CN114866222B - Ciphertext data statistical analysis system and method supporting privacy protection - Google Patents

Ciphertext data statistical analysis system and method supporting privacy protection Download PDF

Info

Publication number
CN114866222B
CN114866222B CN202210681492.XA CN202210681492A CN114866222B CN 114866222 B CN114866222 B CN 114866222B CN 202210681492 A CN202210681492 A CN 202210681492A CN 114866222 B CN114866222 B CN 114866222B
Authority
CN
China
Prior art keywords
ciphertext data
data
ciphertext
data report
digital signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210681492.XA
Other languages
Chinese (zh)
Other versions
CN114866222A (en
Inventor
孔凡玉
陶云亭
史玉良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong University
Original Assignee
Shandong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong University filed Critical Shandong University
Priority to CN202210681492.XA priority Critical patent/CN114866222B/en
Publication of CN114866222A publication Critical patent/CN114866222A/en
Application granted granted Critical
Publication of CN114866222B publication Critical patent/CN114866222B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)

Abstract

The invention provides a ciphertext data statistical analysis system and method supporting privacy protection, which belong to the technical field of network information security, wherein the scheme realizes the statistical analysis energy supply of ciphertext data based on adopting homomorphic encryption algorithm and digital signature algorithm, and supports the statistical analysis function calculation and abnormal value detection statistical analysis function in ciphertext state, thereby providing data analysis service and system condition early warning for a supervision mechanism; according to the scheme, a multi-layer aggregation structure is adopted, namely, the edge nodes and the cloud nodes share the statistical calculation task, so that the calculation load at a single node is reduced; the edge node and the cloud node perform homomorphic statistical operation in a ciphertext state, so that user data and statistical data are prevented from being stolen by opponents, and meanwhile malicious behaviors in the system are also resisted; meanwhile, the scheme uses a secret sharing technology, so that the total number of the sensor devices cannot be known when the edge devices and the control center can calculate the average value.

Description

Ciphertext data statistical analysis system and method supporting privacy protection
Technical Field
The disclosure belongs to the technical field of network information security, and particularly relates to a ciphertext data statistical analysis system and method supporting privacy protection.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
In recent years, the Internet of things and the wireless sensor network are widely applied to application scenes such as intelligent agriculture, industrial manufacturing, intelligent traffic, intelligent home, automatic driving automobiles, medical care and the like. The sensor equipment and the terminal in the Internet of things are responsible for sensing real-time data, and the sensed data are transmitted to the control center for data analysis and intelligent control. Meanwhile, a supervision organization (such as security, environmental protection, electric power, agriculture, factory and other scenes) needs to make corresponding management measures or emergency response through real-time statistical analysis of abnormal conditions of terminal equipment and data through the Internet of things.
In various internet of things and wireless sensor networks, edge computing devices are deployed near terminal and sensor device areas, and can distribute a part of data statistics and computation tasks of the terminal and the sensor devices to the edge devices, thereby providing computation enhancement services for the terminal and the sensor with limited resources. The edge computing devices of the multiple areas transmit the aggregated data to a cloud control center for further statistical computation.
However, the inventors have found that the data aggregation, transmission and statistical analysis process may be subject to some potential attack and security risks such as illegal eavesdropping, malicious tampering, counterfeiting, etc. Because the internet of things terminal and the wireless sensor are usually deployed in an unattended environment, data can be captured or forged in the transmission process; an adversary can invade the edge gateway to steal the private data of the user; the adversary may eavesdrop when the statistical analysis data is transmitted in a wireless local area network or the internet. Meanwhile, if the cloud control center is used as a third party service provider and the statistical data is known, the corresponding business secret can be presumed and utilized; the supervision organization only has the right to acquire the statistical data in the authority range, and the number of the sensors and the represented industrial scale are required to be kept secret; in order to realize the security guarantee of data statistics analysis aiming at the security risk, the traditional encryption method cannot effectively solve the problem of cryptograph data statistics analysis enhanced by edge calculation.
Disclosure of Invention
In order to solve the problems, the disclosure provides a ciphertext data statistical analysis system and a method supporting privacy protection, wherein the scheme is characterized in that a plurality of parties such as an edge aggregator, a cloud control center, a supervision mechanism and the like participate in calculation, the quantity of sensors of the internet of things is not leaked to the cloud control center and the supervision mechanism, the confidentiality and the integrity of data are ensured by using an addition homomorphic encryption algorithm and a digital signature algorithm, the quantity of blind sensors is linearly transformed, and the confidentiality of equipment scale is realized; the scheme supports the statistical analysis function calculation and abnormal value detection statistical analysis function in the ciphertext state, and provides data analysis service and system condition early warning for the supervision mechanism.
According to a first aspect of an embodiment of the present disclosure, there is provided a ciphertext data statistical analysis system supporting privacy protection, comprising:
a trusted authority for generating independent public and private keys for the sensor device, the edge aggregator, the control center, and the regulatory agency;
the sensor equipment is used for carrying out basic preprocessing on the acquired data, encrypting the data through a homomorphic encryption algorithm, generating a digital signature of the sensor equipment by utilizing a digital signature algorithm based on the ID of the sensor equipment, forming a ciphertext data report, and sending the ciphertext data report to the edge aggregator;
the edge aggregator is used for receiving the ciphertext data report of the sensor equipment in the preset area and carrying out preset operation processing on the encrypted data in the ciphertext data report; meanwhile, carrying out blinding processing on the equipment number of the current area based on blinding numbers from a supervision mechanism, forming a ciphertext data report based on data subjected to preset operation processing and a digital signature of an edge aggregator, and sending the ciphertext data report to a control center;
the control center is used for receiving the ciphertext data report from the edge aggregator and carrying out preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and the digital signature of the control center, and sending the ciphertext data report to a supervision organization;
and the supervisory mechanism is used for receiving the ciphertext data report from the control center, decrypting the ciphertext data and performing blind removing processing on the ciphertext data to obtain a statistical analysis result.
Further, the edge aggregator receives the ciphertext data report of the sensor device in the preset area, and then specifically executes the following operations: verifying the signature validity of the ciphertext data report; carrying out preset operation on ciphertext data for the ciphertext data report passing verification; generating a digital signature of the edge aggregator based on the edge aggregator ID; forming a ciphertext data report based on the data and the digital signature after the aggregation operation, and sending the ciphertext data report to a control center;
further, the trusted authority is further configured to: and generating an encryption public key and a decryption private key of the homomorphic encryption algorithm, and a signature public key and a signature private key of the digital signature algorithm according to preset safety parameters, and distributing the keys based on preset rules.
Further, the device number of the current area is subjected to blinding processing based on the blinding number from the supervision mechanism, and the device number is processed by adopting the following formula:
m′ k =αm kk
wherein m' k For the number of blind devices, m k Alpha and beta are the actual equipment number k Together forming the blinding number pairs.
Further, the distribution of the key is specifically: the trusted authority center encrypts the public key pk through a preset secure channel AHE And a signature private key sk DS,i Distributing to the sensor device; will encrypt public key pk AHE Signature private key sk DS,EA Public key pk for signature DS,i Sending to an edge aggregator; will encrypt public key pk AHE Signature private key sk DS,CC Public key pk for signature DS,EA Sending the data to a control center; will decrypt the private key sk AHE = (p, q, λ) and public key pk for signing DS,CC And sent to the regulatory agency.
Further, the generation of the digital signature specifically includes: based on the device ID identification, a digital signature corresponding to the device is generated through a digital signature algorithm.
Further, the homomorphic encryption algorithm includes, but is not limited to, the Paillier homomorphic encryption algorithm, and the digital signature algorithm includes, but is not limited to, the ECDSA digital signature algorithm.
Further, the preset operation includes a summation operation, an arithmetic average, a quadratic average, a weighted average, a variance, a number of data anomalies, and a data anomaly duty ratio.
Further, the basic preprocessing includes representing the acquired data as a data vector, a square perception data vector, a weighted perception data vector, and determining whether the data is abnormal.
According to a second aspect of the embodiments of the present disclosure, there is provided a ciphertext data statistical analysis method supporting privacy protection, which is based on the above-mentioned ciphertext data statistical analysis system supporting privacy protection, including:
the trusted authority center generates independent public keys and private keys for the sensor equipment, the edge aggregator, the control center and the supervision mechanism;
the sensor equipment performs basic preprocessing on the acquired data, encrypts the data through a homomorphic encryption algorithm, generates a digital signature of the sensor equipment by utilizing a digital signature algorithm based on the ID of the sensor equipment, forms a ciphertext data report, and sends the ciphertext data report to an edge aggregator;
the edge aggregator receives a sensor equipment ciphertext data report in a preset area and performs preset operation processing on encrypted data in the ciphertext data report; meanwhile, carrying out blinding processing on the equipment number of the current area based on blinding numbers from a supervision mechanism, forming a ciphertext data report based on data subjected to preset operation processing and a digital signature of an edge aggregator, and sending the ciphertext data report to a control center;
the control center receives the ciphertext data report from the edge aggregator and performs preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and the digital signature of the control center, and sending the ciphertext data report to a supervision organization;
and the supervision mechanism receives the ciphertext data report from the control center, and performs decryption processing and blind removing processing on the ciphertext data to obtain a statistical analysis result.
Compared with the prior art, the beneficial effects of the present disclosure are:
(1) The scheme of the present disclosure provides a ciphertext data statistical analysis method supporting privacy protection, and the scheme realizes the statistical analysis energy supply of ciphertext data based on adopting homomorphic encryption algorithm and digital signature algorithm, and supports the statistical analysis function calculation and abnormal value detection statistical analysis function in ciphertext state, thereby providing data analysis service and system condition early warning for the supervision mechanism.
(2) According to the scheme, a multi-layer aggregation structure is adopted, namely, the edge nodes and the cloud nodes share the statistical calculation task, so that the calculation load of a single node is reduced. Meanwhile, the edge node and the cloud node perform homomorphic statistical operation under the ciphertext state, so that user data and statistical data are prevented from being stolen by opponents, and meanwhile malicious behaviors inside the system are also resisted.
(3) The scheme disclosed by the disclosure uses a secret sharing technology, so that the total number of the sensor devices cannot be known when the edge devices and the control center can calculate the average value. The control center uses the encrypted ciphertext and the total number of the blind devices to execute statistical function calculation in the ciphertext state; and after receiving the ciphertext, the supervision mechanism processes the decrypted mean value by utilizing an improved extended Euclidean algorithm, and calculates the correct mean value. The method avoids the control center from explicitly calculating the numerical value and/or total number based on the plaintext, thereby realizing the privacy protection of the equipment scale.
Additional aspects of the disclosure will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the disclosure.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate and explain the exemplary embodiments of the disclosure and together with the description serve to explain the disclosure, and do not constitute an undue limitation on the disclosure.
Fig. 1 is a data transmission flow chart of a ciphertext data statistical analysis system supporting privacy protection according to an embodiment of the present disclosure;
FIG. 2 is a flow chart of the overall generation and distribution of trusted authority TA keys as described in embodiments of the present disclosure;
FIG. 3 is a flow chart of a sensor group transmitting ciphertext data reports to an edge aggregator EA according to an embodiment of the disclosure;
FIG. 4 is a flowchart of an edge aggregator EA transmitting ciphertext statistical analysis reports to a control center CC, according to an embodiment of the present disclosure;
fig. 5 is a flowchart of a control center CC transmitting a ciphertext statistical analysis report to a supervisory authority SV according to an embodiment of the present disclosure.
Detailed Description
The disclosure is further described below with reference to the drawings and examples.
It should be noted that the following detailed description is illustrative and is intended to provide further explanation of the present disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments in accordance with the present disclosure. As used herein, the singular is also intended to include the plural unless the context clearly indicates otherwise, and furthermore, it is to be understood that the terms "comprises" and/or "comprising" when used in this specification are taken to specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof.
Embodiments of the present disclosure and features of embodiments may be combined with each other without conflict.
Embodiment one:
the aim of the embodiment is to provide a ciphertext data statistical analysis system supporting privacy protection.
A ciphertext data statistical analysis system that supports privacy protection, comprising:
a trusted authority for generating independent public and private keys for the sensor device, the edge aggregator, the control center, and the regulatory agency;
the sensor equipment is used for carrying out basic preprocessing on the acquired data, encrypting the data through a homomorphic encryption algorithm, generating a digital signature of the sensor equipment by utilizing a digital signature algorithm based on the ID of the sensor equipment, forming a ciphertext data report, and sending the ciphertext data report to the edge aggregator;
the edge aggregator is used for receiving the ciphertext data report of the sensor equipment in the preset area and carrying out preset operation processing on the encrypted data in the ciphertext data report; meanwhile, carrying out blinding processing on the equipment number of the current area based on blinding numbers from a supervision mechanism, forming a ciphertext data report based on data subjected to preset operation processing and a digital signature of an edge aggregator, and sending the ciphertext data report to a control center;
the control center is used for receiving the ciphertext data report from the edge aggregator and carrying out preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and the digital signature of the control center, and sending the ciphertext data report to a supervision organization;
and the supervisory mechanism is used for receiving the ciphertext data report from the control center, decrypting the ciphertext data and performing blind removing processing on the ciphertext data to obtain a statistical analysis result.
Further, the edge aggregator receives the ciphertext data report of the sensor device in the preset area, and then specifically executes the following operations: verifying the signature validity of the ciphertext data report; carrying out preset operation on ciphertext data for the ciphertext data report passing verification; generating a digital signature of the edge aggregator based on the edge aggregator ID; forming a ciphertext data report based on the data and the digital signature after the aggregation operation, and sending the ciphertext data report to a control center;
further, the trusted authority is further configured to: and generating an encryption public key and a decryption private key of the homomorphic encryption algorithm, and a signature public key and a signature private key of the digital signature algorithm according to preset safety parameters, and distributing the keys based on preset rules.
Further, the device number of the current area is subjected to blinding processing based on the blinding number from the supervision mechanism, and the device number is processed by adopting the following formula:
m′ k =αm kk
wherein m' k For the number of blind devices, m k Alpha and beta are the actual equipment number k Together forming the blinding number pairs.
Further, the distribution of the key is specifically: the trusted authority center encrypts the public key pk through a preset secure channel AHE And a signature private key sk DS,i Distributing to the sensor device; will encrypt public key pk AHE Signature private key sk DS,EA Public key pk for signature DS,i Sending to an edge aggregator; will encrypt public key pk AHE Signature private key sk DS,CC Public key pk for signature DS,EA Sending the data to a control center; will decrypt the private key sk AHE = (p, q, λ) and public key pk for signing DS,CC And sent to the regulatory agency.
Further, the generation of the digital signature specifically includes: based on the device ID identification, a digital signature corresponding to the device is generated through a digital signature algorithm.
Further, the homomorphic encryption algorithm includes, but is not limited to, the Paillier homomorphic encryption algorithm, and the digital signature algorithm includes, but is not limited to, the ECDSA digital signature algorithm.
Further, the preset operation includes a summation operation, an arithmetic average, a quadratic average, a weighted average, a variance, a number of data anomalies, and a data anomaly duty ratio.
Further, the basic preprocessing includes representing the acquired data as a data vector, a square perception data vector, a weighted perception data vector, and determining whether the data is abnormal.
In particular, for easy understanding, the following detailed description of the embodiments will be given with reference to the accompanying drawings:
in order to solve the problems in the prior art, the present embodiment provides a ciphertext data statistical analysis system supporting privacy protection, the system includes the following five entities: a trusted authority TA; a sensor device SD; an edge aggregator EA; a control center CC; and (5) a supervisory agency SV. As shown in fig. 1, a data transmission flow chart of the system is shown, and the following details of the scheme of this embodiment are described in terms of the roles of different entities and interactions between the entities:
trusted authority TA
As shown in fig. 2, the following steps are specifically performed:
step A: the TA generates a public-private key pair of the Paillier homomorphic encryption algorithm according to a given security parameter. Two large primes p, q are randomly generated, let n=pq, λ=lcm (p-1, q-1). Selection ofThe order of g is a multiple of N.
And (B) step (B): the trusted authority TA generates a public-private key pair of the ECDSA digital signature algorithm according to a given security parameter. Let G be the finite fieldThe base point of the upper elliptic curve with the order q 1 TA for each SD i TA selection finite fieldRandom number in (a) as its private key +.>And calculate its public key pk DS,i =sk Ds,i ·G,SD i The public-private key pair of (1) is (pk DS,i ,sk DS,i ) The method comprises the steps of carrying out a first treatment on the surface of the Similarly, TA generates corresponding public-private key pairs (pk) for EA, CC, SV DS,EA ,sk DS,EA )、(pk DS,CC ,sk DS,CC )、(pk DS,SV ,sk DS,SV ) The method comprises the steps of carrying out a first treatment on the surface of the The system selects a secure hash function +.>
Step C: the trusted authority TA encrypts the public key pair pk through a secure channel AHE = (N, g) and signature private key sk DS,i Distributed to sensor devices SD i The method comprises the steps of carrying out a first treatment on the surface of the Will encrypt public key pk AHE Signature private key sk DS,EA Public key pk for signature DS,i Send to edgeAn edge aggregator EA; will encrypt public key pk AHE Signature private key sk DS,CC Public key pk for signature DS,EA Sending to a control center CC; will decrypt the private key sk AHE = (p, q, λ) and public key pk for signing DS,CC To the supervisory authority SV.
Step D: the supervisory mechanism SV randomly selects a group of random numbers alpha, beta 12 ,…β n Where n is the number of edge gateways and satisfies β 12 +…+β n =0, the number pair (α, β k ) Sent to the corresponding edge aggregator EA via a secure channel k
(two) sensor device SD
When the sensor group generates the perceptual data, the multidimensional data is combined into a vector. At the same time, square data vectors and weighted data vectors are generated simultaneously in order to enable a diversified statistical function. As shown in fig. 3, the sensor device SD specifically performs the following steps:
step A: arbitrary sensor SD i First, a l-dimensional perception data vector d is generated i =(d i,1 ,d i,2 ,...,d i,j ,...d i,l ) The method comprises the steps of carrying out a first treatment on the surface of the Then, by calculating the squareGenerating square perceptual data vectorsAccording to the position weight w of the present sensor i Through d i,j,wei =d i,j w i Calculating to obtain a weighted perception data vector d i,wei =(d i,1,wei ,d i,2,wei ,...,d i,j,wei ,...,d i,l,wei )。
And (B) step (B): for each sensor, there is a range of normal values, if the value of any dimension of the sensing data exceeds the normal range of values, it is determined that the value is abnormal, and the SD is determined i Anomaly counter d of (2) i,cnt Set to 1, otherwise set to 0.
Step C:at SD (secure digital) i Generating d i ,d i,wei And d cnt,i Then, the sensor uses Paillier homomorphic encryption algorithm to encrypt each dimension data to obtain corresponding ciphertext vector ++>c i,wei =(c i,1,wei ,…,c i,l,wei ) And c i,cnt
Step D: given the current timestamp TS, SD i Identification name ID of (1) i The sensor generates a digital signature using the ECDSA algorithm. SD (secure digital memory card) i Selecting a random numberCalculation (r) x,i ,r y,i )=k i G and-> Then obtain signature value sigma i =(sig i mod q 1 ,r x,i mod q 1 )。
Step E: sensor SD i Selectively sending ciphertext data report to edge aggregator EA (c i ,c i,wei ,c i,cnti ,TS,ID i )。
(III) edge aggregator EA
Edge aggregator EA receives sensor SD i And after the data report is sent, performing aggregation operation. If the aggregation operation is performed on plaintext, the private data will be exposed to an untrusted edge aggregator. Therefore, we do these statistical analysis operations on the basis of ciphertext. Perceptual data aggregation under ciphertextThe additive homomorphism nature of the Paillier encryption algorithm generates a statistical analysis report under ciphertext, as shown in FIG. 4, specifically including:
step A: the EA first verifies the legitimacy of the signature received from the report. EA calculation EA passing verification r' x,i mod q 1 =r x,i mod q 1 Whether or not it is established, to determine the validity of the signature.
And (B) step (B): after the verification signature passes, the edge aggregator EA performs a ciphertext aggregation operation. Using the homomorphism of the Paillier algorithm Dec (Enc (d 1 )Enc(d 2 )mod N 2 )=d 1 +d 2 mod N, EA calculation c i =(c i,1 ,…,c i,l ), c i,wei =(c i,1,wei ,…,c i,l,wei ) Summation c in each dimension of j,sum ,c j,qsum ,c j,wsum (1. Ltoreq.j.ltoreq.l). C is set forth in i For example, in dimension j->
Step C: the edge aggregator EA aggregates the counter ciphertext to obtain the total number ciphertext of the abnormal devices in the range of the EA, namely
Step D: the edge aggregator EA performs a blinding process on the number m of sensing devices in the region using the pair of blinding numbers (α, β) transmitted by SV, to obtain m' =αm+β.
Step E: given a givenIdentification name ID of current timestamp TS, EA EA The EA generates a digital signature. EA selects a random numberCalculation (r) x,EA ,r y,EA )=k EA G and sig EA =(H(c 1,sum ||…||c l,sum ||c 1,qsum ||…||c l,qsum ||c 1,wsum ||…||c l,wsum ||c i,cnt ||TS||ID i )+sk DS,EA r x,EA )/k EA Then obtain signature value sigma EA =(sig EA mod q 1 ,r x,EA mod q 1 )。
Step E: the edge aggregator EA sends the ciphertext data report (c j,sum ,c j,qsum ,c j,wsum ,c cnt ,m′,σ EA ,TS,ID EA ),(1≤j≤l)。
(IV) control center CC
After receiving the statistical analysis report sent by the edge aggregator EA, the control center CC performs ciphertext average calculation. Because the total number of devices is blindly hidden by the EA, the control center CC cannot learn each EA k The number of specific devices administered and the total number of devices. Therefore, the average value obtained by CC is a blinded average value. As shown in fig. 5, the control center CC specifically performs the following steps:
step A: the CC verifies the validity of the statistical report signature. Calculation (r' x,EA ,r′ y,EA )=G/(sig EA ·H(c 1,sum ||…||c l,sum ||c 1,qsum ||…||c l,qsum ||c 1,wsum ||…||c l,wsum ||c cnt ||m′||TS||ID EA )+pk EA /sig EA r x,EA EA passing verification r' x,EA mod q 1 =r x,i mod q 1 Whether or not it is established, to determine the validity of the signature.
And (B) step (B): after the signature verification is passed, the control center CC transmits the blinded device number m 'for each EA' k And (1) adding k is less than or equal to n. Due to the nature of the blinding parameters, the summationAs a result of (2) being m' sum =m′ 1 +m′ 2 +…+m′ n =α(m 1 +m 1 +…+m n )+β 12 +…+β n =α(m 1 +m 1 +…+m n )。
Step C: utilizing homomorphism properties of Paillier homomorphism encryption algorithmTotal number of blinded devices m' sum CC calculation c i ,/>c i,wei Blind mean c for each dimension in (a) j,mean ,c j,qmean ,c j,wmean . Taking the j-th dimension as an example,CC calculation of the abnormal Equipment count proportion after blinding +.>
Step D: given the current timestamp TS, the identification name ID of the CC CC The EA generates a digital signature. CC selects a random numberCalculation (r) x,CC ,r y,CC )=k CC G and sig CC =(H(c 1,mean ||…||c l,mean ||c 1,qmean ||…||c l,qmean ||c 1,wmean ||…||c l,wmean ||c rat,cnt ||TS||ID CC )+sk DS,CC r x,CC )/k CC Then obtain signature value sigma CC =(sig CC mod q 1 ,r x,CC mod q 1 )。
Step E: the control center CC sends the ciphertext number to the supervisory mechanism SVReport (c) j,mean ,c j,qmean ,c j,wmean ,c rat,cntCC ,TS,ID CC ),(1≤j≤l)。
(V) regulatory body SV
After receiving the statistical analysis report sent by the control center CC, the supervisory mechanism SV performs decryption and post-processing. The administrative SV visualizes the decrypted mean (scale). If the statistics (e.g., mean) are themselves decimal, then a meaningless decimal will result after decryption. Thus, in post-processing, the modified extended Euclidean algorithm is introduced to perform a reduction to obtain an approximation of the decimal. The supervision authority SV specifically performs the following steps:
step A: the control center CC first verifies the validity of the signature received the statistical report. SV calculation (r' x,CC ,r′ y,CC )=G/(sig CC ·H(c 1,mean ||…||c l,mean ||c 1,qmean ||…||c l,qmean ||c 1,wmean ||…||c l,wmean ||c rat,cnt ||TS||ID CC )+pk CC /sig CC ·r x,CC SV passes verification of r' x,CC mod q 1 =r x,i mod q 1 Whether or not it is established, to determine the validity of the signature.
And (B) step (B): after the signature verification is passed, the supervision authority SV performs the Paillier decryption operation. SV calculation d=l (c λ mod n 2 ) Mu mod n, hereμ=(L(g λ mod n 2 )) -1 mod N. After decryption, the average value of each dimension and the proportion of abnormal equipment are still in a blinded hidden state and are expressed as (d' 1,mean ,…,d′ l,mean ,d′ 1,qmean ,…,d′ l,qmean ,d′ 1,wmean ,…,d′ l,wmean ,d′ rat,cnt )。
Step C: after decryption, the supervisory authority SV performs the blinding operation. By d' j,mean For example, the SV calculation d j,mean =αd′ j,mean . After blind removalThe mean value of each dimension and the abnormal equipment ratio are expressed as (d) 1,mean ,…,d l,mean ,d 1,qmean ,…,d l,qmean ,d 1,wmean ,…,d l,wmean ,d rat,cnt )。
Step D: the decrypted mean value is reduced by extending Euclidean reduction and converted into the correct floating point number. The reduction algorithm described in table 1 is performed:
the reduced mean is denoted as (D 1,mean ,…,D l,mean ,D 1,qmean ,…,D l,qmean ,D 1,wmean ,…,D l,wmean ,D rat,cnt )。
Step D: and calculating a secondary mean value and variance. CC calculates the secondary mean value in different dimensionsCalculating variance D in different dimensions j,var =D j,qmean -(D j,mean ) 2
Embodiment two:
the purpose of this embodiment is to provide a ciphertext data statistical analysis method supporting privacy protection.
A ciphertext data statistical analysis method supporting privacy protection is based on the ciphertext data statistical analysis system supporting privacy protection, which comprises the following steps:
the trusted authority center generates independent public keys and private keys for the sensor equipment, the edge aggregator, the control center and the supervision mechanism;
the sensor equipment performs basic preprocessing on the acquired data, encrypts the data through a homomorphic encryption algorithm, generates a digital signature of the sensor equipment by utilizing a digital signature algorithm based on the ID of the sensor equipment, forms a ciphertext data report, and sends the ciphertext data report to an edge aggregator;
the edge aggregator receives a sensor equipment ciphertext data report in a preset area and performs preset operation processing on encrypted data in the ciphertext data report; meanwhile, carrying out blinding processing on the equipment number of the current area based on blinding numbers from a supervision mechanism, forming a ciphertext data report based on data subjected to preset operation processing and a digital signature of an edge aggregator, and sending the ciphertext data report to a control center;
the control center receives the ciphertext data report from the edge aggregator and performs preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and the digital signature of the control center, and sending the ciphertext data report to a supervision organization;
and the supervision mechanism receives the ciphertext data report from the control center, and performs decryption processing and blind removing processing on the ciphertext data to obtain a statistical analysis result.
Further, the method according to the present embodiment is based on the system according to the first embodiment, and the technical details thereof are described in detail in the first embodiment, so that the description thereof is omitted here.
The ciphertext data statistical analysis system and the method supporting privacy protection can be realized, and have wide application prospects.
The foregoing description of the preferred embodiments of the present disclosure is provided only and not intended to limit the disclosure so that various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims (8)

1. A ciphertext data statistical analysis system supporting privacy protection, comprising:
a trusted authority for generating independent public and private keys for the sensor device, the edge aggregator, the control center, and the regulatory agency;
the sensor equipment is used for carrying out basic preprocessing on the acquired data, encrypting the data through a homomorphic encryption algorithm, generating a digital signature of the sensor equipment by utilizing a digital signature algorithm based on the ID of the sensor equipment, forming a ciphertext data report, and sending the ciphertext data report to the edge aggregator;
the edge aggregator is used for receiving the ciphertext data report of the sensor equipment in the preset area and carrying out preset operation processing on the encrypted data in the ciphertext data report; meanwhile, performing blinding processing on the equipment number of the current area based on blinding numbers from a supervision mechanism, forming a ciphertext data report based on the encrypted data after the preset operation processing and the digital signature of the edge aggregator and the blinding processed equipment number, and sending the ciphertext data report to a control center;
the control center is used for receiving the ciphertext data report from the edge aggregator and carrying out preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and the digital signature of the control center, and sending the ciphertext data report to a supervision organization;
the supervisory mechanism is used for receiving the ciphertext data report from the control center, decrypting the ciphertext data and performing blind removing treatment to obtain a statistical analysis result;
the basic preprocessing comprises the steps of representing collected data as data vectors, generating square perception data vectors based on the data vectors, calculating weighted perception data vectors based on the data vectors, and judging whether the data are abnormal based on the data vectors; if the data is judged to be abnormal, setting the corresponding abnormal counter to be 1, otherwise, setting the corresponding abnormal counter to be 0;
the device number of the current area is subjected to blinding processing based on the blinding number from the supervision mechanism, and the device number of the current area is processed by adopting the following formula:
m′ k =αm kk
wherein m' k For the number of blind devices, m k Alpha and beta are the actual equipment number k Together forming the blinding number pairs.
2. The system for statistical analysis of ciphertext data supporting privacy protection of claim 1, wherein the edge aggregator, after receiving the ciphertext data report of the sensor device in the predetermined area, performs the following operations: verifying the signature validity of the ciphertext data report; carrying out preset operation on ciphertext data for the ciphertext data report passing verification; generating a digital signature of the edge aggregator based on the edge aggregator ID; and forming a ciphertext data report based on the encrypted data after the preset operation processing, the digital signature and the equipment number after the blinding processing, and sending the ciphertext data report to a control center.
3. The ciphertext data statistical analysis system supporting privacy protection of claim 1, wherein the trusted authority is further configured to: and generating an encryption public key and a decryption private key of the homomorphic encryption algorithm, and a signature public key and a signature private key of the digital signature algorithm according to preset safety parameters, and distributing the encryption public key, the decryption private key, the signature public key and the signature private key based on preset rules.
4. The ciphertext data statistical analysis system supporting privacy protection of claim 1, wherein the distribution of the encryption public key, the decryption private key, the signature public key, and the signature private key is specifically: the trusted authority center encrypts the public key pk through a preset secure channel AHE And a signature private key sk DS,i Distributing to the sensor device; will encrypt public key pk AHE Signature private key sk DS,EA Public key pk for signature DS,i Sending to an edge aggregator; will encrypt public key pk AHE Signature private key sk DS,CC Public key pk for signature DS,EA Sending the data to a control center; will decrypt the private key and verify and sign the public key pk DS,CC And sent to the regulatory agency.
5. The ciphertext data statistical analysis system supporting privacy protection of claim 1, wherein the generation of the digital signature is specifically: based on the device ID identification, a digital signature corresponding to the device is generated through a digital signature algorithm.
6. A ciphertext data statistical analysis system supporting privacy protection as recited in claim 5, wherein the homomorphic encryption algorithm comprises, but is not limited to, a Paillier homomorphic encryption algorithm, and the digital signature algorithm comprises, but is not limited to, an ECDSA digital signature algorithm.
7. The system of claim 1, wherein the predetermined operations include a summation operation, an arithmetic average, a quadratic average, a weighted average, a variance, a number of anomalies, and a duty cycle of anomalies.
8. A method for supporting privacy preserving ciphertext data statistical analysis based on a privacy preserving ciphertext data statistical analysis system as claimed in any one of claims 1 to 7, comprising:
the trusted authority center generates independent public keys and private keys for the sensor equipment, the edge aggregator, the control center and the supervision mechanism;
the sensor equipment performs basic preprocessing on the acquired data, encrypts the data through a homomorphic encryption algorithm, generates a digital signature of the sensor equipment by utilizing a digital signature algorithm based on the ID of the sensor equipment, forms a ciphertext data report, and sends the ciphertext data report to an edge aggregator;
the edge aggregator receives a sensor equipment ciphertext data report in a preset area and performs preset operation processing on encrypted data in the ciphertext data report; meanwhile, carrying out blinding processing on the equipment number of the current area based on blinding numbers from a supervision mechanism, forming a ciphertext data report based on data subjected to preset operation processing and a digital signature of an edge aggregator, and sending the ciphertext data report to a control center;
the control center receives the ciphertext data report from the edge aggregator and performs preset operation processing on the encrypted data in the ciphertext data report; forming a ciphertext data report based on the processed encrypted data and the digital signature of the control center, and sending the ciphertext data report to a supervision organization;
and the supervision mechanism receives the ciphertext data report from the control center, and performs decryption processing and blind removing processing on the ciphertext data to obtain a statistical analysis result.
CN202210681492.XA 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection Active CN114866222B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210681492.XA CN114866222B (en) 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210681492.XA CN114866222B (en) 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection

Publications (2)

Publication Number Publication Date
CN114866222A CN114866222A (en) 2022-08-05
CN114866222B true CN114866222B (en) 2024-03-15

Family

ID=82624644

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210681492.XA Active CN114866222B (en) 2022-06-16 2022-06-16 Ciphertext data statistical analysis system and method supporting privacy protection

Country Status (1)

Country Link
CN (1) CN114866222B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115549993B (en) * 2022-09-19 2024-04-26 山东大学 Multitasking cost evaluation method and system based on graph path dense state calculation
CN115271733B (en) * 2022-09-28 2022-12-13 深圳市迪博企业风险管理技术有限公司 Privacy-protected block chain transaction data anomaly detection method and equipment
CN115834064B (en) * 2023-02-23 2023-04-14 北京中电普华信息技术有限公司 Secure multi-party computing method, device, system, equipment and storage medium
CN115879139B (en) * 2023-03-08 2023-05-12 四川边缘算力科技有限公司 User data management method based on edge calculation
CN117439731B (en) * 2023-12-21 2024-03-12 山东大学 Privacy protection big data principal component analysis method and system based on homomorphic encryption

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366A (en) * 2020-05-13 2020-06-16 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111931249A (en) * 2020-09-22 2020-11-13 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111294366A (en) * 2020-05-13 2020-06-16 西南石油大学 Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid
CN111931249A (en) * 2020-09-22 2020-11-13 西南石油大学 Medical secret data statistical analysis method supporting transmission fault-tolerant mechanism

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"EPPSA: Efficient Privacy-Preserving Statistical Aggregation Scheme for Edge Computing-Enhanced Wireless Sensor Networks";Yunting Tao.et;《Theory and Engineering Practice for Security and Privacy of Edge Computing 2021》;20220502;全文 *
"Multi-functional secure data aggregation schemes for WSNs";Ping Zhang.et;《ELSEVIER》;20171108;全文 *
"Paillier Cryptosystem based Mean Value Computation for Encrypted Domain Image Processing Operations";MOHSIN SHAH.et;《ACM》;20190930;全文 *

Also Published As

Publication number Publication date
CN114866222A (en) 2022-08-05

Similar Documents

Publication Publication Date Title
CN114866222B (en) Ciphertext data statistical analysis system and method supporting privacy protection
Wang et al. Fault-tolerant multisubset aggregation scheme for smart grid
Jo et al. Efficient and privacy-preserving metering protocols for smart grid systems
CN108683493B (en) Data aggregation method for providing privacy protection in smart power grid
Wang et al. Privacy-preserving data aggregation against malicious data mining attack for IoT-enabled smart grid
CN105812128B (en) A kind of anti-malicious data of intelligent grid excavates the data aggregation method of attack
Beaver et al. Key management for SCADA
Wang et al. An efficient privacy‐preserving aggregation and billing protocol for smart grid
CN111726346B (en) Data secure transmission method, device and system
Diovu et al. Enhancing the security of a cloud‐based smart grid AMI network by leveraging on the features of quantum key distribution
Ge et al. FGDA: Fine-grained data analysis in privacy-preserving smart grid communications
Karopoulos et al. MASKER: Masking for privacy-preserving aggregation in the smart grid ecosystem
Wen et al. State estimation based energy theft detection scheme with privacy preservation in smart grid
Salem et al. SOS: Self‐organized secure framework for VANET
CN111294793A (en) Data privacy protection method for identity authentication in wireless sensor network
Zhang et al. Antiquantum privacy protection scheme in advanced metering infrastructure of smart grid based on consortium blockchain and rlwe
Song et al. Semda: Secure and efficient multidimensional data aggregation in smart grid without a trusted third party
Rottondi et al. A protocol for metering data pseudonymization in smart grids
Ogundoyin An anonymous and privacy‐preserving scheme for efficient traffic movement analysis in intelligent transportation system
CN107426176B (en) Safe underwater transmission method supporting confusion and zero knowledge
Zhang et al. Privacy-aware data collection and aggregation in IoT enabled fog computing
Guan et al. Protecting user privacy based on secret sharing with fault tolerance for big data in smart grid
Oh et al. A secure data processing system in edge computing-powered AIoT
Ma et al. Edge computing assisted an efficient privacy protection layered data aggregation scheme for IIoT
Shang et al. Decentralized distributed federated learning based on multi-key homomorphic encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant