CN111723384A

CN111723384A - Data processing method, system and equipment

Info

Publication number: CN111723384A
Application number: CN201910222376.XA
Authority: CN
Inventors: 申凯祥; 洪澄
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2019-03-22
Filing date: 2019-03-22
Publication date: 2020-09-29
Anticipated expiration: 2039-03-22
Also published as: CN111723384B

Abstract

The embodiment of the application provides a data processing method, a system and equipment. The data processing method comprises the following steps: encrypting the first data by using a first key to generate a first ciphertext; sending the first ciphertext to a second computing node, so that the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext; encrypting a third ciphertext of the second computing node by using the first key to generate a fourth ciphertext; the third ciphertext is obtained by encrypting second data by the second computing node by using the second key; and under the condition that the second ciphertext fed back by the second computing node is received, performing cooperative computing on the second ciphertext and the fourth ciphertext to obtain a computing result. According to the technical scheme provided by each embodiment of the application, data safety is guaranteed, and data leakage cannot occur.

Description

Data processing method, system and equipment

Technical Field

The present application relates to the field of computer technologies, and in particular, to a data processing method, system, and device.

Background

The problem of safety intersection is a problem which is frequently encountered and needs to be solved. Briefly described by taking two parties as an example, the first party has a data set A, the second party has a data set B, and the two parties want to cooperatively calculate the intersection A ≦ B of the A and the B without revealing other data irrelevant to the intersection to the other party. This definition can also be extended to multiple parties, which is a secure multi-party intersection problem.

There are wide application scenarios to the safe intersection solving problem: for example, the financial company a needs to know which bad loan users are at high risk, and the company B specialized in wind control also needs to know which bad loan users collected by the company a have registered.

In this case, the problem of finding the shared users without revealing the independent data of the users is a simple two-party safety intersection finding application problem.

Disclosure of Invention

The embodiment of the application provides a data processing method, a system and equipment which are safe and do not cause any data leakage.

In one embodiment of the present application, a data processing method is provided. The method comprises the following steps:

encrypting the first data by using a first key to generate a first ciphertext;

sending the first ciphertext to a second computing node, so that the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext;

encrypting a third ciphertext of the second computing node by using the first key to generate a fourth ciphertext; the third ciphertext is obtained by encrypting second data by the second computing node by using the second key;

and under the condition that the second ciphertext fed back by the second computing node is received, performing cooperative computing on the second ciphertext and the fourth ciphertext to obtain a computing result.

In another embodiment of the present application, a data processing system is provided. The data processing system includes: a first computing node and a second computing node participating in multi-party security computing; wherein the content of the first and second substances,

the first computing node is used for encrypting the first data to generate a first ciphertext; sending the first ciphertext to the second computing node;

the second computing node is used for encrypting the first ciphertext to obtain a second ciphertext; feeding back the second ciphertext to the first computing node; encrypting second data to generate a third ciphertext, and sending the third ciphertext to the first computing node;

the first computing node is further configured to encrypt the third ciphertext to generate a fourth ciphertext; and performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

In yet another embodiment of the present application, a data processing method is provided. The method comprises the following steps:

encrypting the first data by using a first key to generate a first ciphertext;

sending the first ciphertext and the first key to a service platform;

under the condition that the second computing node determines to participate in the multi-party security computation, waiting for the service platform to feed back the computation result of the collaborative computation;

the computing result is obtained by the service platform through collaborative computing of a second ciphertext and a fourth ciphertext, the second ciphertext is obtained by encrypting the first ciphertext through a second key of a second computing node, the fourth ciphertext is obtained by encrypting a third ciphertext through the first key, and the third ciphertext is obtained by the second computing node through encrypting second data through the second key and then uploading the second data to the service platform.

receiving a first ciphertext and a first key sent by a first computing node;

receiving a third ciphertext and a second key sent by a second computing node;

encrypting the third ciphertext by using the first key to obtain a fourth ciphertext;

encrypting the first ciphertext by using the second key to obtain a second ciphertext;

and performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

In yet another embodiment of the present application, a data processing system is provided. The data processing system includes: the system comprises a service platform, a first computing node and a second computing node, wherein the first computing node and the second computing node participate in multi-party security computing; wherein the content of the first and second substances,

the first computing node is used for encrypting first data by using a first key to obtain a first ciphertext and sending the first ciphertext and the first key to a service platform;

the second computing node is used for encrypting second data by using a second key to obtain a third ciphertext and sending the third ciphertext and the second key to the service platform;

the service platform is used for encrypting the first ciphertext by using the second key to obtain a second ciphertext; encrypting the third ciphertext by using the first key to obtain a fourth ciphertext; and performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

sending the first ciphertext to a service platform, wherein the first ciphertext is obtained by encrypting first data by using a first key;

acquiring a third ciphertext of the second computing node from the service platform;

sending the fourth ciphertext to the service platform to wait for the service platform to feed back a calculation result of the collaborative calculation;

the third ciphertext is obtained by encrypting second data by the second computing node through a second key and uploading the second data to the service platform, the calculation result is obtained by performing cooperative calculation on the second ciphertext and a fourth ciphertext by the service platform, and the second ciphertext is obtained by encrypting the first ciphertext by the service platform through the second key of the second computing node.

sending a third ciphertext of the second computing node to the first computing node, wherein the third ciphertext is uploaded after the second computing node encrypts second data by using a second key;

receiving a fourth ciphertext sent by the first computing node after encrypting the third ciphertext by using the first key;

acquiring a first ciphertext of a first computing node, wherein the first ciphertext is uploaded after the first computing node encrypts first data by using a first key;

acquiring a second ciphertext obtained by encrypting the first ciphertext by using the second key;

In yet another embodiment of the present application, a data processing system is provided. The system comprises: the system comprises a service platform, a first computing node and a second computing node, wherein the first computing node and the second computing node participate in multi-party security computing; wherein the content of the first and second substances,

the first computing node is used for encrypting the first data by using a first key to obtain a first ciphertext; sending the first ciphertext to the service platform; acquiring the third ciphertext from a service platform, and encrypting the third ciphertext by using the first key to obtain a fourth ciphertext; sending the fourth ciphertext to the service platform; the third ciphertext is uploaded to the service platform after the second computing node encrypts second data by using the second key;

and the service platform is used for acquiring a second ciphertext obtained by encrypting the first ciphertext by using the second key, and performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

In yet another embodiment of the present application, a computing device is provided. The computing device includes: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;

the processor, coupled with the memory, to execute the program stored in the memory to:

encrypting the first data by using a first key to generate a first ciphertext;

sending the first ciphertext to a second computing node through the communication component, so that the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext;

and under the condition that the second ciphertext fed back by the second computing node is received through the communication assembly, performing cooperative computing on the second ciphertext and the fourth ciphertext to obtain a computing result.

the memory is used for storing programs;

encrypting the first data by using a first key to generate a first ciphertext;

sending the first ciphertext and the first key to a service platform through the communication component;

In yet another embodiment of the present application, a service platform device is provided. The service platform device includes: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;

receiving a first ciphertext and a first key sent by a first computing node through the communication component;

receiving a third ciphertext and a second key sent by a second computing node through the communication component;

the memory is used for storing programs;

sending the first ciphertext to a service platform through the communication component, wherein the first ciphertext is obtained by encrypting first data through a first key;

sending the fourth ciphertext to the service platform through the communication component to wait for the service platform to feed back a calculation result of the collaborative calculation;

the memory is used for storing programs;

sending a third ciphertext of the second computing node to the first computing node through the communication component, wherein the third ciphertext is uploaded after the second computing node encrypts second data by using a second key;

receiving, by the communication component, a fourth ciphertext that is sent by the first computing node after encrypting the third ciphertext with the first key;

According to the technical scheme provided by the embodiment of the application, after two computing nodes participating in multi-party safe computing encrypt data to be participated in the multi-party safe computing once by using respective keys, the other node encrypts the data after the encryption once by using the respective key, the data of the two nodes are encrypted twice by using the respective keys and the other key, so that the plaintext of the data is difficult to break, the data safety is ensured, and the data leakage is avoided; in addition, each time of performing the collaborative computation, the participation of the opposite computing node is required, that is, one computing node cannot perform any operation on the data of the opposite computing node under the condition that the other computing node is unknown, so that the data becomes 'disposable utilization', any data leakage is not generated after one-time multi-party security computation is completed, and the security of the multi-party security computation is improved. In addition, the technical scheme provided by the embodiment of the application can be further expanded to a multi-party safe computing scene with three, four or more computing nodes, the implementation principle is the same, and only the information interaction times among the computing nodes are more, and the data encryption times are more.

In another technical scheme provided by the embodiment of the application, a service platform is additionally arranged, and a computing node participating in multi-party security calculation can selectively deliver a self key to the service platform; when the computing node trusts the key, the part which belongs to the self computing task in the data interaction can be handed to the service platform to be completed, so that the self computing amount and the data interaction amount are reduced; compared with the scheme that the secret key is not trusteed, the data security of the scheme is reduced, but the encryption process and the multi-party calculation process can be realized by the service platform, and the complexity is reduced.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings required to be utilized in the description of the embodiments or the prior art are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings can be obtained according to the drawings without creative efforts for those skilled in the art.

Fig. 1 is a schematic flow chart of a data processing method according to an embodiment of the present application;

fig. 2a is a schematic flowchart of a data processing method according to an embodiment of the present application;

fig. 2b is a schematic signaling interaction diagram of a data processing method according to an embodiment of the present application;

FIG. 3 is a block diagram of a data processing system according to an embodiment of the present application;

FIG. 4 is a block diagram of a data processing system according to another embodiment of the present application;

fig. 5 is a schematic flowchart of a data processing method according to another embodiment of the present application;

fig. 6 is a schematic flowchart of a data processing method according to another embodiment of the present application;

fig. 7 is a schematic flowchart of a data processing method according to another embodiment of the present application;

FIG. 8 is a schematic flow chart diagram illustrating a data processing method according to another embodiment of the present application;

fig. 9 is a schematic signaling interaction diagram of a data processing method according to another embodiment of the present application;

fig. 10 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application;

fig. 11 is a schematic structural diagram of a data processing apparatus according to another embodiment of the present application;

fig. 12 is a schematic structural diagram of a data processing apparatus according to yet another embodiment of the present application;

fig. 13 is a schematic structural diagram of a data processing apparatus according to yet another embodiment of the present application;

fig. 14 is a schematic structural diagram of a data processing apparatus according to yet another embodiment of the present application;

fig. 15 is a schematic structural diagram of a computing device according to an embodiment of the present application.

Detailed Description

The existing method for solving intersection by multiple parties is generally as follows: a participant (namely a computing node) firstly hashes user information (for example, by using a hashing algorithm such as MD5/SHA-1 and the like) to complete an irreversible asymmetric encryption process from a plaintext to a ciphertext; and then sends the user information hashed by itself to other participants. And the data with consistent Hash values in all the participating parties is common intersection data.

However, there are two serious security problems with existing solutions:

1. uncontrolled after the fact; after the calculation is finished, any party can randomly select data to obtain the hash, and whether the data is in the list of the other party is judged.

2. The hash table is vulnerable to rainbow table attack, and there is a possibility that the content of plaintext data is reversely deduced from the hash value.

Data encryption can only alleviate problem 2, but not problem 1. Accordingly, embodiments of the present application provide a data processing method, system, and device that are safer and can effectively solve the problem 1 in the prior art. In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.

In some of the flows described in the specification, claims, and above-described figures of the present application, a number of operations are included that occur in a particular order, which operations may be performed out of order or in parallel as they occur herein. The sequence numbers of the operations, e.g., 101, 102, etc., are used merely to distinguish between the various operations, and do not represent any order of execution per se. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different. In addition, the embodiments described below are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Before introducing the methods provided by the embodiments of the present application, for convenience of understanding of the solution, a specific application scenario is taken as an example below to explain a design concept of the technical solution provided by the present application. For example, company a needs to know which specific attributes of all its users (e.g., bad loan users) so that the business risk can be reduced; company B, engaged in the wind control service, also wants to know which of all the users with specific attributes collected by itself (e.g., users with bad loan) are users of company a, so that company a can be provided with subsequent wind control service.

At this time, two companies can participate in multi-party security calculation (including two-party security calculation) and seek common users without revealing self-irrelevant data. Of course, in particular implementations, there may be a third company C, company D, etc. that participate in the multi-party security computation together in order to find their common users.

Multi-Party Secure computing, or Secure Multi-Party computing (SMC), is a collaborative computing problem that solves the privacy-preserving problem among a group of untrusted parties. SMC ensures the characteristics of independence of input, accuracy of calculation, decentralization and the like, and does not leak each input value to other members participating in calculation. The method mainly aims at the problem of how to safely calculate an agreed function under the condition of no trusted third party, and simultaneously requires that each participant can not obtain any input information of other entities except the calculation result. The participation nodes of the multi-party safe computing have the same position, and can initiate a cooperative computing task and also can selectively participate in computing tasks initiated by other parties.

The explanation is given with two parties performing multi-party security computations. Companies (i.e., parties) participating in the computation are referred to as compute nodes in the following implementations, which may be understood simply as: a computing device on the company (i.e., party) side participating in the computation.

The two companies participating in the calculation correspond to the first calculation node and the second calculation node, respectively, in the embodiments described below. Specifically, as shown in fig. 1, the data processing method provided in this embodiment includes:

s01, the first computing node encrypts the data to be participated in the multi-party security computation locally by using the first key to generate a first ciphertext, and sends the first ciphertext to the second computing node;

s02, the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext, and feeds the second ciphertext back to the first computing node;

s03, the second computing node encrypts the data to be participated in the multi-party secure computation by using the second key to generate a third ciphertext, and sends the third ciphertext to the first computing node;

s04, the first computing node encrypts the third ciphertext by using the first key to generate a fourth ciphertext, and feeds the fourth ciphertext back to the second computing node;

s05, the first computing node performs collaborative computing on the second ciphertext and the fourth ciphertext to obtain a computing result;

and S06, the second computing node performs collaborative computing on the second ciphertext and the fourth ciphertext to obtain a computing result.

Here, it should be noted that: the above-mentioned S01-S06 are only used to distinguish different operations, and the sequence numbers themselves do not represent any execution order.

The collaborative computation in the embodiments of the present application can be simply understood as: computing logic satisfying the cooperative computing task initiated by the initiator, for example, intersection computing logic; namely, the second ciphertext and the fourth ciphertext are compared, and the consistent data items in the second ciphertext and the fourth ciphertext are used as calculation results. And the first computing node and the second computing node both compute the second ciphertext and the fourth ciphertext according to the computation logic required by the cooperative computation task to obtain a computation result.

Further, after the first computing node receives the ciphertext (e.g., the third ciphertext and the second ciphertext) sent by the second computing node, the ciphertext may also be verified, for example: document authentication, identity authentication, operating environment authentication, and the like. And after the verification is passed, performing subsequent operations. Similarly, after receiving the ciphertext (such as the first ciphertext and the fourth ciphertext) sent by the first computing node, the second computing node verifies the first ciphertext. In specific implementation, when the ciphertext is sent to the corresponding computing node, the ciphertext and the certificate corresponding to the ciphertext can be simultaneously sent to the corresponding computing node. The certificate may contain an information item for authentication of a document, an information item for identification of an operating environment, and the like. The verification of the ciphertext may be substantially verification information included in the certificate of authenticity.

In addition, the method provided by the embodiment of the application can be further expanded to a scenario of 3 or more computing nodes. As shown in fig. 3, a third compute node, …. Taking the case of 3 compute nodes as an example, the 3 compute nodes include: the system comprises a first computing node, a second computing node and a third computing node; the 3 compute nodes own first data a, second data B and third data C, respectively. It is assumed that,

the first computing node encrypts the first data A to obtain a first ciphertext A';

the second computing node encrypts the second data B to obtain a third ciphertext B';

and the third computing node encrypts the third data C to obtain a fifth ciphertext C'.

Then based on the above principle:

the first ciphertext A' needs to undergo secondary encryption by the second computing node by using a second key and tertiary encryption by the third computing node by using a third key;

the second ciphertext B' needs to undergo secondary encryption by the first computing node by using the first key and tertiary encryption by the third computing node by using the third key;

the third ciphertext C' may be subjected to a second encryption by the first computing node using the first key, and a third encryption by the second computing node using the second key.

Therefore, the more nodes participate, the more the interaction among the nodes is. In order to reduce the number of interactions between nodes, the embodiments of the present application further provide a scheme for key (or certificate) escrow, that is, a third-party service platform is added, the third-party service platform completes encryption of each ciphertext for two, three, or more times, the third-party service platform can also complete multiparty security computation, and the multiparty security computation result is fed back to each computation node. The scheme of key escrow will be described in detail in the following embodiments.

Fig. 2a is a schematic flow chart illustrating a data processing method according to an embodiment of the present application. The execution subject of the method provided by the embodiment may be one of a plurality of computing nodes participating in multi-party secure computing, such as the first computing node. The computing node may be any device such as a desktop computer, a notebook computer, a smart phone, an intelligent vehicle-mounted device, and an intelligent wearable device, which is not specifically limited in this embodiment. Specifically, as shown in fig. 2a, the method includes:

101. and encrypting the first data by using the first key to generate a first ciphertext.

102. And sending the first ciphertext to a second computing node, so that the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext.

103. And encrypting the third ciphertext of the second computing node by using the first key to generate a fourth ciphertext.

The third ciphertext is obtained by encrypting second data by the second computing node by using the second key;

104. and under the condition that the second ciphertext fed back by the second computing node is received, performing cooperative computing on the second ciphertext and the fourth ciphertext to obtain a computing result.

In the foregoing 101, the process of encrypting the first data by the first key may be implemented based on a Diffie-Hellman algorithm. Wherein the first key is private and agnostic to other computing nodes. Specifically, the step 101 may specifically include:

1011. constructing a first encryption function that is private and irreversible based on the first key;

1012. and encrypting the first data by using the first encryption function to generate the first ciphertext.

The above process can be simply understood as: the function f () contains one or more undefined parameters, which can be defined according to the first key, and the defined parameters are substituted into the function f () to obtain the first encryption function. And taking the first data as the input parameter of a first encryption function, and executing the first encryption function to obtain the required first ciphertext. In particular, the first key may be randomly generated for security.

In 103, the process of encrypting the third ciphertext by using the first key may be simply understood as: and taking the third ciphertext as an input parameter of a first encryption function constructed by the first key, and executing the first encryption function to obtain the fourth ciphertext.

In 104, the "performing the cooperative calculation on the second ciphertext and the fourth ciphertext to obtain the calculation result" may specifically be:

and comparing the second ciphertext with the fourth ciphertext, and taking the consistent data item in the two ciphertexts as the calculation result.

I.e. the above process can be understood as: and (5) intersection of the first data and the second data.

According to the technical scheme provided by the embodiment, after two computing nodes participating in multi-party security calculation encrypt data to be participated in multi-party security calculation once by using respective keys, the other node encrypts the data after the encryption once by using the respective keys, the data of the two nodes are encrypted twice by using the respective keys and the other key, so that the plaintext of the data is difficult to crack, the data security is ensured, and the data leakage is avoided; in addition, each time of multi-party security calculation, the participation of the opposite computing node is required, namely, one computing node cannot perform any operation on the data of the opposite computing node under the condition that the other computing node does not know, so that the data is disposable, any data leakage is avoided after one-time multi-party security calculation is completed, and the security of the multi-party security calculation is improved.

Further, the method provided by this embodiment may further include the following steps:

105. and receiving verification information which is sent by the second computing node and related to the second ciphertext.

The authentication information includes at least one of: an information item for authentication of a document, an information item for authentication of an operating environment.

106. Verifying verification information associated with the second ciphertext.

Specifically, the step 106 may include, but is not limited to, at least one of the following steps:

performing file authentication on the verification information related to the second ciphertext;

authenticating the authentication information related to the second ciphertext;

performing an operating environment authentication on authentication information associated with the second ciphertext.

Operating environment identification may include, but is not limited to: authentication of the operating device, authentication of the home network, etc.

107. And triggering the operation of performing cooperative computing on the second ciphertext and the fourth ciphertext under the condition that the verification is passed.

Wherein the authentication information related to the second ciphertext and the first key are included in a certificate corresponding to the first ciphertext. Specifically, the certificate is a certificate used in a secure multiparty computing encryption process, and includes construction method information of an encryption function, an information item for file authentication, an information item for user identity authentication, an information item for operating environment authentication, and the like. The file authentication process is to verify whether the second ciphertext is a file that needs to be subjected to collaborative computing, and the identity authentication is to determine that the second ciphertext comes from a participating second computing node. Operating environment identification may include, for example: operating device authentication, home network authentication, and the like. The operation environment authentication is to limit the computing nodes participating in the multi-party secure computing to be a specific device (such as a device identified by a certain device), and the home network authentication is to limit the computing nodes participating in the multi-party secure computing to be performed under a set network environment to ensure the security of data.

Here, it should be noted that: the processes related to document authentication, identity authentication, and operating environment authentication may refer to the prior art, and this embodiment is not particularly limited.

108. and receiving verification information which is sent by the second computing node and related to the third ciphertext.

Specifically, the verification information includes at least one of the following: an information item for authentication of a document, an information item for authentication of an operating environment.

109. Verifying verification information associated with the third ciphertext.

Specifically, the verification process may include, but is not limited to, at least one of the following: file authentication, identity authentication and operation environment authentication.

110. And triggering the operation of encrypting the third ciphertext under the condition that the verification is passed.

Wherein the authentication information and the second key related to the third ciphertext are included in a certificate corresponding to the third ciphertext.

The method provided by the above embodiments can be implemented under the system architecture shown in fig. 3. Specifically, as shown in fig. 3, the data processing system includes: a first computing node 201 and a second computing node 202 participating in multi-party security computing; wherein the content of the first and second substances,

the first computing node 201 is configured to encrypt first data to generate a first ciphertext; sending the first ciphertext to the second computing node;

the second computing node 202 is configured to encrypt the first ciphertext to obtain a second ciphertext; feeding back the second ciphertext to the first computing node; encrypting second data to generate a third ciphertext, and sending the third ciphertext to the first computing node;

the first computing node 201 is further configured to encrypt the third ciphertext to generate a fourth ciphertext; and performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

Here, it should be noted that: in addition to the above functions, the computing nodes in the data processing system provided in this embodiment may also implement other functions, which may be specifically referred to in the description of the foregoing embodiments.

The following takes two parties as an example to briefly describe the implementation process of the data processing method provided by the above embodiments.

Assume that a first compute node owns first data (a1, a2, a3) and a second compute node owns second data (b1, b2, b 3). Both parties wish to run a multiparty secure intersection (PSI) calculation. The specific process, as shown in fig. 2b, includes:

s11, based on the Diffie-Hellman method, the first computing node constructs a first secret and irreversible encryption function f () by using a first secret key of the first computing node; the second computing node constructs a second encryption function g () which is private and irreversible by using a second secret key of the second computing node.

S12, the first computing node uses the first encryption function f () to encrypt the first data to obtain a first ciphertext { f (a1), f (a2), f (a3) }.

S13, the first computing node sends the first ciphertext { f (a1), f (a2), f (a3) } to the second computing node.

S14, the second computing node encrypts the first ciphertext { f (a1), f (a2), f (a3) } by using the second encryption function g (), so as to obtain a second ciphertext { g (f (a1)), g (f (a2)), g (f (a3)) }, and feeds back the second ciphertext { g (f (a1)), g (f (a2)), g (f (a3)) } to the first computing node.

S15, the second computing node uses the second encryption function g () to encrypt the second data to obtain a third ciphertext { g (b1), g (b2), g (b3) }.

S16, the second computing node sends the third ciphertext { g (b1), g (b2), g (b3) } to the first computing node.

S17, the first computing node encrypts the third ciphertext { g (b1), g (b2), g (b3) } by using the first encryption function f (), so as to obtain a fourth ciphertext { f (g (b1)), f (g (b2)), f (g (b3)) }, and feeds the fourth ciphertext { f (g (b1)), f (g (b2)), f (g (b3)) } back to the second computing node.

S18, the first computing node compares the second ciphertext with the fourth ciphertext to obtain an intersection of the first data and the second data.

Based on the Diffie-Hellman algorithm, f () and g () can be passed: a2 ═ b2 ═ g (f (a2)) -f (g (b 2)). Therefore, if both the encrypted ciphertexts g (f (a2)) and f (g (b2)) are found to match, it is known that a2/b2 are data common to both the parties, and the target is achieved.

S19, the second computing node compares the second ciphertext with the fourth ciphertext to obtain an intersection of the first data and the second data.

In a specific implementation, the encryption functions f () and g () in step S11 are constructed by using a Diffie-Hellman-based method, and may be generated by setting different data certificates using the same encryption algorithm, for example, first performing an irreversible hash on the data, and then performing Diffie-Hellman-based encryption using the certificates. Furthermore, as can be seen from the above process, each time the matching request of the first computing node needs to be processed by the encryption of the second computing node, the protocol is disposable, and after one computation is completed; the first computing node can not compute again under the condition that the second computing node is unknown, and the problem that data utilization is not controlled in the prior art is effectively solved.

In addition, the method provided by the embodiment of the application can be further expanded to a scenario of 3 or more computing nodes. As shown in fig. 3, a third compute node, …. Taking the case of 3 compute nodes as an example, the 3 compute nodes include: the system comprises a first computing node, a second computing node and a third computing node; these 3 compute nodes own data A, B and C, respectively. It is assumed that,

an encryption function f () constructed by the first computing node encrypts the data A to obtain a ciphertext f (A);

an encryption function g () constructed by the second computing node encrypts the data B to obtain a ciphertext g (B);

and (4) an encryption function h () constructed by the third computing node encrypts the data C to obtain a ciphertext h (C).

Then based on the above principle:

the ciphertext f (a) needs to undergo secondary encryption by the second computing node using an encryption function g (), and tertiary encryption by the third computing node using an encryption function h (), for example, to obtain a ciphertext h (g (f (a));

similarly, the ciphertext g (b) needs to undergo secondary encryption by the first computing node using the encryption function f () and tertiary encryption by the third computing node using the encryption function h (), for example, to obtain a ciphertext h (f (g (b));

similarly, the ciphertext h (c) may undergo two times of encryption by the first computing node using the encryption function f () and three times of encryption by the second computing node using the encryption function g (), such as to obtain the ciphertext g (f (h (c)).

The more nodes participate in the calculation, the more times the data is encrypted, and the more times the information interaction between the nodes is increased.

What is also to be added here is: the premise of data interaction between the first computing node and the second computing node is that the first computing node and the second computing node are confirmed to participate in multi-party security computation. For example, one of the computing nodes is an initiator, and the initiator may transmit the request information in a broadcast or directional transmission manner. Specifically, a first computing node sends information requesting participation in multi-party security computing to a second computing node; after receiving the request information, the second computing node feeds back a message for confirming participation in multi-party security computing to the first computing node; the first computing node completes the confirmation between the participants after receiving the message.

In order to reduce the number of information interactions between computing nodes, another embodiment of the present application provides a data processing system. Specifically, as shown in fig. 4, the data processing system may include: a service platform 303 and a first computing node 301 and a second computing node 302 participating in multi-party secure computing. Wherein, the computing node can selectively deliver the self key (or certificate) to the service platform for management.

Since the computing node can selectively deliver its own key (or certificate) to the service platform for management, the following description is divided into a plurality of scenarios.

Scene one: the first computing node and the second computing node participating in the multi-party security computation both deliver own keys to the service platform for management. Accordingly, in the data processing system shown in FIG. 4:

the first computing node 301 is configured to encrypt first data by using a first key to obtain a first ciphertext, and send the first ciphertext and the first key to the service platform 303;

the second computing node 302 is configured to encrypt second data by using a second key to obtain a third ciphertext, and send the third ciphertext and the second key to the service platform 303;

the service platform 303 is configured to encrypt the first ciphertext by using the second key to obtain a second ciphertext; encrypting the third ciphertext by using the first key to obtain a fourth ciphertext; and performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

In the scheme provided by the embodiment, a service platform is additionally arranged, and the computing nodes participating in multi-party security calculation can selectively deliver the keys of the computing nodes to the service platform; when the computing node trusts the key, the part which belongs to the self computing task in the data interaction can be handed to the service platform to be completed, so that the self computing amount and the data interaction amount are reduced; compared with the scheme that the secret key is not trusteed, the data security of the scheme is reduced, but the encryption process and the multi-party calculation process can be realized by the service platform, and the complexity is reduced.

The service platform can be a server (such as a single server, a virtual server), or a service platform based on a block chain, or a cloud computing platform, etc.

Each computing node (e.g., the first computing node and the second computing node) participating in the multi-party computing may be a desktop computer, a notebook computer, a smart phone, a smart wearable device, a smart car device, and the like, which is not specifically limited in this embodiment of the present application.

A scenario illustrates a specific work flow of each constituent unit, e.g., service platform, computing node, in the multi-party computing system, which is described in detail in the embodiments shown in fig. 5 and fig. 6 below.

Fig. 5 is a schematic flow chart illustrating a data processing method according to another embodiment of the present application. The execution subject of the method provided by the embodiment may be one of a plurality of computing nodes participating in multi-party secure computing, such as the first computing node. As shown in fig. 5, the multi-party security computing method includes:

401. and encrypting the first data by using the first key to generate a first ciphertext.

402. And sending the first ciphertext and the first key to a service platform.

403. And waiting for the service platform to feed back the calculation result of the cooperative calculation under the condition that the second calculation node determines to participate in the multi-party safety calculation.

For the contents of the above 401, reference may be made to the above embodiments, which are not described herein again.

In 402, the "sending the first ciphertext and the first key to the service platform" may specifically be: sending the first ciphertext and the certificate corresponding to the first ciphertext to the service platform; and the certificate corresponding to the first ciphertext comprises the first key and verification information related to the first ciphertext. Specifically, the verification information includes at least one of the following: an information item for authentication of a document, an information item for authentication of an operating environment.

Here, it should be noted that: the purpose of uploading the verification information to the service platform is to facilitate the service platform to perform file authentication, identity authentication, operating environment authentication and other operations on the received first ciphertext so as to ensure the accuracy of the first ciphertext participating in the multi-party calculation and avoid other malicious files from being mixed in and participating in the multi-party calculation.

Further, the present embodiment may further include the following steps:

404. sending a notification to the service platform requesting the second computing node to participate in multi-party secure computing.

405. The second computing node receiving the service platform feedback determines a message to participate in multi-party security computing.

406. And feeding back response information to the service platform so as to enable the service platform to start the related operation of multi-party security calculation.

Fig. 6 shows a schematic flowchart of a data processing method according to an embodiment of the present application. The execution subject of the method provided by this embodiment may be a service platform. Specifically, as shown in fig. 6, the method includes:

501. receiving a first ciphertext and a first key sent by a first computing node; and receiving a third ciphertext and a second key sent by the second computing node.

502. Encrypting the third ciphertext by using the first key to obtain a fourth ciphertext; and encrypting the first ciphertext by using the second key to obtain a second ciphertext.

503. And performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

The "receiving the first ciphertext and the first key sent by the first computing node" in 501 may specifically include:

5011. receiving a first ciphertext and a certificate corresponding to the first ciphertext, where the certificate corresponding to the first ciphertext includes the first key and verification information related to the first ciphertext.

Wherein the verified information comprises at least one of: an information item for authentication of a document, an information item for authentication of an operating environment.

5012. Verifying verification information associated with the first ciphertext.

Specifically, the verification operation may include, but is not limited to: document authentication, identity authentication, operating environment authentication, and the like.

5013. And triggering the operation of encrypting the first ciphertext by using the second secret key if the verification is passed.

The specific implementation process of "receiving the third ciphertext and the second key sent by the second computing node" is the same as that of 5011 to 5013, and includes:

5014. and receiving a third ciphertext sent by a second computing node and a certificate corresponding to the third ciphertext, wherein the certificate corresponding to the third ciphertext comprises the second key and verification information related to the third ciphertext.

5015. Verifying verification information associated with the third ciphertext.

5016. And triggering the operation of encrypting the third ciphertext by using the first key if the verification is passed.

In the above step 502, for the content of encrypting the ciphertext, reference may be made to the description of the above embodiments, which is not described herein again.

For the content of the above 503, reference may be made to the description in the above embodiments, and details are not repeated here.

504. and respectively sending the calculation results to the first calculation node and the second calculation node.

In the application scenario two of the data processing system shown in fig. 3 of the present application, that is, some or all of the plurality of computing nodes participating in the multi-party secure computing do not submit their own keys to the service platform for hosting. Accordingly, in the data processing system described above with reference to fig. 3:

the first computing node 301 is configured to encrypt the first data by using a first key to obtain a first ciphertext; sending the first ciphertext to the service platform 303; acquiring the third ciphertext from the service platform 303, and encrypting the third ciphertext by using the first key to obtain a fourth ciphertext; sending the fourth ciphertext to the service platform 303; the third ciphertext is uploaded to the service platform 303 after the second computing node 302 encrypts second data by using the second key;

the service platform 303 is configured to obtain a second ciphertext obtained by encrypting the first ciphertext with the second key, and perform cooperative computation on the second ciphertext and the fourth ciphertext to obtain a computation result.

If the first computing node and the second computing node do not submit the own keys to the service platform for hosting, the service platform can obtain the second ciphertext from the second computing node, namely the service platform sends the first ciphertext to the second computing node, and receives the second ciphertext sent by the second computing node after encrypting the first ciphertext by using the second key. If the first computing node does not submit the own key to the service platform for hosting, and the second computing node submits the own key to the service platform for hosting, the service platform can directly encrypt the first ciphertext by utilizing the hosted second key to obtain the second ciphertext.

Specifically, in the second scenario, the specific workflow of each component unit, such as the service platform and the computing node, in the data processing system will be described in detail in the following embodiments shown in fig. 7 and 8.

Fig. 7 is a flowchart illustrating a data processing method according to an embodiment of the present application. The execution subject of the method provided by the embodiment is one of a plurality of computing nodes participating in multi-party secure computing, such as a first computing node. Specifically, as shown in fig. 7, the method includes:

601. and sending the first ciphertext to a service platform.

The first ciphertext is obtained by encrypting first data by using a first key.

602. And acquiring a third ciphertext of the second computing node from the service platform.

603. And encrypting the third ciphertext by using the first key to obtain a fourth ciphertext.

604. And sending the fourth ciphertext to the service platform to wait for the service platform to feed back a calculation result of the cooperative calculation.

For the process of encrypting the third ciphertext in 603, reference may be made to the corresponding description in the foregoing embodiments, which is not described herein again.

605. and obtaining verification information related to the third ciphertext from the service platform.

Wherein the verification information includes but is not limited to at least one of the following: an information item for authentication of a document, an information item for authentication of an operating environment.

606. Verifying verification information associated with the third ciphertext.

607. And if the verification is passed, triggering the third ciphertext to be encrypted by using the first key.

Fig. 8 is a flowchart illustrating a data processing method according to an embodiment of the present application. The execution subject of the method provided by the embodiment is a service platform. Specifically, as shown in fig. 8, the method includes:

701. and sending the third ciphertext of the second computing node to the first computing node.

And the third ciphertext is uploaded after the second computing node encrypts second data by using a second key.

702. And receiving a fourth ciphertext sent by the first computing node after encrypting the third ciphertext by using the first key.

703. And acquiring a first ciphertext of the first computing node.

And the first ciphertext is uploaded after the first computing node encrypts the first data by using a first key.

704. And acquiring a second ciphertext obtained by encrypting the first ciphertext by using the second key.

705. And performing cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

In 704, the second ciphertext may be obtained in two ways. In the first case: the self key is not submitted to be managed by the service platform at the first computing node and the second computing node. At this time, the service platform may obtain the second ciphertext from the second computing node, that is, the service platform sends the first ciphertext to the second computing node, and receives the second ciphertext sent by the second computing node after encrypting the first ciphertext with the second key.

In the second case: the self-key is not submitted to the service platform at the first computing node, and the self-key is submitted to the service platform by the second computing node. At this time, the service platform may directly encrypt the first ciphertext with the escrow second key to obtain the second ciphertext.

For the content of the above 705, reference may be made to the corresponding description in the above embodiments, and details are not repeated here.

Further, the method provided by this embodiment may further include:

706. and receiving a certificate corresponding to the third ciphertext uploaded by the second computing node.

And the certificate corresponding to the third ciphertext comprises verification information related to the third ciphertext and the second key. The verification information includes, but is not limited to, at least one of: an information item for authentication of a document, an information item for authentication of an operating environment.

707. And storing the certificate and the third ciphertext in an associated manner to realize certificate escrow.

708. And when the first computing node requests to acquire the third ciphertext, sending the third ciphertext and verification information related to the third ciphertext to the first computing node, so that the first computing node verifies the information related to the third ciphertext, and triggering the operation of encrypting the third ciphertext under the condition that the verification is passed.

In addition, what needs to be added is: the computing node sends the certificate (including the secret key) of the computing node to the service platform for management, and the original text data cannot be directly decrypted based on the certificate and the ciphertext, so that the safety of the data is ensured. Of course, the participation in the encryption process is only one of the functions of the certificate, and the certificate can also contain other richer functions, such as: document authentication, etc.

Specifically, in this embodiment, when the certificate (including the secret key) is sent to the service platform, a higher security level mode, such as asymmetric encryption, may also be performed on the certificate, so as to protect the security of the certificate when the certificate is uploaded to the service platform.

Fig. 9 shows a signaling interaction diagram of a data processing method according to an embodiment of the present application. The example shown in fig. 9 also takes two computing nodes as an example, and specifically, the method includes:

801. the first computing node encrypts the data A to generate a ciphertext A.

802. And the first computing node uploads the ciphertext A to the service platform.

And the certificate A corresponding to the ciphertext A can be selectively uploaded to the service platform. The certificate a may contain a secret key a of the encrypted data a, file authentication information, identification information, and the like.

803. After the first computing node selects data (such as data A) needing to participate in computation, information requesting the second computing node to participate in multi-party security computation is sent to the service platform.

804. The service platform sends a task notification to the second computing node.

Wherein, the task notification carries: the first computing node requests details of the computation.

805. And after receiving the task notification, the second computing node feeds back an 'consent' processing result to the service platform.

806. And after receiving the processing result of 'consent' fed back by the second computing node, the service platform sends a task notification to the first computing node.

Wherein, the task notification carries: the second computing node has determined to participate in the multi-party security computation, if the key is not uploaded or the download data B is uploaded after being encrypted.

807. The second computing node selects data B participating in computing based on the detailed information, and encrypts the data B by using a private key B of the second computing node to generate a ciphertext B; and uploading the ciphertext B to the service platform.

And the certificate B corresponding to the ciphertext B can be selectively uploaded to the service platform. The certificate B may contain a key B for encrypting the data B, file authentication information, identification information, and the like.

808. If the first computing node and the second computing node upload the certificates corresponding to the ciphertext A and the ciphertext B to the service platform, the service platform encrypts the ciphertext A by using the key B to obtain a ciphertext A'; encrypting the ciphertext B by using the key a to obtain a ciphertext B'; then step 811 is entered.

809. If neither the first computing node nor the second computing node uploads the certificates corresponding to the ciphertext A and the ciphertext B to the service platform, the first computing node downloads the ciphertext B from the service platform; and after the cipher text B 'is obtained by encrypting the cipher text B by using the key a, uploading the cipher text B' to the service platform.

810. The second computing node downloads the ciphertext A from the service platform; and after the cipher text A is encrypted by using the key b to obtain a cipher text A ', uploading the cipher text A' to the service platform.

811. And the service platform performs cooperative calculation on the ciphertext A 'and the ciphertext B' to obtain the intersection of the ciphertext A 'and the ciphertext B'.

812. And the service platform feeds the calculation results back to the first calculation node and the second calculation node respectively.

The technical scheme provided by the embodiment can be realized based on Diffie-Hellman, and a high-water-level security multi-party intersection method is designed for solving the potential safety hazards, so that the data becomes disposable, and no data leakage is generated after matching is completed. While giving any party the ability for certificates to be escrowed. Under the condition that absolute security of data must be guaranteed, a participating computing node can choose not to host a certificate, but needs to complete data interaction with other users; when the participating computing nodes host the certificates, the participating computing nodes can host the parts, which belong to the computing tasks of the computing nodes, of the data interaction to the platform for nine-three operations, so that the cost of computing and interacting of the computing nodes is reduced. When all participants choose to host certificates, the computing nodes only need to upload data encrypted by the certificates, so that a result of multi-party intersection can be obtained, and re-encryption calculation in the whole data interaction process is all hosted to the service platform.

Based on the realization of Diffie-Hellman, two irreversible encryption processes are shared. Compared with the conventional multi-party safety calculation methods such as direct hash, the safety water level is greatly improved. And in the first encryption process, the computing node completes the irreversible encryption process of the plaintext data according to the data certificate. The second encryption is a process of encrypting the data of the opposite party by using the data certificate of the opposite party after the exchange of the ciphertext data.

Because of the irreversible encryption process, any party in the multi-party security calculation can flexibly select whether to send the escrow certificate to the service platform according to the security level requirement of the party. The certificate is not trusteeship, the highest level security of the data can be guaranteed, but ciphertext interaction, encryption and other processes of the second encryption need to be completed, the operation is complex, the security risk is extremely low, and the method is more suitable for interaction scenes with high data value, such as user asset details and the like. The certificate is hosted to the service platform, so that the risk of brute force cracking of the service platform may exist, but since the computing node uploads irreversible ciphertext data to the service platform, the form of original data is uncertain, and the difficulty of brute force cracking of the platform is very high. Compared with an unmanaged mode, the data security level of the certificate escrow mode is reduced, but the encryption process can be realized by a service platform, so that the complexity is reduced.

Fig. 10 shows a data processing apparatus according to an embodiment of the present application. The device includes: an encryption module 11, a sending module 12 and a calculation module 13. The encryption module 11 is configured to encrypt the first data by using a first key to generate a first ciphertext; the sending module 12 is configured to send the first ciphertext to a second computing node, so that the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext; the encryption module 11 is further configured to encrypt a third ciphertext of the second computing node by using the first key to generate a fourth ciphertext; the third ciphertext is obtained by encrypting second data by the second computing node by using the second key; the calculation module 13 is configured to perform cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result, when the second ciphertext fed back by the second calculation node is received.

According to the technical scheme provided by the embodiment, after two computing nodes participating in multi-party security calculation encrypt data to be participated in multi-party security calculation once by using respective keys, the other node encrypts the data after the encryption once by using the respective keys, the data of the two nodes are encrypted twice by using the respective keys and the other key, so that the plaintext of the data is difficult to crack, the data security is ensured, and the data leakage is avoided; in addition, each time of performing the collaborative computation, the participation of the opposite computing node is required, that is, one computing node cannot perform any operation on the data of the opposite computing node under the condition that the other computing node is unknown, so that the data becomes 'disposable utilization', any data leakage is not generated after one-time multi-party security computation is completed, and the security of the multi-party security computation is improved. In addition, the technical scheme provided by this embodiment can also be extended to a multi-party secure computing scenario with three, four, or more computing nodes, and the implementation principle is the same, except that the number of information interactions between the computing nodes is more, and the number of data encryption is more.

Further, the encryption module 11 is further configured to: constructing a first encryption function that is private and irreversible based on the first key; and encrypting the first data by using the first encryption function to generate the first ciphertext.

Further, the calculating module 13 is further configured to: and comparing the second ciphertext with the fourth ciphertext, and taking the consistent data item in the two ciphertexts as the calculation result.

Further, the data processing apparatus further includes:

a receiving module, configured to receive verification information related to the second ciphertext, sent by the second computing node; the authentication information includes at least one of: an information item for authentication of a document, an information item for identification of an operating environment;

the verification module is used for verifying the information related to the second ciphertext;

the triggering module is used for triggering the operation of performing collaborative calculation on the second ciphertext and the fourth ciphertext under the condition that the verification is passed;

wherein the authentication information related to the second ciphertext and the first key are included in a certificate corresponding to the first ciphertext.

Further, the receiving module is further configured to: receiving verification information which is sent by the second computing node and related to the third ciphertext; the authentication information includes at least one of: an information item for authentication of a document, an information item for authentication of an operating environment.

The verification module is further used for verifying verification information related to the third ciphertext; correspondingly, the triggering module is further configured to trigger an operation of encrypting the third ciphertext under the condition that the verification is passed;

Here, it should be noted that: the data processing apparatus provided in the foregoing embodiments may implement the technical solutions described in the foregoing method embodiments, and the specific implementation principle of each module or unit may refer to the corresponding content in the foregoing method embodiments, which is not described herein again.

Fig. 11 shows a schematic structural diagram of a data processing apparatus according to another embodiment of the present application. As shown in fig. 11, the data processing apparatus includes: an encryption module 21, a transmission module 22 and a reception module 23. The encryption module 21 is configured to encrypt the first data by using the first key to generate a first ciphertext; the sending module 22 is configured to send the first ciphertext and the first key to a service platform; the receiving module 23 is configured to wait for the service platform to feed back a computation result of the collaborative computation when the second computing node determines to participate in the multi-party security computation. The computing result is obtained by the service platform through collaborative computing of a second ciphertext and a fourth ciphertext, the second ciphertext is obtained by encrypting the first ciphertext through a second key of a second computing node, the fourth ciphertext is obtained by encrypting a third ciphertext through the first key, and the third ciphertext is obtained by the second computing node through encrypting second data through the second key and then uploading the second data to the service platform.

Further, the sending module 22 is further configured to send the first ciphertext and the certificate corresponding to the first ciphertext to the service platform; and the certificate corresponding to the first ciphertext comprises the first key and verification information related to the first ciphertext.

Further, the sending module 22 is further configured to send a notification to the service platform requesting the second computing node to participate in the multi-party security computation; the receiving module 23 is further configured to receive a message that the second computing node fed back by the service platform determines to participate in multi-party security computation; the sending module 22 is further configured to feed back response information to the service platform, so that the service platform starts related operations of multi-party secure computation.

Fig. 12 shows a schematic structural diagram of a data processing apparatus according to an embodiment of the present application. As shown in fig. 12, the apparatus includes: a receiving module 31, an encryption module 32 and a calculation module 33. The receiving module 31 is configured to receive a first ciphertext and a first key sent by a first computing node; and receiving a third ciphertext and a second key sent by the second computing node. The encryption module 32 is configured to encrypt the third ciphertext with the first key to obtain a fourth ciphertext; and encrypting the first ciphertext by using the second key to obtain a second ciphertext. The calculation module 33 is configured to perform cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

Further, the data processing device may further include a sending module. The sending module is used for sending the calculation results to the first calculation node and the second calculation node respectively.

Further, the receiving module 31 is further configured to:

receiving a first ciphertext and a certificate corresponding to the first ciphertext, wherein the certificate corresponding to the first ciphertext comprises the first key and verification information related to the first ciphertext, and the first ciphertext is sent by a first computing node; the authentication information includes at least one of: an information item for authentication of a document, an information item for authentication of an operating environment.

Verifying verification information related to the first ciphertext;

and triggering the operation of encrypting the first ciphertext by using the second secret key if the verification is passed.

Fig. 13 shows a schematic structural diagram of a data processing apparatus according to an embodiment of the present application. As shown in fig. 13, the apparatus includes: a sending module 41, an obtaining module 42 and an encrypting module 43. The sending module 41 is configured to send the first ciphertext to the service platform, where the first ciphertext is obtained by encrypting the first data with the first key. The obtaining module 42 is configured to obtain a third ciphertext of the second computing node from the service platform; the encryption module 43 is configured to encrypt the third ciphertext by using the first key to obtain a fourth ciphertext; the sending module 41 is further configured to send the fourth ciphertext to the service platform, so as to wait for the service platform to feed back a calculation result of the collaborative computation. The third ciphertext is obtained by encrypting second data by the second computing node through a second key and uploading the second data to the service platform, the calculation result is obtained by performing cooperative calculation on the second ciphertext and a fourth ciphertext by the service platform, and the second ciphertext is obtained by encrypting the first ciphertext by the service platform through the second key of the second computing node.

Further, the data processing apparatus provided in this embodiment further includes: the device comprises a verification module and a trigger module. Wherein the obtaining module 42 is further configured to: obtaining verification information related to the third ciphertext from the service platform; the verification module is used for verifying the information related to the third ciphertext; and the triggering module is used for triggering the third ciphertext to be encrypted by using the first secret key under the condition that the verification is passed.

Fig. 14 shows a schematic structural diagram of a data processing apparatus according to an embodiment of the present application. As shown in fig. 14, the data processing apparatus includes: a sending module 51, a receiving module 52, an obtaining module 53 and a calculating module 54. The sending module 51 is configured to send a third ciphertext of the second computing node to the first computing node, where the third ciphertext is uploaded after the second computing node encrypts second data by using a second key. The receiving module 52 is configured to receive a fourth ciphertext, which is sent by the first computing node after encrypting the third ciphertext with the first key. The obtaining module 53 is configured to obtain a first ciphertext of a first computing node, where the first ciphertext is uploaded after the first computing node encrypts first data by using a first key; and acquiring a second ciphertext obtained by encrypting the first ciphertext by using the second key. The calculation module 54 is configured to perform cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result.

Further, the data processing device may further include a storage module. Correspondingly, the receiving module is further configured to: receiving a certificate corresponding to the third ciphertext uploaded by the second computing node, wherein the certificate corresponding to the third ciphertext comprises verification information related to the third ciphertext and the second key;

the storage module is used for storing the certificate and the third ciphertext in an associated manner so as to realize certificate hosting;

the sending module 51 is further configured to: and when the first computing node requests to acquire the third ciphertext, sending the third ciphertext and verification information related to the third ciphertext to the first computing node, so that the first computing node verifies the verification information related to the third ciphertext, and triggering the operation of encrypting the third ciphertext under the condition that the verification is passed.

Fig. 15 shows a schematic structural diagram of a computing device provided in an embodiment of the present application. As shown in fig. 15, the computing device includes: memory 61, processor 62 and communication component 63. Wherein the memory 61 may be configured to store other various data to support operations on the computing device. Examples of such data include instructions for any application or method operating on a computing device. The memory 61 may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

The processor 62, coupled to the memory 61, is configured to execute the program stored in the memory 61, so as to:

encrypting the first data by using a first key to generate a first ciphertext;

According to the technical scheme provided by the embodiment, after two computing nodes participating in multi-party security calculation encrypt data to be participated in multi-party security calculation once by using respective keys, the other node encrypts the data after the encryption once by using the respective keys, the data of the two nodes are encrypted twice by using the respective keys and the other key, so that the plaintext of the data is difficult to crack, the data security is ensured, and the data leakage is avoided; in addition, each time of performing the collaborative computation, the participation of the opposite computing node is required, that is, one computing node cannot perform any operation on the data of the opposite computing node under the condition that the other computing node is unknown, so that the data becomes 'disposable utilization', any data leakage is not generated after one-time multi-party security computation is completed, and the security of the multi-party security computation is improved.

When the processor 62 executes the program in the memory 61, in addition to the above functions, other functions may be implemented, and reference may be specifically made to the description of the foregoing embodiments.

Further, as shown in fig. 15, the computing device further includes: a display 64, a power supply component 65, an audio component 66, and the like. Only some of the components are schematically shown in fig. 15, and the computing device is not meant to include only the components shown in fig. 15.

An embodiment of the application also provides a computing device. The structure of the computing device provided in this embodiment is similar to that of the above-described computing device embodiment, see fig. 15 above. The computing device includes: memory, processor, and communication components. Wherein the memory is configurable to store other various data to support operations on the service platform device. The processor, coupled with the memory, to execute the program stored in the memory to:

encrypting the first data by using a first key to generate a first ciphertext;

When the processor executes the program in the memory, the processor may implement other functions in addition to the above functions, which may be specifically referred to the description of the foregoing embodiments.

An embodiment of the application further provides a service platform device. The structure of the service platform device provided in this embodiment is similar to that of the computing device embodiment described above, and is shown in fig. 15. The service platform device includes: memory, processor, and communication components. The memory may be configured to store other various data to support operations on the computing device. The processor, coupled with the memory, to execute the program stored in the memory to:

Accordingly, embodiments of the present application also provide a computer-readable storage medium storing a computer program, where the computer program can implement the steps or functions of the risk assessment method provided in the foregoing embodiments when executed by a computer.

The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.

Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.

Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims

1. A data processing method, comprising:

encrypting the first data by using a first key to generate a first ciphertext;

2. The method of claim 1, wherein encrypting the first data with the first key to generate a first ciphertext comprises:

constructing a first encryption function that is private and irreversible based on the first key;

and encrypting the first data by using the first encryption function to generate the first ciphertext.

3. The method according to claim 1 or 2, wherein performing a cooperative calculation on the second ciphertext and the fourth ciphertext to obtain a calculation result comprises:

4. The method of claim 1 or 2, further comprising:

receiving verification information which is sent by the second computing node and related to the second ciphertext; the authentication information includes at least one of: an information item for authentication of a document, an information item for identification of an operating environment;

verifying verification information related to the second ciphertext;

under the condition that the verification is passed, triggering the operation of performing cooperative calculation on the second ciphertext and the fourth ciphertext;

5. The method of claim 1 or 2, further comprising:

receiving verification information which is sent by the second computing node and related to the third ciphertext; the authentication information includes at least one of: an information item for authentication of a document, an information item for identification of an operating environment;

verifying information related to the third ciphertext;

triggering the operation of encrypting the third ciphertext under the condition that the verification is passed;

6. A data processing system, comprising: a first computing node and a second computing node participating in multi-party security computing; wherein the content of the first and second substances,

7. A data processing method, comprising:

encrypting the first data by using a first key to generate a first ciphertext;

sending the first ciphertext and the first key to a service platform;

8. The method of claim 7, wherein sending the first ciphertext and the first key to a service platform comprises:

sending the first ciphertext and the certificate corresponding to the first ciphertext to the service platform;

and the certificate corresponding to the first ciphertext comprises the first key and verification information related to the first ciphertext.

9. The method of claim 7 or 8, further comprising:

sending a notification to the service platform requesting the second computing node to participate in multi-party secure computing;

the second computing node receiving the service platform feedback determines to participate in the multi-party security computation;

and feeding back response information to the service platform so as to enable the service platform to start the related operation of multi-party security calculation.

10. A data processing method, comprising:

receiving a first ciphertext and a first key sent by a first computing node;

receiving a third ciphertext and a second key sent by a second computing node;

11. The method of claim 10, further comprising:

and respectively sending the calculation results to the first calculation node and the second calculation node.

12. The method of claim 10 or 11, wherein receiving the first ciphertext and the first key sent by the first computing node comprises:

receiving a first ciphertext and a certificate corresponding to the first ciphertext, where the certificate corresponding to the first ciphertext includes the first key and verification information related to the first ciphertext, and the verification information includes at least one of: an information item for authentication of a document, an information item for identification of an operating environment;

verifying information related to the first ciphertext;

13. A data processing system, comprising: the system comprises a service platform, a first computing node and a second computing node, wherein the first computing node and the second computing node participate in multi-party security computing; wherein the content of the first and second substances,

14. A data processing method, comprising:

15. The method of claim 14, further comprising:

obtaining verification information related to the third ciphertext from the service platform;

verifying verification information related to the third ciphertext;

and if the verification is passed, triggering the third ciphertext to be encrypted by using the first key.

16. A data processing method, comprising:

17. The method of claim 16, further comprising:

receiving a certificate corresponding to the third ciphertext uploaded by the second computing node, wherein the certificate corresponding to the third ciphertext comprises verification information related to the third ciphertext and the second key;

storing the certificate in association with the third ciphertext to enable certificate escrow;

and when the first computing node requests to acquire the third ciphertext, sending the third ciphertext and verification information related to the third ciphertext to the first computing node, so that the first computing node verifies the verification information related to the third ciphertext, and triggering the operation of encrypting the third ciphertext under the condition that the verification is passed.

18. A data processing system, comprising: the system comprises a service platform, a first computing node and a second computing node, wherein the first computing node and the second computing node participate in multi-party security computing; wherein the content of the first and second substances,

19. A data processing method, comprising:

the first computing node encrypts local data to be participated in multi-party computing by using a first key to generate a first ciphertext and sends the first ciphertext to the second computing node;

the second computing node encrypts the first ciphertext by using a second key to generate a second ciphertext, and feeds the second ciphertext back to the first computing node;

the second computing node encrypts local data to be participated in multi-party computing by using a second key to generate a third ciphertext and sends the third ciphertext to the first computing node;

the first computing node encrypts the third ciphertext by using the first key to generate a fourth ciphertext, and feeds the fourth ciphertext back to the second computing node;

the first computing node is used for performing cooperative computing on the second ciphertext and the fourth ciphertext to obtain a computing result;

and the second computing node performs cooperative computing on the second ciphertext and the fourth ciphertext to obtain a computing result.

20. A computing device, comprising: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;

encrypting the first data by using a first key to generate a first ciphertext;

21. A computing device, comprising: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;

encrypting the first data by using a first key to generate a first ciphertext;

22. A service platform device, comprising: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;

23. A computing device, comprising: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;

24. A service platform device, comprising: a memory, a processor, and a communications component, wherein,

the memory is used for storing programs;