Two Secure Privacy-Preserving Data Aggregation Schemes for IoT

Abstract

As the next generation of information and communication infrastructure, Internet of Things (IoT) enables many advanced applications such as smart healthcare, smart grid, smart home, and so on, which provide the most flexibility and convenience in our daily life. However, pervasive security and privacy issues are also increasing in IoT. For instance, an attacker can get health condition of a patient via analyzing real-time records in a smart healthcare application. Therefore, it is very important for users to protect their private data. In this paper, we present two efficient data aggregation schemes to preserve private data of customers. In the first scheme, each IoT device slices its actual data randomly, keeps one piece to itself, and sends the remaining pieces to other devices which are in the same group via symmetric encryption. Then, each IoT device adds the received pieces and the held piece together to get an immediate result, which is sent to the aggregator after the computation. Moreover, homomorphic encryption and AES encryption are employed to guarantee secure communication. In the second scheme, the slicing strategy is also employed. Noise data are introduced to prevent the exchanged actual data of devices from disclosure when the devices blend data each other. AES encryption is also employed to guarantee secure communication between devices and aggregator, compared to homomorphic encryption, which has significantly less computational cost. Analysis shows that integrity and confidentiality of IoT devices’ data can be guaranteed in our schemes. Both schemes can resist external attack, internal attack, colluding attack, and so on.