Computers, Materials & Continua DOI:10.32604/cmc.2022.023907
Article

Multi-dimensional Security Range Query for Industrial IoT

Abdallah Abdallah1, Ayman A. Aly2, Bassem F. Felemban2, Imran Khan3 and Ki-Il Kim4,*

1School of Engineering Technology, Al Hussein Technical University (HTU), Amman, 11831, Jordan
2Department of Mechanical Engineering, College of Engineering, Taif University, Taif, 21944, Saudi Arabia
3Department of Electrical Engineering, University of Engineering and Technology Peshawar, Pakistan
4Department of Computer Science and Engineering, Chungnam National University, Daejeon, 34134, Korea
*Corresponding Author: Ki-Il Kim. Email: kikim@cnu.ac.kr
Received: 26 September 2021; Accepted: 02 November 2021

Abstract: The Internet of Things (IoT) has allowed for significant advancements in applications not only in the home, business, and environment, but also in factory automation. Industrial Internet of Things (IIoT) brings all of the benefits of the IoT to industrial contexts, allowing for a wide range of applications ranging from remote sensing and actuation to decentralization and autonomy. The expansion of the IoT has been set by serious security threats and obstacles, and one of the most pressing security concerns is the secure exchange of IoT data and fine-grained access control. A privacy-preserving multi-dimensional secure query technique for fog-enhanced IIoT was proposed in light of the fact that most existing range query schemes for fog-enhanced IoT cannot provide both multi-dimensional query and privacy protection. The query matrix was then decomposed using auxiliary vectors, and the auxiliary vector was then processed using BGN homomorphic encryption to create a query trapdoor. Finally, the query trapdoor may be matched to its sensor data using the homomorphic computation used by an IoT device terminal. With the application of particular auxiliary vectors, the spatial complexity might be efficiently decreased. The homomorphic encryption property might ensure the security of sensor data and safeguard the privacy of the user's inquiry mode. The results of the experiments reveal that the computing and communication expenses are modest.

Keywords: Internet of things; data security; ciphertext; privacy encryption

1  Introduction

The Internet of Things (IoT) is regarded as the third revolution in the development of the information technology industry after computers and the Internet. Relying on the rapid development of smart homes, Internet of Vehicles (IoV), smart medical care, and smart grids based on the IoT, the era of the Internet of Everything (IoE) has arrived [1–5]. The latest statistics from the Statista website show that it is expected to exceed 30 billion interconnected devices in 2020 [6–10].

Countless smart terminals in the IoT transmit the massive amounts of data they sense through complex information and communication channels to data centers with huge data storage and processing capabilities, which can be abstracted as a “terminal transmission pipeline cloud” architecture, which also corresponds to the IoT three logical levels: perception layer, transmission layer and application layer [11–14]. Because of its ubiquitous network, comprehensive perception, reliable transmission, and intelligent processing, the characteristic elements are becoming more prominent, causing the IoT to face very severe security challenges [15].

The IIoT is the integration of the IoT system and the industrial automation system. It has the characteristics of comprehensive perception, interconnected transmission, and intelligent processing. It is one of the main development directions of the IoT technology in the future [16]. One of the important tasks of the IIoT application system is to analyze and process the sensor data of the IoT devices. If all the sensor data of the IoT devices are collected in the control center for processing, not only may the system be delayed due to network congestion, but also it will expose the system to the risk of a single point of failure [17–20]. The edge computing model that has emerged in recent years can effectively alleviate the performance bottlenecks and security risks that exist in the traditional centralized computing model by making full use of the computing power of the network edge devices [21–25]. By deploying fog devices at the edge of the IIoT, the sensor data in the IoT can be preprocessed on the edge of the network to improve the quality of service (QoS) [26–30].

The protection of sensor data of IoT devices is one of the important issues that need to be considered in fog-enhanced IIoT systems [31]. For example, in a fog-enhanced industrial Internet system, operation and maintenance personnel need to monitor whether the IoT devices in the system are operating normally, that is, query whether the sensor data of the IoT devices is in a reasonable range to determine their operating status. For security considerations, sensor data and query results cannot be leaked to any other unauthorized parties during the query process, so a secure data query plan must be designed [32]. In terms of data security query, many scholars have considered outsourcing the query of encrypted data. For example, the authors in [33] used Bloom filters to build a query index, which realized the fuzzy multi-keyword sort range query of encrypted data. The authors in [34] proposed a range query method that integrates bucket partitioning, identity authentication and verification code technologies for the data query problem in a two-layer wireless sensor network (WSN). The authors in [35] studied the multi-dimensional confidential range query of outsourcing data, and proposed an individualized query scheme with flexible permissions. In recent years, the range query for non-outsourced encrypted data has attracted the attention of researchers. For example, Reference [36] proposed a range query matrix method, and designed a single-dimensional security range query scheme using homomorphic encryption technology. Existing research on range query that supports privacy protection features mainly focuses on the query range and the confidentiality of the query subset that meets the conditions. Multi-dimensional query is not supported, and the communication overhead is relatively high.

Because some large-scale IoT devices in the IIoT have many different types of sensors, the monitoring of their status requires multiple sensor data belonging to the device, that is, multi-dimensional data query, while the traditional data query can only use multiple queries will increase the system's computing and communication costs. Therefore, it is necessary to design a multi-dimensional data query solution for the IIoT. In addition, the confidentiality of sensor data and the protection of user query mode need to be considered when designing the scheme. Constructing multi-dimensional data-oriented query trapdoors and matching based on homomorphic encryption is a feasible idea to solve this problem, such as the Boneh-Goh-Nissim (BGM) encryption algorithm [37] and the algorithm proposed by Reference [38]. The user performs confidential processing of the query range to form a query trapdoor. After receiving the query trapdoor in the form of ciphertext, the IoT device matches its own sensor data, and uses the self-blindness of the homomorphic encryption algorithm to form a new sensor data and report the ciphertext to the fog device. The fog device collects the ciphertext of the sensor data that meets the conditions submitted by the IoT device to which it belongs, and returns the collected result to the inquiring user for calculation and decryption.

This paper proposes a multi-dimensional security range query solution with privacy protection features for the fog-enhanced IIoT. The solution uses query interval matrix generation, decomposition and reconstruction based on auxiliary vectors, and other methods to reduce the storage and communication costs. Then, uses the homomorphic encryption to achieve privacy protection. The proposed algorithm first maps the range of n-dimensional data involving multiple different dimensions and different starting points to a query matrix. The size of the matrix is determined by the total query interval size and is not affected by the required query dimension. Second, construct multiple auxiliary vectors to decompose and reconstruct the matrix. Third, we used the BGN homomorphic encryption to design the query trapdoor generation and matching. Finally, the feasibility and performance of the proposed and existing schemes are verified and analyzed through simulation experiments.

2  Pre-Knowledge

This section introduces the two basic mathematical methods used in the proposed algorithm, namely the large composite number N=pq-order bilinear mapping e:G×G→GT and the BGN homomorphic encryption algorithm.

2.1 Large Composite Order Bilinear Mapping

Let p,q be two large prime numbers of the same length, that is, their bit length |p| = |q|. Let N=pq, when there is a computable mapping relationship e that satisfies the following three properties between the group G and e:G×G→GT, the mapping e(G,GT) can be called composite order bilinear mapping.

1)   Bilinear. For any (g,h)∈G2, a,b∈ZN and e(ga, hb)=e(g,h)ab.

2)   Non-degenerate. There exists g∈G, so that e(g,g) is on the group GT of order N.

3)   Computability. There is an efficient algorithm, when (g,h)∈G, all e(g,h)∈GT are computable.

The large composite order bilinear parameter generator CGen(K) is a probabilistic algorithm, which takes the safety parameter K as an input value and outputs a five-tuple (N, g, G, GT, e). Among them, N=pq, p and q are prime numbers of 2 K bits. G and GT are two groups of order N. g∈G is a generator of order N of group G. e:G×G→GT is a non-degenerate, bilinear mapping that can be calculated efficiently.

Let g be a generator of G, then h∈gq∈G can generate a p-order subgroup Gp={g0,g1,…,gp−1}, and g^{\prime}=g∈G can generate a q-order subgroup Gq=Gp={g′0,g′1,…,g′q−1}. At this time, the problem of sub-group decision (SGD) on the group G [39] can be expressed as: given a five-tuple (N, g, G, GT, e), if the element x is randomly from the group G or its subgroup Gq is selected, it is difficult to determine whether x is an element in Gq. If this problem is established, the security of the BGN homomorphic encryption algorithm is guaranteed [40–46].

2.2 BGN Homomorphic Encryption Algorithm

The BGN homomorphic encryption algorithm is a well-known fully homomorphic encryption algorithm, which consists of three phases, namely the key generation, encryption and decryption.

1)   Key Generation Phase

Given the safety parameter K, the composite order bilinear mapping parameter group (N, g, G, GT, e) is generated by the generator CGen(K). Here N=pq, where p, q are prime numbers of two K bits, G and GT are two groups of order N, and g∈G is a generator of order N of group G. Let h=gq, h is a random generator of order p of G. At this time, the public key pk = (N, G, GT, e, g, h), and the secret key sk = p.

2)   Encryption Phase

Suppose the message space which contains only integers and whose capacity is determined by the specific application S^ = {0, 1,…, Δ}, Δ ≪ q. When encrypting m∈S^, select a random number r∈ZN, then the ciphertext c = E(m, r) = gmhr∈G.

3)   Decryption Stage

Given the ciphertext c = E(m, r) = gmhr∈G, the plaintext can be recovered with sk. Observation shows that cp = (gmhr)p = (gp)m, if you want to decrypt m, it is equivalent to solving the discrete logarithm problem of cp with gp as the base, and since 0≤m≤Δ, the time to solve this problem using the Pollard lambda algorithm and the complexity is O(Δ).

In addition, the BGN homomorphic encryption algorithm has self-blindness, that is, given the ciphertext E(m, r) ∈G, E(m, r+r′) = E(m, r)hr′∈G is valid ciphertext of m.

The BGN homomorphic encryption algorithm has the following homomorphic characteristics.

a)   Additive homomorphism on group G. Given E(m1, r1) ∈ G and E(m2, r2) ∈G, we have

E(m1,r1)E(m2,r2)=E(m1+m2,r1+r2)∈G(1)

For the sake of simplicity, the random number term can be ignored and rewritten as E(m1)E(m2)=E(m1+m2)∈G.

b)   Multiplicative homomorphism on group G. Given E(m1,r1)∈G, and m2 ∈ Ŝ, there are E(m1,r1)m2=E(m1m2,r1m2)∈G, that is, E(m1)m2=E(m1m2)∈G.

c)   Multiplicative homomorphism from group G to group GT. Given E(m1)∈G and E(m2)∈G, e(E(m1),E(m2))=ET(m1m2)∈GT.

d)   Additive homomorphism on the group GT. Given ET(m1)∈GT and ET(m2)∈GT, ET(m1)ET(m2)=ET(m1+m2)∈GT.

e)   Multiplicative homomorphism on the group GT. Given ET(m1)∈GT, m2 ∈ Ŝ, E(m1)m2=E(m1m2)∈GT.

3  Multi-Dimensional Query Scheme with Privacy Protection Features

The proposed algorithm is an aggregation query solution for various fog-enhanced IIoT. The multi-dimensionality in this article means that the sensor data of an IoT device is composed of data of multiple different dimensions. The data includes water temperature, voltage, volume, material allowance, etc. According to actual needs, it may be necessary to query the sensor data of different dimensions of the device at the same time. For example, in a factory, the average value of water temperature, voltage, volume, and material remaining can be counted, which cannot only understand and predict the operating status of the equipment in time, but also provide a basis for optimizing the production process.

It should be noted that in the actual IIoT environment, data have different dimensions and accuracy. For example, power consumption data, water consumption data, etc. may have decimals. Since each IoT device is unlikely to change its detection accuracy through software means such as over the air (OTA) upgrades after manufacturing, in order to simplify the calculations and adapt to the needs of multi-dimensional queries, the proposed algorithm is as follows. The sensing data with an accuracy of less than 1 needs to be converted when participating in the calculation. For example, the value of the power sensor data at a certain time node is 10.37 W. In the calculation, multiply it by 100, which becomes 1037 and then perform range query. In this way, the range query of multiple dimensions can be realized without loss of accuracy. In fact, the amplification factor of a certain dimension of data can be written into the device when it is deployed.

3.1 System Model

There are three types of entities in the proposed scheme, namely, fog equipment at the edge of the network, IIoT equipment D = {D1, D2, …, DN} located within the jurisdiction of fog equipment, and query users. The proposed model is shown in Fig. 1.

Figure 1: Proposed system model

1)   Industrial Internet of Things equipment D = {D1, D2, …, DN} is a collection of a group of devices, which are distributed in each specific domain. Each IoT device not only has the ability to detect and collect specific data, but also has the ability to transmit data, so that each IoT device Dk can periodically report sensor data to fog devices in its domain.

2)   The fog equipment in the model of this paper is located at the edge of the network, and each fog equipment has its own jurisdiction. This jurisdiction can be determined according to specific application scenarios, such as a production equipment, a workshop, or even a factory area. The fog device can collect and calculate the sensor data of the device within its jurisdiction, and complete the query request sent by the user. Compared with IoT devices, fog devices have stronger computing and storage performance, and can complete sensing data collection and response to IoT devices in real time.

3)   In the model of the solution in this paper, the query user can directly generate multiple-dimensional range queries and send them to the fog device to obtain the required data from the fog device. For example, the user may want to know how many device sensor data within the range of fog devices can satisfy dimension 1, range [B1, T1], dimension 2, range [B2, T2], …, dimension m, range [Bm, Tm]. The sensor data of which devices meet the conditions. What is the average value of sensor data in each dimension of the device that meets the conditions? The fog device can collect the sensory data that meets the conditions fed back from all devices within the jurisdiction, and then generate the correlation degree based on the feedback data, and finally return the correlation degree and sensor data to the user.

3.2 Multi-Interval Query Matrix

The proposed algorithm is improved on the basis of the single query interval matrix algorithm, so that the multi-dimensional range query can be matrixed while maintaining low communication overhead. Through observation, it can be found that any given query interval can be decomposed into two types of rows, namely partial rows (PR) and continuous rows (CR). Fig. 2 shows the query matrix after the mapping of two query intervals, the dark gray part is PR, and the light gray part is CR. This matrix structure provides the possibility to further compress the matrix. In general, a typical query interval can be decomposed to get two PR and one CR.

Figure 2: The query matrix after the mapping of two query intervals

Suppose the total number of query intervals is n. First, define four special auxiliary vectors.

1)   Xk = (xk1, xk2,…, xkn). The generation rule is that when the i-th row elements in the k-th matrix are all 1, set xki = 0; otherwise, xki = 1.

2)   Yk= (yk1, yk2,…, ykn). The generation rule is that when there is at least one 1 in the j-th column of the k-th matrix, set ykj = 0; otherwise, yki = 1.

3)   Xk′=(xk1′,xk2′,…,xkn′). The generation rule is, when the i-th row element in the k-th matrix contains at least one 1, set xki′=0; otherwise, xki′=1.

4)   Yk′=(yk1′,yk2′,…,ykn′). The generation rule is, all ykj′=1.

This article deals with incomplete rows and continuous rows in the matrix respectively. First, split the incomplete rows corresponding to n query intervals into multiple matrices R1, R2,…, R2n independently, and split all consecutive rows into a matrix RC, as shown in Fig. 3. Obviously, the original query matrix R = R1 ∪ R2 ∪…∪ R2n ∪ RC.

Figure 3: Query the split result of the matrix

Construct the vectors Xk, Yk, Xk′, Yk′ of all split matrices, and generate new matrices 1−XkTYk and Xk′TYk′. According to the vector generation rules, each element in the two newly generated matrices can be expressed as

{R1−XkTYk(i,j)=1−xkiykjRXk′TYk′(i,j)=xki′ykj′=xki′(2)

At this time, all elements in the matrix can be obtained through vector operations. Use Rk to represent the matrix related to incomplete rows, and use RC to represent the matrix related to continuous rows. The AND operation of the matrix is expressed as a bitwise AND operation, and the matrix OR operation is expressed as a bitwise OR operation and sorted into a vector multiplication. The form of sum vector addition is shown in Eq. (3).

R(i,j)=(∨k=12nRk(i,j))∨RC(i,j)=∨k=12n(R1−XkTYk(i,j)∧RXk′TYk′(i,j))=∨k=12n((1−xkiykj)∨xki′ykj′)∧((1−xCiyCj)∨xCi′yCj′)=∑k=12n⁡(1−xkiykj)xki′ykj′+(1−xCiyCj)xCi′yCj′(3)

Among the 8n + 4 vectors involved in the operation, there are 4n + 1 vectors whose elements are all 1, and donot need to be calculated and stored, namely {X1,X2,…,X2n,Y1′,Y2′,…,Y2n′,YC′}. Further, the elements in YC are all 0, and no storage and calculation are required. Therefore, only need to calculate and store {Y1,Y2,…,Y2n,X1′,X2′,…,X2n′,XC′,XC} a total of 4n + 2 vectors to complete the calculation and matrix reconstruction. For any element R(i,j) in the matrix, since ykj′=1,xki=1(k=1,2,…,2n), and yCj=0, yCj′=1, its value can be calculated by Eq. (4).

R(i,j)=∑k=12n⁡(1−ykj)xki+xCi={1,R(i,j)inthequeryinterval0,Othercases(4)

After calculation, it can be seen that the vector XC has no effect in the reconstruction, and the final number of vectors required is 4n + 1.

3.3 Data Query Process

The program flow of the proposed method is mainly composed of three parts. First, the key management server generates the query key, distributes the private key to the user, and the public key to the fog device FDi. When the user performs a data range query, the private key is used to encrypt the query range and query dimension to generate a trapdoor, and send it to the fog device FDi. Then, after receiving the query trapdoor and query dimension ciphertext from the user, the fog device sends the query trapdoor to the IoT device under its jurisdiction for query. After the IoT device calculates the result ω of this query, it sends it to the fog device for aggregation. The fog device obtains ζ through aggregation and calculation and feeds it back to the user. Finally, the user calculates and decrypts the received ζ, and the query result can be obtained. The whole process is shown in Fig. 4. The following will specifically introduce the process of this article.

Figure 4: System flow

To facilitate the description of the data query process, the main parameters used in the process structure are listed in Tab. 1.

1)   Key Generation

Given the security parameter K, the key management server generates a composite order bilinear mapping parameter set (N, g, G, GT, e) by the generator CGen(K). Where N = pq, p, q are two K bit random prime numbers, G, GT are two N-th order groups, g ∈ G is an N-th order generator of group G, e:G × G→GT is large Composite order bilinear mapping. Set h = gq, then h is a random generator of order p of G. The key management server generates public key pk = (N, G, GT, e, g, h), private key sk = p. After that, the key management server distributes the private key sk to the inquiring user, and distributes the public key pk to all fog devices FDi, and the fog device delivers to the IoT devices in its jurisdiction. The user sets its own message space as Ŝ = {0, 1,…, Δ}, Δ ≪ q.

2)   Query Trapdoor Generation

For each certain use scenario, the number and type of dimensions involved in each query initiated by the user are determined. In the proposed scheme, the number of dimensions of the data to be queried is set to n, that is, the number of intervals that users query is n. It should be noted that the query intervals [Bquery, Tquery] referred to in the process are all multiplied sensing data intervals. The IoT has also performed the same multiplication processing on the data, so the data multiplication process will not be repeated. The trapdoor generation of a range query consists of the following steps.

a)   Data Mapping and Conversion. Set any query dimension of this query as the first interval, and then determine the starting point of each interval in the query sequence according to the following rules. Among them, li is the interval length of the i-th interval.

P1start=0

P2start=l1+l1=2l1

P3start=2l1+l2+l2=2(l1+l2)

⋮⋮

Pnstart=2∑i=1n−1⁡li(5)

That is, the starting point of any i-th interval is the position after the end point of the (i − 1)-th interval is increased by one interval length to prevent multiple intervals from being connected and forming too many CR blocks. After determining the starting point, the ending point of any i-th interval is

Piend=Pistart+li=2∑t=1i−1⁡lt+li(6)

For a query interval [Bqueryi,Tqueryi], the k-th element uik in the query interval satisfies

uik=Bqueryi+k(7)

The data offset βi of the query interval can be determined by the starting point of the query interval. After the offset, the k-th element in the query interval is vik, then βi and vik satisfy the condition shown in Eq. (8).

βi=Bqueryi−Pistart

vik=uik+βi(8)

Determine the matrix order m from the end point of the last query interval, and then construct the m-order query matrix R. In order to map the query interval to the query matrix R, map vik to the matrix element R(i, j), as shown in Eq. (9).

m=⌈Pnend⌉

vik→(i−1)m+j

R(i−1)={1,Bquery′≤(i−1)m+j≤Tquery′0,other(9)

The order m of the matrix is determined by the end point of the last query interval rather than the upper bound of a single query interval, so the storage space requirement of each vector has nothing to do with the upper bound of a single interval of multi-dimensional query, only the length of all query intervals and related, the storage overhead is O(m).

b)   Vector Generation and Encryption. After generating the query matrix R, according to the method described in Section 3.2, the corresponding vectors X, Y, X′, Y′ are generated from the query matrix, and the required 4n + 1 vectors are selected for storage and encryption. which is

2n for Yk=(yk1,yk2,…,ykm)

2n for Xk=(xk1′,xk2′,…,xkm′)

XC′=(xC1′,xC2′,…,xCm′)(10)

For the convenience of calculation, the vector Yk is used to further construct the vector Y¯k, as shown in Eq. (11).

Y¯k=(y¯k1=1−yk1,y¯k2=1−yk2,…,y¯km=1−ykm)(11)

According to Eq. (4), all elements R(i,j) in the query matrix can be represented by the elements in the vector

R(i,j)=∑k=12n⁡(1−ykj)xki′+xCi′=∑k=12n⁡y¯kjxki′+xCi′(12)

The user selects 2n + 1 random numbers r1, r2,…, r2n+1 to encrypt all 4n + 1 vectors to obtain

E(Y¯)={E(Y¯1),E(Y¯2),…,E(Y¯i)},i=1,2,…2n

E(X′)={E(X′1),E(X′2),…,E(X′i)},i=1,2,…2n

E(X′C)=(gxC1′hr2n+1,gxC2′hr2n+1,…,gxCm′hr2n+1)

where

E(Y¯i)={E(Y¯i1),E(Y¯i2),…,E(Y¯im)}={gyi1′hri,gyi2′hri,…,gyim′hri}

E(X′i)={E(X′i1),E(X′i2),…,E(X′im)}={gxi1′hri,gxi2′hri,…,gxim′hri}(13)

In order to meet the needs of multi-dimensional query, two values need to be added to the original E(Y¯i), namely the queried dimension γi and the offset βi required by the vector during operation.

E′(Y¯i)=(γi,βi,E(Y¯i1),E(Y¯i2),…,E(Y¯im))(14)

Calculate the hash value Hi of the processed vector.

H={H1,H2,…,Hi}

Hi=Hash(E′(Y¯i)||E(X′i)||E(X′C))

E′(Y¯)={E′(Y¯1),E′(Y¯2),…,E′(Y¯i)}

E(X′)={E(X′1),E(X′2),…,E(X′i)}

α={E′(Y¯),E(X′),E(X′C),H}(15)

At this point, the query trapdoor α is generated. Send it to the fog device FDi, and then send it to each IoT device Dk in its domain for query. In addition, the user also needs to generate and send the dimensional ciphertext ET(n) required for this query to the fog device FDi.

ET(n)=e(E(n),E(1))(16)

3)   Processing on the Device Side of the IoT

Corresponding to the dimension identifier γ sent by the user terminal, each IoT device Dk has its own dimension identifier γk′. The IoT device sequentially extracts E′(Y¯i) in the query trapdoor α sent by the user and its corresponding hash value Hi for calculation and comparison. First, the IoT device calculates and compares the Hi sent by the user. If they are consistent, the dimension identifier γi in this vector is taken from E′(Y¯i) and compared with the dimension identifier γk′ of the device itself. After comparison, the IoT devices screen out queries that meet their own dimensions, and extract related vectors from the query trapdoor together and form a queryVector for the next step of calculation. The specific process is shown in Algorithm 1. The time complexity of Algorithm 1 is O(n) and is related to the number n of E(Y¯i) vectors sent by the user to query the trapdoor.

After obtaining the queryVector, the IoT device first extracts the offset βk of this query from it to offset its own sensor data vk∗, obtain the offset value vk′, and use it. The ElementShift function gets its position (i, j) in the matrix. At this time, the IoT device extracts the corresponding vector from the queryVector according to (i, j) for calculation. The specific process is shown in Algorithm 2. Each IoT device only needs to execute once, and the time complexity is O(1).

For the ck and sk described in Algorithm 2, there are

ck=e(E(y¯1j),E(x1i′))e(E(y¯2j),E(x2i′)),e(E(y¯Cj),E(xCi′))e(g,h)rk1=ET(y¯1jx1i′+y¯2jx2i′+xCi′)=ET(Rk(i,j))

sk=ckvk∗e(g,h)rk2=ET(Rk(i,j))vke(g,h)rk2=ET(Rk(i,j)vk∗)(17)

By executing Algorithms 1 and 2, the sensor data vk∗ of the IoT device can be converted into the mapping ck of the corresponding position of the query matrix in the GT group, so that a query is completed. In addition, the actual sensor data of the IoT device can also be returned through sk in the case of query matching. After completing the calculation, send ωk to the fog device FDi of the domain to which the IoT device belongs.

4)   Treatment of Fog Equipment

After the fog device FDi receives the ωk from the k subordinate IoT devices, it extracts the result ck of the n-dimensional query by the IoT device from it and calculates it. The fog device multiplies all dimensional data ck. According to the homomorphism of the BGN algorithm, the result obtained is the sum of all the results fed back on the k dimensions. The matching degree σi of this query of FDi is sent to the user for this sum value. The difference of the encrypted query dimension information ET(n). The FDi constructs σi and all the values of ωk into ξi and sends it to the user. The specific process is shown in Algorithm 3. The time complexity O(n) of Algorithm 3 is related to the number k of IoT devices to which the fog device FDi belongs.

5)   User Analysis Data

After the user receives the data ξi sent by FDi, first extract the query matching degree value σi and decrypt it. If and only if σi=0, the result returned by the fog device FDi completely matches the query. The user multiplies the completely matched data returned by the fog device by the sub-dimensions, and calculates the number of completely matched devices. The specific process is shown in Algorithm 4. The time complexity is related to the number n of fog equipment FDi, which is O(n).

At this time, VD is the number of valid data returned. After decrypting Sγ, the sum of the data that meets the query conditions under the dimension γ can be obtained. After processing, the unmatched ξi are all set to 0, and the remaining elements come from the fog device that has returned valid data, and the specific fog device that has returned valid data can be located.

4  Safety Analysis

This section analyzes the security of the solution in this article, including forward security, backward security, privacy protection, unlinkability and other key security features, and introduces some attack modes designed for encryption range query solutions in recent years. The security of the proposed scheme is analyzed in the face of these attack modes.

4.1 Forward and Backward Safety

Assuming that the adversary A obtains the private key sk = p used in a certain query, it can only decrypt the ciphertext of the current query. Since each time a query is made, the user will use the newly generated public and private key to query, the adversary A can only know the security parameter K used by the user to generate the key using the private key sk = p, and cannot be calculated from this. Any information of the key previously generated by the user cannot decrypt any previously queried data except the current queried data. Therefore, the proposed scheme satisfies forward and backward security.

4.2 Privacy Protection in Query Mode

Suppose that adversary A intercepts the trapdoor used by user U in a certain query α={E(Y¯i),E(X′),E(X′C),H}, because it can only be obtained in public key pk = (N, G, GT, e, g, h) and the encrypted information ET(n) of the total dimension of the current query, so it cannot decrypt the specific content of the query trapdoor, and cannot know the current total number of query dimensions for each query. Furthermore, due to the semantic security of the BGN algorithm, the attacker cannot distinguish the content of the encrypted vector in the trapdoor, nor can it analyze the user's query rules by intercepting the trapdoor multiple times.

In addition to the adversary A, the IoT device Dk and the fog device FDi also cannot know the specific information of the query trapdoor. Because the proposed scheme is different from the traditional query solution, as it uses homomorphic encryption calculation to replace the traditional comparison process. Dk determines its original sensor data vk∗ according to the query offset β and extracts the corresponding encryption in the query trapdoor for calculation. In this process, Dk cannot obtain the specific value of the query interval [Bk, Tk]. In the solution, FDi only aggregates the feedback ωk sent by the devices running in the IoT domain where it is located, and cannot know the specific query intervals in each dimension. Therefore, the query trapdoor in this paper will not reveal any useful information, such as query mode, query interval, etc., and the privacy of the query trapdoor is protected.

4.3 Sensing Data Confidentiality

Assume that adversary A intercepts the message ωk sent by the IoT device Dk to the fog device FDi in a certain query. Since it cannot obtain information other than the public key and the total number of dimensions in the current query in the public information, it cannot decrypt ωk. It is impossible to know whether Dk satisfies this query or obtain the original sensor data vk∗ of Dk. Since the IoT device uses different random numbers when sending information to the fog device, the adversary A cannot analyze any useful information by intercepting ωk multiple times.

Suppose that the adversary A intercepts the message ξi sent by the fog device FDi to the user. Since it cannot obtain the private key sk = p, it cannot decrypt ξi, and cannot obtain the IoT devices that meet the query conditions and their sensor data vk∗. Same as the foregoing, the introduction of random numbers makes it impossible for adversaries to analyze and learn useful information such as query rules by intercepting ξi multiple times.

In addition to the adversary A, the fog device FDi cannot learn the raw sensor data of the IoT device Dk vk∗ whether the query is satisfied. After FDi receives Dk's feedback ωk, since it can only master the public key pk, it cannot decrypt the specific content of ωk, and cannot know whether Dk meets this query or obtains the original sensor data vk∗ of Dk. Therefore, no party other than the inquiring user and the IoT device can obtain the sensor data vk∗ of the IoT device, and the confidentiality of the sensor data is guaranteed.

4.4 Unlinkability

In the proposed method, due to the use of random numbers, all query trapdoors generated by user U are random. Even if two or more query trapdoors are sent by the same user, external attackers cannot determine whether these queries come from the same user, which means that the attacker cannot associate two different queries to a specific user. Therefore, the proposed solution provides unlinkability, and the attacker cannot associate the identity of the queryer by intercepting the query trapdoor.

4.5 Query Trapdoor Integrity

In order to prevent data integrity damage that may occur during data transmission, in the proposed solution, when user U generates a query trapdoor, paired query vectors E(Y¯i), E(Xi′) and E(XC′) connect and calculate the message fingerprint Hash (E(Y¯i)||E(Xi′)||E(XC′)), and the generated hash value is sent to each IoT device Dk. Before extracting the content of a certain set of encrypted vectors, Dk first uses the hash value to verify the message. If the verification fails, the set of vectors is regarded as a damaged vector and discarded. In this way, the data integrity of the query trapdoor is guaranteed.

4.6 Key Update

In the proposed solution, the query process for the sensor data of IoT devices is essentially a BGN-based homomorphic encryption calculation process. The process does not involve decryption operations. The IoT devices and fog devices only need to know the system public key pk and the private key sk is only in the hands of the inquiring user. Therefore, there are fewer entities involved in key management and update, and the cost of key management is lower.

4.7 Protection Against Other Attack Methods

In addition to the above-mentioned common types of security attacks, in recent years, there have been a variety of attacks against encryption range queries. Among them, Reference [40] attacked encrypted data query by means of access mode disclosure. Reference [41] attacked the deterministic encryption (DTE) and order preserving encryption (OPE) methods in the attribute scheme, and used encrypted information and public auxiliary data to complete the plaintext recovery. Reference [42] defined two basic sources of leaks, such as access mode leaks and communication capacity leaks, and developed a universal one that is applicable to any system that supports range query and whose access mode or communication capacity is leaked. Reference [43] proposed an improved replay attack on encrypted data using the data leaked in the range query, including query mode and sorting information.

Different from the database query scenarios discussed in [40–43], the proposed scheme mainly considers the range query with privacy protection features in the fog-enhanced IIoT, which is an aggregate privacy protection query. The proposed scheme can protect the privacy of the upper and lower bounds in the range query and the subset of devices that meets the query conditions, and will not reveal the related information such as query mode and keyword frequency. In addition, for any range query, the data volume of the query results returned by the proposed scheme is the same, and no flow information will be leaked. Therefore, the proposed scheme can resist the above-mentioned several typical attacks on the security range query.

5  Performance Analysis

This section analyzes and compares the performance of the proposed scheme with the existing similar schemes, mainly including the comparison of the calculation and communication overheads of the query trapdoor generation phase and the server query phase. All simulation experiments were carried out on a notebook computer configured with Intel i7-9750H 2.60 GHz, 16 GB memory, and running Windows 10 system, using Java Math's large number calculation library and JPBC library [44] to implement the algorithm. In addition, the operations that consume less time for addition operations, hash operations, etc., are ignored in the comparison.

5.1 Computational Overhead

5.1.1 Computational Overhead at Each Stage

For convenience, define Tm, To, Tp, and Tem to represent the time cost of single integer multiplication, integer modular power, bilinear mapping, and point multiplication on elliptic curves, respectively. Let l be the length of the query interval in each dimension, k is the total number of dimensions, and q is the upper bound of a single query interval. For solutions that only support single-dimensional queries, such as the Reference [36] solution, a multi-dimensional query is treated as multiple single-dimensional queries. Tab. 2 shows the comparison of the computational cost of each stage.

Both the proposed scheme and Reference [36] method involve the IoT devices directly at the edge of the network to participate in the query, so the sensor data does not need to be encrypted and stored on the server, and the encryption phase does not generate computational overhead.

5.1.2 Full-Dimension Query Calculation Cost

This section considers the computational cost of querying data of all dimensions for each query when the total number of dimensions is certain. Suppose the total number of dimensions k = 10, the length of the query interval l = 36, and the upper bound of the query interval q = 50. Then the References [36,44–46] algorithms and the proposed algorithm takes about 22.641, 15.864, 20.191, 21.638 and 20.360 ms to complete a full-dimensional query.

Fig. 5 shows the comparison result of the calculation cost of the full-dimension query of the specified dimensions for the scheme in this paper and the existing schemes. Among them, the proposed algorithm and Reference [36] schemes introduces the bilinear mapping operations in the query process, and the computational cost is higher than that in [44,45] that uses the integer encryption operations, but References [44–46] schemes need to encrypt and send the sensor data to a third-party data storage server in advance, this process will inevitably have time delay and generate encryption overhead. The scheme in [36] do not need to encrypt and send sensor data, and support users to query sensor data in real time. It only supports single-dimensional query, so the overall computational cost is higher than the propose scheme when multi-dimensional query is performed.

Figure 5: Comparing the calculation cost of full-dimensional query

5.1.3 Partial Dimensional Query Calculation Cost

Partial dimension quantity query means that when the total number of dimensions is certain, each query only queries the sensor data of part of the dimensions. Assuming that the total number of dimensions k = 10, the query interval length l = 36, and the upper bound of the query interval q = 50, part of the dimension queries with dimensions 5, 7, and 9 are performed respectively. Fig. 6 shows the comparison results of the calculation cost of the proposed scheme and the existing schemes when performing partial dimension query. It should be noted that, considering that even if part of the dimension query is performed, the amount of data stored by the data storage server should be the same as that of the full-dimensional query. Therefore, for a solution that needs to encrypt and store sensor data, the encryption overhead is still equivalent to full-dimensional query. Although the proposed algorithm and literature [36,46] all uses the bilinear mapping operation, the query stage overhead is high, but because the proposed and Reference [36] schemes are for real-time query of sensor data, they do not needs to be encrypted and stored in advance, so when fewer dimension queries are performed under the condition of a given total number of dimensions (5, 7 queries), the overall computing overhead is still lower than that of a solution that requires encrypted storage of sensor data. Since Reference [36] only supports single-dimensional query, it needs to repeatedly send query trapdoors when performing multi-dimensional query, and its overall computational cost is also higher than the proposed scheme.

Figure 6: Comparing the calculation cost of different dimensions

5.1.4 Computational Overhead for Querying with Different Interval Lengths

The query of different interval length means that when the total number of dimensions, the upper limit of the query interval length, and the upper limit of the query interval are certain, each query only queries the finite interval length. Suppose the total number of dimensions k = 10, the upper limit of the query interval length l = 100, and the upper limit of the query interval q = 100. When querying 25%, 50%, and 75% length intervals respectively, the proposed algorithm and the query of different interval lengths refer to the case of the total number of dimensions, the upper limit of the query interval length, and the upper limit of the query interval, each query only queries the finite interval length. Suppose the total number of dimensions’ k = 10, the upper limit of the query interval length l = 100, and the upper limit of the query interval q = 100. When querying 25%, 50%, and 75% length intervals respectively, compare the proposed scheme with existing schemes when completing a query calculation cost, and the result is shown in Fig. 7.

Figure 7: Comparing the computational cost of queries with different interval lengths

According to the analysis of the calculation cost of the query of the number of dimensions in this article, it can be seen that for the storage scheme that needs to encrypt the original sensor data, the encryption cost is the same as the calculation cost of the full-dimensional query. Except for the proposed and Reference [36] schemes, the computational cost of the other three schemes is not related to the length of the query interval, but is related to the total number of query dimensions. However, due to References [44–46] schemes, the original sensor data needs to be encrypted and stored in advance, so that when the query interval length is large and the total number of dimensions is high, the overall computational cost is relatively high. The Reference [36] scheme does not support multi-dimensional queries, and repeatedly sends single-dimensional query trapdoors when performing multi-dimensional queries. It uses more vectors than the proposed scheme, and the computational cost is higher.

5.2 Communication Overhead

This section compares the communication overhead of the proposed scheme and the existing schemes. Set the total number of dimensions k = 10, the length of the query interval l = 36, and the upper bound of the query interval q = 50 full-dimensional query, and compare the communication overhead of the whole process of different schemes. In order to compare the communication overhead of each scheme fairly, the following assumptions are made.

1)   The security parameters (or key length) of each scheme are 128 bits.

2)   The hash algorithm used in each scheme is SHA-1, therefore, the hash digest length of each scheme is 160 bits.

3)   The random numbers used in each scheme are all 64 bits.

The communication process of the proposed scheme mainly lies in the sending stage of query trapdoor, the stage of fog device feedback from IoT devices and the stage of user feedback query from fog devices. Since the proposed scheme is to vectorize the query matrix, the communication overhead of the query trapdoor is relatively large, and the overhead of the other stages is relatively small. The communication cost of the query trapdoor generated of the proposed scheme during the sending phase of the query trapdoor is about 31016 B, the communication cost of the fog device phase of the IoT device feedback is about 1365 B, and the communication cost of the fog device feedback query user part is about 1370 B, a total of about 33751 B. Tab. 3 shows the communication overhead of the scheme in this article and the comparison scheme.

Reference [44] scheme uses a homomorphic encryption algorithm in the integer domain improved from the SHE encryption scheme. Under the same conditions, the ciphertext length is small, but its algorithm is susceptible to noise in the ciphertext. When the noise in the ciphertext is large, it affects the decryption process. Reference [45] scheme has a slightly lower communication overhead than the proposed scheme, however this and Reference [44] schemes encrypt sensor data and query the data transmitted to the server, and it requires two servers to participate in the calculation, and the transmission delay is too large to realize the real-time query of sensor data. Reference [46] scheme query trapdoor is smaller in size, which makes its communication cost lower than the proposed and Reference [36] schemes, but its computational cost is high, and it does not support real-time query of sensor data. Reference [36] scheme that provides real-time data query only supports single-dimensional query, and multiple queries need to be initiated when querying a multi-dimensional sensor data, and its communication overhead is higher than the solution in this paper.

In summary, the proposed algorithm achieves a good balance in computing overhead, communication overhead, and support for multi-dimensional query features.

6  Conclusion

In this paper, a multi-dimensional security query scheme with privacy protection features with high communication efficiency is designed for the fog-enhanced industrial Internet of Things. The proposed scheme uses the BGN homomorphic encryption algorithm to encrypt the query trapdoor, and integrates matrix decomposition and reconstruction technology to protect the privacy of the query mode, while ensuring that the sensor data will not be leaked to unauthorized parties. Security analysis and simulation experiments show that the scheme in this paper can maintain a low level of computing and communication costs while ensuring multiple security features and multi-dimensional query functions. The next step will further optimize the proposed scheme, such as further improving communication efficiency and reducing communication overhead.

Acknowledgement: Taif University Researchers Supporting Project Number (TURSP-2020/260), Taif University, Taif, Saudi Arabia

Funding Statement: This study was supported by the Institute for Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korean government (MSIT) (No. 2019-0-01343, Training Key Talents in Industrial Convergence Security).

Conflicts of Interest: The authors declare that they have no conflicts of interest to report regarding the present study.

References

 1.  Y. Sun, J. Liu, J. Wang, Y. Cao and N. Kato, “When machine learning meets privacy in 6G: A survey,” IEEE Communications Surveys & Tutorials, vol. 22, no. 4, pp. 2694–2724, 2020. [Google Scholar]

 2.  T. Huang, W. Yang, J. Wu, J. Ma, X. Zhang et al., “A survey on green 6G network: Architecture and technologies,” IEEE Access, vol. 7, pp. 175758–175768, 2019. [Google Scholar]

 3.  A. A. Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari and M. Ayyash, “Internet of things: A survey on enabling technologies, protocols, and applications,” IEEE Communications Surveys & Tutorials, vol. 17, no. 4, pp. 2347–2376, 2015. [Google Scholar]

 4.  M. A. Garadi, A. Mohammed, A. K. Ali, X. Du, I. Ali et al., “A survey of machine and deep learning methods for internet of things (IoT) security,” IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1646–1685, 2020. [Google Scholar]

 5.  S. Li, L. Li, B. Xu, Y. Feng and H. Zhou, “Research of a reliable constraint algorithm on MIMO signal detection,” International Journal of Embedded Systems, vol. 12, no. 2, pp. 13–26, 2020. [Google Scholar]

 6.  J. Gojal, E. Monteiro and J. S. Silva, “Security for the internet of things: A survey of existing protocols and open research issues,” IEEE Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1294–1312, 2015. [Google Scholar]

 7.  K. Tange, M. D. Donno, X. Fafoutis and N. Dragoni, “A systematic survey of industrial internet of things security: Requirements and foq computing opportunities,” IEEE Communications Surveys & Tutorials, vol. 22, no. 4, pp. 2489–2520, 2020. [Google Scholar]

 8.  S. Bashir, M. H. Alsharif, I. Khan, M. A. Albreem, A. Sali et al., “MIMO-terahertz in 6G nano-communications: Channel modeling and analysis,” Computers, Materials & Continua, vol. 66, no. 1, pp. 263–274, 2020. [Google Scholar]

 9.  F. Jameel, T. Ristaniemi, I. Khan and B. M. Lee, “Simultaneous harvest-and-transmit ambient backscatter communications under Rayleigh fading,” EURASIP Journal on Wireless Communications and Networking, vol. 19, no. 1, pp. 1–9, 2019. [Google Scholar]

10. Q. Alsafasfeh, O. A. Saraereh, A. Ali, L. A. Tarawneh, I. Khan et al., “Efficient power control framework for small-cell heterogeneous networks,” Sensors, vol. 20, no. 5, pp. 1–14, 2020. [Google Scholar]

11. K. M. Awan, M. Nadeem, A. S. Sadiq, A. Alghushami, I. Khan et al., “Smart handoff technique for internet of vehicles communication using dynamic edge-backup node,” Electronics, vol. 9, no. 3, pp. 1–17, 2020. [Google Scholar]

12. W. Shahjehan, S. Bashir, S. L. Mohammed, A. B. Fakhri, A. A. Isaiah et al., “Efficient modulation scheme for intermediate relay-aided IoT networks,” Applied Sciences, vol. 10, no. 6, pp. 1–12, 2020. [Google Scholar]

13. B. M. Lee, M. Patil, P. Hunt and I. Khan, “An easy network onboarding scheme for internet of things network,” IEEE Access, vol. 7, pp. 8763–8772, 2018. [Google Scholar]

14. O. A. Saraereh, A. Alsaraira, I. Khan and B. J. Choi, “A hybrid energy harvesting design for on-body internet-of-things (IoT) networks,” Sensors, vol. 20, no. 2, pp. 1–14, 2020. [Google Scholar]

15. T. Jabeen, Z. Ali, W. U. Khan, F. Jameel, I. Khan et al., “Joint power allocation and link selection for multi-carrier buffer aided relay network,” Electronics, vol. 8, no. 6, pp. 1–15, 2019. [Google Scholar]

16. M. Waqas, Y. Niu, Y. Li, M. Ahmed, D. Jin et al., “A comprehensive survey on mobility-aware D2D communications: Principles, practice and challenges,” IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1863–1886, 2020. [Google Scholar]

17. M. Ahmed, Y. Li, M. Waqas, M. Sheraz, D. Jin et al., “A survey on socially aware device-to-device communications,” IEEE Communications Surveys & Tutorials, vol. 20, no. 3, pp. 2169–2197, 2018. [Google Scholar]

18. F. S. Shaikh and R. Wismuller, “Routing in multi-hop cellular device-to-device (D2D) networks: A survey,” IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 2622–2657, 2018. [Google Scholar]

19. M. Haus, M. Waqas, A. Y. Ding, Y. Li, S. Tarkoma et al., “Security and privacy in device-to-device (D2D) communication: A review,” IEEE Communications Surveys & Tutorials, vol. 19, no. 2, pp. 1054–1079, 2017. [Google Scholar]

20. O. Hayat, R. Ngah, S. Z. M. Hashim, M. H. Dahri, R. F. Malik et al., “Device discovery in D2D communication: A survey,” IEEE Access, vol. 7, pp. 131114–131134, 2019. [Google Scholar]

21. A. Asadi, Q. Wang and V. Mancuso, “A survey on device-to-device communication in cellular networks,” IEEE Communications Surveys & Tutorials, vol. 16, no. 4, pp. 1801–1819, 2014. [Google Scholar]

22. B. M. Elhalawany, R. Ruby and K. Wu, “D2D communication for enabling internet-of-things: Outage probability,” IEEE Transactions on Vehicular Technology, vol. 68, no. 3, pp. 2332–2345, 2019. [Google Scholar]

23. I. Loannou, V. Vassiliou, C. Christophorou and A. Pitsillides, “Distributed artificial intelligence solution for D2D communication in 5G networks,” IEEE Systems Journal, vol. 14, no. 3, pp. 4232–4241, 2020. [Google Scholar]

24. P. Pawar, A. Trivedi and M. K. Mishra, “Outage and ASE analysis for power controlled D2D communication,” IEEE Systems Journal, vol. 14, no. 2, pp. 2269–2280, 2020. [Google Scholar]

25. F. Qamar, M. U. A. Siddiqui, M. H. D. Hinidia, R. Hassan and Q. N. Nguyen, “Issues, challenges, and research trends in spectrum management: A comprehensive overview and new vision for designing 6G networks,” Electronics, vol. 9, no. 9, pp. 1–124, 2019. [Google Scholar]

26. Y. R. B. Al-Mayouf, N. F. Abdullah, O. A. Mahdi, S. Khan, M. Ismail et al., “Real-time intersection-based segment aware routing algorithm for urban vehicular networks,” IEEE Transactions on Intelligent Transportation Systems, vol. 19, no. 7, pp. 2125–2141, 2018. [Google Scholar]

27. M. K. Hasan, M. M. Ahmad, A. H. A. Hashim, A. RAzzaque, S. Islam et al., “A novel artificial intelligence based timing synchronization scheme for smart grid applications,” Wireless Personal Communications, vol. 114, no. 2, pp. 1067–1087, 2019. [Google Scholar]

28. S. N. Makhadmeh, A. T. Khader, M. A. Al-Betar, S. Naim, A. K. Abasi et al., “A novel hybrid grey wolf optimizer with min-conflict algorithm for power scheduling problem in a smart home,” Swarm and Evolutionary Computation, vol. 60, no. 2, pp. 1–17, 2021. [Google Scholar]

29. N. Nurelmadina, M. K. Hasan, I. Memon, R. A. Saeed, K. A. Z. Ariffin et al., “A systematic review on cognitive radio in low power wide area network for industrial IoT applications,” Sustainability, vol. 13, no. 1, pp. 1–21, 2021. [Google Scholar]

30. K. R. Choo, R. X. Lu, L. Q. Chen and X. Yi, “A foggy research future: Advances and future opportunities in fog computing research,” Future Generation Computer Systems, vol. 78, no. 2, pp. 677–679, 2018. [Google Scholar]

31. R. X. Lu, K. Hueng, A. H. Lashkari and A. A. Ghorbani, “A lightweight privacy-preserving data aggregation scheme for fog computing-enhanced IoT,” IEEE Access, vol. 5, pp. 3302–3312, 2017. [Google Scholar]

32. R. Lu, X. H. Liang, X. Li and X. Shen, “EPPA: An efficient and privacy-preserving aggregation scheme for smart grid communications,” IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 9, pp. 1621–1631, 2012. [Google Scholar]

33. J. Wang, X. Yu and M. Zhao, “Privacy-preserving ranked multi-keyword fuzzy search on cloud encrypted data supporting range query,” Arabian Journal for Science and Engineering, vol. 40, no. 8, pp. 2375–2388, 2015. [Google Scholar]

34. H. Dai, Q. Ye, X. Yi, R. He, G. Yang et al., “VP2RQ: Efficient verifiable privacy-preserving range query processing in two-tiered wireless sensor networks,” International Journal of Distributed Sensor Networks, vol. 12, no. 11, pp. 1–15, 2016. [Google Scholar]

35. Y. Shen, L. S. Huang and W. Yang, “Achieving personalized and privacy-preserving range queries over outsourced cloud data,” in IEEE Int. Conf. on Communications, Paris, France, pp. 1–6, 2017. [Google Scholar]

36. R. Lu, “A new communication-efficient privacy-preserving range query scheme in fog-enhanced IoT,” IEEE Internet on Things Journal, vol. 6, no. 2, pp. 2497–2505, 2018. [Google Scholar]

37. D. Boneh, J. E. Goh and K. Nissim, “Evaluating 2-DNF formulas on ciphertexts,” in Theory of Cryptography Conf., Berling, Germany, pp. 325–341, 2005. [Google Scholar]

38. P. Paillier, “Public-key cryptosystems based on composite degree residuosity classes,” in Int. Conf. on the Theory and Applications of Cryptographic Techniques, Berlin, Germany, pp. 223–238, 1999. [Google Scholar]

39. M. S. Islam, M. Kuzu and M. Kantarcioglu, “Interface attack against encrypted range queries on outsourced databases,” in Proc. of the 4th ACM Conf. on Data and Application Security and Privacy, New York, USA, pp. 235–246, 2014. [Google Scholar]

40. M. Naveed, S. Kamara and C. V. Wright, “Interface attacks on property-preserving encrypted databases,” in Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security, New York, USA, pp. 644–655, 2015. [Google Scholar]

41. G. Kellaris, G. Kollios, K. Nissim and A. Neill, “Generic attacks on secure outsourced databases,” in Proc. of the ACM SIGSAC Conf. on Computer and Communications Security, New York, USA, pp. 1329–1340, 2016. [Google Scholar]

42. M. Lacharite, B. Minaud and K. Paterson, “Improved reconstruction attacks on encrypted data using range query leakage,” in IEEE Symp. on Security and Privacy, San Francisco, USA, pp. 297–314, 2018. [Google Scholar]

43. C. A. De and V. Iovino, “jPBC: Java pairing based cryprography,” in IEEE Symp. on Computers and Communication, Kerkyra, Greece, pp. 850–855, 2011. [Google Scholar]

44. B. Huang and S. Liang, “A range search scheme based on encrypted index hiding order and access patterns,” in Int. Conf. on Internet of Things (iThings), Atlanta, USA, pp. 340–347, 2019. [Google Scholar]

45. C. Guo, R. Zhuang, Y. Jie, K. Choo and X. Tang, “Secure range search over encrypted uncertain IoT outsourced data,” IEEE Internet of Things Journal, vol. 6, no. 2, pp. 1520–1529, 2018. [Google Scholar]

46. J. Liang, Z. Qin, S. Xiao, J. Zhang, H. Yin et al., “Privacy-preserving range query over multi-source electronic health records in public clouds,” Journal of Parallel and Distributed Computing, vol. 135, no. 4, pp. 127–139, 2020. [Google Scholar]

This work is licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.