CN107347096A - Location privacy protection method based on cloud server - Google Patents

Location privacy protection method based on cloud server Download PDF

Info

Publication number
CN107347096A
CN107347096A CN201710551578.XA CN201710551578A CN107347096A CN 107347096 A CN107347096 A CN 107347096A CN 201710551578 A CN201710551578 A CN 201710551578A CN 107347096 A CN107347096 A CN 107347096A
Authority
CN
China
Prior art keywords
data
service provider
cloud server
piecemeal
data service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710551578.XA
Other languages
Chinese (zh)
Other versions
CN107347096B (en
Inventor
石润华
邓云霞
李莉
张顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui University
Original Assignee
Anhui University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui University filed Critical Anhui University
Priority to CN201710551578.XA priority Critical patent/CN107347096B/en
Publication of CN107347096A publication Critical patent/CN107347096A/en
Application granted granted Critical
Publication of CN107347096B publication Critical patent/CN107347096B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3013Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the discrete logarithm problem, e.g. ElGamal or Diffie-Hellman systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a location privacy protection method based on a cloud server, which is characterized by comprising the following steps: the method comprises the following steps that a cloud server, a data service provider and a plurality of mobile users exist; a data service provider uniformly defines a data format, encrypts and stores data in blocks on a cloud server, and secretly stores a decryption key; the user obtains the encrypted block data from the cloud server according to the position of the user, then the data service provider transmits a decryption key to the user according to an accidental transmission protocol, and finally the user decrypts the encrypted block data to obtain plaintext block data; the position information of the user can not be revealed in the whole process, so that the position privacy is protected. The invention can effectively solve the problems of data privacy and position privacy protection in the position-based service, and simultaneously reduces the storage cost, the calculation cost and the communication cost of a data service provider, thereby reducing the system overhead while ensuring the user privacy.

Description

A kind of location privacy protection method based on Cloud Server
Technical field
It is specifically a kind of to be applied to mobile network the present invention relates to data encryption and location privacy protection technical field The method for secret protection of middle protection location of mobile users privacy and data confidentiality.
Background technology
In location-based data, services, user asks to service according to present position, and user wishes to obtain the same of service When, privacy-sensitive information, such as positional information can not be revealed.Location Based service (Location-based Services, abbreviation LBS) secret protection technology mainly have:Position anonymity technology, data encryption technology etc..
Position anonymity technology is concerned with the privacy information of user, such as positional information, is carried out with the real information of user Separate.Common position anonymity technology includes assumed name anonymity, position k anonymities, space anonymity etc..(1) assumed name anonymity refers to by one The position of individual assumed name user hides the actual position of real user, so the degree of accuracy of inquiry is by the position of assumed name user and true The distance of the position of real user determines;(2) position k is anonymous mainly makes some band of position have an at least k user, and by this The identity attribute of k user is anonymous so that can not be distinguished between them by identity.So even if obtain a certain The positional information of individual user, attacker also can not accurately find out this user from this k user.So secret protection Degree depends on k value size;(3) the anonymous mainly user in space is when sending request, not by oneself accurate position Information is sent to server, but sends a certain region of position to server, and according to actual conditions, this region can be with It is arbitrary shape.
Data encryption technology is that the sensitive data of user, such as positional information are protected using encryption data.Common data Encryption technology has symmetrical and asymmetric encryption, homomorphic cryptography, multi-party computations etc..(1) common symmetric encipherment algorithm has DES, AES, RC2 etc.;Common rivest, shamir, adelman has elliptic curve encryption algorithm, RSA Algorithm, Elgamal algorithms etc.; (2) for homomorphic cryptography mainly in the case of unknown plaintext, the operation to ciphertext is close by decrypting equivalent to the operation to plaintext Text is the plaintext result after being operated.Homomorphic cryptography is generally used for user and ciphertext data is sent into server, service Device operates to ciphertext data, so as to protect the data-privacy of user;(3) multi-party computations have been commonly applied to multiple participations In the computing environment or Distributed Calculation of side, it is characterized in two sides or in many ways with respective secret input, calculates one jointly Individual function, calculating terminate, and participant can be exported correctly, and can only obtain the output of oneself understanding.
On the one hand, also there is many deficiencies, such as communication overhead in the main flow secret protection technology based on location-based service Or computing cost is excessive, leakage part privacy is, it is necessary to believable KMC etc..In addition, the privacy in above-mentioned main flow is protected In shield technology, typically by all data storages on LBS service device, related data is then returned to according to positional information.Big Data age, the excessive storage of data service provider may be the bottlenecks of LBS development.On the other hand, current cloud service Prevalence has brought huge change to data storage, and substantial amounts of data can consign to cloud storage so as to reduce local storage generation Valency.User can download by directly accessing cloud and consult data.Certainly also revealed while convenient service along with data-privacy Risk, so typically will after data encryption storage on cloud.
The content of the invention
The present invention, with reference to data encryption, Oblivious Transfer and space anonymity thought, proposes that one kind is based on by Cloud Server The location privacy protection method of Cloud Server, it is hidden based on the data-privacy in location-based service and position to efficiently solve Private protection problem, while data service provider SP storage cost, calculation cost and communication cost are reduced, so as to ensure to use Overhead is reduced while the location privacy of family.
The present invention is that technical scheme is used by solving technical problem:
A kind of location privacy protection method based on Cloud Server of the present invention, be applied to several mobile subscribers, one In the distributed network environment that data service provider and a Cloud Server are formed, the distributed network environment is positioned at same In individual map area, remember any one mobile subscriber be U, data service provider SP, Cloud Server CS;It is characterized in, The location privacy protection method is to carry out in accordance with the following steps:
Step 1, data service provider SP generations and public address system parameter;
Region carries out piecemeal according to the map by all data related to position by step 2, the data service provider SP, And the block data in each region is encrypted using public key, then the block data after encryption is uploaded to the Cloud Server Stored in CS;Wherein, public, private key difference corresponding to the block data in different zones;
Step 3, any mobile subscriber U obtain the close of region block data according to itself current actual positions Text, and the private key using oblivious transfer protocol to data service provider SP request region block datas, so as to Ciphertext is decrypted, and obtains corresponding clear data;
Step 4, the data service provider SP regularly update the key of all block datas, and by the Cloud Server CS regularly updates the ciphertext of all block datas.
The characteristics of location privacy protection method of the present invention, lies also in, and the step 2 is to carry out as follows:
Step 2.1, the data service provider SP disclose a boundary rectangle according to the map area and established Coordinate system, and the map area is divided into s × t piecemeal in the coordinate system, wherein any one piecemeal is designated as Dij, 1≤i≤s, 1≤j≤t;
Step 2.2, the data service provider SP are by introducing some virtual datas, by all numbers related to position According to progress standardized format processing so that the data in each piecemeal are consistent from form and quantity;And by any piecemeal DijInterior data are designated as Mij
Step 2.3, the data service provider SP are any piecemeal DijGenerate public and private key (pkij,skij), and it is open public Key pkij, secret preservation private key skij
Step 2.4, the data service provider SP utilize any piecemeal DijPublic key pkijTo data MijCarry out EIGaml algorithm for encryption, form ciphertextAfter send Cloud Server CS storage to.
Step 3 is to carry out as follows:
The physical location of step 3.1, any mobile subscriber U in itself current place map area, obtains institute Belong to piecemeal Dab, wherein 1≤a≤s, 1≤b≤t;
Step 3.2, any mobile subscriber U obtain affiliated piecemeal D using oblivious transfer protocolabPrivate key skab
Step 3.3, any mobile subscriber U piecemeal D according to belonging to currentabDownloaded from the Cloud Server CS corresponding CiphertextAnd utilize private key skabIt is decrypted, so as to obtain clear data Mab
The step 4 is to carry out according to the following procedure:
Step 4.1, the data service provider SP generate a private key sk at randomij' it is used as any piecemeal DijNew private Key, and according to the new private key sk 'ijNew public key pk ' is calculatedij, and the secret preservation new private key sk 'ij, an open institute State new public key pk 'ij
Step 4.2, the data service provider SP are according to any piecemeal DijThe new private key sk 'ijWith it is described New public key pk 'ij, generate an assistance messages FijAnd it is sent to the Cloud Server CS;
Step 4.3, the Cloud Server CS are according to the assistance messages FijAnd the new public key pk 'ijTo corresponding sub-block DijCiphertextIt is updated, the ciphertext after being updatedAnd store.
Compared with the method for existing protective position privacy, beneficial effects of the present invention are embodied in:
1st, the mass data for being stored in data service provider originally is converted into close by the present invention by cloud storage service Text, Cloud Server is dumped to, be not only effectively protected data-privacy, and significantly reduce data service provider SP's Storage cost;
2nd, user obtains the decruption key of ciphertext data by oblivious transfer protocol in the present invention, so as to effectively protect The location privacy of user, and the encrypted result that data service provider only needs to return to decruption key is to user, nothing Real ciphertext data need to be returned to, so significantly reducing the communication cost between user and data service provider;
3rd, data service provider is updating piecemeal key and during ciphertext in the present invention, it is only necessary to updates each piecemeal Key, and the renewal operation of corresponding ciphertext is completed by Cloud Server, therefore, the present invention significantly reduces data service provider Calculation cost;
4th, data service provider moderately increases virtual data in each piecemeal in the present invention so that the number of all piecemeals It is completely the same with size according to form, reduce the risk of information leakage, so as to improve the security of system.
5th, the key generation in the present invention, distribution are managed independently by data service provider completely with renewal, it is not necessary to are borrowed Other KMCs or believable third party are helped, so as to reduce the cost of implementation of system, namely improves system Realizability.
Brief description of the drawings
Fig. 1 is the system model figure of the present invention;
Fig. 2 is the data block division figure of the present invention.
Embodiment
Technical solution of the present invention is described in detail in conjunction with the accompanying drawings and embodiments below, but the protection model of the present invention Enclose and be not limited to the embodiment.
As shown in figure 1, in the present embodiment, a kind of location privacy protection method based on Cloud Server is to be applied to several In the distributed network environment that mobile subscriber, a data service provider and a Cloud Server are formed, the network environment position In in same map area, its specific physical model is as shown in Figure 1:1. mobile subscriber U.Feature is taken according to position Business, it may move;2. data service provider SP.Whole system is initialized, and is data owner, can be provided for mobile subscriber Location-based diversified service, the mechanism half is credible.3. Cloud Server CS.Data service provider SP is by paying or handing over Pay etc. mode store data on CS, the data stored on Cloud Server CS are full disclosures, and the mechanism half is credible.It is mobile User U identity assumes that Cloud Server CS can correct identification data provider SP by metadata provider SP certifications.
Data service provider SP by data according to position block encryption, Encrypt and Decrypt corresponding to the piecemeal on diverse location Key is different, and then data service provider SP uploads the encryption data of all piecemeals and store into Cloud Server CS, mobile The encryption data of piecemeal where user U obtains according to the position of oneself from Cloud Server CS, and please to data service provider Seek corresponding decruption key.Specifically, location privacy protection method is to carry out as follows:
Step 1, data service provider SP generations and public address system parameter;
(1.1) a security parameter d is given, data service provider SP establishes finite field Fp, wherein Big prime p is according to such as Lower step generation:
A) Big prime p bit length d is determined;According to specific demand for security, security parameter l=1024 is such as set, then is existed In ElGamal cipher systems, d=1024;
B) one bit length of random generation is the odd number q that the last position of d bits is 1;
C) prime number examination method is used to judge that q whether for prime number, if then making p=q, otherwise re-executes step b.
(1.2) data service provider SP is in finite field FpOne multiplicative cyclic group G of upper selection, and cyclic group G rank is q;
(1.3) data service provider SP selection multiplicative cyclic groups G two q ranks generate member at random, labeled as g, h;
(1.4) data service provider SP public address systems parameter { l, Fp,G,q,g,h}。
Region carries out piecemeal, and profit according to the map by all data related to position by step 2, data service provider SP The block data in each region is encrypted with public key, then the block data after encryption is uploaded in Cloud Server CS and deposited Storage;Wherein, public, private key difference corresponding to the block data in different zones;
Step 2.1, data service provider SP disclose a coordinate system established according to the boundary rectangle of map area, And map area is divided into s × t piecemeal in coordinate system, wherein any one piecemeal is designated as Dij, 1≤i≤s, 1≤j≤ t;
(2.1.1) as shown in Fig. 2 data service provider SP according to region trim lines, by whole region it is regular be one Rectangle, and establish coordinate system;
(2.1.2) data service provider SP will be regular after rectangle according to certain regional rule to be divided into s × t big Small equal piecemeal, and each piecemeal is labeled as Dij, wherein 1≤i≤s, 1≤j≤t;
Here s × t size is relevant with service precision and calculating and communication cost, and s × t is bigger, and user, which inquires about, to be returned Data will be fewer, service precision reduce, and calculate and communication cost will be higher;Conversely, s × t is smaller, user inquires about what is returned Data will be more, and service precision improves, and calculating and communication cost will be smaller.
Step 2.2, data service provider SP are entered all data related to position by introducing some virtual datas Row format standardization so that the data in each piecemeal are consistent from form and quantity;And by any piecemeal DijIt is interior Data be designated as Mij
(2.2.1) data service provider SP unifies the size of each block data, and specific implementation can be:Take piecemeal Maximum data item and data length in data are standard, are that other sparse piecemeals add virtual data point so that any two Piecemeal can not put differentiation from data format and the enterprising line position of data volume.
(2.2.2) data service provider SP is by piecemeal DijData total abstract be labeled as Mij, wherein 1≤i≤s, 1 ≤j≤t;
Step 2.3, data service provider SP are any piecemeal DijGenerate public and private key (pkij,skij), and open public key pkij, secret preservation private key skij
(2.3.1) data service provider SP is that each piecemeal chooses random numberAnd calculateIts In 1≤i≤s, 1≤j≤t.Then pkijFor piecemeal DijPublic key, skij=xijFor piecemeal DijPrivate key.
(2.3.2) data service provider SP discloses all piecemeal public key pkij, because discrete mathematics difficult problem is false If even if user knows public key pkij, can not also obtain private key skij;Secret preserves the private key sk of all piecemealsij, and establish hidden Private database, store all piecemeal private keys.
Step 2.4, data service provider SP utilize any piecemeal DijPublic key pkijTo data MijCarry out EIGaml calculations Method is encrypted, and forms ciphertextAfter send to Cloud Server CS storage.
(2.4.1) data service provider SP utilizes piecemeal public key pkijTo block data MijIt is encrypted.Actually should The M duringijLength it is general all longer, it is apparent in order to state, it is assumed here that MijAn only clear packets.Specifically Encrypting embodiment can be:SP is randomly selectedAnd calculate
Form ciphertextWherein 1≤i≤s, 1≤j≤t.
(2.4.2) data service provider SP is by all block encryption dataSend Cloud Server CS to.
Step 3, any mobile subscriber U obtain the ciphertext of region block data according to itself current actual positions, and The private key of region block data is asked to data service provider SP using oblivious transfer protocol, so as to decrypt ciphertext, And obtain corresponding clear data;
The physical location of step 3.1, any mobile subscriber U in itself current place map area, obtains affiliated point Block Dab, wherein 1≤a≤s, 1≤b≤t;
Step 3.2, any mobile subscriber U obtain affiliated piecemeal D using oblivious transfer protocolabPrivate key skab
(3.2.1) any mobile subscriber U is according to itself affiliated area Dab, v=b+ (a-1) × t is calculated, and choose random numberCalculate z=grhv, z is sent to data service provider SP.
After (3.2.2) data service provider SP receives z, random number is chosen for each piecemealAnd calculateWherein 1≤i≤s, 1≤j≤t.Will be allIt is sent to mobile use Family U.
(3.2.3) mobile subscriber U receives allAfterwards, can calculateWhere obtaining The decruption key sk of positionab
Step 3.3, any mobile subscriber U piecemeal D according to belonging to currentabCorresponding ciphertext is downloaded from Cloud Server CSAnd utilize private key skabIt is decrypted, so as to obtain clear data Mab
Mobile subscriber U utilizes decruption key skabIt is decrypted as follows:
So as to obtain clear data Mab
Step 4, data service provider SP regularly update the key of all block datas, and regular more by Cloud Server CS The ciphertext of new all block datas.
Step 4.1, data service provider SP generate a private key sk ' at randomijAs any piecemeal DijNew private key, And according to new private key sk 'ijNew public key pk ' is calculatedij, and the secret new private key sk ' of preservationij, only new public key pk ' is disclosedij
Step 4.2, data service provider SP are according to any piecemeal DijNew private key sk 'ijWith new public key pk 'ij, generation One assistance messages FijAnd it is sent to Cloud Server CS;
(4.2.1) data service provider SP is according to new private key sk 'ijAnd the secret former private key sk preservedij, calculate Δ xij=sk 'ij-skij(modq) (i.e. sk 'ij=skij+Δxij(modq)),pk′ij=pkij·Δ pkij
(4.2.2) data service provider SP is calculatedWhereinObtain, then aid in from Cloud Server CS Message Fij=(C 'ij,Δpkij), and by FijIt is sent to Cloud Server CS;
Step 4.3, Cloud Server CS are according to assistance messages FijAnd new public key pk 'ijTo corresponding sub-block DijCiphertextIt is updated, the ciphertext after being updatedAnd store.
(4.3.1) Cloud Server CS receives assistance messages (C 'ij,Δpkij) after, choose random numberCalculate renewal Ciphertext afterwardsSpecific implementation can be in the following way:
The ciphertext of storage is updated to by (4.3.2) Cloud Server CSBecause discrete logarithm is difficult Property assume problem, user U there is no renewal after private key sk 'ijIn the case of, even if it possesses former private key skij, and Obtain the ciphertext after renewalAlso it can not decrypt and obtain clear data Mij;Similarly, because Cloud Server can not obtain Private key sk after original/renewal of any piecemealij/sk′ij, the ciphertext after original/renewal of any piecemeal can not be also decrypted certainlySo as to know real data.
Further, in step (4.3.2), the correctness reasoning that ciphertext updates is respectively as shown in formula (6) and formula (7):
Further, the key in the location privacy protection method based on Cloud Server and ciphertext security are based on discrete Mathematical difficulties assume problem (Discrete Logarithm Problem, DLP):Given element ga∈ G, solve

Claims (4)

1. a kind of location privacy protection method based on Cloud Server, it is applied to several mobile subscribers, a data, services In the distributed network environment that provider and a Cloud Server are formed, the distributed network environment is located at same map area In domain, remember any one mobile subscriber be U, data service provider SP, Cloud Server CS;It is characterized in that the position Method for secret protection is to carry out in accordance with the following steps:
Step 1, data service provider SP generations and public address system parameter;
Region carries out piecemeal, and profit according to the map by all data related to position by step 2, the data service provider SP The block data in each region is encrypted with public key, then the block data after encryption is uploaded in the Cloud Server CS Storage;Wherein, public, private key difference corresponding to the block data in different zones;
Step 3, any mobile subscriber U obtain the ciphertext of region block data according to itself current actual positions, and The private key of region block data is asked to the data service provider SP using oblivious transfer protocol, it is close so as to decrypt Text, and obtain corresponding clear data;
Step 4, the data service provider SP regularly update the key of all block datas, and are determined by the Cloud Server CS Phase updates the ciphertext of all block datas.
2. according to the location privacy protection method described in claim 1, it is characterised in that the step 2 is as follows Carry out:
Step 2.1, the data service provider SP disclose a seat established according to the boundary rectangle of the map area Mark system, and the map area is divided into s × t piecemeal in the coordinate system, wherein any one piecemeal is designated as Dij, 1 ≤ i≤s, 1≤j≤t;
Step 2.2, the data service provider SP are entered all data related to position by introducing some virtual datas Row format standardization so that the data in each piecemeal are consistent from form and quantity;And by any piecemeal DijIt is interior Data be designated as Mij
Step 2.3, the data service provider SP are any piecemeal DijGenerate public and private key (pkij,skij), and open public key pkij, secret preservation private key skij
Step 2.4, the data service provider SP utilize any piecemeal DijPublic key pkijTo data MijCarry out EIGaml calculations Method is encrypted, and forms ciphertextAfter send Cloud Server CS storage to.
3. according to the location privacy protection method described in claims 1, it is characterised in that step 3 is to enter as follows OK:
The physical location of step 3.1, any mobile subscriber U in itself current place map area, obtains affiliated point Block Dab, wherein 1≤a≤s, 1≤b≤t;
Step 3.2, any mobile subscriber U obtain affiliated piecemeal D using oblivious transfer protocolabPrivate key skab
Step 3.3, any mobile subscriber U piecemeal D according to belonging to currentabDownloaded from the Cloud Server CS corresponding close TextAnd utilize private key skabIt is decrypted, so as to obtain clear data Mab
4. location privacy protection method according to claim 1, it is characterised in that the step 4 is to enter according to the following procedure OK:
Step 4.1, the data service provider SP generate a private key sk at randomij' it is used as any piecemeal DijNew private key, and According to the new private key sk 'ijNew public key pk ' is calculatedij, and the secret preservation new private key sk 'ij, only the new public affairs are disclosed Key pk 'ij
Step 4.2, the data service provider SP are according to any piecemeal DijThe new private key sk 'ijWith the new public affairs Key pk 'ij, generate an assistance messages FijAnd it is sent to the Cloud Server CS;
Step 4.3, the Cloud Server CS are according to the assistance messages FijAnd the new public key pk 'ijTo corresponding sub-block Dij's CiphertextIt is updated, the ciphertext after being updatedAnd store.
CN201710551578.XA 2017-07-07 2017-07-07 Location privacy protection method based on cloud server Expired - Fee Related CN107347096B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710551578.XA CN107347096B (en) 2017-07-07 2017-07-07 Location privacy protection method based on cloud server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710551578.XA CN107347096B (en) 2017-07-07 2017-07-07 Location privacy protection method based on cloud server

Publications (2)

Publication Number Publication Date
CN107347096A true CN107347096A (en) 2017-11-14
CN107347096B CN107347096B (en) 2019-09-27

Family

ID=60256919

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710551578.XA Expired - Fee Related CN107347096B (en) 2017-07-07 2017-07-07 Location privacy protection method based on cloud server

Country Status (1)

Country Link
CN (1) CN107347096B (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107749865A (en) * 2017-12-07 2018-03-02 安徽大学 Location privacy query method based on homomorphic encryption
CN107886010A (en) * 2017-12-21 2018-04-06 中国电力科学研究院有限公司 The data managing method of privacy of user is protected under big data environment
CN110650119A (en) * 2019-08-20 2020-01-03 阿里巴巴集团控股有限公司 Data transmission method and device and electronic equipment
CN111526155A (en) * 2020-04-30 2020-08-11 桂林电子科技大学 System for protecting user privacy in social network and optimal path matching method
CN111723394A (en) * 2020-04-22 2020-09-29 北京大学 Privacy protection distributed computing method and system for dynamically loading code base
WO2020211485A1 (en) * 2019-04-19 2020-10-22 创新先进技术有限公司 Data processing method and apparatus, and electronic device
CN112055021A (en) * 2020-09-08 2020-12-08 苏州同济区块链研究院有限公司 Imperial transmission method and device based on elliptic curve
CN112135278A (en) * 2020-10-09 2020-12-25 成都淞幸科技有限责任公司 D2D communication privacy protection method facing 5G
CN112307149A (en) * 2020-10-30 2021-02-02 陕西师范大学 Spatial data range query method with access mode protection
CN112367305A (en) * 2020-10-22 2021-02-12 香港中文大学(深圳) Privacy block chain-based vehicle networking protection method and mobile terminal
US10936605B2 (en) 2019-04-19 2021-03-02 Advanced New Technologies Co., Ltd. Providing oblivious data transfer between computing devices
CN112468445A (en) * 2020-10-29 2021-03-09 广西电网有限责任公司 AMI lightweight data privacy protection method for power Internet of things
CN112887973A (en) * 2021-01-19 2021-06-01 河南科技大学 Social networking location privacy protection method based on double k-anonymity
CN112910631A (en) * 2021-02-08 2021-06-04 上海海洋大学 Efficient privacy set intersection calculation method and system based on assistance of cloud server
CN113468553A (en) * 2021-06-02 2021-10-01 湖北工业大学 Privacy protection analysis system and method for industrial big data
CN113742779A (en) * 2021-09-18 2021-12-03 湖北工业大学 Service customization system and method with privacy protection function
CN114143055A (en) * 2021-11-24 2022-03-04 国网江苏省电力有限公司营销服务中心 Data distribution method and credible tracing method based on block chain

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101026869A (en) * 2006-02-24 2007-08-29 中兴通讯股份有限公司 Privacy control method for position service
CN103957109A (en) * 2014-05-22 2014-07-30 武汉大学 Cloud data privacy protection security re-encryption method
CN104703138A (en) * 2015-03-19 2015-06-10 福建师范大学 Method and system for protecting location privacy
CN104994068A (en) * 2015-05-22 2015-10-21 武汉大学 Multimedia content protection and safe distribution method in cloud environment
CN105812354A (en) * 2016-03-07 2016-07-27 江苏大学 LBS-based anti-attack location privacy protection method for IoV
CN104079574B (en) * 2014-07-02 2017-04-12 南京邮电大学 User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101026869A (en) * 2006-02-24 2007-08-29 中兴通讯股份有限公司 Privacy control method for position service
CN103957109A (en) * 2014-05-22 2014-07-30 武汉大学 Cloud data privacy protection security re-encryption method
CN104079574B (en) * 2014-07-02 2017-04-12 南京邮电大学 User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment
CN104703138A (en) * 2015-03-19 2015-06-10 福建师范大学 Method and system for protecting location privacy
CN104994068A (en) * 2015-05-22 2015-10-21 武汉大学 Multimedia content protection and safe distribution method in cloud environment
CN105812354A (en) * 2016-03-07 2016-07-27 江苏大学 LBS-based anti-attack location privacy protection method for IoV

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王家礼: "面向云环境的高效匿名认证系统的设计与实现", 《电脑知识与技术》 *
裴媛媛: "面向位置服务的用户隐私保护", 《计算机工程》 *

Cited By (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107749865B (en) * 2017-12-07 2019-11-15 安徽大学 Location privacy query method based on homomorphic encryption
CN107749865A (en) * 2017-12-07 2018-03-02 安徽大学 Location privacy query method based on homomorphic encryption
CN107886010A (en) * 2017-12-21 2018-04-06 中国电力科学研究院有限公司 The data managing method of privacy of user is protected under big data environment
WO2020211485A1 (en) * 2019-04-19 2020-10-22 创新先进技术有限公司 Data processing method and apparatus, and electronic device
US11194824B2 (en) 2019-04-19 2021-12-07 Advanced New Technologies Co., Ltd. Providing oblivious data transfer between computing devices
US10936605B2 (en) 2019-04-19 2021-03-02 Advanced New Technologies Co., Ltd. Providing oblivious data transfer between computing devices
CN110650119A (en) * 2019-08-20 2020-01-03 阿里巴巴集团控股有限公司 Data transmission method and device and electronic equipment
CN110650119B (en) * 2019-08-20 2022-01-21 创新先进技术有限公司 Data transmission method and device and electronic equipment
CN111723394B (en) * 2020-04-22 2022-10-11 北京大学 Privacy protection distributed computing method and system for dynamically loading code base
CN111723394A (en) * 2020-04-22 2020-09-29 北京大学 Privacy protection distributed computing method and system for dynamically loading code base
CN111526155B (en) * 2020-04-30 2022-09-09 桂林电子科技大学 System for protecting user privacy in social network and optimal path matching method
CN111526155A (en) * 2020-04-30 2020-08-11 桂林电子科技大学 System for protecting user privacy in social network and optimal path matching method
CN112055021A (en) * 2020-09-08 2020-12-08 苏州同济区块链研究院有限公司 Imperial transmission method and device based on elliptic curve
CN112055021B (en) * 2020-09-08 2021-07-23 苏州同济区块链研究院有限公司 Imperial transmission method and device based on elliptic curve
CN112135278A (en) * 2020-10-09 2020-12-25 成都淞幸科技有限责任公司 D2D communication privacy protection method facing 5G
WO2022082893A1 (en) * 2020-10-22 2022-04-28 香港中文大学(深圳) Privacy blockchain-based internet of vehicles protection method, and mobile terminal
CN112367305A (en) * 2020-10-22 2021-02-12 香港中文大学(深圳) Privacy block chain-based vehicle networking protection method and mobile terminal
CN112367305B (en) * 2020-10-22 2022-05-20 香港中文大学(深圳) Internet of vehicles protection method based on privacy block chain and mobile terminal
CN112468445A (en) * 2020-10-29 2021-03-09 广西电网有限责任公司 AMI lightweight data privacy protection method for power Internet of things
CN112307149B (en) * 2020-10-30 2022-11-25 陕西师范大学 Spatial data range query method with access mode protection
CN112307149A (en) * 2020-10-30 2021-02-02 陕西师范大学 Spatial data range query method with access mode protection
CN112887973B (en) * 2021-01-19 2022-07-26 河南科技大学 Social networking location privacy protection method based on double k-anonymity
CN112887973A (en) * 2021-01-19 2021-06-01 河南科技大学 Social networking location privacy protection method based on double k-anonymity
CN112910631A (en) * 2021-02-08 2021-06-04 上海海洋大学 Efficient privacy set intersection calculation method and system based on assistance of cloud server
CN112910631B (en) * 2021-02-08 2022-11-22 上海海洋大学 Efficient privacy set intersection calculation method and system based on cloud server assistance
CN113468553B (en) * 2021-06-02 2022-07-19 湖北工业大学 Privacy protection analysis system and method for industrial big data
CN113468553A (en) * 2021-06-02 2021-10-01 湖北工业大学 Privacy protection analysis system and method for industrial big data
CN113742779A (en) * 2021-09-18 2021-12-03 湖北工业大学 Service customization system and method with privacy protection function
CN113742779B (en) * 2021-09-18 2024-03-22 湖北工业大学 Service customization system and method with privacy protection function
CN114143055A (en) * 2021-11-24 2022-03-04 国网江苏省电力有限公司营销服务中心 Data distribution method and credible tracing method based on block chain
CN114143055B (en) * 2021-11-24 2023-12-01 国网江苏省电力有限公司营销服务中心 Block chain-based data distribution method and trusted traceability method

Also Published As

Publication number Publication date
CN107347096B (en) 2019-09-27

Similar Documents

Publication Publication Date Title
CN107347096B (en) Location privacy protection method based on cloud server
Hao et al. Fine-grained data access control with attribute-hiding policy for cloud-based IoT
Li et al. Full verifiability for outsourced decryption in attribute based encryption
CN107749865B (en) Location privacy query method based on homomorphic encryption
Liu et al. Efficient and privacy-preserving outsourced calculation of rational numbers
US8964982B2 (en) Cryptographic system, cryptographic communication method, encryption apparatus, key generation apparatus, decryption apparatus, content server, program, and storage medium
Guo et al. TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain
CN103023637B (en) Encryption and search method for revocable keyword search public keys in cloud storage
JP6363032B2 (en) Key change direction control system and key change direction control method
CN102396012B (en) Secret distribution system, distribution device, distribution management device, acquisition device, processing methods for said devices, secret distribution method
JP5979141B2 (en) Encrypted statistical processing system, apparatus, method and program
CN105812349B (en) A kind of unsymmetrical key distribution of identity-based information and message encryption method
CN106612271A (en) Encryption and access control method for cloud storage
Murugesan et al. Analysis on homomorphic technique for data security in fog computing
Rana et al. Efficient and secure attribute based access control architecture for smart healthcare
Baseri et al. Privacy preserving fine-grained location-based access control for mobile cloud
CN107086912A (en) Ciphertext conversion method, decryption method and system in a kind of heterogeneous storage system
Yan et al. Traceable and weighted attribute-based encryption scheme in the cloud environment
Belguith et al. CUPS: secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update
Yu et al. Decentralized, revocable and verifiable attribute-based encryption in hybrid cloud system
CN113824713B (en) Key generation method, system and storage medium
WO2022136282A1 (en) Method, first server, second server and system for secure key transmission
Li et al. A Dynamic Location Privacy Protection Scheme Based on Cloud Storage.
Hwang et al. An SKP‐ABE Scheme for Secure and Efficient Data Sharing in Cloud Environments
Schipor On the anonymization of Cocks IBE scheme

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190927