CN113014384A - Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium - Google Patents

Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium Download PDF

Info

Publication number
CN113014384A
CN113014384A CN202110281954.4A CN202110281954A CN113014384A CN 113014384 A CN113014384 A CN 113014384A CN 202110281954 A CN202110281954 A CN 202110281954A CN 113014384 A CN113014384 A CN 113014384A
Authority
CN
China
Prior art keywords
comparison
coordinate
commitment
data
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110281954.4A
Other languages
Chinese (zh)
Other versions
CN113014384B (en
Inventor
袁立威
李志辉
王凌斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Pingan Payment Technology Service Co Ltd
Original Assignee
Pingan Payment Technology Service Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Pingan Payment Technology Service Co Ltd filed Critical Pingan Payment Technology Service Co Ltd
Priority to CN202110281954.4A priority Critical patent/CN113014384B/en
Publication of CN113014384A publication Critical patent/CN113014384A/en
Application granted granted Critical
Publication of CN113014384B publication Critical patent/CN113014384B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Algebra (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses a data comparison method and device based on a DH key exchange algorithm, computer equipment and a storage medium. The method belongs to the technical field of safety protection, and comprises the following steps: if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request; randomly selecting a coordinate from the elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula; generating a shared key through a DH key exchange algorithm according to the third coordinate; encrypting the first plaintext data and the second plaintext data respectively according to the shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data; the sizes of the first encrypted data and the second encrypted data are compared to obtain a comparison result. The embodiment of the application can improve the safety of data comparison.

Description

Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium
Technical Field
The present invention relates to the field of security protection technologies, and in particular, to a data comparison method and apparatus based on a DH key exchange algorithm, a computer device, and a storage medium.
Background
In some specific scenarios, it is often desirable to hide the data without disclosing the original information of the data, and perform a series of operations on the hidden data to achieve the final desired result. For example, in a bidding auction, bidders do not disclose their bids, but prove that their bids are higher, which requires a comparison of data hiding, which is a comparison of the magnitude of values without revealing the values themselves. At present, two numerical value hiding comparison algorithms exist, one is numerical value size comparison based on zero knowledge proof, and the other is full homomorphic encryption ciphertext size comparison based on lattices. Based on a size comparison algorithm of zero knowledge proof, a proof person is required to know plaintext information of a numerical value participating in comparison, namely a verifier is required to know the plaintext information of the numerical value participating in comparison, and under a general scene, a data provider does not want to expose the numerical value to the data verifier or other data providers, namely complete hiding of data cannot be realized; the method for comparing sizes of encrypted ciphertexts based on a lattice in a fully homomorphic manner needs to use the same set of secret keys for all ciphertexts, and under a general scene, the secret keys of different data providers are definitely unequal, that is, independent hiding of data cannot be realized.
Disclosure of Invention
The embodiment of the invention provides a data comparison method and device based on a DH (distributed hash) key exchange algorithm, computer equipment and a storage medium, aiming at solving the problem of low safety in the existing numerical value comparison.
In a first aspect, an embodiment of the present invention provides a data comparison method based on a DH key exchange algorithm, where the method includes:
if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request;
randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula;
generating a shared key through a DH key exchange algorithm according to the third coordinate;
encrypting the first plaintext data and the second plaintext data respectively according to the shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data;
and comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
In a second aspect, an embodiment of the present invention further provides a data comparison apparatus based on a DH key exchange algorithm, where the apparatus includes:
the device comprises an acquisition unit, a comparison unit and a comparison unit, wherein the acquisition unit is used for acquiring first plaintext data and second plaintext data corresponding to a data comparison request if the data comparison request is received;
the device comprises a first generating unit, a second generating unit and a third generating unit, wherein the first generating unit is used for randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula;
a second generating unit, configured to generate a shared key through a DH key exchange algorithm according to the third coordinate;
an encryption unit configured to encrypt the first plaintext data and the second plaintext data according to the shared key, the first coordinate, and the second coordinate, respectively, to generate first encrypted data and second encrypted data;
and the comparison unit is used for comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
In a third aspect, an embodiment of the present invention further provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the above method when executing the computer program.
In a fourth aspect, the present invention further provides a computer-readable storage medium, where the storage medium stores a computer program, and the computer program, when executed by a processor, implements the above method.
The embodiment of the invention provides a data comparison method and device based on a DH key exchange algorithm, computer equipment and a storage medium. Wherein the method comprises the following steps: if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request; randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula; generating a shared key through a DH key exchange algorithm according to the third coordinate;
encrypting the first plaintext data and the second plaintext data respectively according to the shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data; and comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result. According to the technical scheme of the embodiment of the invention, the second coordinate and the third coordinate are generated according to the randomly selected first coordinate, then the shared key is generated according to the third coordinate, and different shared keys are generated when plaintext data are encrypted each time, so that the independent concealment of the data is ensured; encrypting the first plaintext data and the second plaintext data respectively according to the generated shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data; finally, the sizes of the first encrypted data and the second encrypted data are compared, so that complete hiding of the data is realized, and the safety of data comparison can be improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention;
fig. 2 is a schematic sub-flow chart of a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 3 is a schematic sub-flowchart of a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention;
fig. 4 is a schematic sub-flow chart of a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 5 is a schematic sub-flowchart of a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention;
fig. 6 is a schematic sub-flow chart of a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 7 is a schematic block diagram of a data comparison apparatus based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 8 is a schematic block diagram of a first generation unit of a data comparison apparatus based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 9 is a schematic block diagram of an encryption unit of a data comparison device based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 10 is a schematic block diagram of a comparison unit of a data comparison apparatus based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 11 is a schematic block diagram of a verification unit of a data comparison apparatus based on a DH key exchange algorithm according to an embodiment of the present invention;
FIG. 12 is a schematic block diagram of a comparison subunit of a data comparison apparatus based on a DH key exchange algorithm provided in an embodiment of the present invention; and
fig. 13 is a schematic block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a data comparison method based on a DH key exchange algorithm according to an embodiment of the present invention. The data comparison method of the embodiment of the invention can be applied to a server, and can be realized by a numerical comparison system configured on the server. The numerical value comparison system comprises a data verifier and a plurality of data providers, wherein the data providers are used for encrypting data uploaded by the terminal and then providing the encrypted data to the data verifier; and the data verifier receives the encrypted data from the data provider and compares the encrypted data to obtain a comparison result. The terminal includes, but is not limited to, an electronic device with a communication function, such as a smart phone, a tablet computer, a notebook computer, and a desktop computer. In the embodiment of the present invention, for convenience of explanation, the data comparison method in the embodiment of the present invention is explained by taking two data providers as an example, that is, a first data provider and a second data provider as an example. As shown in fig. 1, the method includes the following steps S100-S140.
S100, if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request.
In the embodiment of the present invention, the numerical comparison system may be a bidding auction system, after the bidding auction starts, that is, after the numerical comparison system receives the data comparison request, the first data provider and the second data provider may respectively obtain the first bidding price and the second bidding price uploaded by the terminal, where the first bidding price and the second bidding price are the first plaintext data and the second plaintext data, respectively.
S110, randomly selecting a coordinate from the elliptic curve as a first coordinate, and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula.
In the embodiment of the invention, after the first plaintext data and the second plaintext data are acquired, a coordinate is arbitrarily selected from the elliptic curve as the first coordinate, and the second coordinate and the third coordinate are calculated according to the first coordinate through a preset formula. Wherein, the preset formula is as follows: and x is the initial coordinate, wherein x is a random number. Understandably, if the initial coordinate is the first coordinate, the target coordinate is the second coordinate; and if the initial coordinate is the second coordinate, the target coordinate is the third coordinate. That is, if the first coordinate is G, the second coordinate is H, and the third coordinate is I, H ═ x × G, and I ═ x × H. That is, the center of the elliptic curve does not need to be limited to the origin of coordinates, and only after the first coordinate G is selected, the second coordinate H and the third coordinate I are calculated according to a preset formula.
It should be noted that, in the embodiment of the present invention, a coordinate is arbitrarily selected from the elliptic curve as the first coordinate because the cryptographic primitive relied on by the present application is the commitment, and the concrete manner of the commitment selected in the embodiment is the pederson commitment, which is also dependent on the elliptic curve, so that the elliptic curve in the embodiment is the specific elliptic curve in the pederson commitment, and it is necessary to arbitrarily select a coordinate from the elliptic curve as the first coordinate for subsequently generating the commitment.
Referring to fig. 2, in an embodiment, for example, in the embodiment of the present invention, the step S110 includes the following steps S111 to S114.
S111, randomly selecting a coordinate from the elliptic curve as a first coordinate;
s112, randomly generating a random number;
s113, generating a second coordinate associated with the first coordinate through a preset formula according to the first coordinate and the random number;
and S114, generating a third coordinate associated with the second coordinate through the preset formula according to the second coordinate and the random number.
In the embodiment of the invention, a coordinate is randomly selected from an elliptic curve as a first coordinate, and then a random number is randomly generated; calculating a second coordinate through a preset formula according to the selected first coordinate and the generated random number; and after the second coordinate is calculated, substituting the second coordinate into a preset formula to calculate a third coordinate.
It should be noted that, in the embodiment of the present invention, after the third coordinate is generated, the random number x is destroyed to ensure the security of the data to be compared.
And S120, generating a shared key through a DH key exchange algorithm according to the third coordinate.
In the embodiment of the present invention, after a third coordinate associated with the second coordinate is generated by a preset formula, a shared key is generated by a DH key exchange algorithm according to the third coordinate. Among them, the DH key exchange algorithm is a security protocol. It can make both parties establish a key through the insecure channel without any prior information of the other party. This key may be used as a symmetric key to encrypt the communication content in subsequent communications.
It should be noted that, in the embodiment of the present invention, the shared key includes a first shared key, a second shared key, and a third shared key. The first shared key is a shared key between a first data provider and a second data provider; the second shared key is a shared key between the first data provider and the data verifier; the third shared key is a shared key between the second data provider and the data verifier.
S130, encrypting the first plaintext data and the second plaintext data respectively according to the shared secret key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data.
In the embodiment of the present invention, after the first coordinate, the second coordinate, and the shared key are generated, the first plaintext data and the second plaintext data are encrypted according to the shared key, the first coordinate, and the second coordinate, respectively, to generate first encrypted data and second encrypted data. Wherein the first encrypted data comprises a first commitment, a first public key corresponding to the first commitment, a first comparison commitment, and a first comparison public key corresponding to the first comparison commitment; the second encrypted data includes a second commitment, a second public key corresponding to the second commitment, a second comparison commitment, and a second comparison public key corresponding to the second comparison commitment.
Referring to fig. 3, in an embodiment, for example, in the embodiment of the present invention, the step S130 includes the following steps S131 to S134.
S131, encrypting the first plaintext data and the second plaintext data according to the first coordinate and the second coordinate respectively to generate a first commitment and a second commitment;
s132, converting the first plaintext data and the second plaintext data into binary forms to obtain first binary data and second binary data respectively, wherein the bit number of the first binary data is N1, and the second binary bit number is N2;
s133, encrypting the first binary data and the second binary data according to the first coordinate, the second coordinate, and the shared key, respectively, to generate a first comparison commitment and a second comparison commitment, wherein the first comparison commitment includes an N1-bit first binary commitment, and the second comparison commitment includes an N2-bit second binary commitment;
s134, respectively generating a first public key, a second public key, a first comparison public key and a second comparison public key corresponding to the first commitment, the second commitment, the first comparison commitment and the second comparison commitment according to the first coordinate, where the first comparison public key includes an N1-bit first binary public key, and the second comparison public key includes an N2-bit second binary public key.
In the embodiment of the present invention, the first plaintext data and the second plaintext data are encrypted according to the first coordinate and the second coordinate, respectively, to generate a first commitment and a second commitment; after the first commitment and the second commitment are generated, converting the first plaintext data and the second plaintext data into binary forms to obtain first binary data and second binary data respectively, wherein the bit number of the first binary data is N1, and the second binary bit number is N2; encrypting the first binary data and the second binary data according to the first coordinate, the second coordinate, and the shared key, respectively, to generate a first comparison commitment and a second comparison commitment, wherein the first comparison commitment comprises an N1-bit first binary commitment, and the second comparison commitment comprises an N2-bit second binary commitment; and finally, respectively generating a first public key, a second public key, a first comparison public key and a second comparison public key according to the first coordinate, wherein the first comparison public key comprises an N1-bit first binary public key, and the second comparison public key comprises an N2-bit second binary public key. For convenience of understanding, the above steps are explained below by specifically formula (1) to formula (6) taking the first data provider as the data 2 as an example.
Comm_1=a*G+r_1*H (1)
Comm_1_1=a1*G+dh121+dh131+r_11*H (2)
Comm_1_0=a0*G+dh120+dh130+r_10*H (3)
Vpk_1=r_1*G (4)
Vpk_11=r_11*G (5)
Vpk_10=r_10*G (6)
Wherein G is a first coordinate, and H is a second coordinate; in this embodiment, a is the first plaintext data, the value is 2, the binary form of the first plaintext data a is 10, and the upper bit a of the first binary data1Is 1, the low bit a of the first binary data0Is 0; r _1, r _11And r _10Are all random numbers; dh121、dh131、dh120And dh130All are shared keys, Comm _1 is the first commitment; comm _1_1 and Comm _1_0 are the high order and low order bits of the first binary commitment from the first comparison commitment; vpk _1 is a first public key; vpk _11And Vpk _10The first comparison public key is the upper bit and the lower bit of the first binary public key. The first commitment, the first comparison commitment, the first public key and the first comparison public key can be obtained through the formula. Similarly, the second commitment, the second comparison commitment, the second public key and the second comparison public key can be obtained, which is not described herein again.
It should be noted that, in the embodiment of the present invention, N1 and N2 are equal, and if they are not equal, the high bit of the first binary data or the second binary data is automatically filled with 0; the comparison commitments (first comparison commitment and second comparison commitment) are generated for comparing data sizes, and the commitments (first commitment and second commitment) are generated for verifying consistency of the comparison commitments and the commitments.
And S140, comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
In this embodiment of the present invention, after the first encrypted data and the second encrypted data are generated, the data verifier compares sizes of the first encrypted data and the second encrypted data to obtain a comparison result. Specifically, a comparison result is determined according to the first comparison commitment, the second comparison commitment, the first comparison public key and the second comparison public key.
In some embodiments, such as the present invention, as shown in FIG. 4, the step S140 may include the following steps S141-S143.
S141, respectively checking whether the first commitment and the first comparison commitment, and the second commitment and the second comparison commitment are consistent;
in some embodiments, such as the embodiment of the present invention, as shown in FIG. 5, the step S141 may include the following steps S1411-S1413.
S1411, respectively performing binary summation on the first comparison commitment, the first comparison public key, the second comparison commitment and the second comparison public key to obtain a first decimal commitment, a first decimal public key, a second decimal commitment and a second decimal public key;
s1412, checking whether the first commitment and the first comparative commitment are consistent according to the first commitment, the first decimal commitment, the first public key and the first decimal public key;
s1413, verifying whether the second commitment and the second comparison commitment are consistent according to the second commitment, the second twentieth commitment, the second public key and the second twentieth public key.
In the embodiment of the present invention, taking the example of checking the consistency of the first commitment and the first comparison commitment as an example, the consistency check between the commitment and the comparison commitment is explained, the first comparison commitment is converted into the first decimal commitment through formula (7), the first comparison public key is converted into the first decimal public key through formula (8), the first decimal commitment is subtracted from the first commitment through formula (9) to obtain a first difference value Diff _ comm _1, the first decimal public key is subtracted from the first public key through formula (10) to obtain a first public key difference value Diff _ vpk _1, and finally, the consistency of the first commitment and the first comparison commitment is judged by comparing whether the coefficient before the first coordinate in the first difference value Diff _ comm _1 is equal to the coefficient before the second coordinate in the first public key difference value Diff _ vpk _1, understandably, if the coefficient of the first coordinate in the first difference value Diff _ comm _1 and the coefficient of the second coordinate in the first public key difference value Diff _ vpk _1 are equal, it is determined that the first commitment and the first comparison commitment have consistency, otherwise it is determined that the first commitment and the first comparison commitment do not have consistency. In the same way, the consistency of the second commitment and the second comparison commitment can be checked, and the details are not repeated herein.
Sum_comm=∑2iComm_1_i (7)
Sum_vpk=∑2iVpk_1_i (8)
Diff_comm_1=Comm_1-Sum_comm (9)
Diff_vpk_1=Vpk_1-Sum_vpk (10)
S142, if the first and second comparison commitments are consistent, removing the shared key in the first and second comparison commitments to obtain first and second target commitments corresponding to the first and second comparison commitments, respectively, wherein the first target commitment includes an N1-bit first binary target commitment, and the second target comparison commitment includes an N2-bit second binary target commitment;
s143, obtaining a comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key.
In an embodiment of the present invention, under a condition that it is ensured that the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are all consistent, the shared key in the first comparison commitment and the second comparison commitment is removed to obtain a first target commitment and a second target commitment corresponding to the first comparison commitment and the second comparison commitment, respectively, and finally, a comparison result is obtained according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key.
In some embodiments, such as the present invention, as shown in FIG. 6, the step S143 may include the following steps S1431-S1437.
S1431, for each bit of the first binary target commitment and each bit of the second binary target commitment, subtracting the second binary target commitment from the first binary target commitment to obtain a first comparative poor value;
s1432, for each bit of the first binary public key and each bit of the second binary public key, subtracting the second binary public key from the first binary public key to obtain a first comparison public key difference;
s1433, sequentially comparing a coefficient before the first coordinate in the first comparison difference value and a coefficient before the second coordinate in the first comparison public key difference value from a high bit to a low bit to determine whether the bit of the first binary data is equal to the bit of the second binary data, and if the bit of the first binary data is not equal to the bit of the second binary data, executing step S1434;
s1434, generating a third commitment and a third public key according to the first coordinate, the second coordinate and a preset value;
s1435, subtracting the third commitment from the first comparative difference to obtain a second comparative difference;
s1436, subtracting the third public key from the first comparison public key difference to obtain a second comparison public key difference;
s1437, obtaining a comparison result by comparing the coefficient before the first coordinate in the second comparison difference value with the coefficient before the second coordinate in the second comparison public key difference value;
in the embodiment of the present invention, the upper bits of the first binary target commitment, the second binary target commitment, the first binary public key and the second binary public key are taken as examplesThe above steps are explained. Obtaining the first comparison difference value Diff _ Comm by equation (11), where Diff _ Comm _1_1 and Diff _ Comm _2_1 are the high order bits of the first binary target commitment and the second binary target commitment, respectively, and obtaining the first comparison public key difference value Diff _ vpk by equation (12), and if the coefficient before the first coordinate G in the first comparison difference value Diff _ Comm and the coefficient before the second coordinate H in the first comparison public key difference value Diff _ vpk are equal, continuing to compare the coefficient before the first coordinate G in the next first comparison difference value Diff _ Comm with the coefficient before the second coordinate H in the first comparison difference value Diff _ vpk; if the coefficient before the first coordinate G in the first comparison difference value Diff _ Comm is not equal to the coefficient before the second coordinate H in the first comparison public key difference value Diff _ Vpk, that is, the high bits of the first binary data and the second binary data are not equal to each other, the comparison is continued, a third commitment with a logarithm value of 1 is generated through formula (13), a third public key Vpk _3 corresponding to the third commitment Comm _3 is generated through formula (14), a second comparison difference value Comm and a second comparison public key difference value Vpk are respectively obtained through formula (15) and formula (16), and finally, the high bit a of the first binary data is obtained by comparing the coefficient before the first coordinate G in the second comparison difference value Comm with the coefficient before the second coordinate H in the second comparison public key difference value Vpk1And the upper bit b of the second binary data1The size results of (a). Understandably, if the coefficient of the first coordinate G in the second comparison difference Comm and the coefficient of the second coordinate H in the second comparison public key difference Vpk are equal, it represents the high bit a of the first binary data1Higher bit b than the second binary data1It is known that the first plaintext data is larger than the second plaintext data. If the coefficient of the first coordinate G in the second comparison difference Comm is not equal to the coefficient of the second coordinate H in the second comparison public key difference Vpk, it indicates the high bit a of the first binary data1Is less than the high bit b of the second binary data1That is, the first plaintext data is known to be smaller than the second plaintext data.
Diff_comm=Diff_Comm_1_1-Diff_Comm_2_1=(a1–b1)*G+(r_11–r_21)*H (11)
Diff_vpk=Vpk_11-Vpk_21=(r_11–r_21)*G (12)
Comm_3=1*G+r_3*H (13)
Vpk_3=r_3*G (14)
Comm=Diff_comm-Comm_3 (15)
Vpk=Diff_vpk-Vpk_3 (16)
Fig. 7 is a schematic block diagram of a data comparison apparatus 200 based on a DH key exchange algorithm according to an embodiment of the present invention. As shown in fig. 7, the present invention further provides a data comparison apparatus 200 based on DH key exchange algorithm, corresponding to the above data comparison method based on DH key exchange algorithm. The data comparison apparatus 200 includes a unit for performing the above-described data comparison method, and the apparatus may be configured in a server. Specifically, referring to fig. 7, the data comparison apparatus 200 includes an acquisition unit 201, a first generation unit 202, a second generation unit 203, an encryption unit 204, and a comparison unit 205.
The fetching unit 201 is configured to, if a data comparison request is received, obtain first plaintext data and second plaintext data corresponding to the data comparison request; the first generating unit 202 is configured to arbitrarily select a coordinate from an elliptic curve as a first coordinate, and generate a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula; the second generating unit 203 is configured to generate a shared key through a DH key exchange algorithm according to the third coordinate; the encryption unit 204 is configured to encrypt the first plaintext data and the second plaintext data according to the shared key, the first coordinate, and the second coordinate, respectively, to generate first encrypted data and second encrypted data; the comparing unit 205 is configured to compare sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
In some embodiments, for example, as shown in fig. 8, the first generating unit 202 includes a selecting unit 2021, a first generating subunit 2022, a second generating subunit 2023, and a third generating subunit 2024.
The selecting unit 2021 is configured to arbitrarily select a coordinate from the elliptic curve as a first coordinate; the first generating subunit 2022 is configured to generate a random number arbitrarily; the second generating subunit 2023 is configured to generate a second coordinate associated with the first coordinate through a preset formula according to the first coordinate and the random number; the third generating subunit 2024 is configured to generate a third coordinate associated with the second coordinate through the preset formula according to the second coordinate and the random number.
In some embodiments, for example, in the present embodiment, as shown in fig. 9, the encryption unit 204 includes a first encryption subunit 2041, a conversion unit 2042, a second encryption subunit 2043, and a third encryption subunit 2044.
The first encrypting subunit 2041 is configured to encrypt the first plaintext data and the second plaintext data according to the first coordinate and the second coordinate, respectively, to generate a first commitment and a second commitment; the conversion unit 2042 is configured to convert the first plaintext data and the second plaintext data into binary form to obtain first binary data and second binary data, respectively, where the first binary data has a bit number of N1, and the second binary bit number is N2; the second encrypting subunit 2043 is configured to encrypt the first binary data and the second binary data according to the first coordinate, the second coordinate, and the shared key to generate a first comparison commitment and a second comparison commitment, respectively, where the first comparison commitment includes an N1-bit first binary commitment, and the second comparison commitment includes an N2-bit second binary commitment; the third encryption subunit 2044 is configured to generate a first public key, a second public key, a first comparison public key, and a second comparison public key corresponding to the first commitment, the second commitment, the first comparison commitment, and the second comparison commitment, respectively, according to the first coordinate, where the first comparison public key includes an N1-bit first binary public key, and the second comparison public key includes an N2-bit second binary public key.
In some embodiments, such as this embodiment, as shown in fig. 10, the comparing unit 205 includes a verifying unit 2051, a removing unit 2052, and a comparing sub-unit 2053.
Wherein the checking unit 2051 is configured to check whether the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent, respectively; the removing unit 2052 is configured to remove the shared key from the first comparison commitment and the second comparison commitment to obtain a first target commitment and a second target commitment corresponding to the first comparison commitment and the second comparison commitment, respectively, if the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent, where the first target commitment includes an N1-bit first binary target commitment, and the second target comparison commitment includes an N2-bit second binary target commitment; the comparison subunit 2053 is configured to obtain a comparison result according to the first target commitment, the first comparison public key, the second target commitment, and the second comparison public key.
In some embodiments, such as this embodiment, as shown in fig. 11, the check unit 2051 includes a summation unit 20511, a first check subunit 20512, and a second check subunit 20513.
The summing unit 20511 is configured to perform binary summation on the first comparison commitment, the first comparison public key, the second comparison commitment, and the second comparison public key to obtain a first decimal commitment, a first decimal public key, a second decimal commitment, and a second decimal public key, respectively; the first checking subunit 20512 is configured to check whether the first commitment and the first comparison commitment are consistent according to the first commitment, the first decimal commitment, the first public key and the first decimal public key; the second verifying sub-unit 20513 is configured to verify whether the second commitment and the second comparison commitment are consistent according to the second commitment, the second twentieth commitment, the second public key and the second twentieth public key.
In some embodiments, for example, in the present embodiment, as shown in fig. 12, the comparing sub-unit 2053 includes a first operation unit 20531, a second operation unit 20532, a determination unit 20533, a fourth generation sub-unit 20534, a third operation unit 20535, a fourth operation unit 20536, and a comparison unit 20537.
Wherein the first arithmetic unit 20531 is configured to subtract the second binary target commitment from the first binary target commitment to obtain a first comparative value for each bit of the first binary target commitment and each bit of the second binary target commitment; the second operation unit 20532 is configured to, for each bit of the first binary public key and each bit of the second binary public key, subtract the first binary public key from the second binary public key to obtain a first comparison public key difference; the determining unit 20533 is configured to sequentially compare the coefficient before the first coordinate in the first comparison difference value with the coefficient before the second coordinate in the first comparison public key difference value from a high bit to a low bit to determine whether the bit of the first binary data is equal to that of the second binary data; the fourth generating subunit 20534 is configured to generate a third commitment and a third public key according to the first coordinate, the second coordinate, and a preset value if the bit of the first binary data is not equal to the bit of the second binary data; the third operation unit 20535 is configured to subtract the third commitment from the first comparison difference to obtain a second comparison difference; the fourth operation unit 20536 is configured to subtract the third public key from the first comparison public key difference to obtain a second comparison public key difference; the comparing unit 20537 is configured to obtain a comparison result by comparing the coefficient before the first coordinate in the second comparison difference with the coefficient before the second coordinate in the second comparison public key difference.
The data comparison apparatus based on the DH key exchange algorithm described above may be implemented in the form of a computer program that can be run on a computer device as shown in fig. 13.
Referring to fig. 13, fig. 13 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 300 is a server, and specifically, the server may be an independent server or a server cluster composed of a plurality of servers.
Referring to fig. 13, the computer device 300 includes a processor 302, memory, which may include storage media 303 and internal memory 304, and a network interface 305 connected by a system bus 301.
The storage medium 303 may store an operating system 3031 and computer programs 3032. The computer program 3032, when executed, causes the processor 302 to perform a data comparison method based on the DH key exchange algorithm.
The processor 302 is used to provide computing and control capabilities to support the operation of the overall computer device 300.
The internal memory 304 provides an environment for the execution of the computer program 3032 in the storage medium 303, and the computer program 3032, when executed by the processor 302, causes the processor 302 to perform a data comparison method based on a DH key exchange algorithm.
The network interface 305 is used for network communication with other devices. Those skilled in the art will appreciate that the architecture shown in fig. 13 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing device 300 to which the disclosed aspects apply, as a particular computing device 300 may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
Wherein the processor 302 is configured to run a computer program 3032 stored in the memory to implement the following steps: if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request; randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula; generating a shared key through a DH key exchange algorithm according to the third coordinate; encrypting the first plaintext data and the second plaintext data respectively according to the shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data; and comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
In some embodiments, for example, in this embodiment, when the processor 302 implements the step of arbitrarily selecting a coordinate from the elliptic curve as the first coordinate and generating the second coordinate associated with the first coordinate and the third coordinate associated with the second coordinate through a preset formula, the following steps are specifically implemented: selecting a coordinate from the elliptic curve as a first coordinate; randomly generating a random number; generating a second coordinate associated with the first coordinate through a preset formula according to the first coordinate and the random number; and generating a third coordinate associated with the second coordinate through the preset formula according to the second coordinate and the random number.
In some embodiments, for example, in this embodiment, when implementing the step of encrypting the first plaintext data and the second plaintext data according to the shared key, the first coordinate, and the second coordinate to generate the first encrypted data and the second encrypted data, the processor 302 specifically implements the following steps: encrypting the first plaintext data and the second plaintext data according to the first coordinate and the second coordinate respectively to generate a first commitment and a second commitment; converting the first plaintext data and the second plaintext data into binary forms to obtain first binary data and second binary data respectively, wherein the number of bits of the first binary data is N1, and the number of bits of the second binary data is N2; encrypting the first binary data and the second binary data according to the first coordinate, the second coordinate, and the shared key, respectively, to generate a first comparison commitment and a second comparison commitment, wherein the first comparison commitment comprises an N1-bit first binary commitment, and the second comparison commitment comprises an N2-bit second binary commitment; and respectively generating a first public key, a second public key, a first comparison public key and a second comparison public key corresponding to the first commitment, the second commitment, the first comparison commitment and the second comparison commitment according to the first coordinate, wherein the first comparison public key comprises an N1-bit first binary public key, and the second comparison public key comprises an N2-bit second binary public key.
In some embodiments, for example, in this embodiment, when the processor 302 implements the step of comparing the sizes of the first encrypted data and the second encrypted data to obtain the comparison result, the following steps are implemented: verifying whether the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent respectively; if the first and second comparison commitments are consistent, removing the shared key in the first and second comparison commitments to obtain a first and second target commitments corresponding to the first and second comparison commitments, respectively, wherein the first target commitment comprises an N1 bit first binary target commitment, and the second target comparison commitment comprises an N2 bit second binary target commitment; and obtaining a comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key.
In some embodiments, for example, in this embodiment, when the processor 302 performs the step of checking whether the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent, the following steps are specifically performed: performing binary summation on the first comparison commitment, the first comparison public key, the second comparison commitment and the second comparison public key respectively to obtain a first decimal commitment, a first decimal public key, a second decimal commitment and a second decimal public key; verifying whether the first commitment and the first comparative commitment are consistent according to the first commitment, the first decimal commitment, the first public key and the first decimal public key; verifying whether the second commitment and the second comparison commitment are consistent according to the second commitment, the second twentieth commitment, the second public key and the second twentieth public key.
In some embodiments, for example, in this embodiment, when the processor 302 implements the step of obtaining the comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key, the following steps are specifically implemented: for each bit of the first binary target commitment and each bit of the second binary target commitment, subtracting the second binary target commitment from the first binary target commitment to obtain a first comparative poor value; for each bit of the first binary public key and each bit of the second binary public key, subtracting the second binary public key from the first binary public key to obtain a first comparison public key difference value; sequentially comparing a coefficient before the first coordinate in the first comparison difference value and a coefficient before the second coordinate in the first comparison public key difference value from a high bit to a low bit to determine whether the bits of the first binary data and the second binary data are equal; if the bit of the first binary data is not equal to the bit of the second binary data, generating a third commitment and a third public key according to the first coordinate, the second coordinate and a preset value; subtracting the third commitment from the first comparison difference value to obtain a second comparison difference value; subtracting the third public key from the first comparison public key difference to obtain a second comparison public key difference; and obtaining a comparison result by comparing the coefficient before the first coordinate in the second comparison difference value with the coefficient before the second coordinate in the second comparison public key difference value.
It should be understood that, in the embodiment of the present Application, the Processor 302 may be a Central Processing Unit (CPU), and the Processor 302 may also be other general-purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and the like. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
It will be understood by those skilled in the art that all or part of the flow of the method implementing the above embodiments may be implemented by a computer program instructing associated hardware. The computer program may be stored in a storage medium, which is a computer-readable storage medium. The computer program is executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.
Accordingly, the present invention also provides a storage medium. The storage medium may be a computer-readable storage medium. The storage medium stores a computer program. The computer program, when executed by a processor, causes the processor to perform the steps of: if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request; randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula; generating a shared key through a DH key exchange algorithm according to the third coordinate; encrypting the first plaintext data and the second plaintext data respectively according to the shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data; and comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
In some embodiments, for example, in this embodiment, when the processor executes the computer program to implement the step of arbitrarily selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula, the following steps are specifically implemented: selecting a coordinate from the elliptic curve as a first coordinate; randomly generating a random number; generating a second coordinate associated with the first coordinate through a preset formula according to the first coordinate and the random number; and generating a third coordinate associated with the second coordinate through the preset formula according to the second coordinate and the random number.
In some embodiments, for example, in this embodiment, when the processor executes the computer program to implement the step of encrypting the first plaintext data and the second plaintext data according to the shared key, the first coordinate, and the second coordinate to generate the first encrypted data and the second encrypted data, the following steps are specifically implemented: encrypting the first plaintext data and the second plaintext data according to the first coordinate and the second coordinate respectively to generate a first commitment and a second commitment; converting the first plaintext data and the second plaintext data into binary forms to obtain first binary data and second binary data respectively, wherein the number of bits of the first binary data is N1, and the number of bits of the second binary data is N2; encrypting the first binary data and the second binary data according to the first coordinate, the second coordinate, and the shared key, respectively, to generate a first comparison commitment and a second comparison commitment, wherein the first comparison commitment comprises an N1-bit first binary commitment, and the second comparison commitment comprises an N2-bit second binary commitment; and respectively generating a first public key, a second public key, a first comparison public key and a second comparison public key corresponding to the first commitment, the second commitment, the first comparison commitment and the second comparison commitment according to the first coordinate, wherein the first comparison public key comprises an N1-bit first binary public key, and the second comparison public key comprises an N2-bit second binary public key.
In some embodiments, for example, in this embodiment, when the processor executes the computer program to implement the step of comparing the sizes of the first encrypted data and the second encrypted data to obtain the comparison result, the following steps are specifically implemented: verifying whether the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent respectively; if the first and second comparison commitments are consistent, removing the shared key in the first and second comparison commitments to obtain a first and second target commitments corresponding to the first and second comparison commitments, respectively, wherein the first target commitment comprises an N1 bit first binary target commitment, and the second target comparison commitment comprises an N2 bit second binary target commitment; and obtaining a comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key.
In some embodiments, for example, in this embodiment, when the processor executes the computer program to implement the step of checking whether the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent, the following steps are specifically implemented: performing binary summation on the first comparison commitment, the first comparison public key, the second comparison commitment and the second comparison public key respectively to obtain a first decimal commitment, a first decimal public key, a second decimal commitment and a second decimal public key; verifying whether the first commitment and the first comparative commitment are consistent according to the first commitment, the first decimal commitment, the first public key and the first decimal public key; verifying whether the second commitment and the second comparison commitment are consistent according to the second commitment, the second twentieth commitment, the second public key and the second twentieth public key.
In some embodiments, for example, in this embodiment, when the processor executes the computer program to implement the step of obtaining the comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key, the following steps are specifically implemented: for each bit of the first binary target commitment and each bit of the second binary target commitment, subtracting the second binary target commitment from the first binary target commitment to obtain a first comparative poor value; for each bit of the first binary public key and each bit of the second binary public key, subtracting the second binary public key from the first binary public key to obtain a first comparison public key difference value; sequentially comparing a coefficient before the first coordinate in the first comparison difference value and a coefficient before the second coordinate in the first comparison public key difference value from a high bit to a low bit to determine whether the bits of the first binary data and the second binary data are equal; if the bit of the first binary data is not equal to the bit of the second binary data, generating a third commitment and a third public key according to the first coordinate, the second coordinate and a preset value; subtracting the third commitment from the first comparison difference value to obtain a second comparison difference value; subtracting the third public key from the first comparison public key difference to obtain a second comparison public key difference; and obtaining a comparison result by comparing the coefficient before the first coordinate in the second comparison difference value with the coefficient before the second coordinate in the second comparison public key difference value.
The storage medium may be a usb disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk, which can store various computer readable storage media.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, various elements or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be merged, divided and deleted according to actual needs. In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a terminal, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, while the invention has been described with respect to the above-described embodiments, it will be understood that the invention is not limited thereto but may be embodied with various modifications and changes.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A data comparison method based on DH key exchange algorithm, comprising:
if a data comparison request is received, acquiring first plaintext data and second plaintext data corresponding to the data comparison request;
randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula;
generating a shared key through a DH key exchange algorithm according to the third coordinate;
encrypting the first plaintext data and the second plaintext data respectively according to the shared key, the first coordinate and the second coordinate to generate first encrypted data and second encrypted data;
and comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
2. The method according to claim 1, wherein the arbitrarily selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate by a preset formula comprises:
selecting a coordinate from the elliptic curve as a first coordinate;
randomly generating a random number;
generating a second coordinate associated with the first coordinate through a preset formula according to the first coordinate and the random number;
and generating a third coordinate associated with the second coordinate through the preset formula according to the second coordinate and the random number.
3. The method according to claim 1, wherein said encrypting the first plaintext data and the second plaintext data according to the shared key, the first coordinate, and the second coordinate, respectively, to generate first encrypted data and second encrypted data, comprises:
encrypting the first plaintext data and the second plaintext data according to the first coordinate and the second coordinate respectively to generate a first commitment and a second commitment;
converting the first plaintext data and the second plaintext data into binary forms to obtain first binary data and second binary data respectively, wherein the number of bits of the first binary data is N1, and the number of bits of the second binary data is N2;
encrypting the first binary data and the second binary data according to the first coordinate, the second coordinate, and the shared key, respectively, to generate a first comparison commitment and a second comparison commitment, wherein the first comparison commitment comprises an N1-bit first binary commitment, and the second comparison commitment comprises an N2-bit second binary commitment;
and respectively generating a first public key, a second public key, a first comparison public key and a second comparison public key corresponding to the first commitment, the second commitment, the first comparison commitment and the second comparison commitment according to the first coordinate, wherein the first comparison public key comprises an N1-bit first binary public key, and the second comparison public key comprises an N2-bit second binary public key.
4. The method of claim 3, wherein comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result comprises:
verifying whether the first commitment and the first comparison commitment, the second commitment and the second comparison commitment are consistent respectively;
if the first and second comparison commitments are consistent, removing the shared key in the first and second comparison commitments to obtain a first and second target commitments corresponding to the first and second comparison commitments, respectively, wherein the first target commitment comprises an N1 bit first binary target commitment, and the second target comparison commitment comprises an N2 bit second binary target commitment;
and obtaining a comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key.
5. The method of claim 4, wherein said verifying whether said first commitment and said first comparison commitment, said second commitment and said second comparison commitment, respectively, are identical comprises:
performing binary summation on the first comparison commitment, the first comparison public key, the second comparison commitment and the second comparison public key respectively to obtain a first decimal commitment, a first decimal public key, a second decimal commitment and a second decimal public key;
verifying whether the first commitment and the first comparative commitment are consistent according to the first commitment, the first decimal commitment, the first public key and the first decimal public key;
verifying whether the second commitment and the second comparison commitment are consistent according to the second commitment, the second twentieth commitment, the second public key and the second twentieth public key.
6. The method of claim 4, wherein obtaining a comparison result according to the first target commitment, the first comparison public key, the second target commitment and the second comparison public key comprises:
for each bit of the first binary target commitment and each bit of the second binary target commitment, subtracting the second binary target commitment from the first binary target commitment to obtain a first comparative poor value;
for each bit of the first binary public key and each bit of the second binary public key, subtracting the second binary public key from the first binary public key to obtain a first comparison public key difference value;
sequentially comparing a coefficient before the first coordinate in the first comparison difference value and a coefficient before the second coordinate in the first comparison public key difference value from a high bit to a low bit to determine whether the bits of the first binary data and the second binary data are equal;
and if the bit of the first binary data is not equal to the bit of the second binary data, continuing comparison through a preset comparison strategy to obtain a comparison result.
7. The method of claim 6, wherein the continuing the comparison by the preset comparison strategy to obtain the comparison result comprises:
generating a third commitment and a third public key according to the first coordinate, the second coordinate and a preset value;
subtracting the third commitment from the first comparison difference value to obtain a second comparison difference value;
subtracting the third public key from the first comparison public key difference to obtain a second comparison public key difference;
and obtaining a comparison result by comparing the coefficient before the first coordinate in the second comparison difference value with the coefficient before the second coordinate in the second comparison public key difference value.
8. A data comparison apparatus based on a DH key exchange algorithm, comprising:
the device comprises an acquisition unit, a comparison unit and a comparison unit, wherein the acquisition unit is used for acquiring first plaintext data and second plaintext data corresponding to a data comparison request if the data comparison request is received;
the device comprises a first generating unit, a second generating unit and a third generating unit, wherein the first generating unit is used for randomly selecting a coordinate from an elliptic curve as a first coordinate and generating a second coordinate associated with the first coordinate and a third coordinate associated with the second coordinate through a preset formula;
a second generating unit, configured to generate a shared key through a DH key exchange algorithm according to the third coordinate;
an encryption unit configured to encrypt the first plaintext data and the second plaintext data according to the shared key, the first coordinate, and the second coordinate, respectively, to generate first encrypted data and second encrypted data;
and the comparison unit is used for comparing the sizes of the first encrypted data and the second encrypted data to obtain a comparison result.
9. A computer arrangement, characterized in that the computer arrangement comprises a memory having stored thereon a computer program and a processor implementing the method according to any of claims 1-7 when executing the computer program.
10. A computer-readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method according to any one of claims 1-7.
CN202110281954.4A 2021-03-16 2021-03-16 Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium Active CN113014384B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110281954.4A CN113014384B (en) 2021-03-16 2021-03-16 Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110281954.4A CN113014384B (en) 2021-03-16 2021-03-16 Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113014384A true CN113014384A (en) 2021-06-22
CN113014384B CN113014384B (en) 2022-07-15

Family

ID=76408410

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110281954.4A Active CN113014384B (en) 2021-03-16 2021-03-16 Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113014384B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150310188A1 (en) * 2014-04-23 2015-10-29 Intralinks, Inc. Systems and methods of secure data exchange
CN109937557A (en) * 2018-11-27 2019-06-25 阿里巴巴集团控股有限公司 System and method for information protection
CN109964446A (en) * 2018-06-08 2019-07-02 北京大学深圳研究生院 A kind of common recognition method based on ballot
CN110399735A (en) * 2019-06-21 2019-11-01 深圳壹账通智能科技有限公司 Encryption data size relation method of proof, device, equipment and storage medium
US20190361917A1 (en) * 2018-05-25 2019-11-28 Bao Tran Smart device
CN110719159A (en) * 2019-09-24 2020-01-21 河南师范大学 Multi-party privacy set intersection method for resisting malicious enemies
WO2020181162A1 (en) * 2019-03-07 2020-09-10 Mastercard International Incorporated User verification for credential device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150310188A1 (en) * 2014-04-23 2015-10-29 Intralinks, Inc. Systems and methods of secure data exchange
US20190361917A1 (en) * 2018-05-25 2019-11-28 Bao Tran Smart device
CN109964446A (en) * 2018-06-08 2019-07-02 北京大学深圳研究生院 A kind of common recognition method based on ballot
CN109937557A (en) * 2018-11-27 2019-06-25 阿里巴巴集团控股有限公司 System and method for information protection
WO2020181162A1 (en) * 2019-03-07 2020-09-10 Mastercard International Incorporated User verification for credential device
CN110399735A (en) * 2019-06-21 2019-11-01 深圳壹账通智能科技有限公司 Encryption data size relation method of proof, device, equipment and storage medium
CN110719159A (en) * 2019-09-24 2020-01-21 河南师范大学 Multi-party privacy set intersection method for resisting malicious enemies

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ADAM MACKENZIE: "RING CONFIDENTIAL TRANSACTIONS", 《LEDGER》 *
ANDREW POELSTRA: "Confidential Assets", 《FC 2018 FINANCIAL CRYPTOGRAPHY AND DATA SECURITY》 *
董贵山等: "区块链应用中的隐私保护策略研究", 《计算机科学》 *

Also Published As

Publication number Publication date
CN113014384B (en) 2022-07-15

Similar Documents

Publication Publication Date Title
WO2020181822A1 (en) Method and apparatus for checking consistency of encrypted data, and computer device and storage medium
CN113225186B (en) Private data intersection solving method and device, computer equipment and storage medium
CN109447791B (en) Block chain-based fund transaction method and device
US7451325B2 (en) Methods, systems and computer program products for detecting tampering of electronic equipment by varying a verification process
CN112187469B (en) SM2 multiparty collaborative digital signature method and system based on key factors
US20200076592A1 (en) Method for generating seed and device thereof
CN108989339B (en) Ciphertext encryption method, system and storage medium with strategy hiding function
CN111026359B (en) Method and device for judging numerical range of private data in multi-party combination manner
CN109145651B (en) Data processing method and device
CN112464155B (en) Data processing method, multiparty secure computing system and electronic equipment
CN114417364A (en) Data encryption method, federal modeling method, apparatus and computer device
CN112507326B (en) Encryption method and device for password information based on SM3 hash algorithm and computer equipment
CN114239019A (en) Method, device and system for determining number of shared data for protecting privacy data
CN116112182A (en) Digital signature method, device, electronic equipment and storage medium
CN112287366A (en) Data encryption method and device, computer equipment and storage medium
CN111431908A (en) Access processing method and device and readable storage medium
CN113014384B (en) Data comparison method and device based on DH key exchange algorithm, computer equipment and storage medium
CN110611568B (en) Dynamic encryption and decryption method, device and equipment based on multiple encryption and decryption algorithms
CN114239004A (en) Electronic signature generation method and device, computer equipment and storage medium
CN114745173A (en) Login verification method, login verification device, computer equipment, storage medium and program product
CN108847937B (en) Key processing method, device, equipment and medium
WO2021114407A1 (en) Error correction code-based cloud storage auditing method, system, and computer apparatus
CN115081034B (en) Trusted processor chip realized by multiple redundancy modes and on-chip trusted measurement method
CN112749964B (en) Information monitoring method, system, equipment and storage medium
CN116260572B (en) Data hash processing method, data verification method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant