KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

EMRQ: An Efficient Multi-keyword Range Query Scheme in Smart Grid Auction Market

  • Li, Hongwei (school of Computer Science & Engineering, UESTC) ;
  • Yang, Yi (School of Computer Science & Engineering, UESTC) ;
  • Wen, Mi (College of Computer Science and Technology, Shanghai University of Electric Power) ;
  • Luo, Hongwei (China Academy of Telecom Research, MIIT) ;
  • Lu, Rongxing (School of Electrical and Electronics Engineering, Nanyang Technological University)
  • Received : 2014.08.11
  • Accepted : 2014.09.18
  • Published : 2014.11.30
Download PDF
⟨ Previous Next ⟩

Abstract

With the increasing electricity consumption and the wide application of renewable energy sources, energy auction attracts a lot of attention due to its economic benefits. Many schemes have been proposed to support energy auction in smart grid. However, few of them can achieve range query, ranked search and personalized search. In this paper, we propose an efficient multi-keyword range query (EMRQ) scheme, which can support range query, ranked search and personalized search simultaneously. Based on the homomorphic Paillier cryptosystem, we use two super-increasing sequences to aggregate multidimensional keywords. The first one is used to aggregate one buyer's or seller's multidimensional keywords to an aggregated number. The second one is used to create a summary number by aggregating the aggregated numbers of all sellers. As a result, the comparison between the keywords of all sellers and those of one buyer can be achieved with only one calculation. Security analysis demonstrates that EMRQ can achieve confidentiality of keywords, authentication, data integrity and query privacy. Extensive experiments show that EMRQ is more efficient compared with the scheme in [3] in terms of computation and communication overhead.

Keywords

1. Introduction

Currently, the traditional power grid, due to its inherent limitations, cannot fully satisfy today's swift development trend. As a result, it is restructured and developed to a more intelligent power system named smart grid [1]. The smart grid mainly consists of several parts: generator(s), transmission system operator, distributor(s), retailer(s) and aggregator(s). Many technologies have been introduced into smart grid to ensure availability and economic benefits [2,3]. For instance, energy auction maret introduces commercial auctions to the smart grid, where energy sellers publish their auction information, and then energy buyers bid for appropriate energy supplies. Thus, the energy auction market can adjust energy prices and provide strong support for the practical application of smart grid [4].

Though energy auction is promising, security and privacy are seriously challenged in energy auction market. Firstly, due to the confidentiality of auction information, privacy preservation is extremely important [5,6]. One solution is to introduce encrypted keyword search to smart grid, which enables the keyword search over encrypted data. But the existing encrypted keyword search schemes in smart grid auction market (e.g., [3]) cannot achieve range query of keywords, which is extremely useful in smart grid [7]. For example, with the range of price keyword, energy buyers can filter out the energy with reasonable price. In addition, the existing range query scheme in smart grid [7] cannot be directly applied to auction market, and also cannot achieve the ranked search among multidimensional keywords.

In this paper, aim at addressing the above challenges, we propose an efficient multi-keyword range query (EMRQ) scheme in smart grid auction market. The proposed scheme focuses on providing secure and efficient transactions between sellers and buyers, and supports range query, ranked search, personalized search and efficient aggregation at the same time.

Our Contributions. The contributions of this paper are twofold:

Compared with the preliminary conference version [1] of this paper, this journal version studies the fine-grained weight strategy to provide personalized search for buyers. Moreover, the privacy-preservation of buyers is enhanced to ensure an adversary cannot get any privacy information about the bid auction. In addition, we improve the experimental works by adding the analysis and evaluation of the new scheme.

Organization. The remainder of the paper is organized as follows: In Section 2, the network model and security requirements are formalized. We present the notation and recall Paillier cryptosystem in Section 3. In Section 4, we propose the EMRQ scheme. We analyze the security of our scheme in Section 5, and evaluate its performance in Section 6. In Section 7, we present related works. Finally, we conclude this paper in Section 8.

 

2. NETWORK MODEL AND SECURITY REQUIREMENTS

In this section, we will formalize the network model, security requirements and design goals.

2.1 Network Model

In our network model, we focus on how to secretly compare keyword tags and trapdoors generated by the sellers and buyers, respectively. Specifically, we consider that our system consists of four parts, as shown in Fig. 1.

Fig. 1.Network model for smart auction market

2.2 Security Requirements

In our scheme, we assume all entities are untrustworthy except FC. An adversary A can intrude in smart grid and eavesdrop or modify the messages with private information. Specifically, we define security requirements as follows.

2.3 Design Goals

In order to realize the auction messages filtering in our scheme, our design goals are to develop an efficient fine-grained keywords comparison with privacy preservation.

 

3. Notations and Preliminaries

In this subsection, we introduce notations (Table 1) used throughout the remainder of this paper and review Bilinear Pairing and Paillier Cryptosystem.

Table 1.Notations

3.1 Notations

3.2 Bilinear Pairing

Let G1 and G2 be two cyclic groups of prime order q, and P be a generator of group G1. There must exist a non-degenerated, efficiently computable bilinear map ê: G1 × G1 → G2 such that ê(P, P) ≠ 1G2. And for all P1, P2 ∈ G1 and all a, b ∈ , we have ê(aP1, bP2) = ê(P1, P2)ab. We refer to [12] for a more comprehensive description of pairing technique, and complexity assumptions.

3.3 Paillier Cryptosystem

The Paillier cryptosystem consists of three phases as follows (refer to [9]):

 

4. Proposed Scheme

In this section, we propose the EMRQ scheme, which mainly consists of the following four phases: system initialization, auction message creating, trapdoor aggregating and filtering.

4.1 System Initialization

Firstly, FC computes the Paillier cryptosystem’s public key (n, g), and the corresponding private key (λ, μ). Considering the multidimensional keywords of auction information, we expect that all keywords (price, quantity and location, etc.) can be aggregated to one number and the difference of all keywords can be gained by only one comparison. Therefore, we transform each dimension keyword to a positive integer. Assume that for selleri, there are totally l types of auction keywords (mi,1, mi,2,⋯, mi,l) (mi,j ∈ ℤn), and the value of each type mi,j (j = 1,2,⋯, l) is less than a constant d. Then, FC chooses a super-increasing sequence = (a1, a2,⋯, al), where a1, a2,⋯, al are integers, a1 = 1 and aj ∙ d < ai/2 for (i = 2,⋯, l). The reason why we choose ai/2 will be described in Section 4.4. Then, FC computes (g1, g2,⋯, gl), where gi = gai (i = 1,2,⋯, l).

Then we define selleri’s aggregated number of multidimensional keywords is no more than a constant D, e.g., aj · d < D, and FC further chooses another super-increasing sequence = (b1, b2,⋯, bI) (I is the number of sellers), where b1 = 1 and bj ∙ D < = bi/2. The reason why we choose bi/2 will also be described in Section 4.4.

For identity-based signature, we also choose master key s ∈ , and the associated public key Ppub = sP, two hash functions H1, H2: {0,1}∗ → G1, the privacy of all entities can be generated as d = sH1(ID) ∈ G1.

After all, FC publishes the system parameters as

and keeps the master keys (λ,μ, ,s) secretly.

Auction Message Creating

The auction message creating process is shown in Fig. 2.

Fig. 2.Auction message creating

(1) Tag creating

Selleri selects auction keywords (mi,1, mi,2,⋯,mi,l) according to corresponding auction information, then he chooses a random number ri ∈ and computes his tag:

where Mi = a1mi,1 + a2mi,2 + ⋯ + almi,l.

(2) Delivery

Selleri uses identity-based signature algorithm [11] to sign Ci. Firstly, pick r , compute U = rP ∈ G1, then H = H2(IDSi, Ci║TS, U) ∈ G1 (where IDSi is selleri’s identity) and V = dSi + rH ∈ G1. Finally, output the pair: σ = 〈U, V〉 ∈ G1 × G1.

Therefore, the signed message can be generated as msgselleri→DC = (Ci║IDSi║TS║σ) (TS is the current timestamp) and it will be sent to DC.

(3) All sellers’ tags aggregation

DC verifies all sellers ’ tags as follows: with σ = 〈U, V〉, compute H = H2(IDSi, Ci║TS, U), and then accept it only if ê(P, V) = ê(Ppub,H1(IDSi))ê(U, H). Then DC computes total tag as Csel = C1 ∙ C2 ∙ ⋯ ∙ CI, where

Trapdoor aggregating

The trapdoor aggregating process is shown in Fig. 3.

Fig. 3.Trapdoor aggregating

(1) Trapdoor creation and delivery

When buyerj wants to bid the energy, he first generates filtering keywords (mj,1, mj,2,⋯ , mj,l) (0 < mj,k < d,1 ≤ k ≤ l) and randomly chooses rj ∈ , then computes his trapdoor

where Mj = a1mj,1 + a2mj,2 + ⋯ + almj,l. And then buyerj calculates the total trapdoor as Cbuy = Cj′b1+b2+⋯+bI, where

After that, buyerj generates a matching rule sequence R = (R1, R2, … , Rl). If buyerj defines the range of auction keyword as v1 ≤ mi,k ≤ v2 (v1, v2 ∈ ℤn), then Rk should be a pair: gv1−mj,k, gv2−mj,k. Based on the filtering rules, buyerj can define a keyword weight sequence (W1, W2, … , Wl) for all auction keywords mi,k (k = 1,2,⋯, l), the keyword weight Wk represents the keyword importance defined by buyerj. The fine-grained weight strategy can provide personalized search for buyers. Speciafically, the weight strategy is as follows:

Weight strategy:

Next, the keyword weight sequence can be encrypted as W=(gW1, gW2,⋯, gWl). Then buyerj signs (Cbuy║R║W║TS) using the identity-based signature algorithm [11]. The alogrithm is as follow: pick r , compute U = rP ∈ G1 , H = H2(IDBi, Cbuy║R║W║TS, U) (where IDBj is buyerj’s identity) and V = dBj + rH ∈ G1. Finally, output the pair: σ = 〈U, V〉∈G1 × G1. Then, buyerj sends the signed message msgbuyerj→DC =(Cbuy║R║W║IDBj║TS║σ) to DC, and DC accepts it after verifying asê(P, V)=ê(Ppub,H1(IDBi))ê(U, H), where H = H2(IDBi, Cbuy║R║W║TS, U).

(2) Homomorphic computing for comparison

When DC wants to compare sellers’ tags with buyerj’s trapdoor. It can compute C = Csel ∙ Cbuy. Then, DC sends the signed message msgDC→FC =(C║R║IDDC║IDBj║TS║σ) to FC, where σ is the signature of (C║R║IDDC║IDBj║TS) using the identity-based signature algorithm [11].

Filtering

The filtering process is shown in Fig. 4.

Fig. 4.Filtering

(1) Decrypting the result of comparison

After receiving the message (C║R║IDDC║IDBj║TS║σ), check the signature σ using the identity-based signature algorithm [11], if it is valid, FC decrypts C, where C is formed by

where Mi,j = Mi−Mj = a1(mi,1 − mj,1) + a2(mi,2 − mj,2) + ⋯ + al(mi,l − mj,l) and Mtotal = biMi,j. FC uses sk to recover Mtotal as Section 3.3. After that, FC gets (M1,j, M2,j,⋯, MI,j) by running Algorithm 1 with input and SUM = Mtotal.

Algorithm 1

As shown in Algorithm 1, we define sumi = b1M1,j + b2M2,j + ⋯ + biMi,j (i = 1,2,⋯, I). We compute sumi−1 = sumi mod xi, hence we have 0 ≤ sumi−1 ≤ xi. Since we have defined bj ∙ D < bi/2, we have −xi/2 ≤ sumi−1 ≤ xi/2 (for example: 0 < εi, εj < t ⇒ −t < εi − εj < t). Thus, in Algorithm 1, if the calculated sumi−1 is 0≤sumi−1≤xi/2, this is the right result; else if xi/2 < sumi−1 < xi, we must correct it as sumi−1 = sumi−1 − xi, the true result is −xi/2 < sumi−1 < 0. That is why we choose bi/2 in bj ∙ D < bi/2 and ai/2 in aj ∙ d < ai/2, it can split the aggregation including negative numbers.

After getting (M1,j, M2,j,⋯, MI,j), FC can use Algorithm 1 with input and SUM = Mi,j (i = 1,2,⋯, I) to gain all differences of the multidimensional keywords DIFi,j = (difi,j,1, difi,j,2,⋯, difi,j,l) between selleri and buyerj.

(2) Choosing winners

With the keyword difference DIFi,j = (difi,j,1, difi,j,2,⋯, difi,j,l) and filtering rules (R1, R2, … , Rl), we can achieve range query. If each difi,j,k (k = 1,2,⋯, l) satisfies the filtering rule Rk (i.e., v1 − mj,k ≤ difi,j,k ≤ v2 − mj,k), k will be stored in an array Ki[].

After getting the array Ki[] (i = 1,2,⋯, I), FC further sends it to DC. Then, randomly chooses r′ ∈ , DC generates the weight of selleri as follows:

All weighti (i = 1,2,⋯, I) will be sent to FC and decrypted according to Paillier cryptosystem [9] as shown in equation (8).

According to the weight of each selleri, i.e., ∑k∈Ki[] Wk , the ranked result array winner′[] = (ID′1, ID′2, ID′3, ⋯) can be obtained. Finally, FC sends the message (winner′[]║IDFC║TS), i.e., the ranked result, to DC through a secure channel.

Theorem 1. For the keyword weight sequence W′=(Wk1, Wk2, … , Wkl) which is ordered by the ascending weights, where Wkl = cl . If seller1 contains a more important keyword (Suppose that the largest keyword weight for seller1 is ck1) compared with seller2 (Suppose that the largest keyword weight for seller2 is ck2), i.e., k1 ≥ k2 + 1, then seller1 has higher priority in the returned winner′[], i.e., weight1 > weight2.

Proof. Because cj < ci, we have

 

5. Security Analysis

In this section, we analyze the security properties of our proposed scheme. In particular, based on the security requirements discussed in Section 2.2, our analysis focuses on how to achieve confidentiality of keywords, authentication, data integrity and query privacy.

5.1 Confidentiality of Keywords

In our proposed scheme, all the types of tag’s keywords ( mi,1, mi,2,⋯, mi,l) (mi,j ∈ ℤn) are aggregated to ci as

That means that Ci is a ciphertext of Paillier cryptosystem, similarly, Cj, Cbuy and Csel are the same. Due to the security of Paillier cryptosystem [9], the confidentiality of keywords is protected. And in DC, since it only does homomorphic computing on Cbuy and Csel, it cannot identify the tag or trapdoor. In the end, FC will decrypt C for the range comparison of keywords. But FC cannot gain each seller/buyer’s keywords, because the result is only a difference, e.g., Mi,j = Mi − Mj, FC cannot recover the corresponding Mi and Mj. In addition, with the super-increasing sequence = (b1, b2,⋯, bI), the parameter D might be estimated. However, D is a large integer and it would not disclosure the specific keyword information. Therefore, the proposed scheme can achieve the confidentiality of keywords.

5.2 Encrypted Messages’ Authentication and Data Integrity

The tags Ci (i = 1, 2, ⋯) and total trapdoor Cbuy in our proposed scheme are encrypted by Paillier cryptosystem, therefore the adversary A cannot identify them, but if the adversary A fabricates a message and sends it to some entities, it cannot be detected. Hence, we also sign them by the signature algorithm [11]. Therefore, our proposed scheme can achieve such messages’ authentication and data integrity.

5.3 Query Privacy

The range information and keyword weights are stored in two sequences R and W, respectively, which should be encrypted to prevent the disclosure of privacy. As shown in 4.3.1, R║W is encrypted by Paillier cryptosystem. Thus, only FC can use its private key sk = (λ, μ) to decrypt R║W. In addition, As shown in (2) Choosing winners of Section 4.4, only a part of keyword weights weighti=∏k∈Ki[] gWk are sent to the filter center, where Ki[] is an array storing the keywords which satisfy the corresponding matching rules. The filter center can only get the total weight of selleri, i.e., ∑k∈Ki[] Wk, it cannot identify the weight of each keyword. Therefore, the query privacy is achieved.

In Table 2, we compare EMRQ with PaRQ [8] and SESA [3]. We can see all schemes achieve confidentiality of keywords, authentication and data integrity, PaRQ and EMRQ further achieve query privacy.

Table 2.Comparison of Security Level

 

6. Performance Evaluation

In this section, we evaluate the performance of EMRQ in terms of functionality, computation and communication overhead.

6.1 Functionality

We compare the functionalities of EMRQ with SESA [3] and PaRQ [8]. As shown in Table 3, SESA achieves multi-keyword search in smart grid auction market, PaRQ further achieves range query, but only EMRQ scheme can achieve multi-keyword, range query, ranked search and personalized search simultaneously.

Table 3.Comparison of Functionalities

6.2 Computation Overhead

For simplicity, the cost of a pairing operation, a multiplication operation in G1, an exponentiation operation in ℤn2 and an exponentiation operation in ℤn are denoted as Cp, Cm, Cen2 and Cen, respectively. Compared with above operations, other operations in EMRQ and SESA are negligible [13].

In EMRQ, it costs 2Cm to sign a message, and 2Cp to verify if we adopt precomputed technology [11]. For selleri, he needs (l + 1)Cen2 + Cen to create tags Ci and 2Cm to sign it. Therefore, all sellers’ cost is (2Cm+(l + 1)Cen2 + Cen)I. For buyerj, he costs lCen2 + Cen to create tags C′j and Cen2 to create C′total. Then he encrypts (R║W) with 3lCen2. Finally, he costs 2Cm to sign it. Hence, all buyers’ cost is (2Cm + (4l + 1)Cen2 + Cen)J (assume J is the number of buyers). For DC, it needs 2(I + J)Cp to verify all messages of sellers and buyers. For every buyerj, DC needs to sign a message msgDC→FC = (C║R║W║IDDC║IDBj║TS) to FC, the signature costs 2JCm. Therefore, DC’s cost is 2JCm + (2I + 2J)Cp. For FC, it needs total 2JCp to verify the messages from DC, then decrypts C, R and weighti with JCen2, 2lJCen2 and JCen2. Hence, FC’s cost is (2l + 2)JCen2 + 2JCp. Therefore, in our proposed EMRQ, the total computation overhead is (4J + 2I)Cm + ((l + 1)I + (6l + 3)J)Cen2 + (J + I)Cen + (4J + 2I)Cp.

In the SESA scheme, we assume it adopts the same signature technology and two cyclic addition groups G1, G2. EBj makes a bid to EDRi which costs 3Cm + 2Cp, and the corresponding signature needs 2Cm, thus all energy buyers’ cost is 5IJCm + 2IJCp where each EB expects to make a bid to each EDR because EB cannot know which bid will be accepted; EDRi needs Cm to create a trapdoor and 2Cm to sign it, therefore EDRi’s cost is 3ICm; AS needs 2Cp to verify a message which will be IJ + I times, and Cp to compare each tag which will be IJ times, hence AS’s cost is (3IJ + 2I)Cp; RS needs Cm + Cp to decrypt a satisfied bid, assume that in SESA there are average N tags matching the trapdoor in once bid, therefore its total cost is IN(Cm + Cp). Therefore, in SESA the total computation overhead is (5IJ + 3I + IN)Cm + (2IJ + 2I + IN)Cp.

We conduct detailed experiments on Pentium IV 3GHz system to study the operation cost [13]. For G1 over MNT curve, a multiplication operation in G1 with 161 bits, and the corresponding pairing operation cost 0.6 ms and 4.5 ms. And an exponentiation operation costs 11.5 ms in ℤn2 and 2.3 ms in ℤn. Further, we assume N = 0.1 × J in SESA and l = 10. As shown in Fig. 5 and Fig. 6, the proposed scheme greatly reduces the computation overhead.

Fig. 5.Computation overhead of EMRQ

Fig. 6.Computation overhead of SESA

6.3 Communication Overhead

We divide the communication overhead of our proposed scheme into three types, seller − DC, buyer − DC and DC − FC, where the delivery of winner messages are the same in SESA and our scheme, we do not compare. The message seller sends to DC is formed by msgselleri→DC = (Ci║IDSi║TS║σ) where the signature σ includes two elements in G1, therefore if we choose 1024-bit and 161-bit G1, the total size of seller − DC communication overhead is (2048 + |ID| + |TS| + 2 × 161) × I bits. The message of buyer − DC is formed by msgbuyerj→DC =(Cbuy║R║W║IDBj║TS), each Rk (k = 1,2,⋯, l) includes two ciphertexts of Paillier Cryptosystem, and Wk includes one. Thus its total size is(2048 × (3l + 1)+|ID|+|TS| + 2 × 161) × J bits. In DC − FC phase, there are J messages of msgDC→FC =(C║R║IDDC║IDBj║TS) and (weighti║IDDC║IDBj║TS), the total size is (2048 × (2l + 2) + 4 × |ID| + 2 × |TS| + 2 × 161) × J bits.

In comparison, in SESA, EB − to − AS phase needs IJ messages of 963 bits, therefore the size is 963 × IJ bits; DER − to − AS needs to delivery a trapdoor of 160 bits and the corresponding signature of 161 × 2 bits, the total size is (160 + 2 × 161) × I bits; in AS − to − RS phase, for each DER, there are N ciphertexts Cj of 160 bits and signatures of 161 × 2 bits, hence the total size is (160 + 2 × 161) × IN bits.

We set |ID| + |TS| as 50 bits, then the comparison of total communication overhead for SESA and EMRQ are 482I + 963IJ + 482IN bits and 2420I + 109388J bits, respectively. As shown in Fig. 7 and Fig. 8, EMRQ is more efficient than SESA.

Fig. 7.Communication overhead of EMRQ

Fig. 8.Communication overhead of SESA

 

7. RELATED WORKS

The traditional auction market has been widely studied and many famous auction web sites have been applied to practice (e.g., Yahoo!, eBay, etc.) [14,15]. Recently, online auction becomes more popular, many people prefer to shop on the internet. Song et al. [16] estimate the behaviors of the rivals and present the bid. Chang et al. [17] present anonymous auction protocol with freewheeling bids.

In power market, auction technology has been extensively studied and various auction models are presented [2,14,18, 20]. Nguyen et al. [2] propose a demand respond exchange scheme, which thinks of demand respond as a kind of virtual goods. Li et al. [14] propose a auction scheme with privacy, which can also achieve anonymity bidding. Bompard et al. [18] propose supply function models in power market, which support supply-side strategic bidding. Liaw et al. [19] propose an electronic online bidding auction protocol, which can achieve the corresponding security and efficiency. Based on game theory, Kanga et al. [20] define oligopolistic strategy to efficient auction in power market.

Auction market in smart grid has attracted a lot of attention due to the remarkable economic benefits in electricity trading[21,22]. The corresponding issues have been extensively studied and various auction market schemes have been proposed to protect its security [3,8,23]. Wen et al. [3] propose a searchable encryption scheme (SESA) for auctions between energy generators and retailers. In SESA, each buyer makes a different tag message for every seller’s energy he wants to bid. In this case, the computation and communication overheads are heavy. And Wen et al. [8] also propose a novel privacy-preserving range query (PaRQ) scheme over encrypted metering data, which protects the privacy of financial auditing in smart grid. Lu et al. [24] adopt a super increasing-sequence to aggregate all types of electricity data. In such a scheme, the intermediate can achieve privacy preservation and efficiency, without decrypting the received messages. Therefore, it is feasible to introduce this method into searchable encryption auction market.

In addition, querying encrypted data has been extensively studied because of its wide range of applications. The first work can refer to Song et al. [25], which embeds a symmetric key setting to search on encrypted data, and its improvements and advanced security definitions are given in Goh [26], Chang et al. [27], and Curtmola et al. [28]. Recently, many searchable encryption schemes [29-33] have also been proposed to query outsourced data without disclosing any private information to unauthenticated entities. A relevance score scheme is presented by Wang et al. [29], which uses relevance score to achieve ranked query of keyword. And Li et al. [30] propose a fuzzy keyword search scheme which is purposed to solve minor typos and format inconsistencies in keyword search. Cao et al. [31] propose a widely used searchable encryption scheme, which can return the ranked results of search according to the number of matching keywords. Then, a multi-keyword top-k scheme is proposed by Yu et al. [32], such scheme returns ranked results and achieves high security with fully homomorphic encryption. Sun et al. [33] consider the multidimensional tree technique and the relevance scores of keywords, this scheme supports multi-keyword search and it can achieve efficient query. In our scheme, with a super increasing-sequence, we achieve the efficient multi-keyword range query of the encrypted auction.

 

8. CONCLUSION

In this paper, we have proposed an efficient multi-keyword range query (EMRQ) scheme for the auction market in smart grid. It can achieve range query, ranked search and personalized search simultaneously. Security analysis demonstrates that EMRQ can achieve confidentiality of keywords, authentication, data integrity and query privacy. Performance evaluation shows that the proposed scheme significantly improves computation and communication efficiency compared with the SESA scheme in [3].

References

  1. Y. Yang, H. Li, M. Wen, H. Luo, and R. Lu, "Achieving ranked range query in smart grid auction market," in Proc. of ICC, pp. 951-956, 2014.
  2. H. Li, X. Lin, H. Yang, X. Liang, R. Lu, and X. Shen, "Eppdr: an efficient privacy-preserving demand response scheme with adaptive key evolution in smart grid," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no.8, pp. 2053-2064, 2014. https://doi.org/10.1109/TPDS.2013.124
  3. M. Wen, R. Lu, J. Lei, H. Li, X. Liang, and X. Shen, "Sesa:an efficient searchable encryption scheme for auction in emerging smart grid marketing," Security and Communication Networks, vol. 7, no. 1, pp. 234-244, 2014. https://doi.org/10.1002/sec.699
  4. H. Liang, B. Choi, W. Zhuang, and X. Shen, "Towards optimal energy store-carry-and-deliver for phevs via v2g system," in Proc. of INFOCOM, pp. 1674-1682, 2012.
  5. H. Liang, B. Choi, A. Abdrabou, W. Zhuang, and X. Shen, "Decentralized economic dispatch in microgrids via heterogeneous wireless networks," IEEE Journal on Selected Areas in Communications, vol. 30, no. 6, pp. 1061-1074, 2012. https://doi.org/10.1109/JSAC.2012.120705
  6. H. Li, X. Liang, R. Lu, X. Lin, and X. Shen, "Edr: an efficient demand response scheme for achieving forward secrecy in smart grid," in Proc. of GLOBECOM, pp. 929-934, 2012.
  7. H. Li, R. Lu, L. Zhou, B. Yang, and X. Shen, "An efficient merkle tree based authentication scheme for smart grid," IEEE Systems Journal, vol. 8, no. 2, pp. 655-663, 2014. https://doi.org/10.1109/JSYST.2013.2271537
  8. M.Wen, R. Lu, K. Zhang, J. Lei, X. Liang, and X. Shen, "PaRQ: a privacy- preserving range Query scheme over encrypted metering data for smart grid," IEEE Transactions on Emerging Topics in Computing, vol. 1, no.1, pp. 178-191, 2013. https://doi.org/10.1109/TETC.2013.2273889
  9. P. Paillier, "Public-key cryptosystems based on composite degree residuosity classes," in Proc. of EUROCRYPT, pp. 223-238, 1999.
  10. N. Ferguson, R. Schroeppel, and D. Whiting, "A simple algebraic representation of rijndael," in Proc. of Selected Areas in Cryptography, pp. 103-111, 2001.
  11. B. Libert and J. Quisquater, "The exact security of an identity based signature and its applications," Cryptology ePrint Archive, http://eprint.iacr.org/2004/102.
  12. D. Boneh and M. K. Franklin, "Identity-based encryption from the weil pairing," in Proc. of CRYPTO, pp. 213-229, 2001.
  13. "Multiprecision integer and rational arithmetic c/c++library," http://www.certivox.com/miracl/.
  14. M. Li, S. Justie, H. Jennifer, "Practical electronic auction scheme with strong anonymity and bidding privacy," Information Science, vol. 181, no. 12, pp. 2576-2586, 2011. https://doi.org/10.1016/j.ins.2011.02.005
  15. S. Chakraborty, M. Weiss, and M. Simoes, "Distributed intelligent energy management system for a single-phase high-frequency ac microgrid," IEEE Transactions on Industrial Electronics, vol. 54, no. 1, pp. 97-109, 2007. https://doi.org/10.1109/TIE.2006.888766
  16. Y. Song, Y. Ni, F. Wen, "An improvement of generation firm's bidding strategies based on conjectural variation regulation via dynamic learning," In Proc. of the CSEE, pp. 23-27, 2003. http://en.cnki.com.cn/Article_en/CJFDTOTAL-ZGDC200312004.htm
  17. Y. Chang, C. Chang, "Enhanced anonymous auction protocols with freewheeling bids," In Proc. of 20th International Conference on Advanced Information Networking and Application (AINA06), pp. 353-358, 2006.
  18. E. Bompard, W. Lu, R. Napoli, "Network constraint impacts on the competitive electrically markets under supply-side strategic bidding," IEEE Transactions on Power System, vol. 21, no. 1, pp. 160-170, 2006. https://doi.org/10.1109/TPWRS.2005.857833
  19. H. T. Liaw, W. S. Juang, C. K. Lin, "An electronic online bidding auction protocol with both security and efficiency," Applied Mathematics and Computation, vol. 174, no. 2, pp. 1487-1497, 2006. https://doi.org/10.1016/j.amc.2005.06.016
  20. D. J. Kanga, B. H. Kimb, D. Hur, "Supplier bidding strategy based on non-cooperative game theory concepts in single auction power pools," Electric Power Systems Research, vol. 77, no. 5, pp. 630-636, 2007. https://doi.org/10.1016/j.epsr.2006.05.012
  21. R. Jiang, R. Lu, J. Luo, C. Lai, and X. Shen, "Efficient self-healing group key management with dynamic revocation and collusion resistance for SCADA in smart grid," Security and Communication Networks, 2014.
  22. R. Jiang, R. Lu, Y. Wang, J. Luo, C. Shen, and X. Shen, "Energy-theft detection issues for advanced metering infrastructure in smart grid," TSINGHUA SCIENCE AND TECHNOLOGY, Vol. 19, No. 2, pp. 105-120, 2014. https://doi.org/10.1109/TST.2014.6787363
  23. D. Liu, H. Li, Y. Yang, and H. Yang, "Achieving multi-authority access control with efficient attribute revocation in smart grid," in Proc. of ICC, pp. 634-639, 2014.
  24. R. Lu, X. Liang, X. Li, X. Lin, and X. Shen, "Eppa: an efficient and privacy preserving aggregation scheme for secure smart grid communications," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 9, pp. 1621-1631, 2012. https://doi.org/10.1109/TPDS.2012.86
  25. D. Song, D. Wagner, and A. Perrig, "Practical techniques for searches on encrypted data," in Proc. of IEEE Symp. Security and Privacy, pp. 44-55, 2000.
  26. E. J. Goh, "Secure Indexes," Cryptology ePrint Archive, http://eprint.iacr.org/2003/216. 2003.
  27. Y. C. Chang and M. Mitzenmacher, "Privacy preserving keyword searches on remote encrypted data," in Proc. of Third Int'l Conf. Applied Cryptography and Network Security, pp. 442-455, 2005.
  28. R. Curtmola, J.A. Garay, S. Kamara, and R. Ostrovsky, "Searchable symmetric encryption: improved definitions and efficient constructions," in Proc. of 13th ACM Conf. Computer and Comm. Security (CCS '06), pp. 79-88, 2006.
  29. C. Wang, N. Cao, K. Ren, and W. Lou, "Enabling secure and efficient ranked keyword search over outsourced cloud data," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 8, pp. 1467-1479, 2012. https://doi.org/10.1109/TPDS.2011.282
  30. J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, "Fuzzy keyword search over encrypted data in cloud computing," in Proc. of INFOCOM, pp. 1-5, 2010.
  31. N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, "Privacy-preserving multi-keyword ranked search over encrypted cloud data," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 1, pp. 222-233, 2014. https://doi.org/10.1109/TPDS.2013.45
  32. J. Yu, P. Lu, Y. Zhu, G. Xue, and M. Li, "Towards secure multi-keyword top-k retrieval over encrypted cloud data," IEEE Transactions on Dependable and Secure Computing, vol. 10, no. 4, pp. 239-250, 2013. https://doi.org/10.1109/TDSC.2013.9
  33. W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y. T. Hou, and H. Li, "Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking," IEEE Transactions on Parallel and Distributed Systems, 2013.

Cited by

  1. Enabling Fine-grained Access Control with Efficient Attribute Revocation and Policy Updating in Smart Grid vol.9, pp.4, 2014, https://doi.org/10.3837/tiis.2015.04.008