一种同时保障隐私性与完整性的无线传感器网络可恢复数据聚合方案

该文针对无线传感器网络(WSNs)数据聚合与安全目标之间的矛盾,基于隐私同态和聚合消息验证码技术提出一种同时保障数据隐私性与完整性的可恢复数据聚合方案。该方案支持由聚合结果恢复出各感知数据,从而一方面能够验证感知数据和聚合数据的完整性,另一方面能够对原始数据进行任意所需的处理,不受聚合函数类型的限制。安全分析表明该方案不仅支持数据隐私性、完整性,还能够抵抗未授权聚合攻击,聚合节点俘获攻击,且能够在一定范围内检测及定位恶意节点。性能分析表明,该方案相比其他算法在通信和计算开销方面具有显著优势。为了评估方案性能和可行性,基于TinyOS给出了算法的原型实现。实验结果表明,该方案开销较低,对于资源受限的WSNs是高效可行的。     

安全的WSN数据融合隐私保护方案设计

针对无线传感器网络数据融合过程中的数据隐私和完整性保护问题,提出一种安全的数据融合隐私保护方案(SPPDA),把节点的私密因子与原始数据构成复数,采用同态加密方法对复数进行加密,实现在密文不解密的情况下进行数据融合,同时采用基于复数的完整性验证方法,确保数据的可靠性。理论分析和仿真结果表明,SPPDA方案的计算代价和通信开销较少,数据融合的精确度高。     

两层传感器网络中一种高效的加密数据条件聚合协议研究

提出了一种隐私保护的条件聚合协议,使存储节点在不知道数据真实值的情况下对满足条件的数据进行聚合,防止存储节点对敏感信息的泄漏。为了保护数据和查询条件的隐私性,提出了一种基于前缀成员确认和布鲁姆过滤器相结合的编码方法对数据和查询条件进行编码,实现存储节点在不知道数据真实值和查询条件真实值的情况下进行查询处理;为了对查询结果中的数据进行聚合而不暴露数据真实值,采用同态加密技术对数据进行加密,使数据在不解密的情况下能进行聚合运算。进一步,根据传感器采集数据的特点,提出了一种基于代码表的数据压缩表示及传输方法,有效减小了传感器节点和存储节点之间的通信开销。分析和实验结果验证了所提方案的有效性。     

一种支持完整性验证的隐私保护直方图融合算法

针对无线传感器网络隐私保护数据融合和完整性验证难以同时兼顾问题,提出一种支持完整性验证的隐私保护直方图融合算法（iPPHA ）。构建两棵融合树,分别传输融合数据和冗余信息,在基站处对融合结果的完整性进行验证。针对数据包丢失问题,设计了一种ID传输方案来提高可靠性。仿真结果显示,算法可以在不明显增加网络资源消耗的前提下,进行完整性验证。改进型ID传输方案可节约70％的通信开销。     

基于区块链且可验证的智能电网多维数据聚合与分享方案

针对如何支持轻量级多维数据聚合,实现系统整体过程中多维数据的双端完整性验证,以及处理云服务器集中化等问题,提出了一种基于区块链且可验证的智能电网多维数据聚合与分享方案。首先,为了满足智能电网对电量数据细粒度分析的需求,利用掩蔽值和霍纳法则实现了隐私保护多维数据聚合。在此基础上,针对现有数据聚合方案在云存储数据与第三方分享方面存在的数据完整性验证问题,借用基于RSA的乘法同态承诺方案和同态哈希函数的同态性设计了一种新的签名算法,使云服务器不仅可以验证聚合数据的完整性,还可以验证数据分享阶段的完整性,即实现了云存储数据的双端可验证性,并且可以抵抗内部攻击。同时,提出了一种基于联盟链多链的聚合数据分享体系结构,有效地避免单机处理瓶颈和易受攻击等集中化问题。理论分析证明了所提方案的安全性。性能实验表明,所提方案比已有方案具有更低的计算和通信成本。     

低压输电网络安全传输敏感数据加密控制技术

传统加密方法节点破解率较高，安全性不佳，提出基于透明加密的低压输电网络安全传输敏感数据加密控制技术。通过同态加密将感知请求发送至与输电网络基站距离最小的根节点，并将所接收的感知命令传送至下级子节点；通过预设处理同态加密密钥池形成随机密钥，利用索引值理论生成同态密文实现敏感数据加密控制；引入透明加密结合分段Logistics混沌排列透明加密敏感数据，构建网络安全传输敏感数据加密认证协议，实现数据加密控制。实验结果表明，改进方法可保障较低节点破解率，信息可读性高于99%,可保护用户隐私数据安全性。     

支持条件身份匿名的云存储医疗数据轻量级完整性验证方案

医疗云存储服务是云计算技术的一个重要应用,同时外包医疗数据的完整性和用户的身份隐私保护已变得越来越重要。该文提出适用于无线医疗传感器网络的支持条件身份匿名的外包云存储医疗数据轻量级完整性验证方案。方案结合同态哈希函数设计了聚合签名,通过第三方审计者(TPA)对外包云存储医疗数据进行完整性验证,在TPA端存放审计辅助信息,利用同态哈希函数的同态性质将TPA端的计算优化为常量运算,大大降低了第三方审计者的计算开销,同时支持TPA对多个数据文件执行批量验证,其验证开销几乎是恒定的,与医疗数据文件的数量无关。方案有效防止了第三方审计者通过求解线性方程恢复原始医疗数据,并且设计了条件身份匿名算法,密钥生成中心(PKG)根据用户唯一标识的身份信息为用户生成匿名身份及对应的签名私钥。即使攻击者截获到用户传输的医疗数据,也无法获知拥有此数据的真实身份,有效避免了对公钥证书的复杂管理,同时使得密钥生成中心可以有效追踪医疗信息系统中具有恶意行为的用户。安全性分析与性能评估结果表明该方案能够安全高效地部署在云辅助无线医疗传感器网络。     

无线传感器网络中有效的安全数据融合机制

在无线传感器网络中,数据融合是实现有效传输和节省能源的一个重要途径,许多应用都需要可靠并且可信的数据来进行融合.针对上述要求,提出了一个新的安全数据融合算法来保证融合数据的机密性和完整性.算法使用端到端加密和逐跳加密相结合的方式进行数据传输,通过认证过程进行恶意节点及伪造数据的检测.仿真表明,提出的算法能够有效地检测出恶意节点,并保证融合结果的准确性.     

一种可检测数据完整性的隐私数据融合算法

针对无线传感器网络数据融合中可能出现的数据篡改和隐私泄露等问题,该文提出一种可进行完整性检测的无线传感器网络隐私数据融合算法 ICKPDA.该算法首先在感知数据中嵌入私密种子,对真实数据进行隐藏;然后通过数据分片和聚集技术,增强数据的隐私保护性;最后利用数据间的关联特性在基站进行完整性检测.仿真结果显示,相比于其它算法,ICKPDA 在保证融合结果精确的前提下,能有效地进行数据完整性检测和隐私保护,同时花费较少的数据通信量和计算量.     

面向WSN的安全范围查询协议研究

针对两层无线传感器网络中范围查询所要求的低能耗和高隐私保护,提出了一种具有隐私和完整性保护的安全范围查询协议:SPQ。SPQ是由数据加密、前缀成员验证、概率邻居验证、查询传输过程分离等技术组成,能够在保证不泄露隐私的情况下完成范围查询。分析和仿真结果表明,相对于其他安全协议,SPQ在保证范围查询安全性的同时具有更低能耗。     

Malleability Resilient Concealed Data Aggregation in Wireless Sensor Networks

The objective of concealed data aggregation is to achieve the privacy preservation at intermediate nodes while supporting in-network data aggregation. The need for privacy preservation at intermediate nodes and the need for data aggregation at intermediate nodes can be simultaneously realized using privacy homomorphism. Privacy homomorphism processes the encrypted data without decrypting them at intermediate nodes. However, privacy homomorphism is inherently malleable. Although malicious adversaries cannot view transmitted sensor readings, they can manipulate them. Hence, it is a formidable challenge to realize conflicting requirements, such as end-to-end privacy and end-to-end integrity, while performing en route aggregation. In this paper, we propose a malleability resilient concealed data aggregation protocol for protecting the network against active and passive adversaries. In addition, the proposed protocol protects the network against insider and outsider adversaries. The proposed protocol simultaneously realizes the conflicting objectives like privacy at intermediate nodes, end-to-end integrity, replay protection, and en route aggregation. As per our knowledge, the proposed solution is the first that achieves end-to-end security and en route aggregation of reverse multicast traffic in the presence of insider, as well as outsider adversaries.     

PRDA: polynomial regression‐based privacy‐preserving data aggregation for wireless sensor networks

In wireless sensor networks, data aggregation protocols are used to prolong the network lifetime. However, the problem of how to perform data aggregation while preserving data privacy is challenging. This paper presents a polynomial regression‐based data aggregation protocol that preserves the privacy of sensor data. In the proposed protocol, sensor nodes represent their data as polynomial functions to reduce the amount of data transmission. In order to protect data privacy, sensor nodes secretly send coefficients of the polynomial functions to data aggregators instead of their original data. Data aggregation is performed on the basis of the concealed polynomial coefficients, and the base station is able to extract a good approximation of the network data from the aggregation result. The security analysis and simulation results show that the proposed scheme is able to reduce the amount of data transmission in the network while preserving data privacy. Copyright © 2013 John Wiley & Sons, Ltd.     

Reversible digital watermarking-based protocol for data integrity in wireless sensor network

For the contradiction between high energy consumption of WSN privacy protection algorithm and constrained resources of sensor network,a recoverable data fusion protocol that ensures data integrity and confidentiality based on reversible digital watermarking and homomorphic encryption technology was proposed.On the one hand,the data from the sensor was embedded by the difference expansion method by using the reversible digital watermarking technique,and original data could be recovered by using a reversible watermark to ensure the integrity check of the fusion data when the fusion data were destroyed.On the other hand,elliptic curve homomorphic encryption encrypted data to prevent sensor data from being perceived during data transmission.Security results show that the proposed protocol performs well against cluster head node compromise as well as tampering from an attack.Performance analysis shows that the protocol has significant advantages over other algorithms in terms of computation,communication overhead and propagation delay.The experimental results show that the protocol has a low resource overhead and improves network performance.     

An Improved RFID Authentication Protocol Based on Group Anonymous Model

Aiming at the security and privacy, and authentication efficiency shortages of existing RFID authentication protocol, an improved scheme is proposed based on Alavi et al.’s protocol. Firstly, in order to resist against replay attack, we add the timestamp generator to the reader side and use hash function to encrypt the reader identification, the random number and timestamp generated by the reader; meanwhile, to solve the data integrity problem in the original scheme, the reader matches the decrypted data with the server side message to ensure that it can detect if the data is tampered with by the attacker. Finally, the improved group anonymous authentication model is used to improve the back-end server’s authentication efficiency. Theoretical analysis and experimental results show that the improved protocol effectively solves the security problems and reduces the back-end server’s authentication time. In addition, this paper simulates the impact of group number on system privacy level and authentication efficiency through experiments. In practical applications, the group number can be adjusted appropriately according to different privacy and efficiency requirements, so the privacy and authentication efficiency of the system will be well-balanced.     

无线传感器网络中匿名的聚合节点选举协议

提出一种分簇无线传感器网络中匿名的簇头选举协议。给出了匿名簇头选举的判定规则及成簇模式,并采用基于双线性对的匿名否决协议对选举结果进行验证以保证存在节点成功当选。设计了相应的匿名数据聚合方案,无需泄露节点身份信息即可完成聚合。分析及仿真结果表明,协议同时实现了簇头选举的匿名性、高效性及安全性,可有效抵抗窃听攻击、节点妥协攻击及合谋攻击等恶意行为。     

NLDA non-linear regression model for preserving data privacy in wireless sensor networks

Recently, the application of Wireless Sensor Networks (WSNs) has been increasing rapidly. It requires privacy preserving data aggregation protocols to secure the data from compromises. Preserving privacy of the sensor data is a challenging task. This paper presents a non-linear regression-based data aggregation protocol for preserving privacy of the sensor data. The proposed protocol uses non-linear regression functions to represent the sensor data collected from the sensor nodes. Instead of sending the complete data to the cluster head, the sensor nodes only send the coefficients of the non-linear function. This will reduce the communication overhead of the network. The data aggregation is performed on the masked coefficients and the sink node is able to retrieve the approximated results over the aggregated data. The analysis of experiment results shows that the proposed protocol is able to minimize communication overhead, enhance data aggregation accuracy, and preserve data privacy.