CN114826551A - Protection method and system for full life cycle data of smart power grid - Google Patents
Protection method and system for full life cycle data of smart power grid Download PDFInfo
- Publication number
- CN114826551A CN114826551A CN202210479483.2A CN202210479483A CN114826551A CN 114826551 A CN114826551 A CN 114826551A CN 202210479483 A CN202210479483 A CN 202210479483A CN 114826551 A CN114826551 A CN 114826551A
- Authority
- CN
- China
- Prior art keywords
- data
- life cycle
- phase data
- plaintext
- calculating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 84
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 59
- 230000008569 process Effects 0.000 claims abstract description 49
- 238000004364 calculation method Methods 0.000 claims description 22
- 238000009826 distribution Methods 0.000 claims description 6
- 230000006378 damage Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000003860 storage Methods 0.000 description 6
- 230000002776 aggregation Effects 0.000 description 4
- 238000004220 aggregation Methods 0.000 description 4
- 238000007726 management method Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000009467 reduction Effects 0.000 description 3
- OAICVXFJPJFONN-UHFFFAOYSA-N Phosphorus Chemical compound [P] OAICVXFJPJFONN-UHFFFAOYSA-N 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000009827 uniform distribution Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Economics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Water Supply & Treatment (AREA)
- Public Health (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Emergency Protection Circuit Devices (AREA)
Abstract
The invention provides a method and a system for protecting full life cycle data of a smart power grid, wherein the method comprises the steps of acquiring the full life cycle data in the running process of the power grid, and encrypting a power parameter based on a fully homomorphic encryption algorithm in the generation stage of the power parameter; and performing an operation on the power parameter in an encrypted state; the encryption process comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext. The method further comprises the step of decrypting the encrypted power parameters in the using stage based on the private key of the fully homomorphic encryption algorithm, and based on the method, the protection system for the full life cycle data of the smart power grid is further provided. The invention realizes the data confidentiality of the whole life cycle and provides a data confidentiality support for the safe operation of the smart power grid.
Description
Technical Field
The invention belongs to the technical field of power grid data protection, and particularly relates to a method and a system for protecting full life cycle data of an intelligent power grid.
Background
With the higher requirements on the safety management and the fine management of the equipment, the requirements on real-time monitoring of various operation conditions are more urgent; how to comprehensively improve the safety of data communication and provide safe and real data for company decision becomes a technical problem which needs to be solved urgently in the field of power distribution at present.
The prior art is mainly divided into four types, namely a lightweight elastic protocol for secure communication, but the protocol is normally operated on the premise that an initialization key is always safe and effective, and the secure transmission of data can be directly influenced once the initialization key is leaked; secondly, in the technical scheme of data encryption of cloud cooperative operation, a data encryption process and key information are respectively operated and stored at the cloud and the terminal, and the storage space and the computing capacity of a communication terminal in the smart grid are not fully considered; thirdly, the dynamic symmetric key algorithm has a large influence degree of the network state on the algorithm, the dynamic key stores the whole data packet, and the storage space is extremely large; fourth, the data aggregation technique performs aggregation after encrypting user data, which is more efficient than the conventional aggregation method, but the aggregation step increases the corresponding cost and equipment burden. Therefore, in the prior art, although the data of the power parameter can be encrypted, the data needs decryption operation in the processing, so that the risk of data leakage exists, and the privacy of the data is reduced.
Disclosure of Invention
In order to solve the technical problem, the invention provides a method and a system for protecting full life cycle data of a smart power grid. Data encryption is carried out in the generation stage of the power reference data, and the storage time of the ciphertext is extended to the data destruction stage, so that the data confidentiality of the whole life cycle is realized.
In order to achieve the purpose, the invention adopts the following technical scheme:
a protection method for full life cycle data of a smart power grid comprises the following steps:
acquiring full life cycle data in the running process of a power grid, and encrypting the power parameters based on a fully homomorphic encryption algorithm in the generation stage of the power parameters; and performing an operation on the power parameter in an encrypted state; the process of encrypting the electric power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext.
Further, the method further comprises the step of decrypting the encrypted power parameters at the use stage based on a private key of the homomorphic encryption algorithm, wherein the decryption process comprises the step of calculating to obtain a second intermediate plaintext according to the ciphertext and the private key; and the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem.
Further, the full life cycle data in the operation process of the power grid comprises planning phase data, defining phase data, creating or receiving phase data, processing phase data, storing phase data, integrating phase data, sharing phase data, discovering phase data, using phase data and filing or destroying phase data.
Further, the process of determining the private key of the fully homomorphic encryption algorithm includes:
randomly selecting an odd number p of the first bit length e and an integer h of the second bit length t; wherein e ═ O (λ) 3 ) (ii) a λ is a safety parameter;
selecting an integer u of a third bit length e i I ═ 1,2,. h }; wherein u is i Obey normal distribution;
e'=O(λ 2 );
by using the firstAn odd number p of a length e and an integer u of a third length e i The private key sk is generated as (p, u).
Further, the process of determining the public key of the fully homomorphic encryption algorithm includes:
from the interval [0,2 g /p) randomly selecting two integers q 0 And q is 1 Calculating to obtain x 0 =pq 0 ,
And satisfy x 0 And x 1 Mutual elements, x 0 Greater than x 1 (ii) a Wherein g is x 0 And x 1 G ═ O (λ) bit length of 4 );
Randomly selecting k prime numbers n of pairwise reciprocity elements i As part of the public key, calculate
The public key is pk ═ (x) 0 ,x 1 ,n,(n 1 ,n 2 ,...,n k ))。
Further, the calculation of a large number of power parameters based on the public key is carried out according to the Chinese remainder theorem to obtain a first intermediate plaintext; then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and the detailed process of calculating to obtain the ciphertext comprises the following steps:
according to the Chinese remainder theorem, k initial plaintexts are pi 1 ,π 2 ,...,π k Calculating to obtain a first middle plaintext m E Z n (ii) a Let l i =n/n i ,
Then there is
Wherein l i For the ratio parameter v in the Chinese remainder theorem i The product parameter in Chinese remainder determination;
randomly selecting an integer r of a fourth bit s from the first intermediate plaintext m, wherein,
calculating to obtain ciphertext c ═ m + rx 1 )modx 0 。
Further, the decryption process includes:
giving a ciphertext c and a private key sk (p, u), and operating a decryption algorithm to calculate to obtain a second intermediate plaintext m (cmodp) modu;
the m ═ pi can be known through Chinese remainder theorem i modn i (ii) a K initial plaintexts pi are obtained by calculation 1 ,π 2 ,...,π k And pi i =m-[m/n i ]n i 。
The invention also provides a protection system for the full life cycle data of the smart power grid, which comprises an encryption module;
the encryption module is used for acquiring full life cycle data in the power grid operation process, and encrypting the power parameters based on a fully homomorphic encryption algorithm in the generation stage of the power parameters; and performing an operation on the power parameter in an encrypted state; the process of encrypting the electric power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext.
Further, the system also comprises a decryption module;
the decryption module is used for decrypting the encrypted power parameters at the use stage based on the private key of the homomorphic encryption algorithm, wherein the decryption process comprises the step of calculating to obtain a second intermediate plaintext according to the ciphertext and the private key; and the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem.
Further, the full life cycle data in the operation process of the power grid comprises planning phase data, defining phase data, creating or receiving phase data, processing phase data, storing phase data, integrating phase data, sharing phase data, discovering phase data, using phase data and filing or destroying phase data.
The effect provided in the summary of the invention is only the effect of the embodiment, not all the effects of the invention, and one of the above technical solutions has the following advantages or beneficial effects:
the invention provides a method and a system for protecting full life cycle data of a smart power grid, wherein the method comprises the steps of acquiring the full life cycle data in the running process of the power grid, and encrypting a power parameter based on a fully homomorphic encryption algorithm in the generation stage of the power parameter; and performing an operation on the power parameter in an encrypted state; the process of encrypting the power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext. The method further comprises the step of decrypting the encrypted power parameters at the use stage based on a private key of the homomorphic encryption algorithm, wherein the decryption process comprises the step of calculating to obtain a second intermediate plaintext according to the ciphertext and the private key; and the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem. Based on the protection method of the full life cycle data of the smart power grid, a protection system of the full life cycle data of the smart power grid is also provided. The invention adopts a data asset full life cycle model to carry out full life cycle modeling on electric power parameters, adopts a full homomorphic encryption algorithm to carry out data encryption at the generation stage of electric power reference data, and extends the storage time of a ciphertext to a data destruction stage, thereby realizing the data confidentiality of the full life cycle and providing a data confidentiality support scheme for the safe operation of an intelligent power grid.
Drawings
FIG. 1 is a full life cycle model of an electric power parameter according to embodiment 1 of the present invention;
fig. 2 is a flowchart of a method for protecting full-life cycle data of a smart grid according to embodiment 1 of the present invention;
fig. 3 is a schematic diagram of a system for protecting full-life cycle data of a smart grid according to embodiment 2 of the present invention.
Detailed Description
In order to clearly explain the technical features of the present invention, the following detailed description of the present invention is provided with reference to the accompanying drawings. The following disclosure provides many different embodiments, or examples, for implementing different features of the invention. To simplify the disclosure of the present invention, the components and arrangements of specific examples are described below. Furthermore, the present invention may repeat reference numerals and/or letters in the various examples. This repetition is for the purpose of simplicity and clarity and does not in itself dictate a relationship between the various embodiments and/or configurations discussed. It should be noted that the components illustrated in the figures are not necessarily drawn to scale. Descriptions of well-known components and processing techniques and procedures are omitted so as to not unnecessarily limit the invention.
Example 1
The embodiment 1 of the invention provides a method for protecting full life cycle data of an intelligent power grid. The data full lifecycle management model defines a macroscopic framework that is a panoramic view of the data full lifecycle from the production phase to the destruction phase. FIG. 1 is a full life cycle model of an electric power parameter according to embodiment 1 of the present invention; the data asset full lifecycle divides data into 11 phases including planning, defining, creating/receiving, processing, integrating, storing, operation and maintenance, sharing, discovering, using and reusing, archiving & destroying.
Fig. 2 is a flowchart of a method for protecting full-life cycle data of a smart grid according to embodiment 1 of the present invention;
in step S200, acquiring full life cycle data in the power grid operation process, and encrypting the power parameters based on a full homomorphic encryption algorithm in the generation stage of the power parameters; and performing an operation on the power parameter in an encrypted state; the process of encrypting the power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext.
The method is based on a data full life cycle management model and then based on an integer full homomorphic encryption algorithm, data is encrypted in the generation stage of the electric power parameter, and the data exists in a ciphertext form from generation to destruction. The invention relates to the whole life protection of electric power parameters, which starts from a data creating/receiving stage, wherein the stage is a data entity generation stage and a data encryption stage. The power parameter is firstly coded by ASCII, then the ASCII code is converted into decimal system, expressed by pi and grouped, and the value range of each group is m-Z n
The idea of encryption implementation is as follows: for i ∈ {1, 2.,. k }, there is an initial k plaintext π 1 ,π 2 ,...,π k ,
Using homomorphic mapping, an intermediate plaintext may be computed
Based on Chinese remainder theorem and used mapping
Is equivalent to computing k in the initial plaintext pi for the intermediate plaintext m 1 ,π 2 ,...,π k Thereby realizing batch processing operation on multiple integers.
The process of determining the private key of the fully homomorphic encryption algorithm includes:
randomly selecting an odd number p of the first bit length e and an integer h of the second bit length t; to resist violent attack e ═ O (lambda) 3 ) (ii) a λ is a safety parameter;
the larger the value of the lambda parameter is, the higher the safety of the scheme is, and the lower the calculation efficiency is. In combination with the protection security of the power parameter data and the expansion degree of the ciphertext, the recommended value in practical application is λ 42.
In generating a public key x 1 The bit length of the random quantity h is introduced in the process, in order to support homomorphic calculation of the intermediate plaintext,
selecting an integer u of a third bit length e i I ═ 1,2,. h }; wherein u is i Obey normal distribution;
to support homomorphic computation on intermediate plaintext, e' ═ O (λ) 2 );
Using an odd number p of the first length e and an integer u of the third length e i The private key sk is generated as (p, u).
The process of determining the public key of the fully homomorphic encryption algorithm comprises:
from the interval [0,2 g /p) randomly selecting two integers q 0 And q is 1 Calculating to obtain x 0 =pq 0 ,
And satisfy x 0 And x 1 Mutual elements, x 0 Greater than x 1 (ii) a Wherein g is x 0 And x 1 G ═ O (λ) for lattice attack resistance 4 );
Randomly selecting k prime numbers n of pairwise reciprocity elements i As part of the public key, calculate
The public key is pk ═ (x) 0 ,x 1 ,n,(n 1 ,n 2 ,...,n k ) ); k is the number of plaintext spaces, n is 2 O(β) Is provided with
Calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and the detailed process of calculating to obtain the ciphertext comprises the following steps:
according to the Chinese remainder theorem, k initial plaintexts are pi 1 ,π 2 ,...,π k Calculating to obtain a first middle plaintext m E Z n (ii) a Let l i =n/n i ,
Then there is
Wherein l i For the ratio parameter v in the Chinese remainder theorem i The product parameter in Chinese remainder determination;
an integer r of the fourth bit s is randomly selected from the first intermediate plaintext m, wherein,
calculating to obtain ciphertext c ═ m + rx 1 )modx 0 。
In the encryption process, the bit length of a random quantity r is introduced by increasing the safety of the scheme, in order to support homomorphic calculation of an initial plaintext,
in step S210, the encrypted power parameter is decrypted in the use stage based on the private key of the homomorphic encryption algorithm, wherein the decryption process includes calculating to obtain a second intermediate plaintext according to the ciphertext and the private key; the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem.
The decryption process includes in detail:
giving a ciphertext c and a private key sk (p, u), and operating a decryption algorithm to calculate to obtain a second intermediate plaintext m (cmodp) modu;
the m ═ pi can be known through Chinese remainder theorem i modn i (ii) a K initial plaintexts pi are obtained by calculation 1 ,π 2 ,...,π k And pi i =m-[m/n i ]n i 。
As can be seen from the above, the homomorphic encryption algorithm Eval (f, (c) 1 ,...,c l )). Given a function f with l variables, and l ciphertexts (c) 1 ,c 2 ,...,c l ) Satisfy c i =Enc(sk,m i ) And inputting the I ciphertexts into a function, executing homomorphic operation and outputting a cipher text c.
The function f can be decomposed into a combination of addition and multiplication, for two ciphertexts c 1 And c 2 The homomorphic calculation is respectively as follows: c. C add =(c 1 +c 2 )modx 0 ;c mult =(c 1 ·c 2 )modx 0 . Through homomorphic calculation algorithm Eval (f, (c) 1 ,...,c l ) ) the obtained ciphertext c is decrypted by a decryption algorithm Dec to obtain a corresponding plaintext.
The fully homomorphic encryption is an encryption function which simultaneously meets the properties of addition homomorphy and multiplication homomorphy and can carry out addition and multiplication operations for any number of times; wherein: c add Represents homomorphic, C mult Representing a multiplicative homomorphism.
By using the homomorphic encryption technology, the result obtained by decrypting the ciphertext after the user operates the ciphertext is consistent with the result obtained by directly operating the plaintext, the characteristic allows an untrusted third party to directly operate the ciphertext under the condition without a private key, and the leakage of user sensitive information caused by the fact that the third party needs to decrypt the ciphertext in the operation process is avoided. By using the homomorphic encryption technology, the result obtained by decrypting the ciphertext after the user operates the ciphertext is consistent with the result obtained by directly operating the plaintext, the characteristic allows an untrusted third party to directly operate the ciphertext under the condition of no private key, and the possibility that sensitive information of the user is leaked due to the fact that the ciphertext needs to be decrypted in the operation process is avoided.
The demonstration of the correctness of the scheme comprises the following steps: firstly, proving the correctness of a decryption algorithm Dec when the scheme is not homomorphic calculated; the correctness of the homomorphic calculation algorithm Eval is then proved.
Given the private key sk (p, u), the decryption algorithm can correctly decrypt the initial ciphertext c to obtain k initial plaintext pi 1 ,π 2 ,...,π k . And (3) proving that: for k plaintext pi 1 ,π 2 ,...,π k Let l i =n/n i ,
Calculating intermediate plaintext
And m is as large as Z n . Knowing c ═ m _ rx by the encryption algorithm 1 )modx 0 In the presence of an integer l 1 The ciphertext is c ═ m + rx 1 )-l 1 ·x 0 Knowing x 0 -pq 0 ,x 1 =pq 1 + uh, which can be derived from urh + m depending on the chosen parameters<<p and m<<u i If true, computing m ═ cmodp (cmodp) modu decrypts to get the correct one
The intermediate plaintext m, and then k initial plaintext pi 1, pi 2, k 。
for two ciphertexts c 1 =Enc(pk,m 1 ) And c 2 =Enc(pk,m 2 ) Homomorphic addition of c add =(c 1 +c 2 )modx 0 . The bit length of the second private key u used by the scheme is O (lambda) according to the parameter setting 2 ) The bit length of the random quantity r used is
According to the triangle inequality, the ciphertext c obtained by one homomorphic addition add =(c 1 +c 2 )modx 0 The noise bit length is increased by at most 1 bit, the scheme can support O (lambda) 2 ) And performing homomorphic calculation by secondary addition.
For multiplication homomorphism operation c mult =(c 1 ·c 2 )modx 0 And multiplying d times of ciphertexts, wherein the corresponding noise is the d +1 power of the original noise, and the bit length of the noise is increased by d +1 times at most, so that the main factor influencing the calculation of the polynomial times of the scheme is homomorphic multiplication. In this context, the polynomial whose order is d deg (f) that the scheme can support homomorphic calculations is denoted by the function f.
There is an arithmetic circuit C which is present,the corresponding multivariate polynomial is f. Giving | | f | non-conducting phosphor 1 The polynomial order is d deg (f) with respect to the 1-norm of the coefficient vector corresponding to the polynomial f. When | | f | non-woven phosphor 1 (2 β+αs ) d ≤2 e-2 The arithmetic circuit C e C corresponding to the polynomial per-c Is a tolerable circuit.
Based on the parameter settings, the theorem can be used to obtain the order of the polynomial of which the scheme can support homomorphic calculation
Can support at most cipher text
The next homomorphic multiplication operation. In selecting parameters, log can be used 2 (||f|| 1 ) Is set to be smaller than e and beta.
The security verification of the scheme comprises: a game consisting of both an adversary atk and a solver ξ is employed to prove the security of the solution, which can be described as follows: the enemy atk obtains a public key first, then the enemy hands over two different plaintexts to zeta, zeta randomly selects one plaintexts to encrypt and obtain a corresponding ciphertext, and hands over the ciphertext back to the enemy atk. The adversary uses the public key and the obtained ciphertext to launch guessing, and the adversary can correctly guess the plaintext selected by ζ, so that the adversary can win the game. The scheme is said to be safe if the adversary has a probability of correctly guessing the plaintext of 1/2+ negl (λ), where negl (λ) is a negligible amount. The scheme relies on a complexity problem, namely the random approximation common factor problem (RAGCD), which is a variant of the AGCD problem. In constructing the RAGCD problem, u i Obey uniform distribution, and as h increases, the probability that u obeys Gaussian distribution is 1-negl (lambda) according to the theorem of large numbers. The RAGCD problem is more complex than the AGCD problem. Safety protocol of the protocol to the RAGCD problem.
Compared with the prior art, the method has the greatest advantages of smaller key scale and smaller ciphertext expansion rate.
The complexity analysis includes: key size, encryption complexity, decryption complexComplexity of heterology and homomorphic computation. The complexity demonstration process of the invention comprises the following steps: the adopted fully homomorphic encryption algorithm has a public key consisting of two O (lambda) 4 ) A large integer of bits, and a group of k small prime numbers of O (lambda) bits, and the key size is O (lambda) 4 )。
The encryption algorithm comprises two phases: 1. an intermediate plaintext is generated from the initial plaintext. From k initial plaintexts pi 1 ,π 2 ,...,π k Calculating the intermediate plaintext m by k times of division, 2k times of modular operation and multiplication, and k-1 addition
2. And carrying out encryption calculation on the intermediate plaintext to generate a ciphertext. The cryptographic calculation is of a complexity of O (lambda) 5 ) Generating a bit size of about O (lambda) 4 ) The ciphertext of (1). Followed by a modulo operation with a modulus of about O (lambda) on a bit scale 4 ) Integer x of 0 The modulo operation has a complexity of O (λ) 8 )。
The decryption is two modulo reduction operations, the first modulo reduction being on the order of O (lambda) to the bit scale 4 ) Has a ciphertext and bit size of about O (λ) 3 ) The private key p of (a) is calculated, and the obtained calculation complexity is O (lambda) 8 ) To obtain a bit size of about O (lambda) 3 ) The value of (c). This value is then reduced modulo to a bit size of about O (λ) 2 ) The second modulo reduction of the computational complexity of O (lambda) 6 ) To obtain a bit size of about O (lambda) 2 ) The intermediate plaintext of (1). In the middle plaintext m to pi 1 ,π 2 ,...,π k In the conversion, k times of rounding and k times of multiplication and subtraction calculation are needed, and the calculation complexity is
Homomorphic computational complexity. Homomorphic addition is simple, two ciphertexts are directly added, and the algorithm complexity is O (lambda) 4 ) (ii) a After one-time addition is completed, the scale of the ciphertext is not increased, so that the complexity of the corresponding decryption algorithm is not increasedChanging; homomorphic multiplication, which is to multiply two ciphertexts to obtain an integer and then reduce x by a module 0 So the complexity is O (lambda) 8 ). By combining the complexity analysis, the overall computational complexity of the scheme can be obtained as O (lambda) 8 )。
The method for protecting the full-life-cycle data of the smart grid, which is provided by the embodiment 1 of the invention, adopts a data asset full-life-cycle model to perform full-life-cycle modeling on electric power parameters, adopts a fully homomorphic encryption algorithm to encrypt data in a generation stage of electric power reference data, and extends the storage time of a ciphertext to a data destruction stage, thereby realizing the data confidentiality of the full life cycle and providing a data confidentiality support scheme for the safe operation of the smart grid.
Example 2
Based on the method for protecting the full-life cycle data of the smart grid provided in embodiment 1 of the present invention, embodiment 2 of the present invention provides a system for protecting the full-life cycle data of the smart grid, and as shown in fig. 3, the system is a schematic diagram of the system for protecting the full-life cycle data of the smart grid in embodiment 2 of the present invention, and the system includes: an encryption module and a decryption module;
the encryption module is used for acquiring full life cycle data in the power grid operation process, and encrypting the power parameters based on a full homomorphic encryption algorithm in the generation stage of the power parameters; and performing an operation on the power parameter in an encrypted state; the process of encrypting the electric power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext.
The system also includes a decryption module; the decryption module is used for decrypting the encrypted power parameters at the use stage based on the private key of the homomorphic encryption algorithm, wherein the decryption process comprises the step of calculating to obtain a second intermediate plaintext according to the ciphertext and the private key; and the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem.
The process of the encryption module implementation comprises the following steps: randomly selecting an odd number p of the first bit length e and an integer h of the second bit length t; to resist violent attack e ═ O (lambda) 3 ) (ii) a λ is a safety parameter;
the larger the value of the lambda parameter is, the higher the safety of the scheme is, and the lower the calculation efficiency is. In combination with the protection security of the power parameter data and the expansion degree of the ciphertext, the recommended value in practical application is λ 42.
In generating a public key x 1 The bit length of the random quantity h is introduced in the process, in order to support homomorphic calculation of the intermediate plaintext,
selecting an integer u of a third bit length e i I ═ 1,2,. h }; wherein u is i Obey normal distribution;
to support homomorphic computation on intermediate plaintext, e ═ O (λ) 2 );
Using an odd number p of the first length e and an integer u of the third length e i The private key sk is generated as (p, u).
The process of determining the public key of the fully homomorphic encryption algorithm comprises the following steps:
from the interval [0,2 g /p) randomly selecting two integers q 0 And q is 1 Calculating to obtain x 0 =pq 0 ,
And satisfy x 0 And x 1 Mutual elements, x 0 Greater than x 1 (ii) a Wherein g is x 0 And x 1 G ═ O (λ) for lattice attack resistance 4 );
Randomly selecting k prime numbers n of pairwise reciprocity elements i As part of the public key, calculate
The public key is pk ═ (x) 0 ,x 1 ,n,(n 1 ,n 2 ,...,n k ) ); k is the number of plaintext space, n is 2 O(β) Is provided with
Calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and the detailed process of calculating to obtain the ciphertext comprises the following steps:
according to the Chinese remainder theorem, k initial plaintexts are pi 1 ,π 2 ,...,π k Calculating to obtain a first middle plaintext m E Z n (ii) a Let l i =n/n i ,
Then there is
Wherein l i For the ratio parameter v in the Chinese remainder theorem i The product parameter in Chinese remainder determination;
an integer r of the fourth bit s is randomly selected from the first intermediate plaintext m, wherein,
calculating to obtain ciphertext c ═ m + rx 1 )modx 0 。
In the encryption process, the bit length of a random quantity r is introduced by increasing the safety of the scheme, in order to support homomorphic calculation of an initial plaintext,
the decryption module realizes the following procedures: giving a ciphertext c and a private key sk (p, u), and operating a decryption algorithm to calculate to obtain a second intermediate plaintext m (cmodp) modu;
by the Chinese remainderTheory can show that m ═ pi i modn i (ii) a K initial plaintexts pi are obtained by calculation 1 ,π 2 ,...,π k And pi i =m-[m/n i ]n i 。
The system for protecting the whole life cycle data of the smart grid, which is provided by the embodiment 2 of the invention, adopts a data asset whole life cycle model to carry out whole life cycle modeling on electric power parameters, adopts a fully homomorphic encryption algorithm to carry out data encryption at the generation stage of electric power reference data, and extends the storage time of a ciphertext to a data destruction stage, thereby realizing the data confidentiality of the whole life cycle and providing a data confidentiality support scheme for the safe operation of the smart grid.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Furthermore, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include elements inherent in the list. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element. In addition, parts of the technical solutions provided in the embodiments of the present application that are consistent with implementation principles of corresponding technical solutions in the prior art are not described in detail, so as to avoid redundant description.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, the scope of the present invention is not limited thereto. Various modifications and alterations will occur to those skilled in the art based on the foregoing description. And are neither required nor exhaustive of all embodiments. On the basis of the technical scheme of the invention, various modifications or changes which can be made by a person skilled in the art without creative efforts are still within the protection scope of the invention.
Claims (10)
1. A protection method for full life cycle data of a smart grid is characterized by comprising the following steps:
acquiring full life cycle data in the running process of a power grid, and encrypting the power parameters based on a fully homomorphic encryption algorithm in the generation stage of the power parameters; and performing an operation on the power parameter in an encrypted state; the process of encrypting the electric power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext.
2. The method for protecting the full life cycle data of the smart grid according to claim 1, further comprising decrypting the encrypted power parameter at a use stage based on a private key of the homomorphic encryption algorithm, wherein the decryption process comprises calculating a second intermediate plaintext according to the ciphertext and the private key; and the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem.
3. The method for protecting the full life cycle data of the smart grid according to claim 2, wherein the full life cycle data during the operation of the power grid comprises planned phase data, defined phase data, created or received phase data, processed phase data, stored phase data, integrated phase data, shared phase data, discovered phase data, used phase data and archived or destroyed phase data.
4. The method for protecting the full life cycle data of the smart grid according to claim 1, wherein the process of determining the private key of the fully homomorphic encryption algorithm comprises:
randomly selecting an odd number p of the first bit length e and an integer h of the second bit length t; wherein e ═ O (λ) 3 ) (ii) a λ is a safety parameter;
selecting an integer u of a third bit length e i I ═ 1,2,. h }; wherein u is i Obey normal distribution;
e'=O(λ 2 );
using an odd number p of the first length e and an integer u of the third length e i The private key sk is generated as (p, u).
5. The method for protecting the full-lifecycle data of the smart grid according to claim 4, wherein the determining the public key of the fully-homomorphic encryption algorithm includes:
from the interval [0,2 g /p) randomly selecting two integers q 0 And q is 1 Calculating to obtain x 0 =pq 0 ,
And satisfy x 0 And x 1 Mutual elements, x 0 Greater than x 1 (ii) a Wherein g is x 0 And x 1 G ═ O (λ) bit length of 4 );
Randomly selecting k prime numbers n of pairwise reciprocity elements i As part of the public key, calculate
The public key is pk ═ (x) 0 ,x 1 ,n,(n 1 ,n 2 ,...,n k ))。
6. The method for protecting the full life cycle data of the smart grid according to claim 5, wherein the calculation of a large number of power parameters based on the public key is performed according to the Chinese remainder theorem to obtain a first intermediate plaintext; then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and the detailed process of calculating to obtain the ciphertext comprises the following steps:
according to the Chinese remainder theorem, k initial plaintexts are pi 1 ,π 2 ,...,π k Calculating to obtain a first middle plaintext m E Z n (ii) a Let l i =n/n i ,
Then there is
Wherein l i For the ratio parameter v in the Chinese remainder theorem i The product parameter in Chinese remainder determination;
randomly selecting an integer r of a fourth bit s from the first intermediate plaintext m, wherein,
calculating to obtain ciphertext c ═ m + rx 1 )modx 0 。
7. The method for protecting the full-life-cycle data of the smart grid according to claim 6, wherein the decryption process comprises:
giving a ciphertext c and a private key sk (p, u), and operating a decryption algorithm to calculate to obtain a second intermediate plaintext m (cmodp) modu;
the m ═ pi can be known through Chinese remainder theorem i modn i (ii) a K initial plaintexts pi are obtained by calculation 1 ,π 2 ,...,π k And pi i =m-[m/n i ]n i 。
8. The protection system for the full life cycle data of the smart power grid is characterized by comprising an encryption module;
the encryption module is used for acquiring full life cycle data in the power grid operation process, and encrypting the power parameters based on a fully homomorphic encryption algorithm in the generation stage of the power parameters; and performing an operation on the power parameter in an encrypted state; the process of encrypting the electric power parameter by the fully homomorphic encryption algorithm comprises the following steps: determining a public key and a private key of the fully homomorphic encryption algorithm; calculating a large amount of power parameters based on the public key according to the Chinese remainder theorem to obtain a first intermediate plaintext; and then randomly selecting an integer of a plurality of bits from the first intermediate plaintext, and calculating to obtain a ciphertext.
9. The system for protecting the full life cycle data of the smart grid according to claim 8, wherein the system further comprises a decryption module;
the decryption module is used for decrypting the encrypted power parameters at the use stage based on the private key of the homomorphic encryption algorithm, wherein the decryption process comprises the step of calculating to obtain a second intermediate plaintext according to the ciphertext and the private key; and the second intermediate plaintext is used for reversely deducing the initial plaintext according to the Chinese remainder theorem.
10. The system for protecting the full life cycle data of the smart grid according to claim 9, wherein the full life cycle data during the operation of the power grid comprises planned phase data, defined phase data, created or received phase data, processed phase data, stored phase data, integrated phase data, shared phase data, discovered phase data, used phase data and archived or destroyed phase data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210479483.2A CN114826551A (en) | 2022-04-24 | 2022-04-24 | Protection method and system for full life cycle data of smart power grid |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210479483.2A CN114826551A (en) | 2022-04-24 | 2022-04-24 | Protection method and system for full life cycle data of smart power grid |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114826551A true CN114826551A (en) | 2022-07-29 |
Family
ID=82511423
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210479483.2A Pending CN114826551A (en) | 2022-04-24 | 2022-04-24 | Protection method and system for full life cycle data of smart power grid |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114826551A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116962006A (en) * | 2023-06-16 | 2023-10-27 | 数智物语(北京)网络科技有限责任公司 | Full data life cycle safety access system |
-
2022
- 2022-04-24 CN CN202210479483.2A patent/CN114826551A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116962006A (en) * | 2023-06-16 | 2023-10-27 | 数智物语(北京)网络科技有限责任公司 | Full data life cycle safety access system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110363030B (en) | Method and processing device for performing a trellis-based cryptographic operation | |
| Liu et al. | An efficient privacy-preserving outsourced calculation toolkit with multiple keys | |
| Wang et al. | Cryptanalysis of a symmetric fully homomorphic encryption scheme | |
| Wang et al. | Secure and practical outsourcing of linear programming in cloud computing | |
| WO2009026771A1 (en) | The method for negotiating the key, encrypting and decrypting the information, signing and authenticating the information | |
| CN110851845A (en) | Light-weight single-user multi-data all-homomorphic data packaging method | |
| CN111917721A (en) | Attribute encryption method based on block chain | |
| Burtyka et al. | Symmetric fully homomorphic encryption using decidable matrix equations | |
| Bavdekar et al. | Post quantum cryptography: Techniques, challenges, standardization, and directions for future research | |
| Zhao et al. | Verifiable outsourced ciphertext-policy attribute-based encryption for mobile cloud computing | |
| CN117527223B (en) | Distributed decryption method and system for quantum-password-resistant grid | |
| CN114826551A (en) | Protection method and system for full life cycle data of smart power grid | |
| Tahir et al. | A scheme for the generation of strong icmetrics based session key pairs for secure embedded system applications | |
| Xue et al. | Efficient multiplicative-to-additive function from Joye-Libert cryptosystem and its application to threshold ECDSA | |
| US20220382521A1 (en) | System and method for encryption and decryption using logic synthesis | |
| Liu | Efficient processing of encrypted data in honest-but-curious clouds | |
| CN111817853B (en) | Signcryption algorithm for post-quantum security | |
| Li et al. | Privacy-preserving large-scale systems of linear equations in outsourcing storage and computation | |
| Durcheva | Semirings as building blocks in cryptography | |
| Chang et al. | Cryptanalysis on an improved version of ElGamal-like public-key encryption scheme for encrypting large messages | |
| Shen et al. | A multivariate public key encryption scheme with equality test | |
| Bai et al. | Privacy‐Preserving Oriented Floating‐Point Number Fully Homomorphic Encryption Scheme | |
| CN113094721B (en) | Post-quantum password authentication key exchange method based on modular error learning | |
| CN115102689A (en) | Two-party cooperative S box generation method, encryption method and storage medium | |
| WO2022172041A1 (en) | Asymmetric cryptographic schemes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |