Zhang, Xinzhe and Wu, Lei and Xu, Lijuan and Liu, Zhien and Su, Ye and Wang, Hao and Meng, Weizhi (2025) Privacy-preserving and verifiable multi-task data aggregation for IoT-based healthcare. Journal of Information Security and Applications, 89: 103977. ISSN 2214-2126
![[thumbnail of JISAS-D-24-00498_R1]](https://eprints.lancs.ac.uk/style/images/fileicons/text.png)
JISAS-D-24-00498_R1.pdf - Accepted Version
Available under License Creative Commons Attribution.
Download (8MB)
Abstract
The combination of mobile crowdsensing (MCS) and IoT-based healthcare introduces innovative solutions for collecting health data. The considerable accumulation of health data through MCS expedites advancements in medical research and disease prediction, giving rise to privacy considerations. Data aggregation emerges as a salient solution that facilitates the provision of aggregated statistics while obfuscating raw personal data. However, prevailing aggregation schemes primarily pivot around single-task or multi-dimensional data aggregation, rarely contemplating the multi-task aggregation scenarios. Furthermore, in some schemes that implement multi-tasking, protection of task contents and verifiability of aggregation results are not achieved. Therefore, we propose a specialized data aggregation scheme for multi-task scenarios on fog computing. Initially, we employ a symmetric cryptographic algorithm to encrypt task contents and distribute the corresponding symmetric keys through a key management scheme based on the Chinese Remainder Theorem (CRT). Subsequently, we utilize blinding techniques to encrypt the raw data of users, ensuring efficient data aggregation. To enhance resilience against adversarial tampering with aggregated data, we employ the Pedersen commitment scheme to achieve the verifiability of task aggregation results. Finally, theoretical analyses and experimental evaluations collectively demonstrate the security and effectiveness of our proposed scheme.