CN110198216B - Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium - Google Patents

Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium Download PDF

Info

Publication number
CN110198216B
CN110198216B CN201910621172.3A CN201910621172A CN110198216B CN 110198216 B CN110198216 B CN 110198216B CN 201910621172 A CN201910621172 A CN 201910621172A CN 110198216 B CN110198216 B CN 110198216B
Authority
CN
China
Prior art keywords
server
newly added
added object
target
preset
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910621172.3A
Other languages
Chinese (zh)
Other versions
CN110198216A (en
Inventor
田苗苗
倪凯敏
吴瑞欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui University
Original Assignee
Anhui University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui University filed Critical Anhui University
Priority to CN201910621172.3A priority Critical patent/CN110198216B/en
Publication of CN110198216A publication Critical patent/CN110198216A/en
Application granted granted Critical
Publication of CN110198216B publication Critical patent/CN110198216B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a privacy protection increment truth value discovery method, a device, computer equipment and a storage medium, wherein the method comprises the steps of establishing a system comprising a first server and a second server, generating a corresponding public and private key pair and disclosing the public key; each user in the system generates a random number, scrambles initial sensing data, and respectively sends the random number and the scrambled sensing data to two servers, and the two servers exchange data after being encrypted by public keys of the two servers; initializing an initial true value of the newly added object; calculating the weight of each target user, storing the weight information, and calculating the current true value of the newly added object; and carrying out iterative computation on the current true value to obtain a target true value. By adopting the double-server model, only the random interference value to the new object and the sensing data after disturbance are needed to be uploaded, and the random interference value before and the sensing data after disturbance are not needed to be uploaded again, so that the calculation and communication expenses of the user are reduced.

Description

Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium
Technical Field
The invention relates to the technical field of computers, in particular to an incremental truth value discovery method and device for protecting privacy, computer equipment and a storage medium.
Background
The truth discovery in the mobile crowd sensing system aims to solve the conflict problem among the sensing data of multiple sources and deduces truth information. For example, to better assess disease, a medical research center may need to perform truth finding on health data collected from different individuals. The basic idea of truth finding is to estimate the reliability of each data source by the magnitude of the weight and then estimate the truth of the target object by a weighted aggregation of all perceptual data. In particular, in some scenarios where sensory data is collected in a sequential manner, the use of incremental true value discovery methods enables real-time aggregation of sensory data with less overhead than general true value discovery methods. Protecting the privacy of a user during the truth discovery process is important because the user's sensory data may be exposed during the truth discovery process, resulting in the disclosure of their private information, such as the user's geographic location, education level, and the like.
At present, a plurality of privacy-protecting truth-finding algorithms are proposed in succession, wherein Miao et al (Miao C, Su L, Jiang W, Li Y, and Tian M.A light privacy-predicting discovery system in IEEE INFOCOM 2017: 1-9) recently proposed an efficient privacy-protecting truth-finding method L by using a dual-server model2-PPTD. The method utilizes two servers which are not colluded and adopts a Paillier homomorphic cryptographic algorithm to carry out encryption protection on the perception data of a user. However L2One drawback of PPTD is the complexity of the Paillier homomorphic encryption algorithm employed, and at the same time, whenever the user perceives a new object, the information of the previously perceived "old object" is re-uploaded, and the server re-calculates the information of all objects to obtain the true value, which increases the computation and communication overhead of the user and server.
Disclosure of Invention
The invention provides an incremental truth value discovery method, an incremental truth value discovery device, computer equipment and a storage medium for protecting privacy, and aims to reduce the calculation and communication overhead of a user.
In a first aspect, the present application provides a privacy-preserving incremental truth discovery method, including:
establishing a system comprising a first server and a second server, respectively generating a first public and private key pair and a second public and private key pair corresponding to the first server and the second server according to a preset algorithm in the system, and disclosing a first public key in the first public and private key pair and a second public key in the second public and private key pair;
generating a random number corresponding to a newly added object by each target user in the system, disturbing initial sensing data of the target user through the random number, generating target sensing data corresponding to each target user, respectively sending the random number and the target sensing data to the second server and the first server, encrypting the random number through the second public key by the second server, sending the encrypted random number to the first server, encrypting the target sensing data through the first public key by the first server, and sending the encrypted target sensing data to the second server;
the first server initializes an initial true value of the newly added object;
the first server assists the second server to calculate the weight of each target user, the second server stores the weight information, and the second server assists the first server to calculate the current true value of the newly added object through the weight information;
and performing iterative computation on the obtained current true value of the newly added object according to a preset convergence criterion to obtain a target true value of the newly added object.
In a second aspect, the present application provides an incremental truth discovery apparatus for protecting privacy, comprising:
the first execution unit is used for establishing a system comprising a first server and a second server, respectively generating a first public and private key pair and a second public and private key pair corresponding to the first server and the second server according to a preset algorithm in the system, and disclosing a first public key in the first public and private key pair and a second public key in the second public and private key pair;
a second execution unit, configured to generate a random number corresponding to a newly added object for each target user in the system, scramble initial sensing data of the target user through the random number, generate target sensing data corresponding to each target user, send the random number and the target sensing data to the second server and the first server, respectively, encrypt the random number through the second public key by the second server, send the encrypted random number to the first server, encrypt the target sensing data through the first public key by the first server, and send the encrypted target sensing data to the second server;
the initialization unit is used for initializing the initial true value of the newly added object by the first server;
a first calculating unit, configured to assist the first server in calculating a weight of each target user for the second server, where the second server stores information of the weight, and the second server assists the first server in calculating a current true value of the new object through the information of the weight;
and the second calculating unit is used for performing iterative calculation on the obtained current true value of the newly added object according to a preset convergence criterion so as to obtain a target true value of the newly added object.
In a third aspect, the present application further provides a computer device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the program, the processor implements the steps of the privacy-preserving incremental true value discovery method provided in any one of the embodiments.
In a fourth aspect, the present application further provides a storage medium, wherein the storage medium stores a computer program, the computer program comprises program instructions, which, when executed by a processor, cause the processor to perform the steps of the incremental true value discovery method for privacy protection according to any of the embodiments provided herein.
According to the embodiment of the invention, by adopting the double-server model, when a user perceives a new object, only the random interference value of the new object and the perception data after disturbance are required to be uploaded, and the random interference values of all the previous objects and the perception data after disturbance are not required to be uploaded again, so that the calculation and communication overhead of the user is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of an incremental true value discovery method for protecting privacy according to an embodiment of the present invention;
FIG. 2 is a comparison chart of computational overhead of a single user of an incremental true value discovery method for privacy protection according to an embodiment of the present invention;
fig. 3 is a comparison diagram of computation overhead of a server end in an initialization phase of an incremental true value discovery method for protecting privacy according to an embodiment of the present invention;
fig. 4 is a comparison diagram of computation overhead of a server end in an iteration phase of an incremental true value discovery method for protecting privacy according to an embodiment of the present invention;
FIG. 5 is a system model diagram of an incremental truth discovery method for privacy protection according to an embodiment of the present invention;
fig. 6 is an algorithm flowchart of an incremental true value discovery method for protecting privacy according to an embodiment of the present invention;
fig. 7 is a schematic block diagram of an incremental true value discovery apparatus for protecting privacy according to an embodiment of the present invention;
FIG. 8 is a schematic block diagram of a computer device provided by an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
The embodiment of the application provides an incremental truth value discovery method and device for protecting privacy, computer equipment and a storage medium.
The application scenario applicable to the incremental truth value discovery method for protecting privacy comprises a user terminal and a server.
The user terminal can be an electronic device such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a personal digital assistant and a wearable device; the server may be an independent server or a server cluster composed of a plurality of servers.
Referring to fig. 1, fig. 5 and fig. 6, fig. 1 is a schematic flowchart of an incremental true value discovery method for protecting privacy according to an embodiment of the present application. As shown in fig. 1, the incremental true value discovery method for protecting privacy includes steps S101 to S105.
Step S101: the method comprises the steps of establishing a system comprising a first server and a second server, respectively generating a first public and private key pair and a second public and private key pair corresponding to the first server and the second server according to a preset algorithm in the system, and disclosing a first public key in the first public and private key pair and a second public key in the second public and private key pair.
Specifically, the system adopts a DGK homomorphic encryption algorithm (DGK)
Figure BDA0002125536460000051
I,Geisler M,
Figure BDA0002125536460000052
M.efficient and Secure company for On-Line evaluations. Australian Conference On Information Security and Privacy 2007: 416-. Inputting a security parameter lambda and a parameter k, t, l, wherein k is the length of a secret key, i.e. the number of bits of a parameter n, and t is a parameter vp,vqL +2 is the number of bits of the parameter u. Selecting proper large prime number p, q, u, vpAnd vqSo that n is pq, u (p-1), u (q-1), vp|(p-1),vqL (q-1), random selection
Figure BDA0002125536460000053
So as to satisfy
Figure BDA0002125536460000054
The public key is pk ═ (n, g, h, u), and the private key is sk ═ p, q, vp,vq). Plaintext space ZuThe ciphertext space is
Figure BDA0002125536460000055
The execution step of the DGK encryption algorithm is called twice to generate a public and private key pair (pk) of the servers A and BA,skA) And (pk)B,skB) Then the public key pk of server A and server B is usedAAnd pkBDisclosed is a method for producing a semiconductor device.
Step S102: generating a random number corresponding to a newly added object by each target user in the system, disturbing initial perception data of the target user through the random number, generating target perception data corresponding to each target user, sending the random number and the target perception data to the second server and the first server respectively, encrypting the random number through the second public key by the second server, sending the encrypted random number to the first server, encrypting the target perception data through the first public key by the first server, and sending the encrypted target perception data to the second server.
Specifically, (1), assuming that the set of all users of the system is U, each user perceives only one object in one time period and perceives a new object again in the next time period. Assume that the previous "old objects" are respectively denoted as o1,o2,...,om-1The newly added object in the current time slot is denoted as omAt this time, the set of objects of the system is assumed to be M.
(2) For the newly added object omEach user i (i e U) generates a random number
Figure BDA0002125536460000061
In combination with
Figure BDA0002125536460000062
Disturbing the own perception data
Figure BDA0002125536460000063
To obtain
Figure BDA0002125536460000064
(3) For the newly added object omEach user i (i ∈ U) will generate a random number
Figure BDA0002125536460000065
And the perception data after the disturbance
Figure BDA0002125536460000066
And respectively sent to server B and server a (in the following description and drawings, server B is the second server, and server a is the first server).
(4) Server A and server B use their public keys pkAAnd pkBThe received information is encrypted and mutually transmitted to the other party.
In particular, for security, this patent specification assumes that there is a secure channel between the user and the server, and for example, when the user sends the random number and the disturbed sensing data to two servers respectively, the user may encrypt the data with the public key of the target server and then send the encrypted data. And after receiving the data, the server decrypts the data.
Step S103: the first server initializes the initial truth value of the newly added object.
Specifically, (1), if the object is the first object in the system, its initial truth value x1Initialized by server a using random number generator Rand ().
(2) If the object is not the first object in the system, the new object is assumed to be omIts initial true value is calculated by server B assisting server a. Server B uses the previous object om-1Truth finding user weight W saved at the end of an iterationm-1(Wm-1Representing all users with respect to object om-1The weight set of (b) to be directly calculated (the specific process is the same as the weight calculation in the subsequent step S104).
Step S104: and the first server assists the second server to calculate the weight of each target user, the second server stores the weight information, and the second server assists the first server to calculate the current true value of the newly added object through the weight information.
Specifically, for each user i, server A causesWith the public key pk of the server BBCalculating about newly added object omIs encrypted by the encryption key
Figure BDA0002125536460000067
And will encrypt the text
Figure BDA0002125536460000071
Sent to the server B, which uses its own private key skBDecrypt the received ciphertext and add
Figure BDA0002125536460000072
Obtaining each user i to the newly added object omIs a distance of
Figure BDA0002125536460000073
Each user i adds the object o according to the pairmIs a distance of
Figure BDA0002125536460000074
And sum of distances to all "old objects" (i.e., the original objects excluding the newly added object)
Figure BDA0002125536460000075
Get the sum of the distances of each user i to all objects (including the new object and the "old object") as
Figure BDA0002125536460000076
Then will be
Figure BDA0002125536460000077
The sum of the distances of all 'old objects' required to be used as the subsequent new object is saved, and the server B calculates the distance of the user i relative to the new object omHas a weight of
Figure BDA0002125536460000078
And the results are saved.
According to the obtained user weight, the server B calculates
Figure BDA0002125536460000079
Using pk in combinationAEncrypt to obtain
Figure BDA00021255364600000710
For newly added object omServer B uses server a's public key pkAThe ciphertext of the weighted data sum is calculated as:
Figure BDA00021255364600000711
the above ciphertext formula first line: the equal-number right encrypted content is simply converted into the equal-number left encrypted content and converted into an E [ A + B ] form; ciphertext formula second line: a characteristic of addition homomorphic encryption E [ a + B ] ═ E [ a ] · E [ B ]; ciphertext formula third line: and is also a property of additive homomorphic encryption.
Figure BDA00021255364600000712
Means to use said first public key pair
Figure BDA00021255364600000713
The result of the encryption.
Note: here EA[]Indicating the use of public key pkAThe content in brackets is encrypted (i.e. the public key of the first server). EB[]Indicating the use of public key pkBThe content in the brackets (i.e. the public key of the second server) is encrypted.
Server B sends ciphertext
Figure BDA00021255364600000714
And all users about the newly added object omSum of weights of
Figure BDA00021255364600000715
The server A is given, and the server A decrypts to obtain all the users about the newly added object omWeighted data summation of
Figure BDA00021255364600000716
And calculating the formula by truth value
Figure BDA00021255364600000717
Calculating the new object omTrue value of (1).
Step S105: and performing iterative computation on the obtained current true value of the newly added object according to a preset convergence criterion to obtain a target true value of the newly added object.
The above step S104 is performed iteratively until a predetermined convergence criterion is satisfied, where the convergence criterion is that the number of iterations reaches a predetermined maximum number or a difference between estimated true values in two consecutive iterations is smaller than a predetermined threshold.
Specifically, the invention adopts a double-server model and a DGK homomorphic encryption algorithm, wherein the DGK homomorphic encryption algorithm has smaller complexity, so the calculation and communication overhead of the user side and the server side is smaller. When a user perceives a new object, only the random interference value of the new object and the perception data after disturbance are needed to be uploaded, and the random interference values of all the previous objects and the perception data after disturbance are not needed to be uploaded again, so that the calculation and communication expenses of the user are reduced.
The following is the efficiency analysis:
the method of the invention and L are shown by experimental data2Comparative analyses of the PPTD method were carried out, showing the performance and efficiency of the method of the invention. The experimental code is compiled by Java, and is compiled on eclipse by using Java standard big-number class BigInterger for operation. The experiment was run by a PC equipped with an Intel Core i7-5700 processor, 8GB memory, and Windows 10 operating system. To be in contact with L2The PPTD method is better compared and the experiment does not take into account the overhead of establishing and maintaining a secure channel.
The perception data set of the experiment is generated by a random number generator Rand (), and for each object, the value of an observed value is within r +/-minus or plus (r multiplied by 10%), wherein r belongs to [0,1 ]]. Assuming that data transmitted by users are continuous integers, when the deviation of the truth value obtained by two continuous iteration calculations is within 0.1%, outputting the truth value, and ending the iteration. The large prime numbers p and q are set to 512 bits, the parameter n is 1024 bits in size, t is 160 bits, L is 13 bits, and the rounding parameter L is 102. The maximum number of users in the experiment is 12, the maximum number of objects is 7, and the experimental data are average values obtained after 10 times of repeated operation. In the experiment, three stages of server a initialization object truth value, server B execution weight update, server a execution truth value update and the like are collectively referred to as an iteration stage.
The efficiency of the method of the invention can be analyzed from both the computational overhead and the communication overhead.
(1) And (3) calculating the overhead: fig. 2 shows the computation overhead at the user end for two methods. Since each user does not participate in the iteration phase, the computational overhead is only incurred in the initialization phase, in microseconds (μ s). As can be seen from fig. 1, the real-valued discovery method proposed herein has an average computation overhead at the user end far lower than that of L2The PPTD method. With the increase of the observed objects, the calculation cost of the user in the method is basically kept unchanged, and L2The computational overhead per user in the PPTD method increases linearly.
Fig. 3 and 4 show the computational performance of the two methods at the server side, including an initialization phase and an iteration phase. As can be seen from fig. 3 and 4, the computation overhead of the method at the server side is obviously higher than that of L2Less for the PPTD method. In the iteration stage, DGK decryption needs to inquire a pre-established plaintext-ciphertext table, and the table can be recycled after being once established, so that the establishment time is not considered.
(2) Communication overhead: here we consider the size of data sent or received by each user and two servers in the method, and with L2The PPTD method was compared. In the same time period, the communication between the user and the two servers is only carried out once in the initialization stage, and is irrelevant to the iteration stage. The results of the experiment are shown in table 1, from which it can be seen that the communication overhead ratio L for each user in the method is2-PPTD methodIs small and does not increase with increasing number of objects.
Figure BDA0002125536460000091
Table 1: client side communication overhead comparison
On the server side, tables 2 and 3 record the communication overhead of servers a and B during the initialization phase and each iteration phase, respectively. From these two tables, we can see that the communication overhead ratio L of the method at two server ends2The PPTD method is less, the main reasons include two aspects: firstly, when the server side carries out encryption calculation, L2The cipher text length calculated by the Paillier homomorphic cryptosystem of the PPTD method is 2048 bits, while the cipher text length calculated by the DGK homomorphic cryptosystem adopted by the method is 1024 bits, L2Half of the PPTD method; ② when new added object is sensed, L2The PPTD method requires retransmission of data of all objects, whereas the method requires only uploading and receiving of data of newly added objects.
Figure BDA0002125536460000092
Figure BDA0002125536460000101
Table 2: server-side communication overhead during initialization phase
Figure BDA0002125536460000102
Table 3: server side communication overhead per iteration phase
Fig. 7 is a schematic block diagram of an incremental true value discovery apparatus for protecting privacy according to an embodiment of the present application. As shown in fig. 7, in response to the above privacy-preserving incremental true value discovery method, the present application also provides a privacy-preserving incremental true value discovery apparatus. The privacy-preserving incremental true value discovery apparatus, which may be configured in a server, includes means for performing the above-described privacy-preserving incremental true value discovery method steps.
As shown in fig. 7, the privacy-preserving incremental true value discovery apparatus 400 includes: a first execution unit 410, a second execution unit 420, an initialization unit 430, a first calculation unit 440, and a second calculation unit 450.
A first execution unit 410, configured to establish a system including a first server and a second server, generate a first public-private key pair and a second public-private key pair corresponding to the first server and the second server according to a preset algorithm in the system, and disclose a first public key in the first public-private key pair and a second public key in the second public-private key pair;
a second execution unit 420, configured to generate a random number corresponding to a newly added object for each target user in the system, scramble initial sensing data of the target user through the random number, generate target sensing data corresponding to each target user, send the random number and the target sensing data to the second server and the first server, respectively, where the second server encrypts the random number through the second public key and sends the encrypted random number to the first server, and the first server encrypts the target sensing data through the first public key and sends the encrypted target sensing data to the second server;
an initializing unit 430, configured to initialize an initial true value of the newly added object by the first server;
a first calculating unit 440, configured to assist the first server in calculating a weight of each target user, and store information of the weight by the second server, where the second server assists the first server in calculating a current true value of the new object through the information of the weight;
the second calculating unit 450 is configured to perform iterative calculation on the obtained current true value of the newly added object according to a preset convergence criterion, so as to obtain a target true value for the newly added object.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working process of the above-described privacy protection incremental truth value discovery apparatus and unit may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
The above-described apparatus may be implemented in the form of a computer program which is executable on a computer device as shown in fig. 8.
Referring to fig. 8, fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 700 may be a terminal or a server.
Referring to fig. 8, the computer device 700 includes a processor 720, a memory, which may include a non-volatile storage medium 730 and an internal memory 740, and a network interface 750, which are connected by a system bus 710.
The non-volatile storage medium 730 may store an operating system 731 and computer programs 732. The computer programs 732, when executed, cause the processor 720 to perform any of the incremental true discovery methods for privacy protection.
The processor 720 is used to provide computing and control capabilities, supporting the operation of the overall computer device 700.
The internal memory 740 provides an environment for the execution of a computer program 732 on the non-volatile storage medium 730, which computer program 732, when executed by the processor 720, causes the processor 720 to perform any one of the incremental true value discovery methods for privacy protection.
The network interface 750 is used for network communication such as sending assigned tasks and the like. Those skilled in the art will appreciate that the architecture shown in fig. 8 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing device 700 to which the disclosed aspects apply, as a particular computing device 700 may include more or less components than those shown, or may combine certain components, or have a different arrangement of components. Wherein the processor 720 is configured to execute the program code stored in the memory to perform the following steps:
calculating a personal privacy budget threshold according to a preset collusion threshold and a preset global security privacy budget; generating a query condition, and judging whether the current privacy budget queried by the user under the query condition exceeds a personal privacy budget threshold value; if the current privacy budget queried by the user under the query condition does not exceed the personal privacy budget threshold, calculating the system sensitivity; carrying out noise adding processing on the real score according to the system sensitivity; and performing numerical value processing on the real score subjected to the noise processing, and sending score information subjected to the numerical value processing to the user.
It should be understood that, in the embodiment of the present Application, the Processor 720 may be a Central Processing Unit (CPU), and the Processor 720 may also be other general-purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Those skilled in the art will appreciate that the configuration of computer device 700 depicted in FIG. 8 is not intended to be limiting of computer device 700 and may include more or less components than those shown, or some components in combination, or a different arrangement of components.
It will be understood by those skilled in the art that all or part of the processes in the methods of the above embodiments may be implemented by hardware related to instructions of a computer program, and the computer program may be stored in a storage medium, which is a computer-readable storage medium. In the embodiment of the present invention, the computer program may be stored in a storage medium of a computer system and executed by at least one processor in the computer system to implement the flow steps of the embodiments including the methods as described above.
The computer readable storage medium may be a magnetic disk, an optical disk, a usb disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk or an optical disk, etc. which can store program codes.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the several embodiments provided in the present application, it should be understood that the disclosed privacy-preserving incremental truth discovery apparatus and method may be implemented in other ways. For example, the incremental truth discovery apparatus embodiments described above to protect privacy are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, various elements or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented.
The steps in the method of the embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs.
The units in the device of the embodiment of the application can be combined, divided and deleted according to actual needs.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially or partially implemented in the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a terminal, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application.
While the invention has been described with reference to specific embodiments, the scope of the invention is not limited thereto, and those skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the invention. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (6)

1. An incremental true discovery method for privacy protection, comprising:
establishing a system comprising a first server and a second server, respectively generating a first public and private key pair and a second public and private key pair corresponding to the first server and the second server according to a preset algorithm in the system, and disclosing a first public key in the first public and private key pair and a second public key in the second public and private key pair, wherein the preset algorithm comprises a preset public key formula and a preset private key formula;
the preset public key formula is as follows:
pk=(n,g,h,u)
the preset private key formula is as follows:
sk=(p,q,vp,vq)
the n is a parameter obtained according to a first preset formula;
the first preset formula is as follows:
n=pq,u|(p-1),u|(q-1),vp|(p-1),vq|(q-1)
wherein, p, q, u, vpAnd vqAre all prime numbers, the digit number of n is k, the digit number of u is l +2, vp、vqIs t, and k, t, l satisfy k > t > l, are randomly selected
Figure FDA0003466150510000011
So as to satisfy
Figure FDA0003466150510000012
Figure FDA0003466150510000013
Generating a random number corresponding to a newly added object by each target user in the system, disturbing initial perception data of the target user through the random number, and generating target perception data corresponding to each target user, wherein the target perception data are obtained according to a second preset formula;
the second preset formula is as follows:
Figure FDA0003466150510000014
respectively sending the random number and the target sensing data to the second server and the first server, wherein the second server encrypts the random number through the second public key and sends the encrypted random number to the first server, and the first server encrypts the target sensing data through the first public key and sends the encrypted target sensing data to the second server;
the first server judges whether the newly added object is the first object in the system or not, correspondingly initializes the initial truth value of the newly added object according to whether the newly added object is the first object in the system or not, and if the newly added object is the first object in the system, the initial truth value x of the newly added object is initialized1Initialization by a first server using a random number generator Rand ()It follows that if the object is not the first object in the system, its initial truth value is used by the second server for the previous object om-1Truth finding user weight W saved at the end of an iterationm-1To calculate directly;
the first server assists the second server in calculating the weight of each target user, and the second server stores the information of the weight, wherein the first server assists the second server in calculating the weight of each target user comprises the following steps:
the first server calculates a first ciphertext of each target user about the newly added object according to a preset ciphertext formula, and sends the first ciphertext to the second server;
the preset ciphertext formula is as follows:
Figure FDA0003466150510000021
the second server decrypts the first ciphertext through a private key in the second public and private key pair and adds the first ciphertext with a private key in the second public and private key pair
Figure FDA0003466150510000022
Obtaining the distance between each target user i and the newly added object
Figure FDA0003466150510000023
Adding the distance sum of each target user to the newly added object to the distance sum of the original object to obtain the distance sum of each target user to all the objects, and storing the distance sum of all the objects;
the expression for the sum of distances for all objects is:
Figure FDA0003466150510000024
the second server calculates the weight of the newly added object according to a weight calculation formula;
the weight calculation formula is as follows:
Figure FDA0003466150510000025
wherein τ represents the τ -th object, the value range of τ is [1, | M | ], j represents the jth user, the value range of τ is [1, | U | ], U is the set of all users, and M is the object set of the system;
the second server assists the first server to calculate the current true value of the newly added object through the weighted information, and the second server assists the first server to calculate the current true value of the newly added object through the weighted information includes:
the second server calculates a second ciphertext of the weighted data sum of the newly added object according to a fourth preset formula and the first public key;
the fourth preset formula is as follows:
Figure FDA0003466150510000031
wherein E isA[]Indicating that the content in the brackets is encrypted by using the first public key; eB[]Indicating that the content in the brackets is encrypted by using the second public key;
the second server sums the second ciphertext and the weight of all the target users about the newly added object
Figure FDA0003466150510000032
Sending the second ciphertext to the first server, and decrypting the second ciphertext by the first server to obtain the weighted data sum of all the target users about the newly added object
Figure FDA0003466150510000033
Calculating a true value of the newly added object through a true value calculation formula;
the truth value calculation formula is as follows:
Figure FDA0003466150510000034
and performing iterative computation on the obtained current true value of the newly added object to obtain a target true value of the newly added object.
2. The method for finding incremental true values for privacy protection according to claim 1, wherein the iterative computation is performed on the obtained current true value of the newly added object to obtain a target true value for the newly added object, and the number of iterative computations is required to reach a predetermined maximum number.
3. The method for finding incremental true values for privacy protection according to claim 1, wherein the iterative computation of the obtained current true value of the newly added object is performed to obtain a target true value for the newly added object, and a difference between estimated true values in two consecutive iterative computations is smaller than a predetermined threshold.
4. An incremental true discovery apparatus for privacy protection, comprising:
the first execution unit is used for establishing a system comprising a first server and a second server, respectively generating a first public and private key pair and a second public and private key pair corresponding to the first server and the second server according to a preset algorithm in the system, and disclosing a first public key in the first public and private key pair and a second public key in the second public and private key pair, wherein the preset algorithm comprises a preset public key formula and a preset private key formula;
the preset public key formula is as follows:
pk=(n,g,h,u)
the preset private key formula is as follows:
sk=(p,q,vp,vq)
the n is a parameter obtained according to a first preset formula;
the first preset formula is as follows:
n=pq,u|(p-1),u|(q-1),vp|(p-1),vq|(q-1)
wherein, p, q, u, vpAnd vqAre all prime numbers, the digit number of n is k, the digit number of u is l +2, vp、vqIs t, and k, t, l satisfy k > t > l, are randomly selected
Figure FDA0003466150510000041
So as to satisfy
Figure FDA0003466150510000042
Figure FDA0003466150510000043
The second execution unit is used for generating a random number corresponding to a newly added object by each target user in the system, disturbing initial perception data of the target user through the random number, and generating target perception data corresponding to each target user, wherein the target perception data are obtained according to a second preset formula;
the second preset formula is as follows:
Figure FDA0003466150510000044
respectively sending the random number and the target sensing data to the second server and the first server, wherein the second server encrypts the random number through the second public key and sends the encrypted random number to the first server, and the first server encrypts the target sensing data through the first public key and sends the encrypted target sensing data to the second server;
an initialization unit, configured to determine, by the first server, whether the newly added object is the first object in the system, and perform corresponding initialization on the initial true value of the newly added object according to whether the newly added object is the first object in the system, and if the newly added object is the first object in the system, perform corresponding initialization on the initial true value x of the newly added object1Initialized by the first server using the random number generator Rand (), and if the object is not the first object in the system, its initial true value is used by the second server using the previous object om-1Truth finding user weight W saved at the end of an iterationm-1To calculate directly;
a first calculating unit, configured to assist the second server in calculating a weight of each target user by the first server, and store information of the weight by the second server, where the assisting the second server in calculating the weight of each target user by the first server includes:
the first server calculates a first ciphertext of each target user about the newly added object according to a preset ciphertext formula, and sends the first ciphertext to the second server;
the preset ciphertext formula is as follows:
Figure FDA0003466150510000051
the second server decrypts the first ciphertext through a private key in the second public and private key pair and adds the first ciphertext with a private key in the second public and private key pair
Figure FDA0003466150510000052
Obtaining the distance between each target user i and the newly added object
Figure FDA0003466150510000053
Adding the distance sum of each target user to the newly added object to the distance sum of the original object to obtain the distance sum of each target user to all the objects, and storing the distance sum of all the objects;
the expression for the sum of distances for all objects is:
Figure FDA0003466150510000054
the second server calculates the weight of the newly added object according to a weight calculation formula;
the weight calculation formula is as follows:
Figure FDA0003466150510000055
wherein τ represents the τ -th object, the value range of τ is [1, | M | ], j represents the jth user, the value range of τ is [1, | U | ], U is the set of all users, and M is the object set of the system;
the second server assists the first server to calculate the current true value of the newly added object through the weighted information, and the second server assists the first server to calculate the current true value of the newly added object through the weighted information includes:
the second server calculates a second ciphertext of the weighted data sum of the newly added object according to a fourth preset formula and the first public key;
the fourth preset formula is as follows:
Figure FDA0003466150510000056
wherein E isA[]Indicating that the content in the brackets is encrypted by using the first public key; eB[]Indicating that the content in the brackets is encrypted by using the second public key;
the second server sums the second ciphertext and the weight of all the target users about the newly added object
Figure FDA0003466150510000061
Sending the second ciphertext to the first server, and decrypting the second ciphertext by the first server to obtain the weighted data sum of all the target users about the newly added object
Figure FDA0003466150510000062
Calculating a true value of the newly added object through a true value calculation formula;
the truth value calculation formula is as follows:
Figure FDA0003466150510000034
and the second calculating unit is used for performing iterative calculation on the obtained current true value of the newly added object to obtain a target true value of the newly added object.
5. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method according to any one of claims 1 to 3 when executing the computer program.
6. A storage medium, characterized in that the storage medium stores a computer program comprising program instructions which, when executed by a processor, cause the processor to carry out the steps of the method according to any one of claims 1 to 3.
CN201910621172.3A 2019-07-10 2019-07-10 Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium Active CN110198216B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910621172.3A CN110198216B (en) 2019-07-10 2019-07-10 Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910621172.3A CN110198216B (en) 2019-07-10 2019-07-10 Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110198216A CN110198216A (en) 2019-09-03
CN110198216B true CN110198216B (en) 2022-03-04

Family

ID=67755970

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910621172.3A Active CN110198216B (en) 2019-07-10 2019-07-10 Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110198216B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111324870B (en) * 2020-01-22 2022-10-11 武汉大学 Outsourcing convolutional neural network privacy protection system based on safe two-party calculation
CN111585990B (en) * 2020-04-26 2022-04-15 安徽师范大学 Mobile crowd sensing privacy protection truth value discovery method based on safety summation
CN114357502A (en) * 2021-11-17 2022-04-15 北京邮电大学 Truth value discovery method meeting localization differential privacy and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016036853A1 (en) * 2014-09-07 2016-03-10 University Of Florida Research Foundation Inc. Dynamic user-defined check-in points
CN106534239A (en) * 2015-09-11 2017-03-22 上海交通大学 Method and device for acquiring perception data
CN108494760A (en) * 2018-03-14 2018-09-04 安徽大学 A kind of intelligent perception true value discovery method of protection privacy
CN109347829A (en) * 2018-10-23 2019-02-15 北京理工大学 A kind of intelligent perception network true value discovery method based on secret protection
CN109474928A (en) * 2018-11-07 2019-03-15 电子科技大学 Realize that the true value of efficient secret protection finds method in mobile gunz sensory perceptual system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10111031B2 (en) * 2016-01-22 2018-10-23 The United States Of America As Represented By The Secretary Of The Air Force Object detection and tracking system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016036853A1 (en) * 2014-09-07 2016-03-10 University Of Florida Research Foundation Inc. Dynamic user-defined check-in points
CN106534239A (en) * 2015-09-11 2017-03-22 上海交通大学 Method and device for acquiring perception data
CN108494760A (en) * 2018-03-14 2018-09-04 安徽大学 A kind of intelligent perception true value discovery method of protection privacy
CN109347829A (en) * 2018-10-23 2019-02-15 北京理工大学 A kind of intelligent perception network true value discovery method based on secret protection
CN109474928A (en) * 2018-11-07 2019-03-15 电子科技大学 Realize that the true value of efficient secret protection finds method in mobile gunz sensory perceptual system

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
"A lightweight privacy-preserving truth discovery framework for mobile crowd sensing systems";Chenglin Miao et al.;《IEEE INFOCOM 2017 - IEEE Conference on Computer Communications》;20170504;全文 *
"Cloud-Enabled Privacy-Preserving Truth Discovery in Crowd Sensing Systems";Chenglin Miao et al.;《Proceedings of the 13th ACM conference on Embedded Networked Sensor Systems》;20151130;全文 *
"Efficient and privacy-preserving data aggregation in mobile sensing";Qinghua Li et al.;《2012 20th IEEE International Conference on Network Protocols (ICNP)》;20121102;全文 *
"Privacy-Preserving Data Aggregation in Mobile Phone Sensing";Yuan Zhang et al.;《IEEE Transactions on Information Forensics and Security(Volume:11,Issue:5,May 2016)》;20160106;第11卷(第5期);全文 *
"一种高效的隐私保护群智感知真值发现机制";孙洪山 等;《物联网技术》;20180720(第7期);全文 *

Also Published As

Publication number Publication date
CN110198216A (en) 2019-09-03

Similar Documents

Publication Publication Date Title
Liu et al. Hybrid privacy-preserving clinical decision support system in fog–cloud computing
Liu et al. Efficient and privacy-preserving outsourced calculation of rational numbers
CN107257381B (en) Task allocation system model for privacy protection space crowdsourcing and implementation method
CN110198216B (en) Incremental truth value discovery method and device for protecting privacy, computer equipment and storage medium
US8281121B2 (en) Private aggregation of distributed time-series data
US11323255B2 (en) Methods and systems for encryption and homomorphic encryption systems using Geometric Algebra and Hensel codes
JP5657128B2 (en) Secure calculation system, secure calculation method, and secure calculation program
CN110059501B (en) Safe outsourcing machine learning method based on differential privacy
CN111162894B (en) Statistical analysis method for outsourcing cloud storage medical data aggregation with privacy protection
WO2013158798A2 (en) Method and system for secure multiparty cloud computation
JP2016512611A (en) Privacy Protection Ridge Return
US20110060901A1 (en) Cryptographic System for Performing Secure Iterative Matrix Inversions and Solving Systems of Linear Equations
CN108989339B (en) Ciphertext encryption method, system and storage medium with strategy hiding function
CN114039785B (en) Data encryption, decryption and processing methods, devices, equipment and storage medium
KR101233682B1 (en) Calculating apparatus and method for elliptic curve cryptography
CN108055128B (en) RSA key generation method, RSA key generation device, storage medium and computer equipment
JP7323004B2 (en) Data extraction system, data extraction method, registration device and program
CN108768642B (en) Data aggregation method and device, computer equipment and storage medium
WO2022141014A1 (en) Security averaging method based on multi-user data
CN116170142B (en) Distributed collaborative decryption method, device and storage medium
CN110336837B (en) Practical cloud privacy protection outsourcing computing system and computing method thereof
KR20220079522A (en) Methods and systems for encryption using geometric algebra and Hansel codes and isomorphic encryption systems
Chen et al. Cryptanalysis and improvement of DeepPAR: Privacy-preserving and asynchronous deep learning for industrial IoT
CN112637233B (en) Safe averaging method based on multi-user data
CN115642999A (en) Method and system for efficient retrieval of private information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant