Advancing User Privacy in Virtual Power Plants: A Novel Zero-Knowledge Proof-Based Distributed Attribute Encryption Approach
Abstract
:1. Introduction
- We introduce an innovative data protection strategy named attribute-hiding zero-knowledge proof (AH-ZKP). This approach effectively conceals user identities and attributes during authorization and verification processes, enhancing privacy and security.
- Our model innovatively integrates distributed attribute-based encryption (DABE) with multiple attribute management nodes. This design achieves decentralized attribute management, mitigating risks associated with single-point failures and collusion attacks common in centralized systems. We also introduce a decentralized data sharing scheme that preserves the confidentiality of user attribute privacy and ciphertext access policies while also facilitating auditing capabilities.
- The effectiveness of our scheme is demonstrated through its ability to maintain the confidentiality of data, attributes, and access policies. It addresses key privacy concerns in virtual power plants, ensuring secure and private data transactions.
2. Research Background
2.1. Virtual Power Plant
2.2. Zero-Knowledge Proofs
- Completeness: Given correct evidence or a ’witness’, the prover can convincingly demonstrate the truthfulness of the assertion to the verifier with high probability.
- Soundness: A deceptive prover, lacking the correct witness, finds it implausibly challenging to convince the verifier of a false proposition.
- Zero-knowledge: The verifier gains no additional information, apart from the proposition’s validity, from the proof procedure.
3. User Attribute Hiding Model Based on Zero-Knowledge Proof
3.1. Problem Analysis
- ABE reduces encryption overhead as it does not necessitate individual encryption for each recipient, thereby streamlining the process.
- It heightens data security. Even in scenarios of untrustworthy or compromised data servers, ABE ensures information confidentiality.
- ABE supports fine-grained access control, enabling the creation of bespoke access structures tailored to specific scenarios and requirements.
- The design of ABE thwarts collusion attacks by preventing the simultaneous use of different users’ private keys.
3.2. User Privacy Attributes
- Personal information: This includes the user’s name, address, telephone number, email, and other identifying details.
- Power consumption data: Critical data such as real-time power usage, load profiles, and consumption timings.
- Electrical equipment data: Information on the user’s electrical devices, including type, brand, model, and age.
- Behavioral data: Patterns and habits in electricity usage, like usage times and modes.
3.3. Scene Analysis
- Exchange and sharing scenarios: Company data sharing, which is vital for analytics, auditing, or training, entails privacy risks. The de-identification of data is crucial to maintaining privacy integrity during internal exchanges.
- Development and testing scenarios: R&D and testing phases necessitate large volumes of raw data. To prevent privacy breaches, these data must undergo de-identification before being used in these environments.
- External release scenarios: The external dissemination of data, a key facet of the VPP data business, mandates stringent privacy safeguards. This includes the thorough analysis and de-identification of user data, ensuring no privacy leaks occur during external interactions or transactions.
3.4. System Model
- Registration and authentication node (RAN): This node is instrumental during the system’s initialization. It generates a unique identity for each user, which is linked to a randomly generated value. This identity is crucial for user verification across the system, and its one-time activation mechanism, coupled with its autonomy from central authorities, augments the system’s security and reliability.
- Multiple attribute management nodes (AMNs): These decentralized nodes are responsible for specific attribute domains. They generate private keys (SKs) for each attribute, binding these keys to the user’s . This decentralized structure reduces the risks associated with centralized control, such as single-point failures and potential security breaches.
- Data uploader: The uploader employs the distributed attribute-based encryption (DABE) algorithm for encrypting data. DABE is chosen for its efficiency in managing multiple attributes and its capability of enforcing granular access control policies. The uploader encrypts the data and then transmits the ciphertext to the smart contract, which in turn provides the data storage address.
- Data downloader: Utilizing the attribute hiding zero-knowledge proofs (AH-ZKPs), this entity demonstrates compliance with access control policies without revealing specific attribute values. AH-ZKP is pivotal in preserving privacy while facilitating access to data storage addresses. The downloader decrypts the ciphertext using attribute keys, ensuring secure data retrieval.
- Data center (DC): The DC is a nexus between the nodes and data storage. It receives encrypted data from the nodes, stores them, and returns the data storage address. For data retrieval, it verifies download requests through smart contracts and releases the encrypted data upon successful validation, adding an essential security layer.
- Virtual power plant console (VPP): The VPP serves as an intermediary in data transmission. It handles encrypted files from uploaders, verifies attribute commitments against access control policies, and maintains access control lists (ACLs). These ACLs are crucial for tracking commitments and managing data storage, playing a significant role in the system’s data governance.
- Review node (AN): The AN is the system’s audit and compliance overseer. In instances of data disputes or irregularities, the AN intervenes to provide an audit trail, ensuring transparency and accountability in data operations within the virtual power plant.
- Collision-resistant hash function (CRH): We employ the Pedersen hash, which is reliant on the discrete logarithm problem, to ensure anti-collision properties and compatibility with the R within a first-order constraint system (R1CS) required by AH-ZKP.
- Pseudo-random sort function (PSF): This function is designed for anti-collision pseudo-randomness, ensuring distinct outputs for different inputs while maintaining consistency for identical inputs. The PSF plays a crucial role in obfuscating the attribute list (), including sorting and padding operations.
- Attribute Merkle tree: Constructed using CRH, this tree provides a quick verification mechanism for attributes within . It stores the hash values of individual attributes in leaf nodes, with missing nodes filled with zero bytes, optimizing storage by retaining only the root hash value ().
- Attribute commitment COMM: The value of is computed by COMM based on the attribute root and the random number r. is the root of the attribute Merkle tree constructed from . In order to check the access rights, the data uploader and the data visitor need to generate the same value of . The data uploader should secretly send to the data visitor in a secure channel. is computed by the COMM based on the attribute root and the address of the data visitor, thus associating the attribute root with the address of the data visitor and preventing an attacker from using to impersonate a legitimate data visitor through a replay attack.
- NP Statement: The earlier proposed demonstrates that a data visitor possesses the requisite access rights. This statement includes a private input , public input , and , leading to the generation of and through non-interactive commitments.
3.5. Specific Steps
- System initialization. We use data attribute-based encryption (DABE) to encrypt the raw data (RawData) and use AH-ZKP to protect attribute privacy. In DABE, the data are divided into multiple parts and are encrypted and stored on different distributed nodes. Each node only stores a portion of the data, and decryption of the data requires certain attribute conditions to be met. This design distributes data storage and management across multiple nodes, improving data security and reliability. The registration and authentication node (RAN) is used to initialize the public security parameters and keys required for DABE and AH-ZKP, while each attribute management node (AMN) initializes and generates the corresponding public–private key pairs.
- Upload. The data uploader uploads the file data after encrypting them using the DABE algorithm. During encryption, it is necessary to determine the file’s access policy . We use a non-interactive commitment scheme COMM to generate commitments. This means that, given a random number and the secret information , a commitment can be calculated. At the same time, others do not know the content of . When given the random number and the secret information , anyone can verify and confirm their equality. The data uploader sends the commitments and encrypted data (EncData) to the virtual power plant. The system then sends the data to the data center and obtains a storage address. Subsequently, the storage address and the corresponding attribute commitments are sent to the access control list (ACL) to record the upload behavior. The storage address is then returned to the data uploader.
- Verify. The data uploader uses AH-ZKP for permission verification. First, they need to generate attribute commitments based on their own attributes. Then, the uploader also needs to calculate address commitments based on their own addresses, binding the attributes to the user’s address. Finally, the uploader needs to prove the following NP authorization statement to the terminal using AH-ZKP:I have private inputs, an attribute list , , and a random number , and have obtained and through non-interactive commitment.We transform the above statement into a relation generating element R and constrain it to R1CS. We use the Groth16 algorithm to generate the AH-ZKP proof of commitment. The data uploader then forwards it to the node to prove their possession of the relevant attributes. The system will verify the correctness and, upon successful verification, query the ACL to obtain the storage address corresponding to . Subsequently, the node will send the storage address of the encrypted data and the permission credentials for accessing the encrypted data to the data uploader and generate a permission authentication record. The data uploader can then obtain the encrypted data from the data center using the permission credentials.
- Download. When a data accessor downloads data, they send the storage address, the hash value of their own address, and the verified credentials to the data center. Additionally, they also need to send the usage record encrypted with the data uploader’s public key. This record combines the assessor’s identity with their address. After the data center verifies the credentials (which prove that the accessor has the necessary permissions to access the address), the encrypted data (EncData) is returned to the data accessor, and a download record is sent.
- DecData. After receiving the ciphertext, the data accessor sends the and attributes to the relevant attribute management node (AMN). Then, the AMN uses the secret key to generate the corresponding for the attribute i and and returns it to the accessor. With sufficient , the accessor can then decrypt the ciphertext using the DABE algorithm and obtain the original data .
- Audit. When there is an anomaly with the data, the data uploader or relevant nodes can obtain the data download record by reviewing the nodes and decrypt it using the private key . Then, they conduct an operational review based on the record to determine the user responsible for the relevant operations.
4. Security Analysis
4.1. Security Model
- Challenger C initializes the game by sampling a binary random number and setting up two schemes and , with corresponding system models and .
- C permits A to query both schemes and , encompassing operations like upload, verify, download, decdata, and audit. The correspondence between the system models is revealed as and , albeit in a randomized sequence. A’s objective is to ascertain whether the pairings match: for or for .
4.2. Proof of Attribute Indistinguishability
- Challenger C initializes the essential parameters and disseminates the public parameters to adversary A, ensuring the values are predetermined and consistent.
- In , the AH-ZKP key is initialized using , in contrast to the standard , underlining a fundamental divergence in the simulation process.
- Challenger C establishes instances of the scheme for the subsequent interaction.
4.3. Attribute Tamper Resistance Certification
5. Experimental Simulation
6. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Hui, H.; Ding, Y.; Shi, Q.; Li, F.; Yan, J. 5G network-based Internet of Things for demand response in smart grid: A survey on application potential. Appl. Energy 2020, 257, 113–972. [Google Scholar] [CrossRef]
- Zou, Y.; Yang, L. Synergetic dispatch models of a wind/PV/hydro virtual power plant based on representative scenario set. Power Syst. Technol. 2015, 39, 1855–1859. [Google Scholar] [CrossRef]
- Lin, Y.; Miao, S.; Yang, W.; Yin, B.; Tu, Q.; Yw, C. Day-ahead optimal scheduling strategy of virtual power plant for environment with multiple uncertainties. Electr. Power Autom. Equip. 2021, 41, 143–150. [Google Scholar]
- Liu, D.; Fan, Q.; You, H.; Dai, X.; Huang, Y.; Shao, Z. Research status and trends of virtual power plants under electrical Internet of Things. Adv. Eng. Sci. 2020, 52, 10. [Google Scholar]
- Zhang, K.; Ding, G.; Wen, M.; Hui, H.; Ding, Y.; Zhu, J.; Xie, K.; Yu, C.; Zhang, L. Review of optimal dispatching technology and market mechanism design for virtual power plants. Integr. Intell. Energy 2022, 44, 60–72. [Google Scholar]
- Fang, L.; Xu, Y.; Yang, X.; Li, L.; Fu, G.; Chai, Z. Multi-time scale coordinated operation strategy of virtual power plant clusters considering power interactive sharing. Power Syst. Technol. 2022, 46, 642–656. [Google Scholar]
- Liu, S.; Ai, Q.; Zheng, J.; Wu, R. Bi-level coordination mechanism and operation strategy of multitime scale multiple virtual power plants. Proc. CSEE 2018, 38, 753–761. [Google Scholar]
- Belguith, S.; Kaaniche, N.; Russello, G. Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT. In Proceedings of the 2018 IEEE 11th International Conference on Cloud Computing (CLOUD), San Francisco, CA, USA, 2–7 July 2018; Volume 2, pp. 135–146. [Google Scholar]
- Guan, Z.; Yang, W.; Zhu, L.; Longfei, W.U.; Wang, R. Achieving adaptively secure data access control with privacy protection for lightweight IoT devices. Sci. China Inf. Sci. 2021, 64, 14. [Google Scholar] [CrossRef]
- Hur, J.; Noh, K.D. Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems. IEEE Trans. Parallel Distrib. Syst. Publ. IEEE Comput. Soc. 2011, 22, 1214–1221. [Google Scholar] [CrossRef]
- Li, M.; Yu, S.; Zheng, Y.; Ren, K.; Lou, W. Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. IEEE Trans. Parallel Distrib. Syst. 2013, 24, 131–143. [Google Scholar] [CrossRef]
- Khalil, A.; Mbarek, N.; Togni, O. IoT-MAAC: Multiple Attribute Access Control for IoT environments. In Proceedings of the 2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC), Vegas, NV, USA, 10–13 January 2020. [Google Scholar]
- Hayata, J.; Ishizaka, M.; Sakai, Y.; Hanaoka, G.; Matsuura, K. Generic Construction of Adaptively Secure Anonymous Key-Policy Attribute-Based Encryption from Public-Key Searchable Encryption. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 2020, E103.A, 107–113. [Google Scholar] [CrossRef]
- Li, J.; Ai, Q. Operation mode of virtual power plant considering peak regulation auxiliary service. Electr. Power Autom. Equip. 2021, 41, 7. [Google Scholar]
- Zhu, Y.; Yi, Z.; Lu, Q.; Yang, Y.; Li, B.; Xu, Y. Collaborative pricing strategy of virtual power plant and distribution network considering typical scenes. Electr. Power Constr. 2019, 40, 74–85. [Google Scholar]
- Zhong, Y.; Sun, Y.; Xie, D.; Zhai, S. Multi-scenario optimal dispatch of integrated community energy system with power-heating-gas-cooling subsys-tems. Autom. Electr. Power Syst. 2019, 43, 9. [Google Scholar]
- Chen, W.; Sun, R.; Qiu, J.; Chai, Q. Profit allocation and frequency regulation bidding strategy of virtual power plant considering battery cycle life. J. Glob. Energy Interconnect. 2020, 11, 374–384. [Google Scholar]
- Yi, Z.; Xu, Y.; Gu, W.; Wu, W. A Multi-Time-Scale Economic Scheduling Strategy for Virtual Power Plant Based on Deferrable Loads Aggregation and Disaggregation. IEEE Trans. Sustain. Energy 2020, 11, 1332–1346. [Google Scholar] [CrossRef]
- Lv, M.; Lou, S.; Liu, J.; Wu, Y.; Wang, Z. Coordinated optimization of multi—Type reserve in virtual power plant accommodated high shares of wind power. Proc. CSEE 2018, 38, 9. [Google Scholar]
- Qin, Y.; Ge, L.; Bo, W. Swarm intelligence collaborative control and optimiza-tion technology of Energy Internet. Huadian Technol. 2021, 43, 1–13. [Google Scholar]
- Groth, J. On the Size of Pairing-Based Non-interactive Arguments. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, 8–12 May 2016. [Google Scholar]
Nation | Example | Technology Platform | Main Application Scenarios |
---|---|---|---|
America | TransActive Grid blockchain energy project | Ethereum blockchain | Virtual power plant distributed trading system and P2P trading |
Australia | Ecochain | Ethereum blockchain | P2P trading system for PV surplus power |
China | Energy blockchain lab | Hyperledger Fabric | Compressing costs in the virtual power plant trading and clearing process |
Japan | Virtual power plant for solar and storage systems | LO3 Energy proprietary platform | Shared generation to reduce the burden on the grid |
Spain | Blockchain tracking of the electricity distribution supply chain | TrustOS blockchain platform | Markets for renewable energy certification schemes |
Estonia | Virtual power plant project based on power matchmaker | WePower platform | Promoting P2P interactions for clean energy |
South Korea | Virtual power plant based on citizen sharing blockchain | Ethereum blockchain | Reduction of human error in record keeping |
Symbol | Meaning of Symbols |
---|---|
Raw data | |
Coded text | |
Global parameters required by DABE | |
Proof keys and verification keys in zero-knowledge proofs | |
Public–private key pair | |
User address | |
List of properties used in DABE and zero-knowledge proofs | |
Root node of the attribute Merkle tree | |
User attributes | |
DABE key corresponding to | |
Random number | |
Pseudo-random sorting function | |
Collision-resistant hash function | |
Non-interactive commitments | |
AH-ZKP | Zero-knowledge proofs of property hiding |
Non-interactive commitments generated by user attributes and random numbers | |
Non-interactive commitments generated from user attributes and addresses | |
Certificates required to download data | |
Information for data visitors |
Procedure | Time Cost | Space Cost | |
---|---|---|---|
AH-ZKP | Initialization (run only once) | 6.7359 s | Attribute parameter 1 KB |
Prove | 0.7041 s | Attribute Proof 304 B | |
Validate | 0.0067 s | / | |
Total time | 0.7108 s | / | |
DABE | Global parameter initialization | 0.4969 s | / |
AMN initialization (multiple runs required) | 0.3518 s | Public key 1 KB Private key 787 B | |
Key generation (multiple runs required) | 0.0909 s | Attribute key 255 B | |
Encryption | 0.7602 s | Data size 3 KB | |
Decryption | 0.1115 s | / | |
Total time | 1.2351 s | / |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Yang, R.; Gao, H.; Si, F.; Wang, J. Advancing User Privacy in Virtual Power Plants: A Novel Zero-Knowledge Proof-Based Distributed Attribute Encryption Approach. Electronics 2024, 13, 1283. https://doi.org/10.3390/electronics13071283
Yang R, Gao H, Si F, Wang J. Advancing User Privacy in Virtual Power Plants: A Novel Zero-Knowledge Proof-Based Distributed Attribute Encryption Approach. Electronics. 2024; 13(7):1283. https://doi.org/10.3390/electronics13071283
Chicago/Turabian StyleYang, Ruxia, Hongchao Gao, Fangyuan Si, and Jun Wang. 2024. "Advancing User Privacy in Virtual Power Plants: A Novel Zero-Knowledge Proof-Based Distributed Attribute Encryption Approach" Electronics 13, no. 7: 1283. https://doi.org/10.3390/electronics13071283
APA StyleYang, R., Gao, H., Si, F., & Wang, J. (2024). Advancing User Privacy in Virtual Power Plants: A Novel Zero-Knowledge Proof-Based Distributed Attribute Encryption Approach. Electronics, 13(7), 1283. https://doi.org/10.3390/electronics13071283