CN105162590B - Parallel homomorphism data ciphering method in a kind of cloud computing environment - Google Patents
Parallel homomorphism data ciphering method in a kind of cloud computing environment Download PDFInfo
- Publication number
- CN105162590B CN105162590B CN201510339182.XA CN201510339182A CN105162590B CN 105162590 B CN105162590 B CN 105162590B CN 201510339182 A CN201510339182 A CN 201510339182A CN 105162590 B CN105162590 B CN 105162590B
- Authority
- CN
- China
- Prior art keywords
- data
- parallel
- cloud computing
- computing environment
- length
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses parallel homomorphism data ciphering method in a kind of cloud computing environment, comprise the following steps:Step 1, the bit length of clear data after parameter and encryption is required according to given security intensity, generates private key and public key;Step 2, clear data is divided into N blocks, is designated as m1,…,mN, each piece is independently encrypted computing, and last block such as length is inadequate, uses zero padding;Step 3, the public key that the clear data after step 2 piecemeal is generated in Map with step 1 is subjected to parallel encryption processing, the ciphertext data c after being encrypted1,…,cN;Step 4, ciphertext data c step 3 obtained1,…,cNSpliced in Reduce, obtain complete ciphertext c.The present invention, using homomorphic encryption algorithm and the MapReduce mechanism of cloud computing environment, realizes the high-speed parallel encryption to whole file by carrying out block encryption to clear data.
Description
Technical field
The present invention relates to parallel homomorphism data ciphering method in a kind of cloud computing environment, belong to field of information security technology.
Background technology
Big data security fields are the hot issues to receive much concern in recent years.On the one hand, data owner will be a large amount of
Data storage in cloud computing environment, for user access use.But there are many sensitive data needs in these mass data
Its confidentiality, such as positional information, personal identification privacy information etc. are ensured, how to be realized to data file in this kind of memory module
Information encryption, realize safely, effectively, simple data access control be cloud computing move towards practical application need solve ask
Topic.On the other hand, because file data quantity is big, it is necessary to build a kind of fast encryption scheme for big data, and in cloud meter
Calculate environment in it is necessary to solve how using cloud computing environment can parallel computation the characteristics of, realize the fast parallel of big data
Encryption.
Homomorphic cryptography is a kind of encryption method handled data, design cloud computing environment under can parallel computation it is same
State encryption method, both data encryption can be carried out using homomorphic cryptography, the Parallel Computing Performance of cloud computing environment can be utilized again,
The speed of data ciphering and deciphering is improved, the data-privacy protection in insincere cloud computing environment is realized, before having a wide range of applications
Scape.
The content of the invention
The technical problems to be solved by the invention are:Parallel homomorphism data ciphering method in a kind of cloud computing environment is provided,
A kind of parallel homomorphic cryptography side is realized by the concurrent technique and homomorphic cryptography technology that combine cloud computing environment MapReduce
Case, improve the encrypting and decrypting speed of big data quantity.
The present invention uses following technical scheme to solve above-mentioned technical problem:
Parallel homomorphism data ciphering method, comprises the following steps in a kind of cloud computing environment:
Step 1, parameter lambda and the bit number k to every block length after clear data piecemeal are required according to given security intensity,
Private key sk is generated, public key pk is generated according to the private key sk of generation;
Step 2, clear data m is divided into N blocks, is designated as m1,…,mN-1,mN, and the byte number per block length is k/8, mN
Length be equal to or less than m1,…,mN-1Length, work as mNLength be less than m1,…,mN-1Length when, mNFilled below with spot patch
Make mNLength be equal to m1,…,mN-1Length;
Step 3, by the clear data m after step 2 piecemeal1,…,mNThe public key pk generated in Map with step 1 is carried out simultaneously
Row encryption, the ciphertext data c after being encrypted1,…,cN;
Step 4, ciphertext data c step 3 obtained1,…,cNSpliced in Reduce, obtain complete ciphertext c.
Preferably, generation private key sk process is described in step 1:Calculate η=λ3+ k, the prime number p that bit is η is chosen, is obtained
To private key sk=p.
Preferably, generation public key pk process is described in step 1:Any positive integer τ is chosen, calculates γ=λ5And xi=2ri
+pqi, i=0,1,2 ..., τ -1, wherein, riFor the random integers of λ bit, qiFor the random prime numbers integer of γ bit, obtain
To set { xi, { x will be gatherediIn maximum integer be designated as xmax, and exchange x0And xmaxCorresponding numerical value, obtain public key pk=<
x0,x1…,xτ-1>。
Preferably, the process of the step 3 is:Several x are arbitrarily chosen from public key set pkiAdded up, obtained
Sum, in section (- 2λ,2λ) optional random integers r, according to encryption formula c in Mapj=(mj+2k*r+2*sum)mod x0
Carry out parallel encryption processing, the ciphertext data c after being encryptedj, j=1,2 ..., N.
Preferably, complete ciphertext c=c described in step 41+c2+…+cN。
The present invention compared with prior art, has following technique effect using above technical scheme:
Parallel homomorphism data ciphering method of the invention solves two problems to be solved in cloud computing actual application,
First, confidentiality requirements of the data owner to data file, by the block encryption to clear text file, upload and are stored in Yun Huan
In border, ensure that the sensitive information of data owner is protected;Second, big data high-speed calculation requirement is directed to, using block encryption
Parallel computing technique, the ciphering process of data file is set to be realized using the parallel computing in cloud computing environment to big
The high-speed parallel of data file encryption calculates, and finally meets the secure high-speed access of big data in cloud computing environment.
Brief description of the drawings
Fig. 1 is the flow chart of parallel homomorphism data ciphering method in cloud computing environment of the present invention.
Fig. 2 is the illustraton of model that parallel homomorphic cryptography is carried out in MapReduce.
Embodiment
Embodiments of the present invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning
Same or similar element is represented to same or similar label eventually or there is the element of same or like function.Below by ginseng
The embodiment for examining accompanying drawing description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
As shown in figure 1, comprise the following steps:
Step 1, key is obtained
A given security intensity requires parameter lambda, takes the bit number that k is the length of the plaintext per block encryption, calculates η=λ3+
K, γ=λ5.The prime number p of a η bit is chosen, calculates sk=p, the private key as decryption.
Adopt in the following method to produce public key pk.To given any positive integer τ, i=0,1,2 ... ..., τ -1, meter are taken
Calculate xi=2ri+pqi, wherein riFor the random integers of λ bit, qiFor the random prime numbers integer of γ bit, obtain one group it is whole
Number, it is designated as gathering { xi, maximum integer x is found in setmax, x0And xmaxPosition swaps, and obtains a new number
Group, and x0Maximum element, then pk=<x0,x1……xτ-1>。
Step 2, piecemeal is carried out to plaintext data file
Plaintext data file m is divided into N blocks, the byte number per block length is d, k=8*d, is designated as m1, m2, m3... ...,
mN.Each piece is independently encrypted computing, and last block such as length is inadequate, uses zero padding.
Step 3, data file is encrypted with public key cryptosyst
To improve speed during parallel encryption, a subset is randomly selected in (0,1,2 ..., τ -1) is gathered and closes S,Meter
CalculateSeveral x are arbitrarily chosen from public key set pkiAdded up, obtain sum value.
In section (- 2λ, 2λ) optional random integers r, Map nodes in each cloud platform in step 2 to being divided
Plaintext block carries out parallel processing, and encryption method is:
cj=(mj+2k*r+2*sum)mod x0Wherein j=1,2,3 ..., N
After Map nodal operations in all cloud computing platforms terminate, the ciphertext c after Map nodes output sectional encryptionj,
Input using the ciphertext blocks that Map nodes generate as cloud computing platform Reduce nodes, Reduce nodes are calculated, and are responsible for place
Manage different intermediate result data set, i.e., the ciphertext for forming parallel encryption during Reduce is spliced, and then
To complete ciphertext c, i.e. c=c1+c2+……+cN。
Step 4, encryption data is decrypted with public key cryptosyst
After ciphertext and private key p is obtained, according to modular arithmetic principle, ciphertext is decrypted.Decipherment algorithm is as follows:
Mj=(cj mod p)mod 2k
In fact, it can be obtained by encryption formula:
cj=(mj+2k*r+2*sum)mod x0
There is x for i ∈ (0,1,2 ... τ -1)0>xi, it is an arbitrary integer to take a, can be obtained:
Because xi=2k*ri+p*qi, can obtain:
BecauseMuch smaller than p, so with ciphertext cjModulus computing is carried out to p, can obtain Again because mjIt is the integer of k bits, so less than 2k, thus,
Carry out mould 2kAfter computing, plaintext m can be obtainedj, realize the decryption of ciphertext.
Technical scheme is described in further detail below according to specific embodiment:
Step 1, the selection of key
The generation of private key:Security parameter λ=3, a k=32 are chosen, calculates η=λ3+ k=59, γ=λ5=243, choose
The prime number p of one η positions bit, as private key sk, i.e. p=512459108289551201, sk=512459108289551201.
For public key pk, will produce in the following method.τ=5 are taken, choose the random integers group (r of 5 λ bits0,r1,
r2,r3,r4), the random prime numbers integer group (q of 5 γ bits0,q1,q2,q3,q4), it is specific as follows:
r0=3, r1=4, r2=6, r3=2, r4=4;
q0=11,194,750,613,945,766,175,575,610,766,554,872,888,781,682,217,441,303,472 150513148
694324551,
q1=84,920,316,853,395,725,743,137,287,635,241,123,630,425,040,240,650,186,776 609109125
98216507,
q2=88,029,674,516,028,093,125,166,426,155,378,688,487,423,271,365,317,271,752 759564359
65922551,
q3=99,836,790,689,446,555,429,411,863,521,861,246,530,124,768,082,488,312,415 218080059
65882303,
q4=12,978,910,388,448,875,789,014,003,690,257,777,731,368,261,010,041,111,094 407389204
279377839;
Calculate xi=2ri+pqi, wherein i=0,1,2,3,4.One group of integer is obtained, is designated as gathering { x0,x1,x2,x3,x4,
Specially:
x0=57,368,519,171,465,531,798,755,328,249,870,013,574,029,381,532,385,079,325 560273772
88816059038693776510737639,
x1=43,518,189,850,357,320,119,542,044,860,287,114,723,231,855,054,366,750,597 728089929
41696619064915393239744091,
x2=45,111,608,505,503,186,285,618,747,213,265,014,122,642,510,723,650,712,838 589288672
27446481340157003484837527,
x3=51,162,272,731,204,349,457,143,828,694,930,028,702,998,847,468,413,540,278 858940861
13495299247202118448230495,
x4=66,511,608,442,345,034,810,876,610,424,270,364,406,118,141,984,255,821,835 077912369
93923677542435821995103823。
In set { x0,x1,x2,x3,x4In find maximum integer xmax, x0And xmaxPosition is exchanged, obtains one newly
Array, and x0It is maximum element, then public key pk is:
Pk=<x0,x1,x2,x3,x4>=<66511608442345034810876610424270364406118141984
25582183507791236993923677542435821995103823,
435181898503573201195420448602871147232318550543667505977280899294169
6619064915393239744091,
451116085055031862856187472132650141226425107236507128385892886722744
6481340157003484837527,
511622727312043494571438286949300287029988474684135402788589408611349
5299247202118448230495,
57368519171465531798755328249870013574029381532385079325560273772888160590386
93776510737639>。
Step 2, to plaintext data file piecemeal
Source data file is subjected to piecemeal in MapReduce, it is in plain text m=(aaaabbbbcccc) to take, and takes N=3, i.e.,
Three pieces, respectively m will be divided into plain text1=(aaaa)=1633771873, m2=(bbbb)=1650614882 and m3=(cccc)
=1667457891, d=4, can is independent to each piece after piecemeal carries out Map calculating, to ensure the concurrency of ciphering process.
Step 3, data block is encrypted with public key cryptosyst
Calculate sum0=x0=6651160844234503481087661042427036440611814198425582183
507791236993923677542435821995103823,
Any selection 4 is added up from pk, obtains sum1=x1+x2+x1+x3, sum2=x2+x2+x2+x3, sum3=
x1+x2+x1+x2, sum4=x1+x3+x3+x3, it is specially:
sum1=18,331,026,093,742,217,598,184,666,562,876,927,227,210,506,830,079,775,431 2904409
39224335018717189908412556204,
sum2=18,649,709,824,771,390,831,400,007,033,472,507,107,092,637,963,936,567,879 4626806
87795834743267673128902743076,
sum3=17,725,959,671,172,101,281,032,158,414,710,425,769,174,873,155,603,492,687 2634757
20338286200810144793449163236,
sum4=19,700,500,804,397,036,849,097,353,094,507,720,083,222,839,745,960,737,143 4304912
51282182516806521748584435576。
With encryption formula to plaintext m1,m2,m3It is encrypted:
cj=(mj+2k*r+2*sum)mod x0, j=1,2,3
Wherein k is the bit length of clear data, k=32, r=7, obtains ciphertext:
c1=44,236,379,827,030,943,188,568,363,298,563,528,879,512,447,587,523,283,202 478932463
50438845725273181157498535, wherein sum=sum3;
c2=53,473,881,363,023,838,692,246,849,486,184,342,258,690,095,670,854,035,124 470982138
07987388182801516627921384, wherein sum=sum2;
c3=44,236,379,827,030,943,188,568,363,298,563,528,879,512,447,587,523,283,202 478932463
50438845725273181191184553, wherein sum=sum3。
Each piece of independent progress Map computing, i.e. cryptographic calculation, to ensure the concurrency of ciphering process, in all Map blocks
After operation terminates, the ciphertext after Map ends output sectional encryption, the ciphertext for forming parallel encryption in Reduce is spliced,
And then obtain complete ciphertext:
C=442363798270309431885683632985635288795124475875232832 024789324635
04388457252731811574985355347388136302383869224684948618434225869009567085403
51244709821380798738818280151662792138444236379827030943188568363298563528879
51244758752328320247893246350438845725273181191184553。
Step 4, encryption data is decrypted with public key cryptosyst
Input private key p=512459108289551201 and obtained ciphertext c, calculated in plain text with following decryption formula:
mj=(cj mod p)mod 2k, wherein j=1,2,3;
Plaintext block m can be calculated1=aaaa, m2=bbbb, m3=cccc, splice to obtain final plaintext m=
aaaabbbbcccc。
As shown in Fig. 2 carrying out piecemeal to clear data, each Map nodal parallels processing homomorphic cryptography is input to, then will
Ciphertext blocks after encryption are input to Reduce nodes and are attached processing, before Reduce node processings, it is necessary to when all
Map node processings it is complete, therefore synchronous barrier is added before Reduce nodes, Reduce nodes are completed to input after attended operation complete
Ciphertext.
The technological thought of above example only to illustrate the invention, it is impossible to protection scope of the present invention is limited with this, it is every
According to technological thought proposed by the present invention, any change done on the basis of technical scheme, the scope of the present invention is each fallen within
Within.
Claims (5)
- A kind of 1. parallel homomorphism data ciphering method in cloud computing environment, it is characterised in that:Comprise the following steps:Step 1, parameter lambda is required and to the bit number k after clear data piecemeal per block length, generation according to given security intensity Private key sk, public key pk is generated according to the private key sk of generation;Step 2, clear data m is divided into N blocks, is designated as m1,…,mN-1,mN, and the byte number per block length is k/8, mNLength Degree is equal to or less than m1,…,mN-1Length, work as mNLength be less than m1,…,mN-1Length when, mNBeing filled below with spot patch makes mN Length be equal to m1,…,mN-1Length;Step 3, by the clear data m after step 2 piecemeal1,…,mNDistribute in Map to be entered with the public key pk of step 1 generation in task The processing of row parallel encryption, the ciphertext data c after being encrypted1,…,cN;Step 4, ciphertext data c step 3 obtained1,…,cNSpliced in collection Reduce, obtained complete close Literary c.
- 2. parallel homomorphism data ciphering method in cloud computing environment as claimed in claim 1, it is characterised in that:It is raw described in step 1 Process into private key sk is:Calculate η=λ3+ k, the prime number p that bit is η is chosen, obtains private key sk=p.
- 3. parallel homomorphism data ciphering method in cloud computing environment as claimed in claim 1, it is characterised in that:It is raw described in step 1 Process into public key pk is:Any positive integer τ is chosen, calculates γ=λ5And xi=2ri+pqi, i=0,1,2 ..., τ -1, wherein, riFor the random integers of λ bit, qiFor the random prime numbers integer of γ bit, gathered { xi, { x will be gatherediIn it is maximum Integer be designated as xmax, and exchange x0And xmaxCorresponding numerical value, obtain public key pk=<x0,x1…,xτ-1>。
- 4. parallel homomorphism data ciphering method in cloud computing environment as claimed in claim 1, it is characterised in that:The step 3 Process is:Several x are arbitrarily chosen from public key set pkiAdded up, obtain sum, in section (- 2λ,2λ) optional one random Integer r, according to encryption formula c in Mapj=(mj+2k*r+2*sum)modx0Parallel encryption processing is carried out, after being encrypted Ciphertext data cj, j=1,2 ..., N.
- 5. parallel homomorphism data ciphering method in cloud computing environment as claimed in claim 1, it is characterised in that:It is complete described in step 4 Whole ciphertext c=c1+c2+…+cN。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510339182.XA CN105162590B (en) | 2015-06-18 | 2015-06-18 | Parallel homomorphism data ciphering method in a kind of cloud computing environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510339182.XA CN105162590B (en) | 2015-06-18 | 2015-06-18 | Parallel homomorphism data ciphering method in a kind of cloud computing environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105162590A CN105162590A (en) | 2015-12-16 |
CN105162590B true CN105162590B (en) | 2018-02-23 |
Family
ID=54803355
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510339182.XA Active CN105162590B (en) | 2015-06-18 | 2015-06-18 | Parallel homomorphism data ciphering method in a kind of cloud computing environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105162590B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017164882A1 (en) | 2016-03-24 | 2017-09-28 | Hewlett Packard Enterprise Development Lp | Text encryption |
CN107317666B (en) * | 2017-05-25 | 2020-04-10 | 深圳前海大道金融服务有限公司 | Parallel full homomorphic encryption and decryption method supporting floating point operation |
CN107124261B (en) * | 2017-06-06 | 2020-05-22 | 北京梆梆安全科技有限公司 | Method and device for protecting program code security based on homomorphic encryption algorithm |
US11251936B2 (en) | 2019-11-07 | 2022-02-15 | Cognizant Technology Solutions India Pvt. Ltd | System and method for performing homomorphic aggregation over encrypted data |
CN112566107A (en) * | 2020-11-24 | 2021-03-26 | 大连理工大学 | Automatic grouping and security authentication method for wireless network equipment |
CN114218322B (en) * | 2021-12-13 | 2022-08-26 | 深圳市电子商务安全证书管理有限公司 | Data display method, device, equipment and medium based on ciphertext transmission |
CN116070232B (en) * | 2022-11-18 | 2023-08-08 | 上海创蓝云智信息科技股份有限公司 | Data security export method, device and storage medium |
CN118101169B (en) * | 2024-04-25 | 2024-06-21 | 北京炼石网络技术有限公司 | Method and system for realizing encryption and decryption algorithm of reserved format of block cipher |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103607278A (en) * | 2013-11-08 | 2014-02-26 | 江苏科技大学 | Safe data cloud storage method |
CN103973439A (en) * | 2014-05-08 | 2014-08-06 | 华中科技大学 | Multivariable public key encryption method |
CN104079574A (en) * | 2014-07-02 | 2014-10-01 | 南京邮电大学 | User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment |
CN104077356A (en) * | 2014-05-31 | 2014-10-01 | 浙江工商大学 | Homomorphic encryption based cloud storage platform retrieval method |
-
2015
- 2015-06-18 CN CN201510339182.XA patent/CN105162590B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103607278A (en) * | 2013-11-08 | 2014-02-26 | 江苏科技大学 | Safe data cloud storage method |
CN103973439A (en) * | 2014-05-08 | 2014-08-06 | 华中科技大学 | Multivariable public key encryption method |
CN104077356A (en) * | 2014-05-31 | 2014-10-01 | 浙江工商大学 | Homomorphic encryption based cloud storage platform retrieval method |
CN104079574A (en) * | 2014-07-02 | 2014-10-01 | 南京邮电大学 | User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment |
Also Published As
Publication number | Publication date |
---|---|
CN105162590A (en) | 2015-12-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105162590B (en) | Parallel homomorphism data ciphering method in a kind of cloud computing environment | |
CN106850221B (en) | Information encryption and decryption method and device | |
CN102546181B (en) | Cloud storage encrypting and deciphering method based on secret key pool | |
CN107294697B (en) | Symmetrical full homomorphic cryptography method based on plaintext similar matrix | |
CN110348231A (en) | Realize the data homomorphism encryption and decryption method and device of secret protection | |
CN109660555A (en) | Content safety sharing method and system based on proxy re-encryption | |
CN107359979B (en) | Symmetrical full homomorphic cryptography method based on Representation theorem | |
CN109039611B (en) | Decruption key segmentation and decryption method, device, medium based on SM9 algorithm | |
CN108111295A (en) | A kind of homomorphic encryption algorithm based on similar modul | |
CN103916248A (en) | Fully homomorphic encryption public key space compression method | |
CN109327304A (en) | The lightweight homomorphic cryptography method of secret protection is realized in a kind of cloud computing | |
CN106598882A (en) | Secure memory data protection method and device | |
CN109450615A (en) | A kind of efficient OPC UA client and server data transfer encryption method | |
CN104396182A (en) | Method of encrypting data | |
KR20220052858A (en) | System and method for adding and comparing integers encrypted by quasi group operation in AES counter mode encryption | |
CN106936820A (en) | The elongated amending method of data and its application in big data encryption | |
Sekar et al. | Comparative study of encryption algorithm over big data in cloud systems | |
JP5689826B2 (en) | Secret calculation system, encryption apparatus, secret calculation apparatus and method, program | |
CN110213050A (en) | Key generation method, device and storage medium | |
CN107733634A (en) | A kind of lightweight chaos authentication encryption method based on displacement coupling | |
CN109698812A (en) | Information ciphering method and device, information decryption method and device and security system | |
CN107835070B (en) | Simple embedded encryption method | |
KR101133988B1 (en) | Method for encrypting and decrypting stream and cryptographic file systems thereof | |
KLEF | An efficient light weight cryptography algorithm scheme for WSN devices using chaotic map and GE | |
Rani et al. | Implementation and comparison of hybrid encryption model for secure network using AES and Elgamal. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |