CN114024684A - 一种基于双线性ElGamal密码体制的多维数据聚合方法 - Google Patents
一种基于双线性ElGamal密码体制的多维数据聚合方法 Download PDFInfo
- Publication number
- CN114024684A CN114024684A CN202111187009.4A CN202111187009A CN114024684A CN 114024684 A CN114024684 A CN 114024684A CN 202111187009 A CN202111187009 A CN 202111187009A CN 114024684 A CN114024684 A CN 114024684A
- Authority
- CN
- China
- Prior art keywords
- aggregation
- signature
- ciphertext
- control center
- bilinear
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 12
- 238000006116 polymerization reaction Methods 0.000 title claims abstract description 5
- 238000004220 aggregation Methods 0.000 claims abstract description 52
- 230000002776 aggregation Effects 0.000 claims abstract description 52
- 238000012795 verification Methods 0.000 claims abstract description 4
- 239000000126 substance Substances 0.000 claims description 4
- 230000004931 aggregating effect Effects 0.000 claims description 3
- 230000005611 electricity Effects 0.000 abstract description 6
- 238000004891 communication Methods 0.000 abstract description 5
- 230000005540 biological transmission Effects 0.000 abstract description 3
- 238000004364 calculation method Methods 0.000 abstract description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3013—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the discrete logarithm problem, e.g. ElGamal or Diffie-Hellman systems
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
本发明公开了一种基于双线性ElGamal密码体制的多维数据聚合方法。控制中心利用双线性ElGamal密码体制生成公私钥对用于加密和签名;每个用户利用超递增序列对多维用电量信息进行计算密文和签名,并发送给雾节点;当雾节点收到加密的用户用电信息后,生成聚合密文以及聚合签名,再发送给控制中心;控制中心收到聚合密文以及聚合签名后,对聚合签名进行验证、对聚合密文进行解密,最后得到每一维用电量信息的聚合结果。本发明利用超递增序列实现多维数据聚合,双线性ElGamal密码系统的同态性来执行保护隐私的安全计算,实现智能电网中的数据真实性和完整性;数据聚合和批量验证可以显著减少通信和传输开销,支持在远程服务器上进行高效计算。
Description
技术领域
本发明属于信息安全技术及智能电网隐私保护数据聚合领域,尤其涉及一种基于双线性ElGamal密码体制的多维数据聚合方法。
背景技术
物联网(IoT)带来了各种无处不在的服务的演变,这些服务有望促进医疗、物流和智能电网等各个领域的进步。物联网(IoT)已成为智能电网系统的重要组成部分。
由于通信方面的限制,如功率、存储、传感器的计算能力等,在物联网(IoT)中采用数据聚合技术来减少实时数据传输的通信开销。
然而,由于在智能电网中传输大量的敏感的健康数据,数据安全和数据隐私以及数据聚合效率是一个主要问题。另外,传统的一维数据聚合方案不能满足细粒度分析的需求,不能保证智能电网中数据的真实性、完整性。
因此,发明一种有效的、支持多维数据聚合并具有较低的计算成本以及通信开销的数据聚合方法是十分重要的。
发明内容
针对现有技术的不足,本发明提出了一种基于双线性ElGamal密码体制的多维数据聚合方法。
本发明采用的技术方案是:控制中心利用双线性ElGamal密码体制生成公私钥对用于加密和签名;每个用户利用超递增序列对多维用电量信息进行计算密文和签名,并发送给雾节点;当雾节点收到加密的用户用电信息后,生成聚合密文以及聚合签名,再发送给控制中心;控制中心收到聚合密文以及聚合签名后,对聚合签名进行验证、对聚合密文进行解密,最后得到每一维用电量信息的聚合结果。
该方法包括以下步骤:
步骤一、初始化阶段:
控制中心利用双线性ElGamal密码体制生成公私钥对:根据安全参数λ,产生一个元组gk=(p,g1,g2,G,GT,e,H);然后产生一个超递增序列a1,a2,...,al;每个用户随机选择变量xi,ui∈Zp,然后控制中心通过密钥生成算法,生成一组公私钥对用于加密;生成另一组公私钥对用于签名;
其中,G,GT是两个乘法循环群,g1,g2分别是两个乘法循环群G,GT的生成元,p是g1,g2的阶,e是G×G→GT的映射,H是单向哈希函数H:{0,1}*→G;Zp代表0到p-1内的整数;是计算密文的公钥,是计算密文的私钥;是计算签名的公钥,是计算签名的私钥。
步骤二、密文产生阶段:
每个用户的多维用电量信息表示为di1,di2,...,dil,随机选取变量ri∈Zp,并计算密文:
其中,C1、C2为两个密文;mi=a1gdi1+a2·di2+...+algdil;
使用μi代替mi来实现聚合签名;每个用户根据签名密钥中的xi,采用哈希函数计算签名:
每个用户将密文以及签名CTi||TS||σi发送给雾节点;
其中,TS是当前的时间戳。
步骤三、密文聚合阶段:
当雾节点收到n个用户的密文以及签名信息后,首先进行验证检查数据的完整性,然后进行密文聚合,生成聚合密文:
以及聚合签名:
然后将聚合密文以及聚合签名CT||σ发送给控制中心。
步骤四、控制中心解密阶段:
进一步说,所述步骤三中,雾节点生成聚合密文前,先进行密文数据的完整性验证,具体为:
其中,hi=H(μi)。
进一步说,所述步骤四中,控制中心对聚合密文解密前,先进行聚合签名的验证,具体为:
其中,hi=H(μi)。
本发明与现有技术相比,其有益效果为:
本发明利用超递增序列实现多维数据聚合,双线性ElGamal密码系统的同态性来执行保护隐私的安全计算,并将其与聚合签名方案相结合,从而实现智能电网中的数据真实性和完整性。它还可以抵抗被动窃听和重放攻击。数据聚合和批量验证可以显著减少通信和传输开销,支持在远程服务器上进行高效计算。
附图说明
图1是本发明的流程图。
具体实施方式
下面结合附图对本发明的技术内容作进一步的说明。
如图1所示,基于双线性ElGamal密码体制的多维数据聚合方法,包括以下步骤:
1、初始化阶段
在初始化阶段,控制中心能够引导整个系统。利用双线性ElGamal密码系统通过生成公私密钥对,公私密钥对用于加密和签名生成。
根据安全参数λ,产生一个元组gk=(p,g1,g2,G,GT,e,H)。其中,G,GT是两个乘法循环群,g1,g2分别是两个乘法循环群的生成元,p是g1,g2的阶,e是G×G→GT的映射,H是单向哈希函数H:{0,1}*→G。然后产生一个超递增序列a1,a2,...,al。
2、密文产生阶段
每个用户useri的多维用电量表示为di1,di2,...,dil,随机选取变量ri∈Zp,Zp代表0到p-1内的整数。并计算密文CTi=(C1,C2):
其中,C1、C2为两个密文,mi=a1·di1+a2·di2+...+al·dil。
为了更好的保护用电量消息mi不被泄露,我们使用μi代替mi来实现聚合签名,μi=C2。即使μi被泄露,攻击者也不能获得用户的用电信息,保证智能电网中的数据真实性、完整性。
每个用户useri根据签名密钥中的xi,采用的是哈希函数计算签名:
其中TS是当前的时间戳,可以抵抗消息重放攻击。
每个用户useri将加密的数据以及签名CTi||TS||σi发送给雾节点。
3、密文聚合阶段
当雾节点收到n个用户的报告CTi||TS||σi后,首先进行验证检查数据的完整性:
其中,hi=H(μi)。
然后进行密文聚合,生成聚合密文CT:
以及聚合签名:
然后将聚合密文以及聚合签名CT||σ发送给控制中心。
4、控制中心解密阶段
控制中心收到雾节点发送的CT||σ后,首先验证聚合签名:
Claims (3)
1.一种基于双线性ElGamal密码体制的多维数据聚合方法,其特征在于该方法包括以下步骤:
步骤一、初始化阶段:
控制中心利用双线性ElGamal密码体制生成公私钥对:根据安全参数λ,产生一个元组gk=(p,g1,g2,G,GT,e,H);然后产生一个超递增序列a1,a2,...,al;每个用户随机选择变量xi,ui∈Zp,然后控制中心通过密钥生成算法,生成一组公私钥对用于加密;生成另一组公私钥对用于签名;
其中,G,GT是两个乘法循环群,g1,g2分别是两个乘法循环群G,GT的生成元,p是g1,g2的阶,e是G×G→GT的映射,H是单向哈希函数H:{0,1}*→G;Zp代表0到p-1内的整数;是计算密文的公钥,是计算密文的私钥;是计算签名的公钥,是计算签名的私钥;
步骤二、密文产生阶段:
每个用户的多维用电量信息表示为di1,di2,...,dil,随机选取变量ri∈Zp,并计算密文:
其中,C1、C2为两个密文;mi=a1gdi1+a2gdi2+...+al·dil;
使用μi代替mi来实现聚合签名;每个用户根据签名密钥中的xi,采用哈希函数计算签名:
每个用户将密文以及签名CTi||TS||σi发送给雾节点;
其中,TS是当前的时间戳;
步骤三、密文聚合阶段:
当雾节点收到n个用户的密文以及签名信息后,首先进行验证检查数据的完整性,然后进行密文聚合,生成聚合密文:
以及聚合签名:
然后将聚合密文以及聚合签名CT||σ发送给控制中心;
步骤四、控制中心解密阶段:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111187009.4A CN114024684A (zh) | 2021-10-12 | 2021-10-12 | 一种基于双线性ElGamal密码体制的多维数据聚合方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111187009.4A CN114024684A (zh) | 2021-10-12 | 2021-10-12 | 一种基于双线性ElGamal密码体制的多维数据聚合方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114024684A true CN114024684A (zh) | 2022-02-08 |
Family
ID=80055691
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111187009.4A Pending CN114024684A (zh) | 2021-10-12 | 2021-10-12 | 一种基于双线性ElGamal密码体制的多维数据聚合方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114024684A (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115225357A (zh) * | 2022-07-12 | 2022-10-21 | 浙江工商大学 | 一种可验证的隐私保护多子集数据聚合方法 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180131512A1 (en) * | 2015-04-29 | 2018-05-10 | Nec Europe Ltd. | Method and system for providing encrypted data on a client |
CN110308691A (zh) * | 2019-07-26 | 2019-10-08 | 湘潭大学 | 一种泛在电力物联网的多维数据聚合与访问控制方法 |
CN111095332A (zh) * | 2017-07-06 | 2020-05-01 | 罗伯特·博世有限公司 | 用于保护隐私的社交媒体广告的方法和系统 |
CN111294366A (zh) * | 2020-05-13 | 2020-06-16 | 西南石油大学 | 智能电网中抗密钥泄露的加密数据聚合的统计分析方法 |
CN112637227A (zh) * | 2020-12-29 | 2021-04-09 | 浙江工商大学 | 面向智能电网的多维多子集抗差分攻击的数据聚合方法 |
CN112800459A (zh) * | 2021-01-26 | 2021-05-14 | 浙江工商大学 | 基于区块链的智能电网多维多子集隐私保护数据聚合方法 |
-
2021
- 2021-10-12 CN CN202111187009.4A patent/CN114024684A/zh active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180131512A1 (en) * | 2015-04-29 | 2018-05-10 | Nec Europe Ltd. | Method and system for providing encrypted data on a client |
CN111095332A (zh) * | 2017-07-06 | 2020-05-01 | 罗伯特·博世有限公司 | 用于保护隐私的社交媒体广告的方法和系统 |
CN110308691A (zh) * | 2019-07-26 | 2019-10-08 | 湘潭大学 | 一种泛在电力物联网的多维数据聚合与访问控制方法 |
CN111294366A (zh) * | 2020-05-13 | 2020-06-16 | 西南石油大学 | 智能电网中抗密钥泄露的加密数据聚合的统计分析方法 |
CN112637227A (zh) * | 2020-12-29 | 2021-04-09 | 浙江工商大学 | 面向智能电网的多维多子集抗差分攻击的数据聚合方法 |
CN112800459A (zh) * | 2021-01-26 | 2021-05-14 | 浙江工商大学 | 基于区块链的智能电网多维多子集隐私保护数据聚合方法 |
Non-Patent Citations (3)
Title |
---|
XIANGJIAN ZUO,等: "Privacy-Preserving Multidimensional Data Aggregation Scheme Without Trusted Authority in Smart Grid", IEEE SYSTEMS JOURNAL, vol. 15, no. 1, pages 395 - 406, XP011841769, DOI: 10.1109/JSYST.2020.2994363 * |
余勇;叶云;黄刘生;林为民;胡杰;高鹏;李尼格;: "一种面向智能电网的隐私保护数据聚合协议", 小型微型计算机系统, no. 05, pages 219 - 223 * |
陈世春;张洁敏;倪文书;李金湖;林海玉;李建平;: "智能电网中数据加密与签名研究", 微型电脑应用, no. 09, pages 87 - 89 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115225357A (zh) * | 2022-07-12 | 2022-10-21 | 浙江工商大学 | 一种可验证的隐私保护多子集数据聚合方法 |
CN115225357B (zh) * | 2022-07-12 | 2023-09-01 | 浙江工商大学 | 一种可验证的隐私保护多子集数据聚合方法 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111294366B (zh) | 智能电网中抗密钥泄露的加密数据聚合的统计分析方法 | |
Liu et al. | Enabling efficient and privacy-preserving aggregation communication and function query for fog computing-based smart grid | |
CN109584978B (zh) | 基于签名聚合医疗健康监控网络模型信息处理方法及系统 | |
CN108683493B (zh) | 一种智能电网中提供隐私保护的数据聚合方法 | |
AU2004218638B2 (en) | Use of isogenies for design of cryptosystems | |
Li et al. | An efficient short certificate-based signature scheme | |
Ming et al. | Efficient privacy-preserving multi-dimensional data aggregation scheme in smart grid | |
CN102811125B (zh) | 基于多变量密码体制的无证书多接收者签密方法 | |
CN111131148A (zh) | 一种面向智能电网的可保护隐私数据聚合方法及系统 | |
CN110120939B (zh) | 一种基于异构系统的可否认认证的加密方法和系统 | |
Yi et al. | An efficient identity-based signature scheme with provable security | |
CN109831305B (zh) | 基于非对称密钥池的抗量子计算签密方法和系统 | |
Hwang et al. | A Lightweight Certificate-Based Aggregate Signature Scheme Providing Key Insulation. | |
Ren et al. | Provably secure aggregate signcryption scheme | |
Dey et al. | A post-quantum signcryption scheme using isogeny based cryptography | |
Liu et al. | Secure and efficient two-party collaborative SM9 signature scheme suitable for smart home | |
Ren et al. | Verifiable outsourced attribute-based signature scheme | |
Peng et al. | Efficient distributed decryption scheme for IoT gateway-based applications | |
Li et al. | A new self-certified signature scheme based on ntrus ing for smart mobile communications | |
Li et al. | A fine-grained privacy protection data aggregation scheme for outsourcing smart grid | |
CN114024684A (zh) | 一种基于双线性ElGamal密码体制的多维数据聚合方法 | |
Zheng et al. | A strong provably secure IBE scheme without bilinear map | |
CN114024667A (zh) | 基于双线性ElGamal密码体制并抵抗差分攻击的数据聚合方法 | |
CN110266492A (zh) | 一种可追踪的泛在电力物联网身份认证方法 | |
Sahana et al. | A provable secure key-escrow-free identity-based signature scheme without using secure channel at the phase of private key issuance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |