CN104639311B - The polymerization and system of electricity consumption privacy and integrity protection in a kind of intelligent grid - Google Patents

Abstract

The invention discloses electricity consumption privacy in a kind of intelligent grid and the polymerizations and system of integrity protection; this method is recorded in real time by the intelligent electric meter in user and is reported the electricity consumption of user, by having the function of that the gateway of computing capability is responsible for data aggregate and relay function, is responsible for collecting, handle and analyzing the real-time electricity consumption data of each user by control centre; and reliability services are provided, whole system is responsible for by trusted party, it is as follows：（1）System initialisation phase；（2）User data reports the stage；（3）The secure data aggregation stage；（4）Aggregated data restores extreme.The invention realizes the data aggregate system of a safety, on the one hand is used to protect the electricity consumption privacy of user；Meanwhile also serving to ensure that the integrality of data, i.e.,：Technically detection report data communication errors, prevent user from assuming another's name illegally to report, and the electricity consumption reported is by illegal intercepting and capturing, modification, forgery etc..

Description

Aggregation method and system for electricity privacy and integrity protection in smart grid

technical field

The invention belongs to the technical field of smart grids, and in particular relates to an aggregation method and system for electricity privacy and integrity protection in smart grids.

Background technique

In the field of smart grid technology, Peng Liu et al. proposed a data aggregation scheme based on the network topology association mechanism, which can effectively collect the electricity consumption of users. First, by designing a data aggregation tree, the power control center can collect the power consumption of all users from bottom to top. Secondly, by adopting homomorphic encryption technology, each node in the tree can aggregate the data of all its child nodes in the ciphertext space, thus protecting the user's privacy without revealing the plaintext of the user's power consumption. However, in the smart grid application system, in the application scenarios of accidental data communication errors and malicious tampering of communication data by internal and external attackers, data integrity assurance is also very important. The scheme of Peng Liu et al. does not have the function of data integrity checking. Therefore, it is impossible to detect occasional data packet transmission errors in network transmission, to ensure that users truthfully submit real power consumption data, and to resist attackers from intercepting and maliciously tampering with data.

Fengjun Li et al. improved some of the shortcomings of Peng Liu et al.'s scheme, and proposed a data aggregation scheme that protects user privacy and power consumption integrity. The overall architecture of its data aggregation system is shown in Figure 1. The root node in the figure acts as the power control center, initiates a request for data aggregation, and collects the final processing results. The system collects and aggregates the total power consumption from bottom to top. Each node aggregates the power consumption of all child nodes, superimposes the power consumption of its own node, and reports to the corresponding parent node. For example, node 5 aggregates the data of node 7, node 8, and node 5 itself, and reports to node 2.

First of all, the system proposes an end-to-end digital signature scheme based on homomorphic signatures, and based on the specific topology in specific application scenarios, along the network links, the check codes of the data aggregation results of each network node are sequentially generated and updated. Checksums are used to ensure the integrity of aggregated data. Secondly, a digital signature scheme based on one-hop nodes and an incremental verification mechanism are designed to resist illegal interception and modification of communication data packets.

The system has the following flaws:

(1) Each user digitally signs their own output data and saves the result in the parent node, resulting in huge additional data communication overhead and storage overhead.

(2) They claim that the power control center can start the incremental verification digital signature system afterwards to find suspicious data after the data may be attacked, thereby ensuring the credibility and non-repudiation of the data. However, due to the inherent flaws of the technology used, the characteristics of suspicious data cannot be accurately described and defined. Therefore, the system cannot accurately judge the time point of starting and executing the incremental verification digital signature system with huge calculation and communication overhead; moreover, due to the ambiguity of suspicious data characteristics, the actual operability is poor, and experiments show that it cannot be used in many scenarios. Effectively pinpoint (often misjudged or missed) potential data integrity attacks.

(3) In this system, when the power control center checks suspicious data, it can obtain the plain text data of each user's power consumption by starting the data integrity check program, which cannot effectively prevent the power control center from abusing authority, so it cannot be technically Protect user privacy information.

(4) They claim to prevent internal users from altering submitted data. When tracking whether the data has been modified by internal users, the power control center verifies the digital signatures submitted by each node and stored in the parent node one by one to check for possible data tampering. However, this method cannot effectively resist collusion attacks. For example, a node colludes with its parent node to maliciously change the submitted data and fabricate corresponding false evidence, and finally bypass and pass the tracking program of the power control center.

Contents of the invention

In view of the defects existing in the prior art, the object of the present invention is to provide an aggregation method and system for electricity privacy and integrity protection in a smart grid.

The aggregation method for electricity privacy and integrity protection in the smart grid is characterized in that the smart meter installed in the user records and reports the user's electricity consumption in real time; the gateway with computing power is responsible for the data aggregation function and relay functions; the control center is responsible for collecting, processing and analyzing real-time power consumption data of each user, and providing reliable services; the trusted center is responsible for managing the entire system. Specific steps are as follows:

(1) System initialization stage:

1) The trusted center runs the following algorithm Gen(k) according to the input security parameter k to obtain the parameter in is a large safe prime of length k and chooses the group generator of ;

Gen(k): Choose between large prime numbers Two cyclic groups of ,exist and A non-degenerate and efficient bilinear operation defined on and satisfy:

Bilinear: for all ,Satisfy and ;

Non-degenerate: for all , there is an efficient computational algorithm;

Computability: for all , there is an efficient algorithm for computing e(P,Q);

2) The trusted center randomly selects ;

3) The trusted center selects two cryptographically secure hash functions h and h ₁ , where,

;

4) The trusted center randomly selects n ,in and meet , and each distributed to each user individually ;

5) The trusted center randomly selects n , and ,in and add each and Distributed to each user separately , the trusted center simultaneously calculates and ;

6) The trusted center randomly selects , and calculate and ,in ;

7) Finally, each user obtain and keep secret ;

GW obtained and kept secret ;

CC obtained and kept secret ;

The public information of the system is and ,in ;

(2) User data reporting stage

At the data reporting time point t, the user Do the following to reduce power consumption Report to the gateway:

1) Calculate

2) Will and sent to the gateway;

(3) Security data aggregation stage

gateway received and Afterwards, do the following:

1) Calculate

2) check Is it satisfied. If it is not satisfied, it can be detected that the integrity of the user's power consumption has been destroyed; if it is satisfied, it will Send to the control center, the detailed process of the above equation verification is as follows:

(4) Aggregated data recovery stage

The control center receives In the future, according to the secret information it possesses ,calculate based on base logarithm, so as to obtain the user's aggregate power consumption .

The aggregation system for electricity privacy and integrity protection in the smart grid is characterized in that it includes:

Trusted Center: Responsible for managing the entire system, including initializing the system, registering new users, and issuing keys;

Control Center: responsible for collecting, processing and analyzing the real-time power consumption data of each user, and providing reliable services, including real-time monitoring of the user's power consumption, prediction of the overall power consumption trend of the system, power theft monitoring, and data tampering detection;

Gateway: used to connect the trusted center and the residential area, including the data aggregation function, which is responsible for aggregating the data of each user in the trusted center; the relay function, which is responsible for secure data forwarding between the control center and each user;

User: There are n users in the residential area, and each user installs a smart meter to record and report the user's electricity consumption in real time.

The aggregation system for electricity privacy and integrity protection in the smart grid is characterized in that the aggregation system also includes:

(1) System initialization module

1) Under the control of the trusted center, using distributed technology, n users share n secret information , and satisfy , a method for protecting the privacy and integrity of the user's personal electricity consumption;

2) Under the control of the trusted center, the gateway obtains The technology used to protect the privacy and integrity of the user's personal electricity consumption;

3) Under the control of the trusted center, generate public verification parameters of the system and technology, among which , a method for verifying the integrity of user power consumption in the module;

4) Under the control of the trusted center, the control center obtains The technology used to protect the privacy and integrity of the user's personal electricity consumption;

(2) User data reporting module

1) Efficiently used for all users, automatic time synchronization method when reporting power consumption;

2) Distributed method of secure data aggregation while ensuring data privacy and integrity;

(3) Security data aggregation module

1) The gateway is combined by and deblinding factor A distributed data aggregation method for protecting the privacy and integrity of users' personal electricity consumption;

2) Simultaneously realize the encryption and digital signature method to protect the privacy and integrity of the user's personal electricity consumption; including: generating interrelated public parameters The method; the method of efficiently verifying the integrity of data by using the characteristics of bilinearity;

(4) Aggregate data recovery module

based on secret information , the technology of calculating discrete logarithm, so as to obtain the user's aggregate power consumption Methods.

Compared with the prior art, the present invention has the following beneficial effects:

(1) At the same time, the privacy and integrity of the user's electricity consumption are guaranteed, the security data aggregation function is realized, and the automatic time synchronization of all users is realized;

(2) Each user only needs to transmit two kinds of data when reporting electricity consumption: and , communication and computational efficiency are superior to all existing systems;

(3) After the data is attacked (including communication errors, external attackers intercepting and tampering, internal users impersonating other users to illegally modify data, etc.), the integrity of the data can be found to be damaged at any time, automatically and actively;

(4) Completely prevent the gateway and the control center from abusing their authority and obtaining the private data of a single user. Among them, the gateway can only obtain the ciphertext data and aggregated data of the user's power consumption; the control center can only obtain the total power consumption.

(5) It can effectively resist user collusion attacks. Users cannot modify data without being discovered through collusion with each other; users cannot maliciously modify other users' data and frame other users to achieve the purpose of deceiving the power control center to take wrong control decisions.

Description of drawings

FIG. 1 is a schematic diagram of the architecture of a data aggregation system in the prior art;

FIG. 2 is a schematic diagram of the overall system architecture of the present invention.

Detailed ways

The present invention will be further described in detail below in combination with specific embodiments.

An aggregation method for electricity privacy and integrity protection in a smart grid, in which the smart meter installed in the user records and reports the user's electricity consumption in real time; the gateway with computing power is responsible for the data aggregation function and relay function ;The control center is responsible for collecting, processing and analyzing real-time power consumption data of each user, and providing reliable services; the trusted center is responsible for managing the entire system, the specific steps are as follows:

System initialization phase:

1) The trusted center runs the following algorithm Gen(k) according to the input security parameter k to obtain the parameter , where q is a large safe prime of length k, and chooses the generator of the group G1 ;

Gen(k): Select two cyclic groups between a large prime number q ,exist and A non-degenerate and efficient bilinear operation defined on and satisfy:

Bilinear: for all ,Satisfy and ;

Non-degenerate: present , making ;

Computability: for all , there is an efficient computational Algorithm

2) The trusted center randomly selects ;

3) The trusted center selects two cryptographically secure hash functions and ,in,

;

4) The trusted center randomly selects n ,in , and satisfy , and each distributed to each user individually ;

5) The trusted center randomly selects n , and ,in and add each and Distributed to each user separately , the trusted center simultaneously calculates and ;

6) The trusted center randomly selects , and calculate and ,in ;

7) Finally, each user obtain and keep secret ;

GW obtained and kept secret ;

CC obtained and kept secret ;

The public information of the system is and ,in ;

User data reporting stage

At the data reporting time point t, the user Do the following to reduce power consumption Report to the gateway:

1) Calculate

2) Will and sent to the gateway;

Secure Data Aggregation Phase

gateway received and Afterwards, do the following:

1) Calculate

2) check Whether it is satisfied, if it is not satisfied, it can be detected that the integrity of the user's power consumption has been damaged, if it is satisfied, it will Send to the control center, the detailed process of the above equation verification is as follows:

Aggregate Data Recovery Phase

The control center receives In the future, according to the secret information it possesses ,calculate based on base logarithm, so as to obtain the user's aggregate power consumption .

An aggregation system for electricity privacy and integrity protection in a smart grid, including a trusted center: responsible for managing the entire system, including initializing the system, registering new users, and issuing keys; a control center: responsible for collecting, processing and analyzing Real-time electricity consumption data of each user, and provide reliable services, including real-time monitoring of the user's electricity consumption, prediction of the overall electricity consumption trend of the system, electricity theft monitoring, and data tampering detection; Gateway: used to connect the trusted center and residents Zone, including the data aggregation function, is responsible for aggregating the data of each user in the trusted center. The relay function is responsible for secure data forwarding between the control center and each user; user: There are n users in the residential area, and each user is equipped with a smart meter for real-time recording and reporting of the user's electricity consumption. The aggregation system also includes:

System initialization module

1) Under the control of the trusted center, using distributed technology, n users share n secret information , and satisfy , a method for protecting the privacy and integrity of the user's personal electricity consumption;

2) Under the control of the trusted center, the gateway obtains The technology used to protect the privacy and integrity of the user's personal electricity consumption;

3) Under the control of the trusted center, generate public verification parameters of the system and technology, among which , a method for verifying the integrity of user power consumption in the module;

4) Under the control of the trusted center, the control center obtains The technology used to protect the privacy and integrity of the user's personal electricity consumption;

User Data Reporting Module

1) Efficiently used for all users, automatic time synchronization method when reporting power consumption;

2) Distributed method of secure data aggregation while ensuring data privacy and integrity;

Secure Data Aggregation Module

1) The gateway is combined by and deblinding factor A distributed data aggregation method for protecting the privacy and integrity of users' personal electricity consumption;

2) Simultaneously realize the encryption and digital signature method to protect the privacy and integrity of the user's personal electricity consumption; including: generating interrelated public parameters The method; the method of efficiently verifying the integrity of data by using the characteristics of bilinearity;

Aggregate Data Recovery Module

based on secret information , the technology of calculating discrete logarithm, so as to obtain the user's aggregate power consumption Methods.

The smart grid is built on the basis of an integrated, high-speed two-way communication network, through advanced sensing and measurement technology, advanced equipment and control and decision support technology, the grid is reliable, safe, economical and efficient. The advanced measurement system (AMI) in the smart grid has become an important standard framework for the power consumption end. In AMI, by installing smart meters with computing and communication capabilities in users, all smart meters are connected to the power company's power control center to form a network, so as to realize the collection and monitoring of real-time power consumption, and realize the optimal distribution of power and Remote intelligent control. In the smart grid, through the data aggregation of the power consumption of each user, the network bandwidth can be efficiently used, and the privacy of the user's power consumption can be protected by hiding the user's personal power consumption. However, in order to realize the intelligent distribution and management of electric energy, the electric energy control center needs to frequently (usually "second" level) obtain the user's electricity consumption information, which brings unprecedented security and privacy issues. Therefore, this invention implements a safe data aggregation system, which is used to protect the privacy of users’ electricity consumption on the one hand; at the same time, it is also used to ensure the integrity of data, that is, technically detect and report data communication errors, and prevent users from impersonating and illegally report, and the reported electricity consumption is illegally intercepted, modified, forged, etc.

Claims (2)

1. An aggregation method for electricity privacy and integrity protection in a smart grid, characterized in that the method records and reports the user's electricity consumption in real time by a smart meter installed in the user; the gateway with computing power is responsible for data aggregation function and relay function; the control center is responsible for collecting, processing and analyzing the real-time power consumption data of each user, and providing reliable services; the trusted center is responsible for managing the entire system, the specific steps are as follows: (1) System initialization phase 1) The trusted center runs the following algorithm Gen(k) according to the input security parameter k to obtain parameters (q, g, G ₁ , G ₂ , e), where q is a large secure prime number of length k, and selects the group Generator g∈G _{1 of G 1 ;} Gen(k): Select two cyclic groups {G ₁ , G ₂ } whose order is a large prime number q, and define a non-degenerate and efficient bilinear operation e on G ₁ and G ₂ : G ₁ ×G ₁ →G ₂ and satisfy: Bilinear: For all P, Q ∈ G ₁ , Satisfy and e(P ^a , Q ^b ) = e(P, Q) ^ab ∈ G ₂ ; Non-degenerate: there exists P, Q∈G ₁ such that Computability: For all P, Q∈G ₁ , there is an efficient algorithm for computing e(P, Q); 2) The trusted center randomly selects g ₁ ∈ G ₁ ; 3) The trusted center selects two cryptographically secure hash functions h and h ₁ , where, h: {0, 1} ^* → G ₁ , h ₁ : {0, 1} ^* → G ₁ ; 4) The trusted center randomly selects n Where i=1, 2,..., n, and satisfy And distribute each z _i to each user U _i respectively; 5) The trusted center randomly selects n and where i=1, 2, ..., n and each u _i , v _i and x _i are distributed to each user U _i respectively, and the trusted center calculates at the same time and 6) The trusted center randomly selects and calculate and where i = 1, 2, ..., n; 7) Finally, each user U _i obtains and keeps secret < u _i , υ _i , _zi , _xi >; The gateway obtains and keeps w secret; The control center obtains and keeps υ secret; The public information of the system is <g, g ₁ , h, h ₁ , Y> and M _i , where i=1, 2, ..., n; (2) User data reporting stage At the data reporting time point t, the user U _i performs the following operations to report the power consumption m _i to the gateway: 1) calculate 2) Send c _i and σ _i to the gateway; (3) Safety data aggregation stage After the gateway receives c _i and σ _i , it performs the following operations: 1) calculate 2) check Whether it is satisfied, if it is not satisfied, it can be detected that the integrity of the user's power consumption has been destroyed; if it is satisfied, c is sent to the control center, the detailed process of the above equation verification is as follows: (4) Aggregate data recovery phase After the control center receives c, according to the secret information it has calculate first recalculate the logarithm In order to obtain the user's aggregate power consumption 2. an aggregation system implementing the aggregation method of electricity privacy and integrity protection in the smart grid claimed in claim 1, characterized in that the aggregation system comprises: Trusted Center: Responsible for managing the entire system, including initializing the system, registering new users, and issuing keys; Control Center: responsible for collecting, processing and analyzing the real-time power consumption data of each user, and providing reliable services, including real-time monitoring of the user's power consumption, prediction of the overall power consumption trend of the system, power theft monitoring, and data tampering detection; Gateway: used to connect the trusted center and the residential area, including the data aggregation function, which is responsible for aggregating the data of each user in the trusted center; the relay function, which is responsible for secure data forwarding between the control center and each user; User: There are n users in the residential area, and each user installs a smart meter for real-time recording and reporting of the user's electricity consumption; The aggregation system also includes: (1) System initialization module 1) Under the control of the trusted center, distributed, n secret information z _i are selected by the trusted center during system initialization, and distributed to n users respectively, and satisfy In the system initialization module, The trusted center randomly chooses to satisfy n of conditions And each z _i is distributed to each user U _i respectively. In the security data aggregation module, the gateway passes the implicit condition and the secret information held by the gateway Eliminate the blinding part and perform integrity verification; 2) Under the control of the trusted center, the gateway obtains In the system initialization module, the trusted center calculates And assign w to the gateway as the secret information of the gateway, which is used in the secure data aggregation module to eliminate the blinding part of the gateway to protect the privacy and data integrity of the user's personal power consumption; 3) Under the control of the trusted center, generate public verification parameters of the system and Where i=1, 2,..., n, the method used to verify the integrity of the user's electricity consumption: in the system initialization module, the trusted center calculates and discloses Y and M _i , which are used in the secure data aggregation module , the gateway checks the integrity of the user's power consumption; 4) Under the control of the trusted center, the control center obtains In the system initialization module, the trusted center calculates And v is assigned to the control center as the secret information of the control center, which is used in the aggregated data recovery module, the control center restores the aggregated power consumption of the user, so as to protect the privacy and data integrity of the user's personal power consumption; (2) User data reporting module 1) An efficient method for all users to automatically time-synchronize when reporting electricity consumption: In the user data reporting module, at the data reporting time point t, all n users in the residential area calculate _{ci and σ i respectively} at the same time , and synchronously send _{ci and σ i to} the gateway; 2) Distributed secure data aggregation method that guarantees data privacy and integrity at the same time: in the user data reporting module, each user calculates and reports _{ci and σ i to} the gateway respectively, and in the secure data aggregation module, the gateway receives After reaching c _i and σ _i , calculate and check Whether it is satisfied, if it is not satisfied, it can be detected that the integrity of the user's power consumption has been destroyed; if it is satisfied, it means that the power consumption data reported by the user is complete information, and c is sent to the control center; (3) Security data aggregation module 1) The gateway is combined by and deblinding factor A distributed data aggregation method used to protect the privacy and integrity of users' personal electricity consumption: in the system initialization module, the trusted center calculates z _i and w, and distributes them to all users and gateways respectively. In the secure data aggregation module, the gateway passes the implicit condition and the secret information held by the gateway Eliminate the blinding part and perform integrity verification to protect the privacy and data integrity of users' personal electricity consumption; 2) Simultaneously realize the method of encryption and digital signature to protect the privacy and integrity of the user's personal electricity consumption; including: the method of generating interrelated public parameters c, Y, σ _i , M _i ; using the bilinear characteristics, A method for efficiently verifying data integrity: In the system initialization module, the trusted center calculates and discloses Y and M _i , in the secure data aggregation module, the gateway uses its own secret information w to calculate c, and combines the reported information σ of each user _i , to perform integrity verification to protect the privacy and data integrity of the user's personal power consumption; (4) Aggregate data recovery module based on secret information The technique of calculating the discrete logarithm, so as to obtain the user's aggregate power consumption method: in the system initialization module, the trusted center calculates And v is assigned to the control center as the secret information of the control center, which is used in the aggregated data recovery module to restore the user's aggregated power consumption by the control center