CN113783683B - Cloud platform privacy protection verifiable data aggregation method based on sensor network - Google Patents

Cloud platform privacy protection verifiable data aggregation method based on sensor network Download PDF

Info

Publication number
CN113783683B
CN113783683B CN202111335903.1A CN202111335903A CN113783683B CN 113783683 B CN113783683 B CN 113783683B CN 202111335903 A CN202111335903 A CN 202111335903A CN 113783683 B CN113783683 B CN 113783683B
Authority
CN
China
Prior art keywords
cloud platform
verifiable
platform server
ciphertext
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111335903.1A
Other languages
Chinese (zh)
Other versions
CN113783683A (en
Inventor
王宏毅
张述林
徐旭东
张珽
刘鸿霖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chen Yue Construction Project Management Group Ltd By Share Ltd
Original Assignee
Chen Yue Construction Project Management Group Ltd By Share Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chen Yue Construction Project Management Group Ltd By Share Ltd filed Critical Chen Yue Construction Project Management Group Ltd By Share Ltd
Priority to CN202111335903.1A priority Critical patent/CN113783683B/en
Publication of CN113783683A publication Critical patent/CN113783683A/en
Application granted granted Critical
Publication of CN113783683B publication Critical patent/CN113783683B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity

Abstract

The invention discloses a cloud platform privacy protection verifiable data aggregation method based on a sensor network, which comprises the following steps: s1, a key generation center generates public parameters and a private and public key pair of the key generation center; s2, the communication entities register with a key generation center, and the key generation center generates corresponding private keys and secret parameters for each communication entity; s3, the sensor terminal equipment encrypts the sensitive data to obtain ciphertext data and uploads verifiable encryption information; s4, the cloud platform server verifies the verifiable encryption information, and if the verification is passed, the verifiable encryption information is accepted; s5, the cloud platform server calculates the aggregation ciphertext of all verifiable encrypted information to generate verifiable aggregation ciphertext information, and uploads the verifiable aggregation ciphertext information; and S6, the project management data analysis center decrypts the verifiable aggregation ciphertext information to recover the original aggregation data. The confidentiality of any single mobile terminal data can be protected in the invention.

Description

Cloud platform privacy protection verifiable data aggregation method based on sensor network
Technical Field
The invention relates to the field of wireless sensor network environment and cloud platform data security and privacy protection, in particular to a cloud platform privacy protection verifiable data aggregation method based on a sensor network.
Background
The wireless sensor network mainly utilizes various types of sensor terminal equipment to collect and monitor various types of information in the network area environment in real time, and the information is sent to the aggregation node through the wireless network, so that the problem of information isolated island can be effectively solved. The wireless sensor network has very wide application prospect in many fields such as smart cities. Because the wireless sensor network has limited calculation and storage resources, how to reduce the waste of communication bandwidth and storage space, reduce the energy consumption of nodes, prolong the service life of the network, and ensure the communication service quality becomes a technical problem which needs to be solved urgently by the wireless sensor network. Data aggregation is an important technology for data processing of a wireless sensor network, and collected or received data are aggregated, so that repeated data are filtered when data from different sources are combined, and data redundancy is eliminated.
The cloud platform technology can be effectively integrated in a wireless sensor network environment to serve as a aggregation node, and storage and processing pressure brought by data sharp increase is relieved. Although cloud platform technology in a wireless sensor network environment presents obvious advantages for timely processing and storing of mass data, the data is vulnerable to various security threats, wherein confidentiality and integrity are the most concerned security threats.
Disclosure of Invention
The invention aims to overcome one or more defects in the prior art and provides a cloud platform privacy protection verifiable data aggregation method based on a sensor network.
The purpose of the invention is realized by the following technical scheme: a cloud platform privacy protection verifiable data aggregation method based on a sensor network is applied to a wireless sensor network, the wireless sensor network comprises sensor terminal equipment, a cloud platform server and an engineering management data analysis center, the sensor terminal equipment is in communication connection with the cloud platform server, the cloud platform server is in communication connection with the engineering management data analysis center, and the cloud platform privacy protection verifiable data aggregation method comprises the following steps:
s1, a key generation center generates public parameters and a private and public key pair of the key generation center;
s2, registering the communication entities with a key generation center, wherein after the registration is successful, the key generation center generates corresponding private keys and secret parameters for each communication entity and sends the private keys and the secret parameters to the corresponding communication entities, and each communication entity comprises a sensor terminal device, a cloud platform server and an engineering management data analysis center;
s3, encrypting the acquired sensitive data by the sensor terminal equipment to obtain ciphertext data, generating a first message authentication code corresponding to the ciphertext data, and uploading verifiable encryption information to the cloud platform server, wherein the verifiable encryption information comprises the ciphertext data and the first message authentication code;
s4, after receiving the verifiable encryption information, the cloud platform server verifies the verifiable encryption information, and if the verification is passed, the cloud platform server receives the verifiable encryption information;
s5, the cloud platform server calculates the aggregate ciphertext of all verifiable encrypted information received by the cloud platform server in a preset time period to obtain verifiable aggregate ciphertext information, generates a third message authentication code corresponding to the verifiable aggregate ciphertext information, and sends the verifiable aggregate ciphertext information to an engineering management data analysis center, wherein the verifiable aggregate ciphertext information comprises the aggregate ciphertext and the third message authentication code;
and S6, after receiving the verifiable aggregation ciphertext information, the engineering management data analysis center decrypts the verifiable aggregation ciphertext information, and brute force decryption is carried out on a decryption result to recover the original aggregation data.
Preferably, the S1 includes the following steps:
s11, randomly selecting two large prime numbers by a secret key generation center
Figure 238705DEST_PATH_IMAGE001
Is provided with
Figure 511772DEST_PATH_IMAGE002
Wherein
Figure 150564DEST_PATH_IMAGE003
And
Figure 109555DEST_PATH_IMAGE004
is two orders are both
Figure 517402DEST_PATH_IMAGE005
The group of multiplication cycles of (a) is,
Figure 684072DEST_PATH_IMAGE006
is a complex order bilinear pairwise mapping;
s12, randomly selecting multiplication cycle group by key generation center
Figure 46046DEST_PATH_IMAGE007
Generating element of
Figure 838421DEST_PATH_IMAGE008
And
Figure 585929DEST_PATH_IMAGE009
and computing multiplication cycle groups
Figure 939812DEST_PATH_IMAGE010
An element of
Figure 287617DEST_PATH_IMAGE011
S13, a prime order bilinear pairwise mapping is set in the key generation center
Figure 853989DEST_PATH_IMAGE012
Wherein
Figure 721582DEST_PATH_IMAGE013
Based on elliptic curves
Figure 479323DEST_PATH_IMAGE014
The cyclic group is added in a step-adding way,
Figure 69749DEST_PATH_IMAGE015
is generated by
Figure 938348DEST_PATH_IMAGE016
Figure 926027DEST_PATH_IMAGE017
Is that
Figure 356133DEST_PATH_IMAGE018
A group of order multiplication loops for each of the plurality of stages,
Figure 944109DEST_PATH_IMAGE019
is a large prime number;
s14, the key generation center
Figure 117864DEST_PATH_IMAGE020
Order finite field
Figure 428891DEST_PATH_IMAGE021
To select a non-zero random number
Figure 59592DEST_PATH_IMAGE022
As the master private key of the key generation center, and calculating the master public key of the key generation center
Figure 839592DEST_PATH_IMAGE023
S15, setting three secure hash functions in the key generation center
Figure 581151DEST_PATH_IMAGE024
Figure 215526DEST_PATH_IMAGE025
And
Figure 253015DEST_PATH_IMAGE026
wherein
Figure 550004DEST_PATH_IMAGE027
Key space for hash-based message authentication code HMACIn the middle of the furnace, the gas-liquid separation chamber,
Figure 592127DEST_PATH_IMAGE028
is a secure hash function
Figure 628478DEST_PATH_IMAGE029
The length of the bits of the output is,
Figure 335403DEST_PATH_IMAGE030
is a secure hash function
Figure 604841DEST_PATH_IMAGE031
The bit length of the output;
s16, outputting system public parameters by the key generation center
Figure 189669DEST_PATH_IMAGE033
And storing the master private key of the key generation center
Figure 844641DEST_PATH_IMAGE034
And a decryption key
Figure 489511DEST_PATH_IMAGE035
Preferably, the S2 includes the following steps:
s21, the sensor terminal equipment sends the real identity information to a key generation center, and if the real identity information of the sensor terminal equipment is illegal, the key generation center refuses to register the sensor terminal equipment; if the real identity information of the sensor terminal equipment is legal, the key generation center calculates a corresponding private key for the real identity information of the sensor terminal equipment
Figure 495513DEST_PATH_IMAGE036
Figure 336561DEST_PATH_IMAGE037
Is true identity information of the sensor terminal equipment, wherein
Figure 878663DEST_PATH_IMAGE038
For the total number of sensor terminals and for the slave set of sensor terminals
Figure 661812DEST_PATH_IMAGE039
In the method, a secret parameter is randomly selected
Figure 922154DEST_PATH_IMAGE040
And will be
Figure 820754DEST_PATH_IMAGE041
Sending the data to the sensor terminal equipment;
s22, the cloud platform server sends the real identity information to the key generation center, and if the real identity information of the cloud platform server is illegal, the key generation center refuses to register the key generation center; if the real identity information of the cloud platform server is legal, the key generation center calculates a corresponding private key for the cloud platform server
Figure 981476DEST_PATH_IMAGE042
And secret parameters
Figure 436991DEST_PATH_IMAGE043
And will be
Figure 417585DEST_PATH_IMAGE044
The information is sent to the cloud platform server,
Figure 147906DEST_PATH_IMAGE045
the real identity information of the cloud platform server;
s23, the engineering management data analysis center sends the real identity information to the key generation center, and if the real identity information of the engineering management data analysis center is illegal, the key generation center refuses to register the key generation center; if the real identity information of the cloud platform server is legal, the key generation center calculates a corresponding private key for the engineering management data analysis center
Figure 382709DEST_PATH_IMAGE046
Selecting
Figure 773239DEST_PATH_IMAGE047
As a decryption key of an engineering management data analysis center, and will
Figure 742595DEST_PATH_IMAGE048
Sending the data to an engineering management data analysis center,
Figure 509562DEST_PATH_IMAGE049
the real identity information of the engineering management data analysis center.
Preferably, the S3 includes the following steps:
s31, sensor terminal equipment slave set
Figure 615184DEST_PATH_IMAGE050
In the random number selection
Figure 927348DEST_PATH_IMAGE051
And calculating ciphertext data
Figure 882534DEST_PATH_IMAGE052
The method comprises the steps of representing sensitive data collected by sensor terminal equipment;
s32, the sensor terminal equipment calculates a first authentication session key negotiated with the cloud platform server
Figure 157920DEST_PATH_IMAGE053
S33, calculating ciphertext data by the sensor terminal equipment
Figure 882163DEST_PATH_IMAGE054
Based on the first message authentication code of the hash function
Figure 376946DEST_PATH_IMAGE055
Figure 320894DEST_PATH_IMAGE056
Wherein
Figure 164085DEST_PATH_IMAGE057
Is the current timestamp;
s34, the sensor terminal equipment verifies the verifiable encryption information
Figure 244299DEST_PATH_IMAGE058
And uploading to a cloud platform server.
Preferably, the S4 includes the following steps:
s41, the cloud platform server receives the verifiable encryption information
Figure 898265DEST_PATH_IMAGE059
Then, the time stamp is checked
Figure 828044DEST_PATH_IMAGE060
Validity of if time stamp
Figure 445232DEST_PATH_IMAGE061
If not, discarding the verifiable encryption information
Figure 144067DEST_PATH_IMAGE062
If the time stamp is
Figure 985246DEST_PATH_IMAGE063
If yes, go to S42;
s42, the cloud platform server calculates a second authentication session key negotiated with the sensor terminal equipment
Figure 621895DEST_PATH_IMAGE064
S43, the cloud platform server calculates ciphertext data
Figure 338047DEST_PATH_IMAGE065
Based on the second message authentication code of the hash function
Figure 861695DEST_PATH_IMAGE066
Figure 372310DEST_PATH_IMAGE067
And if and only if
Figure 484536DEST_PATH_IMAGE068
The cloud platform server receives the verifiable encryption information
Figure 240265DEST_PATH_IMAGE069
Preferably, the S5 includes the following steps:
s51, computing aggregation ciphertext by cloud platform server
Figure 648113DEST_PATH_IMAGE070
S52, the cloud platform server calculates a third authentication session key negotiated with the engineering management data analysis center
Figure 831095DEST_PATH_IMAGE071
S53, computing aggregation ciphertext by cloud platform server
Figure 957182DEST_PATH_IMAGE072
The third message authentication code based on the hash function
Figure 516602DEST_PATH_IMAGE073
Figure 264109DEST_PATH_IMAGE074
Figure 647686DEST_PATH_IMAGE075
Represents a time period;
s54, the cloud platform server gathers verifiable ciphertext information
Figure 965797DEST_PATH_IMAGE076
And sending the data to an engineering management data analysis center.
Preferably, the S6 includes the following steps:
s61, engineering management data divisionThe analysis center receives the verifiable aggregation ciphertext information
Figure 561864DEST_PATH_IMAGE077
Then, checking the time period
Figure 429457DEST_PATH_IMAGE078
Validity of (in terms of time period)
Figure 954241DEST_PATH_IMAGE078
If not, discarding the verifiable aggregated ciphertext information
Figure 258184DEST_PATH_IMAGE077
If the time period
Figure 718045DEST_PATH_IMAGE078
If yes, go to S62;
s62, the engineering management data analysis center calculates a fourth authentication session key negotiated with the cloud platform server
Figure 971303DEST_PATH_IMAGE079
S63, calculating an aggregation ciphertext by an engineering management data analysis center
Figure 165524DEST_PATH_IMAGE080
The fourth message authentication code based on the hash function
Figure 723807DEST_PATH_IMAGE081
Figure 661676DEST_PATH_IMAGE082
And if and only if
Figure 520173DEST_PATH_IMAGE083
And then the engineering management data analysis center receives the verifiable aggregated ciphertext information
Figure 42552DEST_PATH_IMAGE084
S64, the engineering management data analysis center uses the decryption key
Figure 852245DEST_PATH_IMAGE085
For the verifiable aggregate ciphertext information
Figure 344537DEST_PATH_IMAGE086
Decrypting to obtain the aggregated ciphertext
Figure 791961DEST_PATH_IMAGE087
Index value of (1)
Figure 954084DEST_PATH_IMAGE088
Figure 131032DEST_PATH_IMAGE089
Representing aggregate ciphertext
Figure 771223DEST_PATH_IMAGE090
And then recovering the original aggregated data according to exhaustive brute force cracking
Figure 994525DEST_PATH_IMAGE091
The invention has the beneficial effects that:
(1) in the method, the sensor terminal equipment encrypts sensitive data in engineering by adopting a homomorphic encryption technology, and sends verifiable ciphertext information to the cloud platform server, the cloud platform server aggregates the ciphertext data after receiving the data sent by all the sensor terminal equipment, aggregates a large amount of ciphertext data into a single aggregation value for transmission, and communication overhead of data transmission is greatly reduced;
(2) in the method, in the whole data transmission, aggregation and decryption process, only the statistical information of the data can be decrypted by the engineering management data analysis center, so that the confidentiality of any single mobile terminal data is protected;
(3) the method of the invention can ensure that in the whole life cycle of the terminal data, even if the decryption key for decrypting the aggregated data is accidentally leaked or destroyed, any external or internal adversary cannot acquire the original single plaintext information by decrypting the single mobile terminal data ciphertext.
Drawings
Fig. 1 is a flowchart of a verifiable data aggregation method for cloud platform privacy protection based on a sensor network according to the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
Referring to fig. 1, the embodiment provides a cloud platform privacy protection verifiable data aggregation method based on a sensor network:
as shown in fig. 1, the cloud platform privacy protection verifiable data aggregation method based on the sensor network is applied to a wireless sensor network, the wireless sensor network includes a sensor terminal device, a cloud platform server and an engineering management data analysis center, the sensor terminal device is in communication connection with the cloud platform server, and the cloud platform server is in communication connection with the engineering management data analysis center.
The cloud platform privacy protection verifiable data aggregation method comprises the following steps:
s1, a key generation center generates public parameters and a private and public key pair of the key generation center.
The S1 includes the steps of:
s11, randomly selecting two large prime numbers by a secret key generation center
Figure 655445DEST_PATH_IMAGE001
Is provided with
Figure 908571DEST_PATH_IMAGE002
Wherein
Figure 945929DEST_PATH_IMAGE003
And
Figure 836786DEST_PATH_IMAGE004
is two orders are both
Figure 934187DEST_PATH_IMAGE005
The group of multiplication cycles of (a) is,
Figure 674609DEST_PATH_IMAGE006
is a complex order bilinear pairwise mapping.
S12, randomly selecting multiplication cycle group by key generation center
Figure 250078DEST_PATH_IMAGE007
Generating element of
Figure 538320DEST_PATH_IMAGE008
And
Figure 587047DEST_PATH_IMAGE009
and computing multiplication cycle groups
Figure 316231DEST_PATH_IMAGE010
An element of
Figure 226550DEST_PATH_IMAGE011
S13, a prime order bilinear pairwise mapping is set in the key generation center
Figure 856114DEST_PATH_IMAGE012
Wherein
Figure 311628DEST_PATH_IMAGE013
Based on elliptic curves
Figure 42955DEST_PATH_IMAGE014
The cyclic group is added in a step-adding way,
Figure 475074DEST_PATH_IMAGE015
is generated by
Figure 726189DEST_PATH_IMAGE016
Figure 116719DEST_PATH_IMAGE017
Is that
Figure 335342DEST_PATH_IMAGE018
A group of order multiplication loops for each of the plurality of stages,
Figure 338195DEST_PATH_IMAGE019
is a large prime number.
S14, the key generation center
Figure 676772DEST_PATH_IMAGE020
Order finite field
Figure 977217DEST_PATH_IMAGE021
To select a non-zero random number
Figure 433869DEST_PATH_IMAGE022
As the master private key of the key generation center, and calculating the master public key of the key generation center
Figure 411052DEST_PATH_IMAGE023
S15, setting three secure hash functions in the key generation center
Figure 886027DEST_PATH_IMAGE024
Figure 385404DEST_PATH_IMAGE025
And
Figure 562307DEST_PATH_IMAGE026
wherein
Figure 906963DEST_PATH_IMAGE027
Key space for hash-based message authentication code HMACIn the middle of the furnace, the gas-liquid separation chamber,
Figure 236444DEST_PATH_IMAGE028
is a secure hash function
Figure 139678DEST_PATH_IMAGE029
The length of the bits of the output is,
Figure 39763DEST_PATH_IMAGE030
is a secure hash function
Figure 686645DEST_PATH_IMAGE031
The bit length of the output.
S16, outputting system public parameters by the key generation center
Figure 136212DEST_PATH_IMAGE033
And storing the master private key of the key generation center
Figure 723531DEST_PATH_IMAGE034
And a decryption key
Figure 343868DEST_PATH_IMAGE035
And S2, registering the communication entities with a key generation center, wherein the key generation center generates a corresponding private key and secret parameters for each communication entity after the registration is successful, and sends the private key and the secret parameters to the corresponding communication entities, and each communication entity comprises a sensor terminal device, a cloud platform server and an engineering management data analysis center.
The S2 includes the steps of:
s21, the sensor terminal equipment sends the real identity information to a key generation center, and if the real identity information of the sensor terminal equipment is illegal, the key generation center refuses to register the sensor terminal equipment; if the real identity information of the sensor terminal equipment is legal, the key generation center calculates a corresponding private key for the real identity information of the sensor terminal equipment
Figure 295906DEST_PATH_IMAGE036
Figure 599980DEST_PATH_IMAGE037
Is true identity information of the sensor terminal equipment, wherein
Figure 845016DEST_PATH_IMAGE038
For the total number of sensor terminals and for the slave set of sensor terminals
Figure 985273DEST_PATH_IMAGE039
In the method, a secret parameter is randomly selected
Figure 239537DEST_PATH_IMAGE040
And will be
Figure 883270DEST_PATH_IMAGE041
And sending the data to the sensor terminal equipment.
S22, the cloud platform server sends the real identity information to the key generation center, and if the real identity information of the cloud platform server is illegal, the key generation center refuses to register the key generation center; if the real identity information of the cloud platform server is legal, the key generation center calculates a corresponding private key for the cloud platform server
Figure 49940DEST_PATH_IMAGE042
And secret parameters
Figure 176028DEST_PATH_IMAGE043
And will be
Figure 469868DEST_PATH_IMAGE044
The information is sent to the cloud platform server,
Figure 466643DEST_PATH_IMAGE045
the real identity information of the cloud platform server.
S23, the engineering management data analysis center sends the real identity information to the key generation center, and if the real identity information of the engineering management data analysis center is illegalIf yes, the key generation center refuses to register for the key generation center; if the real identity information of the cloud platform server is legal, the key generation center calculates a corresponding private key for the engineering management data analysis center
Figure 335373DEST_PATH_IMAGE046
Selecting
Figure 172924DEST_PATH_IMAGE047
As a decryption key of an engineering management data analysis center, and will
Figure 768990DEST_PATH_IMAGE048
Sending the data to an engineering management data analysis center,
Figure 387316DEST_PATH_IMAGE049
the real identity information of the engineering management data analysis center.
And S3, the sensor terminal equipment encrypts the acquired sensitive data to obtain ciphertext data, generates a first message authentication code corresponding to the ciphertext data, and uploads verifiable encryption information to the cloud platform server, wherein the verifiable encryption information comprises the ciphertext data and the first message authentication code.
The S3 includes the steps of:
s31, sensor terminal equipment slave set
Figure 410635DEST_PATH_IMAGE050
In the random number selection
Figure 996469DEST_PATH_IMAGE051
And calculating ciphertext data
Figure 897691DEST_PATH_IMAGE052
And the data represents the sensitive data collected by the sensor terminal equipment.
S32, the sensor terminal equipment calculates a first authentication session key negotiated with the cloud platform server
Figure 869058DEST_PATH_IMAGE053
S33, calculating ciphertext data by the sensor terminal equipment
Figure 830323DEST_PATH_IMAGE054
Based on the first message authentication code of the hash function
Figure 887141DEST_PATH_IMAGE055
Figure 44584DEST_PATH_IMAGE056
Wherein
Figure 637501DEST_PATH_IMAGE057
Is the current timestamp.
S34, the sensor terminal equipment verifies the verifiable encryption information
Figure 2623DEST_PATH_IMAGE058
And uploading to a cloud platform server.
And S4, after receiving the verifiable encryption information, the cloud platform server verifies the verifiable encryption information, and if the verification is passed, the cloud platform server receives the verifiable encryption information.
The S4 includes the steps of:
s41, the cloud platform server receives the verifiable encryption information
Figure 579361DEST_PATH_IMAGE059
Then, the time stamp is checked
Figure 817792DEST_PATH_IMAGE060
Validity of if time stamp
Figure 763752DEST_PATH_IMAGE061
If not, discarding the verifiable encryption information
Figure 801240DEST_PATH_IMAGE062
If the time stamp is
Figure 98229DEST_PATH_IMAGE063
If valid, S42 is executed.
S42, the cloud platform server calculates a second authentication session key negotiated with the sensor terminal equipment
Figure 613786DEST_PATH_IMAGE064
S43, the cloud platform server calculates ciphertext data
Figure 164985DEST_PATH_IMAGE065
Based on the second message authentication code of the hash function
Figure 871909DEST_PATH_IMAGE066
Figure 892080DEST_PATH_IMAGE067
And if and only if
Figure 975443DEST_PATH_IMAGE068
The cloud platform server receives the verifiable encryption information
Figure 646727DEST_PATH_IMAGE069
And S5, the cloud platform server calculates the aggregate ciphertext of all verifiable encrypted information received by the cloud platform server in a preset time period to obtain verifiable aggregate ciphertext information, generates a third message authentication code corresponding to the verifiable aggregate ciphertext information, and sends the verifiable aggregate ciphertext information to the engineering management data analysis center, wherein the verifiable aggregate ciphertext information comprises the aggregate ciphertext and the third message authentication code.
The S5 includes the steps of:
s51, secret parameters used by cloud platform server
Figure 26018DEST_PATH_IMAGE092
Computing aggregate ciphertext
Figure 766441DEST_PATH_IMAGE070
S52, private key corresponding to cloud platform server
Figure 154959DEST_PATH_IMAGE093
Calculating a third authentication session key negotiated with the engineering management data analysis center
Figure 930017DEST_PATH_IMAGE071
S53, computing aggregation ciphertext by cloud platform server
Figure 717758DEST_PATH_IMAGE072
The third message authentication code based on the hash function
Figure 712521DEST_PATH_IMAGE073
Figure 137686DEST_PATH_IMAGE074
Figure 393349DEST_PATH_IMAGE075
Representing a time period.
S54, the cloud platform server gathers verifiable ciphertext information
Figure 380022DEST_PATH_IMAGE076
And sending the data to an engineering management data analysis center.
And S6, after receiving the verifiable aggregation ciphertext information, the engineering management data analysis center decrypts the verifiable aggregation ciphertext information, and brute force decryption is carried out on a decryption result to recover the original aggregation data.
The S6 includes the steps of:
s61, the project management data analysis center receives the verifiable aggregation ciphertext information
Figure 845770DEST_PATH_IMAGE077
Then, checking the time period
Figure 74626DEST_PATH_IMAGE078
Validity of (in terms of time period)
Figure 794582DEST_PATH_IMAGE078
If not, discarding the verifiable aggregated ciphertext information
Figure 935845DEST_PATH_IMAGE077
If the time period
Figure 403735DEST_PATH_IMAGE078
If valid, S62 is executed.
S62, the engineering management data analysis center utilizes the corresponding private key
Figure 406589DEST_PATH_IMAGE094
Calculating a fourth authentication session key negotiated with the cloud platform server
Figure 745166DEST_PATH_IMAGE079
S63, calculating an aggregation ciphertext by an engineering management data analysis center
Figure 69049DEST_PATH_IMAGE080
The fourth message authentication code based on the hash function
Figure 525700DEST_PATH_IMAGE081
Figure 96359DEST_PATH_IMAGE082
And if and only if
Figure 322066DEST_PATH_IMAGE083
And then the engineering management data analysis center receives the verifiable aggregated ciphertext information
Figure 54398DEST_PATH_IMAGE084
S64, the engineering management data analysis center uses the decryption key
Figure 732767DEST_PATH_IMAGE085
For the verifiable aggregate ciphertext information
Figure 592269DEST_PATH_IMAGE086
Decrypting to obtain the aggregated ciphertext
Figure 639860DEST_PATH_IMAGE087
Index value of (1)
Figure 310138DEST_PATH_IMAGE088
Figure 459491DEST_PATH_IMAGE089
Representing aggregate ciphertext
Figure 371952DEST_PATH_IMAGE090
And then recovering the original aggregated data according to exhaustive brute force cracking
Figure 306672DEST_PATH_IMAGE091
The correctness is deduced as follows:
in the stage of uploading the ciphertext data to the cloud platform server, the sensor terminal equipment calculates a first authentication session key
Figure 646387DEST_PATH_IMAGE095
(ii) a In the stage of verifying and aggregating the ciphertext data by the cloud platform server, the cloud platform server calculates a second authentication session key
Figure 22049DEST_PATH_IMAGE096
. As a result of this, it is possible to,
Figure 223354DEST_PATH_IMAGE097
therefore, each sensor terminal device and the cloud platform server negotiate the same authentication session key
Figure DEST_PATH_IMAGE098
Figure DEST_PATH_IMAGE100
. Therefore, the sensor terminal equipment and the cloud platform server can calculate the same message authentication code
Figure 638680DEST_PATH_IMAGE102
Figure 149295DEST_PATH_IMAGE103
Thereby ensuring the authentification and integrity of the transmitted ciphertext data.
Similarly, the cloud platform server and the engineering management data analysis center negotiate the same authentication session key
Figure 23973DEST_PATH_IMAGE104
. This is because
Figure 497811DEST_PATH_IMAGE105
Figure 171237DEST_PATH_IMAGE106
And, furthermore,
Figure 354219DEST_PATH_IMAGE107
in this way, the cloud platform server and the engineering management data analysis center can calculate the same message authentication code
Figure 480307DEST_PATH_IMAGE108
. Thereby ensuring the authentification and integrity of the transmission of the aggregated ciphertext data.
Decryption correctness is derived as follows:
when the engineering management data analysis center receives verifiable aggregation ciphertext information reported by the cloud platform server
Figure 520287DEST_PATH_IMAGE109
Thereafter, the engineering management data analysis center uses the decryption key
Figure 533374DEST_PATH_IMAGE110
Carry out decryption to obtain
Figure 385792DEST_PATH_IMAGE111
. Due to the fact that
Figure 969482DEST_PATH_IMAGE112
And
Figure 565549DEST_PATH_IMAGE113
the engineering management data analysis center calculates as follows:
Figure 698721DEST_PATH_IMAGE114
original aggregated data that can be recovered from exhaustive brute force cracking
Figure DEST_PATH_IMAGE115
Thereby, further data analysis of privacy protection can be performed.
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (1)

1. A cloud platform privacy protection verifiable data aggregation method based on a sensor network is applied to a wireless sensor network, the wireless sensor network comprises sensor terminal equipment, a cloud platform server and an engineering management data analysis center, the sensor terminal equipment is in communication connection with the cloud platform server, and the cloud platform server is in communication connection with the engineering management data analysis center, and the cloud platform privacy protection verifiable data aggregation method is characterized by comprising the following steps:
s1, a key generation center generates public parameters and a private and public key pair of the key generation center;
s2, registering the communication entities with a key generation center, wherein after the registration is successful, the key generation center generates corresponding private keys and secret parameters for each communication entity and sends the private keys and the secret parameters to the corresponding communication entities, and each communication entity comprises a sensor terminal device, a cloud platform server and an engineering management data analysis center;
s3, encrypting the acquired sensitive data by the sensor terminal equipment to obtain ciphertext data, generating a first message authentication code corresponding to the ciphertext data, and uploading verifiable encryption information to the cloud platform server, wherein the verifiable encryption information comprises the ciphertext data and the first message authentication code;
s4, after receiving the verifiable encryption information, the cloud platform server verifies the verifiable encryption information, and if the verification is passed, the cloud platform server receives the verifiable encryption information;
s5, the cloud platform server calculates the aggregate ciphertext of all verifiable encrypted information received by the cloud platform server in a preset time period to obtain verifiable aggregate ciphertext information, generates a third message authentication code corresponding to the verifiable aggregate ciphertext information, and sends the verifiable aggregate ciphertext information to an engineering management data analysis center, wherein the verifiable aggregate ciphertext information comprises the aggregate ciphertext and the third message authentication code;
s6, after receiving the verifiable aggregation ciphertext information, the engineering management data analysis center decrypts the verifiable aggregation ciphertext information, and brute force decryption is carried out on a decryption result to recover original aggregation data;
the S1 includes the steps of:
s11, randomly selecting two large prime numbers by a secret key generation center
Figure DEST_PATH_IMAGE001
Is provided with
Figure DEST_PATH_IMAGE002
Wherein
Figure DEST_PATH_IMAGE003
And
Figure DEST_PATH_IMAGE004
is two orders are both
Figure DEST_PATH_IMAGE005
The group of multiplication cycles of (a) is,
Figure DEST_PATH_IMAGE006
is a complex order bilinear pairwise mapping;
s12, randomly selecting multiplication cycle group by key generation center
Figure DEST_PATH_IMAGE007
Generating element of
Figure DEST_PATH_IMAGE008
And
Figure DEST_PATH_IMAGE009
and computing multiplication cycle groups
Figure DEST_PATH_IMAGE010
An element of
Figure DEST_PATH_IMAGE011
S13, a prime order bilinear pairwise mapping is set in the key generation center
Figure DEST_PATH_IMAGE012
Wherein
Figure DEST_PATH_IMAGE013
Based on elliptic curves
Figure DEST_PATH_IMAGE014
The cyclic group is added in a step-adding way,
Figure DEST_PATH_IMAGE015
is generated by
Figure DEST_PATH_IMAGE016
Figure DEST_PATH_IMAGE017
Is that
Figure DEST_PATH_IMAGE018
A group of order multiplication loops for each of the plurality of stages,
Figure DEST_PATH_IMAGE019
is a large prime number;
s14, the key generation center
Figure DEST_PATH_IMAGE020
Order finite field
Figure DEST_PATH_IMAGE021
To select a non-zero random number
Figure DEST_PATH_IMAGE022
As the master private key of the key generation center, and calculating the master public key of the key generation center
Figure DEST_PATH_IMAGE023
S15, setting three secure hash functions in the key generation center
Figure DEST_PATH_IMAGE024
Figure DEST_PATH_IMAGE025
And
Figure DEST_PATH_IMAGE026
wherein
Figure DEST_PATH_IMAGE027
The key space for the hash-based message authentication code HMAC,
Figure DEST_PATH_IMAGE028
is a secure hash function
Figure DEST_PATH_IMAGE029
The length of the bits of the output is,
Figure DEST_PATH_IMAGE030
is a secure hash function
Figure DEST_PATH_IMAGE031
The bit length of the output;
s16, outputting system public parameters by the key generation center
Figure DEST_PATH_IMAGE033
And storing the master private key of the key generation center
Figure DEST_PATH_IMAGE034
And a decryption key
Figure DEST_PATH_IMAGE035
The S2 includes the steps of:
s21, the sensor terminal equipment sends the real identity information to a key generation center, and if the real identity information of the sensor terminal equipment is illegal, the key generation center refuses to register the sensor terminal equipment; if the real identity information of the sensor terminal equipment is legal, the key generation center calculates a corresponding private key for the real identity information of the sensor terminal equipment
Figure DEST_PATH_IMAGE036
Figure DEST_PATH_IMAGE037
Is true identity information of the sensor terminal equipment, wherein
Figure DEST_PATH_IMAGE038
For the total number of sensor terminals and for the slave set of sensor terminals
Figure DEST_PATH_IMAGE039
In the method, a secret parameter is randomly selected
Figure DEST_PATH_IMAGE040
And will be
Figure DEST_PATH_IMAGE041
Sending the data to the sensor terminal equipment;
s22, the cloud platform server sends the real identity information to the key generation center, and if the real identity information of the cloud platform server is illegal, the key generation center refuses to register the key generation center; if the real identity information of the cloud platform server is legal, the key generation center calculates a corresponding private key for the cloud platform server
Figure DEST_PATH_IMAGE042
And secret parameters
Figure DEST_PATH_IMAGE043
And will be
Figure DEST_PATH_IMAGE044
The information is sent to the cloud platform server,
Figure DEST_PATH_IMAGE045
the real identity information of the cloud platform server;
s23. engineering management dataThe analysis center sends the real identity information to the key generation center, and if the real identity information of the engineering management data analysis center is illegal, the key generation center refuses to register the engineering management data analysis center; if the real identity information of the cloud platform server is legal, the key generation center calculates a corresponding private key for the engineering management data analysis center
Figure DEST_PATH_IMAGE046
Selecting
Figure DEST_PATH_IMAGE047
As a decryption key of an engineering management data analysis center, and will
Figure DEST_PATH_IMAGE048
Sending the data to an engineering management data analysis center,
Figure DEST_PATH_IMAGE049
the real identity information of the engineering management data analysis center;
the S3 includes the steps of:
s31, sensor terminal equipment slave set
Figure DEST_PATH_IMAGE050
In the random number selection
Figure DEST_PATH_IMAGE051
And calculating ciphertext data
Figure DEST_PATH_IMAGE052
The method comprises the steps of representing sensitive data collected by sensor terminal equipment;
s32, the sensor terminal equipment calculates a first authentication session key negotiated with the cloud platform server
Figure DEST_PATH_IMAGE053
S33, calculating ciphertext data by the sensor terminal equipment
Figure DEST_PATH_IMAGE054
Based on the first message authentication code of the hash function
Figure DEST_PATH_IMAGE055
Figure DEST_PATH_IMAGE056
Wherein
Figure DEST_PATH_IMAGE057
Is the current timestamp;
s34, the sensor terminal equipment verifies the verifiable encryption information
Figure DEST_PATH_IMAGE058
Uploading to a cloud platform server;
the S4 includes the steps of:
s41, the cloud platform server receives the verifiable encryption information
Figure DEST_PATH_IMAGE059
Then, the time stamp is checked
Figure DEST_PATH_IMAGE060
Validity of if time stamp
Figure DEST_PATH_IMAGE061
If not, discarding the verifiable encryption information
Figure DEST_PATH_IMAGE062
If the time stamp is
Figure DEST_PATH_IMAGE063
If yes, go to S42;
s42, the cloud platform server calculates a second authentication session key negotiated with the sensor terminal equipment
Figure DEST_PATH_IMAGE064
S43, the cloud platform server calculates ciphertext data
Figure DEST_PATH_IMAGE065
Based on the second message authentication code of the hash function
Figure DEST_PATH_IMAGE066
Figure DEST_PATH_IMAGE067
And if and only if
Figure DEST_PATH_IMAGE068
The cloud platform server receives the verifiable encryption information
Figure DEST_PATH_IMAGE069
The S5 includes the steps of:
s51, computing aggregation ciphertext by cloud platform server
Figure DEST_PATH_IMAGE070
S52, the cloud platform server calculates a third authentication session key negotiated with the engineering management data analysis center
Figure DEST_PATH_IMAGE071
S53, computing aggregation ciphertext by cloud platform server
Figure DEST_PATH_IMAGE072
The third message authentication code based on the hash function
Figure DEST_PATH_IMAGE073
Figure DEST_PATH_IMAGE074
Figure DEST_PATH_IMAGE075
Represents a time period;
s54, the cloud platform server gathers verifiable ciphertext information
Figure DEST_PATH_IMAGE076
Sending the data to an engineering management data analysis center;
the S6 includes the steps of:
s61, the project management data analysis center receives the verifiable aggregation ciphertext information
Figure DEST_PATH_IMAGE077
Then, checking the time period
Figure DEST_PATH_IMAGE078
Validity of (in terms of time period)
Figure 878689DEST_PATH_IMAGE078
If not, discarding the verifiable aggregated ciphertext information
Figure 140037DEST_PATH_IMAGE077
If the time period
Figure 637883DEST_PATH_IMAGE078
If yes, go to S62;
s62, the engineering management data analysis center calculates a fourth authentication session key negotiated with the cloud platform server
Figure DEST_PATH_IMAGE079
S63, calculating an aggregation ciphertext by an engineering management data analysis center
Figure DEST_PATH_IMAGE080
Based on the Chinese character' haoFourth message authentication code for the Highett function
Figure DEST_PATH_IMAGE081
Figure DEST_PATH_IMAGE082
And if and only if
Figure DEST_PATH_IMAGE083
And then the engineering management data analysis center receives the verifiable aggregated ciphertext information
Figure DEST_PATH_IMAGE084
S64, the engineering management data analysis center uses the decryption key
Figure DEST_PATH_IMAGE085
For the verifiable aggregate ciphertext information
Figure DEST_PATH_IMAGE086
Decrypting to obtain the aggregated ciphertext
Figure DEST_PATH_IMAGE087
Index value of (1)
Figure DEST_PATH_IMAGE088
Figure DEST_PATH_IMAGE089
Representing aggregate ciphertext
Figure DEST_PATH_IMAGE090
And then recovering the original aggregated data according to exhaustive brute force cracking
Figure DEST_PATH_IMAGE091
CN202111335903.1A 2021-11-12 2021-11-12 Cloud platform privacy protection verifiable data aggregation method based on sensor network Active CN113783683B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111335903.1A CN113783683B (en) 2021-11-12 2021-11-12 Cloud platform privacy protection verifiable data aggregation method based on sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111335903.1A CN113783683B (en) 2021-11-12 2021-11-12 Cloud platform privacy protection verifiable data aggregation method based on sensor network

Publications (2)

Publication Number Publication Date
CN113783683A CN113783683A (en) 2021-12-10
CN113783683B true CN113783683B (en) 2022-03-08

Family

ID=78957060

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111335903.1A Active CN113783683B (en) 2021-11-12 2021-11-12 Cloud platform privacy protection verifiable data aggregation method based on sensor network

Country Status (1)

Country Link
CN (1) CN113783683B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114422107B (en) * 2022-03-31 2022-06-17 四川高速公路建设开发集团有限公司 Fault-tolerant ciphertext data aggregation method based on intelligent engineering construction system platform
CN115085945B (en) * 2022-08-22 2022-11-29 北京科技大学 Authentication method and device for intelligent lamp pole equipment
CN115766263A (en) * 2022-11-25 2023-03-07 深圳泓川科技有限公司 Multi-dimensional power data privacy protection aggregation method and system based on cloud and mist calculation

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9141779B2 (en) * 2011-05-19 2015-09-22 Microsoft Technology Licensing, Llc Usable security of online password management with sensor-based authentication
JP6425984B2 (en) * 2014-07-07 2018-11-21 ベドロック・オートメーション・プラットフォームズ・インコーポレーテッド Industrial control system redundant communication / control module authentication
CN109474928B (en) * 2018-11-07 2020-06-16 电子科技大学 Truth value discovery method for realizing efficient privacy protection in mobile crowd sensing system
CN111294366B (en) * 2020-05-13 2020-07-28 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN112202544B (en) * 2020-10-12 2022-06-21 南京邮电大学 Smart power grid data security aggregation method based on Paillier homomorphic encryption algorithm
CN113162751B (en) * 2021-04-25 2023-06-20 重庆都会信息科技有限公司 Encryption method and system with homomorphism and readable storage medium

Also Published As

Publication number Publication date
CN113783683A (en) 2021-12-10

Similar Documents

Publication Publication Date Title
Wang et al. Privacy-preserving cloud-based road condition monitoring with source authentication in VANETs
CN111294366B (en) Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
Wang et al. Fault-tolerant multisubset aggregation scheme for smart grid
CN111372243B (en) Security distributed aggregation and access system and method based on fog alliance chain
CN111131148B (en) Aggregation method and system capable of protecting privacy data and facing smart power grid
CN109584978B (en) Information processing method and system based on signature aggregation medical health monitoring network model
CN113783683B (en) Cloud platform privacy protection verifiable data aggregation method based on sensor network
US8670563B2 (en) System and method for designing secure client-server communication protocols based on certificateless public key infrastructure
Tseng et al. A chaotic maps-based key agreement protocol that preserves user anonymity
US11870891B2 (en) Certificateless public key encryption using pairings
CN112202544B (en) Smart power grid data security aggregation method based on Paillier homomorphic encryption algorithm
CN111931249B (en) Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism
CN105812128A (en) Malicious data mining attack-resisting data aggregation system and method for smart grid
CN111769937A (en) Two-party authentication key agreement protocol oriented to advanced measurement system of smart grid
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
CN113312608A (en) Electric power metering terminal identity authentication method and system based on timestamp
Kodumru et al. Secure data storage in cloud using cryptographic algorithms
Saxena et al. A Lightweight and Efficient Scheme for e-Health Care System using Blockchain Technology
Chander The state-of-the-art cryptography techniques for secure data transmission
CN112035820A (en) Data analysis method used in Kerberos encryption environment
CN101552667A (en) Method for synchronously realizing encryption and authentication
CN115296809B (en) Data transmission method of intelligent engineering construction information system supporting asynchronous decryption at two ends
Xu et al. A collusion-resistant and privacy-preserving data aggregation protocol in crowdsensing system
Dugardin et al. A New Fair Identity Based Encryption Scheme
Rathore et al. Securing High-Velocity Data: Authentication and Key Management Model for Smart City Communication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant