CN112651051A - Intersection hash check method based on private data of untrusted third party - Google Patents

Intersection hash check method based on private data of untrusted third party Download PDF

Info

Publication number
CN112651051A
CN112651051A CN202011537674.7A CN202011537674A CN112651051A CN 112651051 A CN112651051 A CN 112651051A CN 202011537674 A CN202011537674 A CN 202011537674A CN 112651051 A CN112651051 A CN 112651051A
Authority
CN
China
Prior art keywords
intersection
party
participator
calculator
result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011537674.7A
Other languages
Chinese (zh)
Inventor
朱静熹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Tongtai Information Technology Co ltd
Original Assignee
Shanghai Tongtai Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Tongtai Information Technology Co ltd filed Critical Shanghai Tongtai Information Technology Co ltd
Priority to CN202011537674.7A priority Critical patent/CN112651051A/en
Publication of CN112651051A publication Critical patent/CN112651051A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses an intersection hash check method based on private data of an untrusted third party, which comprises the following steps: step one, participating in a common negotiation of a key K by two parties; secondly, both parties use the negotiated key K to convert respective data sets into sets through a function F; thirdly, the participating parties send the sets to a calculator C; fourthly, the calculator C calculates the intersection of the sets of the two parties, and returns the obtained intersection to the two parties respectively; fifthly, the participating parties decrypt the intersection obtained from the calculator C by using the key K; sixthly, the participating parties form a result set Hash list by the result received from the calculator C through a Hash function; seventhly, participating in the exchange of a result set Hash list of the two parties; and eighthly, matching the result set Hash list of the participating parties with the result set Hash list of the other party, if the two parties can be matched, accepting the result returned by the calculating party C, and otherwise rejecting the intersection calculation result.

Description

Intersection hash check method based on private data of untrusted third party
Technical Field
The invention relates to the technical field of secure multiparty computing, in particular to an intersection hash check method based on private data of an untrusted third party.
Background
The privacy Protection Set Intersection (PSI) calculation belongs to the specific application problem in the field of secure multi-party calculation, and not only has important theoretical significance, but also has strong application value. With the increasing importance of privacy protection of user data, the research in this direction is more in line with the increasingly strong need of people to protect privacy of personal information to the greatest extent while enjoying convenience of various services depending on personal information.
Privacy preserving set intersection protocol allows two parties holding respective sets to jointly compute the intersection operation of the two sets. At the end of a protocol interaction, one or both parties should get the correct intersection and not get any information in the other party's set outside the intersection. Protecting the privacy of a collection is a natural or even necessary requirement in many scenarios, for example, when the collection is the address book of a user or the genome of a genetic diagnosis service user, such input must be protected by means of cryptography.
In order to prove the security of a certain protocol, the capabilities of the adversary and the meaning of security must be strictly defined. Strict definitions regarding security are embodied differently in different protocols, but the ideas are based on the functionality of the ideal PSI protocol. For adversary definitions, three common definitions in cryptography are:
(1) semi-honest model (host but curous adorsaryhbc). Each participant of the protocol follows the execution of the protocol, but information from other participants can be inferred from the input and output information of the protocol during the execution of the protocol.
(2) Malicious model (malicious assisted public Mal). The participants do not comply with the execution process of the protocol, may refuse to participate in the protocol, modify the private input set information, terminate the execution of the protocol early, etc., and thus more cryptographic protocols or techniques (bit commitment protocol, zero knowledge proof, etc.) need to be used to ensure the correctness of the calculation result.
(3) Concealed adversary model (covert overlay). The security of the model is between a semi-honest model and a malicious model, the model is more consistent with a real scene, and the malicious behavior is detected by a protocol and punished, so that the malicious behavior is confused in normal behavior by concealing an adversary, and can only be detected with a certain probability.
Secure multi-party computing protocols typically have a secure version under a semi-honest model and a secure version under a malicious model. Although the semi-honest model has great restrictions on adversaries and is not a reasonable assumption in many cases, the design of the semi-honest model can be used as the first step in designing the security protocols of the malicious model (the GMW compiler can implement a general, but not efficient, conversion from the semi-honest model to the malicious model); secondly, in some scenarios, the limit that an adversary in the semi-honest model must interact according to the protocol rules is reasonable (for example, in a scenario where malicious behavior is found to have severe penalties); finally, the malicious model can bring some extra burden to the protocol in order to ensure the security, so that the safe version under the semi-honest model can be more efficient than the protocol which is safe by the malicious model.
Also, in the current PSI protocol, common adversary models are a semi-honest model and a malicious model. Moreover, since one party in the malicious model may intentionally obtain information of the other party (by actively deviating from the protocol specification to achieve the purpose), the protocol needs to use an additional means to prevent such attacks, and therefore, the complexity and the cost of the protocol secure under the malicious model are generally greater than those of the protocol secure under the semi-honest model.
At present, the untrusted calculator C may return the wrong intersection result to the participant a and the participant B, assuming that the intersection result is {4,5,6,7}, when the calculator C returns the calculation result, the calculator C returns {1,4,5} to the participant a, and returns {5,6,7} to the participant B, which is obviously not the correct intersection. In order to prevent the problem, an intersection hash check method based on the private data of the untrusted third party is provided.
Disclosure of Invention
The invention aims to provide an intersection Hash check method based on the private data of an untrusted third party, which is used for preventing a calculator C from providing an error data set by performing Hash check on a calculation result set acquired from the calculator C through a participator A and a participator B.
In order to achieve the purpose, the invention provides the following technical scheme: a method for solving intersection hash check based on private data of an untrusted third party comprises the following steps:
the first step, a participant A and a participant B jointly negotiate a key K;
second, party a and party B use the negotiated key K to assemble their respective data sets
Figure BDA0002853626800000031
And
Figure BDA0002853626800000032
conversion into sets by function F
Figure BDA0002853626800000033
And collections
Figure BDA0002853626800000034
Thirdly, the participator A and the participator B respectively process the set after the function F processing
Figure BDA0002853626800000035
And collections
Figure BDA0002853626800000036
Sending the data to a credible calculator C;
fourth, the calculator C calculates the set
Figure BDA0002853626800000037
And collections
Figure BDA0002853626800000038
And returning the obtained intersection to the participant A and the participant B respectively;
fifthly, the participator A and the participator B use the negotiated key K to decrypt the intersection set obtained from the calculator C to obtain the final result;
sixthly, the participator A and the participator B form a result set Hash list by the result received from the calculator C through a Hash function;
seventhly, exchanging a result set Hash list between the participant A and the participant B;
and step eight, matching the result set Hash list of the participator A and the result set Hash list of the participator B with the result set Hash list of the other party respectively by the participator A and the participator B, if the results can be matched, accepting the result returned by the calculator C, and otherwise rejecting the intersection calculation result.
Preferably, in the second step, the function F is a pseudo-random function.
Preferably, in the second step, the
Figure BDA0002853626800000039
The conversion formula of (1) is as follows:
Figure BDA0002853626800000041
the conversion formula for the set is:
Figure BDA0002853626800000042
wherein, F is a pseudo random function, and K is a key negotiated by the participating party a and the participating party B.
Compared with the prior art, the invention has the following beneficial effects:
according to the invention, through exchanging the result set Hash list between the participant A and the participant B and comparing the result set Hash list with the result set Hash list of the other participant, the wrong intersection fed back to the participant A and the participant B by the calculator C can be prevented when the calculator C returns the calculation result, and thus the accuracy of the calculation result fed back by the calculator C is ensured.
Drawings
FIG. 1 is a schematic diagram of a computing process according to the present invention;
FIG. 2 is a schematic flow chart of a verification method for a participant A and a participant B according to the present invention;
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Examples
Referring to fig. 1 to 2, the present invention provides a technical solution, a method for obtaining intersection hash check based on private data of an untrusted third party, including the following steps:
the first step, a participant A and a participant B jointly negotiate a key K;
second, party a and party B use the negotiated key K to combine their respective data sets:
Figure BDA0002853626800000043
Figure BDA0002853626800000051
conversion into sets by a pseudo-random function F
Figure BDA0002853626800000052
And collections
Figure BDA0002853626800000053
Figure BDA0002853626800000054
Figure BDA0002853626800000055
Thirdly, the participator A and the participator B respectively process the sets processed by the pseudo-random function F
Figure BDA0002853626800000056
And collections
Figure BDA0002853626800000057
Sending the data to a credible calculator C;
fourth, the calculator C calculates the set
Figure BDA0002853626800000058
And collections
Figure BDA0002853626800000059
And returning the obtained intersection to the participant A and the participant B respectively;
fifthly, the participator A and the participator B use the negotiated key K to decrypt the intersection set obtained from the calculator C to obtain the final result; in this embodiment, the decrypted set is:
Figure BDA00028536268000000510
sixthly, the participator A and the participator B form a result set Hash list by the result received from the calculator C through a Hash function;
seventhly, exchanging a result set Hash list between the participant A and the participant B;
and step eight, matching the result set Hash list of the participator A and the result set Hash list of the participator B with the result set Hash list of the other party respectively by the participator A and the participator B, if the results can be matched, accepting the result returned by the calculator C, and otherwise rejecting the intersection calculation result.
According to the invention, through exchanging the result set Hash list between the participant A and the participant B and comparing the result set Hash list with the result set Hash list of the other participant, the wrong intersection fed back to the participant A and the participant B by the calculator C can be prevented when the calculator C returns the calculation result, and thus the accuracy of the calculation result fed back by the calculator C is ensured.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (3)

1. A method for solving intersection hash check based on private data of an untrusted third party is characterized by comprising the following steps:
the first step, a participant A and a participant B jointly negotiate a key K;
second, party a and party B use the negotiated key K to assemble their respective data sets
Figure FDA0002853626790000011
And
Figure FDA0002853626790000012
conversion into sets by function F
Figure FDA0002853626790000013
And collections
Figure FDA0002853626790000014
Thirdly, the participator A and the participator B respectively process the set after the function F processing
Figure FDA0002853626790000015
And collections
Figure FDA0002853626790000016
Sending the data to a credible calculator C;
fourth, the calculator C calculates the set
Figure FDA0002853626790000017
And collections
Figure FDA0002853626790000018
And returning the obtained intersection to the participant A and the participant B respectively;
fifthly, the participator A and the participator B use the negotiated key K to decrypt the intersection set obtained from the calculator C to obtain the final result;
sixthly, the participator A and the participator B form a result set Hash list by the result received from the calculator C through a Hash function;
seventhly, exchanging a result set Hash list between the participant A and the participant B;
and step eight, matching the result set Hash list of the participator A and the result set Hash list of the participator B with the result set Hash list of the other party respectively by the participator A and the participator B, if the results can be matched, accepting the result returned by the calculator C, and otherwise rejecting the intersection calculation result.
2. The intersection hash check method based on the private data of the untrusted third party as claimed in claim 1, wherein: in the second step, the function F takes the form of a pseudo-random function.
3. The intersection hash check method based on the private data of the untrusted third party as claimed in claim 1, wherein: in a second step, the
Figure FDA0002853626790000019
The conversion formula of (1) is as follows:
Figure FDA0002853626790000021
the conversion formula for the set is:
Figure FDA0002853626790000022
wherein, F is a pseudo random function, and K is a key negotiated by the participating party a and the participating party B.
CN202011537674.7A 2020-12-23 2020-12-23 Intersection hash check method based on private data of untrusted third party Pending CN112651051A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011537674.7A CN112651051A (en) 2020-12-23 2020-12-23 Intersection hash check method based on private data of untrusted third party

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011537674.7A CN112651051A (en) 2020-12-23 2020-12-23 Intersection hash check method based on private data of untrusted third party

Publications (1)

Publication Number Publication Date
CN112651051A true CN112651051A (en) 2021-04-13

Family

ID=75359465

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011537674.7A Pending CN112651051A (en) 2020-12-23 2020-12-23 Intersection hash check method based on private data of untrusted third party

Country Status (1)

Country Link
CN (1) CN112651051A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556225A (en) * 2021-07-07 2021-10-26 深圳前海新心数字科技有限公司 Efficient PSI (program specific information) method based on Hash and key exchange
CN114884675A (en) * 2022-04-29 2022-08-09 杭州博盾习言科技有限公司 Multi-party privacy intersection method, device, equipment and medium based on bit transmission
CN115277169A (en) * 2022-07-25 2022-11-01 上海阵方科技有限公司 Privacy set intersection method and system applied to financial scene

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105812141A (en) * 2016-03-07 2016-07-27 东北大学 Outsourcing encrypted data-orientated verifiable intersection operation method and system
CN105871869A (en) * 2016-04-28 2016-08-17 湖南科技学院 Anonymous bidirectional authentication method in mobile social network based on single hash function and false identity
US20170155510A1 (en) * 2014-06-27 2017-06-01 Koninklijke Philips N.V. Device for determining a shared key

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170155510A1 (en) * 2014-06-27 2017-06-01 Koninklijke Philips N.V. Device for determining a shared key
CN105812141A (en) * 2016-03-07 2016-07-27 东北大学 Outsourcing encrypted data-orientated verifiable intersection operation method and system
CN105871869A (en) * 2016-04-28 2016-08-17 湖南科技学院 Anonymous bidirectional authentication method in mobile social network based on single hash function and false identity

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556225A (en) * 2021-07-07 2021-10-26 深圳前海新心数字科技有限公司 Efficient PSI (program specific information) method based on Hash and key exchange
CN114884675A (en) * 2022-04-29 2022-08-09 杭州博盾习言科技有限公司 Multi-party privacy intersection method, device, equipment and medium based on bit transmission
CN114884675B (en) * 2022-04-29 2023-12-05 杭州博盾习言科技有限公司 Multi-party privacy intersection method, device, equipment and medium based on bit transmission
CN115277169A (en) * 2022-07-25 2022-11-01 上海阵方科技有限公司 Privacy set intersection method and system applied to financial scene

Similar Documents

Publication Publication Date Title
CN112651051A (en) Intersection hash check method based on private data of untrusted third party
Gao et al. Achieving a covert channel over an open blockchain network
US20210192498A1 (en) Random number generation in a blockchain
CN108989047A (en) A kind of communicating pair collaboration endorsement method and system based on SM2 algorithm
Chen et al. Mobile device integration of a fingerprint biometric remote authentication scheme
CN111552978B (en) Privacy protection set intersection solving method based on DH encryption and Hash table
EP3669491A1 (en) Computer-implemented method of generating a threshold vault
JP7428704B2 (en) Computer-implemented systems and methods for transferring access to digital resources
CN109672518A (en) The node data processing of the block chain of anti-quantum attack
CN110971390A (en) Fully homomorphic encryption method for intelligent contract privacy protection
CN112287377A (en) Model training method based on federal learning, computer equipment and storage medium
US8923519B2 (en) Method of efficient secure function evaluation using resettable tamper-resistant hardware tokens
US20240143795A1 (en) Method and device for intersecting unbalanced private sets
CN111460510B (en) Method and device for determining same service data based on privacy protection
Giri et al. A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer USB mass storage devices
Ali et al. RFID authentication scheme based on hyperelliptic curve signcryption
CN116361649A (en) Efficient unbalanced PSI (program specific information) based on bloom filter and hash
CN113645036A (en) Ether shop transaction privacy protection method based on ring signature and intelligent contract
CN108900310A (en) Block chain signature processing method and block chain signature processing unit
Zhu et al. A patient-centric key management protocol for healthcare information system based on blockchain
CN115314205A (en) Collaborative signature system and method based on key segmentation
CN112651050B (en) Intersection disturbance verification method based on untrusted third party privacy data
CN112651050A (en) Intersection perturbation verification method based on private data of untrusted third party
CN112713992B (en) Certificate-free anti-leakage authentication and key agreement method and system
Feng et al. Secure data collaborative computing scheme based on blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination