CN109120606B - Method and device for processing characteristic attribute with privacy protection - Google Patents

Method and device for processing characteristic attribute with privacy protection Download PDF

Info

Publication number
CN109120606B
CN109120606B CN201810846780.XA CN201810846780A CN109120606B CN 109120606 B CN109120606 B CN 109120606B CN 201810846780 A CN201810846780 A CN 201810846780A CN 109120606 B CN109120606 B CN 109120606B
Authority
CN
China
Prior art keywords
user
characteristic attribute
ciphertext
gateway
attribute set
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810846780.XA
Other languages
Chinese (zh)
Other versions
CN109120606A (en
Inventor
沈华
张明武
张媛媛
杜江毅
赵岚
孙代杰
陈效
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei University of Technology
Original Assignee
Hubei University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei University of Technology filed Critical Hubei University of Technology
Priority to CN201810846780.XA priority Critical patent/CN109120606B/en
Publication of CN109120606A publication Critical patent/CN109120606A/en
Application granted granted Critical
Publication of CN109120606B publication Critical patent/CN109120606B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0414Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3093Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving Lattices or polynomial equations, e.g. NTRU scheme
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Algebra (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a processing method and a device for characteristic attributes with privacy protection, which are used for efficiently processing the characteristic attributes of massive users. The method comprises five parts: the method comprises the steps of initializing a system, generating a user characteristic attribute set ciphertext, calculating a single-community user ciphertext with privacy protection, calculating a mass user ciphertext with privacy protection, and obtaining a mass user characteristic attribute statistical result. The invention realizes the statistical analysis of mass user characteristic attributes under the condition of ensuring that the user characteristic attribute set is not revealed, has very high practicability and provides powerful technical support for the situation analysis and strategy formulation of the industries such as electronic commerce, electronic medical treatment, electronic government affairs, public opinion management, insurance and the like.

Description

Method and device for processing characteristic attribute with privacy protection
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method and an apparatus for processing a feature attribute with privacy protection.
Background
In order to grasp the situations of market orientation, population health condition distribution, population structure distribution and the like and to make various more reasonable strategies (such as marketing strategy, health care strategy, insurance strategy and the like), the fields of e-commerce, e-medical treatment, e-government affairs, public opinion management, insurance and the like generally need to carry out statistical analysis on the characteristic attributes of users. The characteristic attribute belongs to personal sensitive information, and users do not want to disclose own characteristic attribute information. Meanwhile, with the development of technologies such as sensor networks, internet of things and the like, users accessing the internet are in the sea level. Therefore, how to perform statistical analysis on sensitive data of a large number of users without leaking the sensitive data of the users is an important topic.
In the prior art, the method is generally adopted as follows: and (4) respectively and independently carrying out cryptograph-level statistical analysis on each characteristic attribute, and not considering the actual application needs of mass-level users. In order to improve the computing efficiency and the practicability, how to realize the efficient statistics of massive user characteristic attributes under the condition that user sensitive information is not leaked is a very challenging subject.
Disclosure of Invention
In order to solve the above technical problem, the present invention provides a method and an apparatus for processing a feature attribute with privacy protection.
In a first aspect, the present invention provides a method for processing a feature attribute with privacy protection, which is applied to a system including a user, a primary gateway, a secondary gateway, and a policy center, where the system includes 1 policy center SC, 1 secondary gateway SGW, and m primary gateways; each community includes n users and 1 primary gateway.
Denote the jth user of the ith community as UijI is 1,2, …, m, j is 1,2, …, n; representing the first-level gateway corresponding to the ith community as FGWiI is 1,2, …, m; user UijIs marked as XijI is 1,2, …, m, j is 1,2, …, n; for M kinds of feature attributes { w1,w2,…,wM}, user UijCharacteristic attribute set X ofijFeature vector expressed as one M-dimension
Figure BDA0001746777840000021
If the user UijHaving a characteristic attribute wkThen xijk1, otherwise xijk=0,i=1,2,…,m,j=1,2,…,n, k=1,2,…,M,
The method comprises the following steps:
step 1: initializing a system;
step 2: generating a user characteristic attribute set ciphertext;
and step 3: generating a single community user characteristic attribute set ciphertext with privacy protection;
and 4, step 4: generating a mass user characteristic attribute set ciphertext with privacy protection;
and 5: and acquiring a mass user characteristic attribute statistical result.
Preferably, the specific implementation of step 1 comprises the following sub-steps:
step 1.1: a policy center SC generates system related parameters and a public and private key pair thereof; policy center SC randomly selects integer R1And R2As a cryptographic parameter, and R1>nM,R2>m·R1(R1 M-1)/(R1-1), where n is the number of users in a community, M is the number of communities, and M is the number of characteristic attributes;
step 1.2: first-level gateway FGWiGenerating a public and private key pair of the user, wherein i is 1,2, …, m;
step 1.3: the second-level gateway SGW generates a public and private key pair of the second-level gateway SGW;
step 1.4: user UijGenerating own public and private key pair, sending a registration request to a policy center SC, and returning an encryption parameter R to the policy center SC1And R2(ii) a Wherein i is 1,2, …, m, j is 1,2, …, n.
Preferably, the specific implementation of step 2 comprises the following sub-steps:
step 2.1: the user obtains the encryption parameter R according to the obtained encryption parameter1And R2Expressing the characteristic attribute set of the user as a univariate polynomial which meets the Hunne's law;
step 2.2: encrypting the univariate polynomial by using a private key of the strategy center SC and a homomorphic encryption algorithm to form a ciphertext;
step 2.3: user UijSigning the generated ciphertext by using a private key of the user;
step 2.4: sending the cryptograph and the signature to the corresponding first-level gateway FGWi
Preferably, the user obtains the encryption parameter R according to the obtained encryption parameter1And R2The method for expressing the characteristic attribute set of the user as a univariate polynomial satisfying the Hunne's law is that the user UijSet X of own characteristic attributesijCorresponding feature vector
Figure BDA0001746777840000022
Expressed as a univariate polynomial
Figure BDA0001746777840000023
Preferably, the specific implementation of step 3 comprises the following sub-steps:
step 3.1: the first-level gateway FGW performs signature verification on the received n ciphertexts;
step 3.2: if the verification is passed, the first-level gateway FGW operates the n ciphertexts;
step 3.3: the first-level gateway FGW signs the calculated ciphertext by using a private key thereof;
step 3.4: and sending the ciphertext and the signature obtained by calculation to a second-level gateway SGW.
Preferably, the specific implementation of step 4 comprises the following sub-steps:
step 4.1: the secondary gateway SGW performs signature verification on the received m ciphertexts;
step 4.2: if the verification is passed, the primary gateway SGW calculates the m ciphertexts;
step 4.3: the secondary gateway SGW signs the calculated ciphertext by using a private key thereof;
step 4.4: and sending the calculated ciphertext and the signature to a policy center SC.
Preferably, the specific implementation of step 5 comprises the following sub-steps:
step 5.1: the strategy center SC verifies the received ciphertext;
step 5.2: if the verification is passed, the strategy center SC decrypts the ciphertext by using the private key thereof;
step 5.3: analyzing the univariate polynomial obtained by decryption by using the Hunne rule to obtain the characteristic attribute w respectively possessed by each community user1,w2,...,wMThe number of users and the mass mn of users respectively have a characteristic attribute w1,w2,...,wMThe number of users.
Preferably, the unigram polynomial obtained by decryption is analyzed by using the horner's law, and the unigram polynomial obtained by decryption is decrypted to obtain a unigram polynomial of nested twice-horner's law:
Figure BDA0001746777840000031
wherein
Figure BDA0001746777840000032
Represents the number of users having the characteristic attribute of kth in the ith community, i is 1,22Analyzing the univariate polynomial P to obtain a11R1+a12R1 2+…+a1MR1 M,a21R1+a22R1 2+…+a2MR1 M,…,am1R1+am2R1 2+…+amMR1 M(ii) a Using an encryption parameter R1Are respectively to a11R1+a12R1 2+…+a1MR1 M,a21R1+a22R1 2+…+a2MR1 M,…, am1R1+am2R1 2+…+amMR1 MTo carry out the solutionIs separated to obtain a11,a12,…,a1M,a21,a22,…,a2M,…,am1, am2,…,amMThat is, the number of users having each characteristic attribute in each community is obtained; based on this, the policy center SC can calculate
Figure BDA0001746777840000033
Obtaining the k-th characteristic attribute w of mn userskK is 1,2, …, M.
Based on the same inventive concept, the second aspect of the present invention provides a processing apparatus with feature attributes for privacy protection, which is applied to a system including a user, a primary gateway, a secondary gateway, and a policy center, where the system includes 1 policy center SC, 1 secondary gateway SGW, and m primary gateways; each community comprises n users and 1 primary gateway; denote the jth user of the ith community as Uij1,2,., m, j 1,2,.., n; representing the first-level gateway corresponding to the ith community as FGWiI 1, 2.. said, m; user UijIs marked as Xij1,2,., m, j 1,2,.., n; for M kinds of feature attributes { w1, w2,...,wM}, user UijCharacteristic attribute set X ofijFeature vector expressed as one M-dimension
Figure BDA0001746777840000041
If the user UijHaving a characteristic attribute wkThen xijk1, otherwise xijk0, i 1,2, M, j 1,2, n, k 1,2, M, the device comprising:
the initialization module is used for system initialization and comprises the following two sub-modules:
the system parameter generation module is used for generating a public and private key of the strategy center and other required system parameters in advance according to the selected security parameters by the strategy center and selecting encryption parameters;
the sending module is used for respectively sending the system parameters to the primary gateway, the secondary gateway and the user by the strategy center, and sending the encryption parameters to the user after the strategy center receives the user registration request;
the user characteristic attribute set ciphertext generating module comprises the following four sub-modules:
the conversion module is used for converting the characteristic attribute set into a univariate polynomial meeting the Hunne law by the user according to the encryption parameters;
the encryption module is used for encrypting the univariate polynomial by the user by utilizing a homomorphic encryption algorithm and the public key of the strategy center to obtain a user characteristic attribute set ciphertext;
the first signature module is used for the user to sign the user characteristic attribute set ciphertext by using a user private key to obtain a first signature;
the user sending module is used for sending the user characteristic attribute set ciphertext and the first signature to the primary gateway by the user;
the single community user characteristic attribute set ciphertext generating module with privacy protection comprises the following four sub-modules:
the first verification module is used for verifying the user characteristic attribute set ciphertext and the first signature by the primary gateway by using the user public key;
the first ciphertext computing module is used for performing ciphertext level computing on the user characteristic attribute set ciphertext by the first-level gateway to obtain a single community user characteristic attribute ciphertext;
the first signature module is used for the primary gateway to sign the single community user characteristic attribute set ciphertext by using a primary gateway private key to obtain a first signature;
the primary gateway sending module is used for sending the single community user characteristic attribute set ciphertext and the second signature to the secondary gateway by the primary gateway;
the mass user characteristic attribute set ciphertext generating module with privacy protection comprises the following four sub-modules:
the second verification module is used for verifying the single community user characteristic attribute set ciphertext and the second signature by the secondary gateway by using the primary gateway public key;
the second ciphertext calculation module is used for performing ciphertext level calculation on the single community user characteristic attribute set ciphertext by the secondary gateway to obtain a mass of user characteristic attribute set ciphertext;
the third signature module is used for the secondary gateway to sign the mass user characteristic attribute set ciphertext by using a secondary gateway private key to obtain a third signature;
the secondary gateway sending module is used for sending the massive user characteristic attribute set ciphertext and the third signature to the strategy center by the secondary gateway;
the mass user characteristic attribute statistical result acquisition module comprises the following three sub-modules:
the third verification module is used for verifying the massive user characteristic attribute set ciphertext and the third signature by the strategy center by using the secondary gateway public key;
the decryption module is used for decrypting the mass user characteristic attribute set ciphertext by the strategy center by using a strategy center private key;
and the strategy center of the user analyzes the decryption result by using the encryption parameters to obtain the statistical result of the user characteristic attribute set.
Based on the same inventive concept, a third aspect of the present invention provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of the first aspect when executing the program.
Compared with the prior art, the invention has the advantages and positive effects mainly embodied in the following aspects:
(1) the invention skillfully provides a method for expressing a mass user characteristic attribute set into a univariate polynomial nested twice by using the Honer's rule. The method can be conveniently expanded to express the user characteristic attribute set into a univariate polynomial nested by three layers or more than three layers of Honer's laws according to the actual application needs (for example, aiming at the application scenes of ultra-large users).
(2) The invention uses homomorphic encryption algorithm to encrypt polynomial expression of mass user characteristic attribute set, obtains unitary polynomial ciphertext relative to user quantity with each characteristic attribute in n users of a community by performing ciphertext-level operation on ciphertext of n users in the community, and obtains unitary polynomial ciphertext relative to user quantity with each characteristic attribute in mn users by performing ciphertext-level operation on unitary polynomial ciphertext of m community levels. Decrypting the ciphertext and performing two rounds of parsing on the obtained univariate polynomial may obtain the following statistics: for each feature attribute, the number of users having the attribute in each community and the number of users having the attribute in mn users. The use of the horner's law to resolve univariate polynomials only involves limited rounding and remainder operations. Therefore, the invention can well avoid fussy and complicated ciphertext-level statistical operation under the condition of meeting privacy protection, and can efficiently realize the statistics of mass user characteristic attributes with privacy protection.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
FIG. 1 is a diagram of an application system architecture according to an embodiment of the present invention;
FIG. 2 is a flow chart of a method of an embodiment of the present invention;
FIG. 3 is a flowchart illustrating operation of a policy center during system initialization according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating a user registration process according to an embodiment of the present invention;
FIG. 5 is a block diagram of a processing device according to an embodiment of the present invention;
fig. 6 is a block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
In order to facilitate the understanding and implementation of the present invention for those of ordinary skill in the art, the present invention is further described in detail with reference to the accompanying drawings and examples, it is to be understood that the embodiments described herein are merely illustrative and explanatory of the present invention and are not restrictive thereof.
Referring to fig. 1, the present invention relates to the following entities: the system comprises users, a first-level gateway FGW, a second-level gateway SGW and a strategy center SC. The method comprises the following steps that (1) the system is assumed to have m communities, wherein each community comprises n users and 1 primary gateway; in addition, the system also comprises 1 secondary gateway SGW and 1 policy center SC. For M kinds of feature attributes { w1,w2,...,wMAnd f, counting the number of users with each characteristic attribute in the mn users by the policy center SC. Denote the jth user of the ith community as Uij1,2,., m, j 1,2,.., n; representing the first-level gateway corresponding to the ith community as FGWiI 1, 2.. said, m; user UijIs marked as Xij1,2,., m, j 1,2,.., n; user UijCharacteristic attribute set X ofijFeature vector expressed as one M-dimension
Figure BDA0001746777840000071
If the user UijHaving a characteristic attribute wkThen xijk1, otherwise xijk=0,i=1,2,...,m,j=1,2,...,n,k=1,2,...,M。
Referring to fig. 2, a method for processing a feature attribute with privacy protection provided by the present invention includes the following steps:
step 1: initializing a system;
step 2: generating a user characteristic attribute set ciphertext;
and step 3: generating a single community user characteristic attribute set ciphertext with privacy protection;
and 4, step 4: generating a mass user characteristic attribute set ciphertext with privacy protection;
and 5: and acquiring a mass user characteristic attribute statistical result.
Referring to step 1 in fig. 2, the system initialization specifically includes the following sub-steps:
step 1.1: the strategy center SC firstly sets a security parameter which can ensure the security of the system, and then generates a system parameter, an encryption parameter and a private and public key pair thereof according to the security parameter;
the detailed working process involves referring to step 1.1.1 to step 1.1.3 in fig. 3.
Step 1.1.1: the policy center SC selects a security parameter kappa from the natural number set and generates the security parameter kappa by executing a bilinear pairwise parameter generation algorithm Gen (kappa)
Figure BDA0001746777840000072
Wherein q is a prime number;
Figure BDA0001746777840000073
are two cyclic groups of order q; p is
Figure BDA0001746777840000074
A generator of (2);
Figure BDA0001746777840000075
is a non-degenerate, efficiently computable bilinear pairwise mapping. Policy center SC selection of security parameters κ1Calculating the public key of Paillier encryption algorithm (N ═ p)1q1G) and a private key (λ, μ), where p1、q1Is of two orders κ1G is a large prime number of
Figure BDA0001746777840000076
Is generated by the one of the generators of (1),
Figure BDA0001746777840000077
policy center SC selects a secure cryptographic hash function
Figure BDA0001746777840000078
Step 1.1.2: randomly selecting an integer R smaller than N1And R2Ensuring R as an encryption parameter1>nM, R2>m·R1(R1 M-1)/(R1-1), where n is the number of users in a community, M is the number of communities, and M is the number of characteristic attributes.
Step 1.1.3: policy center SC publishing system parameters
Figure BDA0001746777840000079
Step 1.2: first-level gateway FGWi(i-1, 2, …, m) generates its own public and private key pair;
first-level gateway FGWiRandom selection
Figure BDA00017467778400000710
As its own private key, wherein
Figure BDA00017467778400000711
Calculating Yi=αiP acts as its own public key.
Step 1.3: the second-level gateway SGW generates a public and private key pair of the second-level gateway SGW;
secondary gateway SGW random selection
Figure BDA0001746777840000081
As its own private key, wherein
Figure BDA0001746777840000082
Y ═ ap is calculated as its public key.
Step 1.4: user Uij(i 1, 2.. multidot.m, j 1, 2.. multidot.n) generating a public and private key pair of the policy center SC, sending a registration request to the policy center SC, and returning an encryption parameter to the policy center SC;
the detailed working process involves referring to step 1.4.1 to step 1.4.3 in fig. 4.
Step 1.4.1: user Uij(i 1, 2.. times., m, j 1, 2.. times., n) is randomly selected
Figure BDA0001746777840000083
As its own private key, wherein
Figure BDA0001746777840000084
Calculating Yij=αijP acts as its own public key.
Step 1.4.2: user UijA registration request is sent to the policy centre SC.
Step 1.4.3: policy center SC to user UijReturning an encryption parameter R1And R2
Referring to step 2 in fig. 2, the specific implementation of the user feature attribute set ciphertext generation includes the following sub-steps:
step 2.1: the user obtains the encryption parameter R according to the obtained encryption parameter1And R2Expressing the characteristic attribute set of the user as a univariate polynomial which meets the Hunne's law;
user UijSet X of own private attributesijExpressed as a vector of M dimensions
Figure BDA0001746777840000085
Wherein the user UijHaving a characteristic attribute wkThen xijk1, otherwise xijk0; assuming that the encryption parameter is R, and R > nM, then one will
Figure BDA0001746777840000086
Expressed as a univariate polynomial Pij=R2 i·(xij1R1+xij2R1 2 +…+xijMR1 M)。
Step 2.2: encrypting the univariate polynomial by utilizing a homomorphic encryption algorithm and a private key of a strategy center SC to form a ciphertext;
user UijTo PijPerforming Paillier encryption: random selection
Figure BDA0001746777840000087
Wherein
Figure BDA0001746777840000088
Computing
Figure BDA0001746777840000089
Step 2.3: user UijSigning the generated ciphertext by using a private key of the user;
user UijUsing a private key alphaijTo CijAnd (3) signature: sigmaij=αijH(Cij||ID_FGWi||ID_Uij| T), where ID _ FGWiIs a first-level gateway FGWiID _ U ofijFor user UijT is the current timestamp.
Step 2.4: u shapeijThe ciphertext and the signature (C)ij,σij) Sending to a first-level gateway FGWi
Referring to step 3 in fig. 2, a specific implementation of generating a single-community user feature attribute set ciphertext with privacy protection includes the following sub-steps:
step 3.1: first-level gateway FGWi(i ═ 1,2, …, m) signature verification is performed on the n received ciphertext, if verification is true, step 3.2 is performed, otherwise, execution is terminated;
step 3.2: first-level gateway FGWiAnd (3) performing operation on n ciphertexts:
Figure BDA0001746777840000091
step 3.3: first-level gateway FGWiSigning the calculated ciphertext by using a private key of the user;
FGWiusing its own private key alphaiCorresponds to CiAnd (3) signature:
σi=αiH(Ci||ID_SGW||ID_FGWi| T), where ID _ SGW is identity information of the secondary gateway SGW.
Step 3.4: first-level gateway FGWiCombining the computed ciphertext with a signature (C)i,σi) Send to the secondary gateway SGW。
Referring to step 4 in fig. 2, the specific implementation of generating the massive user feature attribute set ciphertext with privacy protection includes the following sub-steps:
step 4.1: the secondary gateway SGW performs signature verification on the received m ciphertexts, if the verification is established, the step 4.2 is executed, otherwise, the execution is terminated;
step 4.2: and the secondary gateway SGW performs operation on the m ciphertexts:
Figure BDA0001746777840000092
step 4.3: the secondary gateway SGW signs the calculated ciphertext by using a private key thereof;
the SGW signs by using a private key alpha of the SGW corresponding to C:
σ=αH(C||ID_SC||ID_SGWi| T), where ID _ SC is the identity information of the policy center SC.
Step 4.4: and the secondary gateway SGW sends the calculated ciphertext and the signature (C, sigma) to the policy center SC.
Referring to step 5 in fig. 2, the specific implementation of obtaining the mass user characteristic attribute statistical result includes the following sub-steps:
step 5.1: and (4) the policy center SC performs signature verification on the received (C, sigma), if the received (C, sigma) is true, the policy center SC considers that the received ciphertext C is legal and continues to execute the step 5.2, otherwise, the received ciphertext C is considered to be illegal and terminates the execution.
Step 5.2: the policy center SC decrypts the ciphertext C by using its own private key to obtain a univariate polynomial P containing intersection information:
Figure BDA0001746777840000101
wherein the content of the first and second substances,
Figure BDA0001746777840000102
step 5.3: and analyzing the univariate polynomial P obtained by decryption by utilizing a Hunne rule to respectively obtain the number of users with each characteristic attribute in each community and a mass mn of users.
Step 5.3.1: the strategy center SC obtains a polynomial P corresponding to each community according to the following algorithmi,i=1, 2,…,m。
The analytical algorithm is as follows:
inputting:
Figure BDA0001746777840000103
encryption parameter R2
And (3) outputting: pi,i=1,2,…,m
(1)X←P/R2
(2)for i←1 to m do
(3)Pi←X mod R2
(4)X←X/R2
(5)end for
(6)return P1,P2,…,Pm
Step 5.3.2: policy center SC based on obtained P1,P2,...,PmThe number a of users with each characteristic attribute in each community is obtained according to the following algorithmik,i=1,2,…,m,k=1,2,…,M。
Inputting: p1,P2,…,PmAnd an encryption parameter R1
And (3) outputting: a isik,i=1,2,…,m,k=1,2,…,M
(1)for i←1 to m do
(2)X←Pi/R1
(3)for k←1 to M do
(4)aik←X mod R1
(5)X←X/R1
(6)xi←1
(7)end for
(8)end for
(9)return a11,a12,…,a1M;a21,a22,…,a2M;…;am1,am2,…,amM
Step 5.3.3: the strategy center SC obtains a according toikI is 1,2, …, M, k is 1,2, …, M, the number of users having each feature attribute in the mass mn of users is obtained according to the following algorithm
Figure BDA0001746777840000111
…,M。
Inputting: a isik,i=1,2,…,m,k=1,2,…,M
And (3) outputting:
Figure BDA0001746777840000112
(1)for k←1 to M do
(2)ak←0
(3)end for
(4)for k←1 to M do
(5)for i←1 to m do
(6)ak←ak+aik
(7)end for
(8)end for
(9)return a1,a2,…,aM
the method of the embodiment of the invention expresses the characteristic attribute set of the mass users as a univariate polynomial which meets the nested 2-layer Honer rule, and combines a homomorphic encryption algorithm, so that the number of users with each characteristic attribute in the mass users can be counted under the condition of not revealing the characteristic attribute set of the mass users. The method provided by the invention can be used for user characteristic statistical analysis in the fields of e-commerce, e-medical treatment, e-government affairs, public opinion management, insurance and the like, and has high practicability.
Based on the same inventive concept, the application further provides a device corresponding to the processing method of the feature attribute with privacy protection in the first embodiment, which is detailed in the second embodiment.
Example two
The present embodiment provides a processing apparatus for user characteristic attributes, which is applied to a system including a policy center, a primary gateway, a secondary gateway, and a user, please refer to fig. 5, where the apparatus includes:
the initialization module 501 is used for system initialization and includes the following two sub-modules:
the system parameter generation module 5011 is configured to generate, by the policy center, a public-private key of the policy center and other required system parameters in advance according to the selected security parameters, and select an encryption parameter;
a sending module 5012, configured to send the system parameters to the primary gateway, the secondary gateway, and the user respectively by the policy center, and send the encryption parameters to the user after the policy center receives the user registration request;
the user feature attribute set ciphertext generation module 502 includes the following four sub-modules:
a conversion module 5021, configured to convert the feature attribute set into a univariate polynomial meeting the horner's law according to the encryption parameters by the user;
the encryption module 5022 is used for encrypting the univariate polynomial by the user through a homomorphic encryption algorithm and the public key of the policy center to obtain a user characteristic attribute set ciphertext;
a first signature module 5023, configured to sign the user feature attribute set ciphertext with a user private key to obtain a first signature;
a user sending module 5024, configured to send the user feature attribute set ciphertext and the first signature to the primary gateway by the user;
the single community user feature attribute set ciphertext generating module 503 with privacy protection includes the following four sub-modules:
a first verification module 5031, configured to verify, by the primary gateway, the user feature attribute set ciphertext and the first signature by using the user public key;
a first ciphertext calculation module 5032, configured to perform ciphertext level calculation on the user feature attribute set ciphertext by the first-level gateway to obtain a single-community user feature attribute ciphertext;
a second signature module 5033, configured to sign the single community user feature attribute set ciphertext by using a primary gateway private key by the primary gateway to obtain a second signature;
a primary gateway sending module 5034, configured to send the single community user feature attribute set ciphertext and the second signature to the secondary gateway by the primary gateway;
the mass user feature attribute set ciphertext generating module 504 with privacy protection includes the following four sub-modules:
a second verification module 5041, configured to verify, by the secondary gateway, the single-community user feature attribute set ciphertext and the second signature by using the primary gateway public key;
a second ciphertext calculation module 5042, configured to perform ciphertext level calculation on the single community user feature attribute set ciphertext by the secondary gateway to obtain a large amount of user feature attribute set ciphertext;
a third signature module 5043, configured to sign the massive user feature attribute set ciphertext with a secondary gateway private key by the secondary gateway to obtain a third signature;
a secondary gateway sending module 5044, configured to send the massive user feature attribute set ciphertext and the third signature to the policy center by the secondary gateway;
the mass user characteristic attribute statistical result obtaining module 505 comprises the following three sub-modules:
a third verification module 5051, configured to verify, by the policy center, the massive user feature attribute set ciphertext and the third signature by using the secondary gateway public key;
a decryption module 5052, configured to decrypt the mass user feature attribute set ciphertext by using a policy center private key by the policy center;
the parsing module 5053 parses the decryption result by using the encryption parameter by the policy center to obtain a statistical result of the user feature attribute set.
Since the apparatus described in the second embodiment of the present invention is an apparatus used for implementing the processing method of the first embodiment of the present invention, based on the method described in the first embodiment of the present invention, a person skilled in the art can understand the specific structure and the deformation of the apparatus, and thus the details are not described herein again. All the devices adopted in the method of the first embodiment of the present invention belong to the protection scope of the present invention.
EXAMPLE III
Based on the same inventive concept, the present application further provides a computer device, please refer to fig. 6, which includes a storage 601, a processor 602, and a computer program 603 stored on the storage and running on the processor, and when the processor 602 executes the above program, the method in the first embodiment is implemented.
Since the computer device introduced in the third embodiment of the present invention is a computer device used for implementing the processing method in the first embodiment of the present invention, based on the method introduced in the first embodiment of the present invention, a person skilled in the art can understand the specific structure and the deformation of the computer device, and thus details are not described herein. All the computer devices adopted in the method of the first embodiment of the present invention are within the scope of the present invention.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made in the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to encompass such modifications and variations.

Claims (8)

1. A processing method with privacy protection characteristic attributes is applied to a system comprising users, primary gateways, secondary gateways and policy centers, wherein the system comprises 1 policy center SC, 1 secondary gateway SGW and m primary gateways; each community comprises n users and 1 primary gateway;
denote the jth user of the ith community as UijI is 1,2, …, m, j is 1,2, …, n; representing the first-level gateway corresponding to the ith community as FGWiI is 1,2, …, m; user UijIs marked as XijI is 1,2, …, m, j is 1,2, …, n; for M kinds of feature attributes { w1,w2,…,wM}, user UijCharacteristic attribute set X ofijFeature vector expressed as one M-dimension
Figure FDA0002676699840000011
If the user UijHaving a characteristic attribute wkThen xijk1, otherwise xijk=0,i=1,2,…,m,j=1,2,…,n,k=1,2,…,M,
Characterized in that the method comprises the following steps:
step 1: initializing a system;
step 2: generating a user characteristic attribute set ciphertext;
and step 3: generating a single community user characteristic attribute set ciphertext with privacy protection;
and 4, step 4: generating a mass user characteristic attribute set ciphertext with privacy protection;
and 5: acquiring a mass user characteristic attribute statistical result;
the specific implementation of the step 1 comprises the following substeps:
step 1.1: a policy center SC generates system related parameters and a public and private key pair thereof; policy center SC randomly selects integer R1And R2As a cryptographic parameter, and R1>nM,R2>m·R1(R1 M-1)/(R1-1), where n is the number of users in a community, M is the number of communities, and M is the number of characteristic attributes;
step 1.2: first-level gateway FGWiGenerating a public and private key pair of the user, wherein i is 1,2, …, m;
step 1.3: the second-level gateway SGW generates a public and private key pair of the second-level gateway SGW;
step 1.4: user UijGenerating own public and private key pair, sending a registration request to a policy center SC, and returning an encryption parameter R to the policy center SC1And R2(ii) a Wherein i is 1,2, …, m, j is 1,2, …, n;
the specific implementation of the step 2 comprises the following substeps:
step 2.1: the user obtains the encryption parameter R according to the obtained encryption parameter1And R2Expressing the characteristic attribute set of the user as a univariate polynomial which meets the Hunne's law;
step 2.2: encrypting the univariate polynomial by using a private key of the strategy center SC and a homomorphic encryption algorithm to form a ciphertext;
step 2.3: user UijSigning the generated ciphertext by using a private key of the user;
step 2.4: sending the cryptograph and the signature to the corresponding first-level gateway FGWi
2. The method for processing privacy-preserving feature attributes according to claim 1, characterized in that in step 2.1, user U is usedijSet X of own characteristic attributesijCorresponding feature vector
Figure FDA0002676699840000021
Expressed as a univariate polynomial
Figure FDA0002676699840000022
Wherein R is1And R2Are encryption parameters.
3. The method for processing the characteristic attribute with the privacy protection function according to claim 1 or 2, wherein the step 3 is implemented by the following sub-steps:
step 3.1: the first-level gateway FGW performs signature verification on the received n ciphertexts;
step 3.2: if the verification is passed, the first-level gateway FGW operates the n ciphertexts;
step 3.3: the first-level gateway FGW signs the calculated ciphertext by using a private key thereof;
step 3.4: and sending the ciphertext and the signature obtained by calculation to a second-level gateway SGW.
4. The method for processing the characteristic attribute with the privacy protection function according to claim 3, wherein the step 4 is realized by the following sub-steps:
step 4.1: the secondary gateway SGW performs signature verification on the received m ciphertexts;
step 4.2: if the verification is passed, the primary gateway SGW calculates the m ciphertexts;
step 4.3: the secondary gateway SGW signs the calculated ciphertext by using a private key thereof;
step 4.4: and sending the calculated ciphertext and the signature to a policy center SC.
5. The method for processing the characteristic attribute with the privacy protection function according to claim 4, wherein the step 5 is implemented by the following sub-steps:
step 5.1: the strategy center SC verifies the received ciphertext;
step 5.2: if the verification is passed, the strategy center SC decrypts the ciphertext by using the private key thereof;
step 5.3: analyzing the univariate polynomial obtained by decryption by using the Hunne rule to obtain the characteristic attribute w respectively possessed by each community user1,w2,…,wMThe number of users and the mass mn of users respectively have a characteristic attribute w1,w2,…,wMThe number of users.
6. The method of processing privacy-preserving feature attributes according to claim 5, wherein: in step 5.3, the univariate polynomial of the nested twice-horner law is obtained by decryption
Figure FDA0002676699840000023
Wherein
Figure FDA0002676699840000031
The method comprises the steps of representing the number of users with the kth characteristic attribute in the ith community, wherein i is 1,2, …, M, k is 1,2, …, M; using an encryption parameter R2Analyzing the univariate polynomial P to obtain a11R1+a12R1 2+…+a1MR1 M,a21R1+a22R1 2+…+a2MR1 M,…,am1R1+am2R1 2+…+amMR1 M(ii) a Using an encryption parameter R1Are respectively to a11R1+a12R1 2+…+a1MR1 M,a21R1+a22R1 2+…+a2MR1 M,…,am1R1+am2R1 2+…+amMR1 MAnalyzing to obtain a11,a12,…,a1M,a21,a22,…,a2M,…,am1,am2,…,amMThat is, the number of users having each characteristic attribute in each community is obtained; based on this, the policy center SC can calculate
Figure FDA0002676699840000032
Obtaining the k-th characteristic attribute w of mn userskK is 1,2, …, M.
7. A processing device with privacy protection characteristic attributes is applied to a system comprising users, primary gateways, secondary gateways and policy centers, wherein the system comprises 1 policy center SC, 1 secondary gateway SGW and m primary gateways; each community comprises n users and 1 primary gateway; representing the jth user of the ith community asUijI is 1,2, …, m, j is 1,2, …, n; representing the first-level gateway corresponding to the ith community as FGWiI is 1,2, …, m; user UijIs marked as XijI is 1,2, …, m, j is 1,2, …, n; for M kinds of feature attributes { w1,w2,…,wM}, user UijCharacteristic attribute set X ofijFeature vector expressed as one M-dimension
Figure FDA0002676699840000033
If the user UijHaving a characteristic attribute wkThen xijk1, otherwise xijk0, i-1, 2, …, M, j-1, 2, …, n, k-1, 2, …, M, said device comprising:
the initialization module is used for system initialization and comprises the following two sub-modules:
the system parameter generation module is used for generating a public and private key of the strategy center and other required system parameters in advance according to the selected security parameters by the strategy center and selecting encryption parameters;
the sending module is used for respectively sending the system parameters to the primary gateway, the secondary gateway and the user by the strategy center, and sending the encryption parameters to the user after the strategy center receives the user registration request;
the user characteristic attribute set ciphertext generating module comprises the following four sub-modules:
the conversion module is used for converting the characteristic attribute set into a univariate polynomial meeting the Hunne law by the user according to the encryption parameters;
the encryption module is used for encrypting the univariate polynomial by the user by utilizing a homomorphic encryption algorithm and the public key of the strategy center to obtain a user characteristic attribute set ciphertext;
the first signature module is used for the user to sign the user characteristic attribute set ciphertext by using a user private key to obtain a first signature;
the user sending module is used for sending the user characteristic attribute set ciphertext and the first signature to the primary gateway by the user;
the single community user characteristic attribute set ciphertext generating module with privacy protection comprises the following four sub-modules:
the first verification module is used for verifying the user characteristic attribute set ciphertext and the first signature by the primary gateway by using the user public key;
the first ciphertext computing module is used for performing ciphertext level computing on the user characteristic attribute set ciphertext by the first-level gateway to obtain a single community user characteristic attribute ciphertext;
the first signature module is used for the primary gateway to sign the single community user characteristic attribute set ciphertext by using a primary gateway private key to obtain a first signature;
the primary gateway sending module is used for sending the single community user characteristic attribute set ciphertext and the second signature to the secondary gateway by the primary gateway;
the mass user characteristic attribute set ciphertext generating module with privacy protection comprises the following four sub-modules:
the second verification module is used for verifying the single community user characteristic attribute set ciphertext and the second signature by the secondary gateway by using the primary gateway public key;
the second ciphertext calculation module is used for performing ciphertext level calculation on the single community user characteristic attribute set ciphertext by the secondary gateway to obtain a mass of user characteristic attribute set ciphertext;
the third signature module is used for the secondary gateway to sign the mass user characteristic attribute set ciphertext by using a secondary gateway private key to obtain a third signature;
the secondary gateway sending module is used for sending the massive user characteristic attribute set ciphertext and the third signature to the strategy center by the secondary gateway;
the mass user characteristic attribute statistical result acquisition module comprises the following three sub-modules:
the third verification module is used for verifying the massive user characteristic attribute set ciphertext and the third signature by the strategy center by using the secondary gateway public key;
the decryption module is used for decrypting the mass user characteristic attribute set ciphertext by the strategy center by using a strategy center private key;
and the strategy center of the user analyzes the decryption result by using the encryption parameters to obtain the statistical result of the user characteristic attribute set.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 6 when executing the program.
CN201810846780.XA 2018-07-27 2018-07-27 Method and device for processing characteristic attribute with privacy protection Active CN109120606B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810846780.XA CN109120606B (en) 2018-07-27 2018-07-27 Method and device for processing characteristic attribute with privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810846780.XA CN109120606B (en) 2018-07-27 2018-07-27 Method and device for processing characteristic attribute with privacy protection

Publications (2)

Publication Number Publication Date
CN109120606A CN109120606A (en) 2019-01-01
CN109120606B true CN109120606B (en) 2020-12-01

Family

ID=64863686

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810846780.XA Active CN109120606B (en) 2018-07-27 2018-07-27 Method and device for processing characteristic attribute with privacy protection

Country Status (1)

Country Link
CN (1) CN109120606B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108923920B (en) * 2018-07-24 2020-11-17 湖北工业大学 Characteristic user discovery and statistics method with privacy protection in massive user system
CN110110535B (en) * 2019-04-24 2021-01-01 湖北工业大学 Low-distortion steganography method based on pixel matrix
CN110276204B (en) * 2019-05-22 2022-05-13 湖北工业大学 Player configuration method under privacy protection
CN115296809B (en) * 2022-10-08 2023-02-24 晨越建设项目管理集团股份有限公司 Data transmission method of intelligent engineering construction information system supporting asynchronous decryption at two ends

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102549614A (en) * 2009-10-07 2012-07-04 微软公司 A privacy vault for maintaining the privacy of user profiles
CN104767763A (en) * 2015-04-28 2015-07-08 湖北工业大学 Privacy protecting area user electricity quantity aggregation system and method for intelligent power grid
CN107122449A (en) * 2017-04-25 2017-09-01 安徽大学 File classifying method and system based on public key encryption under a kind of multi-user environment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102549614A (en) * 2009-10-07 2012-07-04 微软公司 A privacy vault for maintaining the privacy of user profiles
CN104767763A (en) * 2015-04-28 2015-07-08 湖北工业大学 Privacy protecting area user electricity quantity aggregation system and method for intelligent power grid
CN107122449A (en) * 2017-04-25 2017-09-01 安徽大学 File classifying method and system based on public key encryption under a kind of multi-user environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Efficient Privacy-Preserving Cube-Data Aggregation Scheme for Smart Grids;Hua Shen,etl.;《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》;20170630;第12卷(第6期);全文 *
一种隐私保护的智能电网多级用户电量聚合控制方案;沈华等;《密码学报》;20161231;正文第2-4节 *

Also Published As

Publication number Publication date
CN109120606A (en) 2019-01-01

Similar Documents

Publication Publication Date Title
Martins et al. A survey on fully homomorphic encryption: An engineering perspective
CN109120606B (en) Method and device for processing characteristic attribute with privacy protection
CN108737115B (en) Private attribute set intersection solving method with privacy protection
US10277395B2 (en) Cryptographic key-generation with application to data deduplication
Wang et al. Privacy-preserving public auditing for data storage security in cloud computing
Zhou et al. ExpSOS: Secure and verifiable outsourcing of exponentiation operations for mobile cloud computing
CN107294697B (en) Symmetrical full homomorphic cryptography method based on plaintext similar matrix
JP6016948B2 (en) Secret calculation system, arithmetic device, secret calculation method, and program
Yu et al. Remote data possession checking with enhanced security for cloud storage
CN111106936A (en) SM 9-based attribute encryption method and system
EP3381151A1 (en) Selectivity in privacy and verification with applications
JP2007510947A (en) Method and apparatus for efficient multi-party multiplication
WO2013031533A1 (en) Information processing device, information processing method, and program
JP6738062B2 (en) Ciphertext verification system, method, and recording medium
JP6738061B2 (en) Ciphertext verification system, method, and recording medium
Barta et al. On succinct arguments and witness encryption from groups
CN115102688A (en) Data processing method, polynomial calculation method and electronic equipment
WO2014030706A1 (en) Encrypted database system, client device and server, method and program for adding encrypted data
TWI511517B (en) Information processing apparatus, information processing method, program and recording medium
Nitulescu Lattice-based zero-knowledge SNARGs for arithmetic circuits
Sandhia et al. Secure sharing of data in cloud using MA-CPABE with elliptic curve cryptography
Yasumura et al. Secure Naïve Bayes classification protocol over encrypted data using fully homomorphic encryption
Ugwuoke et al. Secure fixed-point division for homomorphically encrypted operands
Dou et al. Efficient private subset computation
CN115865302A (en) Multi-party matrix multiplication method with privacy protection attribute

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant