CN117675200B - Identity-based verifiable data aggregation analysis system under assistance of SGX - Google Patents

Identity-based verifiable data aggregation analysis system under assistance of SGX Download PDF

Info

Publication number
CN117675200B
CN117675200B CN202311770351.6A CN202311770351A CN117675200B CN 117675200 B CN117675200 B CN 117675200B CN 202311770351 A CN202311770351 A CN 202311770351A CN 117675200 B CN117675200 B CN 117675200B
Authority
CN
China
Prior art keywords
data
analysis
ciphertext
cloud server
sigma
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311770351.6A
Other languages
Chinese (zh)
Other versions
CN117675200A (en
Inventor
隋海峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Netlink Beijing Digital Technology Co ltd
Original Assignee
Netlink Beijing Digital Technology Co ltd
Filing date
Publication date
Application filed by Netlink Beijing Digital Technology Co ltd filed Critical Netlink Beijing Digital Technology Co ltd
Priority to CN202311770351.6A priority Critical patent/CN117675200B/en
Publication of CN117675200A publication Critical patent/CN117675200A/en
Application granted granted Critical
Publication of CN117675200B publication Critical patent/CN117675200B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention relates to the field of cloud computing, in particular to an identity-based verifiable data aggregation analysis system under the assistance of SGX, which comprises the following steps: the key generation center and the analysis center respectively carry out SGX remote verification with the cloud server to establish a secure channel, and generate session keys s 1 and s 2 for transmitting data; according to the invention, whether aggregation is carried out according to the requirements and whether the analysis result is tampered are verified in the analysis center, and then decryption operation is carried out, so that the analysis result of the ciphertext is more efficiently and rapidly output compared with the pure ciphertext analysis calculation.

Description

Identity-based verifiable data aggregation analysis system under assistance of SGX
Technical Field
The invention relates to the technical field of cloud computing, in particular to an identity-based verifiable data aggregation analysis system under the assistance of SGX.
Background
With the ultra-high speed development of cloud computing, various intelligent wearable devices related to medical treatment, transportation, finance and the like generate massive data every day, and the data are continuously transmitted to the internet, and the data may relate to privacy data of users and are very sensitive. Thus, these data are often transmitted in encrypted form over an open network, and stored and calculated securely in ciphertext form. Confidentiality of data is guaranteed through an encryption mode, but in the process of data transmission, an external adversary can exist, interception, replacement and even tampering of data are carried out by monitoring and grabbing data through a data transmission testing channel, and therefore a digital signature technology is needed to guarantee the integrity of the data. However, in the traditional cloud computing scenario, most of the traditional cloud computing scenario is to perform corresponding computing and analyzing operations on encrypted ciphertext data, so that the availability of the data is greatly reduced, the analysis efficiency is delayed, the corresponding computing efficiency is affected, and the requirement of rapid development of a modern network cannot be met. Secondly, most of the solutions rely on traditional cloud servers, and cloud servers with more secure trusted execution environments (Trusted Execution Environment, TEE), such as Intel SGX, ARM trust zone, etc., are not considered. The TEE is a technology capable of ensuring the safety of application programs and data, namely a safe software environment, and can ensure that the programs and data running in the TEE are not subjected to malicious operations or falsification, so as to ensure mobile applications and services of the TEE. The TEE can also effectively prevent intrusion and counterfeiting, can implement private and protected application execution, and protects the security of storing sensitive information and user privacy.
The previous solutions have not been optimal solutions to the security problems of the traditional data outsourcing described above. Therefore, how to design and solve the problems of data security and computing efficiency in the data outsourcing storage computing process becomes important in the scenarios of cloud computing and edge computing with TEE.
In chinese patent CN202110880355.4, an internet of things data aggregation and analysis method, the main focus is on processing feature rules, determining feature values and classification, sending the classified feature values to Kafka for classification, and then performing data analysis and aggregation processing through Flink. Data analysis and cleaning are emphasized, and efficiency of real-time data query and deep analysis is improved; the data confidentiality and the integrity are not considered, meanwhile, the universality design is not carried out on the cloud computing and edge computing scenes with the TEE environment, and the data processing process emphasized by the invention can be put into the TEE for safer plaintext processing, so that the false alarm rate can be slowed down.
In chinese patent CN202111026859.6, a system and method for statistical analysis of medical data aggregation, where a personal identification data collection end uses personal data to generate encrypted x-ID, and an institution collection end aggregates x-ID and auxiliary health information contained in x-ID, and a data application request end provides an anonymized data operation environment, the invention performs anonymized analysis processing on multiple medical data of the same person, but performs aggregation analysis based on identity and integrity of health information in consideration of real-time large sample data under cloud computing and edge computing scenarios under SGX assistance.
In the chinese patent CN201911420366.3, the statistical analysis method of the packet cloud storage medical data aggregation with privacy protection effectively ensures confidentiality and privacy of user sensitive data, reduces computing overhead of a medical analysis center, and can verify correctness and integrity of data aggregation, but the analysis method only considers mean and variance, and meanwhile does not comprehensively consider an emerging cloud computing scene with TEE environment, and meanwhile, the computing overhead is larger than that of a cloud server with TEE, and the analysis efficiency is lower.
In summary, there are three key issues to be resolved:
First, in the current data aggregation analysis model, security problems exist in terms of data confidentiality and integrity, data analysis efficiency and unauthorized data aggregation, but even trusted data management parties can be damaged by intrusion or leak private data due to external interests due to frequent private data leakage events issued by CNCERT/CC. Moreover, even if these trusted data managers do not actively leak private data, it is difficult to ensure that the private data of the user can be used in a processing manner agreed to by the user.
Secondly, although legal regulations such as "network security law", "infringement responsibility law", "data security law", "personal information protection law" in China require that a data service party open more privacy data control rights to users, the problems of cost or technology in practical application are not realized. These data service parties typically unilaterally specify the manner in which the user uses the data by self-drafting privacy policies, and there is no way to implement the user's privacy data preferences, if the user refuses the data service party's privacy scheme, the user will be refused to use the service.
Finally, in the existing data aggregation analysis schemes, most of the schemes are based on traditional cloud servers, and the novel cloud computing and edge computing scenes of soft and hard combination are not considered. Therefore, an effective SGX-assisted identity-based verifiable data aggregation analysis architecture is needed that can coexist with data protection mechanisms, so that data generation computation and confidentiality, integrity and correctness of computation results of data in the transmission process.
In summary, based on the above-mentioned research, the invention provides an identity-based verifiable data aggregation analysis system under the assistance of SGX, which can effectively aggregate data uploaded by different data owners while guaranteeing confidentiality of outsourcing data and integrity of data in a transmission process, and perform more flexible statistical analysis (variance, mean, covariance, standard deviation, correlation analysis, principal component analysis) of plaintext in TEE, and more efficiently and rapidly output the analysis result of ciphertext compared with pure ciphertext analysis calculation.
Disclosure of Invention
In view of the above-mentioned drawbacks of the prior art, the present invention is directed to providing an identity-based verifiable data aggregation analysis system with SGX assistance, by involving five entities, namely a data owner DO ij, an edge server ES i, a cloud server CS, an analysis center AC, and a key generation center PKG. Wherein the cloud server, the key generation center and the analysis center are required to be provided with hardware requirements of a trusted execution environment (Trusted Execution Environment, TEE), such as: intel SGX (Software Guard Extension). First, the key generation center and the analysis center respectively perform remote authentication with the cloud server to establish a secure channel, generate session keys s 1 and s 2, and respectively verify whether the cloud service TEE environment (in other words, the hardware SGX) is running securely. Secondly, the key generation center carries out system initialization to generate a master key pair, sets a unique identity of all entities of the system, generates a signature key according to the identity of the entities of the system, and then carries out key distribution; then, the data owner encrypts and signs the uploaded source data according to the distributed secret key; then, the edge server is responsible for aggregating and verifying the encrypted state data uploaded by all data owners of the affiliated area, and if the verification is passed, signing the aggregated ciphertext and uploading the encrypted state data to the cloud service; the cloud server aggregates and verifies all the secret state data and is used for data analysis; the analysis center initiates a data analysis request, and the enclaspe of the cloud server performs data analysis after data aggregation in the cloud server according to the requirements and sends a data analysis result to the analysis center; the analysis center verifies whether aggregation is carried out according to the requirements and verifies whether the analysis result is tampered, and then decryption operation is carried out, so that the analysis result of the ciphertext is output more efficiently and rapidly compared with the pure ciphertext analysis calculation.
In order to achieve the above purpose, the present invention provides the following technical solutions:
The invention provides an identity-based verifiable data aggregation analysis system under the assistance of SGX, which comprises the following steps:
Step 1: the key generation center and the analysis center respectively carry out SGX remote verification with the cloud server to establish a secure channel, and generate session keys s 1 and s 2 for transmitting data;
Step 2: the key generation center PKG generates a master key pair by executing an initialization algorithm, the master key pair is divided into a public key pk and a master key msk, the public key pk is disclosed to a data owner DO ij, an edge server ES i, an analysis center AC and a cloud server CS in the system, the master key msk is encrypted by using a session key s 1, and the encrypted master key msk is transmitted through a secure channel generated by SGX remote authentication between the key generation center PKG and the cloud server;
Step 3: the key generation center PKG generates corresponding signature keys according to unique identifiers Did j,idAC,Eidi and id C of the data owner DO ij, the analysis center AC, the edge server ES i and the cloud server CS, wherein i and j respectively represent the number of the data owner and the edge server, i is more than or equal to 1 and less than or equal to m, j is more than or equal to 1 and less than or equal to n, and the data owner, the edge server S and the cloud server CS are distributed to other entities of the system;
Step 4: the data owner DO ij in the system encrypts the source data m ij through an encryption algorithm to obtain a ciphertext, calculates a signature sigma ij of the ciphertext, and sends the ciphertext C ij and the signature sigma ij to the edge server ES i;
Step 5: the edge server ES i performs an aggregation algorithm on the data owners Uploading ciphertext data for aggregation, and verifying whether the ciphertext data are tampered or not in batches; after verification is passed, ES i aggregates ciphertext data and signs the ciphertext data, and the aggregate data C i and signature sigma i are sent to a cloud server CS together;
step 6: the cloud server CS comprises trusted computing enclases, the enclases performs batch verification on the aggregation ciphertext data C i and the signature sigma i uploaded by all edge servers, if verification passes, the stored ciphertext data is used for data analysis operation, otherwise, the stored ciphertext data is invalid, and challenges are restarted;
step 7: the analysis center AC initiates a data analysis request to the cloud server CS, the Enclave in the cloud server CS carries out ciphertext data aggregation according to the request to obtain an aggregation ciphertext C, and carries out digital signature on the aggregation ciphertext C to obtain a digital signature sigma, then data analysis operation is carried out in the Enclave to obtain a data analysis result R, the data analysis result R is encrypted, and digital signature is carried out on the data analysis result R to obtain a signature sigma R, and { sigma, C, sigma R,CR, t } is sent to the analysis center AC, wherein t represents a time stamp, and ciphertext of the analysis result of C R;
Step 8: the analysis center AC receives { sigma, C, sigma R,CR, t }, verifies the signatures of the { sigma, C, sigma R,CR, t }, and obtains the final analysis result by decrypting the analysis center AC through a decryption algorithm after verification; otherwise, reject the result and reinitiate the request.
The invention is further provided with: in step 2, the initialization algorithm specifically includes:
in step 2, the initialization algorithm specifically includes:
1) Reading a preset safety parameter lambda and generating a large integer cyclic group with the order of p
2) Constructing a bilinear pairing function e by using the cyclic group: And g is group G 1 is the groupIs a generator of (1);
3) Selecting a random number alpha from the large integer cyclic group, and calculating h=g α;
4) And randomly selecting two anti-collision hash functions H 1: And H 2:
5) The public key is generated by the key generation center PKG Sending to the analysis center, the data owner, the edge server and the cloud server; and executing remote authentication service with the SGX in the cloud server, establishing a secure channel, and transmitting the master key alpha to the inside of the SGX.
The invention is further provided with: the key generation algorithm described in step 4 specifically includes:
1) Generating unique identity marks for all data owner sets, analysis centers, edge server clusters and cloud server entities in each system, wherein the formula is as follows:
DO: id AC,ES:{ESi}={Eidi, 1.ltoreq.i.ltoreq.n } and id C;
2) Respectively calculating a data key for the data owner, the edge server and the cloud server in the system as follows: And And distributing the public-private key pair to the entity.
The invention is further provided with: the encryption method in step 4 comprises the following specific steps: the encryption method in step 4 comprises the following specific steps:
1) The jth data owner under the ith edge server Randomly selecting random numbersAnd for source dataEncrypting to obtain ciphertext
2) The data ownerRandomly selecting random numbersCalculation using key skiIs signed by (a) Wherein the method comprises the steps ofRepresenting a timestamp, and tag representing a data type tag.
3) The data owner sends ciphertext dataSigningAnd time stamp at the timeTo the corresponding i-th edge server ES i.
The invention is further provided with: the verification method in step 5 comprises the following specific steps:
1) The ith edge server ES i randomly selects a random number And then carrying out batch verification on all signatures uploaded by the data owner, wherein the batch verification is carried out by the following formula:
Verifying that the data is not tampered in the transmission process, otherwise rejecting the result and requesting to reinitiate the request;
2) After passing the verification, the ith edge server ES i manages all the data owners Uploading the encrypted data to the ES i for the following aggregation operation
Meanwhile, the ith edge server ES i randomly selects a random numberThen signing the aggregated ciphertext data to obtain a signature
3) The edge server ES i sends the ciphertext data C i, the signature σ i, and the time stamp t i to the cloud server CS.
The invention is further provided with: the method for analyzing data in step 6 specifically comprises the following steps:
The cloud server CS receives ciphertext data C i, signature sigma i and time stamp t i sent by all edge servers ES i, i is more than or equal to 1 and n is more than or equal to 1, and Enclave in the cloud server CS randomly selects a random number And carrying out batch verification on ciphertext data of n different edge servers:
If the verification fails, proving that at least one edge server uploaded ciphertext data is tampered, and requiring all edge servers ES i to resend the ciphertext data, signature and timestamp; after the verification is passed, the cloud server CS stores the secret data.
The invention is further provided with: in the method of analysis described in step 7,
The method of analyzing in step 7, the specific steps include:
1) The analysis center AC sends an encryption analysis request { ES i, tag } to an enclaspe of the cloud server CS through a secure channel established by remote authentication according to the analysis requirement of the analysis center AC;
2) The Enclave in the cloud server CS receives the encrypted analysis request and decrypts the encrypted analysis request, and then the cloud server CS aggregates the storage area according to the analysis request, ciphertext data to obtain an aggregated ciphertext C, g and h are part of the public key;
3) Then enclaspe randomly selects a random number Generating a digital signature :σ=(σ12)=(gμ,H1(idC)α·H2(C||t||tag)μ),t for analyzing the aggregated ciphertext data of the request to represent a time stamp at the time, and tag to represent a data type tag;
4) Then, the Enclave in the cloud server decrypts the aggregated ciphertext data, performs data analysis operation in the Enclave to obtain an analysis result R, analyzes the mean value, the variance, the standard deviation, the covariance and the correlation analysis data analysis method, encrypts the analysis result R through a session key s 2 generated by remote authentication by the Enclave to obtain an analysis result C R of the ciphertext, and randomly selects a random number At the same time, a digital signature is generated for it σR=(σr1r2)=(gτ,H1(idC)α·H2(CR||t)τ);
5) The Enclave of the cloud server CS sends { σ, C, σ R,CR, t } to the analysis center AC.
The invention is further provided with: the method of analyzing in step 8, the specific steps include:
The method of analyzing in step 8, the specific steps include:
1) The analysis center AC receives { sigma, C, sigma R,CR, t }, first, the analysis center AC randomly selects a random number And verifies the digital signature sigma to check whether the ciphertext data is aggregated and tampered according to the requirement, wherein the specific verification process is as follows:
Wherein, sigma requests the signature of the aggregation ciphertext, C aggregates the ciphertext, sigma R analyzes the signature of the result, C R analyzes the ciphertext of the result, t represents the timestamp, idC represents the cloud server identity ID, tag represents the attribute tag, sigma 1 and sigma 2 are two parts of sigma;
2) If the verification is not passed, the ciphertext data is indicated to be not aggregated according to the requirement and is tampered; otherwise, the analysis center AC randomly selects a random number Signature verification of the analysis result is performed to detect whether the analysis result is tampered, and the specific verification process is as follows:
3) If the verification is not passed, indicating that the ciphertext analysis is tampered in the transmission process; otherwise, the analysis center AC performs decryption operation to obtain a data analysis result R.
The invention is further provided with: in step 1, the secure channel is based on IntelSGX hardware-self remote authentication mechanism.
Advantageous effects
Compared with the prior art, the technical proposal provided by the invention has the following advantages that
The beneficial effects are that:
1. the present invention relates to five-party entities, respectively data owners The system comprises an edge server ES i, a cloud server CS, an analysis center AC and a key generation center PKG. Wherein the cloud server, the key generation center and the analysis center are required to be provided with hardware requirements of a trusted execution environment (Trusted Execution Environment, TEE), such as: intel SGX (Software Guard Extension). First, the key generation center and the analysis center respectively perform remote authentication with the cloud server to establish a secure channel, generate session keys s 1 and s 2, and respectively verify whether the cloud service TEE environment (in other words, the hardware SGX) is running securely. Secondly, the key generation center carries out system initialization to generate a master key pair, sets a unique identity of all entities of the system, generates a signature key according to the identity of the entities of the system, and then carries out key distribution; then, the data owner encrypts and signs the uploaded source data according to the distributed secret key; then, the edge server is responsible for aggregating and verifying the encrypted state data uploaded by all data owners of the affiliated area, and if the verification is passed, signing the aggregated ciphertext and uploading the encrypted state data to the cloud service; the cloud server aggregates and verifies all the secret state data and is used for data analysis; the analysis center initiates a data analysis request, and the enclaspe of the cloud server performs data analysis after data aggregation in the cloud server according to the requirements and sends a data analysis result to the analysis center; the analysis center verifies whether aggregation is carried out according to the requirements and verifies whether the analysis result is tampered, and then decryption operation is carried out, so that the analysis result of the ciphertext is output more efficiently and rapidly compared with the pure ciphertext analysis calculation.
Drawings
FIG. 1 is a diagram of an identity-based verifiable data aggregation analysis system architecture with the assistance of SGX of the present invention;
FIG. 2 is a system workflow diagram of an identity-based verifiable data aggregation analysis system with the aid of SGX of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more clear, the technical solutions of the embodiments of the present invention will be clearly and completely described below. It will be apparent that the described embodiments are some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The invention is further described below with reference to examples.
Examples:
Referring to fig. 1-2, the invention provides an identity-based verifiable data aggregation analysis system with the aid of SGX, comprising the following steps:
Step 1: the key generation center and the analysis center respectively carry out SGX remote verification with the cloud server to establish a secure channel, and generate session keys s 1 and s 2 for transmitting data;
further, the secure channel is based on IntelSGX hardware-self remote authentication mechanism;
Step 2: the key generation center PKG generates a master key pair by executing an initialization algorithm, divides the master key pk into a public key pk and a master key msk, and discloses the public key pk to a data owner in the system The edge server ES i, the analysis center AC, and the cloud server CS, and at the same time, encrypts the master key msk using the session key s 1, and transmits the encrypted master key msk through a secure channel generated by SGX remote authentication between the key generation center PKG and the cloud server.
Further, the initialization algorithm specifically includes:
1) Reading a preset safety parameter lambda and generating a large integer cyclic group with the order of p
2) Constructing a bilinear pairing function e by using the cyclic group: And g is group G 1 is the groupIs a generator of (1);
3) Selecting a random number alpha from the large integer cyclic group, and calculating h=g α;
4) And randomly selecting two anti-collision hash functions H 1: And H 2:
5) The public key is generated by the key generation center PKG Sending to the analysis center, the data owner, the edge server and the cloud server; and executing remote authentication service with the SGX in the cloud server, establishing a secure channel, and transmitting the master key alpha to the inside of the SGX.
Step 3: the key generation center PKG generates a key according to the data ownerThe unique identifiers Did j,idAC,Eidi and id C of the respective identities of the analysis center AC, the edge server ES i and the cloud server CS generate corresponding signature keys, wherein i and j respectively represent the number of data owners and the number of the edge servers, i is more than or equal to 1 and less than or equal to m, j is more than or equal to 1 and less than or equal to n, and the signature keys are distributed to other entities of the system.
Step 4: data owners described in the systemFor source dataCiphertext is obtained by encryption by an encryption algorithm and its signature is calculatedTransmitting ciphertextSignatureTo the edge server ES i. The key generation algorithm comprises the following specific steps:
1) Generating unique identity marks for all data owner sets, analysis centers, edge server clusters and cloud server entities in each system, wherein the formula is as follows:
DO: id AC,ES:{ESi}={Eidi, 1.ltoreq.i.ltoreq.n } and id C;
2) Respectively calculating a data key for the data owner, the edge server and the cloud server in the system as follows: And And distributing the public-private key pair to the entity.
Further, the encryption method comprises the following specific steps:
1) The jth data owner under the ith edge server Randomly selecting random numbersAnd for source dataEncrypting to obtain ciphertext
2) The data ownerRandomly selecting random numbersCalculation using key skiIs signed by (a) Wherein the method comprises the steps ofRepresenting a timestamp, and tag representing a data type tag.
3) The data owner sends ciphertext dataSigningAnd time stamp at the timeTo the corresponding i-th edge server ES i.
Step 5: the edge server ES i performs an aggregation algorithm on the data ownersUploading ciphertext data for aggregation, and verifying whether the ciphertext data are tampered or not in batches; after the verification is passed, ES i aggregates the ciphertext data and signs it, and sends the aggregate data C i and signature σ i together to cloud server CS.
Further, the verification method comprises the following specific steps:
1) The ith edge server ES i randomly selects a random number And then carrying out batch verification on all signatures uploaded by the data owner, wherein the batch verification is carried out by the following formula:
Verifying that the data is not tampered in the transmission process, otherwise rejecting the result and requesting to reinitiate the request;
2) After passing the verification, the ith edge server ES i manages all the data owners Uploading the encrypted data to the ES i for the following aggregation operation
Meanwhile, the ith edge server ES i randomly selects a random numberThen signing the aggregated ciphertext data to obtain a signature
3) The edge server ES i sends the ciphertext data C i, the signature σ i, and the time stamp t i to the cloud server CS.
Step 6: the cloud server CS includes trusted computing enclases, where the enclases performs batch verification on the aggregate ciphertext data C i and the signature σ i uploaded by all edge servers, and if verification passes, the verification indicates that the data is not tampered, the stored ciphertext data is used for data analysis operation, otherwise, the verification indicates that the data is invalid, and the challenge is restarted.
Further, the data analysis method specifically comprises the following steps:
The cloud server CS receives ciphertext data C i, signature sigma i and time stamp t i sent by all edge servers ES i, i is more than or equal to 1 and n is more than or equal to 1, and Enclave in the cloud server CS randomly selects a random number And carrying out batch verification on ciphertext data of n different edge servers:
If the verification fails, proving that at least one edge server uploaded ciphertext data is tampered, and requiring all edge servers ES i to resend the ciphertext data, signature and timestamp; after the verification is passed, the cloud server CS stores the secret data.
Step 7: the analysis center AC initiates a data analysis request to the cloud server CS, the enclaspe in the cloud server CS carries out ciphertext data aggregation according to the request to obtain an aggregation ciphertext C, and carries out digital signature on the aggregation ciphertext C to obtain a digital signature sigma, then data analysis operation is carried out in the enclaspe to obtain a data analysis result R, the data analysis result R is encrypted, and the data analysis result R is subjected to digital signature to obtain a signature sigma R, and { sigma, C, sigma R,CR, t } is sent to the analysis center AC, wherein t represents a time stamp.
Further, the method for analyzing comprises the following specific steps:
1) The analysis center AC sends an encryption analysis request { ES i, tag } to an enclaspe of the cloud server CS through a secure channel established by remote authentication according to the analysis requirement of the analysis center AC;
2) Enclave in the cloud server CS receives and decrypts the encrypted analysis request, and then the cloud server CS aggregates the storage area ciphertext data according to the analysis request to obtain an aggregated ciphertext C, (-) - Represents a random number and is used to represent a random number,Representing a message), g, h is part of the public key;
3) Then enclaspe randomly selects a random number Generating a digital signature :σ=(σ12)=(gμ,H1(idC)α·H2(C||t||tag)μ),t for analyzing the aggregated ciphertext data of the request to represent a time stamp at the time, and tag to represent a data type tag;
4) Then, the Enclave in the cloud server decrypts the aggregated ciphertext data, performs data analysis operation in the Enclave to obtain an analysis result R, analyzes the mean value, the variance, the standard deviation, the covariance and the correlation analysis data analysis method, encrypts the analysis result R through a session key s 2 generated by remote authentication by the Enclave to obtain an analysis result C R of the ciphertext, and randomly selects a random number At the same time, a digital signature is generated for it σR=(σr1r2)=(gτ,H1(idC)α·H2(CR||t)τ);
5) The Enclave of the cloud server CS sends { σ, C, σ R,CR, t } to the analysis center AC.
Step 8: the analysis center AC receives { sigma, C, sigma R,CR, t }, verifies the signatures of the { sigma, C, sigma R,CR, t }, and obtains the final analysis result by decrypting the analysis center AC through a decryption algorithm after verification; otherwise, rejecting the result and reinitiating the request;
further, the method for analyzing comprises the following specific steps:
1) The analysis center AC receives { sigma, C, sigma R,CR, t }, first, the analysis center AC randomly selects a random number And verifies the digital signature sigma to check whether the ciphertext data is aggregated and tampered according to the requirement, wherein the specific verification process is as follows:
Wherein, sigma requests the signature of the aggregation ciphertext, C aggregates the ciphertext, sigma R analyzes the signature of the result, C R analyzes the ciphertext of the result, t represents the timestamp, idC represents the cloud server identity ID, tag represents the attribute tag, sigma 1 and sigma 2 are two parts of sigma;
2) If the verification is not passed, the ciphertext data is indicated to be not aggregated according to the requirement and is tampered; otherwise, the analysis center AC randomly selects a random number Signature verification of the analysis result is performed to detect whether the analysis result is tampered, and the specific verification process is as follows:
3) If the verification is not passed, indicating that the ciphertext analysis is tampered in the transmission process; otherwise, the analysis center AC performs decryption operation to obtain a data analysis result R.
Working principle: the system relates to five entities, namely a data owner DO ij, an edge server ES i, a cloud server CS, an analysis center AC and a key generation center PKG. Wherein the cloud server, the key generation center and the analysis center are required to be provided with hardware requirements of a trusted execution environment (Trusted Execution Environment, TEE), such as: intel SGX (Software Guard Extension). First, the key generation center and the analysis center respectively perform remote authentication with the cloud server to establish a secure channel, generate session keys s 1 and s 2, and respectively verify whether the cloud service TEE environment (in other words, the hardware SGX) is running securely. Secondly, the key generation center carries out system initialization to generate a master key pair, sets a unique identity of all entities of the system, generates a signature key according to the identity of the entities of the system, and then carries out key distribution; then, the data owner encrypts and signs the uploaded source data according to the distributed secret key; then, the edge server is responsible for aggregating and verifying the encrypted state data uploaded by all data owners of the affiliated area, and if the verification is passed, signing the aggregated ciphertext and uploading the encrypted state data to the cloud service; the cloud server aggregates and verifies all the secret state data and is used for data analysis; the analysis center initiates a data analysis request, and the enclaspe of the cloud server performs data analysis after data aggregation in the cloud server according to the requirements and sends a data analysis result to the analysis center; the analysis center verifies whether aggregation is carried out according to the requirements and verifies whether the analysis result is tampered, and then decryption operation is carried out.
The above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (9)

  1. An identity-based verifiable data aggregation analysis system assisted by sgx, comprising the steps of:
    Step 1: the key generation center and the analysis center respectively carry out SGX remote verification with the cloud server to establish a secure channel, and generate session keys s 1 and s 2 for transmitting data;
    Step 2: the key generation center PKG generates a master key pair by executing an initialization algorithm, divides the master key pk into a public key pk and a master key msk, and discloses the public key pk to a data owner in the system The method comprises the steps of enabling an edge server ES i, an analysis center AC and a cloud server CS to encrypt a master key msk by using a session key s 1, and transmitting the encrypted master key msk through a security channel generated by SGX remote authentication between a key generation center PKG and the cloud server;
    Step 3: the key generation center PKG generates a key according to the data owner The method comprises the steps that a corresponding signature key is generated by unique identifiers Did j,idAC,Eidi and ids C of the respective identities of an analysis center AC, an edge server ES i and a cloud server CS, wherein i and j respectively represent the number of data owners and the number of edge servers, i is more than or equal to 1 and less than or equal to m, j is more than or equal to 1 and less than or equal to n, and the data owners and the edge servers are distributed to other entities of the system;
    step 4: data owners described in the system For source dataCiphertext is obtained by encryption by an encryption algorithm and its signature is calculatedTransmitting ciphertextSignatureTo an edge server ES i;
    Step 5: the edge server ES i performs an aggregation algorithm on the data owners Uploading ciphertext data for aggregation, and verifying whether the ciphertext data are tampered or not in batches; after verification is passed, ES i aggregates ciphertext data and signs the ciphertext data, and the aggregate data C i and signature sigma i are sent to a cloud server CS together;
    step 6: the cloud server CS comprises trusted computing enclases, the enclases performs batch verification on the aggregation ciphertext data C i and the signature sigma i uploaded by all edge servers, if verification passes, the stored ciphertext data is used for data analysis operation, otherwise, the stored ciphertext data is invalid, and challenges are restarted;
    step 7: the analysis center AC initiates a data analysis request to the cloud server CS, the Enclave in the cloud server CS carries out ciphertext data aggregation according to the request to obtain an aggregation ciphertext C, and carries out digital signature on the aggregation ciphertext C to obtain a digital signature sigma, then data analysis operation is carried out in the Enclave to obtain a data analysis result R, the data analysis result R is encrypted, and digital signature is carried out on the data analysis result R to obtain a signature sigma R, and { sigma, C, sigma R,CR, t } is sent to the analysis center AC, wherein t represents a time stamp, and ciphertext of the analysis result of C R;
    Step 8: the analysis center AC receives { sigma, C, sigma R,CR, t }, verifies the signatures of the { sigma, C, sigma R,CR, t }, and obtains the final analysis result by decrypting the analysis center AC through a decryption algorithm after verification; otherwise, reject the result and reinitiate the request.
  2. 2. The SGX-assisted verifiable data aggregation analysis system according to claim 1, wherein in step 2, the initialization algorithm specifically comprises:
    1) Reading a preset safety parameter lambda and generating a large integer cyclic group with the order of p
    2) Constructing bilinear pairing functions using the cyclic groupsAnd g is groupG 1 is the groupIs a generator of (1);
    3) Selecting a random number alpha from the large integer cyclic group, and calculating h=g α;
    4) Then randomly selecting two anti-collision hash functions And
    5) The public key is generated by the key generation center PKGSending to the analysis center, the data owner, the edge server and the cloud server; and executing remote authentication service with the SGX in the cloud server, establishing a secure channel, and transmitting the master key alpha to the inside of the SGX.
  3. 3. An SGX-assisted verifiable data aggregation analysis system according to claim 2, wherein the key generation algorithm in step 4 comprises the specific steps of:
    1) Generating unique identity marks for all data owner sets, analysis centers, edge server clusters and cloud server entities in each system, wherein the formula is as follows: id AC,ES:{ESi}={Eidi, 1.ltoreq.i.ltoreq.n } and id C;
    2) Respectively calculating a data key for the data owner, the edge server and the cloud server in the system as follows: And And distributing the public-private key pair to the entity.
  4. 4. An SGX-assisted verifiable data aggregation analysis system according to claim 1, characterized in that the encryption method in step 4 comprises the specific steps of:
    1) The jth data owner under the ith edge server Randomly selecting random numbersAnd for source dataEncrypting to obtain ciphertext
    2) The data ownerRandomly selecting random numbersCalculation using key skiIs signed by (a) Wherein the method comprises the steps ofRepresenting a time stamp, tag representing a data type tag;
    3) The data owner sends ciphertext data SigningAnd time stamp at the timeTo the corresponding i-th edge server ES i.
  5. 5. An SGX-assisted verifiable data aggregation analysis system according to claim 1, characterized in that the verification method in step 5 comprises the specific steps of:
    1) The ith edge server ES i randomly selects a random number And then carrying out batch verification on all signatures uploaded by the data owner, wherein the batch verification is carried out by the following formula:
    Verifying that the data is not tampered in the transmission process, otherwise rejecting the result and requesting to reinitiate the request;
    2) After passing the verification, the ith edge server ES i manages all the data owners Uploading the encrypted data to the ES i for the following aggregation operation
    Meanwhile, the ith edge server ES i randomly selects a random numberThen signing the aggregated ciphertext data to obtain a signature
    3) The edge server ES i sends the ciphertext data C i, the signature σ i, and the time stamp t i to the cloud server CS.
  6. 6. The SGX-assisted verifiable data aggregation analysis system according to claim 5, wherein the method for data analysis in step 6 specifically comprises the steps of:
    The cloud server CS receives ciphertext data C i, signature sigma i and time stamp t i sent by all edge servers ES i, i is more than or equal to 1 and n is more than or equal to 1, and Enclave in the cloud server CS randomly selects a random number And carrying out batch verification on ciphertext data of n different edge servers:
    If the verification fails, proving that at least one edge server uploaded ciphertext data is tampered, and requiring all edge servers ES i to resend the ciphertext data, signature and timestamp; after the verification is passed, the cloud server CS stores the secret data.
  7. 7. An SGX-assisted verifiable data aggregation analysis system according to claim 1, characterized in that the method of analysis in step 7 comprises the specific steps of:
    1) The analysis center AC sends an encryption analysis request { ES i, tag } to an enclaspe of the cloud server CS through a secure channel established by remote authentication according to the analysis requirement of the analysis center AC;
    2) The Enclave in the cloud server CS receives the encrypted analysis request and decrypts the encrypted analysis request, and then the cloud server CS aggregates the storage area according to the analysis request, ciphertext data to obtain an aggregated ciphertext C, g and h are part of the public key;
    3) Then enclaspe randomly selects a random number Generating a digital signature :σ=(σ12)=(gμ,H1(idC)α·H2(C||t||tag)μ),t for analyzing the aggregated ciphertext data of the request to represent a time stamp at the time, and tag to represent a data type tag;
    4) Then, the Enclave in the cloud server decrypts the aggregated ciphertext data, performs data analysis operation in the Enclave to obtain an analysis result R, analyzes the mean value, the variance, the standard deviation, the covariance and the correlation analysis data analysis method, encrypts the analysis result R through a session key s 2 generated by remote authentication by the Enclave to obtain an analysis result C R of the ciphertext, and randomly selects a random number At the same time, a digital signature is generated for it σR=(σr1r2)=(gτ,H1(idC)α·H2(CR||t)τ);
    5) The Enclave of the cloud server CS sends { σ, C, σ R,CR, t } to the analysis center AC.
  8. 8. An SGX-assisted verifiable data aggregation analysis system according to claim 1, characterized in that the method of analysis in step 8 comprises the specific steps of:
    1) The analysis center AC receives { sigma, C, sigma R,CR, t }, first, the analysis center AC randomly selects a random number And verifies the digital signature sigma to check whether the ciphertext data is aggregated and tampered according to the requirement, wherein the specific verification process is as follows:
    Wherein, sigma requests the signature of the aggregation ciphertext, C aggregates the ciphertext, sigma R analyzes the signature of the result, C R analyzes the ciphertext of the result, t represents the timestamp, ID C represents the cloud server identity ID, tag represents the attribute tag, sigma 1 and sigma 2 are two parts of sigma;
    2) If the verification is not passed, the ciphertext data is indicated to be not aggregated according to the requirement and is tampered; otherwise, the analysis center AC randomly selects a random number Signature verification of the analysis result is performed to detect whether the analysis result is tampered, and the specific verification process is as follows:
    3) If the verification is not passed, indicating that the ciphertext analysis is tampered in the transmission process; otherwise, the analysis center AC performs decryption operation to obtain a data analysis result R.
  9. 9. The SGX-assisted verifiable data aggregation analysis system of claim 1, wherein in step 1, the secure channel is a self-contained remote verification mechanism based on IntelSGX hardware.
CN202311770351.6A 2023-12-21 Identity-based verifiable data aggregation analysis system under assistance of SGX Active CN117675200B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311770351.6A CN117675200B (en) 2023-12-21 Identity-based verifiable data aggregation analysis system under assistance of SGX

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311770351.6A CN117675200B (en) 2023-12-21 Identity-based verifiable data aggregation analysis system under assistance of SGX

Publications (2)

Publication Number Publication Date
CN117675200A CN117675200A (en) 2024-03-08
CN117675200B true CN117675200B (en) 2024-07-12

Family

ID=

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110213231A (en) * 2019-04-26 2019-09-06 西安电子科技大学 A kind of the outsourcing data access control method and control system of the lightweight towards SGX
CN114026834A (en) * 2019-04-30 2022-02-08 英特尔公司 Multi-entity resource, security, and service management in edge computing deployments

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110213231A (en) * 2019-04-26 2019-09-06 西安电子科技大学 A kind of the outsourcing data access control method and control system of the lightweight towards SGX
CN114026834A (en) * 2019-04-30 2022-02-08 英特尔公司 Multi-entity resource, security, and service management in edge computing deployments

Similar Documents

Publication Publication Date Title
US20220312208A1 (en) Access method and system of internet of things equipment based on 5g, and storage medium
Kaaniche et al. A blockchain-based data usage auditing architecture with enhanced privacy and availability
Zhou et al. TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems
Pu et al. A lightweight and privacy-preserving mutual authentication and key agreement protocol for Internet of Drones environment
Gupta et al. Layer-based privacy and security architecture for cloud data sharing
CN113553574A (en) Internet of things trusted data management method based on block chain technology
JP2006254423A (en) Method and system for id crediting of privacy
CN103780393A (en) Virtual-desktop security certification system and method facing multiple security levels
Das et al. A lightweight and anonymous mutual authentication scheme for medical big data in distributed smart healthcare systems
CN112733179B (en) Lightweight non-interactive privacy protection data aggregation method
Deng et al. Policy-based broadcast access authorization for flexible data sharing in clouds
CN114357492A (en) Medical data privacy fusion method and device based on block chain
CN113872751B (en) Method, device and equipment for monitoring service data and storage medium
Zhang et al. Cerberus: Privacy-preserving computation in edge computing
US20060200667A1 (en) Method and system for consistent recognition of ongoing digital relationships
Sarkar et al. A novel session key generation and secure communication establishment protocol using fingerprint biometrics
CN113849797A (en) Method, device, equipment and storage medium for repairing data security vulnerability
CN117675200B (en) Identity-based verifiable data aggregation analysis system under assistance of SGX
Said et al. A multi-factor authentication-based framework for identity management in cloud applications
Nasiraee et al. Optimal black-box traceability in decentralized attribute-based encryption
CN117675200A (en) Identity-based verifiable data aggregation analysis system under assistance of SGX
Aljahdali et al. Efficient and Secure Access Control for IoT-based Environmental Monitoring
CN114374519B (en) Data transmission method, system and equipment
CN110572257A (en) Anti-quantum computing data source identification method and system based on identity
Wu et al. Verified CSAC-based CP-ABE access control of cloud storage in SWIM

Legal Events

Date Code Title Description
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant