Privacy-Preserving IoT Data Aggregation Based on Blockchain and Homomorphic Encryption

Data analytics based on the produced data from the Internet of Things (IoT) devices is expected to improve the individuals’ quality of life. However, ensuring security and privacy in the IoT data aggregation process is a non-trivial task. Generally, the IoT data aggregation process is based on centralized servers. Yet, in the case of distributed approaches, it is difficult to coordinate several untrustworthy parties. Fortunately, the blockchain may provide decentralization while overcoming the trust problem. Consequently, blockchain-based IoT data aggregation may become a reasonable choice for the design of a privacy-preserving system. To this end, we propose PrivDA, a Privacy-preserving IoT Data Aggregation scheme based on the blockchain and homomorphic encryption technologies. In the proposed system, each data consumer can create a smart contract and publish both terms of service and requested IoT data. Thus, the smart contract puts together into one group potential data producers that can answer the consumer’s request and chooses one aggregator, the role of which is to compute the group requested result using homomorphic computations. Therefore, group-level aggregation obfuscates IoT data, which complicates sensitive information inference from a single IoT device. Finally, we deploy the proposal on a private Ethereum blockchain and give the performance evaluation.

Download Full-text

EPPDA: An Efficient and Privacy-Preserving Data Aggregation Scheme with Authentication and Authorization for IoT-Based Healthcare

10.21203/rs.3.rs-172603/v1 ◽

2021 ◽

Author(s):

Faris. A. Almalki ◽

Ben othman Soufiene

Keyword(s):

Data Aggregation ◽

Data Privacy ◽

Homomorphic Encryption ◽

Privacy Preserving ◽

Security And Privacy ◽

Communication Overhead ◽

Range Data ◽

Aggregation Techniques ◽

Aggregation Scheme ◽

Iot Devices

Abstract Internet of Things (IoT) connects various kinds of intelligent objects and devices using the internet to collect and exchange data. Nowadays, The IoT is used in diverse application domains, including the healthcare. In the healthcare domain, the IoT devices can collects patient data, and its forwards the data to the healthcare professionals can view it. The IoT devices are usually resource-constrained in terms of energy consumption, storage capacity, computational capability, and communication range, data aggregation techniques are used to reduce the communication overhead. However, in healthcare system using IoT, the heterogeneity of technologies, the large number of devices and systems, and the different types of users and roles create important challenges in terms of security. For that, the security and privacy aggregation of health data are very important aspects. In this paper, we propose a novel secure data aggregation scheme based on homomorphic primitives in IoT based healthcare systems, called “An Efficient and Privacy-Preserving Data Aggregation Scheme with authentication for IoT-Based Healthcare applications” (EPPDA). EPPDA is based the Verification and Authorization phase to verifying the legitimacy of the nodes wants to join the process of aggregation. EPPDA uses additive homomorphic encryption to protect data privacy and combines it with homomorphic MAC to check the data integrity. The security analysis and experimental results show that our proposed scheme guarantees data privacy, messages authenticity, and integrity, with lightweight communication overhead and computation.

Download Full-text

Privacy-Preserving Data Aggregation against False Data Injection Attacks in Fog Computing

Sensors ◽

10.3390/s18082659 ◽

2018 ◽

Vol 18 (8) ◽

pp. 2659 ◽

Cited By ~ 13

Author(s):

Yinghui Zhang ◽

Jiangfan Zhao ◽

Dong Zheng ◽

Kaixin Deng ◽

Fangyuan Ren ◽

...

Keyword(s):

Cloud Computing ◽

Data Aggregation ◽

Homomorphic Encryption ◽

Fog Computing ◽

Cloud Service ◽

Privacy Preserving ◽

Location Awareness ◽

False Data Injection ◽

Injection Attacks ◽

Iot Devices

As an extension of cloud computing, fog computing has received more attention in recent years. It can solve problems such as high latency, lack of support for mobility and location awareness in cloud computing. In the Internet of Things (IoT), a series of IoT devices can be connected to the fog nodes that assist a cloud service center to store and process a part of data in advance. Not only can it reduce the pressure of processing data, but also improve the real-time and service quality. However, data processing at fog nodes suffers from many challenging issues, such as false data injection attacks, data modification attacks, and IoT devices’ privacy violation. In this paper, based on the Paillier homomorphic encryption scheme, we use blinding factors to design a privacy-preserving data aggregation scheme in fog computing. No matter whether the fog node and the cloud control center are honest or not, the proposed scheme ensures that the injection data is from legal IoT devices and is not modified and leaked. The proposed scheme also has fault tolerance, which means that the collection of data from other devices will not be affected even if certain fog devices fail to work. In addition, security analysis and performance evaluation indicate the proposed scheme is secure and efficient.

Download Full-text

Privacy-Functionality Trade-Off: A Privacy-Preserving Multi-Channel Smart Metering System

Energies ◽

10.3390/en13123221 ◽

2020 ◽

Vol 13 (12) ◽

pp. 3221 ◽

Cited By ~ 1

Author(s):

Xiao-Yu Zhang ◽

Stefanie Kuenzel ◽

José-Rodrigo Córdoba-Pachón ◽

Chris Watkins

Keyword(s):

Data Aggregation ◽

Homomorphic Encryption ◽

Value Added ◽

Privacy Preserving ◽

Third Party ◽

Sensitive Information ◽

Central Processor ◽

Smart Metering ◽

Trade Off ◽

Level Data

While smart meters can provide households with more autonomy regarding their energy consumption, they can also be a significant intrusion into the household’s privacy. There is abundant research implementing protection methods for different aspects (e.g., noise-adding and data aggregation, data down-sampling); while the private data are protected as sensitive information is hidden, some of the compulsory functions such as Time-of-use (TOU) billing or value-added services are sacrificed. Moreover, some methods, such as rechargeable batteries and homomorphic encryption, require an expensive energy storage system or central processor with high computation ability, which is unrealistic for mass roll-out. In this paper, we propose a privacy-preserving smart metering system which is a combination of existing data aggregation and data down-sampling mechanisms. The system takes an angle based on the ethical concerns about privacy and it implements a hybrid privacy-utility trade-off strategy, without sacrificing functionality. In the proposed system, the smart meter plays the role of assistant processor rather than information sender/receiver, and it enables three communication channels to transmit different temporal resolution data to protect privacy and allow freedom of choice: high frequency feed-level/substation-level data are adopted for grid operation and management purposes, low frequency household-level data are used for billing, and a privacy-preserving valued-add service channel to provide third party (TP) services. In the end of the paper, the privacy performance is evaluated to examine whether the proposed system satisfies the privacy and functionality requirements.

Download Full-text

Privacy-Preserving Internet of Things: Techniques and Applications

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f8830.088619 ◽

2019 ◽

Vol 8 (6) ◽

pp. 3229-3234 ◽

Cited By ~ 1

Keyword(s):

Cloud Computing ◽

Homomorphic Encryption ◽

Fog Computing ◽

Privacy Preserving ◽

Sensitive Information ◽

Multiparty Computation ◽

Iot Applications ◽

Attribute Based Encryption ◽

Daily Behavior ◽

Iot Devices

Privacy has become an imperative term in the recent technology developments. Lots of data are being collected through every digital activity of users. The expeditious development of IoT applications have raised the concern about the privacy of the IoT systems. The data collected via IoT sensors can reveal the daily behavior of the users, location, and other sensitive information. Hence, it is necessary to preserve the privacy of data collected by IoT devices. A large number of techniques and approaches have been implemented and used in different IoT based applications such as cloud computing based IoT, fog computing based IoT, blockchain based IoT and trajectory applications. In this paper, we present a detailed investigation of the existing approaches to preserve the privacy of data in IoT applications. The techniques like k-anonymity, secure multiparty computation, attribute based encryption and homomorphic encryption are analyzed. Finally, a comparative analysis of privacy preserving techniques with its applications are presented.

Download Full-text

Security and Privacy Challenges of Deep Learning

Deep Learning Strategies for Security Enhancement in Wireless Sensor Networks - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-5068-7.ch003 ◽

2020 ◽

pp. 42-64

Author(s):

J. Andrew Onesimu ◽

Karthikeyan J. ◽

D. Samuel Joshua Viswas ◽

Robin D Sebastian

Keyword(s):

Deep Learning ◽

Differential Privacy ◽

Homomorphic Encryption ◽

Detailed Comparison ◽

Privacy Preserving ◽

Research Field ◽

Security And Privacy ◽

Security Attacks ◽

Privacy Breaches ◽

Comparison Table

Deep learning is the buzz word in recent times in the research field due to its various advantages in the fields of healthcare, medicine, automobiles, etc. A huge amount of data is required for deep learning to achieve better accuracy; thus, it is important to protect the data from security and privacy breaches. In this chapter, a comprehensive survey of security and privacy challenges in deep learning is presented. The security attacks such as poisoning attacks, evasion attacks, and black-box attacks are explored with its prevention and defence techniques. A comparative analysis is done on various techniques to prevent the data from such security attacks. Privacy is another major challenge in deep learning. In this chapter, the authors presented an in-depth survey on various privacy-preserving techniques for deep learning such as differential privacy, homomorphic encryption, secret sharing, and secure multi-party computation. A detailed comparison table to compare the various privacy-preserving techniques and approaches is also presented.

Download Full-text

An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Secure Communication in a Vehicular Ad Hoc Network

Symmetry ◽

10.3390/sym12101687 ◽

2020 ◽

Vol 12 (10) ◽

pp. 1687 ◽

Cited By ~ 1

Author(s):

Mahmood A. Al-shareeda ◽

Mohammed Anbar ◽

Selvakumar Manickam ◽

Iznan H. Hasbullah

Keyword(s):

Secure Communication ◽

Large Scale ◽

Ad Hoc ◽

Privacy Preserving ◽

Authentication Scheme ◽

Security And Privacy ◽

Group Signature ◽

Side Channel ◽

Sensitive Information ◽

Identity Based

The security and privacy issues in vehicular ad hoc networks (VANETs) are often addressed with schemes based on either public key infrastructure, group signature, or identity. However, none of these schemes appropriately address the efficient verification of multiple VANET messages in high-density traffic areas. Attackers could obtain sensitive information kept in a tamper-proof device (TPD) by using a side-channel attack. In this paper, we propose an identity-based conditional privacy-preserving authentication scheme that supports a batch verification process for the simultaneous verification of multiple messages by each node. Furthermore, to thwart side-channel attacks, vehicle information in the TPD is periodically and frequently updated. Finally, since the proposed scheme does not utilize the bilinear pairing operation or the Map-To-Point hash function, its performance outperforms other schemes, making it viable for large-scale VANETs deployment.

Download Full-text

Integrity and Privacy Preserving Data Aggregation Algorithm for WSNs

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.721.732 ◽

2014 ◽

Vol 721 ◽

pp. 732-735

Author(s):

Hua Zhang

Keyword(s):

Data Aggregation ◽

Data Privacy ◽

Chinese Remainder Theorem ◽

Homomorphic Encryption ◽

Privacy Preserving ◽

Message Authentication ◽

Authentication Codes ◽

Integrity Checking ◽

Data Freshness ◽

Simulation Results

This paper proposed an integrity and privacy preserving data aggregation algorithm for WSNs, which is called IPPDA. First, it attached a group of congruent numbers to the sensing data in order to execute integrity checking operated by sink node using Chinese remainder theorem (CRT); then it computed the hash function-based message authentication codes with time and key as the parameters to satisfy data freshness; finally, it adopted a homomorphic encryption scheme to provide privacy preserving. The simulation results show that IPPDA can effectively preserve data privacy, check data integrity, satisfy data freshness, and get accurate data aggregation results while having less computation and communication cost than iCPDA and iPDA.

Download Full-text

BAT—Block Analytics Tool Integrated with Blockchain Based IoT Platform

Electronics ◽

10.3390/electronics9091525 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1525

Author(s):

Chathurangi Edussuriya ◽

Kasun Vithanage ◽

Namila Bandara ◽

Janaka Alawatugoda ◽

Manjula Sandirigama ◽

...

Keyword(s):

Security And Privacy ◽

Sensitive Information ◽

Pharmaceutical Drugs ◽

Case Scenario ◽

Real World Data ◽

Data Set ◽

Pharmaceutical Supply Chain ◽

Iot Platform ◽

Novel Approach ◽

Iot Devices

The Internet of Things (IoT) is the novel paradigm of connectivity and the driving force behind state-of-the-art applications and services. However, the exponential growth of the number of IoT devices and services, their distributed nature, and scarcity of resources has increased the number of security and privacy concerns ranging from the risks of unauthorized data alterations to the potential discrimination enabled by data analytics over sensitive information. Thus, a blockchain based IoT-platform is introduced to address these issues. Built upon the tamper-proof architecture, the proposed access management mechanisms ensure the authenticity and integrity of data. Moreover, a novel approach called Block Analytics Tool (BAT), integrated with the platform is proposed to analyze and make predictions on data stored on the blockchain. BAT enables the data-analysis applications to be developed using the data stored in the platform in an optimized manner acting as an interface to off-chain processing. A pharmaceutical supply chain is used as the use case scenario to show the functionality of the proposed platform. Furthermore, a model to forecast the demand of the pharmaceutical drugs is investigated using a real-world data set to demonstrate the functionality of BAT. Finally, the performance of BAT integrated with the platform is evaluated.

Download Full-text

A Homomorphic Encryption-Based Privacy Preserving Data Aggregation Scheme for Smart Grid

2019 15th International Conference on Computational Intelligence and Security (CIS) ◽

10.1109/cis.2019.00073 ◽

2019 ◽

Author(s):

Zhou Wei-jing ◽

Zhu He-chun ◽

Yao Shi-ying ◽

Li Tong

Keyword(s):

Smart Grid ◽

Data Aggregation ◽

Homomorphic Encryption ◽

Privacy Preserving ◽

Aggregation Scheme

Download Full-text

Two Secure Privacy-Preserving Data Aggregation Schemes for IoT

Wireless Communications and Mobile Computing ◽

10.1155/2019/3985232 ◽

2019 ◽

Vol 2019 ◽

pp. 1-11 ◽

Cited By ~ 4

Author(s):

Yuwen Pu ◽

Jin Luo ◽

Chunqiang Hu ◽

Jiguo Yu ◽

Ruifeng Zhao ◽

...

Keyword(s):

Data Aggregation ◽

Secure Communication ◽

Homomorphic Encryption ◽

Computational Cost ◽

Health Condition ◽

Security And Privacy ◽

Actual Data ◽

Smart Healthcare ◽

Private Data ◽

Noise Data

As the next generation of information and communication infrastructure, Internet of Things (IoT) enables many advanced applications such as smart healthcare, smart grid, smart home, and so on, which provide the most flexibility and convenience in our daily life. However, pervasive security and privacy issues are also increasing in IoT. For instance, an attacker can get health condition of a patient via analyzing real-time records in a smart healthcare application. Therefore, it is very important for users to protect their private data. In this paper, we present two efficient data aggregation schemes to preserve private data of customers. In the first scheme, each IoT device slices its actual data randomly, keeps one piece to itself, and sends the remaining pieces to other devices which are in the same group via symmetric encryption. Then, each IoT device adds the received pieces and the held piece together to get an immediate result, which is sent to the aggregator after the computation. Moreover, homomorphic encryption and AES encryption are employed to guarantee secure communication. In the second scheme, the slicing strategy is also employed. Noise data are introduced to prevent the exchanged actual data of devices from disclosure when the devices blend data each other. AES encryption is also employed to guarantee secure communication between devices and aggregator, compared to homomorphic encryption, which has significantly less computational cost. Analysis shows that integrity and confidentiality of IoT devices’ data can be guaranteed in our schemes. Both schemes can resist external attack, internal attack, colluding attack, and so on.

Download Full-text