Indonesi
an
Journa
l
of El
ect
ri
cal Engineer
ing
an
d
Comp
ut
er
Scie
nce
Vo
l.
24
,
No.
1
,
Octo
be
r
2021
,
pp.
42
8
~
443
IS
S
N: 25
02
-
4752, DO
I: 10
.11
591/ijeecs
.v
24
.i
1
.
pp
428
-
44
3
428
Journ
al h
om
e
page
:
http:
//
ij
eecs
.iaesc
or
e.c
om
A
no
ve
l
se
cure biomedic
al d
ata aggre
gation
using f
ull
y
homomorph
ic encryption
in WS
N
Ch
et
hana
G
.
,
Pad
m
aja
K
.
V
.
Depa
rtment
o
f
E
le
c
troni
cs
and
C
om
m
unic
at
ion
E
ngine
er
ing,
RV
Coll
ege
of
En
gi
neer
in
g
,
VTU,
Karna
ta
k
a, I
ndi
a
Art
ic
le
In
f
o
ABSTR
A
CT
Art
ic
le
his
tory:
Re
cei
ved
Oct
6
,
2020
Re
vised
J
ul
29
,
2021
Accepte
d
Aug
4
,
2021
A
new
m
et
hod
of
sec
ure
da
ta
ag
gre
gation
for
de
ci
m
al
da
ta
hav
in
g
int
eg
er
as
well
as
fr
ac
t
ion
al
par
t
using
h
om
om
orphic
enc
r
y
p
ti
on
is
desc
ribe
d
.
Th
e
proposed
homomorphic
enc
r
y
pt
ion
provide
s
addi
ti
on,
s
ubtra
c
ti
on
,
m
ult
ipl
icati
on
,
d
ivi
sion
and
av
er
agi
ng
oper
a
ti
ons
in
the
ci
ph
er
d
om
ai
n
for
both
positi
ve
an
d
nega
ti
v
e
num
ber
s.
The
sch
e
m
e
uses
int
ege
r
m
at
ric
es
in
fini
te
fi
el
d
Zp
as
enc
r
y
p
ti
on
a
nd
dec
r
y
p
ti
on
k
e
y
s
.
An
embedde
d
dig
it
a
l
signat
ure
al
o
ng
with
data
pro
vide
s
data
inte
grity
and
aut
h
e
nti
c
at
ion
b
y
signat
ure
ver
ifi
c
at
ion
at
th
e
rece
ivi
ng
end.
Th
e
proposed
sche
m
e
is
imm
une
to
chose
n
p
la
i
nte
xt
and
cho
sen
ci
ph
ert
ex
t
at
t
ac
ks.
In
t
he
c
ase
of
hom
om
orphic
mul
ti
pl
ic
a
ti
on
,
th
e
ci
ph
ert
ex
t
expans
ion
rat
io
gro
ws
li
near
l
y
with
the
data
siz
e.
The
comput
at
i
onal
complexit
y
of
the
proposed
m
et
hod
for
m
ult
ipl
icati
on
a
nd
divi
sion
is
rel
ative
l
y
le
ss
b
y
22.
87%
c
om
par
ed
to
Brake
rski
and
Vaika
n
ta
na
tha
n
m
et
hod
when
the
size
of
the
pl
ai
n
te
xt
d
at
a
is
te
n
d
ec
ima
l
dig
its
.
Ke
yw
or
ds:
Gen
e
rali
zed i
nverse
Ho
m
om
or
ph
ic
encr
y
ption
Secu
re
data ag
gr
e
gatio
n
Sign m
od
Sign
e
d finit
e
fiel
d
This
is an
open
acc
ess arti
cl
e
un
der
the
CC
B
Y
-
SA
l
ic
ense
.
Corres
pond
in
g
Au
th
or
:
Chetha
na G
.
Dep
a
rtm
ent o
f El
ect
ro
nic
s
and C
omm
un
ic
ation
En
gin
ee
rin
g
RV Colle
ge
of
En
gin
eeri
ng, 8
th Mi
le
, Mysor
e Roa
d,
Be
ng
al
uru
-
5600
59
Affil
ia
te
d
un
de
r
Vis
ves
war
ay
a Tec
hn
ologica
l Un
i
ver
sit
y, B
el
agav
i
, I
nd
ia
Em
a
il
: chethan
ag@rvce
.edu.i
n
1.
INTROD
U
CTIO
N
The
Ba
sic
pu
r
po
s
e
of
data
aggre
gation
(
D
A)
i
n
WSN
is
to
com
bin
e
the
data
c
ollec
te
d
f
ro
m
the
sens
or
no
des
i
nto
a
s
uitable
aggre
gate.
T
he
ag
gr
e
gate
m
a
y
be
s
um
,
avera
ge,
m
in,
m
ax,
m
edian
or
an
y
oth
e
r
m
et
ric
of
t
he
c
ollec
te
d
datase
t.
The
ag
gregat
e
ty
pe
dep
e
nds
on
natu
re
of
the
pro
blem
and
the
re
quirem
ents
of
end
us
e
rs
(E
U
)
.
In
ge
ner
al
,
D
A
el
i
m
inate
s
un
nece
ssary,
i
nc
on
s
eq
ue
ntial
,
red
un
dan
t
a
nd
ou
t
dated
data
values
.
In
m
os
t o
f
the
cases,
DA
com
pr
ess
es the
d
at
a size
w
it
hout
aff
ect
in
g
the
c
or
e i
nfor
m
at
ion
. T
his
i
n
tu
rn
reduces
the
traf
fic
loa
d
from
aggreg
at
or
to
t
he
nex
t
i
nten
ded
de
sti
na
ti
on
th
at
res
ul
ts
in
lo
wer
e
ne
rg
y
c
onsu
m
ption
an
d
conseq
ue
nt inc
rease in
the life
of the
WSN.
-
Sec
ur
e
data
a
ggre
gation
In
t
his
pa
pe
r,
t
he
bio
m
edical
data
li
ke
bo
dy
tem
per
at
ur
e,
pulse
rate,
a
nd
br
eat
h
r
hythm
are
colle
ct
ed
from
wear
able
sens
or
s
al
on
g
with
ad
diti
onal
patho
l
og
ic
al
data
li
ke
bloo
d
press
ur
e
(systoli
c
and
dias
toli
c),
and
bloo
d
s
ugar
,
f
or
ag
grega
ti
on
.
T
he
cl
ust
er
hea
d
(CH)
c
ollec
ts
the
data
from
the
sens
or
s
a
nd
sto
res
t
hem
in
a
rep
ute
d
cl
ou
d
ser
ver
(CS
).
Her
e
,
the
CH
is
the
data
own
er
and
the
a
ggr
egati
on
op
e
rati
on
is
delegate
d
to
the
CS.
E
ven
th
ough
cl
oud
ser
ve
rs
hav
e
buil
t
in
sec
ur
it
y
agai
ns
t
exte
rn
al
t
hreat
s,
a
n
hones
t
bu
t
c
ur
i
ous
i
ns
ide
r
m
ay
acce
ss
the
stored
healt
h
record
s
with
out
authorizat
ion
.
To
pr
e
ve
nt
this,
al
l
the
sensiti
ve
data
are
se
nt
to
CS,
store
d
at
CS
and
sent
out
by
the
CS
in
the
encr
ypt
ed
form
.
T
he
aggre
gate
o
pe
r
at
ion
s
su
c
h
as
su
m,
pr
od
uct,
aver
age
is
et
c.
are
carried
ou
t
in
th
e
CS
.
Secur
e
da
ta
agg
re
gat
io
n
(SDA
)
can
be
i
m
ple
m
ented
us
ing
non
-
hom
o
m
or
ph
ic
or
hom
om
or
ph
ic
m
et
ho
ds.
I
n
t
his
w
ork
we
use
f
ul
ly
ho
m
o
m
or
phic
enc
ryptio
n,
us
i
ng
Evaluation Warning : The document was created with Spire.PDF for Python.
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci
IS
S
N:
25
02
-
4752
A novel
sec
ur
e
biomedic
al dat
a aggre
gati
on
us
in
g
f
ully h
omo
m
or
phic
e
nc
ryptio
n
in
WSN
(
Chethan
a G
)
429
m
at
rix
keys,
to
i
m
ple
m
ent
S
DA.
The
S
DA
op
erati
ons
ba
sed
on
hom
o
m
orp
hic
op
e
rati
on
s
a
re
carrie
d
ou
t
at
the CS.
-
Re
la
te
d
wor
k
T
he
im
pact
of
data
ag
gregati
on
f
ro
m
the
se
ns
or
nodes
int
o
a
s
uitable
a
ggre
gate
is
propose
d
in
2002
[
1
]
.
Ra
ndha
wa
a
n
d
J
a
i
n
[
2]
exp
al
ine
d
c
urr
ent
sta
tus
a
nd
fu
t
ur
e
di
recti
on
s
in
data
a
ggre
gatio
n
in
w
irel
ess
sens
or
n
et
w
orks.
In
[3
]
-
[
5],
the
auth
ors
ha
ve
com
pr
e
he
ns
ively
re
view
ed
s
e
ver
al
sec
ur
e
data
ag
gre
gatio
n
(S
D
A
)
schem
es
wh
ic
h
inc
lud
e
non
-
hom
om
or
phic
as
well
as
ho
m
o
m
or
ph
ic
m
et
hods
.
SDA
us
in
g
ho
m
om
or
ph
ic
m
et
ho
ds
bas
ed
on
m
at
rix
keys
are
des
cribe
d
in
[
6
]
-
[
8].
In
[6
]
,
a
uthors
ha
ve
de
scribe
d
ho
m
om
or
ph
ic
add
it
io
n
ha
ving
ve
ry
good
se
cur
it
y
m
easur
es.
I
n
[
7],
the
a
uthors
ha
ve
pr
esented
hom
om
or
ph
ic
add
it
io
n
of
m
a
trix
data
w
hic
h
is
su
it
able
f
or
dig
it
al
i
m
ages.
In
[8
]
,
a
n
S
DA
sc
hem
e
su
it
able
fo
r
la
r
ge
-
scal
e
wireless
se
nso
r
net
works
is
com
pr
ehe
ns
iv
el
y
descr
ibe
d.
Fu
ll
y
ho
m
om
or
ph
ic
enc
ryption
(FHE
)
s
chem
es
base
d
on
diff
e
r
ent
m
at
he
m
at
i
cal
app
r
oac
hes
are
extensivel
y
descr
ibe
d
in
the
su
r
vey
pa
pe
rs
[9
]
-
[
11
]
.
I
n
these
pap
e
rs,
the
aut
hors
ha
ve
re
viewed
m
os
t
of
the
avail
able
cl
assic
al
and
la
ttice
al
so
kn
ow
n
as
m
a
trix
base
d
FH
E
m
et
ho
d
s
with
appr
opriat
e
co
m
par
ison
am
on
g
th
os
e
m
et
ho
ds.
I
n
[
11
]
,
Ma
rtins
et
al.
hav
e
discusse
d
var
io
us
FH
E
m
et
ho
ds
from
the
eng
in
eerin
g
point
of
view.
I
n
[
12
]
,
Dijk,
et
al.
ha
ve
pr
ese
nted
on
e
of
the
earli
es
t
FH
E
m
et
ho
d
know
n
as
D
G
HV
sch
e
m
e
wh
ic
h
is
ba
sed
on
ba
s
ic
m
od
ular
arit
hm
et
ic
.
Crai
g
[
13]
,
ha
s
pr
opos
e
d
F
H
E
us
in
g
ideal
la
tt
ic
es
with
squa
sh
in
g
te
ch
niqu
e
that
per
m
it
s
bootstra
pp
i
ng.
In
[14],
the
a
ut
hors
ha
ve
pr
e
sente
d
FH
E
w
hich
use
s
sho
rter
publ
ic
keys.
In
[
15]
,
Bra
ker
s
ki
a
nd
Vaika
ntan
at
ha
n
(BV
)
hav
e
re
al
iz
ed
F
H
E
with
re
-
li
near
iz
at
ion
a
nd
dim
ension
r
edu
ct
io
n
te
c
hniqu
es
t
o
im
pr
ov
e
the
perform
ance
of
F
HE.
Be
cause
of
dim
ensi
on
reducti
on
te
ch
nique,
the d
ec
r
ypti
on
proce
ss is
relat
ively
fas
t.
H
ow
e
ve
r,
i
n
BV
m
et
ho
d,
th
e
plainte
xt
is
a
b
it
(
0
or
1).
Hedgli
n
ph
il
li
ps
an
d
rei
ll
ey
(H
PR)
[16
]
,
hav
e
de
velo
ped
F
HE
di
rec
tl
y
fo
r
integers
wh
ere
by
co
nv
ersio
n
from
integers
t
o
bin
a
ry
an
d
vi
ce
-
ve
rsa
a
re
a
voide
d.
HP
R
m
et
hod
is
c
om
pu
ta
ti
on
al
ly
ex
pe
ns
ive
.
I
n
[
17
]
,
[
18
]
,
auth
or
s
ha
ve
di
scusse
d
on
F
PGA
ba
sed
fu
l
ly
ho
m
o
m
or
ph
ic
encr
ypti
ons
.
They
ha
ve
prov
i
ded
so
l
utio
ns
f
or
achievin
g
lo
w
-
com
plexity
ho
m
o
m
or
ph
ic
op
erati
on
s for
F
H
E,
co
nver
ging o
n
t
he
ha
r
dw
a
r
e
i
m
ple
m
entat
i
on.
I
n
[19
]
-
[
23]
,
aut
hors
ha
ve
discuss
e
d
on
pri
vacy
pr
es
er
vin
g
a
ggre
gatio
n
te
ch
niques
for
non
-
ho
m
om
or
ph
i
c
m
et
ho
ds.
Wh
e
reas
in
our
pr
opos
e
d
rese
arc
h
w
ork,
ne
w
pri
vacy
preser
vi
ng
m
et
ho
d
for
fu
ll
y
ho
m
omor
phic
aggre
gation
f
unct
ions
a
re
dis
cusse
d
a
nd
is
r
eal
iz
ed
us
i
ng
s
of
t
war
e
w
hich
can
be
sc
al
ed
up
ef
fortl
essly
at
low
com
pu
ta
ti
on
al
cost.
2.
P
R
OP
OSE
D MET
HO
D
In
our
pro
pose
d
w
ork,
a
nov
e
l
secur
e
data
a
ggre
gation
sc
hem
e
based
on
ho
m
om
or
ph
ic
op
e
rati
ons
is
descr
i
bed.
T
he
schem
e
is
design
at
ed
a
s
ho
m
o
m
or
ph
ic
-
s
e
cur
e
d
at
a
a
ggr
egati
on
(
H
SDA
).
The
basic
la
yout
of
HSDA
is as
s
how
n
i
n
F
i
gure
1.
Figure
1. Lay
out o
f
hom
o
m
or
ph
ic
secu
re
dat
a ag
gr
e
gatio
n
(
HSDA
)
2.1.
B
as
ic
la
yout o
f hom
om
orph
ic
secure
da
t
a a
ggreg
at
i
on
In
F
i
gure
1,
th
e
c
luster
h
ea
d
(
CH)
colle
ct
s
th
e
vital
data
fr
om
senso
rs
a
nd
it
is
the
data
ow
ne
r
.
It
al
s
o
hous
es
the
E
ncr
y
pter,
Key
Gen
e
rati
on
/St
or
a
ge
U
nit
an
d
oth
e
r
nece
s
sary
hard
war
e
and
s
of
twa
re
.
The
encr
y
pted
data
is
sent
and
st
ored
in
t
he
CS.
The
CS
bl
oc
k
ho
l
ds
the
e
ncry
pted
data
in
a
ppr
opriat
e
ta
bles
wit
h
Rep
ly
Qu
ery
Ou
tp
u
t
Inp
u
t
CLUST
ER H
EAD
End
User (EU
)
C
E
{i}
Q
R = Ran
d
o
m
izatio
n
ter
m
S =
Sig
n
atu
re
p
a
ra
m
e
te
r
G
C
=
Q
*
E
{
i
}
(E
n
cr
y
p
ter)
Clo
ud Server
(CS
)
Decr
y
p
ter
Key
Gen
eration
an
d
Key
Sto
rage Unit
Ap
p
en
d
R an
d
S
Qu
er
y
Gen
erator
Encry
p
ted
Stor
ag
e
Qu
ery Process
in
g
Ho
m
o
m
o
rph
ic Uni
t
D
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2502
-
4752
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci,
Vo
l.
24
, N
o.
1
,
Oct
ober
20
21
:
42
8
-
44
3
430
su
it
able
la
bels
.
The
hom
o
m
or
phic
un
it
is
i
m
ple
m
ented
in
CS
us
in
g
t
he
python
s
oft
wa
r
e.
CS
has
the
qu
e
ry
processi
ng
unit
that
acce
pts
qu
eries
f
ro
m
E
Us
an
d
ge
ner
at
es
the
cor
re
spo
nd
i
ng
r
esp
onse
after
ho
m
om
o
rphic
op
e
rati
ons
an
d
then,
se
nd
s
ba
ck
the
co
rr
ect
rep
li
es
to
the
EUs.
T
he
quer
y
and
re
ply
are
al
so
in
the
en
crypted
form
.
The
EU
s
can
be
Do
ct
or
s
,
Sp
eci
al
ist
s
or
a
ny
auth
ori
zed
e
ntit
ie
s.
The
E
U
unit
hous
es
the
de
cryp
te
r
wh
ic
h
decr
y
pts
the
re
plies
f
r
om
ho
m
o
m
or
phic
unit
to
get
the
fi
nal
res
ult
in
t
he
plainte
xt
f
or
m
at
.
A
ddit
ion
al
detai
ls ab
ou
t t
he
workin
g of t
he
v
a
rio
us
un
it
s
of
F
ig
ur
e
1 wil
l be
unveile
d s
ub
s
eq
ue
ntly
.
2.2.
S
ymbols
,
def
ini
ti
on
s
an
d not
at
i
on
s
Our
pro
pose
d
m
et
ho
d
H
SDA
us
es
m
od
ular
arit
hm
e
ti
c
op
erati
on
s
i
nvolvi
ng
ve
ct
ors
an
d
m
at
rices
with
posit
ive
a
nd
negat
ive
de
cim
al
nu
m
ber
s
.
Vecto
rs
an
d
m
at
rices
are
rep
rese
nted
by
sy
m
bo
ls
in
bo
l
d
capit
al
fonts. Sca
la
r v
ariables a
re
r
ep
resen
te
d
in
no
r
m
al
f
on
t.
2.2.1.
M
od
ul
ar
a
ri
t
hmetic
f
or
si
gn
ed
inte
gers
A
hom
o
m
or
ph
ic
encr
ypti
on
s
yst
e
m
that
us
es
su
bt
racti
on
s
hould
be
able
to
ha
nd
le
bo
t
h
po
sit
ive
a
s
well
as
neg
at
i
ve
num
ber
s
a
s,
the
res
ult
of
subtract
io
n
of
tw
o
nu
m
ber
s
can
be
pos
it
iv
e
or
ne
gative.
I
n
conve
ntion
al
m
od
ular
arit
hm
et
ic
Z
p
,
all
the
el
e
m
ents
are
in
the
ra
nge
0
to
(
p
‒1)
a
nd
he
nce
they
are
po
sit
ive
.
In
cry
ptogra
ph
y,
p
is
a
la
rg
e
pr
im
e
nu
m
be
r.
I
n
this
w
ork
,
sign
e
d
fi
nite
fiel
d
(S
F
F)
m
odular
a
rithm
e
ti
c
is
introd
uced
to
t
ake
care
of
po
sit
ive
as
well
as
neg
at
ive
int
eger
s
.
Co
nv
e
nt
ion
al
m
od
ular
arit
hm
etic
is
u
sed
in
conve
nti
on
al
fi
nite
fiel
d
(CFF
)
Z
p
.
In
Z
p
,
the
range
of
integ
ers
is
from
0
t
o
(
p
‒
1).
Wh
e
n
neg
at
ive
i
ntege
rs
are
involve
d,
t
he
Sign
e
d
Fi
nite
Fiel
d,
ab
brevi
at
ed
as
SF
F
p
is
us
ed
.
T
he
r
ang
e
of
intege
rs
in
S
FF
p
is
from
–
floo
r
(
−
1
2
)
to
+
f
loor
(
−
1
2
)
.
T
a
ble 1 sh
ow
s
the
co
m
par
iso
n betwee
n C
FF
an
d SFF
.
Table
1.
C
om
par
iso
n of CFF
and SF
F
Co
n
v
en
tio
n
al Finite Field
(
CF
F)
Sig
n
ed
Finite Field
(
SFF
)
Sy
m
b
o
l
Z
p
SFF
p
Ran
g
e
Integ
ers fro
m
0 to
(p
-
1)
Integ
ers fro
m
–
f
lo
o
r
(
−
1
2
)
to
+f
lo
o
r
(
−
1
2
)
No
.
o
f
ele
m
en
ts in
rang
e
p
p
Rep
resentatio
n
of
an
ar
b
itrar
y
in
teg
er
‘x’
y
= (
x
m
o
d
p
)
=
x
‒
floo
r
(
)
∗
y
=
x
‒
round
(
)
∗
Matlab f
u
n
ctio
n
y
=
m
o
d
(
x
,
p
)
[
b
u
ilt in f
u
n
ctio
n
]
y
=
sig
n Mo
d
(
x
,
p
)
[
User def
in
ed
]
w
he
n
x
is a sca
la
r
intege
r, sig
nMod
(
x
,
p
) i
s
def
i
ned as,
sign
M
od (
x
,
p
)
=
x
‒
round
(
)
∗
(1)
T
he defi
niti
on
is exten
de
d
f
or
a
n
i
ntege
r vect
or or m
at
rix
X
as,
si
gn
M
od (
X
,
p
)
=
X
‒ r
ound (
X
/
p
) *
p
;
The
sig
nM
od
op
e
rati
on
is
a
pp
li
ed
t
o
al
l
the
in
div
i
du
al
el
e
m
ents
of
m
at
rix
X
to
get
the
m
at
r
ix
sign
M
od(
X
,
p
)
.
The
siz
es
of
X
and
si
gn
M
od(
X
,
p
)
are
sa
m
e
.
Exam
ple
1
dem
on
strat
es
the
di
ff
e
ren
ce
be
twee
n
CFF
and
S
FF
values
.
Examp
le
1
:
Her
e,
p
=
11
.
I
nte
ger
va
riable
x
var
ie
s
from
0
to
2
2
and
the
c
orres
pondin
g
equ
i
valent
val
ues
i
n
CFF
give
n
by
y
=
m
od
(
x
,
p
)
an
d
i
n
S
FF
giv
e
n
by
z
=
si
gn
M
od(
x
,
p
)
are
as
show
n
i
n
Table
2.
Table
2.
y
= m
od(
x
,
p
)
a
nd
z
= sig
nMod(
x
,
p
)
v
al
ues for
p
= 11 a
nd for
x
= 0
t
o
22
x
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
y
0
1
2
3
4
5
6
7
8
9
10
0
1
2
3
4
5
6
7
8
9
10
0
z
0
1
2
3
4
5
‒
5
‒
4
‒
3
‒
2
‒
1
0
1
2
3
4
5
‒
5
‒
4
‒
3
‒
2
‒
1
0
Fr
om
(
1) a
nd f
ro
m
Tab
le
2
, it
can be
seen
th
at
,
signMo
d
(
,
)
=
{
mo
d
(
,
)
,
whe
n
0
≤
mod
(
,
)
≤
floo
r
(
/
2
)
mo
d
(
,
)
−
.
whe
n
mod
(
x
,
p
)
>
floor
(
/
2
)
It ca
n be
ver
ifi
ed
that t
he foll
ow
i
ng d
ist
ri
bu
t
ive pr
op
e
rty
which
holds
go
od
for
m
od
(
…)
al
so
ho
l
ds
good
for
sign
M
od(…
)
a
s,
sign
M
od(
a
±
b
,
p
)
=
sig
nMod
(signMo
d(
a
,
p
)
±
si
gn
M
od(
b
,
p
)
,
p
)
sign
M
od(
a
*
b
,
p
)
= si
gn
M
od(
sign
M
od(
a
,
p
)
*s
ig
nMod
(
b
,
p
),
p
)
The
ab
ove
ide
ntit
ie
s
ho
ld
good
for
both
posit
ive
and
negat
ive
integer
va
lues
of
a
an
d
b
as
well
as
wh
e
n
a
an
d
b
are
inte
ger
m
atr
ic
es.
An
obvi
ou
s
,
but
interes
ti
ng
pro
per
ty
of
sigM
od(
x
,
p
)
and
m
od
(
x
,
p
),
w
he
n
x
= 1 i
s,
Evaluation Warning : The document was created with Spire.PDF for Python.
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci
IS
S
N:
25
02
-
4752
A novel
sec
ur
e
biomedic
al dat
a aggre
gati
on
us
in
g
f
ully h
omo
m
or
phic
e
nc
ryptio
n
in
WSN
(
Chethan
a G
)
431
sign
M
od(
1,
p
)
= m
od
(
1,
p
)
=
1
,
ass
um
ing
p
>
1.
Si
m
il
arly
,
wh
e
n
the
ar
gum
ent
is an
ide
ntit
y m
at
rix
×
,
signMod
(
×
,
)
=
mod
(
×
,
)
=
×
n
,
a
ss
um
in
g
>
1
.
2.2.2.
Decr
ypt
ion m
at
ri
ces
The
dec
ryptio
n
m
at
rix,
desig
na
te
d
by
D
is
a
n
i
ntege
r
m
at
ri
x
of
siz
e
×
where
∈
Z
p
×
.
He
re
m
is cho
se
n
to b
e
g
reater tha
n
n
and
the elem
ents o
f
D
are cho
sen
su
c
h
that rank(
D
)
=
n
.
Th
e v
al
ue
of
n
de
pends
on
t
he
siz
e
of
the
plainte
xt
da
ta
el
e
m
ent
to
be
enc
rypte
d.
Her
e
,
D
is
a
ta
ll
m
a
trix
an
d
it
has
it
s
le
ft
m
odula
r
inv
e
rse [2
4] d
e
sign
at
e
d by
A
s
uch tha
t,
m
od
(
A
*
D
,
p
)
=
×
(
2
)
Her
e
∈
×
an
d
is
giv
en
b
y,
=
left
−
=
(
∗
)
−
∗
T
(
in
mod
p
)
(
3
)
Her
e
,
m
at
rix
A
is
t
he
Mo
or
e
-
Penrose
i
nvers
e
[25]
of
D
in
Z
p
and
D
T
is
t
he
tra
ns
pose
of
D
.
F
or
a
give
n
f
ull
rank
D
,
it
s
Moore
-
Penr
os
e
i
nv
e
rse
is
uniq
ue
a
nd
is
giv
e
n
by
(
3)
wh
e
r
e
(
∗
)
−
is
the
m
odul
ar
m
at
rix
inv
e
rse
of
(
∗
)
.
Whe
n
m
ulti
ple
inv
e
rses
a
re
need
e
d,
t
hey
are
ge
ne
rated
us
in
g
t
he
null
sp
ace
of
D
.
Since
D
is a
tal
l
m
at
rix,
it
h
a
s left
null
sp
ace
[
25
]
.
Let
m
a
trix
F
re
pr
ese
nts t
he
m
odular
left n
ull
sp
ace
of
D
.
The
n,
m
od
(
F
*
D
,
p
)
=
(
−
)
Her
e
, th
e
size
of
F
is (
m
‒
n
) *
m
. Wh
en
the
re
is n
o
am
bi
gu
it
y, the a
bove
e
quat
ion can
be
wr
it
te
n
as
,
F
*
D
=
(
−
)
(
4
)
F
is
obta
ined
usi
ng the m
odular
li
near al
ge
bra
.
2.2.3.
E
ncry
pti
on
m
at
ri
ces
The
e
ncr
y
pti
on
m
at
rix,
desig
nated
by
E
is
an
intege
r
m
atr
ix
of
siz
e
×
,
wh
e
re
m
at
rix
E
∈
Z
p
n
×
m
.
Ma
tr
ix
E
is
c
onstr
ucted
su
c
h
that
∗
=
×
.
Ma
t
rix
E
is
de
rive
d
from
A
and
F
as
f
ollows.
C
onside
r
(4)
and pre
-
m
ulti
ply bo
th
sides
of
(
4)
by a
n
ar
bitrary r
an
dom
integer
m
at
rix
(
−
)
th
at
b
el
ongs t
o
×
(
−
)
.
The
n,
(
−
)
∗
(
∗
)
(
−
)
=
(
−
)
∗
(
−
)
=
(5)
In
(
5) can
b
e
r
e
wr
it
te
n
as
,
(
∗
)
∗
=
(6)
Now, co
ns
i
der
(2) whic
h
ca
n be e
xpresse
d
a
s,
∗
=
×
(7)
The
siz
e
of
the
LH
S
of
(6)
a
s
well
as that
of
(7)
is
n
x
n
. T
he
refor
e
, on ad
di
ng (7) an
d (
6)
,
we get
,
∗
+
(
∗
)
∗
=
×
This is
rewrit
te
n
as
,
(
+
∗
)
∗
=
×
(8)
Let
the m
at
rix
su
m
(
+
∗
)
be den
ote
d by m
at
rix
E
as
,
=
+
∗
(
9
)
Fr
om
(
8) a
nd (9),
∗
=
×
(10)
Ma
trix
E
that
sat
isfie
s
(
10
)
i
s
cal
le
d
the
ge
ner
al
iz
ed
i
nv
e
r
se
[25]
of
D
a
nd
is
giv
e
n
by
(
9
).
Si
nce
E
dep
e
nds
on
W
wh
ic
h
is
rand
om
m
at
rix
that
can
ta
ke
dif
fer
e
nt
disti
nct
valu
es,
E
al
so
can
ta
ke
dif
fer
e
nt
va
lues.
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2502
-
4752
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci,
Vo
l.
24
, N
o.
1
,
Oct
ober
20
21
:
42
8
-
44
3
432
The
m
at
rix
W
has
n
×(
m
‒
n
)
el
e
m
ents
wh
ic
h
belo
ng
to
Z
p
. E
ach
el
em
ent
can
ta
ke
p
disti
nc
t
values
from
0
to
(
p
‒
1)
a
nd
th
us
t
heoreti
cal
ly
,
th
e
num
ber
of
possible
disti
nct
ways
i
n
w
hich
W
ca
n
be
c
on
structed
is
p
×
(
−
)
.
Let
us
re
pr
ese
nt
the
i
th
instan
ce
of
W
by
W
{
i
}
wh
er
e
i
can
ta
ke
value
s
in
t
he
ra
nge
1
to
×
(
−
)
.
The
n
from
(
9)
, t
he
c
orres
pondin
g
E
{
i
} ca
n be
rewrit
te
n as,
E
{
i
} =
A
+
W
{
i
}*
F
(1
1
)
for
i
=
1
t
o
×
(
−
)
.
I
n t
erm
s o
f
the
i
th
ver
si
on of
E
,
in
(
1
0
)
can
b
e
re
wr
it
te
n
as
,
E
{
i
}*
D
=
×
(1
2
)
We
us
e
E
{
1},
E
{2},
…,
E
{
i
},…
as
the
e
ncr
y
ption
m
atr
ic
es
w
hich
ar
e
obta
ine
d
f
r
om
(1
1
),
by
corres
pondin
gly
ch
o
o
s
i
ng
W
{1},
W
{2},
…,
W
{
i
}
an
d
so
on.
F
or
good
secur
it
y
we
c
hoose
W
{
i
}
su
ch
that
E
{
i
}
is
no
n
-
s
pa
r
se.
Th
ere
is
no
ri
gid
r
ule
in
sel
ect
ing
the
or
de
r
W
{1},
W
{2},…
,
W
{
i
}.
The
first
ra
ndom
l
y
sel
ect
ed
W
is
de
no
te
d
as
W
{1},
the
sec
ond
one
as
W
{2},
t
he
i
th
on
e
is
cal
le
d
W
{
i
}.
The
i
nten
ti
on
of
gen
e
rati
ng
dif
f
eren
t
E
{
i
}’s
is
to
us
e
dissim
i
la
r
E
{
i
}’s
for
su
ccess
i
ve
enc
ryptio
ns
to
av
oid
ch
os
e
n
pla
in
te
xt
at
ta
ck
.
E
{
i
}’s a
re th
e
left m
od
ula
r
in
verses
[24] of
D
.
Securi
t
y
of
t
he
Encr
yptio
n
Keys
:
By
knowin
g
the
de
crypti
on
key
D
,
the
e
ncr
y
ption
key
E
{
i
}
cannot
be
de
te
rm
ined
as
t
here
are
×
(
−
)
possi
ble
values
f
or
E
{
i
}.
T
he
pro
ba
bi
li
ty
of
c
orrect
gu
e
ssin
g
t
he
pr
ese
nt
E
{
i
}
is
thu
s
1
×
(
−
)
w
hich
w
il
l
be
a
ver
y
s
m
al
l
fr
act
ion
w
hen
p
a
nd
(
m
‒
n
)
a
re
la
r
ge.
I
n
our
e
xam
ples
(
m
‒
n
)
is
ta
ken
as
2.
Larg
e
r
va
lues
of
p
an
d
(
m
‒
n
)
can
pro
vid
e
hi
gh
e
r
de
gr
ee
of
sec
ur
it
y
fo
r
the
enc
rypti
on
key.
I
n
e
xam
pl
e
2
,
tw
o
sam
ple
s
of
W
{
i
}’
s
and
t
he
c
orres
pondin
g
E
{
i
}’
s
are
ge
ne
rated
for
a
gi
ve
n
D
and
it
is sh
own
t
hat the
pro
du
ct
of e
ncr
y
ption key
and the
dec
ryp
ti
on
key res
ults
in
the
ide
ntit
y m
at
r
ix.
Example
2
:
Le
t
m
= 3
, n =
2 a
nd the m
odulus p
=
11 a
nd
D
=
[
1
2
3
5
10
7
]
.
he
m
od
ular n
ull space
of
D
is f
ound
to b
e
,
F
=
[7, 9
, 1
]
.
U
si
ng (3),
m
at
rix
A
is f
ound to be,
=
(
∗
)
−
∗
=
[
8
3
5
10
8
1
]
.
Let
u
s ta
ke
W
{1} as
{
1
}
=
[
4
7
]
.
The
n usin
g (11
),
we get
{1} a
s
{
1
}
=
[
8
3
5
10
8
1
]
+
[
4
7
]
∗
[
7
9
1
]
=
[
36
39
9
59
71
8
]
.
Af
te
r
takin
g
t
he
m
od
w
it
h
p
=
11,
m
at
rix
{
1
}
=
[
3
6
9
4
5
8
]
.
Now, i
t can
be verifie
d
th
at
{
1
}
∗
=
[
3
6
9
4
5
8
]
∗
[
1
2
3
5
10
7
]
=
[
111
99
99
89
]
(
11
)
=
[
1
0
0
1
]
.
Si
m
il
arly
, taki
ng
{2} =
[
8
6
]
,
m
a
trix
{2} is
fou
nd
to b
e
,
{
2
}
=
[
9
9
2
8
7
7
]
.
It can
b
e
v
e
rifi
ed
that
{
2
}
∗
=
[
9
9
2
8
7
7
]
∗
[
1
2
3
5
10
7
]
=
[
56
77
99
100
]
(
11
)
=
[
1
0
0
1
]
2.2.4.
Repre
se
nt
ati
on
of dat
a to be e
ncry
p
ted
In
HSDA
,
the
data
to
be
e
nc
rypted
a
re
bi
o
-
m
edical
sa
m
pl
es
li
ke
BP,
su
gar
le
vel,
puls
e
rate,
bo
dy
tem
per
at
ur
e
a
nd
so
on.
T
he
a
ct
ual
values
m
ay
be
intege
rs
for
BP
m
easur
e
m
ents
or
dec
i
m
al
nu
m
ber
s
with
fr
act
io
nal
par
t
s
f
or
bo
dy
tem
per
at
ure
(i
n
Fa
hren
heit
)
m
easur
em
ent
s
.
I
n
our
w
ork
,
the
fi
xed
-
po
i
nt
represe
ntati
on
for
decim
a
l
nu
m
ber
s
is
us
e
d
.
Fo
r
the
i
ntege
r
pa
rt,
L
dig
it
s
are
us
ed
an
d
f
or
t
he
fr
act
io
na
l
par
t
,
K
dig
it
s a
re
use
d
as
sho
wn
in
(13).
C
onside
r
a d
eci
m
al
n
umber
r
e
pr
ese
nted
b
y
g
(
L
, K
)
as
f
ollows.
(13)
Her
e
,
t
he
wei
ghts
of
t
he
i
nte
ger
par
t
are
[
10
L
−
1
,
10
L
−
2
,
…
,
10
0
]
a
nd
th
e
weig
hts
of
the
f
racti
on
al
par
t
a
re
[
10
−
1
,
10
−
2
,
…
,
10
−
]
in
tha
t
order.
T
he
c
on
cat
e
nated
w
ei
gh
t
vecto
r
re
pr
ese
nted
by
V
(
L,
K
)
is
def
i
ned as,
(
,
)
=
[
10
−
1
,
10
−
2
,
…
.
,
10
0
,
10
−
1
,
10
−
2
,
…
,
10
−
]
(
14)
Evaluation Warning : The document was created with Spire.PDF for Python.
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci
IS
S
N:
25
02
-
4752
A novel
sec
ur
e
biomedic
al dat
a aggre
gati
on
us
in
g
f
ully h
omo
m
or
phic
e
nc
ryptio
n
in
WSN
(
Chethan
a G
)
433
In
(
14)
s
up
e
rsc
ript
T
re
pr
ese
nt
s
trans
pose
operati
on
.
T
he
si
ze
of
col
um
n
ve
ct
or
V
(
L,
K
)
i
s
(
L
+
K
)x1.
T
he
e
quivale
nt
r
ow
vect
or
of
g,
re
pr
ese
nted
by
G
(
L
,
K
)
be
def
i
ned as,
G
(
L
,
K
)
=
[
g
(
1),
g
(
2),
----
,
g
(
L
),
g
(
L
+
1)
,
g
(
L
+
2),
-
---
,
g
(
L
+
K
)]
(15)
In
(
14)
a
nd
(
15)
,
pa
ram
et
er
L
re
pr
ese
nts
th
e
le
ng
t
h
of
th
e
integer
pa
rt
in
dig
it
s
,
w
hile
the
le
ngth
of
the f
racti
onal
part i
s r
epr
ese
nt
ed
by
K
. V
ect
or
G
(
L
,
K
)
is a v
ect
or
of size 1
x(
L
+
K
).
Eac
h
el
e
m
ent o
f
G
(
L
,
K
)
is
a
decim
al
dig
it
in
the
ra
nge
0
to
9.
I
n
(
15)
i
m
plies
that
the
j
th
el
em
ent
of
G
(
L
,
K
)
is
ob
ta
i
ned
a
s
the
j
th
decim
al
dig
it
of
g
,
for
j
=
1
to
(
L
+
K
),
c
ounti
ng
f
ro
m
le
ft
to
rig
ht,
i
gnori
ng
the
decim
al
po
int.
Th
us
,
vec
tor
G
(
L
,
K
)
is
the
e
qu
i
valent
row
vecto
r
of
deci
m
al
nu
m
be
r
g
(
L
,
K
)
.
T
he
process
of
gener
at
ing
vecto
r
G
(
L
,
K
)
from
g
(
L
,
K
)
c
an be cal
le
d as
the d
eci
m
al
d
igit
d
ec
om
po
sit
ion
.
F
ro
m
(
13)
,
(14) a
nd (1
5)
,
it
can
be
see
n
t
hat,
g
(
L
,
K
)
=
G
(
L
,
K
) *
V
(
L
,
K)
(
16)
In
(
16)
,
the
siz
e
of
g
is
(
1x(
L
+
K
))
x((
L
+
K
)
x1
=
1
wh
ic
h
is
a
scal
ar.
W
he
n
there
is
no
am
big
uity
,
g
is
us
e
d
in
place o
f
g
(
L
,
K
). E
xam
ple
3 i
ll
us
trat
es the
r
epr
ese
ntati
on
of a
decim
al
n
um
ber
b
y i
ts eq
uiv
al
ent
r
ow vec
tor.
Example
3
.
Le
t
the
giv
e
n
dec
i
m
al
nu
m
ber
be,
g(4
,
4)
=
23
45
•
6789
,
Her
e
,
L
=
4
a
nd
K
=
4
.
T
he
n,
G
(
4,
4)
=
[2,
3,
4,
5,
6,
7,
8,
9].
I
n
t
his
case,
V
(4,
4)
=
[
10
3
,
10
2
,
10
1
10
0
,
−
,
−
,
−
−
]
.
From
G
(
4,
4)
and
V
(4,
4),
the
decim
al
eq
uiv
al
ent
g
is
ca
lc
ulate
d
as,
g
=
G
(
4, 4)*
V
(
4,
4) =
[2,
3,
4,
5, 6,
7,
8, 9]
*
[
10
3
,
10
2
,
10
1
,
10
0
,
−
,
−
,
−
,
−
]
=
2
∗
10
3
+
3
∗
10
2
+
4
∗
10
1
+
5
∗
10
0
+
6
∗
10
−
1
+
6
∗
10
−
2
+
8
∗
10
−
3
+
9
∗
10
−
4
=
2345•6
789.
I
n
our
pr
opos
e
d
m
et
ho
d
,
H
S
DA,
we
us
e
int
eger
r
o
w
vect
ors
li
ke
G
(
L
,
K
)
as
t
he
basic
pl
ai
ntext
data
to
be
e
ncr
y
pte
d.
Dep
e
ndin
g
on
t
he
natur
e
of
the
pro
blem
,
the
le
ngth
of
t
he
r
ow
vect
or
i
s
fixe
d
at
(
L
+
K
)
.
T
he
values
of
L
a
nd
K
are
desi
gn
er’
s
decisi
on
and
dep
e
nd
on
the
range
of
th
e
data
values
of
the
pro
blem
unde
r
consi
der
at
io
n.
2.2.5.
Repre
se
nt
ati
on
of a ne
gative
decimal
number
Let
h
be
a
neg
at
ive
decim
al
nu
m
ber
as
h
=
‒
g
an
d
le
t
G
(
L
,
K
)
be
the
row
vect
or
w
hic
h
is
equ
i
valent
of
g
.
T
he
n,
obviously
,
H
(
L
,
K
)
=
row
ve
ct
or
of
h
=
‒
G
(
L
,
K
)
.
As
a
n
ex
am
ple
,
l
et
h
=
‒
567.2
3.
The
n,
H
(
3,
2)
=
‒
[5,
6,
7,
2,
3].
Fr
om
H
(3,
2),
the
c
orre
sp
on
ding
deci
m
al
nu
m
ber
h
is
ob
ta
ine
d
bas
ed
on
(
16
)
as,
h
=
H
(
3,
2)*
V
(
3,
2)
=
‒
[5,
6,
7,
2,
3]
*[100,
10,
1,
0.1,
0.0
1]
T
=
‒(
500
+
60+7+
0.2+
0.0
3)
=
‒567.
23
.
No
te
t
hat,
‒ [
5,
6, 7,
2,
3] =
[‒5, ‒
6, ‒7,
‒2, ‒
3]
.
In
ge
ne
ral,
the
range
of
the
el
e
m
ents
of
a
r
ow
vecto
r
c
orre
sp
on
ding
t
o
a
po
sit
i
ve
or
ne
ga
ti
ve
decim
a
l
nu
m
ber
,
is ‒9 t
o
+
9.
A fe
w num
erical
ex
am
p
le
s ar
e s
how
n
i
n
Ta
ble
3
f
or
L
= 6.
Table
3.
R
ow
vecto
r
re
presen
ta
ti
on
of
decim
al
n
um
ber
s
Sl.
No
.
Ro
w Vec
to
r
G
(
L
,
K
)
o
f
size 1x
(
L
+
K
)
with
L
=
6 an
d
K
= 4
Ro
w E
le
m
en
ts
→
g
(1)
g
(2)
g
(3)
g
(4)
g
(5)
g
(6)
g
(7)
g
(8)
g
(9)
G(10
)
Deci
m
a
l weigh
ts
→
10
5
10
4
10
3
10
2
10
1
10
0
10
‒
1
10
‒
2
10
‒
3
10
‒
4
Deci
m
a
l nu
m
b
er
(
g
)
↓
Integ
er
p
art
Fraction
al part
1
2
3
5
.46
0
0
0
2
3
5
4
6
0
0
2
9
9
9
9
9
9
.9999
(
+v
e m
a
x
)
9
9
9
9
9
9
9
9
9
9
3
‒
8
9
.0305
0
0
0
0
‒
8
‒
9
0
‒
3
0
‒
5
4
‒
9
9
9
9
9
9
.9
9
9
9
(
‒
v
e
m
ax
)
‒
9
‒
9
‒
9
‒
9
‒
9
‒
9
‒
9
‒
9
‒
9
‒
9
5
4
6
8
0
3
9
4
6
8
0
3
9
0
0
0
0
6
0
.38
0
0
0
0
0
0
3
8
0
0
If
t
he
nu
m
ber
of
decim
al
dig
it
s
of
the
i
ntege
r
pa
rt
is
le
ss
t
ha
n
L
,
le
adi
ng
z
ero
s
are
i
ns
e
rted
s
uch
that
the total
num
ber
d
eci
m
al
d
igit
is equ
al
to
L
. Sim
il
arly
,
if the n
um
ber
of
di
gits in the
fr
act
ion
al
par
t i
s les
s than
K
,
trai
li
ng
zer
os
are
ap
pe
nd
e
d
to
m
ake
it
e
qu
al
to
K
.
F
or
exam
ple,
in
Table
3,
f
or
S
e
ri
al
N
o.
1
with
data
=
235.4
6,
th
ree
le
adin
g
zer
os
and
tw
o
trai
li
ng
zero
s
are
in
se
rted.
F
or
S
e
ria
l
N
o.
3
with
da
ta
=
‒8
9.0
305
f
ou
r
le
ading zer
os
a
re in
se
rted
.
2.2.6.
E
ncry
pti
on
of
d
ata
Let
the
data
to
be
e
ncr
ypte
d
be
de
ci
m
a
l
nu
m
ber
g
wh
i
ch
can
be
pos
it
ive
or
ne
gative,
w
hich
is
represe
nted
by
it
s
row
vector
eq
uiv
al
ent
G
(
L
,
K
)
of
siz
e
1x(
L
+
K
).
T
his
G
(
L
,
K
)
is
ext
end
e
d
by
ap
pe
ndi
ng
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2502
-
4752
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci,
Vo
l.
24
, N
o.
1
,
Oct
ober
20
21
:
42
8
-
44
3
434
rand
om
scal
ar
el
e
m
ent
R
for
enc
ryptio
n
proces
s
an
d
sca
la
r
el
e
m
ent
S
represe
nting
dig
it
al
sign
at
ure
f
or
sign
at
ur
e
ve
rifi
cat
ion
process
to g
et
t
he
R
ea
dy
to
E
ncr
ypt
V
ect
or
Q
as
,
Q
=
[
G
(
L
,
K
)
,
R
,
S
]
= [
G
,
R
,
S
]
(17)
Wh
e
n
t
her
e
is
no
am
big
uity
,
G
(
L
,
K
)
is
re
fe
rr
e
d
as
G
for
e
asy
wr
it
in
g.
In
(
17
)
,
Q
is
the
aug
m
ented
ver
si
on
of
G
and
the
siz
e
of
Q
is
1x
(
L
+
K
+
2),
beca
us
e
tw
o
extra
el
em
ents
are
app
e
nd
e
d
to
Q
.
Ele
m
e
nt
R
is
the
ra
ndom
iz
ing
el
em
ent
and
S
is
the
sig
natu
re
el
em
ent.
Both
o
f
them
belong
t
o
SF
F
p
\
{0
}.
The
pur
pose
of
R
and
S
an
d
t
he
s
el
ect
ion
of
t
heir val
ues wil
l be
disc
us
se
d
in
s
ect
ion
3A(i).
In
HSD
A,
t
he
siz
e
of
th
e
enc
ryptio
n
vecto
r
say
E
{1},
is
n
×
m
a
nd
in
t
he
desi
gn
of
encr
y
ption
/
dec
ryptio
n
sc
hem
e
,
n
is c
ho
se
n
e
qual
to
L
+
K
+2
. T
hat is,
n
=
L
+
K
+
2
(
18)
The
n
the
siz
e
of
Q
is
1×
n
{
w
hich
is
sam
e
as
1x
(
L
+
K
+2
)}.
The
enc
ryptio
n
of
Q
is
car
ried
ou
t
by
sim
ply
po
st
m
ul
ti
plyi
ng
Q
in sig
ne
d
Fi
nite Fi
el
d by
E
{
i
} (
say
for
i
=
1) to
g
et
t
he
ci
pherte
xt
C
w
hic
h belo
ngs to
S
FF
p
as,
=
signMo
d
(
∗
{
}
,
)
(
19)
The
siz
e
of
C
i
s (1x
n
)x(
n
x
m
) =
(1x
m
)
and
C
belo
ngs to
SFF
p
.
2.2.7.
Decr
ypt
ion
of
d
ata
T
he
data
to
be
ob
ta
ine
d
after
de
cry
pt
ion
is
the
deci
m
al
nu
m
ber
g
w
hich
co
uld
be
po
sit
ive
or
neg
at
i
ve
,
an
d
it
is
rep
resen
te
d
by
it
s
ro
w
ve
ct
or
eq
uiv
al
e
nt
G
(
L
,
K
)
of
siz
e
1x
(
L
+
K
)
.
Decr
ypti
on
of
C
is
carried
out as
,
dec
(
)
=
signMod
(
∗
,
)
(20)
Substi
tuti
ng fo
r
C
from
(
19) On t
he
R
HS o
f
(20) a
nd sim
pl
ify
ing
giv
es
,
dec
(
)
=
signMod
(
signMo
d
(
∗
{
}
,
)
∗
,
)
=
signMo
d
(
∗
{
}
∗
,
)
(21)
Fr
om
(
12
),
E
{
i
}*
D
=
×
.
He
nce
,
dec(
C
)
=
signMo
d
(
,
)
=
Q
(22)
signMod
(
,
)
=
Q
,
beca
us
e
Q
bel
ongs
t
o
SFF
p
.
T
hus
de
c(
C
)
obta
ined
us
i
ng
(
22)
re
cov
e
rs
t
he
or
i
gin
al
plainte
xt
vecto
r
Q
.
Af
te
r
stri
ppin
g
R
an
d
S
from
Q
, w
e
g
et
G
.
From
G
, its
equivale
nt
g
is o
btained
usi
ng
(16).
3.
HOMOM
O
R
PHIC OPE
R
ATIO
NS
ON
BIOME
DICA
L DA
T
A
In
HSDA
,
t
he
su
m
and
ave
ra
ge
ag
gregates
of
bio
m
edical
data
in
ci
pher
do
m
ai
n
are
obt
ai
ned
us
in
g
Ho
m
om
or
ph
ic
Op
e
rati
ons
.
Th
e
ci
ph
erte
xts
are
integers
in
SF
F
p
as
sp
eci
fi
ed
by
(19).
Th
ese
ci
ph
erte
xts
wh
e
n
decr
y
pted
,
res
ult
in
the
pla
intext.
T
his
is
po
s
sible
un
de
r
certai
n
ty
pe
s
of
e
nc
ryption
s
an
d
s
ub
se
qu
e
nt
decr
y
ption
s
.
T
ho
s
e
sp
eci
al
ty
pes
of
enc
rypti
on
s
w
hich
are
a
m
enab
le
to
hom
o
m
or
phic
operati
ons
are
c
al
le
d
h
om
om
or
ph
ic
encr
ypti
ons
(H
E
).
I
f
al
ong
with
ad
diti
on,
oth
e
r
arit
hm
etic,
al
gebraic
op
e
rati
on
s
are
ho
m
om
or
ph
ic
,
then
the
c
orre
sp
on
ding
en
cr
ypti
on
s
a
re
de
sign
at
e
d
as
f
ul
ly
h
om
o
m
or
ph
ic
encr
ypti
ons
(F
H
E)
[6
]
,
[
7].
I
n
the
fo
ll
owin
g
sect
ion
s
,
hom
o
m
or
ph
ic
a
dd
it
io
n,
su
bt
racti
on,
m
ulti
plica
ti
on
,
di
vision,
an
d
av
erage
op
e
rati
ons a
re
discusse
d al
on
g wit
h
si
gn
at
ure ve
rificat
ion a
nd d
at
a a
uthe
nt
ic
at
ion
.
3.1.
H
om
omorphic
addi
ti
on
The
pro
posed
H
om
o
m
or
phic
A
dd
it
io
n
m
et
hod
us
e
d
in
HSD
A
is
de
sign
at
e
d
as
H
SDA_A
DD.
Con
si
der
t
w
o
plainte
xt
deci
m
al
nu
m
ber
s
g
and
h
of
le
ngt
h
at
m
os
t
L
dig
it
s.
Let
their
equ
i
valents
r
ow
vectors
be
G
a
nd
H
ea
ch wit
h
siz
e
1x
(
L
+
K
). A
ppe
nd
R
1,
S
1 an
d
R
2,
S
2
t
o
G
a
nd
H
res
pecti
vely
to g
et
Q
1
a
nd
Q
2 as,
(23)
The
siz
e
of
Q
1
as
well
as
Q
2
is
1x(
L
+
K
+2
)
=
1x
n
.
(
N
ote
that
n
=
L
+
K
+2).
Let
C
1
an
d
C
2
be
th
e
encr
y
pted
ci
phertexts
ob
ta
i
ne
d from
Q
1
a
nd
Q
2 as,
Evaluation Warning : The document was created with Spire.PDF for Python.
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci
IS
S
N:
25
02
-
4752
A novel
sec
ur
e
biomedic
al dat
a aggre
gati
on
us
in
g
f
ully h
omo
m
or
phic
e
nc
ryptio
n
in
WSN
(
Chethan
a G
)
435
(24)
Her
e
,
{1}
a
nd
{2}
are
tw
o
di
ff
ere
nt
ve
rsions
of
whose
s
iz
e
is
n
x
m
.
Th
e
siz
e
of
1
or
2
i
s
(1x
n
)
x(
n
x
m
)
=
1x
m
.
When
the
re is
no am
big
uity
, (24)
ca
n b
e sim
ply rewr
it
te
n
as,
(25)
Her
e
,
C
1 an
d
C
2
are
of size
1x
m
a
nd
belo
ng to
SFF
p.
Let
us
a
dd
C
1 an
d
C
2
in
SF
F
p
to
get
C
3 as,
C
3
=
C
1
+
C
2 =
1
∗
{
1
}
+
2
∗
{
2
}
(
26)
Now, t
he res
ultant H
om
o
m
or
phic
addit
io
n
is
ci
ph
e
rtext
C
3,
whose si
ze is
1x
m
is se
nt to
t
he
inten
ded
EU who
dec
rypts
C
3 as,
Q
3 = si
gn
M
od(
C
3*
D
,
p
) =
C
3*
D
(27)
The
siz
e
of
Q
3 i
s (1x
m
)x(
m
x
n
)
=
1x
n
. Here,
the
decr
y
pter h
as already
rece
ived
t
he decry
ption
m
at
rix
D
,
dur
i
ng init
ia
li
zat
ion
of the se
ssio
n.
Substi
tuti
ng
for
C
3
f
r
om
(
26
)
in (2
7)
we g
et
the d
e
crypte
d
ou
t
pu
t a
s,
Q
3 =
(
1
∗
{
1
}
+
2
∗
{
2
}
)
∗
=
1
∗
{
1
}
∗
+
2
∗
{
2
}
∗
(28)
Fr
om
(
28
)
a
nd
(12),
Q
3 =
Q
1
+
Q
2
(
29)
Substi
tuti
ng fo
r
Q
1 an
d
Q
2
f
r
om
(
23)
in
(2
9), w
e
h
a
ve,
Q
3 = [
G
,
R
1,
S
1] + [
H
,
R
2,
S
2]
(
30)
Sp
li
tt
ing
Q
3 i
nt
o
3 pa
rts, we
ge
t,
Q
3 = [
B
,
R
3,
S
3]
(31)
In
(
31),
the
siz
e
of
B
is
1x
(
L
+
K
)
wh
il
e
R
3
and
S
3
are
scal
ars.
I
n
fact
B
is
the
first
(
L
+
K
)
el
e
m
ents
of
Q
3.
Hen
ce
B
c
an be e
xpresse
d usin
g
t
he
c
olo
n n
otati
on of
Ma
tl
ab
as,
B
=
Q
3(1
:
L
+
K
)
(32)
Fr
om
(31)
a
nd
(30),
we
see
t
hat,
[
B
,
R
3,
S
3]
=
[
G
,
R
1,
S
1]
+
[
H
,
R
2,
S
2]
(33)
Fro
m
(3
3),
t
he
decr
y
pted o
utputs in
SF
F
p
a
re,
B
=
sig
nMod(
G
+
H
,
p
)
(34)
R
3
=
sig
nMod
(
R
1 +
R
2,
p
)
(35)
S
3 = si
gn
M
od(
S
1 +
S
2,
p
)
(36)
G
an
d
H
are
ve
ct
or
s
of
decim
al
dig
it
s
as
in
Table
3.
He
nc
e
the
range
of
t
he
el
em
ents
of
G
an
d
H
ar
e
from
[‒
9
to
+9
]
.
Ther
ef
ore
,
the
range
of
th
e
el
e
m
ents
of
t
heir
su
m
B
is
[‒
18
to
+1
8].
Since
the
m
od
ulu
s
p
us
e
d
in
H
SDA
is
la
r
ge,
t
he
c
on
st
raint
−
floor
(
p
−
1
2
)
<
‒18
<
=
el
em
ents
of
B
<
=
18
<
floo
r
(
p
−
1
2
)
is
sat
isfie
d
and
he
nce
B
be
longs
t
o
S
FF
p
an
d
t
her
e
is
no
wr
a
paro
und
ano
m
al
y
in
the
arit
hm
et
ic
operati
on
B
=
G
+
H
.
Ther
e
f
or
e
,
B
gi
ves
the
c
orrec
t
resu
lt
of
a
dd
i
ti
on
as
in
nor
m
al
al
geb
ra.
D
ur
i
ng
ad
diti
on
op
e
rati
on
R
3
a
nd
S
3
are ig
nore
d.
3.1.1.
R
ole of
R
an
d
S
in
h
om
om
orph
ic
e
ncrypti
on/
dec
rypti
on
Con
si
der
the
c
ase
w
her
e
scal
ars
R
an
d
S
a
re
not
intr
oduce
d
in
form
ing
Q
fr
om
G
as
in
(
17).
The
n
Q
=
G
.
F
ur
the
r,
consi
der
t
he
scenari
o
w
he
re
G
is
an
al
l
zero
vect
or
w
he
n
the
co
rr
es
po
nd
i
ng
g
=
0
of
siz
e
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2502
-
4752
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci,
Vo
l.
24
, N
o.
1
,
Oct
ober
20
21
:
42
8
-
44
3
436
1x(
L
+
K
).
T
he
n
Q
i
s
al
so
a
n
al
l
zero
vecto
r
and
the
e
nc
ryp
te
d
val
ue
of
Q
represe
nted
by
C
as
gi
ven
by
(19
)
would
al
s
o
be
an
al
l
zero
vec
tor.
T
hus
,
t
he
e
ncr
y
pted
ci
phe
rtext
dire
ct
ly
rev
eal
s
the
or
i
gi
nal
plainte
xt
i
ns
te
ad
of
hi
ding
it
wh
en
the
plainte
xt
is
zero
.
T
o
ov
e
rc
om
e
this
zero
-
to
-
zer
o
m
app
i
ng,
Scal
ar
R
is
app
en
de
d
to
G
,
The
n,
t
he
e
ncry
pted
ci
phe
rtext
of
[
G
,
R
]
would be,
=
[
0
1
(
+
)
,
]
∗
{
}
(
+
+
1
)
(37)
In
(37),
the
te
r
m
,
0
1
(
+
)
is
the
al
l
z
ero
G
vect
or
of
siz
e
1x(
L
+
K
)
and
t
he
siz
e
of
the
en
crypti
ng
m
at
rix
E
{
i
}
is
(
L
+
K
+1
)
xm
.
In
this
cas
e
,
C
le
aks
the
scal
ed
-
up
val
ue
of
the
la
st
row
of
t
he
e
ncr
y
pt
ion
key
m
at
rix
E
{
i
}(
L
+
K
+1)
xm
.
Hen
ce
the
encr
y
ption
key
is
com
pr
om
ised
.
T
o
m
itigate
this,
one
m
or
e
scal
ar
S
is
a
ppend
e
d
to
[
G
,
R
]
to
ge
t
Q
=
[
G
,
R
,
S
]
.
Her
e
,
S
al
so
ser
ves
as
the
sign
at
ur
e
ve
rif
ic
at
ion
pa
ram
e
te
r.
Now,
w
he
n
G
=
0
1
(
+
)
, th
e ci
ph
e
rtex
t
C
is,
=
[
0
1
(
+
)
,
,
]
∗
{
}
(
+
+
2
)
=
R
*[(
L
+
K
+1
)
th
row of
E
{
i
}]
+
S
*[(
L
+
K
+
2)
th
row of
E
{
i
}]
(
38)
In
t
his
case,
C
is
the
wei
gh
te
d
su
m
of
t
he
la
s
t
two
rows
of
E
{
i
}.
The
refore
,
it
is
ha
rd
to
recover
the
exact
val
ues
of
the
la
st
two
r
o
ws
of
E
{
i
}.
Ap
a
rt
f
r
om
thi
s,
in
HSD
A_A
DD,
scal
ars
S
1
an
d
S
2
are
use
d
f
or
ver
ific
at
io
n
of
ad
diti
on
oper
at
ion
as
well
as
sig
natu
res
f
or
aut
hen
ti
cat
ion
an
d
will
be
ex
plained
in
sect
ion
3A(ii
)
. Sca
la
r
R
w
hich va
ries rand
om
ly
f
ro
m
o
ne
encr
y
ption t
o
t
he
ne
xt
enc
ry
ption p
rovides ra
ndom
izati
on
of
the cip
her te
xt
that p
rev
e
nts
pl
ai
n
te
xt att
ack.
On
ce
t
he
s
um
vecto
r
B
is
obt
ai
ned
as
giv
e
n
by
(
32),
it
s
de
cim
al
equ
ivale
nt
b
is
ob
ta
i
ne
d
ba
sed
on
(16)
as
b
=
B
*
V
(
K
,
L
).
T
he
ho
m
om
or
ph
i
c
add
it
io
n
has
3
sta
ges
as
s
hown
in
F
ig
ur
e
2.
Adde
r
unit
in
ci
ph
e
r
do
m
ai
n
is
i
m
pl
e
m
ented
in
a
cl
oud
se
rv
e
r
w
he
reas
En
crypt
ion
operati
on
is
carried
out
by
the
data
owner
.
T
he
decr
y
pter
is
th
e
E
U
.
D
uri
ng
the
init
ia
li
zat
i
on
of
t
he
H
om
o
m
or
ph
ic
A
dd
it
io
n
se
ssio
n
,
t
he
dec
rypter
sho
uld
hav
e
r
ecei
v
ed
the
decr
y
ption
m
at
rix
D
a
nd t
he
scal
ar
s
um
t
erm
design
at
e
d by
S
3
original
as,
S
3
original
= si
gnMod(
S
1+
S
2,
p
)
(39)
Figure
2.
H
omom
or
phic
ad
diti
on
3.1.2.
Sign
atu
re
verific
at
i
on and
au
t
hen
ticat
i
on
d
urin
g
addi
tion
The
E
U
,
afte
r
decr
y
ption
of
C
3,
gets
Q
3
f
r
om
wh
ic
h
,
it
s
l
ast
el
e
m
ent
de
sign
at
e
d
as
S
3
d
ec
is
obta
ine
d
as
ind
ic
at
ed
in
(3
6).
T
he
n
th
e
EU
chec
ks
wh
et
her
S
3
dec
i
s
exactl
y
equ
al
to
S
3
original
.
If
there
we
re
no
error
s
,
S
3
dec
w
ou
l
d
be
eq
ual
S
3
original
.
If
S
3
dec
≠
S
3
ori
ginal
,
it
ind
ic
at
es
the
pr
ese
n
ce
of
so
m
e
com
pu
ta
ti
on
al
e
rror
or
t
hat
the
input
C
3
is
al
te
red
or
C
3
i
s
no
t
from
an
authe
ntic
source
.
The
ho
m
om
or
phic
ad
diti
on
al
gorithm
of
H
SDA
involves
en
c
ryption,
decr
y
ption an
d si
gnat
ure
ver
ific
at
io
n as gi
ven
:
-----------------------------------------
------------
Algorithm HSDA_ADD
-----------------------------------------------------
Inputs: Integers
g
and
h
to be added using homomorphic encryption.
Output: Homomorphically added ciphertext and its decrypted result,
b
=
g
+
h
//Encryption stage
1.
Ge
t vectors
G
and
H
from
g
and
h
as in (15)
2.
Formulate
Q
1 and
Q
2 by appending suitable
R
1,
S
1 and
R
2,
S
2 as in (23)
3.
Obtain
C
1 and
C
2 by encrypting
Q
1 and
Q
2 as in (24)
//Encryption over
//Addition at Homomorphic Adder in Cloud
4.
Get sum
C
3 as,
C
3 = signMod(
C
1+
C
2,
p
)
//Addition over.
C
3 is sent to the decrypter
//Decryption
5.
Get
Q
3 using the decryption key
D
as,
Q
3 = signMod(
C
3*
D
,
p
)
Evaluation Warning : The document was created with Spire.PDF for Python.
Ind
on
esi
a
n
J
E
le
c Eng &
Co
m
p
Sci
IS
S
N:
25
02
-
4752
A novel
sec
ur
e
biomedic
al dat
a aggre
gati
on
us
in
g
f
ully h
omo
m
or
phic
e
nc
ryptio
n
in
WSN
(
Chethan
a G
)
437
6.
Get
S
3
dec
as the last element of
Q
3
7.
If
S
3
rec
≠
S
3
original
Display “ERROR”
Discard
Q
3 (and take any remedial action like ‘request repeat’ etc.)
Goto step 10
Else
8.
Get
B
by taking first (
L
+
K
) terms of
Q
3
9.
Get
b
using
b
=
B
*
V
(
L
,
K
) //based on (16)
10.
End
---------------------
--------------------------------
The
E
nc
ryptio
n
, h
om
o
m
or
ph
ic
add
it
io
n, an
d decry
ption
of
two num
ber
s a
re ill
us
trat
ed
in
ex
am
ple 4
.
Exa
m
ple
4
:
H
ere,
L
=
2,
K
=2,
n
=
6,
m
=
8
and
p
=
97.
D
ecrypti
on
m
at
r
ix
D
is
create
d
rando
m
ly
.
Fr
om
D,
two
e
nc
ryptio
n m
a
tri
ces
E
{1
} an
d
E
{
2}
a
r
e g
e
ner
at
e
d
as
in (1
1)
.
=
[
20
27
38
30
63
24
79
17
27
13
71
73
19
08
57
15
3
79
83
67
53
87
52
84
44
40
54
87
1
1
56
15
24
17
47
43
69
80
26
3
58
89
47
25
23
19
89
36
]
{
1
}
=
[
81
89
3
11
31
32
55
54
72
53
30
67
59
68
58
32
1
57
95
20
86
50
32
64
30
54
66
81
23
67
26
33
41
65
6
75
75
91
18
39
71
37
83
23
88
42
46
71
]
{
2
}
=
[
74
11
70
23
93
4
46
85
88
26
75
38
61
7
73
43
34
24
92
12
87
51
35
42
22
87
83
27
61
63
49
42
28
20
95
94
85
51
69
12
96
23
96
45
2
19
70
65
]
It can be v
e
rifi
e
d
sig
nMod (
E
{1} *
D
,
p
)
= s
ign
M
od
(
E
{2}
*
D
,
p
)
=
I
6x6
. T
he
tw
o
a
dd
e
nds ar
e ta
ke
n
as
g
= 63•7
9
a
nd
h
=
89
•
65. T
he
n
G
=
[6, 3, 7
, 9]
and
H
=
[8, 9
, 6, 5]
. Ta
king [
R
1,
S
1] = [
23, 17] a
nd
[
R
2,
S
2]
= [
12, 19]
we get
,
Q
1
=
[
6,
3,
7,
9,
23,
17]
an
d
Q
2
=
[
8,
9,
6
,
5,
12
,
19]
.
F
ro
m
(2
4),
C
1
=
signMo
d
(
1
∗
{
1
}
,
)
and
C
2
=
signMo
d
(
2
∗
{
2
}
,
)
. T
he
ciph
e
rtexts
C
1
a
nd
C
2 are
f
ound as
,
C
1
= [25
16
6
-
46
2
8
-
15
2
4
-
29]
and
C
2
= [
-
22
2
6
25
0
-
23
4
0
-
48
-
2]
N
ow,
C
3
= sig
nMod
(
C
1+
C
2,
p
)
g
i
ves,
C
3
=
[3 4
2 31
-
46
5
25
-
24
-
31]
. Decry
ption o
f
C
3 usi
ng (2
7)
giv
es
,
Q
3
=
sig
nMod
(
C
3*
D
,
p
)
= [
14
12
13
14
35
36]
. Vect
or
B
is o
btained fr
om
Q
3, by takin
g
the
f
irst 4
(h
e
re,
L
+
K
=
4)
el
em
ents
of
Q
3
as
,
B
=
[
14
12
13
14]
.
It
can
be
observ
e
d
from
no
rm
al
a
lgebr
a
t
ha
t,
Q
3
=
Q
1+
Q
2.
N
ow
the
decim
al
integer
b
is
obta
ined
base
d
on
(16)
as,
b
=
B
*
V
(
2,
2)
=
[
14
,
12,
13,
14
]
*[10,
1,
0.1, 0.0
1]
T
= 153.4
4 w
hich
is
sam
e as
g
+
h
.
3.1.3.
Addi
tio
n
w
ith m
ultipl
e a
d
dends
Con
si
der
the
a
dd
it
io
n
b
=
u
(
1)
+
u
(
2)
+
…+
u
(
j
)+
…+
u
(
J
)
.
Let
U
(
j
)
be
the
row
vecto
r
c
orres
pondin
g
to
u
(
j
).
Let
th
e
corres
pondin
g
ci
phe
r
val
ue
be
C
(
j
)
=
si
gnMod(
U
(j
)*
E
{
j
},
p
)
for
j
=
1
t
o
J
.
The
n
a
ddit
ion
C
3
=
C
(
1) +
C
(
2)
+…+
C
(
j
)+…+
C
(
J
)
is ca
rr
ie
d ou
t c
um
ulati
vely
as,
C
3 =
0;
f
or
j
=
1:
J
C
3 = si
gn
Mod(
C
3+
C
(
j
),
p
);
E
nd
The
n,
Q
3
=
sign
M
od
(
C
3*
D
,
p
)
=
[
B
,
R
,
S
]
.
Her
e,
B
=
U
(
1)
+
U
(
2)
+…+
U
(
j
)+…
+
U
(
J
).
The
ra
ng
e
of
el
e
m
ent
U
(
j
)
is
fr
om
‒9
to
+9
fo
r
j
=
1
to
J.
Wh
e
n
al
l
su
ch
el
e
m
ents
are
add
e
d
the
ra
nge
w
ou
l
d
be
‒9*
J
to
+9*
J
a
nd
this
range
has
to
be
withi
n
the
SFF
p
ra
nge,
−
floor
(
−
1
2
)
+
floor
(
−
1
2
)
for
co
rr
ect
r
esult.
Ther
e
f
or
e,
the
value o
f
p
s
houl
d
be
chose
n
s
uc
h
that,
−
floor
(
−
1
2
)
≤ ‒
9*
J
<
9*
J
≤
floor
(
−
1
2
)
(40)
3.2.
H
om
om
orph
ic
sub
traction
Ho
m
om
or
ph
ic
Subtract
io
n
is
si
m
il
ar
to
add
it
ion
exce
pt
that
C
3
is
ta
ken
as
C
3
=
C
1‒
C
2
in
ste
p
4
of
Algorithm
HSDA
_AD
D
to
ge
t
b
=
g
‒
h.
A
no
t
her
a
ppr
oac
h
is
to
trea
t
g
‒
h
as
g
+
(‒
h
)
wh
ic
h
is
the
a
ddit
ion
op
e
rati
on
that
can
be
ca
rr
ie
d ou
t
by
HSDA
_AD
D.
Evaluation Warning : The document was created with Spire.PDF for Python.