CN109117676A - It is a kind of that search method is compared based on the data base ciphertext for letting out sequence algorithm - Google Patents
It is a kind of that search method is compared based on the data base ciphertext for letting out sequence algorithm Download PDFInfo
- Publication number
- CN109117676A CN109117676A CN201811237729.5A CN201811237729A CN109117676A CN 109117676 A CN109117676 A CN 109117676A CN 201811237729 A CN201811237729 A CN 201811237729A CN 109117676 A CN109117676 A CN 109117676A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- database
- data
- algorithm
- sql sentence
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The present invention, which discloses, a kind of compares search method based on the data base ciphertext for letting out sequence algorithm.The data base ciphertext compares search method and mainly adds a database broker among database client and database server; sql sentence is rewritten in database broker completion; it is encrypted including sequence algorithm is let out in the sensitive data use in sql sentence; sensitive data rating unit is realized using database user custom function; sequence decipherment algorithm is let out to search result use, operation is decrypted, to complete to compare search operaqtion in database server side ciphertext.It is higher with safety that this data base ciphertext compares searching algorithm, and enciphering rate is fast, and the feature that expansion rate is lower.
Description
Technical field
The invention belongs to field of information security technology, and in particular to one kind is based on letting out sequence algorithm (Order-
RevealingEncryption, ORE) data base ciphertext compare search method.
Background technique
With the high speed development of cloud computing technology, many enterprises and personal user store data into cloud server,
In recent years since the illegal invasion of hacker and the improper operation of cloud server administrator cause a lot of a large number of users data
Event is revealed with private data.In order to guarantee data security, enterprises and individuals user will use Encryption Algorithm and add to data
It is close, data are stored in cloud server with ciphertext form, in this way, can search for encryption technology (searchable
Encryption, SE) just come into being.
An application scenarios of the invention: user is searched in the database using the sql sentence comprising WHERE comparison condition
Qualified record.Since data are ciphertext storages, plaintext searching method is ineffective.Sequence calculation is let out in present invention use
Method, the User-Defined Functions of database (User-Defined Function, UDF), SQL statement are rewritten technology and are solved well
It has determined the problem.
Employed herein lets out a kind of sequence Encryption Algorithm essentially symmetric encipherment algorithm, with order-preserving Encryption Algorithm
(Order-Preserving Encryption, OPE) is similar, and order-preserving Encryption Algorithm is that a kind of support ciphertext data compare size
Encryption Algorithm, after this algorithm for encryption plaintext, directly can obtain size relation by ciphertext data, that is, to any plaintext p1>
p2, the ciphertext obtained after encryption meets c1>c2.Using this algorithm, ciphertext data can be carried out Data Matching, range query with
And the operation such as sequence, but this algorithm has revealed size between clear data, by can restore more than half after Inference Attack
Clear data.
Relative to order-preserving Encryption Algorithm, sequence Encryption Algorithm is let out with higher safety, such algorithm requires encrypted
Ciphertext data do not keep the size relation of former clear data, to carry out size comparison by special comparison function, that is, to any
Clear data p1>p2, the ciphertext data c that is obtained after encryption1、c2, meet comparison function Compare (c1,c2)>0。
It lets out sequence Encryption Algorithm and carries out operation using the bit bit of clear data, leakage is only first in clear data
A different bit, since it is that step-by-step carries out operation, enciphering rate is very fast, and ciphertext expansion rate is smaller.
Summary of the invention
It is an object of the invention to propose that a kind of data base ciphertext based on algorithm of divulging a secret compares search method, sequence algorithm is let out
Have the characteristics that safety is higher, speed is fast, expansion rate is low.
The technical solution adopted by the present invention to solve the technical problems is:
One kind, which is divulged a secret, encrypts ORE method, method the following steps are included:
Step 1: p is expressed as bit shape if p has n-bit position by input encryption key key and clear data p to be encrypted
Formula are as follows: p=m0m1…mnIf each bit of clear data is extended to out_blk_len in ciphertext, plaintext p is close after encrypting
Text is ctxt;
Step 2: calculating block_mask=2^out_blk_len-1;
Step 3: initialize array prf_input_buf, if i represents i-th of bit of p;
Step 4: the byte sequence that calculating plaintext i-th bit bit is located at clear data is denoted as byteind;
Step 5: the i-th bit mask for calculating clear data is denoted as mask and the byte offsets of plaintext p are denoted as offset;
Step 6: calculating ciphertext blocks ctxt_block=F (key, prf_input_buf), wherein F is encryption function;
Step 7: if mask > 0 of i-th bit, then ctxt_block=ctxt_block+1;
Step 8:ctxt_block does and operates with block_mask;
Step 9:ctxt_block moves to left (n-i-1) * out_blk_len;
Step 10:ctxt and ctxt_block do xor operation;
Step 11: updating prf_input_buf;
Step 12: repeating step 4 to step 11, completed until each bit of plaintext p traverses;
Step 13: exporting encrypted ciphertext ctxt.
A kind of decryption method based on encryption of divulging a secret, method the following steps are included:
Step 1: input ciphertext data are denoted as ctxt, and encryption key is denoted as key, and the number of bits of clear data is denoted as
Nbits, each plaintext bit extends in ciphertext is denoted as out_blk_len.
Step 2: initialization clear data is expressed as p=m by the form of bit0m1…mi…mn-1, wherein p is indicated bright
Text, the number of bits of n expression p, i expression following table, i ∈ [0, n-1).
Step 3: the mask of ciphertext data after the encryption of clear data i-th bit is calculated, if mask are as follows: block_mask=(2
^out_blk_len-1) < < (n-i-1) * out_blk_len.
Step 4: ciphertext data ctxt and block_mask do logical AND operation, then move to right (n-1-i) * out_blk_
Len, the value being calculated is denoted as Ci。
Step 5: utilizing encryption function F and encryption key key, calculate encrypted value and be denoted as F (key, m0...mi-1)。
Step 6: comparing CiWith F (key, m0...mi-1) value it is whether equal, if not equal mi=1, otherwise mi=0.
Step 7: so circulation until i=n-1, solves all bits of clear data, is obtained using operations such as displacements
Clear data.
A kind of ciphertext comparative approach based on algorithm of divulging a secret, method the following steps are included:
Step 1: input needs the ciphertext data of the two ORE algorithm for encryption compared to be denoted as ctxt1, ctxt2.
Step 2: checking whether the parameter of two ciphertext data ctxt1 and ctxt2 match, if mismatched, directly exit.
Step 3: the parameter according to ciphertext data, which calculates clear data, n-bit position, and each bit expands in ciphertext
Exhibition out_blk_len counts i=0.
Step 4: judging i < n, if ineligible, the corresponding plaintext numerical value of ciphertext for returning to output ctxt1 is equal to
The corresponding plaintext numerical value of the ciphertext of ctxt2 executes step 5 if eligible.
Step 5: the mask of ciphertext data after the encryption of clear data i-th bit is calculated, if mask is are as follows: block_mask=
(2^out_blk_len-1) < < (n-i-1) * out_blk_len.
Step 6: ciphertext data ctxt1 and block_mask do logical AND operation, then move to right (n-1-i) * out_blk_
Len, the value being calculated is denoted as T1.Ciphertext data ctxt2 and block_mask do logical AND operation, then move to right (n-1-
I) * out_blk_len, the value being calculated is denoted as T2。
Step 7: comparing T1And T2Size, if T1Greater than T2, plaintext value of the plaintext value greater than ctxt2 of ctxt1 is returned,
If T1Less than T2, plaintext value of the plaintext value less than ctxt1 of ctxt1 is returned, otherwise, executes step 8
Step 8: counter i adds 1.Execute step 4.
A kind of to compare search method based on the data base ciphertext for letting out sequence algorithm, the technology of being related to includes letting out the encryption calculation of sequence algorithm
Method, the decipherment algorithm for letting out sequence algorithm, sql paraphrasing, the ciphertext for letting out sequence algorithm that database user custom function UDF is realized
Comparison algorithm, which is characterized in that method the following steps are included:
Step 1: database client (db client) inputs sql sentence, sends sql sentence to database broker (db
proxy)。
Step 2: database broker receives the sql sentence of client transmission, parses first to sql, to sql sentence
Middle sensitive data is rewritten, such as: when being inserted into data, the encryption of sequence Encryption Algorithm is let out to sensitive data use, in retrieval number
According to when, in sql sentence sensitive data rating unit call User-Defined Functions be compared.
Step 3: database broker sends revised sql to database server (db server), database server
Sql sentence is executed, data storage is completed, is compared retrieval using the customized UDF function of user.
Step 4: database server sends sql sentence implementing result to database broker.
Step 5: in database broker inspection result whether comprising sensitive field as a result, if comprising sensitive field as a result,
Ciphertext data are decrypted using sequence Encryption Algorithm corresponding decipherment algorithm is let out, finally send final result to database client
End.
Step 6: database client receives sql sentence implementing result.
Detailed description of the invention
Fig. 1 is a kind of ORE Encryption Algorithm schematic diagram
Fig. 2 is a kind of ORE Encryption Algorithm flow chart
Fig. 3 is a kind of decipherment algorithm flow chart of ORE Encryption Algorithm
Fig. 4 is that a kind of ORE algorithm ciphertext data compare flow chart
Fig. 5 compares search method schematic diagram based on the data base ciphertext for letting out sequence algorithm to be a kind of
Fig. 6 is a kind of based on the database data flow chart for letting out sequence algorithm
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.
Fig. 1 is a kind of schematic diagram of bit progress ORE Encryption Algorithm by plaintext, each clear data bit bit manipulation
It is that all bits and encryption key application pseudo-random function before current bit position are being added after the output of pseudo-random function
Then and so on value on the upper current position bit, the entire clear data of encryption, finally exports the secret value similar to figure one.
Fig. 2 is a kind of ORE Encryption Algorithm flow chart, is illustrated below by specific example:
In step s201, encryption key key=" heming123456789 " and clear data p=to be encrypted are inputted
1610612739=230+229+21+20, the number of bits of p is n=31;
In step s202, if each bit of clear data is extended to out_blk_len=10, encrypted cipher text in ciphertext
It is denoted as ctxt;
In step s203, block_mask=2^out_blk_len-1=2^10-1=1023, byte offsets are calculated
Offset=(8- (n%8)) %8=1;
In step s204, the initialization of prf_input_buf array, i=0 when initial represents the i-th bit bit of p;
In step s205, i < n is judged, go to s206 step when the condition is satisfied, otherwise go to s215 step;
In step s206, the byte sequence that plaintext i-th bit bit is located at clear data is calculated, byteind=(n+7)/
8-1- (i+offset)/8, as i=0, byteind=3;
In step s207, mask mask, mask=p [byteind] & (1 < < ((7-i- of plaintext i-th bit is calculated
Offset) %8), as i=0, computer uses little endian mode mask=64;
It in step s208, calculates ciphertext blocks ctxt_block=F (key, prf_input_buf), wherein F is encryption letter
Number.The present embodiment uses AES encryption mode, as i=0, ctxt_block=63743;
In step s209, mask > 0 is judged, after meeting condition, execute step s210, ctxt_block=ctxt_block+
1, it is no to then follow the steps s212;
In step s210, as i=0, mask=64 > 0, ctxt_block=ctxt_block+1=63744;
In step s211, ctxt_block does and operates with block_mask, works as i=0, ctxt_block&block_
Mask=256;
(n-i-1) * out_blk_len, as i=0, ctxt_block=are moved to left in step s212, ctxt_block
256, after moving to left 30, ctxt_block=521481209941628438084722096 ... 728256;
Xor operation i.e. ctxt=ctxt is in step s213, ctxt and ctxt_block | ctxt_block works as i=0
When, ctxt=ctxt at this time | ctxt_block=521481209941628438084722096 ... 728256;
Prf_input_buf array, prf_input_buf [0]=i+1, prf_input_buf are updated in step s214
[byteind+1] |=mask, as i=0, prf_input_buf [0]=1, prf_input_buf [4]=64, Fig. 3 is shown
Prf_input_buf renewal process;
S205 to s214 operation is repeated, is completed until all bits of plaintext p traverse;
In step s215, ciphertext blocks ctxt is exported.
Fig. 3 is the flow chart of the decipherment algorithm of ORE Encryption Algorithm, and computer is little endian mode, encryption function using it is pseudo- with
Machine function AES, clear data p=1610612739=230+229+21+20, the bit number of clear data is n=31, Mei Geming
Literary data bit Bits Expanding is 10 bit, out_blk_len=10 is denoted as, using pseudo-random function AES and key to clear data
After 1610612739 are encrypted, it is as follows to decrypt basic operation process by ciphertext ctxt=14803069411772771925:
In step s301, first ciphertext data and encryption key of the input by ORE encryption.
In step s302, the parameter carried to ciphertext data and encryption key is matched.
In step s303, number of bits out_ after clear data number of bits n and each plaintext bit Bits Expanding is calculated
Blk_len, n=31, out_blk_len=10 in the present embodiment represent i-th of bit of clear data p with season i, initially
Value sets i=0.
In step s304, i < n, i.e., 0 < 31 are judged.
In step s305, the mask of ciphertext data after the i-th=0 bit bit encryption is calculated, block_mask is denoted as, this
When block_mask=(2out_blk_len- 1) < < (n-i-1) * out_blk_len, as i=0, block_mask=(210)
< < 300.
Logical AND operation is done in step s306, ciphertext data ctxt and block_mask, first moves to right (n-1-i) * out_
Blk_len, the value obtained after calculating is denoted as Ci, as i=0, C0=496.
In step s307, pseudo-random function AES and encryption key used in Encryption Algorithm and preceding i-1 bit are utilized
Position, calculates encrypted value, is denoted as F (key, m0…mi-1), as i=0, added using initial input value ε (generally 0) and AES
Close function calculates postscript F (key, ε)=495.
In step s308, CiWith F (key, m0…mi-1) compare, if equal, the i-th bit bit of clear data is at this time
0, it is otherwise 1, i.e. mi=0 or 1, as i=0, C at this time0≠ F (key, ε), i.e., 496 ≠ 495, m at this time0=1.
In step s309, miTo moving to left n-i-1, logic or operation, as i=0, m are done with p0To moving to left 30.
In step s310, i value increases by 1, and executes s304.
In step s311, if i < n, step s305-s311 is repeated, until s304 no longer meets condition, can be seen at this time
To m0=1, m1=1, m30=1, i.e., upper bit of the 0th, 1,30 of clear data is 1.
Clear data after step s312, output decryption, this clear data p=1610612739.
In step s313, terminate decrypting process.
Fig. 4 is the flow chart that the ciphertext of ORE Encryption Algorithm compares, and clear data is p=1610612739=in this example
230+229+21+20, the bit number of clear data is n=31, and each clear data bit Bits Expanding is 10 bit, is denoted as out_
Blk_len=10, ciphertext 1 are ctxt1=14803069411772771925, and ciphertext 2 is ctxt1=
14803069411772771925, illustrate that the basic operation process for comparing ctxt1 and ctxt2 is as follows here:
In step s401, first ciphertext data ctxt1 and ctxt2 of the input by ORE encryption.
In step s402, the parameter carried to ciphertext data is checked.
In step s403, number of bits out_ after clear data number of bits n and each plaintext bit Bits Expanding is calculated
Blk_len, n=31, out_blk_len=10 in the present embodiment represent i-th of bit of clear data p with season i, initially
Value sets i=0.
In step s404, i < n, i.e., 0 < 31 are judged.
In step s405, the mask of ciphertext data after the i-th=0 bit bit encryption is calculated, block_mask is denoted as, this
When block_mask=(2out_blk_len- 1) < < (n-i-1) * out_blk_len, as i=0, block_mask=(210)
< < 300.
Logical AND operation is done in step s406, ciphertext data ctxt1 and block_mask, first moves to right (n-1-i) * out_
Blk_len, the value obtained after calculating is denoted as C1i, as i=0, C10=496.Calculate ciphertext data ctxt2 and block_
Mask does logical AND operation, first moves to right (n-1-i) * out_blk_len, and the value obtained after calculating is denoted as C2i, as i=0,
C20=496.
In step s407, compare C1iWith C2iSize relation, if C1iGreater than C2i, the ciphertext for returning to ctxt1 is corresponding
Plaintext numerical value is greater than the corresponding plaintext numerical value of ciphertext of ctxt2.If C1iLess than C2i, return to the corresponding plaintext of ciphertext of ctxt1
Numerical value is less than the corresponding plaintext numerical value of ciphertext of ctxt2.If C1iEqual to C2i, execute s408.
In step s408, i value increases by 1, and executes s404.
In step s409, if i < n, step s405-s409 is repeated, until s404 no longer meets condition, this is to return
The corresponding plaintext numerical value of the ciphertext of ctxt1 is equal to the corresponding plaintext numerical value of ciphertext of ctxt2.
In step s410, terminate comparison procedure.
Fig. 5 compares search method overall framework figure based on the data base ciphertext for letting out sequence algorithm to be a kind of.Pass through database generation
Reason rewrites sql, such as ORE Encryption Algorithm is called to encrypt data, calls database UDF function to ciphertext data
It is compared retrieval.
In step s501, database client inputs the sql sentence needed to be implemented.Sql sentence is sent to database broker.
In step s502, the sql sentence that database client is sent is received, is parsed, judgement, which wherein whether there is, to be needed
The field data to be rewritten.If it does, being rewritten to sql sentence, such as INSERT sql sentence calls ORE Encryption Algorithm
Data are encrypted, when SELECT statement is replaced WHERE condition using UDF function.
In step s503, revised sql sentence is sent to database server, executes sql sentence, return executes knot
Fruit, ciphertext is compared retrieval and is realized using UDF function call ORE ciphertext comparison algorithm here.
In step s504, the data that database broker returns to database server are handled, main comprising utilizing ORE
The corresponding decipherment algorithm decryption of Encryption Algorithm, returns to plaintext result to database client.
In step s505, database client receives query result.
Fig. 6 is a kind of based on the database data flow chart for letting out sequence algorithm.Sql is rewritten by database broker,
ORE Encryption Algorithm is called to encrypt data.For this example uses students database, have in student database
One table student_info table includes id (student number), name (name), three fields of age (age), it is desirable that age field
It encrypts, and searching ciphertext can be carried out by age.ORE ciphertext size of data compares the UDF for needing to call database
Function cryptdb_func_compare, first parameter of the function are the field for needing to compare, and second parameter is to carry out
The ciphertext constant compared, third parameter are comparison pattern character string, return to the Boolean type end value of comparison result.For not
Same input, this example can illustrate the storage (INSERT) and retrieval (SELECT) of data.
Following steps illustrate the associated operating steps of data storage:
In step s601, User-Defined Functions are created in database server.
In step s602, the sql sentence needed to be implemented is inputted in database client, sends sql sentence to database generation
Reason, data store sentence " INSERT INTO student_info VALUES (1, " FLK ", 8);"
In step s603, database broker receives the sql sentence that database client is sent, is parsed, judge the sql
Whether sentence, which needs, is rewritten.
Include the age field for needing encipherment protection in step s604, database broker discovery sql sentence, needs to utilize
ORE Encryption Algorithm is to age field data " it 8 " encrypts, sql sentence is rewritten, following to show:
In step s605, database broker sends revised sql sentence to database server.
In step s606, database server executes sql sentence, saves in the data to data library that age field is ciphertext.
In step s607, database server sends sql sentence implementing result to database broker.
In step s608, database broker judges whether at the result data for needing to return to database server
Reason.Since INSERT implementing result does not need to handle, step s609 is skipped.
In step s610, database broker returns result to database client.
In step s611, database client receives result data, completes data storage operations.
Following steps can illustrate the relevant operation of data retrieval (SELECT).
In step s601, User-Defined Functions are created in database server.
In step s602, the sql sentence needed to be implemented is inputted in database client.Sql sentence is sent to database generation
Reason, database retrieval sentence " age > 8 SELECT*FROM student_infoWHERE;".
In step s603, database broker receives the sql sentence that database client is sent, is parsed, judge the sql
Whether sentence, which needs, is rewritten.
In step s604, database broker discovery wherein includes the comparison operation of age field, utilizes ORE Encryption Algorithm pair
Age field data " 8 " is encrypted, and calls UDF function cryptdb_func_compare, first parameter " age " table
Show and participate in the field that size compares, second parameter indicates the constant for participating in comparing, and third parameter " gt " expression is greater than, completes
The comparison result for being greater than " 8 " to age field data is retrieved, and sql sentence is rewritten, following to show:
In step s605, database broker sends revised sql sentence to database server.
In step s606, database server executes sql sentence, calls database user custom function cryptdb_
Func_compare carries out size comparison to ORE encrypted cipher text, returns to the result set for meeting comparison result.Here it returns all
The result set of age > 8.
In step s607, database server sends sql sentence implementing result to database broker.
In step s608, database broker judges whether at the result data for needing to return to database server
Reason.Here include ciphertext field age in the result field returned, need that result is decrypted.
In step s609, database broker is using the corresponding decipherment algorithm of ORE Encryption Algorithm to age field ciphertext data solution
It is close.
In step s610, result that database broker returns to that treated is to database client.
In step s611, database client receives result data, completes data retrieval operation.
The foregoing is merely illustrative of the preferred embodiments of the present invention, all in spirit of the invention not to limit the present invention
With any modifications, equivalent replacements, and improvements made within principle etc., should all be included in the protection scope of the present invention.
Claims (5)
1. a kind of compare search method based on the data base ciphertext for letting out sequence algorithm, which has safety higher and encrypts
Speed is fast, the low feature of expansion rate, it is characterised in that comprise the steps of:
Step 1: database client inputs sql sentence, sends sql sentence to database broker;
Step 2: database broker receives the sql sentence of client transmission, parses first to sql, to quick in sql sentence
Sense data are rewritten, such as: when being inserted into data, the encryption of sequence Encryption Algorithm is let out to sensitive data use, to quick in sql sentence
The rating unit of sense data is compared using User-Defined Functions;
Step 3: sending revised sql to database server, and execute sql sentence, complete data storage, use user
Customized UDF function is compared retrieval;
Step 4: database server sends sql sentence implementing result to database broker;
Step 5: whether including sensitive field in database broker inspection result as a result, if comprising sensitive field as a result, using
It lets out the corresponding decipherment algorithm of sequence Encryption Algorithm ciphertext data are decrypted, finally sends final result to database client;
Step 6: database client receives sql sentence implementing result.
A kind of search method is compared based on the data base ciphertext for letting out sequence algorithm 2. according to claim 1, which is characterized in that
Sql sentence is rewritten in step 2 using letting out sequence Encryption Algorithm ORE.
A kind of search method is compared based on the data base ciphertext for letting out sequence algorithm 3. according to claim 1, which is characterized in that
Sql sentence is rewritten using the UDF function based on ORE ciphertext comparison algorithm in step 2.
A kind of search method is compared based on the data base ciphertext for letting out sequence algorithm 4. according to claim 1, which is characterized in that
The UDF function based on ORE ciphertext comparison algorithm is used in step 3 in database server, completes ciphertext ratio in the database
Compared with search operaqtion.
A kind of search method is compared based on the data base ciphertext for letting out sequence algorithm 5. according to claim 1, which is characterized in that
The ciphertext result returned in database server is decrypted using ORE decipherment algorithm in step 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811237729.5A CN109117676B (en) | 2018-10-23 | 2018-10-23 | Database ciphertext comparison and retrieval method based on order-releasing algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811237729.5A CN109117676B (en) | 2018-10-23 | 2018-10-23 | Database ciphertext comparison and retrieval method based on order-releasing algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109117676A true CN109117676A (en) | 2019-01-01 |
CN109117676B CN109117676B (en) | 2022-02-25 |
Family
ID=64855444
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811237729.5A Active CN109117676B (en) | 2018-10-23 | 2018-10-23 | Database ciphertext comparison and retrieval method based on order-releasing algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109117676B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115488A (en) * | 2019-06-20 | 2020-12-22 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN112115487A (en) * | 2019-06-20 | 2020-12-22 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN117113422A (en) * | 2023-10-24 | 2023-11-24 | 中电科网络安全科技股份有限公司 | Database encryption method, device, equipment and medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104620533A (en) * | 2012-06-22 | 2015-05-13 | 联邦科学技术研究组织 | Homomorphic encryption for database querying |
CN104881280A (en) * | 2015-05-13 | 2015-09-02 | 南京邮电大学 | Multi-search supporting design method for encrypted database middleware |
CN108512840A (en) * | 2018-03-21 | 2018-09-07 | 杭州弗兰科信息安全科技有限公司 | One kind is based on letting out the encrypted cipher text retrieval method of sequence |
-
2018
- 2018-10-23 CN CN201811237729.5A patent/CN109117676B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104620533A (en) * | 2012-06-22 | 2015-05-13 | 联邦科学技术研究组织 | Homomorphic encryption for database querying |
CN104881280A (en) * | 2015-05-13 | 2015-09-02 | 南京邮电大学 | Multi-search supporting design method for encrypted database middleware |
CN108512840A (en) * | 2018-03-21 | 2018-09-07 | 杭州弗兰科信息安全科技有限公司 | One kind is based on letting out the encrypted cipher text retrieval method of sequence |
Non-Patent Citations (2)
Title |
---|
B DAN: "《Semantically Secure Order-Revealing Encryption: Multi-input Functional Encryption Without Obfuscation》", 《INTERNATIONAL CONFERENCE ON THE THEORY & APPLICATIONS OF CRYPTOGRAPHIC TECHNIQUES》 * |
一个未入门DE情报学胖子: "《ore加密与解密方案梳理》", 《LEANOTE官方博客》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115488A (en) * | 2019-06-20 | 2020-12-22 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN112115487A (en) * | 2019-06-20 | 2020-12-22 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN117113422A (en) * | 2023-10-24 | 2023-11-24 | 中电科网络安全科技股份有限公司 | Database encryption method, device, equipment and medium |
Also Published As
Publication number | Publication date |
---|---|
CN109117676B (en) | 2022-02-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107077469B (en) | Server device, search system, terminal device, and search method | |
US10489604B2 (en) | Searchable encryption processing system and searchable encryption processing method | |
CN110214325B (en) | Method and system for data shielding | |
US10476662B2 (en) | Method for operating a distributed key-value store | |
Yuan et al. | Enckv: An encrypted key-value store with rich queries | |
CN107038383A (en) | A kind of method and apparatus of data processing | |
CN105320613B (en) | System and method for dynamic data storage | |
Liu et al. | Efficient searchable symmetric encryption for storing multiple source dynamic social data on cloud | |
CN111587452B (en) | Registration device, search operation device, data management device, and computer-readable storage medium | |
CN109117676A (en) | It is a kind of that search method is compared based on the data base ciphertext for letting out sequence algorithm | |
JP6599066B1 (en) | Registration device, server device, secret search system, secret search method, registration program, and server program | |
US10733317B2 (en) | Searchable encryption processing system | |
CN109934001A (en) | A kind of data ciphering method based on normal cloud model | |
CN108512840A (en) | One kind is based on letting out the encrypted cipher text retrieval method of sequence | |
CN108370312B (en) | Encryption device, search device, computer-readable recording medium, encryption method, and search method | |
JPWO2019053788A1 (en) | Data processing device, data processing method, and data processing program | |
Malik et al. | A homomorphic approach for security and privacy preservation of Smart Airports | |
CN111046431B (en) | Data processing method, query method, device, electronic equipment and system | |
CN111046408A (en) | Judgment result processing method, query method, device, electronic equipment and system | |
Ti et al. | Benchmarking dynamic searchable symmetric encryption scheme for cloud-internet of things applications | |
CN109495430A (en) | It is a kind of based on let out sequence encryption decipherment algorithm | |
Yamamoto | Secure automata-based substring search scheme on encrypted data | |
JP6918253B2 (en) | Confidential search system and Confidential search method | |
Chinni et al. | Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data | |
Nita et al. | Searchable Encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |