CN114726542A - Data transmission method and device based on privacy intersection - Google Patents
Data transmission method and device based on privacy intersection Download PDFInfo
- Publication number
- CN114726542A CN114726542A CN202210368082.XA CN202210368082A CN114726542A CN 114726542 A CN114726542 A CN 114726542A CN 202210368082 A CN202210368082 A CN 202210368082A CN 114726542 A CN114726542 A CN 114726542A
- Authority
- CN
- China
- Prior art keywords
- data
- data set
- intersection
- user identifier
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 230000005540 biological transmission Effects 0.000 title claims abstract description 25
- 238000012545 processing Methods 0.000 claims description 48
- 238000004364 calculation method Methods 0.000 claims description 37
- 238000004590 computer program Methods 0.000 claims description 8
- 239000000654 additive Substances 0.000 description 8
- 230000000996 additive effect Effects 0.000 description 8
- 238000007781 pre-processing Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 201000004569 Blindness Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 239000003999 initiator Substances 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3257—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a data transmission method based on privacy intersection. And the first equipment receives the second data set, and blinds the second data in the second data set to obtain a third data set. And the first equipment receives a fourth data set sent by the second equipment, wherein the fourth data set is obtained by the second equipment through signing the user identification stored by the second equipment. And the first equipment performs intersection on the third data set and the fourth data set to obtain an intersection set. And the first equipment processes the intersection set in an addition secret sharing mode to obtain a second intersection set, and sends the second intersection set to the second equipment. Namely, the method and the device protect the intersection result in an addition secret sharing mode and protect the data of the party with the label.
Description
Technical Field
The application relates to the technical field of data processing, in particular to a data transmission method and device based on privacy intersection.
Background
The method comprises the following steps that a Privacy Set Intersection (PSI) participating party and a party obtain the Intersection of data held by the party and the party under the condition that no additional information is leaked. Wherein the additional information refers to any information other than the data intersection of the two parties. The privacy set submission is very useful in a real-world scenario, is a key prepositive step in longitudinal federal learning, is used for finding a data sample shared by multiple manufacturers before joint calculation of the multiple manufacturers, and does not expose a sample unique to each manufacturer.
However, in practical application scenarios, the intersection result is often visible to both parties, which presents a safety hazard to the party with the tag value.
Disclosure of Invention
In view of this, the present application provides a data transmission method and apparatus based on privacy intersection, so as to implement secure transmission of intersection results without exposing the intersection results.
In order to achieve the purpose, the technical scheme provided by the application is as follows:
in a first aspect of the present application, a data transmission method based on privacy intersection is provided, where the method includes:
the method comprises the steps that a first device obtains a first data set, wherein the first data set comprises m first data to be signed, the m first data to be signed are data obtained after blind processing of m user identifications, and m is a positive integer greater than or equal to 1;
the first device sends the first data set to a second device so that the second device signs each first data to be signed in the first data set;
the first device receives a second data set sent by the second device, wherein the second data set comprises m pieces of second data carrying signatures, and the second data set is obtained by the first device through signature processing on first data in the first data set by using a private key;
the first device performs blinding removal processing on the second data set to obtain a third data set, where the third data set includes m third data, and the third data is signature data of a user identifier;
the first device receives a fourth data set sent by the second device, where the fourth data set is obtained by the second device after signature processing is performed on k user identifiers stored in the second device, the fourth data set includes k fourth data, and the fourth data is signature data of the user identifiers;
the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set, where data in the intersection set is located in the third data set and the fourth data set;
the first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set;
the first device sends the second intersection set to the second device.
In a second aspect of the present application, there is provided a data transmission apparatus based on privacy intersection, the apparatus including:
the device comprises an acquisition unit, a signature generation unit and a signature generation unit, wherein the acquisition unit is used for acquiring a first data set, the first data set comprises m first data to be signed, the m first data to be signed are data obtained by performing blind processing on m user identifications, and m is a positive integer greater than or equal to 1;
a sending unit, configured to send the first data set to a second device, so that the second device signs each first data to be signed in the first data set;
a receiving unit, configured to receive a second data set sent by the second device, where the second data set includes m pieces of second data with signatures, and the second data set is obtained by the first device through signature processing of first data in the first data set by using a private key;
the processing unit is used for performing blind removal processing on the second data set to obtain a third data set, wherein the third data set comprises m third data, and the third data is signature data of a user identifier;
the receiving unit is further configured to receive a fourth data set sent by the second device, where the fourth data set is obtained by the second device after signature processing is performed on k user identifiers stored in the second device, the fourth data set includes k fourth data, and the fourth data is signature data of the user identifiers;
the intersection solving unit is used for performing intersection solving according to the third data set and the fourth data set to obtain an intersection set, and data in the intersection set are located in the third data set and the fourth data set;
the processing unit is further configured to process the intersection set in an addition secret sharing manner to obtain a first intersection set and a second intersection set;
the sending unit is further configured to send the second intersection set to the second device.
In a third aspect of embodiments of the present application, there is provided an electronic device, including: a processor, a memory;
the memory for storing computer readable instructions or a computer program;
the processor is configured to read the computer readable instructions or the computer program, so as to enable the electronic device to implement the data transmission method based on privacy intersection according to the first aspect.
In a fourth aspect of the present application, a computer-readable storage medium is provided, where instructions are stored, and when the instructions are executed on a device, the device is caused to execute the data transmission method based on privacy intersection according to the first aspect.
In a fifth aspect of the present application, a computer program product is provided, which when run on a computer, causes the computer to execute the data transmission method based on privacy intersection of the first aspect.
Therefore, the application has the following beneficial effects:
in the application, a first device, which is a party initiating a signature, acquires a first data set, where the first data set includes m first data to be signed, and the m first data to be signed are data that have been subjected to blinding processing. The first device sends the first data set to a second device (signer) so that the second device signs the first data in the first data set by using a private key to obtain a second data set. And after receiving the second data set, the first device performs blindness removal processing on the second data in the second data set to obtain a third data set, wherein the third data set comprises the signatures of the m user identifications. The first device further receives a fourth data set sent by the second device, where the fourth data set is obtained by the second device after signature processing is performed on k user identifiers stored in the second device, and includes k fourth data, and the fourth data is signature data of the user identifiers. And the first device performs intersection on the third data set and the fourth data set to obtain an intersection set, wherein the data in the intersection set is included in both the third data set and the fourth data set. The first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set, and sends the second intersection set to the second device. That is, the intersection result is protected in an addition secret sharing manner, so that the second device cannot directly know the user identifier when receiving the second intersection set, and data of the party (the first device) with the tag is protected.
Drawings
Fig. 1 is a flowchart of a data transmission method based on privacy intersection according to an embodiment of the present application;
fig. 2 is a schematic view of an application scenario provided in an embodiment of the present application;
fig. 3 is a block diagram of a data transmission apparatus based on privacy negotiation according to an embodiment of the present application.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, embodiments accompanying the drawings are described in detail below.
In order to facilitate understanding of the technical solutions of the embodiments of the present application, the following description will first discuss technical terms related to the embodiments of the present application.
The PSI in the application adopts a privacy cross-cut technology based on public key encryption blind signature, namely an RSA blind signature technology. In addition to satisfying the general digital signature condition, the blind signature technique must satisfy the following two properties: 1. the signer is invisible to the messages he signs, i.e. the signer does not know the specific content of the messages he signs. 2. The signed message is not traceable, i.e. after the signed message is published, the signer cannot know which time this was signed by him.
The process of blind signature is: (1) the user firstly carries out blinding processing on the message, so that a signer can not identify the content of the message; (2) the user sends the blinded message to the signer; (3) the signer signs the blinded message; (4) the signer returns the blind message and the signature to the user; (5) and after receiving the blinded message and the signature returned by the signer, the user performs blind removal processing to obtain the signature of the signer on the original message.
The method comprises the steps that a user is marked as A, a signer is marked as B, a public key of the signer is marked as e, a private key of the signer is marked as d, and a public modulus n is marked, and the user A requests the user B to blindly sign a message m.
1. Blind message m ═ m re*(mod n);
2. Signature message s ═ (m')d*(mod n);
3. Except for blind message, s ═ s'. r-1*(mod n)。
Additive Secret Sharing (ASS): the data owner has a piece of data x, which is now shared secret to both parties a, B, party a randomly getting part of it (encrypted) and party B randomly getting part of it (encrypted). When data recovery or calculation is needed, one party sends own data to the other party, or sends the data to a third party together.
Wherein, Additive has two meanings: 1. additive sharing (emphasis): this processUnlike general secret sharing, all the sharing processes are realized by additive sharing, that is, for each shared information, x is equal to<x>a+<x>b(ii) a 2. Additional information: the encryption is completed by sharing extra (additive) information on the original data, and the extra information needs to be stripped according to a certain rule during decryption.
Based on the above description, the data transmission method provided in the present application will be described below with reference to the accompanying drawings.
Referring to fig. 1, which is a flowchart of a data transmission method based on privacy intersection provided in an embodiment of the present application, as shown in fig. 1, the method may include:
s101: the first device obtains a first data set comprising m first data to be signed.
In this embodiment, as a signature initiator, a first device first acquires a first data set including one or more data to be signed. The first data in the first data set is data of the user identification after the blinding processing.
The specific implementation of the first device for performing the blinding processing on the user identifier includes: the method comprises the steps that a first device obtains an initial data set, wherein the initial data set comprises m user identifications; the first equipment acquires a random number set, wherein the random number set comprises m random numbers, and the random numbers correspond to the user identifications one to one. And aiming at any random number, the first equipment generates a blinding factor of the user identifier corresponding to the random number according to the public key and the random number. The first equipment carries out Hash calculation on the user identification to obtain the processed user identification; and for any processed user identifier, multiplying the processed user identifier by a blinding factor corresponding to the processed user identifier by the first equipment to obtain a first data set. Each random number in the random number set is relatively prime to the modulus n, the public key e and the private key d are a key pair, the key pair is generated by the second device, and the public key is sent to the first device.
For example, the initial data set obtained by the first device is a user identifier list { P1, P2, …, P m } stored by the first device, and Pi represents the ith user identifier in the initial data set.
The first device generates a random number set R ═ { R1, R2, …, Rk }, Ri denotes the ith random number in the random number set, and Ri corresponds to Pi. The length of Ri may be determined according to practical applications, for example, Ri is a 128-bit random number.
The blinding factor corresponding to the ith user identifier is (Ri)e*mod n。
For each user identifier Pi, a hash calculation may be performed to obtain a hash value of the user identifier, i.e., the processed user identifier hash (Pi). The preprocessing step is optional, and if the first device performs hash calculation on the user identifier, the second device also performs hash calculation on the user identifier before signing the user identifier stored in the second device, so that the processing of the user identifiers by the two devices is kept consistent.
Multiplying the hash value of the user identifier by the corresponding blinding factor to obtain first data: y (i) { [ (Ri)e*mod n]*Hash(Pi)}。
S102: the first device sends the first set of data to the second device.
S103: the second device signs the first data in the first data set by using the private key to obtain a second data set.
In this embodiment, after acquiring the first data set, the first device sends the first data set to the second device, so that the second device signs the first data in the first data set to obtain the second data set. Wherein the second data set comprises m second data carrying the signature. Specifically, the second device signs each first data with a private key to obtain second data. For example, the second device signs the first data using a fast power modulo algorithm, Z (i) Y (i)dmod n。
When the second device signs, the corresponding signing object is the first data and is not the user identifier, so that the confidentiality of the user identifier in the first data can be ensured, and the second device cannot know the signed user identifier.
S104: the second device sends the second set of data to the first device.
And after finishing the signature, the second device sends a second data set obtained after the signature to the second device, so that the first device processes the signature data for the user identifier.
S105: and the first equipment performs blind removal processing on the second data set to obtain a third data set.
When the second device performs signature, the signed object is the first data, that is, the data of the user identifier after the blinding processing, and the first device needs to perform the blinding processing on the second data in the second data set in order to obtain the signature data for the user identifier.
Optionally, if the blinding removal processing is the reverse process of the blinding processing, the first device divides any second data in the second data set by the random number corresponding to the user identifier in the second data, to obtain a third data set. For example, the third data is { [ (Ri)e mod n]*Hash(Pi)}d mod n/Ri=[Hash(Pi)]d mod n。
It should be noted that, if the first device pre-processes the user identifier, the third data is [ hash (pi)]dmod n, the signature data for the hash value of the user identification. If the first setting does not preprocess the user identification, the third data is (Pi)]dmod n, the signature data for the user identification.
After blind removal processing is carried out, in order to verify that the obtained signature data is a signature of second equipment to obtain data, aiming at any one third data, the first equipment utilizes a public key to calculate the third data to obtain a first calculation result; and when the first calculation result is equal to the processed user identifier corresponding to the user identifier in the third data, the first device determines that the third data is the signature data generated by the second device. Specifically, the first device performs fast power modulo calculation on the third data by using the public key to obtain a first calculation result. For example, the first calculation result ═ third data]e mod n=[[Hash(Pi)]d mod n]emod n, if the first calculation result is hash (pi), indicating that the third data is signature data generated by the second device.
If the first calculation result is not equal to the processed user identifier corresponding to the user identifier in the third data, the first device respectively remainders the modulus n and the random number corresponding to the user identifier in the second data for any second data in the second data set to obtain a first remainder and second data; the first equipment determines a target numerical value according to the first remainder, the second remainder and the random number; the first equipment multiplies the target numerical value by the modulus, adds second data, and places the sum in a random number to obtain a second calculation result; the first device generates a third data set using the second calculation result. The target data satisfies a preset condition, the preset condition is that the sum of the product of the target numerical value and the second remainder and the first remainder can be divided by the random number, and the target numerical value is the minimum value of a plurality of numerical values satisfying the preset condition.
Specifically, the remainders of Z (i) and modulus n for Ri are calculated as modZ (i) (first remainder) and modn (second remainder), respectively. The loop calculates the smallest positive integer ti (the target value) so that (ti x modn + modz (i)) can be divided by Ri. After ti is obtained, (ti x n + Z (i))/Ri is calculated, and the calculation result is used as signature data of the ith user identifier [ Hash (Pi))]d mod n。
Through the above calculation, a second calculation result corresponding to each second data may be obtained, and then a third data set is generated using a plurality of second calculation results.
S106: and the second equipment signs the k user identifications stored by the second equipment to obtain a fourth data set.
In order to implement the intersection, the second device also needs to sign k user identifiers stored in the second device to obtain a fourth data set. The fourth data set includes k fourth data, which are signature data of the user identification.
Optionally, if the first device performs a preprocessing operation on the user identifier stored in the first device, the second device also performs a preprocessing operation on the user identifier stored in the second device, and then the second device performs a preprocessing operation on the user identifier stored in the second deviceAnd after the signature is carried out, fourth data is obtained, and the fourth data is the signature data of the processed user identifier. For example, if the hash calculation is preprocessed, the fourth data is [ Hash (Qi)]dmod n, signature data for the hash value identified for the user.
It should be noted that, in this embodiment, the execution sequence of S105 and S106 is not limited, and S106 may be executed first, and then S105 may be executed, or S105 and S106 may be executed simultaneously.
S107: the second device sends the fourth set of data to the first device.
S108: and the first equipment performs intersection according to the third data set and the fourth data set to obtain an intersection set.
And after obtaining the fourth data set, the second device sends the fourth data set to the first device, so that the first device performs intersection on the third data set and the fourth data set after receiving the fourth data set to obtain an intersection set. And the data in the intersection set is contained in the third data set and the fourth data set.
Optionally, when fourth data in the fourth data set is obtained by performing hash calculation on the user identifier stored in the second device by the second device first, then performing signature and then performing hash calculation again, the first device performs hash calculation on the third data before performing intersection, so as to obtain a processed third data set. And then, the first device performs intersection according to the processed third data set and the fourth data set to obtain an intersection set. For example, the processed third data set DPi ═ Hash { [ Hash (pi) ]]dmod n, a fourth data set DQi ═ Hash { [ Hash (qi) ]]dmod n, the data in the set is the hash of the signature value of the hash value of the user identification.
S109: and the first device processes the intersection set in an additive secret sharing mode to obtain a first intersection set and a second intersection set.
After obtaining the intersection set, the first device divides the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set. And the first intersection set and the second intersection set are both partially encrypted information in the intersection set. That is, the union of the first set of intersections and the second set of intersections is the set of intersections.
S110: the first device sends the second intersection set to the second device.
The first device sends the second intersection set to the second device, so that the second device can store the encrypted second intersection set, and therefore the second device can be prevented from knowing that the user identifier with the intersection exists, and the protection information is exposed.
Optionally, the first device sends the second intersection set to the second device via an oblivious transport protocol. The oblivious transmission protocol is a cryptographic protocol in which the message sender sends one message to the receiver from among some messages to be sent, but it is still unknown which message was sent afterwards. That is, the first device is unaware of the second set of intersections sent to the second device.
Optionally, when the first device needs to perform model training using the intersection set, it may request the second device to send the second intersection set to the first device. The first device, upon receiving the second set of intersections, in combination with the first set of intersections, may reduce the set of intersections.
Through the embodiment, the first device acquires a first data set, where the first data set includes m first data to be signed, and the m first data to be signed are data that have been subjected to blinding processing. The first device sends the first data set to a second device (signer) so that the second device signs the first data in the first data set by using a private key to obtain a second data set. And after receiving the second data set, the first device performs blind removal processing on the second data in the second data set to obtain a third data set, wherein the third data set comprises the signatures of the m user identifications. The first device further receives a fourth data set sent by the second device, where the fourth data set is obtained by the first device after signature processing is performed on k user identifiers stored in the first device, and includes k fourth data, and the fourth data is signature data of the user identifiers. And the first device performs intersection on the third data set and the fourth data set to obtain an intersection set, wherein the data in the intersection set is included in both the third data set and the fourth data set. The first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set, and sends the second intersection set to the second device. Namely, the intersection result is protected in an addition secret sharing manner, so that the second device cannot directly know the user identifier when receiving the second intersection set, and data of the party (the first device) with the tag is protected.
For facilitating understanding of sending the second intersection set to the second device through additive secret sharing in the embodiment of the present application, refer to an application scenario diagram shown in fig. 2. As shown in fig. 2, in this application scenario, a participant a (with a tag) and a participant B are included, for example, the participant a may provide insurance purchase data, the participant B is e-commerce user data, and in order to avoid which users can quit purchasing insurance in conjunction with the intersection result, the intersection result is sent to the participant B in a manner of additive secret sharing when the intersection result is sent to the participant B. Specifically, the intersection result X is shared to the participant A and the participant B in a secret way, and the encryption result is { X }aAnd { x }b. Participant a will { x } using an oblivious transport protocolbAnd extra data c to party B. When participant a needs to restore the intersection result x, participant B will share result c { x }bAnd sending the data to the participant A, and restoring the data by the participant A.
Based on the above method embodiment, an embodiment of the present application further provides a data transmission device, which will be described below with reference to the accompanying drawings.
Referring to fig. 3, which is a structural diagram of a data transmission apparatus based on privacy intersection according to an embodiment of the present application, as shown in fig. 3, the apparatus includes: acquisition section 301, transmission section 302, reception section 303, processing section 304, and intersection finding section 305.
An obtaining unit 301, configured to obtain a first data set, where the first data set includes m first data to be signed, where the m first data to be signed are data obtained by performing blind processing on m user identifiers, and m is a positive integer greater than or equal to 1;
a sending unit 302, configured to send the first data set to a second device, so that the second device signs each first data to be signed in the first data set;
a receiving unit 303, configured to receive a second data set sent by the second device, where the second data set includes m pieces of second data with signatures, and the second data set is obtained by the first device through signature processing on first data in the first data set by using a private key;
a processing unit 304, configured to perform blind removal processing on the second data set to obtain a third data set, where the third data set includes m third data, and the third data is signature data of a user identifier;
a receiving unit 303, further configured to receive a fourth data set sent by the second device, where the fourth data set is obtained by signature processing performed on k user identifiers stored by the second device, the fourth data set includes k fourth data, and the fourth data is signature data of the user identifiers;
an intersection solving unit 305, configured to perform intersection solving according to the third data set and the fourth data set to obtain an intersection set, where data in the intersection set is located in the third data set and the fourth data set;
the processing unit 304 is further configured to process the intersection set in an addition secret sharing manner to obtain a first intersection set and a second intersection set;
a sending unit 302, configured to send the second intersection set to the second device.
In a specific implementation, the sending unit 302 is specifically configured to send the second intersection set to the second device through an oblivious transfer protocol.
In a specific implementation manner, the obtaining unit 301 is specifically configured to obtain, by the first device, an initial data set, where the initial data set includes the m user identifiers; acquiring a random number set, wherein the random number set comprises m random numbers, and the random numbers correspond to the user identifications one to one; generating a blinding factor of a user identifier corresponding to the random number according to a public key and the random number aiming at any random number in the random number set, wherein the public key and the private key are a key pair; performing hash calculation on any user identifier in the initial data set to obtain a processed user identifier; and for any processed user identifier, multiplying the processed user identifier and a blinding factor corresponding to the processed user identifier to obtain a first data set.
In a specific implementation manner, the processing unit 304 is specifically configured to, for any second data in the second data set, divide the second data by a random number corresponding to a user identifier in the second data, and obtain a third data set.
In a specific implementation manner, the processing unit 304, before obtaining a third data set and performing intersection, is further configured to calculate, by using the public key, any third data in the third data set, to obtain a first calculation result; and when the first calculation result is equal to the processed user identifier corresponding to the user identifier in the third data, determining that the third data is the signature data generated by the second device.
In a specific implementation manner, when the first calculation result is not equal to the processed user identifier corresponding to the user identifier in the third data, the processing unit 304 is further configured to, for any second data in the second data set, respectively remainder the second data and the modulus with respect to a random number corresponding to the user identifier in the second data, so as to obtain a first remainder and a second remainder; determining a target numerical value according to the first remainder, the second remainder and the random number, wherein the target numerical value meets a preset condition, the preset condition is that the sum of the product of the target numerical value and the second remainder and the first remainder can be divided by the random number, and the target numerical value is the minimum value of a plurality of numerical values meeting the preset condition; multiplying the target value by the modulus, adding the second data, and dividing the sum by the random number to obtain a second calculation result; and generating a third data set by using the second calculation result.
In a specific implementation manner, the intersection unit 305 is further configured to, when the fourth data set is obtained by the second device after signing and hashing k user identifiers stored in the fourth data set, specifically, perform hash calculation on any third data in the third data set to obtain a processed third data set; and performing intersection according to the processed third data set and the fourth data set to obtain an intersection set.
It should be noted that, for specific implementation of each unit in this embodiment, reference may be made to relevant description in the foregoing method embodiment, and this embodiment is not described herein again.
In addition, an embodiment of the present application provides an apparatus, including: a processor, a memory;
the memory for storing computer readable instructions or a computer program;
the processor is configured to read the computer readable instructions or the computer program to enable the device to implement the data transmission method.
Embodiments of the present application provide a computer-readable storage medium including instructions or a computer program, which when run on a computer, cause the computer to perform the data transmission method described above.
It should be noted that, in the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the system or the device disclosed by the embodiment, the description is simple because the system or the device corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" is used to describe the association relationship of the associated object, indicating that there may be three relationships, for example, "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A data transmission method based on privacy intersection is characterized by comprising the following steps:
a first device acquires a first data set, wherein the first data set comprises m first data to be signed, the m first data to be signed are data obtained by conducting blinding processing on m user identifications, and m is a positive integer greater than or equal to 1;
the first device sends the first data set to a second device so that the second device signs each first data to be signed in the first data set;
the first device receives a second data set sent by the second device, wherein the second data set comprises m pieces of second data carrying signatures, and the second data set is obtained by the first device through signature processing on first data in the first data set by using a private key;
the first device performs blinding removal processing on the second data set to obtain a third data set, where the third data set includes m third data, and the third data is signature data of a user identifier;
the first device receives a fourth data set sent by the second device, where the fourth data set is obtained by the second device after signing k user identifiers stored in the second device, the fourth data set includes k fourth data, and the fourth data is signature data of the user identifiers;
the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set, wherein data in the intersection set are located in the third data set and the fourth data set;
the first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set;
the first device sends the second set of intersections to the second device.
2. The method of claim 1, wherein the first device sending the second set of intersections to the second device comprises:
the first device sends the second intersection set to the second device via an oblivious transport protocol.
3. The method of claim 1 or 2, wherein the first device obtains a first set of data, comprising:
the first device acquires an initial data set, wherein the initial data set comprises the m user identifications;
the first equipment acquires a random number set, wherein the random number set comprises m random numbers, and the random numbers correspond to the user identifications one to one;
aiming at any random number in the random number set, the first device generates a blinding factor of a user identifier corresponding to the random number according to a public key and the random number, wherein the public key and the private key are a key pair;
aiming at any user identifier in the initial data set, the first equipment performs hash calculation on the user identifier to obtain a processed user identifier;
and for any processed user identifier, multiplying the processed user identifier by a blinding factor corresponding to the processed user identifier by the first device to obtain a first data set.
4. The method of claim 3, wherein the first device blindly processes the second data set to obtain a third data set, and wherein the blind processing comprises:
and for any second data in the second data set, the first device divides the second data by a random number corresponding to the user identification in the second data to obtain a third data set.
5. The method of claim 4, wherein, prior to obtaining the third set of data and prior to performing the intersection, the method further comprises:
for any third data in the third data set, the first device calculates the third data by using the public key to obtain a first calculation result;
and when the first calculation result is equal to the processed user identifier corresponding to the user identifier in the third data, the first device determines that the third data is the signature data generated by the second device.
6. The method of claim 5, further comprising:
when the first calculation result is not equal to the processed user identifier corresponding to the user identifier in the third data, the first device respectively performs remainder on the random numbers corresponding to the user identifiers in the second data by using the second data and the modulus to obtain a first remainder and a second remainder for any second data in the second data set;
the first equipment determines a target numerical value according to the first remainder, the second remainder and the random number, the target numerical value meets a preset condition, the preset condition is that the sum of the product of the target numerical value and the second remainder and the first remainder can be divided by the random number, and the target numerical value is the minimum value of a plurality of numerical values meeting the preset condition;
the first equipment multiplies the target numerical value by the modulus, adds the second data, and divides the sum value by the random number to obtain a second calculation result;
the first device generates a third data set using the second calculation result.
7. The method according to any one of claims 4 to 6, wherein the fourth data set is obtained by the second device after signing and hashing k user identifiers stored in the second device, and the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set, including:
for any third data in the third data set, the first device performs hash calculation on the third data to obtain a processed third data set;
and the first equipment performs intersection according to the processed third data set and the fourth data set to obtain an intersection set.
8. An apparatus for data transmission based on privacy intersection, the apparatus comprising:
the device comprises an acquisition unit, a signature generation unit and a signature generation unit, wherein the acquisition unit is used for acquiring a first data set, the first data set comprises m first data to be signed, the m first data to be signed are data obtained by performing blind processing on m user identifications, and m is a positive integer greater than or equal to 1;
a sending unit, configured to send the first data set to a second device, so that the second device signs each first data to be signed in the first data set;
a receiving unit, configured to receive a second data set sent by the second device, where the second data set includes m pieces of second data with signatures, and the second data set is obtained by the first device through signature processing of first data in the first data set by using a private key;
the processing unit is used for performing blind removal processing on the second data set to obtain a third data set, wherein the third data set comprises m third data, and the third data is signature data of a user identifier;
the receiving unit is further configured to receive a fourth data set sent by the second device, where the fourth data set is obtained by the second device after signature processing is performed on k user identifiers stored in the second device, the fourth data set includes k fourth data, and the fourth data is signature data of the user identifiers;
the intersection solving unit is used for performing intersection solving according to the third data set and the fourth data set to obtain an intersection set, and data in the intersection set are located in the third data set and the fourth data set;
the processing unit is further configured to process the intersection set in an addition secret sharing manner to obtain a first intersection set and a second intersection set;
the sending unit is further configured to send the second intersection set to the second device.
9. An electronic device, comprising: a processor, a memory;
the memory for storing computer readable instructions or a computer program;
the processor is configured to read the computer readable instructions or the computer program to enable the electronic device to implement the data transmission method based on privacy claim 1 to 7.
10. A computer-readable storage medium having stored therein instructions that, when run on a device, cause the device to perform the privacy intersection-based data transmission method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210368082.XA CN114726542B (en) | 2022-04-08 | 2022-04-08 | Data transmission method and device based on privacy intersection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210368082.XA CN114726542B (en) | 2022-04-08 | 2022-04-08 | Data transmission method and device based on privacy intersection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114726542A true CN114726542A (en) | 2022-07-08 |
| CN114726542B CN114726542B (en) | 2024-04-09 |
Family
ID=82240965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210368082.XA Active CN114726542B (en) | 2022-04-08 | 2022-04-08 | Data transmission method and device based on privacy intersection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114726542B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116821936A (en) * | 2023-06-30 | 2023-09-29 | 北京海泰方圆科技股份有限公司 | Method and device for determining data intersection |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018119670A1 (en) * | 2016-12-27 | 2018-07-05 | 深圳大学 | Method and device for certificateless partially blind signature |
| CN109274501A (en) * | 2018-10-25 | 2019-01-25 | 广西师范大学 | License block chain method for secret protection based on Proxy Signature |
| CN109818730A (en) * | 2019-03-06 | 2019-05-28 | 矩阵元技术(深圳)有限公司 | Acquisition methods, device and the server of Proxy Signature |
| CN113032840A (en) * | 2021-05-26 | 2021-06-25 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and computer readable storage medium |
| CN113127916A (en) * | 2021-05-18 | 2021-07-16 | 腾讯科技(深圳)有限公司 | Data set processing method, data processing device and storage medium |
| US20210234689A1 (en) * | 2020-08-07 | 2021-07-29 | Beijing Baidu Netcom Science And Technology Co., Ltd. | Method and apparatus for obtaining privacy set intersection, device and storage medium |
| CN113434888A (en) * | 2021-07-06 | 2021-09-24 | 建信金融科技有限责任公司 | Data sharing method, device, equipment and system |
| CN113569267A (en) * | 2021-09-23 | 2021-10-29 | 上海钐昆网络科技有限公司 | Privacy safety data set intersection method, device, equipment and storage medium |
| US20210377050A1 (en) * | 2018-01-16 | 2021-12-02 | nChain Holdings Limited | Computer implemented method and system for obtaining digitally signed data |
| CN113761570A (en) * | 2021-08-16 | 2021-12-07 | 高语澈 | Privacy intersection-oriented data interaction method |
| US20220004654A1 (en) * | 2018-04-19 | 2022-01-06 | Google Llc | Security measures for determination of private set intersections |
-
2022
- 2022-04-08 CN CN202210368082.XA patent/CN114726542B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018119670A1 (en) * | 2016-12-27 | 2018-07-05 | 深圳大学 | Method and device for certificateless partially blind signature |
| US20210377050A1 (en) * | 2018-01-16 | 2021-12-02 | nChain Holdings Limited | Computer implemented method and system for obtaining digitally signed data |
| US20220004654A1 (en) * | 2018-04-19 | 2022-01-06 | Google Llc | Security measures for determination of private set intersections |
| CN109274501A (en) * | 2018-10-25 | 2019-01-25 | 广西师范大学 | License block chain method for secret protection based on Proxy Signature |
| CN109818730A (en) * | 2019-03-06 | 2019-05-28 | 矩阵元技术(深圳)有限公司 | Acquisition methods, device and the server of Proxy Signature |
| US20210234689A1 (en) * | 2020-08-07 | 2021-07-29 | Beijing Baidu Netcom Science And Technology Co., Ltd. | Method and apparatus for obtaining privacy set intersection, device and storage medium |
| CN113127916A (en) * | 2021-05-18 | 2021-07-16 | 腾讯科技(深圳)有限公司 | Data set processing method, data processing device and storage medium |
| CN113032840A (en) * | 2021-05-26 | 2021-06-25 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and computer readable storage medium |
| CN113434888A (en) * | 2021-07-06 | 2021-09-24 | 建信金融科技有限责任公司 | Data sharing method, device, equipment and system |
| CN113761570A (en) * | 2021-08-16 | 2021-12-07 | 高语澈 | Privacy intersection-oriented data interaction method |
| CN113569267A (en) * | 2021-09-23 | 2021-10-29 | 上海钐昆网络科技有限公司 | Privacy safety data set intersection method, device, equipment and storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116821936A (en) * | 2023-06-30 | 2023-09-29 | 北京海泰方圆科技股份有限公司 | Method and device for determining data intersection |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114726542B (en) | 2024-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9967239B2 (en) | Method and apparatus for verifiable generation of public keys | |
| Dobbertin | Cryptanalysis of MD4 | |
| CN109245903B (en) | Signature method and device for cooperatively generating SM2 algorithm by two parties and storage medium | |
| CN111177762B (en) | Data processing method, device, server and federal learning system | |
| CN109767218B (en) | Block chain certificate processing method and system | |
| JP2004129303A (en) | Recovery-type and appendix-type electronic signature methods, key-exchange method and recovery-type public and blind electronic signature methods | |
| WO2019047418A1 (en) | Digital signature method, device and system | |
| CN114091054A (en) | Bidirectional hidden data query method and device | |
| CN112118113A (en) | Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm | |
| CN111161075B (en) | Blockchain transaction data proving and supervising method, system and related equipment | |
| CN113128999A (en) | Block chain privacy protection method and device | |
| CN114726542B (en) | Data transmission method and device based on privacy intersection | |
| CN115643098A (en) | Cloud data sharing system and auditing system based on certificateless encryption | |
| CN111859435B (en) | Data security processing method and device | |
| CN111984959B (en) | Anonymous information publishing and verifying method and device | |
| Omote et al. | An anonymous auction protocol with a single non-trusted center using binary trees | |
| CN111221903A (en) | Data tracing method, system and computer storage medium | |
| CN114221753B (en) | Key data processing method and electronic equipment | |
| CN113268749B (en) | Bid information processing method and module and electronic equipment | |
| CN111552950A (en) | Software authorization method and device and computer readable storage medium | |
| CN114448640A (en) | Double-blind information distribution method and device and computer readable storage medium | |
| CN114297721A (en) | Information processing method, information processing apparatus, block chain platform, and storage medium | |
| CN112837064A (en) | Signature method, signature verification method and device of alliance chain | |
| CN112395590A (en) | Multiplexing method, device and equipment of electronic signature and storage medium | |
| CN115604006A (en) | Data transmission method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |