面向雾增强型工业物联网的多维安全查询方案

doi:10.11959/j.issn.1000-436x.2020127

通信学报 ›› 2020, Vol. 41 ›› Issue (8): 175-186.doi: 10.11959/j.issn.1000-436x.2020127

面向雾增强型工业物联网的多维安全查询方案

周由胜^1,²,谭畅¹(),唐飞²

¹ 重庆邮电大学计算机科学与技术学院，重庆 400065
² 重庆邮电大学网络空间安全与信息法学院，重庆 400065

修回日期:2020-04-18 出版日期:2020-08-25 发布日期:2020-09-05
作者简介:周由胜（1979- ），男，湖北恩施人，博士，重庆邮电大学副教授，主要研究方向为数据安全、认证与密钥协商|谭畅（1995- ），男，山东聊城人，重庆邮电大学硕士生，主要研究方向为安全查询、物联网安全等|唐飞（1986- ），男，重庆垫江人，博士，重庆邮电大学副教授，主要研究方向为公钥密码理论与应用
基金资助:
国家自然科学基金资助项目(61702067)

Multi-dimensional secure query scheme for fog-enhanced IIoT

Yousheng ZHOU^1,²,Chang TAN¹(),Fei TANG²

¹ College of Computer Science and Technology,Chongqing University of Posts and Telecommunications,Chongqing 400065,China
² College of Cyber Security and Information Law,Chongqing University of Posts and Telecommunications,Chongqing 400065,China

Revised:2020-04-18 Online:2020-08-25 Published:2020-09-05
Supported by:
The National Natural Science Foundation of China(61702067)

摘要/Abstract

摘要：

针对现有范围查询方案进行多维数据查询时缺乏隐私保护的问题，提出了一种带有隐私保护特性的面向雾增强型工业物联网多维安全查询方案。该方案首先将用户待查询的多个维度区间映射成一个查询矩阵；然后，构造辅助向量对查询矩阵进行分解，利用 BGN 同态加密对辅助向量进行处理形成查询陷门；最后，物联网设备终端利用同态特性将传感数据与查询陷门进行匹配。特殊辅助向量有效降低了方案空间复杂度，同态加密的自盲性保证了传感数据机密性和用户查询模式的隐私。仿真实验结果表明，所提方案的计算开销和通信开销较低。

关键词: 雾增强, 工业物联网, 安全查询, 隐私保护, BGN同态加密

Abstract:

In view of the fact that most of the existing range query schemes for fog-enhanced IoT cannot achieve both multi-dimensional query and privacy protection,a privacy-preserving multi-dimensional secure query scheme for fog-enhanced IIoT was proposed.Firstly,the multiple ranges to be queried were mapped into a certain query matrix.Then,auxiliary vectors were constructed to decompose the query matrix,and then the auxiliary vector was processed by BGN homomorphic encryption to form a query trapdoor.Finally,with the homomorphic computation utilized by an IoT device terminal,the query trapdoor could be matched to its sensor data.Spatial complexity could be effectively reduced with the used specific auxiliary vectors.The confidentiality of sensor data could be ensured and the privacy of user’s query mode could be protected by the homomorphic encryption property.Experiments results show that the computational and communication costs are relatively low.

Key words: fog-enhanced, IIoT, secure query, privacy-preserving, BGN homomorphic encryption

中图分类号:

TP309.2

周由胜,谭畅,唐飞. 面向雾增强型工业物联网的多维安全查询方案[J]. 通信学报, 2020, 41(8): 175-186.

Yousheng ZHOU,Chang TAN,Fei TANG. Multi-dimensional secure query scheme for fog-enhanced IIoT[J]. Journal on Communications, 2020, 41(8): 175-186.

图/表 10

图1

图2

图3

图4

表1

表2

各阶段计算开销对比"

方案	原始数据加密阶段	陷门生成阶段	查询阶段
文献[7]方案	—	$10 k (⌈ \sqrt{l} ⌉ T_{o})$	2 kT _em+3 kT_p+kT_o
文献[15]方案	2klT_m+klT_o	4kT_m	2kT_m
文献[16]方案	2klT_o+klT_m	(2k+1)T_o	3kT_m+2kT_o
文献[17]方案	2klT_o+qT_em	5kT_m+6kT_o	2 kT _em+kT_p
本文方案	—	$(8 k + 2) ⌈ \sqrt{l} ⌉ (T_{o})$	2 kT _em+3 kT_p+kT_o

表2

图5

图6

图7

表3

参考文献 17

[1]	CHOO K K R , LU R X , CHEN L Q ,et al. A foggy research future:advances and future opportunities in fog computing research[J]. Future Generation Computer Systems, 2018,78(2): 677-679.
[2]	LU R X , HEUNG K , LASHKARI A H ,et al. A lightweight privacy-preserving data aggregation scheme for fog computing-enhanced IoT[J]. IEEE Access, 2017,5: 3302-3312.
[3]	LU R , LIANG X H , LI X ,et al. EPPA:an efficient and privacy-preserving aggregation scheme for secure smart grid communications[J]. IEEE Transactions on Parallel and Distributed Systems, 2012,23(9): 1621-1631.
[4]	WANG J , YU X , ZHAO M . Privacy-preserving ranked multi-keyword fuzzy search on cloud encrypted data supporting range query[J]. Arabian Journal for Science and Engineering, 2015,40(8): 2375-2388.
[5]	DAI H , YE Q Q , YI X ,et al. VP2RQ:efficient verifiable privacy-preserving range query processing in two-tiered wireless sensor networks[J]. International Journal of Distributed Sensor Networks, 2016,12(11): 1-15.
[6]	SHEN Y , HUANG L S , YANG W . Achieving personalized and privacy-preserving range queries over outsourced cloud data[C]// 2017 IEEE International Conference on Communications. Piscataway:IEEE Press, 2017: 1-6.
[7]	LU R . A new communication-efficient privacy-preserving range query scheme in fog-enhanced IoT[J]. IEEE Internet of Things Journal, 2018,6(2): 2497-2505.
[8]	BONEH D , GOH E J , NISSIM K . Evaluating 2-DNF formulas on ciphertexts[C]// Theory of Cryptography Conference. Berlin:Springer, 2005: 325-341.
[9]	PAILLIER P , . Public-key cryptosystems based on composite degree residuosity classes[C]// International Conference on the Theory and Applications of Cryptographic Techniques. Berlin:Springer, 1999: 223-238.
[10]	ISLAM M S , KUZU M , KANTARCIOGLU M . Inference attack against encrypted range queries on outsourced databases[C]// Proceedings of the 4th ACM conference on Data and application security and privacy. New York:ACM Press, 2014: 235-246.
[11]	NAVEED M , KAMARA S , WRIGHT C V . Inference attacks on property-preserving encrypted databases[C]// Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2015: 644-655.
[12]	KELLARIS G , KOLLIOS G , NISSIM K ,et al. Generic attacks on secure outsourced databases[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 1329-1340.
[13]	LACHARITé M S , MINAUD B , PATERSON K G . Improved reconstruction attacks on encrypted data using range query leakage[C]// 2018 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2018: 297-314.
[14]	DE C A , IOVINO V . jPBC:Java pairing based cryptography[C]// 2011 IEEE symposium on computers and communication. Piscataway:IEEE Press, 2011: 850-855.
[15]	HUANG B , LIANG S . A range search scheme based on encrypted index hiding order and access patterns[C]// 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). Piscataway:IEEE Press, 2019: 340-347.
[16]	GUO C , ZHUANG R , JIE Y ,et al. Secure range search over encrypted uncertain IoT outsourced data[J]. IEEE Internet of Things Journal, 2018,6(2): 1520-1529.
[17]	BABU D S V . Efficient and privacy-preserving range query over outsourced cloud[D]. Fredericton:Fredericton University of New Brunswick, 2018.

参数	定义
α	查询陷门
σ	查询的匹配度，其值介于0到维度总数之间
γ	用户所发起查询的所在维度或物联网设备自
	身所在维度
β	查询偏移
ω	物联网设备反馈给雾设备的结果
ζ	雾设备向用户发送的查询结果
B_i	查询区间i的下界
T_i	查询区间i的上界
Build()	生成各类复合数据对象和向量等
Parse()	从各类复合数据对象和向量中提取数据

面向雾增强型工业物联网的多维安全查询方案

Multi-dimensional secure query scheme for fog-enhanced IIoT

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 10

参考文献 17

相关文章 15

Metrics

推荐阅读 0

方案	通信开销/B
文献[7]方案	40 535
文献[15]方案	17 520
文献[16]方案	32 880
文献[17]方案	26 830
本文方案	33 751

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[3]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[4]	胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200.
[5]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[6]	余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28.
[7]	张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141.
[8]	杨小东, 田甜, 王嘉琪, 李梅娟, 王彩芬. 基于云边协同的无证书多用户多关键字密文检索方案[J]. 通信学报, 2022, 43(5): 144-154.
[9]	王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238.
[10]	封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75.
[11]	孙海丽, 龙翔, 韩兰胜, 黄炎, 李清波. 工业物联网异常检测技术综述[J]. 通信学报, 2022, 43(3): 196-210.
[12]	于海宁, 张宏莉, 余翔湛, 曲家兴, 葛蒙蒙. 隐私保护的轨迹相似度计算方法[J]. 通信学报, 2022, 43(11): 1-13.
[13]	彭滔, 钟文韬, 王国军, 罗恩韬, 熊金波, 刘忆宁, Hao Wang. 移动社交网络中面向隐私保护的精确好友匹配[J]. 通信学报, 2022, 43(11): 90-103.
[14]	史瑞, 封化民, 谢惠琴, 史国振, 刘飚, 杨旸. 基于带智能卡的移动终端实现的隐私保护的属性票据方案[J]. 通信学报, 2022, 43(10): 26-41.
[15]	熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137.