EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Communications...

EPPA: An Efficient and Privacy-Preserving

Aggregation Scheme for Secure Smart Grid Communications

Rongxing Lu, Xiaohui Liang, Xu Li, Xiaodong Lin, Xuemin (Sherman) ShenIEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS

VOL. 23, NO. 9, SEPTEMBER 2012

Presenter : 周新偉Date:2014/10/27

Outline

• Intorduction• Systrm Model,Security Requirement And Design Model• Preliminaries• EPPA Schmem• Security Analysis• Performance• Conclusions

Outline

Intorduction

Outline

System Model

Security Requirements

• Confidentiality

• Authentication and Data Integrity

Design Goal

• The secure requirement should be guaranteed in the proposed scheme

• The communication effectiveness should be achieved in the proposed scheme

Outline

Preliminaries

Bilinear Pairing

en(κ) = (q,P,T,e)

Computational Diffie-Hellman(CDH) Problem

Bilinear Diffie-Hellman(BDH) Problem

Decisional BDH(DBDH) Problem

Preliminaries-----Paillier Cryptosystem(1/3)

Key Generationsecurity parameter κ1

large prime p1 , q1

| p1|=|q1|=|κ1|RSA modulus : n=p1 * q1

λ=lcm(p1-1, q1-1)

L(u)=(u-1)/nμ=(L(gλmodn2))-1 mod n

Public key pk = (n,g)Privite key sk = (λ, μ)

Preliminaries-----Paillier Crypyosystem(2/3)

Encryptionmessage m ∈random number r ∈ciphertext c=E(m)=gm*rn mod n2

ℤ𝑛∗

Decryptionciphertext c ∈

m=D(c)=L() *μ mod n

Preliminaries-----Paillier Crypyosystem(3/3)

ℤ𝑛 2

Outline

• Introduction• System Model, Security Requirement And Design Model• Preliminaries• EPPA Scheme• Security Analysis• Performance• Conclusions

EPPA Scheme---System Initialization(1/3)

Security parameters κ, κ1

en(κ) = (q,P,T,e)

Calculate public key pk = (n,g) //n=p1q1

privite key sk = (λ, μ)

Electricity usage data (T1 ,T2 ,…,Tl )

Superincreasing sequence = (a1 =1,a2 ,…,al) //a2,…,al are large prime

gi=, for i=1,2,…,l

2 random element Q1,Q2 ∈2 random number ∈Computes e(P,P) , Y=P

2 secure cryptographic hash function H,H1 H : {0,1}*

H1: {0,1}*

ℤ𝑞∗

Keep Master keys (λ, μ ) security

While when a HAN user Ui ∈ U of the RA joins in the system , Ui choose a random number i as the private key ,and compute the ∈corresponding public key Yi=iP

ℤ𝑞∗

EPPA Scheme---User Report Generation

Step 1. choose a random number r and compute∈

Step 2. use private key to make sinature

Step 3.report encrypted electricity usage data C to local GW in the RA

ℤ𝑛∗

EPPA Scheme---Privacy-Preserving Report Aggregation

After receiving C for i = 1,2,…,wLocal GW check TS & if hold?Hold, the signature is accept . In order to make verification efficientlyGW perform as

The time-consuming pairing operation can be reduce from 2w to w+1 time.

EPPA Scheme---Privacy-Preserving Report Aggregation

After validity checking, the following steps for privacy-preserving report aggregation :

EPPA Scheme---Secure Report Reading And Response(1/6)

After receiving C ,OA checkC is implicitly formed by

Taking

And the report C=gMRn mod n2 is still ciphertext for Paillier Cryptosystem

OA use master key to recover M

By invoking algorithm 1,OA can recover and store the aggregated data

Correctness of algorithm 1,assume Xl=M

Since any type of data is less than d,

With the same procedure, we can also prove each

Dj= ,for j = 1,2,…,l-1.

After analyzing the near real-time electricity usage data,OA send a message mT to inform user in RA

step1. OA first choose a random number s , and compute =(,,,),where

Then OA make signature =H() ,and send back to local GW at RA

ℤ𝑞∗

EPPA Scheme---Secure Report Reading And Response(6/6)step2. upon receiving GW check

e(P)=e(Y,H() )if hold,GW broadcast in RA

step3. authorized key

=(P+Y,P, P, Q1+Q2) to recover m form :

Outline

Security Analysis(1/2)

User’s data (di1,di2,…,dil) sensed by smart meters are formed as

Ci= ,…, mod n2 ,which can be express as

Since Paillier Crytosystem is semantic secure against the chosen plaintext attack . Thus the data is secure and privacy-preserving.

Security Analysis(2/2)

After GW collect all report C1,C2,…,Cw from residential user ,

GW compute C= Ci mod n2 to perform report aggregation.

After receiving C from GW, the OA recover C as (l),and store the entry in the database.

∏𝑖=1

Outline

Performance(1/3)

Performance(2/3)

Performance(3/3)

Outline

Conclusions

In this paper, we have proposed an efficient and privacypreserving aggregation scheme for secure smart grid communications. It realizes a multidimensional data aggregation approach based on the homomorphic Paillier cryptosystem.

Compared with the traditional one-dimensional data aggregation methods, EPPA can significantly reduce computational cost and significantly improve communication efficiency, satisfying the real-time high-frequency data collection requirements in smart grid communications.

We have also provided security analysis to demonstrate its security strength and privacy-preserving ability, and performance analysis to show the efficiency improvement.

For the future work, we will study the possible behavior by internal attackers and extend the EPPA scheme to effectively resist such attacks.

心得

Thanks for your listening

EPPA: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Communications...

Documents

PRIMERA REVISTA EPPA X PRIMARIA B

Presentation made by EPPA/ MPBIASA & SMG Technologies ... · Presentation made by EPPA/ MPBIASA & SMG Technologies Africa (Pty) Ltd To Mpumalanga Provincial Government ( MPG ) Department

Osanaiye, Opeyemi; Chen, Shuo; Yan, Zheng; Lu, Rongxing ... › files › 15327383 › Osanaiye...Corresponding author: Kim-Kwang Raymond Choo (raymond.choo@fulbrightmail.org) This

What do you think of game shows ? Unit 11 Chunhu Middle School Wu Xuemin Period 1

Initiation à la recherche en soins infirmiers La soutenance CPDEI / EPPA DS G. HUE 05 JUILET 2004

The MIT Economic Projection and Policy Analysis (EPPA ... · The MIT Economic Projection and Policy Analysis (EPPA) Model: Version 5 Y.-H. Henry Chen, Sergey Paltsev, John Reilly,

Monitoramento de mídias sociais e branding - EPPA 2014

EPPA padres 1er encuentro Abril 2016 Inst. Ana María Janerjaner.esc.edu.ar/3-cartelera/EPPA-Violenca_Verbal-Encuentro_2016-0… · Fases del ciclo de violencia intrafamiliar . Violencia

Weiren Yu 1 , Jiajin Le 2 , Xuemin Lin 1 , Wenjie Zhang 1

Privacy-Preserving K-means Clustering over Vertically Partitioned Data Reporter ： Ximeng Liu Supervisor: Rongxing Lu School of EEE, NTU

Yu Fu, Sen Wang, Cheng-Xiang Wang, Xuemin Hong, and

An Introduction to the Economic ... - MIT Global Change · An Introduction to the Economic Projection and Policy Analysis (EPPA) model October, 2014 EPPA Training Session Massachusetts

ΠΡΑΚΤΙΚΑ Συνεδρίαση 3 10 2017 › images › enimerosi › eppa › viva_voce › praktika3.pdf · Με δικαίωμα ψήφου 1. Κος Αλέξανδρος

Weiwei Wang a , Zihua Guo b , Jun Cai c , Xuemin(Sherman) Shen d , Changjia Chen a

Fatmawatirepositori.uin-alauddin.ac.id/11484/1/EPPA’ SULAPA...Jl. Tun Abdul Razak 1, Pao-Pao Permai, G5/18, Gowa iii “Ritomainge’ eppa’ masero madecceng. Mula mulanna namaiseiwi

EPPA - interempresas.net

L’ÉCOLE DU PERSONNEL PARAMEDICAL DES ARMÉES EPPA · 2020. 1. 31. · PARAMEDICAL DES ARMÉES EPPA 2019. Un peu d’histoire Création le 1er juillet 1990, à Toulon Héritière

Interference Cancelation and Management Techniqueshome.eps.hw.ac.uk/~cw46/2009_Wang_VT Mag_09_04_76.pdfInterference Cancelation and Management Techniques Xuemin Hong, Zengmao Chen,

Disaggregating Household Transport in the MIT-EPPA Model...Disaggregating Household Transport in the MIT-EPPA Model S. Paltsev1, L. Viguier2,3, M. Babiker4, J. Reilly1, and K.H. Tay1

Palestra eppa trabalhando-com-dados-final