CN112651051A - Intersection hash check method based on private data of untrusted third party - Google Patents
Intersection hash check method based on private data of untrusted third party Download PDFInfo
- Publication number
- CN112651051A CN112651051A CN202011537674.7A CN202011537674A CN112651051A CN 112651051 A CN112651051 A CN 112651051A CN 202011537674 A CN202011537674 A CN 202011537674A CN 112651051 A CN112651051 A CN 112651051A
- Authority
- CN
- China
- Prior art keywords
- intersection
- party
- participator
- calculator
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 18
- 238000006243 chemical reaction Methods 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002068 genetic effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses an intersection hash check method based on private data of an untrusted third party, which comprises the following steps: step one, participating in a common negotiation of a key K by two parties; secondly, both parties use the negotiated key K to convert respective data sets into sets through a function F; thirdly, the participating parties send the sets to a calculator C; fourthly, the calculator C calculates the intersection of the sets of the two parties, and returns the obtained intersection to the two parties respectively; fifthly, the participating parties decrypt the intersection obtained from the calculator C by using the key K; sixthly, the participating parties form a result set Hash list by the result received from the calculator C through a Hash function; seventhly, participating in the exchange of a result set Hash list of the two parties; and eighthly, matching the result set Hash list of the participating parties with the result set Hash list of the other party, if the two parties can be matched, accepting the result returned by the calculating party C, and otherwise rejecting the intersection calculation result.
Description
Technical Field
The invention relates to the technical field of secure multiparty computing, in particular to an intersection hash check method based on private data of an untrusted third party.
Background
The privacy Protection Set Intersection (PSI) calculation belongs to the specific application problem in the field of secure multi-party calculation, and not only has important theoretical significance, but also has strong application value. With the increasing importance of privacy protection of user data, the research in this direction is more in line with the increasingly strong need of people to protect privacy of personal information to the greatest extent while enjoying convenience of various services depending on personal information.
Privacy preserving set intersection protocol allows two parties holding respective sets to jointly compute the intersection operation of the two sets. At the end of a protocol interaction, one or both parties should get the correct intersection and not get any information in the other party's set outside the intersection. Protecting the privacy of a collection is a natural or even necessary requirement in many scenarios, for example, when the collection is the address book of a user or the genome of a genetic diagnosis service user, such input must be protected by means of cryptography.
In order to prove the security of a certain protocol, the capabilities of the adversary and the meaning of security must be strictly defined. Strict definitions regarding security are embodied differently in different protocols, but the ideas are based on the functionality of the ideal PSI protocol. For adversary definitions, three common definitions in cryptography are:
(1) semi-honest model (host but curous adorsaryhbc). Each participant of the protocol follows the execution of the protocol, but information from other participants can be inferred from the input and output information of the protocol during the execution of the protocol.
(2) Malicious model (malicious assisted public Mal). The participants do not comply with the execution process of the protocol, may refuse to participate in the protocol, modify the private input set information, terminate the execution of the protocol early, etc., and thus more cryptographic protocols or techniques (bit commitment protocol, zero knowledge proof, etc.) need to be used to ensure the correctness of the calculation result.
(3) Concealed adversary model (covert overlay). The security of the model is between a semi-honest model and a malicious model, the model is more consistent with a real scene, and the malicious behavior is detected by a protocol and punished, so that the malicious behavior is confused in normal behavior by concealing an adversary, and can only be detected with a certain probability.
Secure multi-party computing protocols typically have a secure version under a semi-honest model and a secure version under a malicious model. Although the semi-honest model has great restrictions on adversaries and is not a reasonable assumption in many cases, the design of the semi-honest model can be used as the first step in designing the security protocols of the malicious model (the GMW compiler can implement a general, but not efficient, conversion from the semi-honest model to the malicious model); secondly, in some scenarios, the limit that an adversary in the semi-honest model must interact according to the protocol rules is reasonable (for example, in a scenario where malicious behavior is found to have severe penalties); finally, the malicious model can bring some extra burden to the protocol in order to ensure the security, so that the safe version under the semi-honest model can be more efficient than the protocol which is safe by the malicious model.
Also, in the current PSI protocol, common adversary models are a semi-honest model and a malicious model. Moreover, since one party in the malicious model may intentionally obtain information of the other party (by actively deviating from the protocol specification to achieve the purpose), the protocol needs to use an additional means to prevent such attacks, and therefore, the complexity and the cost of the protocol secure under the malicious model are generally greater than those of the protocol secure under the semi-honest model.
At present, the untrusted calculator C may return the wrong intersection result to the participant a and the participant B, assuming that the intersection result is {4,5,6,7}, when the calculator C returns the calculation result, the calculator C returns {1,4,5} to the participant a, and returns {5,6,7} to the participant B, which is obviously not the correct intersection. In order to prevent the problem, an intersection hash check method based on the private data of the untrusted third party is provided.
Disclosure of Invention
The invention aims to provide an intersection Hash check method based on the private data of an untrusted third party, which is used for preventing a calculator C from providing an error data set by performing Hash check on a calculation result set acquired from the calculator C through a participator A and a participator B.
In order to achieve the purpose, the invention provides the following technical scheme: a method for solving intersection hash check based on private data of an untrusted third party comprises the following steps:
the first step, a participant A and a participant B jointly negotiate a key K;
second, party a and party B use the negotiated key K to assemble their respective data setsAndconversion into sets by function FAnd collections
Thirdly, the participator A and the participator B respectively process the set after the function F processingAnd collectionsSending the data to a credible calculator C;
fourth, the calculator C calculates the setAnd collectionsAnd returning the obtained intersection to the participant A and the participant B respectively;
fifthly, the participator A and the participator B use the negotiated key K to decrypt the intersection set obtained from the calculator C to obtain the final result;
sixthly, the participator A and the participator B form a result set Hash list by the result received from the calculator C through a Hash function;
seventhly, exchanging a result set Hash list between the participant A and the participant B;
and step eight, matching the result set Hash list of the participator A and the result set Hash list of the participator B with the result set Hash list of the other party respectively by the participator A and the participator B, if the results can be matched, accepting the result returned by the calculator C, and otherwise rejecting the intersection calculation result.
Preferably, in the second step, the function F is a pseudo-random function.
the conversion formula for the set is:
wherein, F is a pseudo random function, and K is a key negotiated by the participating party a and the participating party B.
Compared with the prior art, the invention has the following beneficial effects:
according to the invention, through exchanging the result set Hash list between the participant A and the participant B and comparing the result set Hash list with the result set Hash list of the other participant, the wrong intersection fed back to the participant A and the participant B by the calculator C can be prevented when the calculator C returns the calculation result, and thus the accuracy of the calculation result fed back by the calculator C is ensured.
Drawings
FIG. 1 is a schematic diagram of a computing process according to the present invention;
FIG. 2 is a schematic flow chart of a verification method for a participant A and a participant B according to the present invention;
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Examples
Referring to fig. 1 to 2, the present invention provides a technical solution, a method for obtaining intersection hash check based on private data of an untrusted third party, including the following steps:
the first step, a participant A and a participant B jointly negotiate a key K;
second, party a and party B use the negotiated key K to combine their respective data sets:
Thirdly, the participator A and the participator B respectively process the sets processed by the pseudo-random function FAnd collectionsSending the data to a credible calculator C;
fourth, the calculator C calculates the setAnd collectionsAnd returning the obtained intersection to the participant A and the participant B respectively;
fifthly, the participator A and the participator B use the negotiated key K to decrypt the intersection set obtained from the calculator C to obtain the final result; in this embodiment, the decrypted set is:
sixthly, the participator A and the participator B form a result set Hash list by the result received from the calculator C through a Hash function;
seventhly, exchanging a result set Hash list between the participant A and the participant B;
and step eight, matching the result set Hash list of the participator A and the result set Hash list of the participator B with the result set Hash list of the other party respectively by the participator A and the participator B, if the results can be matched, accepting the result returned by the calculator C, and otherwise rejecting the intersection calculation result.
According to the invention, through exchanging the result set Hash list between the participant A and the participant B and comparing the result set Hash list with the result set Hash list of the other participant, the wrong intersection fed back to the participant A and the participant B by the calculator C can be prevented when the calculator C returns the calculation result, and thus the accuracy of the calculation result fed back by the calculator C is ensured.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (3)
1. A method for solving intersection hash check based on private data of an untrusted third party is characterized by comprising the following steps:
the first step, a participant A and a participant B jointly negotiate a key K;
second, party a and party B use the negotiated key K to assemble their respective data setsAndconversion into sets by function FAnd collections
Thirdly, the participator A and the participator B respectively process the set after the function F processingAnd collectionsSending the data to a credible calculator C;
fourth, the calculator C calculates the setAnd collectionsAnd returning the obtained intersection to the participant A and the participant B respectively;
fifthly, the participator A and the participator B use the negotiated key K to decrypt the intersection set obtained from the calculator C to obtain the final result;
sixthly, the participator A and the participator B form a result set Hash list by the result received from the calculator C through a Hash function;
seventhly, exchanging a result set Hash list between the participant A and the participant B;
and step eight, matching the result set Hash list of the participator A and the result set Hash list of the participator B with the result set Hash list of the other party respectively by the participator A and the participator B, if the results can be matched, accepting the result returned by the calculator C, and otherwise rejecting the intersection calculation result.
2. The intersection hash check method based on the private data of the untrusted third party as claimed in claim 1, wherein: in the second step, the function F takes the form of a pseudo-random function.
3. The intersection hash check method based on the private data of the untrusted third party as claimed in claim 1, wherein: in a second step, theThe conversion formula of (1) is as follows:
the conversion formula for the set is:
wherein, F is a pseudo random function, and K is a key negotiated by the participating party a and the participating party B.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011537674.7A CN112651051A (en) | 2020-12-23 | 2020-12-23 | Intersection hash check method based on private data of untrusted third party |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011537674.7A CN112651051A (en) | 2020-12-23 | 2020-12-23 | Intersection hash check method based on private data of untrusted third party |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112651051A true CN112651051A (en) | 2021-04-13 |
Family
ID=75359465
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011537674.7A Pending CN112651051A (en) | 2020-12-23 | 2020-12-23 | Intersection hash check method based on private data of untrusted third party |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112651051A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556225A (en) * | 2021-07-07 | 2021-10-26 | 深圳前海新心数字科技有限公司 | Efficient PSI (program specific information) method based on Hash and key exchange |
CN114884675A (en) * | 2022-04-29 | 2022-08-09 | 杭州博盾习言科技有限公司 | Multi-party privacy intersection method, device, equipment and medium based on bit transmission |
CN115277169A (en) * | 2022-07-25 | 2022-11-01 | 上海阵方科技有限公司 | Privacy set intersection method and system applied to financial scene |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105812141A (en) * | 2016-03-07 | 2016-07-27 | 东北大学 | Outsourcing encrypted data-orientated verifiable intersection operation method and system |
CN105871869A (en) * | 2016-04-28 | 2016-08-17 | 湖南科技学院 | Anonymous bidirectional authentication method in mobile social network based on single hash function and false identity |
US20170155510A1 (en) * | 2014-06-27 | 2017-06-01 | Koninklijke Philips N.V. | Device for determining a shared key |
-
2020
- 2020-12-23 CN CN202011537674.7A patent/CN112651051A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170155510A1 (en) * | 2014-06-27 | 2017-06-01 | Koninklijke Philips N.V. | Device for determining a shared key |
CN105812141A (en) * | 2016-03-07 | 2016-07-27 | 东北大学 | Outsourcing encrypted data-orientated verifiable intersection operation method and system |
CN105871869A (en) * | 2016-04-28 | 2016-08-17 | 湖南科技学院 | Anonymous bidirectional authentication method in mobile social network based on single hash function and false identity |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113556225A (en) * | 2021-07-07 | 2021-10-26 | 深圳前海新心数字科技有限公司 | Efficient PSI (program specific information) method based on Hash and key exchange |
CN114884675A (en) * | 2022-04-29 | 2022-08-09 | 杭州博盾习言科技有限公司 | Multi-party privacy intersection method, device, equipment and medium based on bit transmission |
CN114884675B (en) * | 2022-04-29 | 2023-12-05 | 杭州博盾习言科技有限公司 | Multi-party privacy intersection method, device, equipment and medium based on bit transmission |
CN115277169A (en) * | 2022-07-25 | 2022-11-01 | 上海阵方科技有限公司 | Privacy set intersection method and system applied to financial scene |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112651051A (en) | Intersection hash check method based on private data of untrusted third party | |
Gao et al. | Achieving a covert channel over an open blockchain network | |
US20210192498A1 (en) | Random number generation in a blockchain | |
CN108989047A (en) | A kind of communicating pair collaboration endorsement method and system based on SM2 algorithm | |
Chen et al. | Mobile device integration of a fingerprint biometric remote authentication scheme | |
CN111552978B (en) | Privacy protection set intersection solving method based on DH encryption and Hash table | |
EP3669491A1 (en) | Computer-implemented method of generating a threshold vault | |
JP7428704B2 (en) | Computer-implemented systems and methods for transferring access to digital resources | |
CN109672518A (en) | The node data processing of the block chain of anti-quantum attack | |
CN110971390A (en) | Fully homomorphic encryption method for intelligent contract privacy protection | |
CN112287377A (en) | Model training method based on federal learning, computer equipment and storage medium | |
US8923519B2 (en) | Method of efficient secure function evaluation using resettable tamper-resistant hardware tokens | |
US20240143795A1 (en) | Method and device for intersecting unbalanced private sets | |
CN111460510B (en) | Method and device for determining same service data based on privacy protection | |
Giri et al. | A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer USB mass storage devices | |
Ali et al. | RFID authentication scheme based on hyperelliptic curve signcryption | |
CN116361649A (en) | Efficient unbalanced PSI (program specific information) based on bloom filter and hash | |
CN113645036A (en) | Ether shop transaction privacy protection method based on ring signature and intelligent contract | |
CN108900310A (en) | Block chain signature processing method and block chain signature processing unit | |
Zhu et al. | A patient-centric key management protocol for healthcare information system based on blockchain | |
CN115314205A (en) | Collaborative signature system and method based on key segmentation | |
CN112651050B (en) | Intersection disturbance verification method based on untrusted third party privacy data | |
CN112651050A (en) | Intersection perturbation verification method based on private data of untrusted third party | |
CN112713992B (en) | Certificate-free anti-leakage authentication and key agreement method and system | |
Feng et al. | Secure data collaborative computing scheme based on blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |