Abstract
The development of edge computing and Internet of Things technology has brought convenience to our lives, but the sensitive and private data collected are also more vulnerable to attack. Aiming at the data privacy security problem of edgeassisted Internet of Things, an outsourced mutual Private Set Intersection protocol is proposed. The protocol uses the ElGamal threshold encryption algorithm to rerandomize the encrypted elements to ensure all the set elements are calculated in the form of ciphertext. After that, the protocol maps the set elements to the corresponding hash bin under the execution of two hash functions and calculates the intersection in a bintobin manner, reducing the number of comparisons of the set elements. In addition, the introduction of edge servers reduces the computational burden of participating users and achieves the fairness of the protocol. Finally, the INDCPA security of the protocol is proved, and the performance of the protocol is compared with other relevant schemes. The evaluation results show that this protocol is superior to other related protocols in terms of lower computational overhead.
1. Introduction
The vigorous development of fifthgeneration technology (5G), Internet of Things (IoT), edge computing, and other technologies has spawned new medical and life modes such as smart medical treatment [1], smart home [2], and smart bus [3]. Intelligent IoT devices have been widely used in daily life and have brought great changes to people's life. With the assistance of proxy devices and edge servers [4], these data can be outsourced to edge storage for subsequent analysis and use. However, although data outsourcing based on edge computing reduces the storage and computing overhead on the user side, it also exposes the user's sensitive data to the risk of leakage [5]. How to protect the privacy of data stored on edge servers and share data with designated data consumers (such as service and product providers, medical professionals, and educators) has become the focus of research.
Private Set Intersection (PSI), as an efficient encryption technology that allows secret sharing of data information, can ensure the security of the data stored on the edge server when making full use of the data for intersection calculation. So it has become an important research object to solve the problem of edgeassisted Internet of Things data privacy sharing. PSI protocol [6] refers to the intersection of two participants calculating their private sets. In the edge computing environment, two clients encrypt their respective data sets and outsource them to the edge server. Then the edge server effectively performs the intersection operation but cannot know any information in the set. Then one or two clients can obtain the intersection result, while their respective sets remain private. Usually, only one client obtains the intersection result is the oneway PSI protocol [7], which can be applied in situations such as contact tracing of the novel coronavirus COVID19 [8]. At this time, the client unilaterally obtains the intersection result to determine whether it belongs to the contact. However, oneway PSI protocol cannot guarantee that both clients obtain the intersection result at the same time. Obviously, oneway PSI cannot satisfy both clients in the situation such as profile matching [9], in which both clients want to obtain the intersection results to realize the medical information sharing between patients. In this case, mutual PSI (mPSI) protocol [10] is the better choice. That is our focus.
Debnath et al. [11] proposed a secure mutual oblivious pseudorandom function (mOPRF) under the malicious model based on composite order group to maintain the fairness of the mPSI protocol and use homomorphic encryption algorithm to protect data privacy. However, since the protocol is constructed based on composite order, the efficiency is lower than that based on prime order. Based on [11], Debnath et al. [12] proposed another mPSI protocol using prime order groups. The protocol also uses homomorphic encryption algorithm to ensure the security of data and uses semihonest offline arbiter to achieve fairness between two participants. However, the complexity of the protocol is still high. The mPSI protocol in [13] is also constructed based on prime order. It uses the multiplicative homomorphic encryption ElGamal and the distributed ElGamal cryptosystem to ensure the security of data and the offline semihonest arbiter to achieve fairness. But in order to ensure the security under the malicious model, the verifiable CramerShoup cryptographic system used makes the protocol more complicated. Overall, although these mPSI protocols achieve data privacy and fairness, they have high computational complexity and low efficiency.
In this paper, we propose an outsourced mPSI (OmPSI) protocol in the aid of the edge server. The protocol not only protects the data privacy of parties and achieves the fairness of the results obtained by both parties, but also improves the efficiency. The main contributions are as follows:(1)The OmPSI protocol improves the method of preprocessing set elements in [14] by increasing the number of elements stored in each hash bin instead of using the stash. It only needs to compare the elements in the two hash tables in a bintobin manner to calculate the intersection, which further reduces the number of comparisons of set elements and decreases the computational cost of the protocol. As a result, the computation and communication overhead of this protocol is lower than the existing mPSI protocol and realizes the efficiency of the OmPSI protocol.(2)The protocol adopts ElGamal threshold encryption algorithm to encrypt the elements in the hash table to ensure that the set elements of both parties are compared in the form of ciphertext, so that the users can correctly and safely calculate the intersection and realize the data privacy of the OmPSI protocol.(3)The protocol introduces a semihonest edge server as the third party, and the work of set element comparison is transferred to the server, which further reduces the computational burden of users. At the same time, it enables two users to process collection elements in parallel. This ensures that, after the implementation of the agreement, both parties can know the intersection results at the same time and realize the fairness of OmPSI protocol.
2. Related Work
Since Agrawal et al. [15] proposed the concept of PSI, a series of work has been done to construct the PSI protocol. Ordinarily, they are divided into oneway PSI and mutual PSI.
2.1. OneWay PSI
At present, there are many types of research on the oneway PSI protocol, and the design methods are mainly based on public key encryption, garbled circuit (GC), oblivious transfer (OT), and cloud computing. Based on the design method of public key encryption system, literature [16] uses Fully Homomorphic Encryption (FHE) to construct the PSI protocol. The protocol uses bloom filters (BF) to process data, so that the complexity of the protocol has nothing to do with the size of the client set. Huang and Evans designed a PSI protocol [17] through GC that can resist semihonest adversaries, which proved to be suitable for the intersection calculation of sets of different sizes. Pinkas et al. realized the PSI protocol [18] with linear communication complexity based on GC and oblivious programmable pseudorandom functions (OPPRF). This protocol is superior to previous circuitbased PSI protocols in terms of efficiency. Literature [14] constructed oblivious pseudorandom function (OPRF) based on OT extension and then proposed a PSI protocol combined with OPRF and hash algorithm, and the security is proved under the semihonest opponent model. Kavousi et al. proposed a PSI protocol in [19], which takes the OPRF and the garbled BF as its main components, avoiding costly operations of computation and having high scalability. The protocol in [20] allows users to store their private data sets on cloud server and also entrust computing of the intersection to the server and use homomorphic encryption (HE) and oblivious polynomial evaluation (OPE) to process the data. It greatly reduces the workload of users and improves the computational efficiency of the protocol. The PSI protocol designed by Abadi et al. [21] also uses cloud storage of private data sets. It is mainly constructed by hash table and OPE without any public key encryption operation. However, all parties need to establish a secure channel in advance; otherwise it is easy for an attacker to eavesdrop on the communication between honest parties. Literature [22] proposed an improved PSI scheme based on [21]. There is no need for any secure channel in the scheme, which is superior to the scheme in [21] in terms of confidentiality and complexity.
2.2. Mutual PSI
The research on mutual PSI protocol began in 2005; Kissner and Song et al. proposed the first mPSI protocol [23], which is based on the mathematical properties of OPE and uses HE to calculate PSI on ciphertexts. The fairness of the protocol depends on the fairness of the threshold encryption scheme used by the protocol. Camenisch and Zaverucha proposed another mPSI authentication set protocol [24] based on CamenischLysyanskaya signature (CLS) and OPE. The disadvantage of this protocol is that its computational overhead is quadratic and the computational complexity is relatively high. Fairness of the protocol in [24] is realized by a fair exchange scheme. However, if the input is not authenticated, it usually does not work. Kim et al. coupled the prime representation (PR) technology with threshold additive HE and realized an mPSI protocol [25] with linear complexity for the first time in the semihonest security model and through the nature of threshold decryption to achieve the fairness of the protocol. Dong and Chen et al. proposed a fair mPSI protocol [26] with a semihonest arbitrator based on HE and OPE. The arbitrator in the protocol can handle conflicts and cannot know the user's private input and output. The mPSI protocol in [11] is constructed by HE and mutual oblivious pseudorandom function (mOPRF). The fairness of the mOPRF ensures the fairness of the protocol. And in the standard model, it has been proven to resist the attack of malicious adversaries. In [12], an mPSI protocol with linear communication and computational overhead is constructed by using prime order group. The protocol uses a distributed ElGamal encryption algorithm and an offline semitrusted third party to achieve the fairness of the protocol and the security under the malicious adversary model. The mPSI protocol in [13] uses multiplicative HE and a distributed ElGamal cryptosystem to protect data privacy and uses an offline semihonest arbiter to achieve fairness. Under the decisional DiffieHerman hypothesis, it is proved that the protocol is safe under the malicious adversary model.
We show the differences between these protocols in Table 1.
3. Preliminaries
3.1. Decisional DiffieHellman Assumption
Definition 1. Let be a cyclic group of prime order , is the generator of , and . For the following two fourtuple distributions: , , and for any probability polynomial time (PPT) adversary when distinguishing between and , its advantage is negligible with security parameter , where is a random fourtuple and is a DiffieHellman fourtuple.
3.2. Security Model
3.2.1. Adversary Model
We consider the environment where a PPT adversary exists; the definition and model follow [27]. In this setting, the adversary can eavesdrop on the messages transmitted through the communication channel and allow to corrupt participant to obtain private key. The capabilities of the adversary are shown in Table 2.
3.2.2. Formal Security Model
We mainly describe the formal security model of the OmPSI protocol in this section. It is based on the model in [28] and we made some modifications according to the specific requirements of the OmPSI protocol.
Initialization. In a twoparty set intersection scheme OmPSI, three entities are involved, that is, two participants and an edge server . Each of them may have several instances called oracle, which involve different, concurrent executions of OmPSI. We denote user instances as , server instances as , and any kind of instance as . In addition, holds key pair , has key pair , and is the system public key.
Queries. The adversary only interacts with the participants of the protocol through oracle queries, which simulates the capabilities of adversary in a real attack. And all possible oracle queries are shown below:(1)Execute (): The adversary’s eavesdropping attack is simulated in this oracle query (see C1 in Table 2), and the messages exchanged during the actual implementation of the OmPSI protocol are returned.(2)Send (): sends a message to instance in this query; then the response generated by processing based on OmPSI protocol is returned.(3)Corrupt (): The corruption ability of the adversary is simulated in this query (see C2 in Table 2). can only corrupt one of the two users, not both. If , it returns the private key and data set of . If , it returns the private key and data set of .(4)Collude (): The collusion ability of adversary is simulated in this query (i.e., C3 in Table 2). Any information stored on the server is returned.(5)Reveal (): The system private key shared by the instances and is returned to the adversary in this query. But instances , and their partner must not have been queried by corruptquery and testquery; otherwise it returns .(6)Challenge (): In this query, selects two messages and of equal length and sends them to instance . The instance selects randomly, then encrypts , and returns the ciphertext . Among them, , , and in have not been inquired by corruptquery and revealquery; otherwise it returns . And this query is called only once during execution.(7)Test (): After querying the oracle, if the guessed bit , return 1; otherwise return 0. This query can only point to the instance in the challengequery and is called only once during execution.
INDCPA security. During the execution of the OmPSI protocol, can require polynomial degree to execute, send, corrupt, collude, and reveal queries. can also send a challengequery and a testquery to an instance that has not been queried. At the end of the game execution, for the bit in the challengequery, outputs a guess bit in the testquery. If , it means that wins and it is recorded as . The advantage that the adversary can destroy the INDCPA security of OmPSI protocol is defined as
Definition 2. For any PPT adversary , if there is a negligible function such that , then the OmPSI protocol is INDCPA secure.
3.3. Hash Algorithm
Cuckoo hashing. Cuckoo hashing [29] is a method to solve hash conflict, which is widely used in PSI protocols. In this hashing technique, two hash functions are used to map elements into bins, where each bin has at most elements. When storing an element in the cuckoo hash table, calculate the two bin positions and corresponding to . If both bins are not full, insert into either of them; if one of the two bins is full and the other is not full, then insert into the bin that is not full; if both bins are full, then randomly select a position to kick out one of the elements and then insert into it; the kicked is reinserted into the cuckoo table using the same algorithm. This process is called relocation, and the relocation process is executed recursively until all elements are stored in the cuckoo hash table.
Simple hashing. This hashing technique is similar to cuckoo hashing. Two hash functions are used to map elements into bins, and each bin also has at most elements. However, in simple hash mapping, when the element is mapped to its corresponding two positions and , the elements are stored in both and .
3.4. ElGamal Threshold Encryption Algorithm
The ElGamal threshold encryption algorithm [30] is implemented according to the additive homomorphism of the ElGamal encryption algorithm, which is composed of KeyGen, Encrypt, Decrypt, and Rerandomize four algorithms. The specific algorithm is as follows:
KeyGen. Given a cyclic group of order and its generator , the security parameter is . Parties and randomly select and then compute , where is their respective private key, and is their respective public key. Then the public key of the threshold encryption scheme is .
Encrypt. For a message , map to using the hash function , where is defined as . Then select a random number , and compute the ciphertext of the message as .
Decrypt. For a ciphertext , halfdecrypts it as ; then fully decrypts as .
Rerandomize. For the given ciphertext , select a random number to rerandomize it to .
4. Outsourced Mutual PSI Protocol
4.1. Overview
The system model of OmPSI protocol is shown in Figure 1. There are three entities involved, two participating users and a semihonest edge server . Among them, has private data set and user has private data set . They hope to calculate the intersection of and through the server without revealing their own set information.
The design idea of our protocol is based on [14], where and select three hash functions to generate three hash bin positions corresponding to the set elements in the hash table. uses the cuckoo hashing to select one of the three bins to map each element in the set to hash table , each bin stores one element, and the remaining elements are stored in the stash . uses simple hashing to map each element in set to the corresponding three bins in hash table , and each bin stores elements. Then, the elements in the hash bin of are compared with the elements in the corresponding hash bin of . And each element in the stash is compared to all elements in set . In this way, the comparison times of elements are reduced from to , and the intersection is all the equal elements obtained by comparison.
But we diverge from the protocol of [14] in the method. In our protocol, parties and agree on two hash functions to generate the two hash bin positions corresponding to the set elements in the hash table. In this way, the elements in the set of only need to be stored twice, which saves storage space and reduces the subsequent computational burden. Moreover, our protocol sets the size of each bin of hash table to . This avoids that the elements cannot be stored in the hash table due to too many relocations when hash conflicts occur, so there is no need to increase the stash to store the elements. Therefore, it is only necessary to compare the elements in the bin of with the elements in the corresponding bin of to obtain the intersection. This further decreases the number of comparisons and reduces the complexity of the protocol.
However, there is still a problem of how to protect the privacy of user set information while calculating the intersection correctly. We use the ElGamal threshold encryption algorithm to solve this problem, as shown in Section 4.2.1. Participant uses the public key to encrypt the elements in the hash table and then sends it to the other party to rerandomize. Combined with the hash algorithm, we can see that, for in the hash bin of , if the same element in is stored in the corresponding hash bin, there must be in the two hash bins with the same bin number. Therefore, the use of ElGamal threshold encryption algorithm enables the comparison operation of elements to be performed in the form of ciphertext and ensures that the encrypted results of equal elements on both sides are the same. It creates conditions for the smooth implementation of intersection calculation.
In addition, in order to decrease the computational burden of both parties, the element comparison work is handed over to the edge server. Specifically, sends the hash table encrypted by the ElGamal encryption algorithm to the server. Then the server compares the elements in the two hash tables in a bintobin manner in the form of ciphertext. That is, it compares the elements in the hash bin of with the elements in the corresponding hash bin of . In this way, all the equal ciphertext elements in the bins are the intersection in the ciphertext form. Then and cooperate to decrypt the intersection in the form of ciphertext in parallel, and the plaintext intersection can be obtained at the same time. Among them, the comparison work of bins can be performed in parallel, which reduces the time overhead of OmPSI protocol.
4.2. OmPSI Protocol
In this section, we introduce the proposed OmPSI protocol. For easier understanding, we divide the protocol into two parts: the data encryption part and the set intersection computation part, which are introduced in the following two subsections, respectively.
4.2.1. ElGamal Threshold Encryption Protocol
In this section, we describe how ElGamal threshold encryption algorithm works in the protocol, and the details are shown in Algorithm 1.

Remark 1. In the key generation phase, parties and jointly generate the public key so that both parties can use the same public key for encryption in the subsequent encryption phase.
Remark 2. In the encryption phase, after encrypting the hash table, each party needs to send to the other party for rerandomization. Because each party privately chose a random number for encryption, two equal elements are encrypted differently by the two parties. In addition, to calculate the set intersection correctly, adding the rerandomization operation performed by the other party to make the encryption results of equal elements the same is necessary.
4.2.2. Outsourced TwoParty Set Intersection Protocol
In this section, we will explain the intersection calculation part of the OmPSI protocol. Detailed description can be seen in Algorithm 2.

Remark 3. In the data storage phase, hashes all its elements into one of its two corresponding bins, and each element is stored in only one bin. hashes all its elements into both of its two corresponding bins, and each element is stored in both bins. In this case, suppose that there is ( and ); the two bin positions and corresponding to are the same as the two bin positions and corresponding to . Then no matter which bin( or ) is stored in, the corresponding element can be found in the two bins and . Therefore, it can be known that storing all elements in set in both bins can avoid missing intersection elements when computing the set intersection.
Remark 4. In the data encryption phase, parties and use the ElGamal threshold encryption algorithm in Section 4.2.1 to encrypt the elements in their hash table and at the same time add a permutation sequence, so that both parties cannot know the specific location of the element. After hash tables and undergo the same permutation process, their bin numbers still correspond, so the intersection can be calculated correctly by the bins.
Remark 5. In the intersection calculation phase, if the server continues to calculate on the encrypted intersection according to the addition homomorphism of ElGamal homomorphism encryption algorithm, the encrypted intersection sum can be obtained. Then continuing step 2, the plaintext intersection sum will be obtained by both and .
5. Security Analysis
The security proof of the OmPSI protocol based on decisional DiffieHellman (DDH) assumption is shown in this section.
Theorem 1. Letbe a represented group of order. Letbe a PPT adversary against the INDCPA security within a time limit, andcan sendsendqueries,executequeries, andrandom oracle queries at most. Then we can get
Proof. Let be the adversary against the INDCPA security of OmPSI protocol. Then construct PPT adversaries to attack the DDH assumption through . If can break the INDCPA security, then at least one PPT adversary has successfully broken the DDH assumption. We utilize hybrid games to prove Theorem 1. The game starts from the real attack and ends when the adversary does not have any advantage. An event is defined for each game , which indicates that guesses the bit in the testquery correctly.(1)Game : The game corresponds to a real attack in the random oracle model. According to Definition 2, we can get(2)Game : We simulate the random oracle (and there is also a random oracle that will appear in ) in by maintaining hash list (and ) as usual. Besides, Send, Execute, Corrupt, Collude, Reveal, Challenge, and Test oracles will be simulated as in the real attack (see Table 3). It is easy to know that is completely indistinguishable from the real attack, so that(3)Game : Like , we simulate all oracles in , except for games where some collisions occur: and . Because or is simulated, they are randomly and uniformly selected. Therefore, from the birthday paradox, we know that(4)Game : In , we use the private oracles instead of the oracle to calculate and , which are completely independent of and . The games and are indistinguishable unless the event occurs: queries the hash function for or . In addition, no matter what bit in challengequery is, the answer is random. Therefore, it can be see that(5)Game : In , we simulate the executions through the random selfreducibility of the DiffieHellman problem, and given one DDH instance , we randomly select and let , , so we can get a quadruple . Then we haveMoreover, means that the adversary had queried the random oracle on or . Then we getAccording to the above equations, we can conclude thatThe simulation queries involved in the protocol are as follows.
6. Performance Evaluation
6.1. Theoretical Evaluation
In this section, regarding the complexity of calculation and communication, we compare the OmPSI protocol with the protocols in [11, 12, 20]. We choose these three protocols because both parties of the protocols in [11, 12] can know the intersection, and the protocol in [20] supports outsourcing. These protocols are very similar to our protocol. The comparison results are shown in Table 4.
Computation complexity. Our OmPSI protocol uses a cuckoo hash table to store data, and the ElGamal threshold encryption algorithm to encrypt data. We use the number of modular exponential operations to evaluate the computational overhead of OmPSI protocol. Party and party each performs exponential operations when encrypting the hash tables and and performs exponential operations in the decryption phase. The server only performs the intersection calculation which does not involve any exponential operations, where represents how many bins are in the hash table, is the size of the bin, and is the intersectioncardinality. Therefore, the protocol OmPSI has performed modular exponential operations in total. We define , , , where is the cardinality of the private set of party . The possible values of intersection are in the range [0, ], where we take its maximum value . Therefore, the computational complexity is in the OmPSI protocol.
The protocol in [11] is based on the twoway oblivious pseudorandom function mOPRF, without the participation of a thirdparty server, and its computation complexity is . The protocol in [12] also does not involve the thirdparty server; its computation complexity is . In the verifiable delegated PSI protocol of [20], the user performs exponential operations and the server performs exponential operations, so the overall computation complexity of [20] is .
From the analysis above, it is clear that our OmPSI protocol has much lower computational complexity than the other three protocols.
Communication complexity. Our OmPSI protocol uses the number of transmitted ciphertexts to express the complexity of communication. Party sends encrypted elements and rerandomized elements , for and , to . Party sends encrypted elements and rerandomized elements , for and , to . Thus, the OmPSI protocol generates a total of ciphertexts transmissions. The communication complexity of the protocol OmPSI is , due to .
In [11], the protocol generates ciphertexts interactions, the protocol in [12] generates ciphertexts interactions, and the protocol in [20] generates ciphertexts interactions.
To sum up, we can see that our OmPSI protocol is superior to the other three protocols in terms of the communication complexity.
6.2. Experimental Evaluation
To verify the theoretical analysis results in Section 6.1, the computational costs of our OmPSI protocol and the protocols in [11, 12, 20] are compared through experiments. The experimental platform is Windows 10, AMD Ryzen 5 4600H with Radeon Graphics 3.00 GHz, 16 GB RAM, and the compilation environment is MyEclipse 2017. In the experiment, we set and , where represents how many bins are in the hash table, is the size of the bin, and is the set cardinality.
Since our OmPSI protocol and the protocols in [11, 12, 20] all use homomorphic encryption algorithm to encrypt data, we first compare the time it takes for the four protocols to execute with different modulus lengths. In this experiment, we set ; for modulus of 128 bit, 256 bit, 512 bit, and 1024 bit, the different homomorphic encryption times of the 4 protocols are shown in Figure 2.
It can be seen from Figure 2, with the increase of modulus length, the time of homomorphic encryption performed by the four protocols also increases. Among them, the time cost of the OmPSI protocol is lower than that of Debnath’s mPSI1, mPSI2 protocol, and Abadi’s PSI protocol, and the growth trend is the slowest. The time cost in this experiment depends on how many modular exponential operations are used in the scheme. And according to Table 3, the modular exponential operation is least used in the calculation of the OmPSI protocol. Therefore, the increase of modulus length has the least impact on OmPSI protocol.
We further compare the time it takes for the four protocols to execute at different set cardinalities. In this experiment, we fixed the modulus length to 1024 bit; for the cardinality of , the running time of the four protocols can be seen in Figure 3.
It can be seen from Figure 3 that the execution time of the four protocols increases with the increasing size of the data set. Among them, the execution time overhead of the OmPSI increases most slowly compared to that of Debnath’s mPSI1, mPSI2 protocol, and Abadi’s PSI protocol. This is because the OmPSI protocol in this paper uses hash algorithm to process the set elements in advance. Therefore, as the size of the data set continues to increase, the time cost curve of OmPSI protocol has grown slowly, while the time cost curve of the other three protocols has increased significantly.
7. Conclusions
To address the problem of data privacy and security sharing in edgeassisted IoT, we proposed a fair outsourced mPSI protocol with a lower computational cost. The proposed OmPSI scheme uses the existing hash bintobin method to calculate the intersection and improves it to further reduce the number of element comparisons. The calculation of intersection is outsourced to the edge server, which reduces the computing burden on both sides. The scheme adopts ElGamal threshold encryption algorithm to ensure data security. Only when both parties cooperate can all ciphertexts be completely decrypted. Therefore, this scheme can effectively resist the collusive attack between the server and any one of the two parties. And it proves that this scheme is INDCPA secure under the DDH assumption. Through theoretical analysis and experimental evaluation, it is shown that the computational cost of our proposed OmPSI protocol proposed in this paper is lower than that of other mutual PSI protocols.
The combination of edge computing and IoT improves the intelligence of IoT devices and introduces intelligent devices into all aspects of life. The massive use of smart IoT devices has led to a sharp increase in the amount of data generated by users. Privacy protection and secure sharing of big data in the IoT have become the focus of current research. Therefore, research on more secure and efficient PSI technology applied to edgeassisted IoT is our future research direction.
Data Availability
No data were used to support this study.
Conflicts of Interest
The authors declare that there are no conflicts of interest regarding the publication of this paper.
Acknowledgments
This work was supported by the National Natural Science Fund of China (no. 61802117), the PhD Foundation of Henan Polytechnic University (no. B202141), the Support Plan of Scientific and Technological Innovation Team in Universities of Henan Province, China (no. 20IRTSTHN013), the youth backbone teacher support program of Henan Polytechnic University (2018XQG10), and the Research Foundation of Young Core Instructor in Henan Province, China (2018GGJS058).