CN115001741B - Data encryption method and related components - Google Patents

Data encryption method and related components Download PDF

Info

Publication number
CN115001741B
CN115001741B CN202210429015.4A CN202210429015A CN115001741B CN 115001741 B CN115001741 B CN 115001741B CN 202210429015 A CN202210429015 A CN 202210429015A CN 115001741 B CN115001741 B CN 115001741B
Authority
CN
China
Prior art keywords
data
prime number
alpha
encryption
determining
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210429015.4A
Other languages
Chinese (zh)
Other versions
CN115001741A (en
Inventor
王小伟
张旭
吴睿振
孙华锦
王凛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd
Original Assignee
Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd filed Critical Shandong Yunhai Guochuang Cloud Computing Equipment Industry Innovation Center Co Ltd
Priority to CN202210429015.4A priority Critical patent/CN115001741B/en
Publication of CN115001741A publication Critical patent/CN115001741A/en
Application granted granted Critical
Publication of CN115001741B publication Critical patent/CN115001741B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption

Abstract

The invention discloses a data encryption method and related components, which relate to the technical field of information security, and a data homomorphic encryption algorithm is designed in advance, and comprises a specific key determination rule, a corresponding encryption rule and a corresponding decryption rule, wherein a public key and a private key can be determined safely and reliably based on the specific key determination rule, only a decryption terminal with the private key can crack ciphertext encrypted by applying the corresponding public key and encryption rule, and the safety and reliability of the algorithm are high. Specifically, the encryption terminal can directly encrypt the plaintext to be encrypted and transmitted at present according to the obtained public key and the corresponding encryption rule, so that a large amount of hash values serving as encryption summary information are not required to be calculated, and the calculation cost is reduced; when the decryption terminal obtains the ciphertext to be decrypted, the decryption terminal can directly decrypt according to the secret key and the corresponding decryption rule, and the complex verification step of encrypting abstract information is not needed, so that the verification cost is saved, and finally the safety of information transmission is ensured.

Description

Data encryption method and related components
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a data encryption method and related components.
Background
In the aspects of privacy and security protection of a network communication system, the data to be transmitted has the risk of being attacked actively or passively, and the data encryption technology is a very effective method for resisting the data attack, and is widely applied to occasions requiring data encryption, such as voting systems, retrieval of ciphertext databases, cloud computing and the like.
The common encryption algorithm comprises a hash encryption algorithm depending on a hash algorithm, but the algorithm setting mechanism of the method is complex, specifically, a large amount of hash calculation is needed for the encryption process of the encryption party on the plaintext to generate encrypted digest information, then the original data and the encrypted digest information are sent to the decryption party together, and when the decryption party decrypts the data, a large amount of redundancy check is needed, namely, the decryption party performs the same large amount of hash calculation on the original data and the encryption party, and judges whether the obtained data is consistent with the encrypted digest information or not, so as to verify whether the original data is tampered for subsequent use.
Therefore, how to find an encryption method for effectively ensuring information security is a current urgent problem to be solved.
Disclosure of Invention
The invention aims to provide a data encryption method and related components, and a data homomorphic encryption algorithm is designed in advance, and comprises a specific key determination rule, a corresponding encryption rule and a corresponding decryption rule, so that the calculation cost is reduced and the verification cost is saved on the basis of ensuring the safety of information transmission.
In order to solve the technical problems, the invention provides a data encryption method applied to an encryption terminal, comprising the following steps:
the method comprises the steps of obtaining a public key and a corresponding encryption rule which are determined and published by a decryption terminal according to a pre-designed data homomorphic encryption algorithm, wherein the public key is determined by the decryption terminal according to a key determination rule of the data homomorphic encryption algorithm;
the key determination rule is as follows: the decryption terminal determines a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
determining a plaintext to be transmitted currently in an encrypted manner;
encrypting the plaintext according to the public key and the encryption rule to obtain ciphertext.
Preferably, the first prime number p, the second prime number q, and the third prime number α are based on the first data n 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key α, comprising:
s21: selecting an integer from among integers between 1 and n-1 as second data a based on the first data n;
s22: calculating the square of the first prime number p to obtain third data p 2
Calculating the third prime number alpha 1 Obtaining fourth data alpha by multiplying the first prime number p 1 p;
Calculating the square of the second prime number q to obtain fifth data q 2
Calculating the fourth prime number alpha 2 The product of the second prime number q is used for obtaining sixth data alpha 2 q;
S23: selecting an integer from among integers between 1 and p as seventh data g based on the first prime number p 1 Wherein said g 1 The selection of (2) satisfies a first selection relationship;
The first selection relational expression is as follows:
and wherein mod represents a modulo operation;
s24: judging the g 1 Modulo the p 2 Whether or not the order of (a) is the fourth data alpha 1 p; if yes, go to S25; if not, return to S23 to redefine the new seventh data g 1
S25: selecting an integer from among integers between 1 and q as eighth data g based on the second prime number q 2 Wherein said g 2 The selection of (2) satisfies a second selection relationship;
the second selection relational expression is as follows:
s26: judging the g 2 Modulo the q 2 Whether or not the order of (a) is the sixth data alpha 2 q; if yes, go to S27; if not, return to S26 to redetermine new eighth data g 2
S27: based on the seventh data g 1 Said third data p 2 The eighth data g 2 The fifth data q 2 Establishing a first linear congruence equation set and solving by applying the Chinese remainder theorem to obtain ninth data g;
the first set of linear congruence equations is:
s28: and determining the first data n, the second data a and the ninth data g as public keys.
Preferably, encrypting the plaintext according to the public key and the encryption rule to obtain ciphertext includes:
selecting an integer from among integers between 0 and n as tenth data k based on the first data n;
Determining a first set based on the first data nWherein the first set->The aggregate element in (1) is {0,1,., (n-1) };
determining the first setAnd among the respective aggregate elements of (a)A first set of elements of n mutual elements;
selecting one from the first set of elements as eleventh data r;
encrypting the plaintext M based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g, a second preset relational expression and a third preset relational expression to obtain ciphertext, wherein M is more than or equal to 0 and less than n 2 The ciphertext includes twelfth data C determined based on the second preset relationship 1 And thirteenth data C determined based on the third preset relation 2
The second preset relation is: c (C) 1 =g (k+rn) mod n 2
The third preset relation is: c (C) 2 =M(1+kan)mod n 2
Preferably, the twelfth data C in the secret is determined based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g and a second preset relation 1 The method specifically comprises the following steps:
calculating fourteenth data S based on the first data n, the tenth data k, and the eleventh data r 1 =k+r*n;
According to each power S in the pre-stored power-congruence value correspondence 2 Respectively calculating the S 1 And each of said S 2 A difference between them;
determining a standard power S corresponding to the difference value with the smallest value and the positive value 2 And according to the standard power S 2 Determining the standard power S from the power-congruence value correspondence 2 Corresponding congruence value
Based on the congruence value T, the ninth data g, the fourteenth data S 1 The standard power S 2 And a fourth preset relation for determining twelfth data C in the secret 1
The fourth preset relation is:
in order to solve the technical problem, the invention also provides a data decryption method applied to a decryption terminal, the data decryption method comprises the following steps:
determining a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
obtaining a ciphertext sent by an encryption terminal, wherein the ciphertext is obtained by encrypting a plaintext to be transmitted by the encryption terminal according to the public key and an encryption rule of a pre-designed data homomorphic encryption algorithm;
and decrypting the ciphertext according to the public key, the private key alpha corresponding to the public key and the decryption rule of the data homomorphic encryption algorithm to obtain the plaintext.
Preferably, the public key includes first data n, second data a and third data g; the ciphertext includes fourth data C 3 Fifth data C 4
Decrypting the ciphertext according to the public key, a private key alpha corresponding to the public key and a decryption rule of the data homomorphic encryption algorithm to obtain the plaintext, wherein the decrypting comprises the following steps:
the fourth data C is based on the private key alpha, the first data n, the third data g and a first preset relation 3 Processing to obtain sixth data C k
The first preset relation is:
wherein mod represents a modulo operation;
based on the second data a, the sixth data C k The first data n and the second preset relation pair the fifth data C 4 Processing to obtain the plaintext E;
The second preset relation is: e=c 4 *(1+C k (n-a)n)mod n 2
Preferably, the fourth data C is based on the private key α, the first data n, the third data g and a first predetermined relation 3 Processing to obtain sixth data C k The method specifically comprises the following steps:
calculating the square of the first prime number p to obtain seventh data p 2
Calculating the square of the second prime number q to obtain eighth data q 2
Based on the fourth data C 3 Said private key alpha, said seventh data p 2 Obtaining ninth data according to the third preset relation
The third preset relation is:
wherein mod represents a modulo operation;
based on the fourth data C 3 Said private key alpha, said eighth data q 2 Obtaining tenth data according to fourth preset relation
The fourth preset relation is:
based on the ninth dataThe seventh data p 2 Said tenth data->The eighth data q 2 Establishing a second linear congruence equation system and solving by applying Chinese remainder theorem to obtain eleventh data +.>
The second set of linear congruence equations is:
based on the third data g, the private key alpha, the seventh data p 2 Obtaining twelfth data according to fifth preset relation
The fifth preset relation is:
based on the third data g, the private key alpha, the eighth data q 2 Obtaining thirteenth data according to sixth preset relation
The sixth preset relation is:
based on the twelfth dataThe seventh data p 2 Said thirteenth data->The eighth data q 2 Establishing a third linear congruence equation system and solving by applying Chinese remainder theorem to obtain fourteenth data +.>
The third set of linear congruence equations is:
based on the first data n, the eleventh dataThe fourteenth data->Obtaining sixth data C by seventh preset relation k
The seventh preset relation is:
in order to solve the technical problem, the present invention further provides a data encryption system applied to an encryption terminal, the data encryption system includes:
the key acquisition unit is used for acquiring a public key and a corresponding encryption rule which are determined and published by the decryption terminal according to a pre-designed data homomorphic encryption algorithm, wherein the public key is determined by the decryption terminal according to a key determination rule of the data homomorphic encryption algorithm;
the key determination rule is as follows: the decryption terminal determines a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
the plaintext determining unit is used for determining the plaintext to be transmitted currently in an encrypted manner;
and the encryption unit is used for encrypting the plaintext according to the public key and the encryption rule so as to obtain ciphertext.
In order to solve the technical problem, the invention also provides a data decryption system applied to a decryption terminal, the data decryption system comprises:
a key determining unit for determining a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
the ciphertext acquisition unit is used for acquiring ciphertext sent by the encryption terminal, wherein the ciphertext is obtained by encrypting plaintext to be transmitted by the encryption terminal according to the public key and an encryption rule of a pre-designed data homomorphic encryption algorithm;
and the decryption unit is used for decrypting the ciphertext according to the public key, the private key alpha corresponding to the public key and the decryption rule of the data homomorphic encryption algorithm so as to obtain the plaintext.
In order to solve the above technical problem, the present invention further provides a data processing apparatus, including:
a memory for storing a computer program;
a processor for performing the steps of the data encryption method as described above.
The invention provides a data encryption method and related components, firstly, a data homomorphic encryption algorithm is designed in advance, the algorithm comprises a specific key determination rule, a corresponding encryption rule and a corresponding decryption rule, a pair of keys, namely a public key and a private key, can be determined safely and reliably based on the specific key determination rule, the private key is not disclosed as private data, namely only a decryption terminal with the private key can decrypt ciphertext encrypted by the corresponding public key and encryption rule, and the safety and reliability of the algorithm are high. Specifically, the encryption terminal can directly encrypt the plaintext to be encrypted and transmitted at present according to the obtained public key and the corresponding encryption rule, so that a large amount of hash values serving as encryption summary information are not required to be calculated, and the calculation cost is reduced; and the decryption terminal can directly decrypt according to the secret key and the corresponding decryption rule when obtaining the ciphertext to be decrypted, and does not need to carry out the complex verification step of encrypting abstract information, so that the verification cost is saved, and finally, the safety of information transmission is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required in the prior art and the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a data encryption method provided by the invention;
FIG. 2 is a flow chart of a data decryption method provided by the invention;
FIG. 3 is a schematic diagram of a data encryption system according to the present invention;
fig. 4 is a schematic structural diagram of a data decryption system according to the present invention;
fig. 5 is a schematic structural diagram of a data processing apparatus according to the present invention.
Detailed Description
The core of the invention is to provide a data encryption method and related components, and predesigned a data homomorphic encryption algorithm, wherein the algorithm comprises a specific key determination rule, a corresponding encryption rule and a corresponding decryption rule, and on the basis of ensuring the safety of information transmission, the calculation cost is reduced, and the verification cost is saved.
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, fig. 1 is a flowchart of a data encryption method according to the present invention.
The data encryption method is applied to an encryption terminal and comprises the following steps:
s11: the method comprises the steps of obtaining a public key and a corresponding encryption rule which are determined and published by a decryption terminal according to a pre-designed data homomorphic encryption algorithm, wherein the public key is determined by the decryption terminal according to a key determination rule of the data homomorphic encryption algorithm;
the key determination rule is: the decryption terminal determines a first prime number p and a second prime number q which are different from each other; multiplying p and q to obtain a firstData n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein A is 1 =p-1;A 2 =q-1; determining a third prime number alpha 1 Fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
s12: determining a plaintext to be transmitted currently in an encrypted manner;
s13: and encrypting the plaintext according to the public key and the encryption rule to obtain the ciphertext.
In this embodiment, considering that in the prior art, in order to implement encrypted transmission of data to ensure data security, a hash encryption algorithm is generally adopted, but the method includes a large number of hash value calculations and corresponding verification steps, which consumes excessive calculation cost and verification cost. In order to solve the technical problems, the application provides a data encryption method, which can ensure that an encryption terminal with a public key and a corresponding encryption rule safely transmits plaintext to be transmitted to a decryption terminal according to a pre-designed homomorphic encryption algorithm of data.
It should be noted that the encryption terminal herein includes, but is not limited to, a physical device such as a server and a client that has a need for encrypting the trusted data, and is not particularly limited herein. Thus, for the decryption terminal, a pair of keys is determined according to a pre-designed homomorphic encryption algorithm of data, the public key and the encryption rule are used as public information to publish the encryption terminal, the private key is used as private information to be stored by the decryption terminal generating the pair of keys, the decryption terminal grasps the public key, the corresponding private key, the corresponding encryption rule and the decryption rule, the encryption terminal can only grasp the public key and the encryption rule published by the decryption terminal, and grasping the public key is very difficult to solve the corresponding private key, so that the security of the scheme is ensured.
Specifically, the key determination rule needs to be described as follows: the decryption terminal determines mutually different first pixelsThe number p and the second prime q can be selected to be as large as possible in practical application, and the greater the numerical value of the first prime p and the second prime q, the higher the encryption security. Multiplying p and q gives first data n, which is then derived from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 And determining a third prime number alpha 1 Fourth prime number alpha 2 The result of the multiplication is the private key α, where it is easy to verify that the calibration data λ is chosen, where λ is a 1 And A is a 2 The smallest public multiple is the smallest, the private key alpha determined in the application is smaller than the lambda, and the largest common divisor between the private key alpha and the first data n is 1, so that the key determined according to the key determination rule can be easily known based on the Paillier algorithm, and the semantic security is met, that is, the ciphertext obtained by using the data homomorphic encryption algorithm provided by the application cannot reveal other information of the plaintext.
Then, the encryption terminal can determine the plaintext to be encrypted currently, and encrypt the plaintext according to the obtained public key and the corresponding encryption rule to obtain the ciphertext. It should be further noted that the encryption terminal may then send the obtained ciphertext to the decryption terminal, that is, the encryption transmission of the plaintext is completed, and the decryption terminal grasping the public key, the private key and the corresponding decryption rule may directly decrypt the obtained ciphertext to obtain the plaintext.
In summary, the application provides a data encryption method, a data homomorphic encryption algorithm is designed in advance, the algorithm comprises a specific key determination rule, a corresponding encryption rule and a corresponding decryption rule, a pair of keys, namely a public key and a private key, can be determined safely and reliably based on the specific key determination rule, the private key is not disclosed as private data, namely only a decryption terminal with the private key can crack ciphertext encrypted by applying the corresponding public key and the corresponding encryption rule, and the algorithm is high in safety and reliability. And the encryption terminal does not need to calculate a large amount of hash values serving as encryption summary information in the process of encrypting the plaintext to be transmitted currently, so that the calculation cost is reduced.
Based on the above embodiments:
as a preferred embodiment, the first data n, the first prime number p, the second prime number q, the third prime number α are based on 1 Fourth prime number alpha 2 Determining a public key corresponding to the private key α includes:
s21: selecting an integer from among integers between 1 and n-1 as the second data a based on the first data n;
s22: calculating the square of the first prime number p to obtain third data p 2
Calculating a third prime number alpha 1 The product of the first prime number p yields fourth data alpha 1 p;
Calculating the square of the second prime number q to obtain fifth data q 2
Calculating a fourth prime number alpha 2 The product of the second prime number q yields sixth data alpha 2 q;
S23: selecting an integer from among integers between 1 and p as seventh data g based on a first prime number p 1 Wherein g 1 The selection of (2) satisfies a first selection relationship;
the first selection relation is:
and wherein mod represents a modulo operation;
s24: judging g 1 Mode p 2 Whether or not the order of (a) is the fourth data alpha 1 p; if yes, go to S25; if not, return to S23 to redefine the new seventh data g 1
S25: selecting an integer from among integers between 1 and q as eighth data g based on a second prime number q 2 Wherein g 2 The selection of (2) satisfies a second selection relationship;
the second selection relation is:
s26: judging g 2 Mode q 2 Whether or not the order of (a) is the sixth data alpha 2 q; if yes, go to S27; if not, return to S26 to redetermine new eighth data g 2
S27: based on the seventh data g 1 Third data p 2 Eighth data g 2 Fifth data q 2 Establishing a first linear congruence equation set and solving by applying the Chinese remainder theorem to obtain ninth data g;
the first set of linear congruence equations is:
s28: the first data n, the second data a and the ninth data g are determined to be public keys.
In this embodiment, a manner of determining the public key by the decryption terminal is provided, and specific steps are S21-S28, which are not described herein. In the explanation of the steps S24 and S26, the step S24 is taken as an example, and the step g is determined 1 Mode p 2 Whether or not the order of (a) is the fourth data alpha 1 p, in that there may be a smaller data F, also satisfies (g 1 ) F =1modp 2 The presence of such a F indicates that we now refer to the seventh data g 1 Is not proper, so it is necessary to return to S23 to redefine the new seventh data g 1 To verify g, close to the application reality 1 Mode p 2 Whether or not the order of (a) is the fourth data alpha 1 p, only need to verifySum (g) 1 ) p modp 2 Whether the number is 1 is required. The reason for the design in step S26 is not described in detail.
In addition, the public key and the corresponding private key alpha determined through the steps satisfy the following relation, so that the semantic security of the homomorphic encryption algorithm of the data is ensured:
(g) αn =1 mod n 2
further justification of the selection of the ninth data g is first readily availableTherefore->Similarly, let go of>Thus have (g) αn =1 mod n 2 Wherein α=α 12 . As a verification that the order of g is αn, it is assumed that 0 < h.ltoreq.αn is present so that (g) h =1 mod n 2 Yi De (g) h =1 mod p 2 Thus (g) 1 ) h =(g) h mod p 2 The result is that h is alpha 1 Multiple of p, and similarly, h is alpha 2 q, so h is a multiple of an, so only h=an.
It can be seen that the public key for data encryption can be reliably determined in the above manner, and the operability is strong.
As a preferred embodiment, encrypting plaintext according to a public key and encryption rules to obtain ciphertext includes:
selecting an integer from among integers between 0 and n as tenth data k based on first data n;
determining a first set based on the first data nWherein the first set->The aggregate element in (1) is {0,1,., (n-1) };
determining a first setA first set element of each set element of the n-prime and the n-prime;
selecting one from the first set of elements as eleventh data r;
encrypting a plaintext M based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g, the second preset relational expression and the third preset relational expression to obtain a ciphertext, wherein M is more than or equal to 0 and less than n 2 The ciphertext includes twelfth data C determined based on the second preset relationship 1 And thirteenth data C determined based on a third preset relation 2
The second preset relation is:
C 1 =g (k+rn) mod n 2
the third preset relation is:
C 2 =M(1+kan)mod n 2
in this embodiment, a manner is provided in which the encryption terminal encrypts data according to the public key and the corresponding encryption rule. The specific steps are as described above, and are not repeated here. It should be noted that, here, there is a limitation of the data range, i.e., 0.ltoreq.M < n, for the data to be encrypted, i.e., plaintext M 2 . Therefore, compared with other encryption modes, the data encryption method can realize the encryption of the data by less modular exponentiation operation, thereby ensuring the encryption speed and having stronger operability.
As a preferred embodiment, the twelfth data C in the secret is determined based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g and the second preset relation 1 The method specifically comprises the following steps:
calculating fourteenth data S based on the first data n, the tenth data k and the eleventh data r 1 =k+r*n;
According to each power S in the pre-stored power-congruence value correspondence 2 Respectively calculate S 1 And each S 2 A difference between them;
determining a standard power S corresponding to the difference value with the smallest difference value being positive 2 And according to standard power S 2 Determining standard power S from power-congruence value correspondence 2 Corresponding congruenceValue of
Based on the congruence value T, the ninth data g and the fourteenth data S 1 Standard power S 2 And fourth preset relation determining twelfth data C in secret 1
The fourth preset relationship is:
in this embodiment, the inventor further considers that the calculation speed of the encryption rule can be further improved in the process of encrypting the information. Specifically, due to the twelfth data C 1 The encryption terminal can store a corresponding relation of power-congruence value in advance, wherein the corresponding relation comprises a plurality of powers and congruence values corresponding to the powers. Thus, the fourteenth data S is first calculated 1 Respectively calculate the S 1 With stored powers S 2 The difference between them, determining that the power corresponding to the difference which is positive and the smallest is the standard power S 2 The standard power S can then be found from the power-congruence value correspondence 2 Corresponding congruence value T. It should be noted that, here, the power corresponding to the difference value which is negative and the largest difference value may be selected as the standard power S 2 But also at this time at the standard power S 2 The complex inversion operation is performed based on the corresponding congruent value, so that the original purpose of the embodiment is not achieved.
Based on the same residue value T, ninth data g and fourteenth data S 1 Standard power S 2 And fourth preset relation determining twelfth data C in secret 1 Essentially, the method is equivalent to carrying out the power operation on the basis of the congruence value T, and relatively, a large amount of power operation is not required to be calculated, so that a lot of calculation time is saved.
Referring to fig. 2, fig. 2 is a flowchart of a data decryption method according to the present invention.
The data decryption method is applied to a decryption terminal and comprises the following steps:
s31: determining a first prime number p and a second prime number q which are different from each other; multiplying p and q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein A is 1 =p-1;A 2 =q-1; determining a third prime number alpha 1 Fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
s32: the method comprises the steps of obtaining a ciphertext sent by an encryption terminal, wherein the ciphertext is obtained by the encryption terminal encrypting a plaintext to be transmitted according to a public key and an encryption rule of a pre-designed data homomorphic encryption algorithm;
s33: and decrypting the ciphertext according to the public key, the private key alpha corresponding to the public key and the decryption rule of the data homomorphic encryption algorithm to obtain a plaintext.
It should be noted that the decryption terminal herein includes, but is not limited to, a physical terminal such as a server and a client, and is not particularly limited herein. The decryption terminal comprises a pre-designed data homomorphic encryption algorithm, wherein the algorithm comprises a key determination rule, an encryption rule and a decryption rule, and the data homomorphic encryption algorithm provided by the application can meet the encryption transmission of a plaintext to be transmitted by the encryption terminal, and can also meet the ciphertext sent after the encryption terminal encrypts the plaintext according to a public key and a corresponding encryption rule by the decryption terminal, and decrypt according to the decryption rule of the data homomorphic encryption algorithm.
Specifically, for step S31, the first prime number p and the second prime number q may be larger in practical application, and the greater the values of the first prime number p and the second prime number q, the higher the security of encryption. The corresponding encryption rule is the encryption rule described in each embodiment, and therefore will not be described again.
In addition, according to the encryption rule and the decryption rule setting of the data homomorphic encryption algorithm in the application are easy to obtain, the algorithm meets the multiplication homomorphic, namely the method can realize that the method is equivalent to the method of multiplying and then decrypting in the modular sense after decrypting, and can meet some special requirements of decryption terminals, namely as special cases, some decryption terminals want to process data of plaintext but do not want to obtain the information processor of ciphertext after encrypting the plaintext to decrypt the data, and according to the data homomorphic encryption algorithm provided by the application, the decryption terminals can not disclose the public key and the corresponding encryption rule to the information processor, but only send the encrypted ciphertext to the information processor to process the data, and meanwhile, the obtained processed data is sent to the decryption terminal again because of the multiplication homomorphic met by the data homomorphic encryption algorithm without decrypting to directly process the data, so that the plaintext can not be leaked and the data processing is realized for the decryption terminal. With the plaintext to be processed as N 1 N 2 For example, the following relationship holds according to the multiplication homomorphism satisfied by the data homomorphic encryption algorithm in the present application:
D(W(N 1 )W(N 2 ))=N 1 N 2 mod n 2
wherein D (W (N) 1 )W(N 2 ) Represents a pair W (N) 1 )W(N 2 ) Is (N) and W (N) 1 ) Representation pair N 1 Is used for the encryption of (a).
In summary, the application provides a data decryption method, when a decryption terminal obtains a ciphertext to be decrypted, the decryption terminal can directly decrypt according to a secret key and a corresponding decryption rule, and a complicated verification step of encrypting abstract information is not needed, so that verification cost is saved, and finally, the security of information transmission is ensured.
As a preferred embodiment, the public key includes first data n, second data a, and third data g; ciphertext includes fourth data C 3 Fifth data C 4
Decrypting the ciphertext according to the public key, the private key alpha corresponding to the public key and a decryption rule of a data homomorphic encryption algorithm to obtain a plaintext, wherein the decrypting comprises the following steps:
fourth data C based on private key alpha, first data n, third data g and first preset relation 3 Processing to obtain sixth data C k
The first preset relation is:
wherein mod represents a modulo operation;
based on the second data a and the sixth data C k The first data n and the second preset relation pair fifth data C 4 Processing to obtain a plaintext E;
the second preset relation is:
E=C 4 *(1+C k (n-a)n)mod n 2
in this embodiment, a manner is provided in which the decryption terminal performs decryption by means of the public key, the private key α corresponding to the public key, and the corresponding decryption rule, and specific steps are described above, which are not repeated here. Therefore, the decryption of the data can be reliably realized in the mode, and relatively, a large number of modular exponentiations are not needed, so that the decryption speed is ensured, and the operability and the practicability are strong.
As a preferred embodiment, the fourth data C is based on the private key α, the first data n, the third data g and the first predetermined relation 3 Processing to obtain sixth data C k The method specifically comprises the following steps:
calculating the square of the first prime number p to obtain seventh data p 2
Calculating the square of the second prime number q to obtain eighth data q 2
Based on fourth data C 3 Private key alpha, seventh data p 2 Obtaining ninth data according to the third preset relation
The third preset relation is:
wherein mod represents a modulo operation;
based on fourth data C 3 Private key alpha, eighth data q 2 Obtaining tenth data according to fourth preset relation
The fourth preset relationship is:
based on the ninth dataSeventh data p 2 Tenth data->Eighth data q 2 Establishing a second linear congruence equation system and solving by applying Chinese remainder theorem to obtain eleventh data +.>
The second set of linear congruence equations is:
based on third data g, private key alpha, seventh data p 2 Obtaining twelfth data according to fifth preset relation
The fifth preset relationship is:
based on third data g, private key alpha, eighth data q 2 Obtaining thirteenth data according to sixth preset relation
The sixth preset relationship is:
based on twelfth dataSeventh data p 2 Thirteenth data->Eighth data q 2 Establishing a third linear congruence equation system and solving by applying Chinese remainder theorem to obtain fourteenth data +.>
The third linear congruence equation set is:
based on the first data n, eleventh dataFourteenth data->Obtaining sixth data C by seventh preset relation k
The seventh preset relationship is:
in this embodiment, the inventor further considers that if the storage space of the decryption terminal is sufficient, the power operation in the decryption rule in this application may be simplified according to the manner of pre-storing the power-congruence value correspondence in the foregoing embodiment, but some storage spaces of the decryption terminal may be smaller, so that the foregoing correspondence is inconvenient to store, and another manner of simplifying the power operation in the decryption rule in this application is given in this embodiment. Specifically, in actual operation, for (C 3 ) α G α May be calculated only once and stored for use in calculating the corresponding data, and then it will be appreciated that the eleventh dataAs an example of the calculation of (a), experiments show that the ninth data +.>Tenth data->And applies the Chinese remainder theorem to find eleventh data +.>Is less than the direct calculation (C 3 ) α mod n 2 Is a calculation amount of (a). Finally realize the sixth data C k The calculation process of (2) is simplified, and specific processes are shown in the above steps, and are not repeated here.
It should be further noted that, if the storage space of the encryption terminal is limited, the encryption terminal cannot simplify the exponentiation in the encryption rule according to the above-mentioned manner of pre-storing the correspondence between exponentiation and congruence values, but there is a need for simplifying the exponentiation, although it cannot directly obtain the first prime number p and the second prime number q to avoid leakage of the private partA key, but for simplicity in encrypting the twelfth data C when it applies encryption rules 1 Can be added with a program similar to a black box, and the program can directly apply the logic implementation output of the simplified power calculation in the embodiment on the basis of not leaking the first prime number p and the second prime number q, for example, the ninth data g, the first data n, the tenth data k and the eleventh data r are input to obtain the twelfth data C 1 The program logic executed in the black box is the simplified step of applying the chinese remainder theorem in this embodiment.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a data encryption system according to the present invention.
The data encryption system is applied to an encryption terminal and comprises:
a key obtaining unit 41, configured to obtain a public key and a corresponding encryption rule that are determined and published by the decryption terminal according to a pre-designed data homomorphic encryption algorithm, where the public key is determined by the decryption terminal according to a key determination rule of the data homomorphic encryption algorithm;
the key determination rule is: the decryption terminal determines a first prime number p and a second prime number q which are different from each other; multiplying p and q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein A is 1 =p-1;A 2 =q-1; determining a third prime number alpha 1 Fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
a plaintext determining unit 42, configured to determine a plaintext currently to be transmitted by encryption;
the encrypting unit 43 is used for encrypting the plaintext according to the public key and the encryption rule to obtain the ciphertext.
For the description of the data encryption system provided in the present invention, reference is made to the embodiment of the data encryption method described above, and the description thereof is omitted herein.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a data decryption system according to the present invention.
The data decryption system is applied to a decryption terminal and comprises:
a key determination unit 51 for determining a first prime number p and a second prime number q which are different from each other; multiplying p and q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein A is 1 =p-1;A 2 =q-1; determining a third prime number alpha 1 Fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
the ciphertext obtaining unit 52 is configured to obtain a ciphertext sent by the encryption terminal, where the ciphertext is obtained by the encryption terminal encrypting a plaintext to be transmitted according to a public key and an encryption rule of a pre-designed homomorphic data encryption algorithm;
the decryption unit 53 is configured to decrypt the ciphertext according to the public key, the private key α corresponding to the public key, and a decryption rule of the data homomorphic encryption algorithm, so as to obtain plaintext.
For the description of the data decryption system provided in the present invention, reference is made to the embodiment of the data decryption method described above, and the description thereof is omitted here.
Referring to fig. 5, fig. 5 is a schematic structural diagram of a data processing apparatus according to the present invention.
The data processing apparatus includes:
a memory 61 for storing a computer program;
a processor 62 for performing the steps of the data encryption method as described above.
For the description of the data processing apparatus provided in the present invention, reference is made to the embodiments of the data encryption method and the data decryption method, and the description thereof is omitted herein.
It should be noted that, when the data processing apparatus performs the steps of the data encryption method, it essentially performs encryption of plaintext to be encrypted; when the data processing apparatus performs the steps of the data decryption method, it essentially performs decryption of ciphertext to be decrypted.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
It should also be noted that in this specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (7)

1. A data encryption method, applied to an encryption terminal, comprising:
the method comprises the steps of obtaining a public key and a corresponding encryption rule which are determined and published by a decryption terminal according to a pre-designed data homomorphic encryption algorithm, wherein the public key is determined by the decryption terminal according to a key determination rule of the data homomorphic encryption algorithm;
the key determination rule is as follows: the decryption terminal determines a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
determining a plaintext to be transmitted currently in an encrypted manner;
encrypting the plaintext according to the public key and the encryption rule to obtain ciphertext;
wherein, based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourthPrime number alpha 2 Determining a public key corresponding to the private key α, comprising:
s21: selecting an integer from among integers between 1 and n-1 as second data a based on the first data n;
s22: calculating the square of the first prime number p to obtain third data p 2
Calculating the third prime number alpha 1 Obtaining fourth data alpha by multiplying the first prime number p 1 p;
Calculating the square of the second prime number q to obtain fifth data q 2
Calculating the fourth prime number alpha 2 The product of the second prime number q is used for obtaining sixth data alpha 2 q;
S23: selecting an integer from among integers between 1 and p as seventh data g based on the first prime number p 1 Wherein said g 1 The selection of (2) satisfies a first selection relationship;
the first selection relational expression is as follows:
and wherein mod represents a modulo operation;
s24: judging the g 1 Modulo the p 2 Whether or not the order of (a) is the fourth data alpha 1 p; if yes, go to S25; if not, return to S23 to redefine the new seventh data g 1
S25: selecting an integer from among integers between 1 and q as eighth data g based on the second prime number q 2 Wherein said g 2 The selection of (2) satisfies a second selection relationship;
the second selection relational expression is as follows:
s26: judging the g 2 Modulo the q 2 Whether or not the order of (a) is the sixth data alpha 2 q; if yes, go to S27; if not, return to S26 to redetermine a new eighthData g 2
S27: based on the seventh data g 1 Said third data p 2 The eighth data g 2 The fifth data q 2 Establishing a first linear congruence equation set and solving by applying the Chinese remainder theorem to obtain ninth data g;
the first set of linear congruence equations is:
s28: determining the first data n, the second data a and the ninth data g as public keys;
encrypting the plaintext according to the public key and the encryption rule to obtain ciphertext, wherein the encrypting comprises the following steps:
Selecting an integer from among integers between 0 and n as tenth data k based on the first data n;
determining a first set based on the first data nWherein the first set->The aggregate element in (1) is {0,1,., (n-1) };
determining the first setA first set element of each set element of the n-prime and the n-prime;
selecting one from the first set of elements as eleventh data r;
encrypting the plaintext M based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g, a second preset relational expression and a third preset relational expression to obtain ciphertext, wherein M is more than or equal to 0 and less than n 2 The saidThe ciphertext includes twelfth data C determined based on the second preset relation 1 And thirteenth data C determined based on the third preset relation 2
The second preset relation is: c (C) 1 =g (k+rn) mod n 2
The third preset relation is: c (C) 2 =M(1+kan)mod n 2
2. The data encryption method according to claim 1, wherein twelfth data C in the secret is determined based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g, and a second preset relational expression 1 The method specifically comprises the following steps:
calculating fourteenth data S based on the first data n, the tenth data k, and the eleventh data r 1 =k+r*n;
According to each power S in the pre-stored power-congruence value correspondence 2 Respectively calculating the S 1 And each of said S 2 A difference between them;
determining a standard power S corresponding to the difference value with the smallest value and the positive value 2 And according to the standard power S 2 Determining the standard power S from the power-congruence value correspondence 2 Corresponding congruence value
Based on the congruence value T, the ninth data g, the fourteenth data S 1 The standard power S 2 And a fourth preset relation for determining twelfth data C in the secret 1
The fourth preset relation is:
3. a data decryption method, applied to a decryption terminal, comprising:
determining a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
obtaining a ciphertext sent by an encryption terminal, wherein the ciphertext is obtained by encrypting a plaintext to be transmitted by the encryption terminal according to the public key and an encryption rule of a pre-designed data homomorphic encryption algorithm;
decrypting the ciphertext according to the public key, the private key alpha corresponding to the public key and the decryption rule of the data homomorphic encryption algorithm to obtain the plaintext;
wherein, based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key α, comprising:
s21: selecting an integer from among integers between 1 and n-1 as second data a based on the first data n;
s22: calculating the square of the first prime number p to obtain third data p 2
Calculating the third prime number alpha 1 Obtaining fourth data alpha by multiplying the first prime number p 1 p;
Calculating the square of the second prime number q to obtain fifth data q 2
Calculating the fourth prime number alpha 2 The product of the second prime number q is used for obtaining sixth data alpha 2 q;
S23: based on the firstPrime number p, an integer selected from integers between 1 and p is used as seventh data g 1 Wherein said g 1 The selection of (2) satisfies a first selection relationship;
the first selection relational expression is as follows:
and wherein mod represents a modulo operation;
s24: judging the g 1 Modulo the p 2 Whether or not the order of (a) is the fourth data alpha 1 p; if yes, go to S25; if not, return to S23 to redefine the new seventh data g 1
S25: selecting an integer from among integers between 1 and q as eighth data g based on the second prime number q 2 Wherein said g 2 The selection of (2) satisfies a second selection relationship;
the second selection relational expression is as follows:
s26: judging the g 2 Modulo the q 2 Whether or not the order of (a) is the sixth data alpha 2 q; if yes, go to S27; if not, return to S26 to redetermine new eighth data g 2
S27: based on the seventh data g 1 Said third data p 2 The eighth data g 2 The fifth data q 2 Establishing a first linear congruence equation set and solving by applying the Chinese remainder theorem to obtain ninth data g;
the first set of linear congruence equations is:
s28: determining the first data n, the second data a and the ninth data g as public keys;
Wherein the public key comprisesFirst data n, second data a and third data g; the ciphertext includes fourth data C 3 Fifth data C 4 The method comprises the steps of carrying out a first treatment on the surface of the Decrypting the ciphertext according to the public key, a private key alpha corresponding to the public key and a decryption rule of the data homomorphic encryption algorithm to obtain the plaintext, wherein the decrypting comprises the following steps:
the fourth data C is based on the private key alpha, the first data n, the third data g and a first preset relation 3 Processing to obtain sixth data C k
The first preset relation is:
wherein mod represents a modulo operation;
based on the second data a, the sixth data C k The first data n and the second preset relation pair the fifth data C 4 Processing to obtain the plaintext E;
the second preset relation is: e=c 4 *(1+C k (n-a)n)mod n 2
4. A data decryption method as claimed in claim 3, wherein the fourth data C is based on the private key α, the first data n, the third data g and a first predetermined relation 3 Processing to obtain sixth data C k The method specifically comprises the following steps:
calculating the square of the first prime number p to obtain seventh data p 2
Calculating the square of the second prime number q to obtain eighth data q 2
Based on the fourth data C 3 Said private key alpha, said seventh data p 2 Obtaining ninth data according to the third preset relation
The third preset relation is:
wherein mod represents a modulo operation;
based on the fourth data C 3 Said private key alpha, said eighth data q 2 Obtaining tenth data according to fourth preset relation
The fourth preset relation is:
based on the ninth dataThe seventh data p 2 Said tenth data->The eighth data q 2 Establishing a second linear congruence equation system and solving by applying Chinese remainder theorem to obtain eleventh data +.>
The second set of linear congruence equations is:
based on the third data g, the private key alpha, the seventh data p 2 Obtaining twelfth data according to fifth preset relation
The fifth preset relation is:
based on the third data g, the private key alpha, the eighth data q 2 Obtaining thirteenth data according to sixth preset relation
The sixth preset relation is:
based on the twelfth dataThe seventh data p 2 Said thirteenth data->The eighth data q 2 Establishing a third linear congruence equation system and solving by applying Chinese remainder theorem to obtain fourteenth data +. >
The third set of linear congruence equations is:
based on the first data n, the eleventh dataThe fourteenth data->Obtaining sixth data C by seventh preset relation k
The seventh preset relation is:
5. a data encryption system, applied to an encryption terminal, comprising:
the key acquisition unit is used for acquiring a public key and a corresponding encryption rule which are determined and published by the decryption terminal according to a pre-designed data homomorphic encryption algorithm, wherein the public key is determined by the decryption terminal according to a key determination rule of the data homomorphic encryption algorithm;
the key determination rule is as follows: the decryption terminal determines a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
the plaintext determining unit is used for determining the plaintext to be transmitted currently in an encrypted manner;
the encryption unit is used for encrypting the plaintext according to the public key and the encryption rule to obtain ciphertext;
wherein, based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key α, comprising:
s21: selecting an integer from among integers between 1 and n-1 as second data a based on the first data n;
s22: calculating the square of the first prime number p to obtain third data p 2
Calculating the third prime number alpha 1 Obtaining fourth data alpha by multiplying the first prime number p 1 p;
Calculating the square of the second prime number q to obtain fifth data q 2
Calculating the fourth prime number alpha 2 The product of the second prime number q is used for obtaining sixth data alpha 2 q;
S23: selecting an integer from among integers between 1 and p as seventh data g based on the first prime number p 1 Wherein said g 1 The selection of (2) satisfies a first selection relationship;
the first selection relational expression is as follows:
and wherein mod represents a modulo operation;
s24: judging the g 1 Modulo the p 2 Whether or not the order of (a) is the fourth data alpha 1 p; if yes, go to S25; if not, return to S23 to redefine the new seventh data g 1
S25: selecting an integer from among integers between 1 and q as eighth data g based on the second prime number q 2 Wherein said g 2 The selection of (2) satisfies a second selection relationship;
the second selection relational expression is as follows:
s26: judging the g 2 Modulo the q 2 Whether or not the order of (a) is the sixth data alpha 2 q; if yes, go to S27; if not, return to S26 to repeatNew eighth data g 2
S27: based on the seventh data g 1 Said third data p 2 The eighth data g 2 The fifth data q 2 Establishing a first linear congruence equation set and solving by applying the Chinese remainder theorem to obtain ninth data g;
the first set of linear congruence equations is:
s28: determining the first data n, the second data a and the ninth data g as public keys;
wherein the encryption unit is specifically configured to select, based on the first data n, an integer from 0 to n as tenth data k;
determining a first set based on the first data nWherein the first set->The aggregate element in (1) is {0,1,., (n-1) };
Determining the first setA first set element of each set element of the n-prime and the n-prime;
selecting one from the first set of elements as eleventh data r;
encrypting the plaintext M based on the first data n, the tenth data k, the eleventh data r, the second data a, the ninth data g, a second preset relational expression and a third preset relational expression to obtain ciphertext, wherein M is more than or equal to 0 and less than n 2 The ciphertext includes twelfth data C determined based on the second preset relationship 1 And thirteenth data C determined based on the third preset relation 2
The second preset relation is: c (C) 1 =g (k+rn) mod n 2
The third preset relation is: c (C) 2 =M(1+kan)mod n 2
6. A data decryption system, applied to a decryption terminal, comprising:
a key determining unit for determining a first prime number p and a second prime number q which are different from each other; multiplying the p and the q to obtain first data n; from A 1 Selecting a third prime number alpha from among the prime factors of (a) 1 From A 2 Selecting a fourth prime number alpha from among the prime factors of (a) 2 Wherein the A 1 =p-1; the A is 2 =q-1; determining the third prime number alpha 1 Said fourth prime number alpha 2 The result obtained by multiplication is a private key alpha; based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key alpha;
the ciphertext acquisition unit is used for acquiring ciphertext sent by the encryption terminal, wherein the ciphertext is obtained by encrypting plaintext to be transmitted by the encryption terminal according to the public key and an encryption rule of a pre-designed data homomorphic encryption algorithm;
the decryption unit is used for decrypting the ciphertext according to the public key, the private key alpha corresponding to the public key and the decryption rule of the data homomorphic encryption algorithm so as to obtain the plaintext;
wherein, based on the first data n, the first prime number p, the second prime number q, the third prime number alpha 1 Said fourth prime number alpha 2 Determining a public key corresponding to the private key α, comprising:
s21: selecting an integer from among integers between 1 and n-1 as second data a based on the first data n;
s22: calculating the saidThe square of the first prime number p yields third data p 2
Calculating the third prime number alpha 1 Obtaining fourth data alpha by multiplying the first prime number p 1 p;
Calculating the square of the second prime number q to obtain fifth data q 2
Calculating the fourth prime number alpha 2 The product of the second prime number q is used for obtaining sixth data alpha 2 q;
S23: selecting an integer from among integers between 1 and p as seventh data g based on the first prime number p 1 Wherein said g 1 The selection of (2) satisfies a first selection relationship;
the first selection relational expression is as follows:
and wherein mod represents a modulo operation;
s24: judging the g 1 Modulo the p 2 Whether or not the order of (a) is the fourth data alpha 1 p; if yes, go to S25; if not, return to S23 to redefine the new seventh data g 1
S25: selecting an integer from among integers between 1 and q as eighth data g based on the second prime number q 2 Wherein said g 2 The selection of (2) satisfies a second selection relationship;
the second selection relational expression is as follows:
s26: judging the g 2 Modulo the q 2 Whether or not the order of (a) is the sixth data alpha 2 q; if yes, go to S27; if not, return to S26 to redetermine new eighth data g 2
S27: based on the seventh data g 1 Said third data p 2 The eighth data g 2 The fifth data q 2 Establishing a first linear congruence equation set and applying Chinese remainder definitionSolving to obtain ninth data g;
the first set of linear congruence equations is:
S28: determining the first data n, the second data a and the ninth data g as public keys;
the public key comprises first data n, second data a and third data g; the ciphertext includes fourth data C 3 Fifth data C 4 The method comprises the steps of carrying out a first treatment on the surface of the The decryption unit is specifically configured to:
the fourth data C is based on the private key alpha, the first data n, the third data g and a first preset relation 3 Processing to obtain sixth data C k
The first preset relation is:
wherein mod represents a modulo operation;
based on the second data a, the sixth data C k The first data n and the second preset relation pair the fifth data C 4 Processing to obtain the plaintext E;
the second preset relation is: e=c 4 *(1+C k (n-a)n)mod n 2
7. A data processing apparatus, comprising:
a memory for storing a computer program;
a processor for performing the steps of the data encryption method according to claim 1 or 2.
CN202210429015.4A 2022-04-22 2022-04-22 Data encryption method and related components Active CN115001741B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210429015.4A CN115001741B (en) 2022-04-22 2022-04-22 Data encryption method and related components

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210429015.4A CN115001741B (en) 2022-04-22 2022-04-22 Data encryption method and related components

Publications (2)

Publication Number Publication Date
CN115001741A CN115001741A (en) 2022-09-02
CN115001741B true CN115001741B (en) 2024-02-23

Family

ID=83026077

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210429015.4A Active CN115001741B (en) 2022-04-22 2022-04-22 Data encryption method and related components

Country Status (1)

Country Link
CN (1) CN115001741B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147484A (en) * 2017-05-12 2017-09-08 南京邮电大学 A kind of full homomorphic cryptography method of floating number towards secret protection
CN114039727A (en) * 2021-12-09 2022-02-11 施耐德电气(中国)有限公司 Data transmission method and device, intelligent terminal and gateway equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020041684A1 (en) * 1999-01-29 2002-04-11 Mototsugu Nishioka Public-key encryption and key-sharing methods
US8861716B2 (en) * 2010-03-30 2014-10-14 International Business Machines Corporation Efficient homomorphic encryption scheme for bilinear forms
US9264221B2 (en) * 2014-01-31 2016-02-16 Google Inc. Systems and methods for faster public key encryption using the associated private key portion

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147484A (en) * 2017-05-12 2017-09-08 南京邮电大学 A kind of full homomorphic cryptography method of floating number towards secret protection
CN114039727A (en) * 2021-12-09 2022-02-11 施耐德电气(中国)有限公司 Data transmission method and device, intelligent terminal and gateway equipment

Also Published As

Publication number Publication date
CN115001741A (en) 2022-09-02

Similar Documents

Publication Publication Date Title
Liu et al. An efficient privacy-preserving outsourced calculation toolkit with multiple keys
EP2014000B1 (en) Method for elliptic curve public key cryptographic validation
US7516321B2 (en) Method, system and device for enabling delegation of authority and access control methods based on delegated authority
EP0997016B1 (en) Method and apparatus for fast elliptical encryption with direct embedding
Islam et al. A modified and secured RSA public key cryptosystem based on “n” prime numbers
JP4086503B2 (en) Cryptographic operation apparatus and method, and program
CN107154845B (en) BGN type ciphertext decryption outsourcing scheme based on attributes
KR101866935B1 (en) Systems and methods for faster public key encryption using the associated private key portion
Nagaraj et al. Data encryption and authetication using public key approach
CN111586142B (en) Safe multiparty computing method and system
CN111404952B (en) Transformer substation data encryption transmission method and device, computer equipment and storage medium
CN109327304A (en) The lightweight homomorphic cryptography method of secret protection is realized in a kind of cloud computing
CN115905710A (en) System, method and device for inquiring hiding trace, electronic equipment and storage medium
CN114257366A (en) Information homomorphic processing method, device, equipment and computer readable storage medium
CN114362912A (en) Identification password generation method based on distributed key center, electronic device and medium
Saeed et al. Improved cloud storage security of using three layers cryptography algorithms
Ruan et al. An efficient private set intersection protocol for the cloud computing environments
CN115001741B (en) Data encryption method and related components
CN109756335A (en) A kind of rank is the public key encryption decryption method of the finite field multiplier group of Mersenne Prime
Hidayat et al. Implementation of RSA and RSA-CRT algorithms for comparison of encryption and decryption time in android-based instant message applications
Jagadeesh et al. Hybrid AES-Modified ECC Algorithm for Improved Data Security over Cloud Storage
Wang et al. Adaptive RSA encryption algorithm for smart grid
Lizama-Perez Non-invertible key exchange protocol
Glet et al. Secret sharing scheme for creating multiple secure storage dimensions for mobile applications.
KR100326226B1 (en) Method of Generating Matix Group Public Key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant