阅读说明：本技术 一种群智感知网络中基于隐私保护的数据融合方法 (Data fusion method based on privacy protection in crowd sensing network ) 是由 龙浩 霍娜 于 2019-09-24 设计创作，主要内容包括：本发明提供了一种群智感知网络中基于隐私保护的数据融合方法,系统初始化；任务发布者通过感知平台请求某个位置的感知信息,并将请求发送到云服务器；在获得任务请求之后云服务器根据相应的地理位置将感知任务发送给符合要求的用户；用户完成感知任务后使用他们的私钥对感知数据进行签名并为其添加噪声；云服务器在收到签名的加扰感知数据后,汇总个人数据,并保留用户的签名,然后将汇总结果发送到感知平台；最后,感知平台将获得融合结果解密发送给任务发布者。该方法计算开销、通信开销和存储开销均优于同类方法,能有效降低通信的负担,能对用户的隐私信息进行良好的保护。(The invention provides a data fusion method based on privacy protection in a crowd sensing network, which is characterized in that a system is initialized; a task publisher requests perception information of a certain position through a perception platform and sends the request to a cloud server; after the task request is obtained, the cloud server sends the sensing task to the user meeting the requirement according to the corresponding geographic position; after finishing the perception task, the user signs the perception data by using a private key of the user and adds noise to the perception data; after receiving the scrambled sensing data of the signature, the cloud server summarizes the personal data, reserves the signature of the user and then sends a summarizing result to the sensing platform; and finally, the perception platform decrypts and sends the obtained fusion result to the task publisher. The method has the advantages that the calculation overhead, the communication overhead and the storage overhead are all superior to those of similar methods, the communication burden can be effectively reduced, and the privacy information of the user can be well protected.)

1. A data fusion method based on privacy protection in a crowd-sourcing sensing network comprises a task publisher, a sensing platform, a cloud server and a user, and is characterized by specifically comprising the following steps:

the method comprises the following steps: initialization:

a1: third party certification authority CA operation

a2: CA uses the Shamir secret sharing mechanism, based on the polynomial function sk (x) ═ p + a₁x+a₂x²+…+a_dx^dThe private key p of the BGN is shared to the cloud servers, the cloud server set is defined as CS, for each cloud server CSi in the cloud server set, CA calculates corresponding SK (i), and distributes SK (i) to the cloud servers as the secret key of the cloud servers, namely sk_CS，i＝SK(i)；

a3: users sign their respective perception data with their respective private keys to enable the cloud server to verify, each user registering with the CA, which randomly selects the sk_u，i∈Z_pAs a private key of the user, select

step two: the task publisher requests perception information of a certain position through the perception platform and sends the request to the cloud server:

b1: the task publisher publishes a perception task request to the perception platform, and the perception platform generates a perception task ungrouped S (S) after receiving the perception task request_t，S_n，S₁，S_a) In which S is_tRepresenting the perceived time, S_nRepresenting perceptual content, S₁Representing the perceived position, S_aRepresenting a perceived reward;

b2: the sensing platform first selects a location S₁The cloud server distributes the sensing task S to the corresponding cloud server, and the cloud server screens the user participation sensing task according to the corresponding geographic position to obtain sensing data when receiving the sensing task request;

step three: after finishing the perception task, the user signs the perception data by using a private key of the user and adds noise to the perception data;

c1: user u_iDeciding whether to participate in the sensing task according to the interest of the user, and signing the sensing data according to a formula (1) after the sensing task is finished to generate signed sensing data D_i：

In the formula, r_i∈Z_pA private key randomly selected for the user;

c2: user u_iWill D_i＝(D_i，j) Adding Laplace noise Lap (Delta (f)/epsilon)_j) Generating noisy perceptual data Ψ_jWhere j ═ 1,2, … t, and f denotes the sensitivity of the data, defined according to the perceptual task request, ∈_jIs the privacy budget of the user, t represents the number of users;

c3: user u_iCalculating Lagrange factor beta according to formula (2)_j；

User u_iUsing beta according to equation (3)_jSecret key sk_u，iAnd system public keys g and h are used for psi through BGN encryption system_jEncrypting to obtain ciphertext |_jThen sending the data to a cloud server;

step four: after receiving the scrambled sensing data of the signature, the cloud server summarizes the personal data, reserves the signature of the user, and then sends a summary result to the sensing platform:

setting the whole user set as U, and setting the user set which does not transmit the perception data to the cloud server as U_mAnd the user for sensing data transmission to the cloud server is set as a set U_n，U＝U_m∪U_nFor all ciphertext users u received by the cloud server_i∈U_n；

d1 cloud Server receipt П_jThen, for each user u_i∈U_nCorresponding ciphertext П_jThe cloud server first computes its lagrangian factor β 'according to equation (4)'_j(ii) a Obtaining perception data ciphertext pi 'of the user according to formula (5)'_j；

d2: during the process of user data collection, it is assumed that all users will provide data, and therefore, indices for all users are put in Π_jBeta in (A) to (B)_jIn the computing of (1), consider the case where there are users partially participating in the task that are either unwilling or experiencing a network failure to transmit sensory data to the cloud server, and in order to recover ShamirSecret shared distributed key, delete beta_jThe index of the user transmitting the sensing data to the cloud server is not transmitted, and only the index of the user transmitting the sensing data to the cloud server is reserved;

d3: obtaining a polynomial function SK (x) by using a Lagrange interpolation function according to a formula (6), and calculating a private key p of the SK (x) according to a formula (7);

d4: the cloud server fuses pi 'from multiple users according to formula (8)'_jObtaining an encrypted fusion sensing data ciphertext II, keeping the signature of the user, and then sending the exchange result to a sensing platform;

wherein g ═ g^p；

d4: the sensing platform calculates the discrete logarithm of pi using the basic g ', and then uses Pollard's lambda method at the desired time

2. The method for fusing data based on privacy protection in a crowd sensing network according to claim 1, wherein in step four, d1, after the cloud server receives the sensing data, it checks the user signature, and discards the repeated sensing data when the user submits the same sensing data multiple times and wants to obtain additional rewards.

Technical Field

The invention relates to a data fusion method based on privacy protection in a crowd sensing network.

Background

With the rapid development of mobile smart devices embedded with a large number of sensors, users can carry various wearable mobile devices to collect perception data anytime and anywhere. In this case, the generated sensing data come from different sensing devices and sensing places, and it is crucial to integrate the sensing data from these different sources, so that network traffic consumed by data transmission can be effectively saved, and the information of the user can be hidden in the fusion data to realize privacy protection. While data fusion offers benefits for many practical applications, it still faces some challenges. First, privacy disclosure may occur during data fusion due to the openness of the network and the privacy sensitivity of the perceived data. For example, a malicious attacker may intercept the perception data and obtain user trajectory information. In order to protect the data confidentiality of the user, a data fusion scheme based on homomorphic encryption is proposed by researchers. The existing data fusion technology solves the problems of transmission and privacy protection of multi-source data, but the existing data fusion technology cannot effectively avoid the attack of malicious users, cannot thoroughly protect the privacy information of the users, and brings heavy communication burden.

Disclosure of Invention

Aiming at the problems in the prior art, the invention provides a data fusion method based on privacy protection in the crowd sensing network, and the method has better calculation overhead, communication overhead and storage overhead than similar methods, can effectively reduce the communication burden, and can well protect the privacy information of the user.

In order to achieve the above object, the present invention provides a data fusion method based on privacy protection in a crowd sensing network, which includes a task publisher, a sensing platform, a cloud server and a user, and specifically includes the following steps:

the method comprises the following steps: initialization:

a1 operation of third-party certification Authority CA

Obtaining bilinear tuple related parameters, and then generating the tuple by CA based on BGN encryption system

Wherein g is

P is the private key of the BGN system, h is g^qIs that

A subgroup of<g^n/p>Random generator of (2), CA randomly selects a hash function

Finally, will

As a system public key;

a2 CA uses Shamir secret sharing mechanism based on polynomial function SK (x) p + a₁x+a₂x²+…+a_dx^dSharing the private key p of the BGN to the cloud servers, defining the cloud server set as CS, and defining each cloud server CS in the cloud server set_iCA calculates corresponding SK (i) and distributes SK (i) to cloud server as its key, namely sk_CS,i＝SK(i)；

a3 users sign their own perception data with their own private keys to make the cloud server verifiable, each user registering with the CA, which randomly selects sk_u,i∈Z_pAs a private key of the user, select

As user u_iPublic key of (1), CA will sk_u,iSending to the user, and adding pk_u,iSending the data to a cloud server;

step two: the task publisher requests perception information of a certain position through the perception platform and sends the request to the cloud server:

b1, the task publisher sends the sensing task request to the sensing platform, and the sensing platform receives the sensingGenerating a perception task ungrouped S-after task request (S)_t,S_n,S_l,S_a) In which S is_tRepresenting the perceived time, S_nRepresenting perceptual content, S_lRepresenting the perceived position, S_aRepresenting a perceived reward;

b2 perception platform first selects one to locate at S_lThe cloud server distributes the sensing task S to the corresponding cloud server, and the cloud server screens the user participation sensing task according to the corresponding geographic position to obtain sensing data when receiving the sensing task request;

step three: after finishing the perception task, the user signs the perception data by using a private key of the user and adds noise to the perception data;

c1 user u_iDeciding whether to participate in the sensing task according to the interest of the user, and signing the sensing data according to a formula (1) after the sensing task is finished to generate signed sensing data D_i：

In the formula, r_i∈Z_pA private key randomly selected for the user;

c2 user u_iWill D_i＝(D_i,_j) Adding Laplace noise Lap (Delta (f)/epsilon)_j) Generating noisy perceptual data Ψ_jWhere j ═ 1,2, … t, and f denotes the sensitivity of the data, defined according to the perceptual task request, ∈_jIs the privacy budget of the user, t represents the number of users;

c3 user u_iCalculating Lagrange factor beta according to formula (2)_j；

User u_iUsing beta according to equation (3)_jSecret key sk_u,iAnd system public keys g and h are used for psi through BGN encryption system_jEncrypting to obtain ciphertext II_jThen sending the data to a cloud server;

step four: after receiving the scrambled sensing data of the signature, the cloud server summarizes the personal data, reserves the signature of the user, and then sends a summary result to the sensing platform:

setting the whole user set as U, and setting the user set which does not transmit the perception data to the cloud server as U_mAnd the user for sensing data transmission to the cloud server is set as a set U_n,U＝U_m∪U_nFor all ciphertext users u received by the cloud server_i∈U_n；

d1 reception of pi by cloud server_jThen, for each user u_i∈U_nCorresponding ciphertext Π_jThe cloud server first computes its lagrangian factor β 'according to equation (4)'_j(ii) a Obtaining perception data ciphertext pi 'of the user according to formula (5)'_j；

d2 during the process of collecting user data, assuming that all users will provide data, all users' indices are put in pi_jBeta in (A) to (B)_jIn the calculation of (1), in consideration of a case where there is a part of users participating in the task that are not willing to transmit the perception data to the cloud server due to a network failure, and in order to restore the key distributed by Shamir secret sharing, β is deleted_jThe index of the user transmitting the sensing data to the cloud server is not transmitted, and only the index of the user transmitting the sensing data to the cloud server is reserved;

d3, obtaining a polynomial function SK (x) by using a Lagrange interpolation function according to a formula (6), and calculating a private key p of the SK (x) according to a formula (7);

d4 cloud Server fusing Π 'from multiple users according to equation (8)'_jObtaining an encrypted fusion sensing data ciphertext II, keeping the signature of the user, and then sending the exchange result to a sensing platform;

wherein g ═ g^p；

d4 calculating discrete logarithm of pi using basic g 'and Pollard's lambda method at the expected time

Obtained from n users

Ψ_jAnd then sent to the task publisher.

In step four, d1, the cloud server checks the user signature after receiving the perception data, and discards the duplicate perception data when the user submits the same perception data multiple times and wants to obtain additional rewards.

The method adopts a mode of combining a BGN encryption system and Shamir secret sharing to encrypt the noisy perception data, and the cloud server utilizes the strong computing power of the cloud server to perform safe fusion on the data. The method can resist differential attacks from malicious users and the cloud server, can ensure the collapsibility and safety of the cloud server and the users, and can have acceptable computing overhead, communication overhead and storage overhead on the users and the cloud server. The invention has better calculation overhead, communication overhead and storage overhead than similar methods, can effectively reduce the communication burden, and can well protect the private information of the user.

Drawings

FIG. 1 is a block diagram of the present invention;

FIG. 2 is a schematic flow chart of data fusion of a cloud server according to the present invention;

FIG. 3 is a histogram comparing the key generation times of the method of the present invention, the Bindschaedler method, and the Benhamouda method for different numbers of users;

FIG. 4 is a histogram of encryption times for different numbers of users for the method of the present invention, the Bindschaedler method, and the Benhamouda method;

FIG. 5 is a histogram of fusion times for the method of the present invention, the Bindschaedler method, and the Benhamouda method for different numbers of users;

FIG. 6 is a histogram comparing the communication overhead time of the method of the present invention, the Bindschaedler method, and the Benhamouda method for different numbers of users;

fig. 7 is a histogram comparing the cloud server storage overhead time of the method of the present invention, the Bindschaedler method, and the Benhamouda method for different numbers of users.

Detailed Description

As shown in fig. 1 and 2, a data fusion method based on privacy protection in a crowd sensing network includes a task publisher, a sensing platform, a cloud server, and a user, and specifically includes the following steps:

the method comprises the following steps: initialization:

a1 operation of third-party certification Authority CA

Obtaining bilinear tuple related parameters, and then generating the tuple by CA based on BGN encryption system

Wherein g is

P is the private key of the BGN system, h is g^qIs that

A subgroup of<g^n/p>Random generator of (2), CA randomly selects a hash functionFinally, will

As a system public key;

a 2. in order to share the private key p of BGN to multiple cloud servers, CA uses Shamir secret sharing mechanism based on polynomial function SK (x) p + a₁x+a₂x²+…+a_dx^dSharing the private key p of the BGN to the cloud servers, defining the cloud server set as CS, and defining each cloud server CS in the cloud server set_iCA calculates corresponding SK (i) and distributes SK (i) to cloud server as its key, namely sk_CS,i＝SK(i)；

a 3. to facilitate rewarding users submitting perception data, users sign their respective perception data with their respective private keys to enable authentication by the cloud server, each user registers with the CA, which randomly selects sk_u,i∈Z_pAs a private key of the user, select

As user u_iPublic key of (1), CA will sk_u,iSending to the user, and adding pk_u,iSending the data to a cloud server;

step two: the task publisher requests perception information of a certain position through the perception platform and sends the request to the cloud server:

b1, the task publisher publishes a perception task request to the perception platform, and the perception platform generates a perception task ungrouped S (S) after receiving the perception task request_t,S_n,S_l,S_a) In which S is_tRepresenting the perceived time, S_nRepresenting perceptual content, S_lRepresenting the perceived position, S_aRepresenting a perceived reward;

b2 perception platform first selects one to locate at S_lThe cloud server distributes the sensing task S to the corresponding cloud server, and the cloud server screens the user participation sensing task according to the corresponding geographic position to obtain sensing data when receiving the sensing task request;

step three: after finishing the perception task, the user signs the perception data by using a private key of the user and adds noise to the perception data;

c1 user u_iDeciding whether to participate in the sensing task according to the interest of the user, and signing the sensing data according to a formula (1) after the sensing task is finished to generate signed sensing data D_i：

In the formula, r_i∈Z_pA private key randomly selected for the user;

c2 user u_iWill D_i＝(D_i,j) Adding Laplace noise Lap (Delta (f)/epsilon)_j) Generating noisy perceptual data Ψ_jWhere j ═ 1,2, … t, and f denotes the sensitivity of the data, defined according to the perceptual task request, ∈_jIs the privacy budget of the user, t represents the number of users;

c3 user u_iCalculating Lagrange factor beta according to formula (2)_j；

User u_iUsing beta according to equation (3)_jSecret key sk_u,iAnd system public keys g and h are used for psi through BGN encryption system_jEncrypting to obtain ciphertext II_jThen sending the data to a cloud server;

step four: as shown in fig. 4, after receiving the scrambled sensing data of the signature, the cloud server summarizes the personal data, retains the signature of the user, and then sends the summary result to the sensing platform:

setting the whole user set as U, and setting the user set which does not transmit the perception data to the cloud server as U_mAnd the user for sensing data transmission to the cloud server is set as a set U_n,U＝U_m∪U_nFor all ciphertext users u received by the cloud server_i∈U_n(ii) a In order to tolerate the condition that some users cannot transmit perception data to the cloud server and simultaneously the perception platform can decrypt the fused ciphertext, the BGN encryption system and the Shamir secret sharing are combined;

d1 reception of pi by cloud server_jThen, for each user u_i∈U_nCorresponding ciphertext Π_jThe cloud server first computes its lagrangian factor β 'according to equation (4)'_j(ii) a Obtaining perception data ciphertext pi 'of the user according to formula (5)'_j；

d2 during the process of collecting user data, assuming that all users will provide data, all users' indices are put in pi_jBeta in (A) to (B)_jIn the calculation of (1), in consideration of a case where there is a part of users participating in the task that are not willing to transmit the perception data to the cloud server due to a network failure, and in order to restore the key distributed by Shamir secret sharing, β is deleted_jThe index of the user transmitting the sensing data to the cloud server is not transmitted, and only the index of the user transmitting the sensing data to the cloud server is reserved;

d3, obtaining a polynomial function SK (x) by using a Lagrange interpolation function according to a formula (6), and calculating a private key p of the SK (x) according to a formula (7);

d4 cloud Server fusing Π 'from multiple users according to equation (8)'_jObtaining an encrypted fusion sensing data ciphertext II, keeping the signature of the user, and then sending the exchange result to a sensing platform;

wherein g ═ g^p；

d4 calculating discrete logarithm of pi using basic g 'and Pollard's lambda method at the expected time

Obtained from n users

Ψ_jAnd then sent to the task publisher.

In step four, d1, the cloud server checks the user signature after receiving the perception data, and discards the duplicate perception data when the user submits the same perception data multiple times and wants to obtain additional rewards.

And (3) safety analysis:

1. user's perplexity security

The method can ensure the perplexity safety of the user and the cloud server. Although each user's perception data adds random noise, if the noisy data is obtained by other malicious users, they can infer approximate perception data and thus private information about the user. In order to ensure that the perception data of the user cannot be leaked to other malicious users, the method uses the secret key of the user to encrypt the noisy data. Each user u_iIs secret key sk_u,iGenerated by Shamir secret sharing, and unavailable to other users and cloud serversThis key. In this way, the method can ensure that the privacy of each user is not acquired by other users. Meanwhile, the loss safety of the cloud server can be ensured, namely the cloud server can only obtain the fused sensing data result but cannot obtain the sensing data of a single user. In the scheme, when and only when the cloud server fuses a plurality of perception ciphertexts, the decryption element h of the BGN encryption system can be obtained^pTo decrypt the fused data. Thus, although the cloud server can obtain the ciphertext, it cannot obtain the perception data of a single user. In addition, the cloud server for decrypting the fusion data does not need to be distributed with decryption keys, so that the key management burden of the system is reduced, and stronger safety is ensured.

2. Differential privacy and correctness of perceptual data

The method can ensure the differential privacy of the user. According to the system model of the method, when a malicious attacker and a cloud server acquire background information of a user, the malicious attacker and the cloud server may intentionally acquire personal privacy information from the user through differential attack. In this scheme, the user first adds noise to the perceptual data, and the perceptual data D is converted into a digital signal_jConversion to Ψ_j＝f(D_j)+Lap(Δ(f)/ε_j). From the definition of differential privacy, Ψ is known_jSatisfies epsilon_jDifferential privacy. Secondly, the scrambled perceptual data Ψ_jII for converting into ciphertext_jThe common rationale for differential privacy proposed in Daniel Kifer: invariance of the transformation, meaning that ε is satisfied_jAfter the data set with differential privacy is encrypted, epsilon can be satisfied_jDifferential privacy. In the data fusion process on the cloud server of the scheme, the cloud server can obtain the noisy perception data. Should prove that

Π_jDifferential privacy and correctness can also be satisfied, i.e., the result of the noise addition can theoretically be considered as real data. Differential privacy and correctness can be demonstrated as follows.

1) Differential privacy. Let D₁,D₂,…,D_tIs user u₁,u₂,…,u_tSigned perceptual data, scrambled data Ψ₁,Ψ₂,…,Ψ_tThe perception data fused on the cloud server can become

Ψ_jWherein Ψ_j＝f(D_j) + Lap (Δ (f)/ε) ensures ε difference privacy with privacy sensitivity Δ (f). Δ (f)/ε is the independent Laplace distribution with a standard deviation of 2(Δ (f)/ε)²Is obtained by

Δ(f)/ε_jClose to tLap (Δ (f)/ε). Let Δ (f) 'be the sensitivity of the new data set, and the differential privacy value be ε'_j,

Is the standard deviation. Δ (f)' -t Δ (f) is easily obtained. At the same time

And

from

2(Δ(f)′/ε′_j)²＝2t(Δ(f)/ε_j)²(9)

Can obtain the product

Namely, it is

Ψ_jSatisfy the requirement of

Differential privacy of (1).

2) And (4) correctness. Although the sensing data is firstly subjected to noise adding processing and is fused in the cloud server to protect the privacy of the user and ensure that the user and the cloud server are not interfered, the final fusion result can be ensured to reflect the realityThe fusion information of (1). The final fused perceptual data is

Ψ_j. Since it obeys the random distribution of the noise of the laplacian function, the expected value of the final fused perceptual data can be calculated.

Wherein

Δ(f)/ε_jClose to nLap (Δ (f)/ε), one can calculate

Thereby to obtain

Is expected value of

This is a true fusion result of the perceptual data. It can thus be demonstrated that under privacy preserving conditions, noisy fused perceptual data can be considered as authentic fused perceptual data.

Performance analysis:

the application adopts an ONE simulator^[15]As a simulation experiment platform, a Helsinz city map is selected as a scene to carry out a simulation experiment, 500 nodes are randomly generated in an area within the range of 400m x 400m, the transmission distance of the nodes is 50m, a Windows 8 operating system is adopted, a CPU is an Intel (R) core (TM) i5-34703.20GHz, an 8G memory is adopted, and the experiment is carried out based on a cryptography library JPBC library. Compared with the method of the Bindschaedler and the method of the Benhamouda, the method is similar to the method of the Bindschaedler, so that comparison experiments are carried out on the two methods in the aspects of calculation overhead, communication overhead and storage overhead of different entities, and the average value is obtained after at least 1000 rounds of all experimental results.

1. Data computation overhead

In the method, each user is in a group

Perform 1 exponential operation T_expTo sign its perception data. The data is signed by a user and then is subjected to noise adding processing, the sensing data is encrypted by using a secret key of the data, and 1 multiplication operation T is required_mul1 exponential operation. The user computing overhead is 2T in total_exp+T_mul. After receiving the ciphertext from the user, the cloud server fuses the ciphertext. In the process, the cloud server calculates the Lagrangian factor beta 'of the ciphertext transmitted by the user'_jThe operation is

The arithmetic operation in (1) can be omitted. For each ciphertext'_jCloud server in group

The above 1 exponential operation is performed. For t ciphertexts, the cloud server is in the group

Perform t times of exponential operation on

Discrete logarithm operation of T_plm. For t ciphertexts, the computing overhead of the cloud server is

Table 1 compares the computational overhead of the present method with the comparative method.

TABLE 1 computational overhead comparison

1) Time of key generation

In this scheme, the CA initializes the system anda key is generated for the user. First, two large prime numbers p and q, two addition groups are generated

And groupWhere the order is n ═ pq, bilinear map e, generator g, and generator h ═ g^qA subgroup of (a). Second, the CA distributes key p of the BGN cryptosystem to multiple users using Shamir's secret sharing. In the Bindschaedler method, a trusted authority generates a key for a user based on a Paillier crypto system. In the Benhamouda method, a CA generates an addition group and a generation element thereof, and keys of a user and a cloud server. Fig. 3 illustrates the key generation overhead of the CA. The key generation overhead increases as the number of users increases. As can be seen from the figure, the Bindschaedler method key generation time increases sharply as the number of users increases, and the method takes the key generation time as efficiently as the Benhamouda method.

2) Encryption time

Fig. 4 shows the perceived data encryption time overhead for a user. It can be observed that the perceptual data encryption overhead of users in the Bindschaedler method increases as the number of users increases. However, in the method, when the number of users increases, the encryption calculation overhead of the user-perceived data remains stable. Meanwhile, the user encryption calculation time of the scheme is much saved compared with that of the Bindschaedler method, because the user in the Bindschaedler method needs to encrypt the sensing data for 1 time by using the public key of each user, the safety of the fusion data is ensured. However, the method only needs to encrypt the sensing data 1 time, which is close to and slightly lower than the Benhamouda method, and has similar high efficiency.

Fig. 5 illustrates the fusion overhead of data on a cloud server. Data aggregation overhead on the cloud server increases as the number of users increases, because as more users join the system, the cloud server needs to aggregate the perception data of more users. Compared with the Bindschaedler method, the method has lower cost. Since each user needs to encrypt a plurality of ciphertexts in the Bindschaedler method, aggregation of cloud servers is required. In the method, the cloud server only aggregates one ciphertext corresponding to each user. Compared with the Benhamouda method, the cloud server in the method consumes a little more time than the cloud server in the Benhamouda method. In order to tolerate the condition that part of users cannot transmit the perception data to the cloud server in the method, the secret sharing of Shamir and the perception data encryption are combined, and after ciphertext of a plurality of users is received, the cloud server calculates the Lagrangian coefficient for each user. However, since the cloud server has a powerful computing function, it can be considered that the data fusion overhead on the cloud server is acceptable in the present method.

2. Communication overhead

Fig. 6 shows the communication overhead between the user and the cloud server. It can be observed that the Bindschaedler method has a much higher communication overhead than the method. In the Bindschaedler method, a user transmits a ciphertext to a cloud server multiple times. And simultaneously, the cloud server sends the fused ciphertext back to the user. In addition, the user decrypts the fused ciphertext and sends it back to the cloud server. However, the communication overhead in the method depends on only one communication, that is, the user sends its ciphertext to the cloud server, which is similar to and slightly lower than the communication overhead of the Benhamouda method.

3. Storage overhead

As shown in fig. 7, the storage overhead of the cloud server is substantially constant as the number of users increases, while the storage overhead of the Bindschaedler method increases as the number of users increases, and is much higher than the storage overhead of the method and the Benhamouda method.