Identity-Based Verifiable Aggregator Oblivious Encryption and Its Applications in Smart Grids

Abstract

Verifiable aggregator oblivious encryption is a useful notion that not only allows an untrusted aggregator to compute aggregated data without learning any other information but also requires the aggregator to generate a proof of the aggregated data so that anyone can verify the accuracy. Since the aggregator does not learn data that may reveal users' private information and also cannot forge the aggregated data, verifiable aggregator oblivious encryption is suitable for privacy-preserving smart metering. However, NIST has recommended not using public-key-based cryptography in the smart grid because public-key cryptography cannot provide sufficient scalability. Thus, we propose a notion of identity-based verifiable aggregator oblivious encryption and design concrete schemes in this paper. We prove the aggregator oblivious security and aggregator unforgeability of our schemes via the smooth projective hash function and computational Diffie-Hellman assumption. Furthermore, based on our identity-based verifiable aggregator oblivious encryption scheme, we propose an identity-based data aggregation protocol for the smart grid and provide a security analysis in the context of seven typical attacks on smart grids. The implementation of our protocol via the Intel Edison platform shows that it is sufficiently lightweight for resource-constrained smart meters.