An Efficient and Secure Range Query Scheme for Encrypted Data in Smart Grid

Abstract

In smart grid information systems, the electricity usage data should be audited by data users, such as the market analysts to finish their tasks. Besides that, electricity company always outsources the data to the cloud server (CS) to release its data management pressure. Since the CS is untrusted and the detailed electricity usage data contains users’ privacy, the privacy concern of the data and data users’ queries is raised. Although many schemes have been proposed to achieve the encrypted data query in smart grid, they are not applied well due to the numeric attributes in electricity usage data and privacy concern in smart grid application. In this paper, we provide an efficient privacy-preserving scheme for range query in smart grid. Our scheme achieves the range query without disclosing the privacy of the data and queries. And the performance shows that our scheme can reduce the computation cost for both the data owner and data users, and shorten the response time of every query, which is great significance for smart grid application.

1 Introduction

With the rapid development of industrial and economic activities, smart grid has been accepted by more and more people due to its many good features. However, the electricity usage data of customers in smart grid is surging from 10,780 terabytes (TB) in 2010 to over 75,200 TB in 2015 [1]. That is far beyond the electricity company’s data management capability. Uploading the electricity usage data into a cloud server is the best way to mitigate this stress. In this approach, electricity company can store the electricity usage data on cloud server and execute computation and queries using the server’s computational capabilities.

However, cloud server is often untrusted. It may share the electricity usage data with other parties for profit making. But the electricity usage data contains user’s private information, e.g., user’s name and family address, bank account and telephone number. If the cloud server shares these data with attackers, user’s privacy might be compromised. Therefore, our electricity usage data must be stored in encrypted form on the cloud server to protect the data confidentiality and privacy.

In addition, electricity usage data in smart grid information systems should be periodically audited to ensure that the billing and pricing statements are presented fairly [2]. Specially, data users, such as market analysts, are endowed with the task of querying smart grid information systems for auditing, analysis, accounting or tax-related activities [3]. Thus, there is growing need to achieve querying on encrypted data in smart grid.

It is not a trivial issue to query on encrypted data in smart grid at the same time with the following requirements: (1) Confidentiality and privacy of data. The electricity usage data should be protected from being stolen by the untrusted cloud server. (2) Privacy of the query. Since the cloud server is untrusted, it might trace the query results if the query contains sensitive information and make the user’s privacy disclosure. Thus, guaranteeing query privacy is also important for smart grid application. (3) Achieving range query. Since the electricity usage data always has the numeric attributes, range query is a common type of queries for the smart grid. (4) Being efficient and low cost. Smart grid is a large-scale system, since the electricity usage data is large and dynamic update in the cloud server, the protocol should be efficient for the query and low cost for both the data owner and data users.

Recently, many protocols were proposed to achieve the query on encrypted data, but they are not suitable to apply for the smart grid. Public key encryption with keyword search (PEKS) is a widely studied approach to achieve querying on encrypted data. Nevertheless, most of the existing schemes (such as [4, 5]) about PEKS focus only on the keyword search technique, with little attention to both data and query privacy protection in the scheme. Baek et al. [6] argue that PEKS and data encryption schemes need to be treated as a single scheme to securely provide PEKS service. Qin et al. [7] propose an efficient encryption scheme with one-dimension keyword search (EPPKS) for cloud computing by combining the ideas of partial decipherment with the PEKS. However, it is not quite secure because the partial decipherment will leak partial information of users’ data. The Searchable Encryption Scheme for Auction (SESA) [8] in smart grid achieved the security, but it only can be applied for the equality checks.

In this paper, we propose a privacy-preserving range query scheme over encrypted electricity usage data for smart grid, which ensures to secure the data confidentiality, privacy and query privacy in smart grid. We first proposed a range query scheme in smart grid by using the modified Paillier homomorphic cryptosystem. With our scheme, the range query is achieved without disclosing the privacy of the electricity usage data and query context. We then evaluated the performance of our scheme. The results show that our scheme can reduce the computation cost for both the electricity company and data users, and shorten the response time of every range query, which is great significance for smart grid application.

The rest of this paper is organized as follows. Section 2 discusses the related work. Section 3 describes the system model, data query model, security requirements and our design goals. Section 4 introduces the background. Sections 5 and 6 present the modified paillier homomorphic cryptosystem and our scheme respectively. Section 7 discusses how the proposed scheme meets our design goals, and Sect. 8 shows the experiment results. Finally, concluding the paper in Sect. 9.

2 Related Work

Querying encrypted data in smart grid is an important issue that attracts great attention from research communities. But the most existing schemes only can be applied for equality checks. Since the encrypted electricity usage data has many numeric attributes, it is much significant to achieve range query in smart grid.

For the encrypted data query, there are generally four categories of solutions that have been developed for range query: (1) Order preserving encryption (OPE)-based schemes; (2) Predicate encryption-based schemes; (3) Asymmetric scalar-product preserving encryption (ASPE)-based schemes; (4) Bucketization-based schemes.

Order preserving encryption (OPE)-based schemes [9,10,11] that preserve the relative ordering of data items even after encryption. Agrawal et al. [9] describe the first order preserving encryption scheme for numeric data, followed by [10] which gives a formal security analysis and proposes the Order Preserving Symmetric Encryption (OSPE). Boldyreva et al. [11] revise and improve the security of OPE. The OPE scheme allows direct translation of range predicate from the original domain to the domain of the ciphertext. However, OPE encryption is deterministic and thus it reveals the frequency of each distinct value and is susceptible to statistic attacks.

In predicate encryption-based schemes [12,13,14,15] secret keys correspond to predicates and ciphertexts are associated with attributes. The secret key corresponding to a predicate can be used to decrypt a ciphertext only if the attribute satisfies the predicate. Boneh and Waters [12] propose a predicate encryption, named Hidden Vector Encryption (HVE), which can be used for range queries. To improve the search efficiency, tree-based index structures [15, 16] were proposed to support multi-dimensional range query [13]. But in those schemes, the cost to compute exponentiation and pairing in group is too high.

Asymmetric scalar-product preserving encryption (ASPE)-based schemes [17, 18] that allow the relative distance comparison between two data points under encryption. Given two data points \({p}_{1}\), \({p}_{2}\) and a query point Q, all encrypted, ASPE can determine whether Q is closer to \({p}_{1}\) or \({p}_{2}\). Wang et al. [17] create a hierarchical encrypted index, which first constructs a regular R-tree for a given set of data points and then applies the ASPE to encrypt the minimum bounding box range (MBR) in the R-tree. This tree-based ASPE solution reduces the leakage of sorted information, but it can cause false positives.

The bucketization technique is firstly designed in [19] for query processing in an untrusted environment. In this bucketization-based scheme [19,20,21], the data owner partitions the whole attribute domain into multiple buckets of varying sizes and assigns a unique bucket tag to each bucket using a collision-free hash function. Pairs of a bucket tag and the encrypted tuples constitute the index, which is maintained on the untrusted server. When a range query is issued by the data owner, it needs to be first determined which tags of buckets intersect the query and then all the tuples indexed by these tags will be returned by the server. Although this scheme is more efficient than the three schemes mentioned before, it always contains some false positives, the data users need to filter the mismatch after decrypting all the results, which is not suitable for application of the smart grid.

Since the schemes presented above all have some shortcomings. In this paper, we aim at providing a privacy-preserving range query scheme for encrypted electricity usage data in smart grid based on the modified paillier homomorphic cryptosystem.

3 System Model

In this section we introduce the system model, data query model, security requirements and our design goals.

3.1 System Model

In the system model, our focus is on how to outsource the users’ electricity usage data from the electricity company to cloud server (CS) in encrypted form and how to operate a query over the encrypted electricity usage data in CS by data users. Our system is composed of three components, as shown in Fig. 1: electricity company, data users (such as the market analysts, auditors) and a cloud server (CS).

The electricity company is the data owner, who encrypts the electricity usage data of customers by using cryptosystem before outsourcing the data to CS. And the data user always need to query the electricity usage data for their tasks. CS is honest but curious, it might be interested in users’ electricity usage data and data users’ queries.

Fig. 1.

System model in our scheme.

3.2 Data Query Model

Before we discuss the security requirements and our design goals, let us first introduce how the encrypted data is stored at the CS and how data users make queries.

We consider relational databases, where data are represented in the form of tables. Let R(\({A}_{1}\), \({A}_{2}\) \(\,\cdots \) \({A}_{n}\)) be a relational table, where \({A}_{1}\), \({A}_{2}\) \(\,\cdots \) \({A}_{n}\) are attributes of the table. The encrypted form of the table is as following:

$$\begin{aligned} R ^{s}(A _{1}^{s},A _{2}^{s} \cdots A _{n}^{s}), \end{aligned}$$

where \(A _{1}^{s}\), \(A _{2}^{s}\) \(\cdots \) \(A _{n}^{s}\) are encrypted attributes. For example, consider the UIT table below that stores the information of customers (Table 1).

Table 1. User information table (UIT)

The UIT table is mapped to a corresponding \(UIT^{s}\) table at the CS:

$$\begin{aligned} R ^{s}(ID^{s}, Name^{s}, Address^{s}, Consumption^{s}) \end{aligned}$$

where \(ID^{s}\), \(Name^{s}\), \(Address^{s}\), \(Consumption^{s}\) denote encrypted strings of the ID, Name, Address and Consumption respectively. For instance, the following is the encrypted table \(UIT^{s}\) stored on the CS (Table 2):

Table 2. \(UIT^{s}\)

The colunm strings contain the vaules corresponding to the encrypted values in UIT. For instance, the first vaule is encrypted to “1100...” that is equal to encrypt (23), the second vaule is encrypted to “0111...” that is equal to encrypt (Tom).

In this model, data users use the SQL statements to query the encrypted data. For example, data users use:

and the client software at userside will translate this SQL query Q into an encrypted form \(Q ^{s}\):

where \(Name^{s}\), \(Address^{s}\), \(Consumption^{s}\), \(100^{s}\) are the ciphertext of the respective strings. It is then submitted to CS for excution. CS will return encrypted data that satisfy the SQL conditions to the user.

The conditions of the SQL statements can be classified to two categories: (1) Attribute = Value. Such condition is equality query, like consumption = 80; (2) Attribute > Value or Attribute < Value. Such condition is range query. For instance, consumption > 70 or consumption < 60.

Since extensive research has been done on equality condition on encrypted data, we focus on range query in this paper.

3.3 Security Requirements

As mentioned before, in system model, CS might be interested in the electricity usage data. It has the motivation to steal the individual data for its own purpose. In addition, it might trace or analyze the query results, if the query contains sensitive information. Therefore, our scheme should satisfy the following security requirements.

Data Confidentiality: The electricity company should encrypt the electricity usage data before uploading it to the CS, and successfully prevents the CS from stealing the data.

Data privacy: The encrypted electricity usage data should be accessed only by authenticated data users. It means that only the authorized data users can decrypt the encrypted data.

Query privacy: Data users usually prefer to keep their queries from being exposed to others. Thus, the biggest concern is to encrypt the query to protect the query privacy. Otherwise, if the query includes some sensitive information, the CS might trace or analyze the results.

3.4 Design Goals

In this model, our design goal is to develop a privacy-preserving range query scheme over encrypted electricity usage data for smart grid application, and achieves the security and efficiency as follows.

1. (1)

   Since the CS is untrusted and the electricity usage data contains the privacy of the user, our scheme should achieve the data confidentiality and data privacy, as well as the query privacy.

2. (2)

   In smart grid application, the electricity usage data is large and dynamic update in the cloud. As range query are operated over encrypted electricity usage data, comparing with the existing range query schemes in smart grid, our scheme should reduce the response time of every range query and reduce the computation cost for both the data owner and data users.

4 Background

In this section, we will first introduce the Paillier Homomorphic Cryptosystem which are the based of our scheme.

The Paillier homomorphic cryptosystem is a public key cryptosystem by Paillier [22] based on the “Composite Residuosity Assumption (CRA)”. The Paillier cryptosystem is homomorphic, by using a public key, the encryption of the sum \({m}_{1}\) + \({m}_{2}\) of two messages \({m}_{1}\) and \({m}_{2}\) can be computed from the encryption of \({m}_{1}\) and \({m}_{2}\). Our scheme is inspired by the Paillier cryptosystem. Hence, we give some preliminaries of the Paillier homomorphic cryptosystem, which consists of three phases as follows.

Key Generation. Set n = pq, where p and q are two large prime numbers. Set \(\lambda = lcm (p -1, q -1)\), i.e., the least common multiple of \(p -1\) and \(q -1\). Define L(\(\mu \)) = \(\frac{\mu +1}{n }\), and randomly choose \({g}_{p}\), then compute

$$\begin{aligned} \mu = ({L}({g}_{p}^{\lambda }(mod \ {n}^{2})))^{-1}(mod \ n ). \end{aligned}$$

The public encryption key is a pair (n, \({g}_{p}\)). The private decryption key is (\(\lambda \), \(\mu \)).

Encryption E\(\varvec{(m,r)}\). Given plaintext \(m \in \{0, 1, \ldots , n -1\}\), select a random \(r \in \{0, 1, \ldots , n -1\}\), and encrypt the plaintext m as ciphertext c:

$$\begin{aligned} c = E (m ,r )={g}_{p}^{m}\cdot r^{n} \ (mod \ n^{2}). \end{aligned}$$

Decryption D(c)

$$\begin{aligned} D(c ) = L (c ^{\lambda } \ (mod \ n^{2})) \cdot \mu \ (mod \ n) = m . \end{aligned}$$

5 Modified Paillier Cryptosystem

In our scheme, we use the Paillier homomorphic cryptosystem so that CS can perform matching operation without decrypting the electricity usage data and query contexts. In this section, we provide the details of our modified Paillier cryptosystem.

5.1 Making \( \mu \) Public

Recall that in the Paillier cryptosystem, (\(\lambda \), \(\mu \)) is the private key. However, \(\mu \) can be made public, because it is hard to decrypt an encrypted message by only knowing \(\mu \). Hence, we can make \(\mu \) public while achieving the same security guaranty as the unmodified Paillier cryptosystem.

We take advantage of this operation in order to shift the computation towards encryption and make decryption lightweight.

5.2 Shifting the Computation

With the modification above, the new public key is (n, \( {g}_{p}\), \(\mu \)) and the private key is \(\lambda \). First, we modify the Paillier homomorphic cryptosystem so that anyone can decrypt using the new public key, but only those holding the private key can encrypt. This is similar to the digital signatures. And the following equations show the modification to the encryption and decryption algorithms:

Encryption:

$$\begin{aligned} E'(m , r , \lambda ) =&\, E(m , r )^{\lambda } \\ =&\,{g}_{p}^{m \lambda } \cdot r^{n \lambda }\ (mod \ n ^{2}) \\ =&\, c . \end{aligned}$$

Decryption:

$$\begin{aligned} D(c ) = L({c}\ (mod \ n ^{2}))\cdot \ \mu \ (mod \ n )=m . \end{aligned}$$

We can realize that one can perform all the homomorphic operations on our modified Paillier cryptosystem similar to the Paillier cryptosystem.

Note that as we shift the computation towards encryption, the decryption is computationally more efficient than the Paillier decryption. And we also allow the CS to perform certain operations without knowing the private key. Such shifting improves the performance of the range query model, since the Paillier decryption become more efficient.

5.3 Secret Comparisons

With the shift of computation described above, CS can find the difference by simply decrypting each value, which does not assure the privacy of individual values. Therefore, we introduce an additional parameter to the encryption operation in order to allow CS to compute the difference without knowing individual values.

Assume that there are two values \({x}_{1}\) and \({x}_{2}\). We perform the following operation to the encryption so that CS can find the difference (\({x}_{1}\) \(-\) \({x}_{2}\)) without learning either \({x}_{1}\) or \({x}_{2}\):

$$\begin{aligned} {y}_{1} =g ^{t} \cdot E'({x}_{1}, {r}_{1})\ (mod \ n ^{2}), \end{aligned}$$

$$\begin{aligned} \quad \,\, {y}_{2} =g ^{-t} \cdot E'({-x}_{2}, {r}_{2})\ (mod \ n ^{2}). \end{aligned}$$

Note that even though \(\mu \) is known, it can decrypt neither \({x}_{1}\) nor \({x}_{2}\) as they are multiplied with \(g ^{t}\) and \(g ^{-t}\) respectively. Due to the homomorphic property, we can have:

$$\begin{aligned} {y}_{1} \cdot {y}_{2} = E'({x}_{1}-{x}_{2}, {r}_{3}). \end{aligned}$$

Anyone can compute the difference as follows using the public key of the modified Paillier cryptosystem:

$$\begin{aligned} D({y}_{1} \cdot {y}_{2}) = {x}_{1}-{x}_{2}. \end{aligned}$$

The results \(D ({y}_{1}\cdot {y}_{2})>0, D ({y}_{1}\cdot {y}_{2})<0\) and \(D ({y}_{1}\cdot {y}_{2})=0\), indicate the cases of \({x}_{1}>{x}_{2}\), \({x}_{1}<{x}_{2}\) and \({x}_{1}={x}_{2}\), respectively.

For example, if the data user wants to query the users whose electricity consumption is greater than 100, then the \({x}_{2}\) is 100. The CS will return the encrypted data to the user. As we can see, with this method, CS can compare two numeric values, but is unable to know the exact values of them.

6 Privacy Preserving Range Query Scheme

There is three entities in the range query model in smart grid: electricity company, data users and a CS. For each query, the scheme works in the following steps, as shown in Fig. 2:

Fig. 2.

The steps of range query in our system.

1. (1)

   Initialization of the electricity company and the data user.

2. (2)

   Electricity company uploads the encrypted electricity usage data to CS.

3. (3)

   Data users make queries to CS and get the results.

In the proposed scheme, we aim at providing a privacy-preserving range query scheme in smart grid based on modified Paillier cryptosystem. We will explain each step in details in the following subsections.

6.1 Initialization of Electricity Company and Data Users

When the electricity company initializes, it generates the following values: E’(\({r}_{i}\)), E’(1), and \(g^{t}\) \(\cdot \) E’(\({r}_{i}\)), which are used by the electricity company to encrypt the data before uploading them to the CS.

Besides that, during the initialization, the company checks the identify of the data user. If it is a legal user, electricity company will send the following values to it: \({-r}_{i}, E '(-1)\), and \(g^{-t}\) \(\cdot \) E’(\({-r}_{i}\)).

Note that these parameters are used by the data user to encrypt the queries and decrypt the results. The electricity company may provide \(E '(-1)\) and \({-r}_{i}\), and allow the data user to compute E’(\({-r}_{i}\)) homomorphically, instead of providing the value directly. In this case, data user can recover neither \(g^{-t}\) nor \(-t \) from \(g^{-t}\) \(\cdot \) E’(\({-r}_{i}\)).

6.2 Upload the encrypted data to CS by electricity company

When the electricity company wants to upload the data, it frist encrypts the electricity usage data. We illustrate our ideas using examples. Consider the UIT table before, we encrypt one of the columns in the data table as an example. Let one of the consumption values as \({v}_{1}\). It is encrypted to \({y}_{1}\) as following:

$$\begin{aligned} {y}_{1}=&g ^{t} \cdot E'({r}_{i}) \cdot E'({r}_{i}({v}_{1}-1)) \\ =&g ^{t} \cdot E'({r}_{i} {v}_{1}). \end{aligned}$$

The encryption of other attribute values is similar to this example.

Note that E’(\({r}_{i}\)(\({v}_{1}-1\))) is homomorphically computed using E’(\({r}_{i}\)). This value can be computed efficiently by using fast multiplication.

After the electricity company encrypts the electricity usage data, it uploads the encrypted data to the CS.

Note that CS cannot decrypt the encrypted data, but our scheme allows the CS to perform privacy preserving matching.

6.3 Secure Data Query by Data Users

When the data user makes a SQL query, the query is encrypted and the encrypted query is sent to the CS.

Considering the following query as an example:

The value 100 is encrypted into the form \({100}^{s}\) in the example. We use \({x}_{1}\) to express the value 100 and \({w}_{1}\) expresses the encrypted form \({100}^{s}\). The operation is as follows:

$$\begin{aligned} {w}_{1}=&\,g ^{-t} \cdot E'({-r}_{i}) \cdot E'({r}_{i}(1-{x}_{1})) \\ =&\,g ^{-t} \cdot E'({-r}_{i} {x}_{1}), \end{aligned}$$

When the CS receives the encrypted SQL query:

It searches data table UIT (encrypted) and compares each attribute values (encrypted) in consumption column with \({100}^{s}\). It computes the difference d between each consumption value in the table with \({100}^{s}\) as follows:

$$\begin{aligned} {d}=&\, D'({y}_{1} \cdot {w}_{1}) \\ =&\, {r}_{i}({v}_{1}-{x}_{1}). \end{aligned}$$

Since the \({r}_{i}\) is greater than 0, CS will return the encrypted data to the data user, which makes the \(d >0\).

Note that, the electricity usage data always contains more than one attribute. If the data user queries the data more than one attribute, CS has to match for a composite range query after evaluating each rang query value.

And after successfully receiving the result, the valid data user can decrypt the encrypted data using the secrets.

7 Security Analysis

In this section, we will explain how our scheme achieves the goals of the data confidentiality, data privacy and query privacy.

7.1 Data Confidentiality

The data confidentiality in our scheme requires that the electricity usage data should be encrypted when it is uploaded to the CS, and prevents the CS from stealing. In our scheme, the electricity usage data is encrypted by Paillier cryptosystem. And as for CS, since it only does homomorphic computing on two encrypted values, it cannot access the electricity usage data. Therefore, the proposed scheme can achieve the data confidentiality.

7.2 Data Privacy

Data privacy in our scheme means that only the authorized data user can decrypt the electricity usage data. Data in our proposed scheme are encrypted by Paillier cryptosystem, so the adversary cannot identify them. But if the adversary fabricates a message and sends it to some entities, it cannot be detected. Hence, we also use the protocol in our scheme, only the data user who is authenticated by the electricity company can get the secrets to decrypt. Therefore, our proposed scheme can achieve the data privacy.

7.3 Query Privacy

The query privacy in our scheme means that the query should be encrypted to keep from being exposed to the CS. In our scheme, queries are also encrypted by the Paillier cryptosystem. When CS wants to do the matching for the electricity usage data, it does not need to know the exact value of the query. It only does homomorphic computing on two encrypted values. Thus, our proposed scheme satisfies the goal of query privacy.

8 Experiment Result

In this section, we evaluate the performance of the proposed scheme in terms of response time of a range query and the computation cost of the data owner and data users.

8.1 Response Time

In smart grid, it is important for data users to know the response time of a range query, which can benefit for them to efficiently schedule their tasks. We analyze the response time of our scheme and compare our scheme with the Bucketization-based scheme.

We implement the proposed scheme and the Bucketization-based scheme respectively in JRE 1.7, eclipse and run it in the computer in Windows 7 OS with the CPU i5 and 4 cores. We test the response time of a range query by those two schemes respectively.

From the Fig. 3, we can see that: when the data records increase in database, the response time of a range query in our scheme changes little. But the change in the Bucketization-based scheme is obvious. We can see from the Fig. 4, which is more precise: when the data records increase, the response time of a rang query in Bucketization-based scheme increases nonlinearly but fast. This is a huge pressure for the data user, because the data uses have a lot of data to be audited in reality.

Fig. 3.

Response time of our scheme and bucket system.

Fig. 4.

Response time of the bucketization system when the data records increase.

Therefore, we can conclude that our scheme is efficient enough to meet the requirement of smart grid application. Even the data records are large in database, the response time of our scheme will be small, which is significant for smart grid application.

8.2 Computation Cost

For the computation cost, we give the comparison between our scheme and Bucketization-based scheme too. The experimental environment is the same as the previous subsection and we choose 5000 data records. The computation cost of the data owner and data users will be introduced respectively in following.

Computation Cost of the Data Owner. We compare the computation time of the electricity company when the number of users and query dimension changes.

Figure 5 shows the computation time when the number of users in electricity company changes. From the two figures, it can illustrate the linear relationship when the users’ size increases no matter what the query dimension is. And from the results, we can see that our scheme incurs less computation cost than the Bucketization-based scheme when coping with large number of users.

In smart grid application, the number of users is very large. From the simulation results, we can estimate that our scheme operates well than the Bucketization-based scheme in smart grid. Therefore, our scheme is very suitable for large-scale smart grid systems.

Fig. 5.

The computation time of the electricity company when the number of users changes.

Fig. 6.

The computation cost of the electricity company with fixed users versus the number of changing dimensions.

Figure 6 describes the computation cost of the electricity company with fixed users versus the number of changing query dimension. It is easy to find that our scheme incurs less computation cost than Bucketization-based scheme, especially when the query dimension is large in smart grid.

Fig. 7.

The computation time of the data users when the users connected to electricity company change.

Fig. 8.

The computation cost of the data user with fixed users versus the number of changing dimensions.

Computation Cost of Data Users. We compare the computation cost of the data users versus the users’ size in Fig. 7 and the number of query dimension in Fig. 8. From the figures, we can see that our scheme is always in lower computation cost no matter what the users’ size or the dimension is. Our scheme can greatly reduce the computation cost of data users, which is more important for data users in smart grid.

From the aforementioned analysis, We thus conclude that: (1) Our scheme can shorten the response time for a range query, which is significant for smart grid application. (2) As the users’ size and the query dimension increase, the computation cost of the electricity company in our scheme changes little, which is suitable for large-scale smart grid systems. (3) The computation cost in data users’ size in our scheme always keep little. This is very important for the data user who need to audit much electricity usage data in real. Therefore, our scheme is efficient enough and suitable for smart grid application.

9 Conclusion

In this paper, we provide an efficient privacy-preserving scheme for range query in smart grid based on the modified Paillier cryptosystem. We achieved the range query in smart grid without disclosing the privacy of the electricity usage data and queries. The performance shows that our scheme can reduce the computation cost for both the data owner and data users, and shorten the response time of every range query, which is great significance for smart grid application.