CN104967693A - Document similarity calculation method facing cloud storage based on fully homomorphic password technology - Google Patents
Document similarity calculation method facing cloud storage based on fully homomorphic password technology Download PDFInfo
- Publication number
- CN104967693A CN104967693A CN201510416852.3A CN201510416852A CN104967693A CN 104967693 A CN104967693 A CN 104967693A CN 201510416852 A CN201510416852 A CN 201510416852A CN 104967693 A CN104967693 A CN 104967693A
- Authority
- CN
- China
- Prior art keywords
- data
- ciphertext
- key
- signature file
- service provider
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Abstract
The invention discloses a document similarity calculation method facing cloud storage based on a fully homomorphic password technology. The method comprises the following steps that a data owner uploads a document ID, an encrypted document cryptograph and a cryptograph of a document Hash value to a cloud server; a public key certificate is issued to a cloud service provider and a data user; the data user encrypts a simhash value of a document with a similarity to be calculated and uploads to the cloud service provider; the cloud service provider carries out fully homomorphic addition operation of a document simhash cryptograph value to be calculated and a data owner document simhash cryptograph value and returns an operation result to the data owner; the data owner acquires Hamming distances between the documents and returns a document ID with a top distance sorting to the cloud service provider. By using the method, the calculation is performed under a cryptograph state. During a calculation process, any information related to the document is not revealed to the cloud service provider and other attackers so that a data secret of the data owner and a query data secret of the data user are protected.
Description
Technical field
The invention belongs to computer related software field, more specifically, relate to the Documents Similarity computational methods based on full homomorphism cryptographic technique that a kind of facing cloud stores.
Background technology
Along with the development of cloud computing correlation technique, each major company is proposed free cloud dish (also referred to as net dish) stores service one after another, as Baidu's cloud dish, Tengxun's thin cloud, Kingsoft fast disk etc., because its capacity is large and can be accessed at any time by network at any time, and have more large more users.But, its safety problem, especially customer documentation data privacy protection problem, and the promise of service provider could not be obtained.The common methods of head it off is encrypted document by user, and the cipher-text information after encryption is uploaded to cloud service provider.After the enciphered data being uploaded to cloud service provider takes on a certain scale, realizing the Similarity Measure of object data under ciphertext state becomes and will become a kind of new technical need.The similarity that all can relate between object or between object and object set is recommended to judge to calculate information retrieval, document duplicate removal, classification, cluster and user.
For different application scenarioss, be limited to the restriction of data scale, space-time expense etc., the selection of similarity calculating method is distinguished to some extent.At present, the main flow similarity calculation adopted under plaintext space is the model based on Hash.In large-scale the Internet processing demands, the technology based on hash algorithm has certain superiority: it in the acceptable situation of in order to be effective loss, can save memory space, and fast operation.But, if directly the hash value of data object is uploaded to cloud service provider, hash value exists by the risk of malicious exploitation, and namely assailant's (comprising cloud service provider and hacker etc.) easily infers by the mode of Brute Force the semanteme clear data.
Summary of the invention
For above defect or the Improvement requirement of prior art, the invention provides the Documents Similarity computational methods based on full homomorphism cryptographic technique and the system of the storage of a kind of facing cloud, its object is to, realize the Documents Similarity of cloud server terminal under ciphertext state to calculate, and solve the technical problem that assailant that the existing similarity calculation based on Hash exists easily spies upon user data, poor stability.
For achieving the above object, according to one aspect of the present invention, provide the Documents Similarity computational methods based on full homomorphism cryptographic technique that a kind of facing cloud stores, comprise the following steps:
(1) data owner's stochastic generation RSA PKI R_Pub_Key and RSA private key R_Pri_Key, and FHE PKI F_Pub_Key and FHE private key F_Pri_Key;
(2) data owner carries out rsa encryption to its data, with generating ciphertext C_M, simhash computing is carried out to these data, to obtain digital signature file, full homomorphic cryptography is carried out to this digital signature file, and this digital signature file C_H after ciphertext C_M and encryption is uploaded to cloud service provider, wherein cloud service provider set up have data owner ciphertext, calculate ciphertext, corresponding relation between ciphertext ID;
(3) data consumer sends the request of data Similarity Measure to data owner, and data owner judges whether this data consumer is validated user, and if yes then enter step (4), else process terminates;
(4) RSA PKI R_Pub_Key and FHE PKI F_Pub_Key is sent to data consumer in certificate mode by data owner;
(5) data that data consumer has himself carry out simhash computing, to obtain digital signature file H_P, use FHE PKI F_Pub_Key to carry out full homomorphic cryptography to this digital signature file H_P, and will be uploaded to cloud service provider;
(6) cloud service provider uses FHE ciphertext addition algorithm to carry out Similarity Measure to this digital signature file after the encryption obtained in this digital signature file C_P after encryption and step (2), to obtain the signature file after encrypting, and two tuples comprising this signature file and corresponding ciphertext ID thereof are sent to data owner;
(7) data owner utilizes FHE private key F_Pri_Key to be decrypted this signature file, obtain the Hamming distances of the signature file S after deciphering, Hamming distances is come front n corresponding ciphertext ID and is sent to cloud service provider, wherein n be less than or equal to 3 positive integer;
(8) cloud service provider searches corresponding ciphertext according to this ciphertext ID, and this ciphertext is returned to data consumer;
(9) data consumer uses RSA PKI R_Pub_Key to decipher this ciphertext, and process terminates.
Preferably, ciphertext ID comprises uplink time and the ciphertext size of ciphertext.
Preferably, in step (7), the digital signature file be made up of " 0 ", " 1 " and " 2 " three characters obtained after deciphering, the acquisition of Hamming distances be exactly in the signature file S after statistics deciphering character be the number of " 1 ".
Preferably, the data storage procedure of step (2) is:
(2-1) simhash calculating is carried out to the data M of data owner, to generate corresponding digital signature file H_M;
(2-2) adopt PKI F_Pub_Key to carry out full homomorphic cryptography computing to digital signature file H_M, obtain ciphertext C_H;
(2-3) adopt private key R_Pri_Key to carry out rsa encryption to data M, obtain ciphertext C-_M;
(2-4) by document id, ciphertext C_H, ciphertext C_M upload to cloud service provider, be responsible for storing and set up the relation one to one between three by cloud service provider.
According to another aspect of the present invention, provide the Documents Similarity computing system based on full homomorphism cryptographic technique that a kind of facing cloud stores, be be applied in comprise data consumer, data owner and cloud service provider facing cloud storage system in, described Documents Similarity computing system comprises with lower module:
First module, it is arranged in data owner, for stochastic generation RSA PKI R_Pub_Key and RSA private key R_Pri_Key, and FHE PKI F_Pub_Key and FHE private key F_Pri_Key;
Second module, it is arranged in data owner, for carrying out rsa encryption to its data, with generating ciphertext C_M, simhash computing is carried out to these data, to obtain digital signature file, full homomorphic cryptography is carried out to this digital signature file, and this digital signature file C_H after ciphertext C_M and encryption is uploaded to cloud service provider, wherein cloud service provider set up have data owner ciphertext, calculate ciphertext, corresponding relation between ciphertext ID;
3rd module, it is arranged in data consumer, and for sending the request of data Similarity Measure to data owner, and data owner judges whether this data consumer is validated user, and if yes then enter four module, else process terminates;
Four module, it is arranged in data owner, for RSA PKI R_Pub_Key and FHE PKI F_Pub_Key is sent to data consumer in certificate mode;
5th module, it is arranged in data consumer, carries out simhash computing, to obtain digital signature file H_P for the data had himself, use FHE PKI F_Pub_Key to carry out full homomorphic cryptography to this digital signature file H_P, and will cloud service provider be uploaded to;
6th module, it is arranged in cloud service provider, for using FHE ciphertext addition algorithm, Similarity Measure is carried out to this digital signature file after the encryption obtained in this digital signature file C_P after encryption and the second module, to obtain the signature file after encrypting, and two tuples comprising this signature file and corresponding ciphertext ID thereof are sent to data owner;
7th module, it is arranged in data owner, for utilizing FHE private key F_Pri_Key, this signature file is decrypted, obtain the Hamming distances (i.e. data similarity) of signature file S after deciphering, Hamming distances is come front n (n be less than or equal to 3 positive integer) the ciphertext ID of correspondence is sent to cloud service provider;
8th module, it is arranged in cloud service provider, for searching corresponding ciphertext according to this ciphertext ID, and this ciphertext is returned to data consumer.
9th module, it is arranged in data consumer, and for using RSA PKI R_Pub_Key to decipher this ciphertext, process terminates.
In general, the above technical scheme conceived by the present invention compared with prior art, can obtain following beneficial effect:
(1) fail safe is good: under have employed the authentication (HASH signature) of step (3) user and step (6) ciphertext state, use full homomorphism addition algorithm to carry out Similarity Measure to it, therefore can prevent external attack, ensure its fail safe.
(2) privacy is good: make basic ciphertext not participate in similarity computing owing to have employed step (2) rsa encryption, FHE encryption and simhash signature, what participate in similarity computing is the digital signature ciphertext of its correspondence, therefore ensures the privacy of data.
(3) the present invention is with low cost, method is easy: prior art is when completing the Documents Similarity calculating based on simhash value; carry out under plaintext state; assailant can carry out brute force attack and tentative data content information to simhash value; and the simhash value of document is carried out full homomorphic cryptography by data owner in the inventive method; cloud service provider carries out add operation to the ciphertext of simhash value; it can not learn simhash value content itself, thus the privacy of protection user data.
Accompanying drawing explanation
Fig. 1 is the flow chart of the Documents Similarity computational methods based on full homomorphism cryptographic technique that facing cloud of the present invention stores.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.In addition, if below in described each execution mode of the present invention involved technical characteristic do not form conflict each other and just can mutually combine.
Basic ideas of the present invention are, the similarity calculating method based on full homomorphism cryptographic technique that facing cloud provided by the invention stores is in data object Similarity Measure process, the any information relevant to document can not be revealed with other assailants to cloud service provider, the similarity of data object calculates under ciphertext state, protects the data secret of data owner and the data query secret of data consumer; Data owner grasps the use right of data, comprises the information content itself and the calculating right to relevant information.Only have data owner to authorize down, cloud service provider could complete the calculating of expection to encrypt data, data consumer just can learn data content.
For cloud storage environment, method proposes the Documents Similarity computational methods under a kind of ciphertext state, full homomorphic cryptography is carried out to the simhash value of document, in cloud server terminal, full homomorphism add operation is carried out to simhash value ciphertext, and then the Documents Similarity completed based on Hamming distances calculates; Conventional, asymmetrical PKI RSA cryptographic algorithms is adopted to be encrypted to the content of customer documentation itself.
As shown in Figure 1, the facing cloud storage system that this method is applied comprises data owner DO (DataOwner), cloud service provider CS (Cloud Server), data consumer DU (Data Users) three roles.Specifically:
Data owner DO: the service provided comprises Choice encryption algorithm, produces the basic parameters such as key; Digital signature after document after encryption and encryption is sent to CS; To needing the user DU of visit data to verify, and provide key to respectively CS and DU.
Cloud service provider CS: the service provided comprises the encrypt data storing DO and upload, and establishes the corresponding relation between encrypted document, ciphertext digital signature.
Data consumer DU: the service provided comprises the request of ciphertext Similarity Measure; The ciphertext that deciphering CS returns.
As shown in Figure 1, the Documents Similarity computational methods based on full homomorphism cryptographic technique that facing cloud of the present invention stores comprise the following steps:
(1) data owner's stochastic generation asymmetric public key encryption (RSA) PKI R_Pub_Key and RSA private key R_Pri_Key, and full homomorphism (FHE) PKI F_Pub_Key and FHE private key F_Pri_Key;
(2) data owner carries out rsa encryption to its data, with generating ciphertext C_M, simhash computing is carried out to these data, to obtain digital signature file, full homomorphic cryptography is carried out to this digital signature file, and this digital signature file (its be the calculate ciphertext) C_H after ciphertext C_M and encryption is uploaded to cloud service provider, wherein cloud service provider set up have data owner ciphertext, calculate corresponding relation between ciphertext, ciphertext ID; Specifically, ciphertext ID comprises the information such as uplink time, ciphertext size of ciphertext;
(3) data consumer sends the request of data Similarity Measure to data owner, and data owner judges whether this data consumer is validated user, and if yes then enter step (4), else process terminates; Specifically, by authentication (HASH signature), data owner judges whether this user is validated user.
(4) RSA PKI R_Pub_Key and FHE PKI F_Pub_Key is sent to data consumer in certificate mode by data owner;
(5) data that data consumer has himself carry out simhash computing, to obtain digital signature file H_P, use FHE PKI F_Pub_Key to carry out full homomorphic cryptography to this digital signature file H_P, and will be uploaded to cloud service provider;
(6) cloud service provider uses FHE ciphertext addition algorithm to carry out Similarity Measure to this digital signature file after the encryption obtained in this digital signature file C_P after encryption and step (2), to obtain the signature file after encrypting, (it calculates ciphertext, and the length under plaintext state is 64), and two tuples comprising this signature file and corresponding ciphertext ID thereof are sent to data owner;
(7) data owner utilizes FHE private key F_Pri_Key to be decrypted this signature file, obtain the Hamming distances (i.e. data similarity) of signature file S after deciphering, Hamming distances is come front n (n be less than or equal to 3 positive integer) the ciphertext ID of correspondence is sent to cloud service provider;
Specifically, the digital signature file be made up of " 0 ", " 1 " and " 2 " three characters obtained after deciphering, the acquisition of Hamming distances be exactly in the signature file S after statistics deciphering character be that the number of " 1 " is (in this method, Hamming distances D between two documents is by how many decisions of contained " 1 " in digital signature value S), then carry out ascending sort to obtained Hamming distances D, document id value Hamming distances value being come front n issues cloud service provider;
(8) cloud service provider searches corresponding ciphertext according to this ciphertext ID, and this ciphertext is returned to data consumer;
(9) data consumer uses RSA PKI R_Pub_Key to decipher this ciphertext, and process terminates.
The data storage procedure of above-mentioned steps (2) is:
A, simhash calculating is carried out to the data M of data owner, to generate corresponding digital signature file H_M;
B, the PKI F_Pub_Key adopting step 1 to generate carry out full homomorphic cryptography computing to H_M, obtain ciphertext C_H;
C, the private key R_Pri_Key adopting step 1 to generate carry out rsa encryption to M, obtain ciphertext C_M;
D, data owner are by document id value, and C_H, C_M upload to cloud service provider, be responsible for storing and set up the relation one to one between three by cloud service provider.
The Documents Similarity computing system based on full homomorphism cryptographic technique that facing cloud of the present invention stores be applied in comprise data consumer, data owner and cloud service provider facing cloud storage system in, and comprise with lower module:
First module, it is arranged in data owner, for stochastic generation asymmetric public key encryption (RSA) PKI R_Pub_Key and RSA private key R_Pri_Key, and full homomorphism (FHE) PKI F_Pub_Key and FHE private key F_Pri_Key;
Second module, it is arranged in data owner, for carrying out rsa encryption to its data, with generating ciphertext C_M, simhash computing is carried out to these data, to obtain digital signature file, full homomorphic cryptography is carried out to this digital signature file, and this digital signature file (its be the calculate ciphertext) C_H after ciphertext C_M and encryption is uploaded to cloud service provider, wherein cloud service provider set up have data owner ciphertext, calculate corresponding relation between ciphertext, ciphertext ID; Specifically, ciphertext ID comprises the information such as uplink time, ciphertext size of ciphertext;
3rd module, it is arranged in data consumer, and for sending the request of data Similarity Measure to data owner, and data owner judges whether this data consumer is validated user, and if yes then enter four module, else process terminates; Specifically, by authentication (HASH signature), data owner judges whether this user is validated user;
Four module, it is arranged in data owner, for RSA PKI R_Pub_Key and FHE PKI F_Pub_Key is sent to data consumer in certificate mode;
5th module, it is arranged in data consumer, carries out simhash computing, to obtain digital signature file H_P for the data had himself, use FHE PKI F_Pub_Key to carry out full homomorphic cryptography to this digital signature file H_P, and will cloud service provider be uploaded to;
6th module, it is arranged in cloud service provider, for using FHE ciphertext addition algorithm, Similarity Measure is carried out to this digital signature file after the encryption obtained in this digital signature file C_P after encryption and the second module, to obtain the signature file after encrypting, (it calculates ciphertext, and the length under plaintext state is 64), and two tuples comprising this signature file and corresponding ciphertext ID thereof are sent to data owner;
7th module, it is arranged in data owner, for utilizing FHE private key F_Pri_Key, this signature file is decrypted, obtain the Hamming distances (i.e. data similarity) of signature file S after deciphering, Hamming distances is come front n (n be less than or equal to 3 positive integer) the ciphertext ID of correspondence is sent to cloud service provider;
Specifically, the digital signature file be made up of " 0 ", " 1 " and " 2 " three characters obtained after deciphering, the acquisition of Hamming distances be exactly in the signature file S after statistics deciphering character be that the number of " 1 " is (in this method, Hamming distances D between two documents is by how many decisions of contained " 1 " in digital signature value S), then carry out ascending sort to obtained Hamming distances D, document id value Hamming distances value being come front n issues cloud service provider;
8th module, it is arranged in cloud service provider, for searching corresponding ciphertext according to this ciphertext ID, and this ciphertext is returned to data consumer;
9th module, it is arranged in data consumer, and for using RSA PKI R_Pub_Key to decipher this ciphertext, process terminates.
Generally speaking, the present invention has following advantage:
(1) fail safe of the present invention is good: under have employed the authentication (HASH signature) of step (3) user and step (6) ciphertext state, use full homomorphism addition algorithm to carry out Similarity Measure to it, therefore can prevent external attack, ensure its fail safe.
(2) privacy of the present invention is good: make basic ciphertext not participate in similarity computing owing to have employed step (2) rsa encryption, FHE encryption and simhash signature, what participate in similarity computing is the digital signature ciphertext of its correspondence, therefore ensures the privacy of data.
(3) the present invention is with low cost, method is easy: prior art is when completing the Documents Similarity calculating based on simhash value; carry out under plaintext state; assailant can carry out brute force attack and tentative data content information to simhash value; and the simhash value of document is carried out full homomorphic cryptography by data owner in the inventive method; cloud service provider carries out add operation to the ciphertext of simhash value; it can not learn simhash value content itself, thus the privacy of protection user data.
Those skilled in the art will readily understand; the foregoing is only preferred embodiment of the present invention; not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.
Claims (5)
1. the Documents Similarity computational methods based on full homomorphism cryptographic technique of facing cloud storage, is characterized in that, comprise the following steps:
(1) data owner's stochastic generation RSA PKI R_Pub_Key and RSA private key R_Pri_Key, and FHE PKI F_Pub_Key and FHE private key F_Pri_Key;
(2) data owner carries out rsa encryption to its data, with generating ciphertext C_M, simhash computing is carried out to these data, to obtain digital signature file, full homomorphic cryptography is carried out to this digital signature file, and this digital signature file C_H after ciphertext C_M and encryption is uploaded to cloud service provider, wherein cloud service provider set up have data owner ciphertext, calculate ciphertext, corresponding relation between ciphertext ID;
(3) data consumer sends the request of data Similarity Measure to data owner, and data owner judges whether this data consumer is validated user, and if yes then enter step (4), else process terminates;
(4) RSA PKI R_Pub_Key and FHE PKI F_Pub_Key is sent to data consumer in certificate mode by data owner;
(5) data that data consumer has himself carry out simhash computing, to obtain digital signature file H_P, use FHE PKI F_Pub_Key to carry out full homomorphic cryptography to this digital signature file H_P, and will be uploaded to cloud service provider;
(6) cloud service provider uses FHE ciphertext addition algorithm to carry out Similarity Measure to this digital signature file after the encryption obtained in this digital signature file C_P after encryption and step (2), to obtain the signature file after encrypting, and two tuples comprising this signature file and corresponding ciphertext ID thereof are sent to data owner;
(7) data owner utilizes FHE private key F_Pri_Key to be decrypted this signature file, obtain the Hamming distances of the signature file S after deciphering, Hamming distances is come front n corresponding ciphertext ID and is sent to cloud service provider, wherein n be less than or equal to 3 positive integer;
(8) cloud service provider searches corresponding ciphertext according to this ciphertext ID, and this ciphertext is returned to data consumer;
(9) data consumer uses RSA PKI R_Pub_Key to decipher this ciphertext, and process terminates.
2. Documents Similarity computational methods according to claim 1, is characterized in that, ciphertext ID comprises uplink time and the ciphertext size of ciphertext.
3. Documents Similarity computational methods according to claim 1, it is characterized in that, in step (7), the digital signature file be made up of " 0 ", " 1 " and " 2 " three characters obtained after deciphering, the acquisition of Hamming distances be exactly in the signature file S after statistics deciphering character be the number of " 1 ".
4. Documents Similarity computational methods according to claim 1, is characterized in that, the data storage procedure of step (2) is:
(2-1) simhash calculating is carried out to the data M of data owner, to generate corresponding digital signature file H_M;
(2-2) adopt PKI F_Pub_Key to carry out full homomorphic cryptography computing to digital signature file H_M, obtain ciphertext C_H;
(2-3) adopt private key R_Pri_Key to carry out rsa encryption to data M, obtain ciphertext C-_M;
(2-4) by document id, ciphertext C_H, ciphertext C_M upload to cloud service provider, be responsible for storing and set up the relation one to one between three by cloud service provider.
5. the Documents Similarity computing system based on full homomorphism cryptographic technique of a facing cloud storage, be be applied in comprise data consumer, data owner and cloud service provider facing cloud storage system in, it is characterized in that, described Documents Similarity computing system comprises with lower module:
First module, it is arranged in data owner, for stochastic generation RSA PKI R_Pub_Key and RSA private key R_Pri_Key, and FHE PKI F_Pub_Key and FHE private key F_Pri_Key;
Second module, it is arranged in data owner, for carrying out rsa encryption to its data, with generating ciphertext C_M, simhash computing is carried out to these data, to obtain digital signature file, full homomorphic cryptography is carried out to this digital signature file, and this digital signature file C_H after ciphertext C_M and encryption is uploaded to cloud service provider, wherein cloud service provider set up have data owner ciphertext, calculate ciphertext, corresponding relation between ciphertext ID;
3rd module, it is arranged in data consumer, and for sending the request of data Similarity Measure to data owner, and data owner judges whether this data consumer is validated user, and if yes then enter four module, else process terminates;
Four module, it is arranged in data owner, for RSA PKI R_Pub_Key and FHE PKI F_Pub_Key is sent to data consumer in certificate mode;
5th module, it is arranged in data consumer, carries out simhash computing, to obtain digital signature file H_P for the data had himself, use FHE PKI F_Pub_Key to carry out full homomorphic cryptography to this digital signature file H_P, and will cloud service provider be uploaded to;
6th module, it is arranged in cloud service provider, for using FHE ciphertext addition algorithm, Similarity Measure is carried out to this digital signature file after the encryption obtained in this digital signature file C_P after encryption and the second module, to obtain the signature file after encrypting, and two tuples comprising this signature file and corresponding ciphertext ID thereof are sent to data owner;
7th module, it is arranged in data owner, for utilizing FHE private key F_Pri_Key, this signature file is decrypted, obtain the Hamming distances (i.e. data similarity) of signature file S after deciphering, Hamming distances is come front n (n be less than or equal to 3 positive integer) the ciphertext ID of correspondence is sent to cloud service provider;
8th module, it is arranged in cloud service provider, for searching corresponding ciphertext according to this ciphertext ID, and this ciphertext is returned to data consumer.
9th module, it is arranged in data consumer, and for using RSA PKI R_Pub_Key to decipher this ciphertext, process terminates.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510416852.3A CN104967693B (en) | 2015-07-15 | 2015-07-15 | Towards the Documents Similarity computational methods based on full homomorphism cryptographic technique of cloud storage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510416852.3A CN104967693B (en) | 2015-07-15 | 2015-07-15 | Towards the Documents Similarity computational methods based on full homomorphism cryptographic technique of cloud storage |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104967693A true CN104967693A (en) | 2015-10-07 |
| CN104967693B CN104967693B (en) | 2018-05-18 |
Family
ID=54221630
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510416852.3A Active CN104967693B (en) | 2015-07-15 | 2015-07-15 | Towards the Documents Similarity computational methods based on full homomorphism cryptographic technique of cloud storage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104967693B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106407447A (en) * | 2016-09-30 | 2017-02-15 | 福州大学 | Simhash-based fuzzy sequencing searching method for encrypted cloud data |
| CN107086902A (en) * | 2017-03-22 | 2017-08-22 | 北京理工大学 | It is a kind of that tripartite's examination & verification and the cloud storage system of file duplicate removal are supported based on dynamic threshold password |
| CN107181584A (en) * | 2016-03-09 | 2017-09-19 | 郑珂威 | Asymmetric complete homomorphic cryptography and its replacement of keys and ciphertext complete a business transaction method |
| CN107196918A (en) * | 2017-04-27 | 2017-09-22 | 北京小米移动软件有限公司 | A kind of method and apparatus of matched data |
| CN108140334A (en) * | 2015-10-09 | 2018-06-08 | 三菱电机株式会社 | Confidential search system, managing device, concealment search method and concealment search program |
| CN110011954A (en) * | 2018-11-27 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Biometric discrimination method, device, terminal and service server based on homomorphic cryptography |
| CN110309674A (en) * | 2019-07-04 | 2019-10-08 | 浙江理工大学 | A kind of sort method based on full homomorphic cryptography |
| CN113449321A (en) * | 2021-07-01 | 2021-09-28 | 北京明朝万达科技股份有限公司 | Ciphertext retrieval method, device and system |
| TWI762776B (en) * | 2018-06-29 | 2022-05-01 | 開曼群島商創新先進技術有限公司 | Input acquisition method and device for secure multi-party computation agreement |
| CN117235381A (en) * | 2023-10-10 | 2023-12-15 | 南京邮电大学 | Friend recommendation method based on homomorphic encryption space-time parity calculation |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100146299A1 (en) * | 2008-10-29 | 2010-06-10 | Ashwin Swaminathan | System and method for confidentiality-preserving rank-ordered search |
| CN102831198A (en) * | 2012-08-07 | 2012-12-19 | 人民搜索网络股份公司 | Similar document identifying device and similar document identifying method based on document signature technology |
-
2015
- 2015-07-15 CN CN201510416852.3A patent/CN104967693B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100146299A1 (en) * | 2008-10-29 | 2010-06-10 | Ashwin Swaminathan | System and method for confidentiality-preserving rank-ordered search |
| CN102831198A (en) * | 2012-08-07 | 2012-12-19 | 人民搜索网络股份公司 | Similar document identifying device and similar document identifying method based on document signature technology |
Non-Patent Citations (5)
| Title |
|---|
| 《计算机工程与科学》 * |
| 宫孟孟: "面向云存储的同态加解密及密文检索算法的研究", 《计算机光盘软件与应用》》 * |
| 张广庆等: "基于Simhash的海量相似文档快速搜索优化方法", 《指挥信息系统与技术》 * |
| 程帅等: "基于同态加密的密文全文检索技术的研究", 《计算机科学》 * |
| 魏占祯等: "RSA乘法同态的数据库密文检索实现", 《哈尔滨工程大学学报》 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108140334B (en) * | 2015-10-09 | 2021-03-23 | 三菱电机株式会社 | Confidential search system, management device, confidential search method, and recording medium |
| CN108140334A (en) * | 2015-10-09 | 2018-06-08 | 三菱电机株式会社 | Confidential search system, managing device, concealment search method and concealment search program |
| CN107181584B (en) * | 2016-03-09 | 2020-02-07 | 郑珂威 | Asymmetric completely homomorphic encryption and key replacement and ciphertext delivery method thereof |
| CN107181584A (en) * | 2016-03-09 | 2017-09-19 | 郑珂威 | Asymmetric complete homomorphic cryptography and its replacement of keys and ciphertext complete a business transaction method |
| CN106407447A (en) * | 2016-09-30 | 2017-02-15 | 福州大学 | Simhash-based fuzzy sequencing searching method for encrypted cloud data |
| CN107086902A (en) * | 2017-03-22 | 2017-08-22 | 北京理工大学 | It is a kind of that tripartite's examination & verification and the cloud storage system of file duplicate removal are supported based on dynamic threshold password |
| CN107196918B (en) * | 2017-04-27 | 2020-10-30 | 北京小米移动软件有限公司 | Data matching method and device |
| CN107196918A (en) * | 2017-04-27 | 2017-09-22 | 北京小米移动软件有限公司 | A kind of method and apparatus of matched data |
| TWI762776B (en) * | 2018-06-29 | 2022-05-01 | 開曼群島商創新先進技術有限公司 | Input acquisition method and device for secure multi-party computation agreement |
| US11388149B2 (en) | 2018-06-29 | 2022-07-12 | Advanced New Technologies Co., Ltd. | Method and apparatus for obtaining input of secure multiparty computation protocol |
| CN110011954A (en) * | 2018-11-27 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Biometric discrimination method, device, terminal and service server based on homomorphic cryptography |
| CN110011954B (en) * | 2018-11-27 | 2021-09-14 | 创新先进技术有限公司 | Homomorphic encryption-based biological identification method, device, terminal and business server |
| CN110309674A (en) * | 2019-07-04 | 2019-10-08 | 浙江理工大学 | A kind of sort method based on full homomorphic cryptography |
| CN110309674B (en) * | 2019-07-04 | 2021-10-01 | 浙江理工大学 | Ordering method based on fully homomorphic encryption |
| CN113449321A (en) * | 2021-07-01 | 2021-09-28 | 北京明朝万达科技股份有限公司 | Ciphertext retrieval method, device and system |
| CN113449321B (en) * | 2021-07-01 | 2024-04-05 | 北京明朝万达科技股份有限公司 | Ciphertext retrieval method, device and system |
| CN117235381A (en) * | 2023-10-10 | 2023-12-15 | 南京邮电大学 | Friend recommendation method based on homomorphic encryption space-time parity calculation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104967693B (en) | 2018-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11381398B2 (en) | Method for re-keying an encrypted data file | |
| CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
| JP6180177B2 (en) | Encrypted data inquiry method and system capable of protecting privacy | |
| CN109614818B (en) | Authorized identity-based keyword search encryption method | |
| CN107145791B (en) | K-means clustering method and system with privacy protection function | |
| CN105610793B (en) | A kind of outsourcing data encryption storage and cryptogram search system and its application process | |
| EP2830282A1 (en) | Storage method, system and device | |
| CN104158827B (en) | Ciphertext data sharing method, device, inquiry server and upload data client | |
| CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
| CN105320896A (en) | Cloud storage encryption and ciphertext retrieval methods and systems | |
| CN103095733A (en) | Keyword cipher text retrieval method for cloud storage | |
| CN112543187A (en) | Industrial Internet of things safety data sharing method based on edge block chain | |
| CN107359998A (en) | A kind of foundation of portable intelligent password management system and operating method | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN108347404A (en) | A kind of identity identifying method and device | |
| CN108400970A (en) | Set of metadata of similar data message locking encryption De-weight method, cloud storage system in cloud environment | |
| CN107204997A (en) | The method and apparatus for managing cloud storage data | |
| CN109951279A (en) | A kind of anonymous data storage method based on block chain and edge device | |
| CN103607278A (en) | Safe data cloud storage method | |
| CN103731423A (en) | Safe method for repeated data deleting | |
| CN110175169A (en) | A kind of encryption data De-weight method, system and relevant apparatus | |
| Liu et al. | EMK-ABSE: Efficient multikeyword attribute-based searchable encryption scheme through cloud-edge coordination | |
| WO2021098152A1 (en) | Blockchain-based data processing method, device, and computer apparatus | |
| CN114528331A (en) | Data query method, device, medium and equipment based on block chain | |
| WO2014030706A1 (en) | Encrypted database system, client device and server, method and program for adding encrypted data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20221114 Address after: 430056 Leke Workshop Incubator, Building 1, Lianchuang Technology Center, No. 55, Haitang Road, Wuhan Economic and Technological Development Zone, Wuhan, Hubei Province (Ji-LKGC-401-3) Patentee after: Wuhan Shengjinyuan Electronic Technology Co.,Ltd. Address before: 430074 National Road 708, Hongshan District, Wuhan, Hubei Patentee before: SOUTH CENTRAL University FOR NATIONALITIES |