
Figure FDA0003334116660000043
Then W is equal to gQ mod N2According to the binomial expansion method, the following can be obtained: (1+ N)Q=1+NQ mod N2
Because W is gQ mod N2=(1+N)Q mod N2The CC may recover the aggregated power data by the following method:
Figure FDA0003334116660000044
then, CC calculates the sum of each type { M } in all users' multi-type power usage data1,M2,...,MkTherein of
Figure FDA0003334116660000045
CN202011387992.XA 2019-12-27 2020-12-01 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid Active CN112636896B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911379075.4A CN111082920A (en) 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
CN2019113790754 2019-12-27

Publications (2)

Publication Number Publication Date
CN112636896A CN112636896A (en) 2021-04-09
CN112636896B true CN112636896B (en) 2022-01-18

Family

ID=70318658

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201911379075.4A Pending CN111082920A (en) 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
CN202011387992.XA Active CN112636896B (en) 2019-12-27 2020-12-01 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201911379075.4A Pending CN111082920A (en) 2019-12-27 2019-12-27 Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid

Country Status (1)

Country Link
CN (2) CN111082920A (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366B (en) * 2020-05-13 2020-07-28 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111786978B (en) * 2020-06-22 2022-10-28 深圳市赛为智能股份有限公司 Electric power data aggregation acquisition method and device, computer equipment and storage medium
CN111930688B (en) * 2020-09-23 2021-01-08 西南石油大学 Method and device for searching secret data of multi-keyword query in cloud server
CN112231770A (en) * 2020-11-03 2021-01-15 上海第二工业大学 Smart power grid data transmission method
CN112564918B (en) * 2020-12-03 2022-08-12 深圳大学 Lightweight active cross-layer authentication method in smart grid
CN112637227A (en) * 2020-12-29 2021-04-09 浙江工商大学 Multi-dimensional multi-subset differential attack resistant data aggregation method for smart power grid
CN112800459A (en) * 2021-01-26 2021-05-14 浙江工商大学 Intelligent power grid multidimensional multi-subset privacy protection data aggregation method based on block chain
CN113747425B (en) * 2021-11-04 2022-02-18 晨越建设项目管理集团股份有限公司 RFID label anonymous authentication and key agreement method based on smart city security system
CN115085940A (en) * 2022-07-25 2022-09-20 中国长江三峡集团有限公司 Private data aggregation method and system for smart power grid

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107734054A (en) * 2017-11-06 2018-02-23 福州大学 Encryption data searching system in safe cloud storage
CN110650116A (en) * 2019-07-04 2020-01-03 浙江工商大学 Multi-type multi-dimensional data aggregation method and system for security smart power grid

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7215772B2 (en) * 1999-11-09 2007-05-08 Chaoticom, Inc. Method and apparatus for remote digital key generation
CN102122410A (en) * 2010-12-01 2011-07-13 河南省科学院应用物理研究所有限公司 Method and device for remotely recharging prepaid smart electricity meter indoors
CN102937663B (en) * 2011-08-16 2016-04-27 北京天中磊智能科技有限公司 The encapsulating structure of kernel module of intelligent electricity meter and method for packing
WO2013189619A1 (en) * 2013-04-05 2013-12-27 Nec Europe Ltd. Method and system for modifying an authenticated and/or encrypted message
JP2014209677A (en) * 2013-04-16 2014-11-06 株式会社東芝 Data management device, power consumption calculation system, data management method, and data management program
CN103490880B (en) * 2013-10-07 2016-04-13 西安电子科技大学 There is in intelligent grid electricity statistics and the charging method of secret protection
CN104767763B (en) * 2015-04-28 2017-10-24 湖北工业大学 The zone user electricity paradigmatic system and method for secret protection in a kind of intelligent grid
CN105488340A (en) * 2015-11-26 2016-04-13 国网智能电网研究院 High efficiency data aggregation method in smart power grid based on multidimensional data
CN105577356B (en) * 2015-12-17 2019-04-23 西安电子科技大学 Based on method of data capture in the smart grid protected to privacy of user
CN105844172B (en) * 2016-03-22 2018-12-14 湖北工业大学 A kind of more community's multidimensional user's electricity paradigmatic systems and method of secret protection
CN106845960B (en) * 2017-01-24 2018-03-20 上海壹账通区块链科技有限公司 Method for secure transactions and system based on block chain
CN107257342A (en) * 2017-06-23 2017-10-17 成都鼎智汇科技有限公司 A kind of data safety processing method based on cloud computing
US11194922B2 (en) * 2018-02-28 2021-12-07 International Business Machines Corporation Protecting study participant data for aggregate analysis

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107734054A (en) * 2017-11-06 2018-02-23 福州大学 Encryption data searching system in safe cloud storage
CN110650116A (en) * 2019-07-04 2020-01-03 浙江工商大学 Multi-type multi-dimensional data aggregation method and system for security smart power grid

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
A homomorphic encryption-based privacy preserving data aggregation scheme for smart grid;Zhou Wei-jing;《2019 15th International Conference on Computational Intelligence and Security (CIS)》;20191201;全文 *

Also Published As

Publication number Publication date
CN112636896A (en) 2021-04-09
CN111082920A (en) 2020-04-28

Similar Documents

Publication Publication Date Title
CN112636896B (en) Non-interactive verifiable multi-type encrypted data aggregation method facing smart power grid
CN111294366B (en) Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
Saleem et al. FESDA: Fog-enabled secure data aggregation in smart grid IoT network
CN111131148B (en) Aggregation method and system capable of protecting privacy data and facing smart power grid
Liu et al. Enabling efficient and privacy-preserving aggregation communication and function query for fog computing-based smart grid
Liu et al. A lightweight authenticated communication scheme for smart grid
CN108683493B (en) Data aggregation method for providing privacy protection in smart power grid
Badra et al. Lightweight and efficient privacy-preserving data aggregation approach for the smart grid
EP3345335B1 (en) Homomorphic based method and system for securely aggregating data
Li et al. PDA: a privacy‐preserving dual‐functional aggregation scheme for smart grid communications
Anzalchi et al. A survey on security assessment of metering infrastructure in smart grid systems
CN111385306B (en) Anonymous authentication method and system based on anti-tampering device in smart power grid
Saxena et al. Integrated distributed authentication protocol for smart grid communications
CN112202544B (en) Smart power grid data security aggregation method based on Paillier homomorphic encryption algorithm
CN112291191A (en) Lightweight privacy protection multidimensional data aggregation method based on edge calculation
Romdhane et al. At the cross roads of lattice-based and homomorphic encryption to secure data aggregation in smart grid
Liu et al. Fault-tolerant privacy-preserving data aggregation for smart grid
CN115085940A (en) Private data aggregation method and system for smart power grid
Wang et al. Fully accountable data sharing for pay-as-you-go cloud scenes
CN109831305B (en) Anti-quantum computation signcryption method and system based on asymmetric key pool
Fu et al. A robust and privacy‐preserving aggregation scheme for secure smart grid communications in digital communities
Qu et al. Cryptanalysis of a privacy-preserving smart metering scheme using linkable anonymous credential
CN109495257A (en) A kind of data collector encryption method based on the improvement close SM2 Encryption Algorithm of state
CN113256886B (en) Smart grid power consumption statistics and charging system and method with privacy protection function
CN109787772B (en) Anti-quantum computation signcryption method and system based on symmetric key pool

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant