LPTD: Achieving Lightweight and Privacy-Preserving Truth Discovery in CIoT

04/05/2018 ∙ by Chuan Zhang, et al. ∙ Beijing Institute of Technology 0

In recent years, cognitive Internet of Things (CIoT) has received considerable attention because it can extract valuable information from various Internet of Things (IoT) devices. In CIoT, truth discovery plays an important role in identifying truthful values from large scale data to help CIoT provide deeper insights and value from collected information. However, the privacy concerns of IoT devices pose a major challenge in designing truth discovery approaches. Although existing schemes of truth discovery can be executed with strong privacy guarantees, they are not efficient or cannot be applied in real-life CIoT applications. This article proposes a novel framework for lightweight and privacy-preserving truth discovery called LPTD-I, which is implemented by incorporating fog and cloud platforms, and adopting the homomorphic Paillier encryption and one-way hash chain techniques. This scheme not only protects devices' privacy, but also achieves high efficiency. Moreover, we introduce a fault tolerant (LPTD-II) framework which can effectively overcome malfunctioning CIoT devices. Detailed security analysis indicates the proposed schemes are secure under a comprehensively designed threat model. Experimental simulations are also carried out to demonstrate the efficiency of the proposed schemes.



There are no comments yet.


page 23

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

Cognitive Internet of Things (CIoT) is a specialized IoT model which capitalizes on the increasing capabilities of mobile devices (with built-in comprehensive sensor sets), which uses cognitive computing techniques to find valuable information from large scale sensing data WuDXFDWL14 ; MishraLC15 ; FengSH17 . By analyzing the big data created by various IoT devices, CIoT is able to provide deeper insights, high-level intelligence, and further create values for people.

Despite the proliferation of CIoT, there are some increasing concerns which may impede its wide adoption. For example, the sensory data captured and provided by different devices is usually not directly usable or reliable, as it may be distorted due to reasons such as, lack of sensor calibration, poor sensor quality, background noise, and even the intent to deceive. Therefore, an important task of the CIoT applications is to discover truthful information from the sensory data. This task, called truth discovery, has drawn significant attention LiLGZFH14 ; LiDLMS12 ; LiLGSZFH15 . Typically, the common principle to execute truth discovery is weighted aggregation that assigns a higher weight to a particular device if data reported by it is closer to the aggregated results from all devices. Moreover, a device’s data is given higher value if the device has higher weight due to its past performance MiaoJSLGQXGR15 ; XuLTLDY17 . By performing truth discovery, accurate sensory data can be obtained, and such data will greatly promote the effectiveness of CIoT applications.

Although having significantly improved data accuracy, the challenge for truth discovery, is that the sensory data is highly sensitive and should be well protected, especially considering that sensory data may contain personal information XiaoRSDHG07 ; DuC08 ; DuXGC07 . For example, geo-tagging services can publish timely and accurate localization of specific objects (e.g., pothole, automated external defibrillator, litter, etc.). However, this may lead to exposure of participating users’ sensitive geo-location and/or movement patterns. Aggregated health statistics (i.e., treatment outcomes) may provide valuable information regarding medical devices’ effects or new drugs, but may threaten the privacy of participating patients. Meanwhile, user reliability (i.e., weight) is another private information which should be well protected. From user reliability information, the attacker may infer details of participating users’ education, skills, and personality traits. For example, aggregating opinions regarding challenging social problems may lead to a better solution. However, the leakage of reliability may disclose users’ education and intellectual level.

Several studies have tried to preserve users’ privacy in the applications of truth discovery MiaoJSLGQXGR15 ; XuLTLDY17 ; MiaoSJLT17 . However, most of them are not efficient or cannot be applied in real-life CIoT applications. For example, Du et aldu2009transactions tried to find a reliable key management scheme, Miao et al. MiaoJSLGQXGR15 proposed a cloud-based privacy-preserving truth discovery scheme to protect users’ sensory data. However, by using threshold Paillier cryptosystem CramerDN01 , their scheme is not efficient. To improve efficiency, Xu et al. XuLTLDY17 proposed a lightweight and privacy-preserving discovery scheme by using the additive homomorphic privacy-preserving techniques. Miao et al. MiaoSJLT17 further designed a lightweight truth discovery framework by using two non-colluding cloud platforms. Although their schemes achieve better efficiency, they cannot be applied in CIoT applications, especially in scenarios where some IoT devices may not deliver their data timely LuHLG17 . Moreover, all the above schemes cannot defend from external attackers who inject false data into the system. Hence, there is a need for an efficient truth discovery scheme, which not only protects users’ privacy, but is also able to mitigate false data injection attacks and give fault tolerance.

In this paper, to address these challenges, we present a lightweight privacy-preserving truth discovery scheme in CIoT, called LPTD-I, to protect devices’ privacy (i.e., sensory data and reliability information), and resist false data injection attacks. The framework is implemented by involving fog and cloud platforms, adopting homomorphic Paillier encryption, and one-way hash chain techniques. In this framework, the fog node authenticates the data submitted from devices and aggregates the data before delivering it to the cloud. In addition, we exploit the properties of modular arithmetic to design a data aggregation algorithm which is efficient and privacy preserving.

Although LPTD-I can defend against the false data injection attack launched by external attackers, it is not fault-tolerant. Thus, we exploit the modified Paillier cryptosystem and propose a framework (LPTD-II) suitable for the scenarios where some IoT devices may stop delivering data due to device failure, to the fog node. In this framework, the secret key is split into two parts, and the fog devices can cooperate with the cloud to recover the aggregated results successfully.

In summary, the contributions of this paper are:

  • We propose a novel lightweight and privacy-preserving truth discovery scheme in CIOT, called LPTD-I. This scheme not only preserves the privacy of users (i.e., sensory data and reliability information), but also achieves high efficiency.

  • For the scenarios where some IoT devices stop reporting sensory data to the fog node, an upgraded technique called LPTD-II, is proposed to achieve fault tolerance.

  • Detailed security analysis indicates the proposed schemes are secure under an elaborate threat model. Additionally, experimentation shows the efficiency of both the proposed schemes.

The rest of this paper is organized as follows. In section 2, we give the problem definition which includes the system model, security model, and design goals. In section 3, we describe some preliminary. The details of the proposed LPTD schemes are described in section 4, followed by the security analysis and performance analysis in section 5 and section 6, respectively. In section 7, we discuss the related work. Finally, we draw the conclusion in the last section.

2 Problem Definition

The system model, security model, and design goals are outlined in the following sections.

2.1 System Model

The system model shown in Fig. 1 is comprised of four entities: IoT devices, the fog node, the cloud, and a trusted authority.

  • IoT devices: Each IoT device is equipped with sensing, communication, and computing capabilities, which can enable the device to collect sensory data, report data, and perform simple computation operations. Note that, since most IoT devices are resource-constrained, the computational costs for operations performed at these devices should be minimal.

  • Fog node: The fog node acts as a middle layer between the IoT devices and the cloud, and is deployed at the edge of network. They can process/deliver data for the devices and/or cloud. In our schemes, it also aggregates all reports from IoT devices, and forwards resulting data to the cloud.

  • Cloud: It receives all data from the IoT devices through the fog node. For each object, it generates an initial ground truth, and iteratively updates the truth in cooperation with the fog node.

  • Trusted authority (TA): TA is a trusted third party, and it bootstraps the whole system. It generates keys and assigns them to all entities. Once the system is up and running, the TA remains offline.

Figure 1: System model.

We formalize the truth discovery approach as follows: Suppose there are IoT devices and objects, we use to denote the observed value of device for object . For all devices, are used to denote their reliabilities (i.e., weights). Each object is assigned an initial ground truth. The goal of the proposed scheme is to calculate the ground truths for all objects while protecting the observed value and weight of each device from being disclosed to others. Table 1 summarizes the main notations used in this work.


Symbol Definition
Number of devices
Index of devices,
Weight of device
Number of objects
Index of objects,
Observed value of device for object
Truth for the object

The standard deviation for the

-th object
Table 1: Summary of notations

2.2 Security Model

  • TA is considered to be fully trusted, and it cannot be breached by any attacker.

  • The fog and cloud elements are honest-but-curious. This means that they will follow the protocol, but are also curious regarding device/user details. Note that, in our threat model, they do not collude with each other.

  • The honest-but-curious IoT devices will follow the protocols. They can collude with other entities (i.e., other IoT devices, the fog, and the cloud), but we emphasize that they cannot collude with the fog and the cloud simultaneously.

  • Since the focus of this work is to design a privacy-preserving truth discovery approach, internal attacks are not considered, i.e., all entities cannot be compromised at the same time. However, we do allow that some IoT devices may malfunction or stop reporting data intermittently. Moreover, external attackers may also launch false data injection attacks. Hence, the fog node should filter such data before transmitting them to the cloud.

2.3 Design Goals

The goal of the proposed scheme is to design an efficient and privacy-preserving truth discovery approach which can protect devices’ privacy and reduce computational costs. Security issues as studied in wu2014mobifish ; wu2014security ; huang2014achieving should be solved in our work. In order to achieve this, following design goals must be guaranteed:

  • Privacy: The proposed scheme should preserve the privacy. The fog node and cloud can obtain the truthful values, but they cannot obtain individual IoT devices’ information (i.e., sensory data and reliability information).

  • Security: The scheme should be resistant to false data injection attacks launched by external attackers. In other words, the fog node should authenticate the IoT devices and filter the false data before transmitting it to the cloud.

  • Fault Tolerance: In case where some IoT devices malfunction and stop reporting data, the cloud should still be able to obtain acceptable levels of aggregated data.

  • Efficiency: The computational cost at each system element should be as little as possible.

3 Preliminaries

In order to better explain the proposed schemes, we first introduce the general process of truth discovery and cryptographic tools, in the following parts.

3.1 Truth Discovery

Truth discovery in large scale sensory data has been widely studied in the past. Although the algorithmic details of different solutions are a bit different from each other, the fundamental principle of assigning device weights and estimating ground truth is same. At the initialization point of truth discovery algorithm, random ground truths are assigned, which are iteratively updated until convergence is achieved. Algorithm 1 shows the general truth discovery process.

Weight Update: In this step, the ground truth of each object is assumed to be fixed. Typically, a device is assigned higher weight if it provides data, which is closer to the ground truth, and vice versa. Inspired by the works of CRH LiLGZFH14 (as it gives good practical performance), we calculate weight as follows:


where is a distance function utilized to measure the difference between the ground truth and observation by devices. Moreover, is dependent on application use case. The two most common type of data (i.e. continuous and categorical) are considered in this work.

In applications, such as environmental monitoring, sensory data (e.g., temperature, humidity, etc.) is continuous in nature. Hence the following distance function is adopted:


where is used to represent the standard deviation of all the users’ observations for object .

Other use cases like public opinion polls have collected data that is categorical in nature, that is based on the selection of choices. In these applications, only one is correct among the multiple candidate choices. Thus, an observation vector

is defined to denote that the -th device selects the -th candidate choice for object . The following function is used to measure the distance between the observation vector and the ground truth vector:


Truth Update: In this step, weights are assumed to be fixed. We calculate the ground truth for -th object as follows:


is considered ground truth, if data is continuous. Contrary to this,

is considered a probability vector where each element represents the probability of a choice being true, if the data is categorical. In this case, the final ground truth is the choice with highest probability.

Input: Observations from devices:
Output: Ground truths for objects:
1 Randomly initialize the ground truth ;
2 for  do
3       for  do
4             Update device weight(see Eq.(1));
6      for  do
7             Update ground truth (see, Eq.(4))
return ;
Algorithm 1 Truth Discovery Algorithm

3.2 Cryptographic Tools

In order to perform encryption, we make use of the following algorithms.

3.2.1 Modified Paillier cryptosystem

A modified Paillier cryptosystem to encrypt devices’ sensitive information LiuDCW16 is used to realize privacy-preserving truth discovery. This modified Paillier cryptosystem consists of the following four components:

  • Key Generation: Given a security parameter , two large safe prime numbers , and are calculated as and , where , and are also two large primes. Then, Compute , and . Choose a random value , and a random number . Finally, the public key is set as , and the secret key is .

  • Encryption: Suppose there is a message to be encrypted. Select a random value , and calculate the ciphertexts as and .

  • Decryption: Given , the message can be decrypted by computing .

  • Proxy Re-encryption: Split the secret key into two random shares , such that . Then, the ciphertexts can be partially decrypted as by using , where , and mod . Lastly, can be decrypted using to recover .

3.2.2 One-way hash chain

As a common cryptographic tool, various applications PerrigCTS00 have used one-way hash chain. In this work, we use this technique to authenticate the IoT devices. Suppose there is a secure hash function: , a one-way hash chain can be defined as a set of values , where is randomly chosen, and for to . Note that, it is easy to compute , where , but becomes computationally infeasible for , if . Fig. 2 depicts the structure of one-way hash chain.

Figure 2: One-way hash chain structure.

3.2.3 Properties under modulo

In modified Paillier cryptosystem, for any message , the following equation holds


This property can be easily proven by using mathematical induction, which can be found in LuHLG17 .

4 Proposed LPTD Schemes

In this section, we give the details of the proposed two LPTD schemes in CIoT, which mainly include the following parts: system initialization, design overview, LPTD-I scheme, and LPTD-II scheme.

4.1 System Initialization

TA is considered to be fully trusted, and it bootstraps the whole system. Given a security parameter , TA selects two large safe prime numbers , where . Following this, it then generates the public key & private key of the modified Paillier cryptosystem as , where , and . Then, TA randomly splits into two shares and , such that . Suppose there are IoT devices in the network, TA generates vectors , each contains random numbers, such that,


where .

TA selects a secure cryptographic hash function , where . Since the truth and weight are iteratively updated, we divide the number of iterations into times, and at every iteration, each device will report its observation or weighted data. TA generates one-way hash chains , where , , and , , .

Once these values are configured, TA assigns the keys to devices, fog node, and cloud elements, as given below:

  • For the device , TA computes and assigns , the hash chain , and the public key .

  • For the fog, TA assigns a share of the private key , the hash chain heads of devices , the secret key vector , the public key , and the shared key to the fog device.

  • For the cloud, TA assigns the other share of private key , the secret key vector , together with the public key , and the same shared key .

4.2 LPTD Scheme: General Overview

Once the devices obtain the observed values, LPTD will carry out the following two phases:

  • Phase 1: Secure weight update. First, every IoT device encrypts the observed value by using the cryptographic tool. Then, these ciphertexts are submitted to the fog node for aggregation and the aggregated value is further submitted to the cloud to calculate the standard deviation of the observed values, which will be then sent to every device. After that, every device computes the distances between the observed values and the ground truths. Finally, the fog and the cloud cooperatively and iteratively update the weights.

  • Phase 2: Secure truth update. When each device receives the aggregated differences from the fog device, they first calculate the weight, the weighted observed values, and then send them to the fog device in ciphertexts. Lastly, the fog and the cloud will calculate the ground truth .

During the procedure of LPTD, all operations are executed in ciphertexts. Hence, an entity only knows its own information, and the devices’ sensitive information (i.e., observed value and weights) is not leaked to other entities.

4.3 LPTD-I Mechanism

In this subsection, we first describe the details of LPTD-I, which is able to protect the devices’ privacy and resist external false data injection attacks.

It is important to note that the sensory data from IoT devices may not be integers, but the cryptosystem used in this scheme is defined for integer values. Thus, to deal with this problem, a parameter , of magnitude 10, is utilized to round off the observed values. As an example, device gets the observed value for the object . We can use to multiply as , and the final result can be recovered by dividing . For easy understanding in this work, all observed values and intermediate results are assumed to be preprocessed as above.

4.3.1 Secure weight update

Step W1. The cloud delivers the estimated ground truth for object to all devices. If it is the first iteration, the estimated ground truth is randomly initialized. Otherwise, it will be obtained from the previous iteration.

Step W2. When the device obtains , it first computes the difference between and according to Eq. 2, and then aggregates the differences of objects as . Before submitting to the fog node, the device uses its secret key to compute


and then uses the hash value to compute


where denotes the iteration number. After that, the device submits to the fog. The operation may not seem time efficient, but they can be efficiently executed, as has been calculated by TA in advance.

Step W3. After receiving in the -th iteration, the fog node checks the validity of the IoT device, and aggregates the reports as follows:

  • Check hash chain node : Assume that the fog has authenticated in the previous -th iteration, it can easily verify according to . If it holds, is accepted. Otherwise, it is rejected.

  • Check : If is valid, the fog node further verifies by computing


    and checking if . If it holds, is accepted. Otherwise, it is rejected.

  • Data aggregation: After receiving from all devices, the fog node utilizes its secret key to obtain the aggregated result as


    and then use the shared secret key to compute


Following this, the fog device delivers to the cloud.

Step W4. Upon receiving in the -th iteration, the cloud first checks data validity according to . If it holds, the cloud executes the following operations to obtain the aggregated results.

  • The cloud utilizes its secret key to compute

  • The cloud can obtain by computing


    The cloud then selects a random number to blind as before forwarding it to the fog node.

Step W5. After receiving , the fog node selects a random number , and computes


After that, the fog delivers to the device. The device can calculate its weight as


where .

As shown in Eq. 2, the standard deviation is necessary to calculate the difference between the observed value and the ground truth. Thus, it should be computed first. The calculations can be shown as follows:

  • The IoT device encrypts the observed value according to Eq. 7, and forwards the ciphertexts to the fog node.

  • On reception of ciphertexts, the fog node and the cloud cooperatively calculate , and following the above operations, and then send to all devices.

  • The device calculates , and encrypts before uploading it to the fog node.

  • Upon receiving all the ciphertexts, the fog and the cloud cooperatively calculate , and further obtain as . At last, is forwarded to all devices.

4.3.2 Secure truth update

Upon updating the weights, it is time to update the ground truth. The details are shown as follows.

Step T1. The device calculates the weighted data as , and then encrypts the weighted data and weight as


Then, following the same operations in secure weight update, generates , and uploads to the fog node.

Step T2. After checking the data validity, the fog uses its secret key and runs the aggregation operations according to Eq. 10. It then uploads to the cloud.

Step T3. The cloud uses its secret key , and computes and according to Eq. 12. The cloud then updates the ground truth as


Note that, we only consider continuous data in the proposed scheme. Since the difference function between continuous and categorical data is different, the distance between the observed vector and the ground truth vector can be easily computed according to Eq. 3, which can be seen as a special case in the proposed LPTD schemes.

After combining the above two procedures, the privacy-preserving truth discovery algorithm is shown in Algorithm LABEL:A2.

4.4 LPTD-II Mechanism

In real-life CIoT applications, one IoT device may not submit its data in time due to malfunctions, low battery, network delay, etc. Thus, the aggregated result is not accurate based on the previous operations, because does not hold. To achieve fault-tolerance, we design another efficient and privacy-preserving truth discovery approach, call ed LPTD-II. In the following, we only show how to recover the aggregated results from the ciphertexts in the cloud. Other details are omitted, as they are similar to LPTD-I.

When submitting ciphertexts to the fog node, besides , the device needs to submit another ciphertext mod . Note that, this ciphertext is also pre-computed by TA, and delivered to the fog node in advance to save computational cost and communication overhead.

After receiving from all devices expect the device , the fog node first aggregates them as


and then uses its share of the secret key to partially decrypt the aggregated ciphertexts as


The cloud further computes


with , and obtains the aggregated result by calculating



5 Security Analysis

The security properties of proposed LPTD schemes are of prime importance. Here, we show how the proposed schemes can achieve privacy preservation and effectively defend against false data injection attacks.

Defense against false data injection: To authenticate the validity of data in each iteration, one-way hash chain technique is applied in the LPTD schemes. For each device, if the hash value is authenticated in the -th iteration, can be authenticated according to as it is hard to obtain from due to the properties of one-way hash function. In fact, only if a device reports its data in the -th iteration, the fog can get a fresh . If the is not fresh in the -th iteration, it can be considered as false data by replaying . The fog can identify and filter this data. Thus, the proposed LPTD schemes can defend against the false data injection attack.

Privacy preservation: In LPTD schemes, the observed value of a device is encrypted as , if we look at as a message . Note that is a valid Paillier ciphertext. An external attacker cannot get , as the Paillier encryption achieves IND-CPA (i.e., indistinguishable under the chosen plain text attack). The fog node is also curious about . However, without knowing the other share of the secret key , it will not be able to recover the sensitive data. For the weight information, and are encrypted as and respectively. As and are both Paillier ciphertexts, an external attacker cannot recover the weight information. Notice that, the attacker may perform the following operation to calculate the weight,


However, since , , and are unknown, the attacker cannot calculate them from Eq. 22. The attacker may build more equations to recover as


From Eq. 23, we can see that with more equations introduced, more random numbers (i.e., ) will be introduced. Since , only if the fog node colludes with the cloud, the attacker can obtain . Nevertheless, under our security model, there is no collusion between the fog and the cloud. Hence, the scheme preserves the privacy, and passes the security model.

6 Performance Analysis

In addition to security model evaluation, we also perform experimental evaluation for communication and computational costs of both proposed schemes.

6.1 Communication Overhead

To show the communication overhead of LPTD, we compare the proposed schemes with the PPDP MiaoJSLGQXGR15 , which encrypts the data by calculating mod , under the same setting. Here, we assume the bit length of is set as . However, we omit the cost of authentication for all schemes as a fairness consideration. During the process of weight update in LPTD-I, each device needs to submit , which costs bits. In PPDP, needs to submit and , which cost . In the procedure of truth update, PPDP and LPTD-I need to submit and , which cost , where is the number of objects. Compared with LPTD-I, LPTD-II needs to submit one more mod to execute the decryption operation. However, in reality, mod can be submitted to the fog in advance to receive communication overhead, as it is constant. Table 2 summarizes the communication overhead of all schemes in each phase for each device.

Phase of weight update Phase of truth update
Table 2: Comparison of communication overhead for each CIoT device.

6.2 Computational Costs

We compare the computational costs of LPTD and PPDP schemes by implementing all schemes in Java, and run several experiments on a system with 2.5 GHz Intel Core i7 and 16GB RAM. The number of iteration is set as 10, as average result of 10 experiments are used for comparisons.

As shown in Fig. 3(a), we compare the run time of PPDP with 100 devices and varying number of objects. It can be observed that as the number of objects increases, the run time of LPTD remains far less than that of PPDP. For example, when the number of objects is 800, LPTD-I and LPTD-II cost 8.098s and 8.696s to finish the truth discovery respectively, while PPDP takes 71.172s. This is due to the reason that PPDP needs to perform time-consuming module exponent operations, while only multiplication operations are required in LPTD. The single module multiplication operation can be done in advance, which provides an added benefit. Note that, LPTD-I performs better than LPTD-II, since LPTD-II needs to execute 2 decryption operations to recover the aggregated results, while LPTD-I only needs to perform 2 multiplication operations.

Similarly, from Fig. 3(b), we can also find that the total running time of LPTD is less than that of PPDP when the number of devices ranges from 100 to 700, while the number of objects is fixed at 100. When the number of devices reaches 700, LPTD-I and LPTD-II take 34.079s and 37.606s to finish the truth discovery respectively, while PPDP needs 136.754s. This also confirms the efficiency of our scheme.

Figure 3: (a) Total running time with varying number of objects. (b) Total running time with varying number of devices.

Fig. 4 shows the run time of weight update and truth update with varying number of objects. Here, we set the number of devices as 100. As it can be observed from Fig. 4(a), the run time of PPDP and LPTD are relatively stable. The reason is that, although more objects are introduced, each device only needs to perform 2 encryption operations in PPDP, and 1 encryption operation in LPTD (i.e., ) in the weight update phase. Since PPDP needs to execute module exponent operations, it costs higher running time than LPTD-I and LPTD-II. In Fig. 4(b), the running time of all schemes grow linearly. The reason is that more truths need to be updated as the number of objects increases. It can be also found that PPDP takes higher time to finish same computations.

Figure 4: (a) Running time of weight update with varying number of objects. (b) Running time of truth update with varying number of objects.

Similar observations can be made in Fig. 5. For the procedure of weight update, since more need to be encrypted with the increasing number of devices, the run time of all schemes grows linearly. In the procedure of truth update, as all schemes need to perform more aggregation operations to calculate and , the run time forms a linear relation with the number of devices. Based on these results, we can conclude that LPTD schemes are more efficient then existing solutions.

Figure 5: (a) Running time of weight update with varying number of devices. (b) Running time of truth update with varying number of devices.

7 Related work

A number of truth discovery schemes have been studied previously LiLGZFH14 ; LiDLMS12 ; LiLGSZFH15 ; MaLLQGZSZJH15 ; MengJLGSDC15 ; SuLHWGLAHLGK14 ; WangKLA12 ; YinHY08 ; ZhangHHL12 ; JinSXN16 , and hence can become an attractive solution for CIoT applications. Among them, CRH LiLGZFH14 , AcuSim LiDLMS12 , TruthFinder YinHY08 are some representative schemes which can provide more reliable results by considering device reliability in the aggregation process compared to the traditional voting or averaging approaches. However, these systems fail to take into consideration important privacy issues, which may disclose some personal sensitive information DuGXC08 ; HeiDWH10 ; HeiD11 .

To protect devices’ privacy, many privacy-preserving approaches have been proposed recently. For example, anonymization based schemes are presented by CramerDN01 ; Sweene02 to protect devices’ private information. However, these cannot be used in truth discovery scenarios, since they are not designed to protect the data values. Cryptography based schemes are another option to effectively protect devices’ privacy. For example, Miao et al. MiaoJSLGQXGR15 proposed a privacy-preserving truth discovery scheme by utilizing the threshold Paillier cryptosystem to protect users’ privacy. However, their system is based on the assumption that there is no collusion between the cloud server and other parties. When such collusion occurs, the devices’ privacy can be inferred. Moreover, cryptography schemes are not efficient, especially considering the battery and computation limitation of mobile devices. Another scheme JinSXN16 integrated the incentive with truth discovery approaches. However, the platform is trusted in their scheme which may impede its wide adoption. To improve the efficiency, Xu et al. XuLTLDY17 proposed an efficient and privacy-preserving truth discovery scheme by using an additive homomorphic data aggregation technique. Specifically, each device is assigned a random value and secret key, and the sensory data is blinded before delivering to the cloud. Finally, the authorized receivers can use the secret key and the aggregated random values to decrypt the ciphertexts. However, in real-life CIoT applications, device failure or missing data is a common issue. In such cases, this scheme does not work, since some of the random values are missing. Miao et al. MiaoSJLT17 further proposed a lightweight and privacy-preserving truth discovery scheme by using two non-colluding cloud platforms. Specifically, each device is assigned random values to perturb the sensory data, weighted data, and the weight. All these perturbed data is submitted to a cloud , while the perturbation values are submitted to another cloud . These two clouds can cooperatively compute the truths without disclosing the sensitive information. However, similar to XuLTLDY17 , their scheme cannot achieve fault-tolerance. Moreover, if eavesdrops the devices, it may decrypt the sensitive data by using the corresponding perturbation value. Finally, none of these schemes can resist external false data injection attacks.

8 Conclusion

This article proposes two lightweight and privacy preserving truth discovery schemes for CIoT. LPTD-I is able to use fog nodes to resist false data injections, and achieve efficient truth discovery with minimal overhead. LPTD-II is an extension to previous scheme, which in addition to attack resistance and efficient privacy preservation, provides fault tolerance. Detailed security analysis shows that the proposed LPTD schemes are secure under a comprehensive security model. Experimental evaluation shows significant reduction in computation times as compared to other schemes.


This research is supported by the National Natural Science Foundation of China (Grant Nos. 61402037, 61272512).