A Privacy-preserving Data Aggregation Scheme with Efficient Batch Verification in Smart Grid

( Yueyu Zhang ),( Jie Chen ),( Hua Zhou ),( Lanjun Dang ) 한국인터넷정보학회 2021 KSII Transactions on Internet and Information Syst Vol.15 No.2

This paper presents a privacy-preserving data aggregation scheme deals with the multidimensional data. It is essential that the multidimensional data is rarely mentioned in all researches on smart grid. We use the Paillier Cryptosystem and blinding factor technique to encrypt the multidimensional data as a whole and take advantage of the homomorphic property of the Paillier Cryptosystem to achieve data aggregation. Signature and efficient batch verification have also been applied into our scheme for data integrity and quick verification. And the efficient batch verification only requires 2 pairing operations. Our scheme also supports fault tolerance which means that even some smart meters don’t work, our scheme can still work well. In addition, we give two extensions of our scheme. One is that our scheme can be used to compute a fixed user’s time-of-use electricity bill. The other is that our scheme is able to effectively and quickly deal with the dynamic user situation. In security analysis, we prove the detailed unforgeability and security of batch verification, and briefly introduce other security features. Performance analysis shows that our scheme has lower computational complexity and communication overhead than existing schemes.

Simplified small exponent test for batch verification

Hwang, J.Y.,Song, B.,Choi, D.,Jin, S.H.,Cho, H.S.,Lee, M.K. North-Holland Pub. Co ; Elsevier Science Ltd 2017 Theoretical computer science Vol.662 No.-

<P>The Small Exponent Test (SET) for exponentiation is an essential batch-verification technique that is widely applied. In this paper, we propose a simplified SET that can securely batch-verify n instances with only n-1 randomizing exponents. We show that the structure of the proposed batch test is compact in the sense that it works with a minimal number of randomizing exponents for the SET. Thus, our test offers various advantages. Overall, compared to the original SET, the proposed simplified SET is more efficient for any sized batch instance. In particular, unlike the SET, our proposal performs well even when the size of a batch instance is small, e.g., n =1, 2, 3, and 4. This feature can be also used to significantly reduce pairing computations in a signature scheme where several pairing equations are verified. In addition, our test can be combined easily and generically with existing batch techniques such as the use of sparse exponents, the bucket test for large batch sizes, or an automated tool to generate a batch algorithm. Finally, with our simplified test, an efficient identification algorithm can be constructed to discover incorrect instances in a batch. (C) 2016 Elsevier B.V. All rights reserved.</P>

Efficient Signature Scheme with Batch Verifications in Identity-Based Framework

P. V.S.S.N. Gopal,P. Vasudeva Reddy,T. Gowri 한국전자통신연구원 2016 ETRI Journal Vol.38 No.2

In group-oriented applications, it is often required to verify a group of signatures/messages. The individual verification of signed messages in such applications comes at a high cost in terms of computations and time. To improve computational efficiency and to speed up the verification process, a batch verification technique is a good alternative to individual verification. Such a technique is useful in many real-world applications, such as mail servers, e-commerce, banking transactions, and so on. In this work, we propose a new, efficient identity-based signature (IDS) scheme supporting batch verifications. We prove that the proposed IDS scheme and its various types of batch verifications is tightly related to the Computational Diffie–Hellman problem under a random oracle paradigm. We compare the efficiency of the proposed scheme with related schemes that support batch verifications.

VANET를 위한 효율적인 서명 일괄 확인 시스템

임지환(Jihwan Lim),오희국(Heekuck Oh),김상진(Sangjin Kim) 한국정보보호학회 2010 정보보호학회논문지 Vol.20 No.1

VANET(Vehicular Ad hoc NETwork)에서 차량들은 일괄 확인(batch verification) 기법을 이용해 많은 수의 서명 메시지를 효율적으로 검증할 수 있다. 하지만 각 차량에서의 개별적인 일괄 확인은 네트워크 전체적으로 볼 때 불필요한 중복 검증을 발생시킨다. 이 문제를 해결하기 위해 RSU(Road Side Unit)가 노드를 대신해서 일괄 확인을 수행 할 수 있지만, 이 방법은 일괄 확인이 실패했을 경우 유효하지 않은 서명을 효율적으로 찾을 수 있는 방법이 추가적으로 필요하다. 본 논문에서는 분산 일괄 확인 시스템을 설계하기 위해 고려되어야하는 몇 가지 방법론에 대해서 분석하고 참여 차량이 작은 크기의 서명 집합을 분산해서 일괄 확인하는 효율적인 분산 일괄 확인 시스템을 제안한다. 제안하는 시스템에서 각 노드는 RSU에게 단순 일괄 확인 결과만을 보고하거나 식별한 유효하지 않은 서명들을 보고할 수 있으며 이를 수신한 RSU는 노드의 이 일괄 검증 결과 리포트를 이용하여 효율적으로 유효하지 않은 서명을 식별하여 배제할 수 있다. In VANET (Vehicular Ad hoc NETwork), vehicles can efficiently verify a large number of signatures efficiently using batch verification techniques. However, batch verification performed independently in each vehicle raises many redundant verification cost. Although, an RSU (Road Side Unit) can perform the batch verification as a proxy to reduce this cost, it additionally requires an efficient method to identify invalid signatures when the batch verification fails. In this paper, we analyze several ways of constructing a distributed batch verification system, and propose an efficient distributed batch verification system in which participating vehicles perform batch verification in a distributive manner for a small size signature set. In our proposed system, each node can report the batch verification result or the identified invalid signatures list and the RSU who received these reports can identify the invalid signatures and efficiently exclude them.

Secure and Efficient Identity-based Batch Verification Signature Scheme for ADS-B System

( Jing-xian Zhou ),( Jian-hua Yan ) 한국인터넷정보학회 2019 KSII Transactions on Internet and Information Syst Vol.13 No.12

As a foundation of next-generation air transportation systems, automatic dependent surveillance-broadcast (ADS-B) helps pilots and air traffic controllers create a safer and more efficient national airspace system. Owing to the open communication environment, it is easy to insert fake aircraft into the system via spoofing or the insertion of false messages. Efforts have thus been made in academic research and practice in the aviation industry to ensure the security of transmission of messages of the ADS-B system. An identity-based batch verification (IBV) scheme was recently proposed to enhance the security and efficiency of the ADS-B system, but current IBV schemes are often too resource intensive because of the application of complex hash-to-point operations or bilinear pairing operations. In this paper, we propose a lightweight IBV signature scheme for the ADS-B system that is robust against adaptive chosen message attacks in the random oracle model, and ensures the security of batch message verification and against the replaying attack. The proposed IBV scheme needs only a small and constant number of point multiplication and point addition computations instead of hash-to-point or pairing operations. Detailed performance analyses were conducted to show that the proposed IBV scheme has clear advantages over prevalent schemes in terms of computational cost and transmission overhead.

An Efficient Broadcast Authentication Scheme with Batch Verification for ADS-B Messages

( Haomiao Yang ),( Hyunsung Kim ),( Hongwei Li ),( Eunjun Yoon ),( Xiaofen Wang ),( Xuefeng Ding ) 한국인터넷정보학회 2013 KSII Transactions on Internet and Information Syst Vol.7 No.10

As a cornerstone of the next generation air traffic management (ATM), automatic dependent surveillance-broadcast (ADS-B) system can provide continual broadcast of aircraft position, identity, velocity and other messages over unencrypted data links to generate a common situational awareness picture for ATM. However, since ADS-B messages are unauthenticated, it is easy to insert fake aircrafts into the system via spoofing or insertion of false messages. Unfortunately, the authentication for ADS-B messages has not yet been well studied. In this paper, we propose an efficient broadcast authentication scheme with batch verification for ADS-B messages which employs an identity-based signature (IBS). Security analysis indicates that our scheme can achieve integrity and authenticity of ADS-B messages, batch verification, and resilience to key leakage. Performance evaluation demonstrates that our scheme is computationally efficient for the typical avionics devices with limited resources, and it has low communication overhead well suitable for low-bandwidth ADS-B data link.

Batch Minting-enabled Digital Certificates Based on Soulbound Token for Achievement Verification

Muhammad Rasyid Redha Ansori,Allwinnaldo,Revin Naufal Alief,Ikechi Saviour Igboanusi,Jae Min Lee,Dong-Seong Kim 한국통신학회 2023 한국통신학회 학술대회논문집 Vol.2023 No.6

안전한 다자간 계산에 적용 가능한 효율적이고 안전한 서명체계

정명인(Myoungin Jeong) 한국컴퓨터정보학회 2023 韓國컴퓨터情報學會論文誌 Vol.28 No.7

본 연구는 다자간 계산에 참여하는 참여자가 조작되지 않은 진실한 입력을 입력하도록 보장하는 기능을 통해 안전한 다자간 프로토콜의 보안을 강화해야 할 필요성으로부터 시작되었다. 이것은 악의적인 참가자가 참여하는 경우이지만 전통적인 보안 모델을 벗어나는 것으로, 실제 상황에서 입력 조작을 통한 악의적인 행동은 종종 일어나며 이를 통해 프라이버시를 침해받거나 다자간 계산 결과의 정확성이 보장받을 수 없는 경우가 발생한다. 따라서 본 연구에서는 인증 기술을 이용하여 입력의 정확성을 강화하기 위해 비밀 공유를 기반으로 하는 안전한 다자간 기술에 결합하여 적용이 가능한 서명 체계를 제안하며 배치인증 기술을 이용하여 인증의 효율성을 강화하기 위한 방법에 대해 연구한다. 이를 위해 경량화된 서명 체계인 CL signature scheme에 commitment scheme과 영지식증명을 적용하여 입력 인증이 가능한 스킴을 설계하였으며, 인증 간에 효율성을 향상시키기 위해 배치인증을 적용하였다. This research originated from the need to enhance the security of secure multiparty computation by ensuring that participants involved in multiparty computations provide truthful inputs that have not been manipulated. While malicious participants can be involved, which goes beyond the traditional security models, malicious behaviors through input manipulation often occur in real-world scenarios, leading to privacy infringements or situations where the accuracy of multiparty computation results cannot be guaranteed. Therefore, in this study, we propose a signature scheme applicable to secure multiparty technologies, combining it with secret sharing to strengthen the accuracy of inputs using authentication techniques. We also investigate methods to enhance the efficiency of authentication through the use of batch authentication techniques. To this end, a scheme capable of input certification was designed by applying a commitment scheme and zero-knowledge proof of knowledge to the CL signature scheme, which is a lightweight signature scheme, and batch verification was applied to improve efficiency during authentication.

A Secure Data Aggregation Scheme Based on Appropriate Cryptographic Primitives in Heterogeneous Wireless Sensor Networks

Kyung-Ah Shim,Cheol-Min Park IEEE 2015 IEEE transactions on parallel and distributed syst Vol.26 No.8

<P>Energy cost of transmitting a single bit of information is approximately the same as that needed for processing a thousand operations in a typical sensor node. Thus, a practical way to prolong a wireless sensor network lifetime is to reduce the sensor energy consumption in data transmissions. Data aggregation is an efficient way to minimize energy consumption on sensors. In this paper, we propose a practical secure data aggregation scheme, Sen-SDA, based on an additive homomorphic encryption scheme, an identity-based signature scheme, and a batch verification technique with an algorithm for filtering injected false data. We then investigate the feasibility of our scheme using low-cost microcontrollers choosing two popular IEEE 802.15.4-compliant wireless sensor network hardware platforms, MICAz and Tmote Sky, used in real-life deployments.</P>

VANET를 위한 차량자체생성 조건부익명 인증시스템

김상진(Sangjin Kim),임지환(Jihwan Lim),오희국(Heekuck Oh) 한국정보보호학회 2009 정보보호학회논문지 Vol.19 No.4

충돌회피, 협력운전과 같은 서비스를 차량 애드혹 네트워크(VANET, Vehicular Ad hoc NETwork)에서 제공하기 위해서는 차량 간 교환되는 메시지의 인증이 매우 중요하다. 하지만 일반 전자서명 기법을 사용할 경우에는 프라이버시 침해 문제가 발생할 수 있어, 조건부 익명성을 제공하는 인증시스템이 필요하다. 최근에 Zhang 등은 조작불 가능한 하드웨어를 활용하는 VANET를 위한 조건부 익명 인증시스템을 제안하였다. 이 시스템은 차량에서 조건부 익명성이 보장되는 신원기반의 공개키 쌍을 생성하여 메시지를 서명하여 교환한다. 또한 많은 메시지를 효과적으로 검증하기 위해 일괄 확인 기법을 사용한다. 이 논문에서는 Zhang 등의 시스템을 다음 측면에서 개선한다. 첫째, 보다 효율적인 확률 서명기법을 사용한다. 둘째, Zhang 등과 달리 안전성이 증명된 일괄확인 기법을 사용한다. 이 밖에 키 철회 문제, 익명 철회 문제 등에 대한 효과적인 해결방안도 제시한다. Messages exchanged among vehicles must be authenticated in order to provide collision avoidance and cooperative driving services in VANET. However, digitally signing the messages can violate the privacy of users. Therefore, we require authentication systems that can provide conditional anonymity. Recently, Zhang et al. proposed conditionally anonymous authentication system for VANET using tamper-resistant hardware. In their system, vehicles can generate identity-based public keys by themselves and use them to sign messages. Moreover, they use batch verification to effectively verify signed messages. In this paper, we provide amelioration to Zhang et al.‘s system in the following respects. First, we use a more efficient probabilistic signature scheme. Second, unlike Zhang et al., we use a security proven batch verification scheme. We also provide effective solutions for key revocation and anonymity revocation problems.