On Insecure Uses of BGN for Privacy Preserving Data Aggregation Protocols

• Autorzy: Lee Hyang-Sook , Yun Aaram , Lim Seongan , Yie Ikkwon
• Języki publikacji: EN

Abstrakty

EN

The notion of aggregator oblivious (AO) security for privacy preserving data aggregation was formalized with a specific construction of AO-secure blinding technique over a cyclic group by Shi et al. Some of proposals of data aggregation protocols use the blinding technique of Shi et al. for BGN cryptosystem, an additive homomorphic encryption. Previously, there have been some security analysis on some of BGN based data aggregation protocols in the context of integrity or authenticity of data. Even with such security analysis, the BGN cryptosystem has been a popular building block of privacy preserving data aggregation protocol. In this paper, we study the privacy issues in the blinding technique of Shi et al. used for BGN cryptosystem. We show that the blinding techniques for the BGN cryptosystem used in several protocols are not privacy preserving against the recipient, the decryptor. Our analysis is based on the fact that the BGN cryptosystem uses a pairing e : G × G → GT and the existence of the pairing makes the DDH problem on G easy to solve. We also suggest how to prevent such privacy leakage in the blinding technique of Shi et al. used for BGN cryptosystem.

Słowa kluczowe

EN

data aggregation protocol; additive homomorphic encryption; BGN cryptosystem

• Wydawca: IOS Press
• Czasopismo: Fundamenta Informaticae
• Rocznik: 2022
• Tom: Vol. 188 nr 2
• Strony: 91--101
• Opis fizyczny: Bibliogr. 9 poz.

Twórcy

autor

Lee Hyang-Sook

• Department of Mathematics Ewha Womans University Seoul, Republic of Korea

autor

Yun Aaram

• epartment of Cyber Security Ewha Womans University Seoul, Republic of Korea

autor

Lim Seongan

• Department of Mathematics Inha University Incheon, Republic of Korea

autor

Yie Ikkwon

• Department of Mathematics Inha University Incheon, Republic of Korea

Bibliografia

• [1] Boneh D, Goh E, and Nissim K. Evaluating 2-DNF formulas on ciphertexts. TCC 2005. LNCS 3378, 2005. pp. 325-342. doi:10.1007/978-3-540-30576-7 18.
• [2] Bao H, and Lu R. Comment on “Privacy-Enhanced Data Aggregation Scheme Against Internal Attackers in Smart Grid”. IEEE Transactions on industrial informatics, 2016. 12(1):15. doi:10.1109/TII.2015.2500882.
• [3] Fan C-I, Huang S-Y, and Lai Y-L. Privacy-Enhanced Data Aggregation Scheme Against Internal Attackers in Smart Grid. IEEE Transactions on industrial informatics, 2003. 10(1):666-675.
• [4] He D, Kumar N, Zeadally S, Vinel A, and Yang L. Efficient and Privacy Preserving Data Aggregation Scheme for Smart Grid Against Internal Adversaries. IEEE Transactions on smart grid, 2017. 8(5):2411-2417.
• [5] Li X, Liu S, Wu F, Kumari S, and Rodrigues J. Privacy Preserving Data Aggregation Scheme for Mobile Edge Computing Assisted IoT Applications. IEEE Internet of Things Journal, 2019. 6(3):4755-4763
• [6] Shi E, Chan T-H, Chan H, Rieffel E, Chow R, and Song D. Privacy-Preserving Aggregation of Time-Series Data. NDSS 2011. pp. 483-501.
• [7] Wang Z. An Identity-based data aggregation protocol for the smart grid. IEEE Transactions on industrial informatics, 2017. 13(5):2428-2435. doi:10.1109/TII.2017.2705218.
• [8] Wang Z, Xie H, and Xu Y. Security Analysis of an Identity-Based Data Aggregation Protocol for the Smart Grid. ISDDC 2018. LNCS 11317, 2018. pp. 63-73. doi:10.1007/978-3-030-03712-3 6.
• [9] Zeng Z, Liu Y, and Chang L. A Robust and Optional Privacy Data Aggregation Scheme for Fog-Enhanced IoT Network. IEEE Systems Journal, 2022. pp. 11. doi:10.1109/JSYST.2022.3177418