Research On Secure Data Aggregation Technology Based On Homomorphic Encryption In Wireless Sensor Networks

In recent years,with the rapid development and extensive application of wireless communication technology,sensor technology,low-power embedded technology,and a series of related technologies,the practicability and reliability of wireless sensor networks have been greatly promoted,and wireless sensor networks have been widely used in a variety of domains,such as environmental monitoring,military target tracking,natural disaster relief,health care,etc.However,the resource-constrained characteristic of sensor nodes limits the further development of wireless sensor network in a certain extent.As an effective means of energy conservation in wireless sensor networks,data aggregation technology can effectively remove the redundant data in the network,reduce the packet transmission,and thus be beneficial to improve the network's overall operation rate and prolong the life cycle of the network.However,hostile deployment environment makes the wireless sensor networks expose varieties of security issues in data confidentiality and integrity.Attackers can subvert the system security through eavesdropping,modification,forgery and other malicious behaviors.Therefore,secure data aggregation is a practical meaningful research topic in the research field of wireless sensor networks.This thesis carries out secure data aggregation research in wireless sensor networks from the two aspects:end-to-end data confidentiality and end-to-end data integrity.Data confidentiality ensures that data cannot be accessed by unauthorized entities during transmission while data integrity protects the aggregation data or results from being corrupted.Besides,with secure data aggregation,saving energy consumption is also taken into consideration.The major contributions of this thesis are summarized as follows:(1)On the basis of a summary of existing data aggregation technologies,the thesis proposes a recoverable secure data aggregation scheme for limited aggregation functions problem.In the scheme,the base station can recover the original sensing data,which makes it possible that the base station can perform arbitrary aggregation operations without the constraints of aggregation functions.This scheme employs symmetric homomorphic encryption algorithm to protect end-to-end data confidentiality and utilizes an efficient identity-based signature schemes to protect end-to-end data integrity.The difference between this scheme and other data aggregation schemes is that the aggregation nodes are not only responsible for aggregating data from their member nodes,but also verifying these data and thus achieving in-network false data filtering.Besides,aggregators sign on their messages to ensure authorized aggregation.This way,the base station can identify the origin and validity of messages received.Theoretical analysis results show that the proposed scheme can protect end-to-end data confidentiality and end-to-end data integrity,and at the same time greatly reduce energy consumption.(2)Based on the extensive research and analysis on other data aggregation schemes,in view of the problem that it is difficult for the base station to decrypt the aggregation data,an efficient and secure data aggregation scheme based on OU homomorphic encryption algorithm is proposed.The scheme uses OU homomorphic encryption algorithm to protect end-to-end data confidentiality,uses MAC to achieve in-network false data filtering,and utilizes the homomorphic MAC algorithm to protect end-to-end data integrity.Unlike other schemes,in this scheme the base station can still quickly decrypt and obtain the original data even though the aggregation results are large,while other solutions may not be able to decrypt ciphertexts or the base station is being busy decoding and thus system may become paralyzed.In addition,each cluster's data packet reaching the base station is individually authenticated so that if data authentication of one cluster fails,only the data of the cluster will be discarded.Unlike other schemes,once the authentication fails,all data including all of the valid data will be abandoned,namely,all data need retransmission,which exceedingly wastes the energy of nodes.Analysis results show that the proposed scheme can protect end-to-end data confidentiality and end-to-end data integrity,greatly decrease the computation cost of the sensor nodes and have lower decryption delay compared with the related researches.