CN109740376B

CN109740376B - Location privacy protection method, system, device and medium based on neighbor query

Info

Publication number: CN109740376B
Application number: CN201811570419.5A
Authority: CN
Inventors: 秦阳; 王轩; 王晗; 蒋琳
Original assignee: Shenzhen Graduate School Harbin Institute of Technology
Current assignee: Shenzhen Graduate School Harbin Institute of Technology
Priority date: 2018-12-21
Filing date: 2018-12-21
Publication date: 2020-11-13
Anticipated expiration: 2038-12-21
Also published as: CN109740376A

Abstract

The invention discloses a position privacy protection method, a system, equipment and a medium based on neighbor query. The method comprises the following steps executed by the LBS client: based on the target position and the type of the interest point, inquiring a Z-order tree which is created in advance based on a quadtree and a Z-order curve to obtain a target node and a target sub-tree; traversing leaf nodes in the target subtree to obtain a target node truncation coordinate and an adjacent node truncation coordinate; based on the private key, performing encryption calculation by adopting an improved privacy homomorphic encryption algorithm, acquiring target node encryption data and adjacent node encryption data, sending the target node encryption data and the adjacent node encryption data to the LBS server, and receiving secret distance data returned by the LBS server; and based on the private key, decrypting the secret distance data by adopting an improved privacy homomorphic decryption algorithm, respectively obtaining the distances between the target node and the adjacent nodes, sequencing and obtaining the neighbor interest points corresponding to the neighbor number. The method can quickly realize quick positioning and query, and has low calculation overhead and good confidentiality effect.

Description

Location privacy protection method, system, device and medium based on neighbor query

Technical Field

The invention relates to the technical field of position inquiry, in particular to a position privacy protection method, a device, equipment and a medium based on neighbor inquiry.

Background

Rapid development of mobile communication and spatial positioning technologies has promoted the rise of Location Based Services (LBS). LBS (Location Based Service) is a value-added Service which obtains Location Information (geographical coordinates or geodetic coordinates) of LBS client through a radio communication network (such as GSM network and CDMA network) of a telecom mobile operator or an external positioning mode (such as GPS) and provides corresponding Service for users under the support of a geographical Information System (foreign language abbreviation: GIS, foreign language full name: Geographic Information System) platform. The LBS client can be installed on mobile terminals such as various personal computers, notebook computers, smart phones, tablet computers and portable wearable devices. Since the location information of the LBS client includes privacy information such as user identity and behavior pattern, in order to avoid leakage of the privacy information, the location information of the LBS client needs to be privacy protected first, so that the location information submitted to the LBS server is hidden location information, and such LBS is called encryption-based LBS.

The k-nearest neighbor (i.e., approximate k-nearest neighbor, hereinafter abbreviated as kNN) query is an important query service of location services, and means that an LBS client queries k nearest points of Interest (POIs) nearby to an LBS server according to location information of the LBS client, and in a geographic information system, the POIs may be shops, public transportation stations, restaurants, gas stations, or the like. Generally, the LBS client submits its location information to the LBS server, which finds and returns the closest k POIs by comparing the distance between the location information of the LBS client and the nearby POIs. In the kNN query process, a large amount of calculation needs to be performed on the location information and possible POIs of the LBS client, and if the calculation error is large, the accuracy of the returned k POIs is seriously affected, so that the efficiency and the accuracy of the kNN query need to be ensured. In the encryption-based LBS, the location information submitted by the LBS client is encrypted, and all POIs pre-stored in the LBS server are organized in a certain specific way, so that the kNN query process cannot guarantee the efficiency and accuracy of the LBS server.

The implementation of kNN query in an encryption-based LBS specifically includes the following stages: in the first stage, the LBS client obtains the serial number corresponding to the location information from the organization mode published by the LBS server. In the second stage, the LBS client encrypts the acquired serial number, acquires an encrypted serial number and sends the encrypted serial number to the LBS server; and the LBS server calculates based on the encryption serial number, acquires the encrypted POIs information and sends the encrypted POIs information to the LBS client. And in the third stage, the LBS client decrypts and sequences the encrypted POIs information to acquire k nearest neighbor POIs. It can be understood that, in order to ensure the accuracy of kNN query, the number of POIs of the LBS server needs to be set to be multiple of k.

In LBS, all POIs on a map are organized into linearity according to the orientation by adopting a space filling curve so as to realize the storage of position information. A space-filling curve is a curve that may traverse all regions or a multi-dimensional hypercube without crossing in two dimensions, including but not limited to hilbert curves and Moore curves.

The hilbert curve is known for its ability to partially retain adjacent adjacency of original data, with better clustering properties. FIG. 1(a) shows the Hilbert curves of the first three sequences, the Hilbert curve of the N sequence may cross 2^N×2^NA small area. The POIs to be inquired can be converted into a number by adopting a Hilbert curve, so that the encryption is conveniently carried out by applying a cryptography method, and the linear search is directly carried out when the positions of neighbors are calculated, but after a two-dimensional space is changed into a one-dimensional linear space, a part of azimuth information is inevitably lost, so that the inquiry is more inaccurate when the inquiry range is larger.

The Moore curve is a modified version of the hilbert curve, and is a curve formed by combining four identical hilbert curves to make the endpoints coincide, i.e., a loop version of the hilbert curve, as shown in fig. 1 (b). Thus, each POI has POIs adjacent to the POI in two directions of the Moore curve, and the defect that the ordinary Hilbert curve is inaccurate when the k is larger during query can be overcome. The LBS server firstly maps all POIs into a linear two-dimensional table by using a Moore curve, wherein the first column is the sequence number of the POI, and the second column is the corresponding POI information. The encryption-based LBS includes the following steps: (1) the encrypted offset matrix may be sent to the LBS server when the LBS client requests service. The actual value of the offset t of the offset matrix is only known to the LBS client, and the offset matrix may be encrypted by any homomorphic encryption method that supports the homomorphic multiplication and addition. (2) The LBS server performs matrix multiplication calculation by using the offset matrix and map data preset in the LBS server, and since the offset matrix is secret for the LBS server, the calculated result is also secret for the LBS server, and a new secret data table after movement transformation is obtained. (3) The LBS client requests the LBS server to return information for a certain sequence number of the actual position after offset. Since the LBS server does not know the actual value of the offset t of the data table change movement, when the LBS client requests a certain column of data, the LBS server does not know which position the column of data is actually at, and only the user knows how much the data table in the LBS server is offset by himself, so that the LBS client can obtain the desired position information without exposing his position to the LBS server. Although the Moore curve-based mode can flexibly protect the user position privacy in a request and return correct service, the POIs are moved up and down by the LBS server every time, which is equivalent to performing encryption matrix operation on the whole map data once, so that the efficiency is low.

Disclosure of Invention

The embodiment of the invention provides a position privacy protection method, a position privacy protection device, position privacy protection equipment and a position privacy protection medium based on neighbor query, and aims to solve the problems that the cost is high and the query efficiency and accuracy cannot be guaranteed when kNN query is carried out in the current encryption-based LBS.

A location privacy protection method based on neighbor query comprises an LBS client executing the following steps:

generating a neighbor query request, wherein the neighbor query request comprises a target position, an interest point type, a neighbor number and a private key;

based on the target position and the interest point type, inquiring a Z-order tree which is created in advance based on a quadtree and a Z-order curve and corresponds to the interest point type to obtain a corresponding target node and a corresponding target sub-tree;

traversing the leaf nodes in the target subtree to obtain node truncation coordinates corresponding to the leaf nodes, wherein the node truncation coordinates comprise target node truncation coordinates and adjacent node truncation coordinates;

based on the private key, performing encryption calculation on the target node truncated coordinates and the adjacent node truncated coordinates by adopting an improved privacy homomorphic encryption algorithm to obtain target node encrypted data and adjacent node encrypted data;

sending the target node encrypted data and the adjacent node encrypted data to an LBS server, and receiving secret distance data obtained by performing homomorphic addition and multiplication calculation on ciphertext on the target node encrypted data and the adjacent node encrypted data returned by the LBS server;

based on the private key, adopting an improved privacy homomorphic decryption algorithm to decrypt the secret distance data, and respectively obtaining the distance between the target node and the adjacent node;

and sequencing based on the distance between the target node and the adjacent node, and acquiring the adjacent interest points corresponding to the adjacent number.

A location privacy protection method based on neighbor query comprises an LBS server executing the following steps:

receiving target node encrypted data and adjacent node encrypted data sent by a client, wherein the target node encrypted data and the adjacent node encrypted data are respectively obtained by carrying out encryption calculation on a target node truncated coordinate and an adjacent node truncated coordinate by adopting an improved privacy homomorphic encryption algorithm;

homomorphic addition and multiplication calculation on the ciphertext are carried out on the target node encrypted data and the adjacent node encrypted data, and secret distance data are obtained;

and sending the secret distance data to an LBS client so that the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on a private key, respectively obtains the distances between a target node and adjacent nodes, and sequences based on the distances between the target node and the adjacent nodes to obtain neighbor interest points corresponding to the neighbor number.

A location privacy protection system based on neighbor query comprises an LBS client and an LBS server;

the LBS client executes the following steps:

sequencing based on the distance between the target node and the adjacent nodes, and acquiring adjacent interest points corresponding to the adjacent number;

the LBS server executes the following steps:

and sending the secret distance data to an LBS client so that the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on a private key, respectively obtains the distances between a target node and adjacent nodes, and sequences based on the distances between the target node and the adjacent nodes to obtain the neighbor interest points corresponding to the neighbor number.

A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the above-mentioned neighbor query-based location privacy preserving method when executing the computer program.

A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out the steps of the above-mentioned location privacy protection method based on neighbor query.

The position privacy protection method, the device, the equipment and the medium based on the neighbor query enable the tree structure of the Z-order tree to support distributed storage based on the Z-order tree created by the quadtree and the Z-order curve, and have the characteristics of easy segmentation and invariance. Although the continuity of the Z-order curve is poorer than that of the Hilbert curve, the Z-order curve is more regular and easier to locate than the Hilbert curve, the Z-order curve and the quadtree are used together, the Z-order curve is easy to locate, the defect of inaccurate query caused by poor continuity can be overcome, and the Z-order curve and the quadtree are combined to form the Z-order tree for storing position information after analysis proves that certain query accuracy can be guaranteed. The improved privacy homomorphic algorithm is adopted for encryption and decryption, so that the safety of the user privacy information can be effectively guaranteed; and the LBS client sends the encrypted target node encrypted data and the encrypted adjacent node data to the LBS server, so that the LBS server calculates the secret distance data, the LBS server shares the calculation cost of the LBS client, the cost of the LBS client is low, and the normal work of the LBS client is guaranteed.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.

FIG. 1 is a schematic diagram of a Hilbert curve and a Moore curve;

FIG. 2 is a diagram illustrating an application scenario of a location privacy protection method based on neighbor query according to an embodiment of the present invention;

FIG. 3 is a flow diagram of a location privacy preserving method based on neighbor query in one embodiment of the invention;

FIG. 4 is a flow diagram of creating a Z-order tree in one embodiment of the invention;

FIG. 5 is a schematic diagram of a region decomposed using a quadtree;

FIG. 6 is a schematic illustration of a Z-order curve;

FIG. 7 is a schematic diagram of a grid map formed by performing a second decomposition on an area;

FIG. 8 is a schematic diagram of a Z-order tree formed based on the mesh schematic diagram of FIG. 7;

FIG. 9 is a schematic diagram of a target sub-tree truncated based on the Z-order tree of FIG. 8;

FIG. 10 is a graph showing the trend of CPU computation time in PCQP, PIR-NN and DPIR-NN;

FIG. 11 is a graph of the trend of the network transmission delay in PCQP, PIR-NN and DPIR-NN;

FIG. 12 is a trend graph of kNN query accuracy over a Sequoia dataset;

FIG. 13 is a trend graph of kNN query accuracy over a Uniform dataset;

FIG. 14 is a schematic diagram of a computer device in an embodiment of the invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The location privacy protection method based on the neighbor query provided by the embodiment of the invention can be applied to the application environment shown in fig. 2. Specifically, the location privacy protection method based on the neighbor query is applied to an LBS system (hereinafter referred to as LBS system), and the location privacy protection system based on the neighbor query comprises an LBS client and an LBS server as shown in fig. 1, wherein the LBS client and the LBS server are in communication through a network, and are used for realizing query kNN query based on encrypted LBS and ensuring efficiency and accuracy of kNN query. The LBS client is also called a client, and refers to a program corresponding to the LBS server and providing local services to the client. The LBS client may be installed on, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, portable wearable devices and other mobile terminals. The LBS server may be implemented by an independent LBS server or an LBS server cluster composed of a plurality of LBS servers, in this embodiment, the LBS client is a terminal that issues a query request or other requests. The LBS server includes a target server or an intermediate server. The target server is an LBS server for solving all query requests. The intermediate server is a forwarding device arranged between the LBS client and the target server, and can cache a part of the content of the target server and answer a part of the request sent by the LBS client. It will be appreciated that to support distributed processing, the intermediate server may respond to requests related to a portion of the target server content, since the intermediate server caches the portion of the target server content.

In an embodiment, as shown in fig. 3, a location privacy protection method based on neighbor query is provided, which is described by taking the application of the method to the LBS client and the LBS server in fig. 2 as an example.

The location privacy protection method based on the neighbor query comprises the following steps that the LBS client executes:

s11: the LBS client generates a neighbor query request, which includes a target location, a point of interest type, a neighbor number, and a private key.

S12: and the LBS client inquires a Z-order tree which is created in advance based on the quadtree and the Z-order curve and corresponds to the type of the interest point based on the target position and the type of the interest point, and acquires a corresponding target node and a corresponding target sub-tree.

S13: and the LBS client traverses the leaf nodes in the target subtree to acquire node truncation coordinates corresponding to the leaf nodes, wherein the node truncation coordinates comprise target node truncation coordinates and adjacent node truncation coordinates.

S14: and the LBS client side adopts an improved privacy homomorphic encryption algorithm to carry out encryption calculation on the truncated coordinates of the target node and the truncated coordinates of the adjacent node based on the private key so as to obtain encrypted data of the target node and encrypted data of the adjacent node.

S15: and the LBS client sends the target node encrypted data and the adjacent node encrypted data to the LBS server and receives the secret distance data which is returned by the LBS server and is obtained by performing homomorphic addition and multiplication calculation on the ciphertext of the target node encrypted data and the adjacent node encrypted data.

S16: and the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on the private key to respectively acquire the distance between the target node and the adjacent node.

S17: and the LBS client carries out sequencing based on the distance between the target node and the adjacent node to acquire the adjacent interest points corresponding to the adjacent number.

The location privacy protection method based on the neighbor query further comprises the following steps that the LBS server executes:

s21: the LBS server receives target node encrypted data and adjacent node encrypted data sent by a client, wherein the target node encrypted data and the adjacent node encrypted data are respectively data obtained by carrying out encryption calculation on target node truncation coordinates and adjacent node truncation coordinates by adopting an improved privacy homomorphic encryption algorithm.

S22: and the LBS server performs homomorphic addition and multiplication calculation on the ciphertext on the target node encrypted data and the adjacent node encrypted data to acquire secret distance data.

S23: and the LBS server sends the secret distance data to the LBS client so that the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on a private key, respectively obtains the distances between the target node and the adjacent nodes, sequences based on the distances between the target node and the adjacent nodes and obtains the neighbor interest points corresponding to the neighbor number.

Before the LBS system executes the steps shown in fig. 3, the LBS server needs to initialize the Z-order tree in advance and issue the Z-order tree to the LBS client, so that the LBS client can perform fast kNN query. The Z-order tree is created based on the Z-order curve, so that the Z-order tree is convenient for calculating neighbor, and the calculation cost of neighbor query is saved; and the quadtree can support distributed storage, and is beneficial to carrying out neighbor query based on the Z-order tree. It can be understood that the Z-order tree corresponding to the point of interest type created based on the quadtree and the Z-order curve may be previously created in the LBS server and stored on the LBS client so that the LBS client can be directly used, the Z-order tree being created once in the LBS server, and can be used several times without being calculated into the calculation overhead of the LBS system. As shown in fig. 4, the Z-order tree corresponding to the interest point type and created based on the quadtree and the Z-order curve specifically includes the following steps:

s401: and marking the original interest points corresponding to the same interest point type in the area map.

The area map refers to an electronic map of a certain area. The setting of the region can be divided according to administrative regions such as provinces, cities, counties and the like. Specifically, the original points of interest (i.e., original POIs) corresponding to the same point of interest type are labeled in the area map, so that all the original points of interest corresponding to the point of interest type are displayed in the area map. For example, all hotels in Shenzhen city are marked in the Shenzhen city map, that is, the operation of marking the original interest points corresponding to the interest point type of the hotel in the region map is completed.

In order to ensure that the area map can store all original interest points in the result of the quadtree storage, each area map can be a square map, namely the center of the area is taken as the center of the square map, and the whole area map comprises all positions in the area. It can be understood that, since the actual map is not a regular square map, the original interest points of the edge positions of the two regions are marked in the at least two region maps so as to ensure the accuracy of the subsequent neighbor query.

S402: and decomposing the area map by adopting a quadtree decomposition rule according to the marked position of the original interest point to obtain a corresponding grid map, wherein the grid map comprises at least one grid.

In the LBS system, all POIs in the area need to be stored in advance in an organization structure which is convenient for neighbor calculation, so that the calculation cost of the LBS client is saved in the subsequent neighbor query process, and a storage structure which is easy to divide and is invariant is needed for supporting distributed storage. Quad-tree (quad-tree) is one such data structure suitable for storing POIs information in two-dimensional maps. A quadtree is a type of tree with 4 children per internal node and four children corresponding to the Northwest (NW), Northeast (NE), Southwest (SW) and Southeast (SE) orientations of the map, respectively, as shown in fig. 5. Specifically, according to the marked positions of all original interest points corresponding to the same interest point type, a quad-tree decomposition rule is adopted to decompose the area map, and a corresponding grid map is obtained. The grid map is a map formed by storing all original interest points based on a quadtree storage structure. The grid map includes at least one grid, each grid corresponding to a root node, an internal node or a leaf node in the quadtree storage structure, wherein the root node is the uppermost node in the quadtree storage structure and has no upper node. A leaf node is the lowest node in the quad-tree storage structure, which has no subordinate nodes. The internal node is a node between the root node and the leaf node, and includes both an upper node and a lower node.

In this embodiment, decomposing the area map by using the quadtree decomposition rule specifically includes: first, taking the center of the area map as the root node of the target quadtree corresponding to the area map, and taking the areas corresponding to the northwest, northeast, southwest and southeast directions as intermediate nodes to perform first decomposition, such as decomposition into A, B, C and D areas in fig. 7 (b). Then, judging whether the area corresponding to each intermediate node has POIs (namely children in the Z-order tree) corresponding to the interest point type; if the POIs corresponding to the types of the points of interest exist, decomposing the area map corresponding to the intermediate node again to obtain new intermediate nodes corresponding to the four areas, and repeatedly judging whether the POIs corresponding to the types of the points of interest exist in the area corresponding to each intermediate node until the decomposition times reach a preset number or all the areas do not have the POIs corresponding to the types of the points of interest; and if the POIs corresponding to the interest point types do not exist, determining the intermediate node as the leaf node. As shown in fig. 7, the grid map formed by performing the first decomposition of the area map corresponding to fig. 7(a) using the quadtree decomposition rule is fig. 7(b), and the grid map formed by performing the second decomposition of the area map corresponding to fig. 7(a) using the quadtree decomposition rule is fig. 7 (c).

S403: and connecting at least one grid in the grid map by adopting a Z-order curve to obtain a Z-order tree corresponding to the interest point type, wherein the Z-order tree comprises at least one node, and each node corresponds to a quantity domain for storing the quantity of the original interest points.

Specifically, a Z-order curve is adopted to carry out connection processing on at least one grid in a grid map so as to form a Z-order tree corresponding to the interest point type, and the Z-order tree stores all POIs corresponding to the same interest point type in a quad-tree storage structure so as to support distributed storage; moreover, all POIs are connected by adopting a Z-order curve, so that the neighbor can be conveniently calculated, and the calculation cost can be effectively saved in the neighbor query process.

As shown in fig. 7, the dots corresponding to each number in fig. 7 represent a POI, which is represented by P1 and P2 … … P19, respectively, and the mesh of the POI in the mesh map is different as the area map is thinner and thinner, as shown in fig. 7(b) and (c). Forming a Z-order tree based on the corresponding grid map of fig. 7(c) as shown in fig. 8, the children of each node in the Z-order tree are labeled as 00 (upper left), 01 (upper right), 10 (lower left), and 11 (lower right), i.e., the first is a y value, 0 is upper, and 1 is lower; the second is the value of x, 0 is left, and 1 is right. Since the kNN query involves a sort process, it is not sufficient to simply obtain all POIs in a certain area. However, although the Z-order curve has discontinuity, i.e., adjacent ones in sequence number are not necessarily adjacent geographically, kNN search can be performed on the generated Z-order tree in combination with the arrangement rule thereof (i.e., in ascending order of the Z values of the nodes) to save the calculation overhead in the neighbor query process.

In the kNN query, if calculation and re-ranking are directly performed based on all POIs and target positions, the operation of obtaining k neighboring points of interest (i.e., neighboring POIs) may cause huge calculation overhead, and therefore, the kNN query should consider the density of relevant points of interest on a map. The reason for this is that the density of some original points of interest on the map varies greatly, e.g., there may be hundreds of restaurants in a 10 km range, but only one or no hospitals. In this embodiment, at least one node is included in the formed Z-order, and each node corresponds to a number field for storing the number of original points of interest, as shown by the number in the circle corresponding to each node in fig. 8. It can be understood that the quantity field is used for storing the quantity of all the original interest points corresponding to the interest point types in the corresponding nodes, and is used for reflecting the density of storing the original interest points, so that the quantity field can perform the kNN query, and the calculation overhead is saved.

In the kNN query process, when the number in the number domain on the non-leaf node is larger than k, the user can cut off the Z-order tree and only takes the subtree needing to be calculated as the target subtree. At this time, the POI and the target position stored in all the leaf nodes in the target sub-tree are truncated, so that kNN query is performed based on the target sub-tree. Generally, the height of the target subtree required by searching is not high, which is a small reduction for the byte overhead and communication overhead of encryption required by a user, thereby achieving the purpose of saving the overhead.

In an embodiment, as shown in fig. 6, step S403 is to perform connection processing on at least one grid in the grid map by using a Z-order curve, and obtain a Z-order tree corresponding to the type of the point of interest, which specifically includes:

s4031: and acquiring grid coordinates (x, y) corresponding to each grid in the grid map. In a two-dimensional space formed by the grid map, a space coordinate system is formed by taking the upper left corner as an origin and the grids corresponding to the leaf nodes as units, and grid coordinates of each grid in the space coordinate system are obtained.

S4032: and carrying out binary conversion on the grid coordinates (x, y) to obtain corresponding x-axis binary coordinates and y-axis binary coordinates. For example, when the grid coordinates (3, 4) are binary-converted, the x-axis binary coordinate is obtained as x ═ 3₁₀＝(011)₂＝(x₁x₂x₃) The binary coordinate of the y-axis is y ═ 4₁₀＝(100)₂＝(y₁y₂y₃)。

S4033: and performing bit crossing operation on the x-axis binary coordinate and the y-axis binary coordinate to obtain a node Z value. For example, performing a bit interleaving operation on the x-axis binary coordinate and the y-axis binary coordinate means that the 1 st digit from the last of the x-axis binary coordinate is the 1 st digit from the node Z value of the binary after bit interleaving, the 1 st digit from the last of the y-axis binary coordinate is the 2 nd digit from the node Z value of the binary after bit interleaving, the 2 nd digit from the last of the x-axis binary coordinate is the 3 rd digit from the node Z value of the binary after bit interleaving, the 2 nd digit from the last of the y-axis binary coordinate is the 4 th digit from the node Z value of the binary after bit interleaving, the 3 rd digit from the last of the x-axis binary coordinate is the 5 th digit from the node Z value of the binary after bit interleaving, the 3 rd digit from the last of the y-axis binary coordinate is the 6 th digit from the node Z value of the binary after bit interleaving, then the obtained node Z value is Z ((011)₂，(100)₂)＝(011010)₂＝(26)₁₀。

S4034: and connecting at least one grid according to the ascending sequence of the Z values of the nodes to obtain a Z-order tree corresponding to the type of the interest point.

Because the grid Z value corresponding to each grid is a numerical value calculated by cross-arranging the x-axis binary coordinate and the y-axis binary coordinate of each grid, all grids can be connected according to the ascending sequence of the node Z value to obtain a Z-order curve, and a Z-order tree corresponding to the type of the interest point is formed on the basis of the Z-order tree and the grid map. Because the Z-order curves are space filling areas connected according to the ascending sequence of the Z values of the nodes, the characteristic can be realized that the searched target can be directly and quickly positioned without comparing distances to determine which node represents a more specific direction in the tree structure.

The following describes in detail the steps performed by the LBS client and the LBS server shown in fig. 3 in conjunction with the Z-order tree created in steps S401-S403:

The neighbor query request is a request for triggering the LBS client to perform neighbor query processing. The neighbor query request is a request triggered by the user on the LBS client, and is used for querying target points of interest (hereinafter referred to as target POIs) which the user needs to know. The target location is a location that is explicitly known to the user. The type of a point of interest (hereinafter, referred to as POI type) is a type of a point of interest that a user needs to query. For example, a user may enter "hotel near the safe financial center building" in the input box of the LBS client search interface and click on the search button to generate a neighbor query request, with "safe financial center building" as the target location and "hotel" as the point of interest type. The number of neighbors is the number of neighbors that need to be returned by the LBS client, and the number of neighbors can be set autonomously by the user or can adopt the default number of the LBS system. The private key is a key which is set by the user independently and used for encryption or decryption, and the private key is only known by the user to achieve a secrecy effect, so that the safety of the private information of the user is guaranteed.

In this embodiment, the Z-order tree is a tree structure formed by storing all points of interest (i.e., POIs) corresponding to a certain point of interest type by using a spatial storage result of a quadtree and performing spatial filling processing by using a Z-order curve. The Z-order curve refers to a space-filling curve formed according to the Z-order sequence, as shown in FIG. 6. The target node refers to a node in the Z-order tree corresponding to the target position. The target sub-tree is a sub-tree determined based on the Z-order tree that includes the target node.

In an embodiment, step S12, that is, based on the target location and the type of the point of interest, queries a Z-order tree that is created in advance based on a quadtree and a Z-order curve and corresponds to the type of the point of interest, and obtains a corresponding target node and a target sub-tree, specifically including the following steps:

s121: and inquiring a Z-order tree which is created in advance based on the quadtree and the Z-order curve and corresponds to the interest point type based on the target position and the interest point type, and acquiring a target node of the target position in the Z-order tree.

Specifically, based on the target position and the type of the interest point, querying a Z-order tree which is created in advance based on a quadtree and a Z-order curve and corresponds to the type of the interest point, namely querying the Z-order tree which is created in advance by adopting the steps S401-S403, and determining a node corresponding to the target position in the corresponding position in the Z-order tree corresponding to the type of the interest point as a target node. As shown in fig. 7 and 8, if the target position is P9, the grid coordinates (00, 10) of P9 in the grid map shown in fig. 7 are acquired, the grid coordinates (00, 10) are converted into a binary node Z value (1000) in the Z-order curve, and the node Z value (1000) directly searches for a path "10" → "00" in fig. 8, so that the target node can be determined.

S122: and sequentially determining the original interest point quantity of the quantity domain corresponding to the superior node of the target node as the target quantity, and if the target quantity is greater than the neighbor quantity, acquiring the parent node of the superior node as the target sub-tree of the root node.

In this embodiment, step S122 specifically includes the following steps: (1) the original interest point quantity of the quantity domain corresponding to the superior node (namely the parent node) of the target node is determined as the target quantity. (2) It is determined whether the target number is greater than the neighbor number. (3) If the target quantity is larger than the neighbor quantity, the parent node (namely the grandparent node of the target node) of the superior node (namely the father node of the target node) of the target node is used as a truncation node, a target sub-tree is formed based on the truncation node, and the root node of the target sub-tree is the grandparent node of the target node. The parent node of the superior node with the target quantity larger than the neighbor quantity is used as the root node of the target subtree, so that the condition that the query accuracy is influenced by the fact that the target position falls into the boundary of the area where the parent node is located can be avoided. (4) If the target quantity corresponding to the parent node is smaller than the neighbor quantity, the original interest point quantity of the quantity domain corresponding to the superior node of the target node (namely the grandparent node of the target node) is obtained and determined as the target quantity, and the steps (2) - (4) are repeatedly executed to obtain the target sub-tree.

As shown in fig. 8, when the P9 is located by the path "10" → "00", and when the parent node of P9 is searched for, the number in the number field of the parent node is 2, which is larger than k 1, the subtree having the parent node of P9 (i.e., the grandparent node of P9) as the root node is determined as the target subtree. At this time, the binary coordinates of the Z-order curves of all leaf nodes P8, P9, P14, P13 of the target subtree are truncated to "00", "01", and "10", respectively, and reduced to position coordinates (x, y) which are (0, 0) (0, 0) (1, 0) and (0, 1). It can be understood that, by using the grandparent node of P9 instead of the parent node as the root node (or the truncated node) of the target subtree, it can be effectively avoided that the target position falls into the boundary of the region where the parent node is located, which affects the accuracy of the query.

After acquiring the target sub-tree (as shown in fig. 9) where the target location is located, the LBS client traverses the leaf nodes in the target sub-tree, acquires the node truncation coordinates of each leaf node in the target sub-tree, so as to perform neighbor query calculation based on the node truncation coordinates, and acquire the corresponding distance. Specifically, the target node truncated coordinates and the adjacent node truncated coordinates. The target node truncation coordinates refer to coordinates of the target node in the target subtree, the adjacent node truncation coordinates refer to coordinates of each adjacent node in the target subtree, and the adjacent nodes are leaf nodes in the truncated target subtree. As in fig. 9, the neighboring nodes in the target subtree are P8, P9, P14 and P13, their neighboring node truncated coordinates in the target subtree are (0, 0) (0, 0) (1, 0) and (0, 1), respectively, represented by binary coordinates of 00, 01 and 10, respectively, and the target node truncated coordinate is (0, 0), represented by binary coordinates of 00, so that the LBS client acquires the truncated coordinates of 5 nodes.

The improved privacy homomorphism encryption algorithm is obtained by improving a simple Privacy Homomorphism (PH) encryption algorithm. Where PH is an encryption transformation that maps one set of operations on plaintext to another set of operations on ciphertext. Formally, they are cryptographic functions E_kT' → T, which allows decryption without the decryption function D_kThe encrypted data is operated on. For example, p and q are two secret large prime numbers. m ═ p × q is disclosed. The plaintext is set as T' ═ Z_mA set of plaintext operations defined on the plaintext set is F' { ++ {0,1_m,-_m,×_mAre addition, subtraction and multiplication, respectively, modulo m. The dense text set is T ═ Z_q×Z_q. The operation set F on the ciphertext is F' calculated in a component mode, namely when two ciphertexts are operated, numbers at t corresponding positions in the two ciphertexts are respectively subjected to addition, subtraction and multiplication. Defining private key k ═ p, q and encryptionFunction E_k(a)＝[amodp,amodq]. The decryption uses the Chinese remainder theorem: for coprime k positive integers n₁,...,n_kAt Z_N(N＝n₁n₂...n_k) Wherein there is a unique x satisfying x ≡ a_imodn_i,

Wherein the decryptor can easily find a unique matching x within the polynomial time by using extended rolling phase division (Euclidean algorithms). Obviously, in a simple HP encryption algorithm, the encryption is PH under the operations defined by F' and F, since m is p × q. However, this encryption scheme is subject to "plaintext" attacks (knock-out attacks), i.e., if an adversary knows a pair of corresponding plaintext and ciphertext, the values of p and q can be deduced.

Domingo-Ferrer improves the simple PH encryption algorithm and provides a verifiable and secure privacy homomorphic method, i.e., an improved privacy homomorphic encryption algorithm, under the same plaintext and ciphertext operations, i.e., modulo addition, modulo subtraction, and modulo multiplication operations.

In the improved privacy homomorphic encryption algorithm, (t, m) is a public key, i.e., the public key includes a positive integer t greater than 2 and a large integer m, m being a composite number, i.e., including at least one factor other than 1 and m. t represents how many parts a plaintext is divided into (in a simple PH encryption algorithm, t is 2; in an improved privacy homomorphic encryption algorithm, t is 2)>2). m should have many factors smaller than t. Still further, there are many integers smaller than m that are modulo m reversible, that is,

has a corresponding r^-1Make r be^-1X r ≡ 1 modm. Wherein the private key is (r, m '), including r and m', where r is a set of integers Z_mIs determined by the value of one of (a),

there is a corresponding r^-1Make r be^-1X r ≡ 1 modm; m 'is a factor of m greater than 1, expressed as k ═ r, m', i.e., m 'is a factor of m' greater than 1, among the m numerous factors.

The plaintext aggregate is T' ═ Z_m′. The set of ciphertexts is a T-tuple, i.e. T ═ Z_m)^t. The plaintext operation set F 'is composed of addition, subtraction and multiplication on T', i.e. a ciphertext has T-digit tuples, each digit belongs to an integer field set m, and the addition, subtraction and multiplication are modulo m operations. Similar to the simple PH encryption algorithm, the set of ciphertext operations F are additions, subtractions, and multiplications computed in a component-wise manner over T. Finally, the improved privacy-based homomorphic encryption algorithm is as follows:

randomly making plaintext a be Z_m'Is divided into t parts, a₁,...,a_tTo make

a_j∈Z_mAfter the segmentation, the plaintext a becomes the following form:

E_k(a)＝(a₁r mod m,a₂r² mod m,...,a_tr^t mod m) (1)

wherein Z is_m'Is an integer set consisting of m 'integers from 0 to m' -1, a is an integer set Z_m'Is a value of in (1), is a plain, Z_mIs a set of m integers from 0 to m-1, (t, m) is a public key, t is a positive integer greater than 2, m is a composite number, (r, m ') is a private key, m' is a divisor of m, r is a set of integers Z_mIs determined by the value of one of (a),

there is a corresponding r^-1Make r be^-1×r≡1modm。

In this step, after acquiring the truncated coordinates of the target node and the truncated coordinates of the adjacent node, the LBS client uses the truncated coordinates as a plaintext a, and encrypts the plaintext a by using the above formula (1), where the plaintext a is a long string of numbers, and the long string of numbers is randomly divided into t parts to satisfy the formula (1), so as to acquire corresponding encrypted data of the target node and encrypted data of the adjacent node. It can be understood that, since r in the private key (r, m') is a value defined by a user, after the truncated coordinates of the target node and the truncated coordinates of the adjacent node are encrypted by using the formula (1), the position privacy information in the encrypted data of the target node and the position privacy information in the encrypted data of the adjacent node can be obtained only by knowing the specific value of r, thereby playing a role in confidentiality.

Specifically, after the LBS client acquires the target node truncated coordinate and the adjacent node truncated coordinate, if the distance between the target node and the adjacent node is directly calculated based on the target node truncated coordinate and the adjacent node truncated coordinate, the calculation overhead of the LBS client is relatively large, and the normal operation of the LBS client is affected. If the truncated coordinates of the target node and the truncated coordinates of the adjacent nodes are directly sent to the LBS server for distance calculation, leakage of user privacy information (such as where the user is and where the user wants to go) may be caused, and therefore, an improved privacy homomorphic encryption algorithm needs to be adopted to encrypt the truncated coordinates of the target node and the truncated coordinates of the adjacent nodes, so that the encrypted data of the target node and the encrypted data of the adjacent nodes achieve the purpose of privacy and confidentiality. The LBS client sends the encrypted target node encrypted data and the encrypted adjacent node data to the LBS server, so that the LBS server performs homomorphic addition and multiplication calculation on a ciphertext based on the target node encrypted data and the adjacent node encrypted data to acquire secret distance data reflecting the distance between the target node and the adjacent node, and the purpose of saving calculation cost of the LBS client is achieved.

Specifically, the LBS server may receive target node encrypted data and adjacent node encrypted data sent by the LBS client, and since the target node encrypted data and the adjacent node encrypted data are respectively data obtained by performing encryption calculation on a target node truncated coordinate and an adjacent node truncated coordinate by using an improved privacy homomorphic encryption algorithm, and r in a private key (r, m') used by the improved privacy homomorphic encryption algorithm is a user-defined numerical value, the encrypted target node encrypted data and the encrypted adjacent node data can only be decrypted based on the private key, so as to achieve the purpose of guaranteeing the security of the user privacy information, and prevent the interception of the user privacy information from being leaked due to the target node encrypted data and the adjacent node encrypted data in the transmission process of the LBS client and the LBS server.

Specifically, after receiving the target node encrypted data and the adjacent node encrypted data, the LBS server performs homomorphic addition and multiplication on the ciphertext on the target node encrypted data and the adjacent node encrypted data, that is, performs homomorphic addition and multiplication on the target node encrypted data and the adjacent node encrypted data according to the operation set in the ciphertext operation set F', so as to obtain the distance between the target node and each adjacent node expressed in the form of the ciphertext, that is, secret distance data. In this embodiment, the ciphertext operation set F' includes the following contents:

one is homomorphic addition and subtraction, i.e. when operating, the same r degree component is subjected to corresponding subtraction or addition.

The second is homomorphic multiplication, i.e. all terms are in Z_mMiddle cross multiplication, i.e. degree t₁Term and degree are t₂Multiplying by the term of (a) will result in a degree t₁+t₂The item (1). The terms with the same r degrees are then added up.

Although improved privacy homomorphism algorithms (including encryption)Algorithm and decryption algorithm) can perform addition, subtraction and multiplication operations directly on the cipher text, but these operations still require a lot of computation, which makes the overhead on the LBS client large if the computation is performed directly on the LBS client, affecting its normal performance. E.g. let η₊Representing the computational overhead, η, of a sum of components_×Representing the overhead of one such component multiplication. Then, the overhead of the three operations in the ciphertext operation set is t η₊、tη₊And t²η_×+(t²-t)η₊. Note that multiplication changes the length of the ciphertext from t components to 2t components.

Since each component requires a multiplication. So the computational overhead of encryption is t η_×. The decryption overhead is only the last accumulation operation compared to the encryption overhead, so the overhead is t²η_×+(t-1)η₊. It is noted that the length of the encrypted ciphertext is t times the length of the plaintext before encryption. Since each component is Z_mIs a positive integer of (a), so the size of the ciphertext is t · l (m), where l (m) represents the binary length of m.

In practical applications, since the addition overhead of each component is not compared with the multiplication overhead of each component, the addition overhead can be disregarded when both addition and multiplication exist. For multiplication operations on components, especially on large moduli, the operation can become very efficient, up to 10, if Montgomeryreduction is used^-5And (4) second level.

It can be understood that the process of performing homomorphic addition and multiplication calculation on the ciphertext on the target node encrypted data and the adjacent node encrypted data by the LBS server to obtain the secret distance data is similar to the calculation process of the server in the encrypted LBS realized based on the Moore curve, but in the embodiment, the LBS server only needs to calculate the truncated target node and the truncated adjacent node, so that the calculation quantity is small and the efficiency is high.

Specifically, the LBS server sends the calculated secret distance data to the LBS client, because the secret distance data is a value obtained by performing homomorphic addition and multiplication on the encrypted data based on the private key (r, m ') in advance by adopting an improved privacy homomorphic encryption algorithm, and r is a user-defined value, other illegal users cannot decrypt the data without mastering the private key (r, m'), so that the safety of the user privacy information can be guaranteed when the secret distance data is intercepted. And the LBS server sends the secret distance data to the LBS client so that the LBS client can decrypt and determine the corresponding neighbor interest point, the purpose of neighbor query is achieved, and the calculation cost of the LBS client is reduced.

In particular, the improved privacy homomorphic decryption algorithm employed is as follows:

calculating r by using r^-1The ciphertext (e)₁,e₂,...,e_t) Calculated as follows to obtain the plaintext a

Where (t, m) is a public key, t is a positive integer greater than 2, m is a composite number, (r, m ') is a private key, m' is a factor of m, r is a set of integers Z_mIs determined by the value of one of (a),

there is a corresponding r^-1Make r be^-1×r≡1mod m，Z_mIs 0 to m-1The method comprises the steps that m integers form an integer set, e is secret distance data of a ciphertext, and a is a plaintext, and specifically is the distance between a target node and an adjacent node. That is, in this embodiment, e is secret distance data obtained by the LBS server performing homomorphic addition and multiplication on the ciphertext of the encrypted data of the target node and the encrypted data of the adjacent node, and a is a distance between the target node and the adjacent node obtained by the LBS client performing decryption based on the secret distance data.

The improved privacy homomorphic algorithm (including encryption and decryption algorithms) is resistant to plaintext attacks. The reason for this is that the size of the set of possible key pairs, due to the n known plaintext-ciphertext pairs, grows exponentially s-n (s ═ log)_m'm). This means that even if the attacker knows the corresponding plaintext cipher, the key pair he derives can belong to an arbitrarily large set and thus resist plaintext attacks.

The efficiency of the improved privacy homomorphic algorithm (including an encryption algorithm and a decryption algorithm) is proved through real experiments in the private query method of the improved privacy homomorphic algorithm applied to the untrusted data cloud. In the experiment, the plain text ranges from [0,10 ]⁶]Since addition and multiplication are performed, the size of the plaintext field m' can be 4 × 10¹². Finally, the experiment sets that m belongs to [2 x 10]¹⁷,8×10¹⁷],m′∈[2×10¹⁵,4×10¹⁵]，r∈[10¹⁵,2×10¹⁵]And t is 3. The encryption key is (m', r). On an IBM eserver xSeries 335 with a processor of Dual 4-cores Intel Xeon X55702.93GHz, 32GB RAM running GNU/Linux operating system, the CPU overhead for decrypting 20bits of data is about 2ms (in the paper, the CPU overhead for 40 pieces of data is 80ms), so that the overhead can be effectively reduced.

Specifically, the LBS client performs ranking based on the distance between the target node and the neighboring nodes, obtains a ranking result, and can quickly obtain neighboring interest points corresponding to the number of neighbors according to the position of the target node in the ranking result and the number of neighbors. In the above embodiment, after the target node and the neighboring node are sorted according to the distance therebetween, the obtained sorting results may obtain the order of (P8, P9, P13, and P14), and since k is 1, the user may query that the neighboring interest point is P8 or P9 (the reason that the leaf node cannot be further located to P9 is not finely divided). In practical application, the division should ensure that only one POI exists in each leaf node, so that the nearest interest point corresponding to the nearest node corresponding to the target node can be accurately located.

In the location privacy protection method based on neighbor query provided by this embodiment, in the Z-order tree created based on the quadtree and the Z-order curve, the tree structure of the Z-order tree supports distributed storage, and has the characteristics of easy segmentation and invariance. Although the continuity of the Z-order curve is poorer than that of the Hilbert curve, the Z-order curve is more regular and easier to locate than the Hilbert curve, the Z-order curve and the quadtree are used together, the Z-order curve not only can be easy to locate, but also can overcome the defect of inaccurate query caused by poor continuity, and analysis proves that the Z-order curve and the quadtree can ensure certain query accuracy and efficiency, so the Z-order curve and the Z-order curve are combined to form the Z-order tree for storing position information. The improved privacy homomorphic algorithm is adopted for encryption and decryption, so that the safety of the user privacy information can be effectively guaranteed; and the LBS client sends the encrypted target node encrypted data and the encrypted adjacent node data to the LBS server, so that the LBS server calculates the secret distance data, the LBS server shares the calculation cost of the LBS client, the cost of the LBS client is low, and the normal work of the LBS client is guaranteed.

The following is a performance analysis of the location privacy protection method based on neighbor query provided in this embodiment with reference to a specific experiment. In the experiment, the average result of 10 experiments is used as the final result in all the designed kNN query experiments, so that the randomness can be greatly eliminated, and the correctness of the data result is ensured. In this embodiment, the kNN query protocol designed herein is tested and evaluated, the tree building and kNN search code are implemented by C + +, and the test environment is run in our test environment, which is shown in table one. Because the tree building is one-time work of the LBS server, the tree building is not repeated in the subsequent query. Therefore, this part can be regarded as the system initialization overhead and is not the user overhead.

In terms of experimental data sets, a Sequoia data set was employed herein, which includes 62556 real place names and coordinates of the state of california, usa. According to the Sequoia data set, all the sites are firstly divided into 9 classes (School, Lake, Bridge, Creek, Farm, Mine, Golf Corse, Hospital, Campground) to establish the POIs data set to be used. To obtain the corresponding correct query dataset from each type of POI to calculate the accuracy of the experimental solution, the experiment randomly generated 1000 user query coordinates in a range of locations not exceeding the Sequoia dataset, and calculated the 50 nearest neighbor set of coordinates for each type of POI query using euclidean distances. This results in the correct query result data set to be used for comparison in this experiment. The accuracy calculation formula is accuracy rate (| R ═ G |)/(| G |), where G is the actual neighbor set calculated using the euclidean distance and R is the neighbor set obtained by the experiment. To ensure the fairness of the experimental comparison, the size of the map lattice of the hilbert curve and the size of the leaf node of the tree constructed in the DPIR-NN (Distributed private information retrieval-neighbor, that is, the neighbor query policy corresponding to the location privacy protection method based on neighbor query provided in this embodiment) query both satisfy the requirement of the size of the map lattice of the hilbert curve and the size of the leaf node of the tree constructed in the DPIR-NN (Distributed private information retrieval-neighbor) query

In addition, a uniformly distributed data set was synthesized with 65536 POIs, which were uniformly distributed in the square area. These data processing tasks are all done by python.

Table one experimental environment

The ASM-PH encryption parameters used in the experiment are set as the plaintext field m' e [2 ] in the similar way to the literature10¹⁵,4×10¹⁵]The encryption key is (m', r), where m ∈ [2 × 10]¹⁷,8×10¹⁷]，r∈[10¹⁵,2×10¹⁵]The number of components t is 3.

First, user computation overhead is evaluated in a PCQP (Private Circular Query Protocol), PIR-NN (Private information retrieval-neighbor), DPIR-NN and DPIR-NN (Distributed Private information retrieval-neighbor, that is, a neighbor Query strategy corresponding to the location privacy protection method based on neighbor Query provided in this embodiment) scheme, and when three schemes of PCQP, PIR-NN and DPIR-NN are changed with k, the CPU running time of the LBS client is shown in fig. 10, and when the network transmission delays of the three schemes of PCQP, PIR-NN and DPIR-NN are changed with k, the network transmission delay of the LBS client is shown in fig. 11.

It can be seen that the running time increases as k is larger, and changes faster in the interval [1,10], and then gradually becomes slower. This is because the diameter of the map area where k neighbors are located and k are in a square relation, and the larger the diameter of the map area is, the larger the range to be searched in the tree is, and the more the encryption and decryption overhead of the user is. A phenomenon occurs in which the larger k, the less significant the overhead increases. With the PCQP (Private Circular Query Protocol) method, on Win7 OS, Intel i 5-24003.1 GHz processor, 8GB RAM personal computer, the encryption and decryption time required by the user in one kNN Query is 1.7286s, which is not in a magnitude. This is because the PCQP method requires the use of the Paillier encryption system to encrypt an offset vector containing 62556 (number of POIs in the data set) elements to the LBS server. And in any case the DPIR-NN only needs to use a little simpler improved privacy homomorphism algorithm to encrypt part of the POI positions by the user.

Although the CPU time of the user is short in the DPIR-NN, the LBS server only needs to calculate on the ciphertext, and in the PIR-NN (private information retrieval-neighbor) and PCQP, the LBS server only needs to retrieve from the corresponding HillThe number of the position immediately adjacent to the left and right of a certain position is taken out from the Bert curve, so that the calculation cost of the LBS server side is high. Wherein, the main computation overhead of the PCQP method is actually consumed on Paillier encryption. Once kNN query, LBS server needs to calculate n on Paillier ciphertext_pThe sum of the powers n _p1 multiplication, one single core LBS server takes about 28.2 xk(s). The PIR-NN needs to do n in a ciphertext domain_pThe second multiplication operation, depending on the size of the ciphertext domain, typically requires 20-60(s). And the working of the DPIR-NN, LBS server consists of two parts. The first part is to calculate the distance between the encryption coordinates of all leaf nodes under the submitted root node and the encryption coordinates of the user position; the second part is to further query the detailed information using DPIR according to the obtained sequence numbers of the k neighbors. In the first part, regardless of whether the user sends the LBS server a sub-tree, the LBS server calculates the distance between the coordinates of all 62556 leaf nodes encrypted by ASM-PH and the coordinates of the user, and the calculation time is not longer than 1s, so that the calculation cost of the LBS server is basically wasted in further information query. If the detailed time of the searched k neighbor POIs needs to be known, the calculation time of the LBS server in the DPIR-NN is about k times of that of the PIR-NN scheme, and is about the same as that of the LBS server in the PCQP.

Fig. 11 uses ns-3 to simulate the address, and the environmental parameters are shown in the table one, and it can be seen from the comparison of the transmission delay of the three networks, i.e. PCQP, PIR-NN and DPIR-NN, shown in fig. 11, that the transmission delay of the DPIR-NN is higher than that of the PIR and PCQP methods because the DPIR-NN includes two communication processes.

The kNN query privacy protection algorithm DPIR-NN proposed herein was then tested for kNN query accuracy between the Sequoia dataset and the Uniform dataset and two related methods, PCQP and PIR-NN, both using Hilbert curves to fill the target map and find the nearest neighbors (results are shown in FIG. 12). Based on the characteristics of PIR-NN and PCQP, the size (or the number of public POIs) of the result set returned by the LBS server for one kNN query is respectively

And 3k, n_pIs the number of all POIs in the map.

As can be seen from FIG. 12, DPIR-NN is better than PCQP when the total number of returned POIs is within 20 compared to PCQP. Even if the total number of returned POIs is increased to k 50, the accuracy of DPIR-NN is still comparable to PCQP, which is only 2% worse at most. While the PIR-NN method performs well in smaller cases, the accuracy performance of the PIR-NN degrades rapidly with increasing cases, because the PIR-NN is designed only for querying nearest neighbors. Also, although our method has a decrease in accuracy as k is gradually increased, these changes are acceptable because the accuracy drops by less than 5%. The reason for analyzing the decrease of the DPIR-NN is that as k increases, the neighbor nodes farther away from the query position exceed the range of the root node of the query sub-tree, so that loss is caused, and the corresponding accuracy rate is reduced.

As can be seen from FIG. 13, the accuracy of DPIR-NN on the resultant evenly distributed data set is better than that of PCQP because the data points are evenly distributed, which means that the constructed tree is more balanced and the superiority of DPIR-NN on the more even data set is seen.

In the experiment, a kNN query strategy suitable for DPIR is designed, and a Z-order tree formed by a Z-order curve and a quadtree structure is utilized to store position information, so that the user positioning position is simple and quick; the privacy homomorphic encryption algorithm supporting multiplication (namely, the improved privacy homomorphic encryption algorithm) is used for keeping secret of query contents, so that the LBS server and the intermediate server are only responsible for calculation, and a user can obtain k neighbor information under the condition that the LBS server does not know the position information; the tree structure is still a tree after being decomposed, and distributed storage is naturally supported, so that the method can be used in combination with the DPIR, and is convenient for a user to further inquire. By performing experiments on the DPIR-NN strategy by using two datasets, namely a real dataset (namely a Sequoia dataset) and a synthetic dataset (namely a Uniform dataset), the experimental results show that the DPIR-NN user has less calculation time and high query accuracy.

It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.

In an embodiment, a location privacy protection system based on neighbor query is provided, and the location privacy protection system based on neighbor query is in one-to-one correspondence with the location privacy protection method based on neighbor query in the above embodiments. The location privacy protection system based on the neighbor query comprises an LBS client and an LBS server.

The LBS client performs the following steps:

a neighbor query request is generated, the neighbor query request including a target location, a point of interest type, a neighbor number, and a private key.

And inquiring a Z-order tree which is created in advance based on the quadtree and the Z-order curve and corresponds to the interest point type based on the target position and the interest point type to obtain a corresponding target node and a target sub-tree.

And traversing the leaf nodes in the target subtree to obtain node truncation coordinates corresponding to the leaf nodes, wherein the node truncation coordinates comprise target node truncation coordinates and adjacent node truncation coordinates.

And based on the private key, carrying out encryption calculation on the truncated coordinates of the target node and the truncated coordinates of the adjacent nodes by adopting an improved privacy homomorphic encryption algorithm to obtain encrypted data of the target node and encrypted data of the adjacent nodes.

And sending the target node encrypted data and the adjacent node encrypted data to an LBS server, and receiving secret distance data obtained by performing homomorphic addition and multiplication calculation on ciphertext of the target node encrypted data and the adjacent node encrypted data returned by the LBS server.

And based on the private key, decrypting the secret distance data by adopting an improved privacy homomorphic decryption algorithm to respectively obtain the distance between the target node and the adjacent node.

The LBS server executes the following steps:

and receiving target node encrypted data and adjacent node encrypted data sent by a client, wherein the target node encrypted data and the adjacent node encrypted data are respectively obtained by encrypting and calculating the truncated coordinates of the target node and the truncated coordinates of the adjacent node by adopting an improved privacy homomorphic encryption algorithm.

And performing homomorphic addition and multiplication calculation on the ciphertext on the target node encrypted data and the adjacent node encrypted data to acquire secret distance data.

And sending the secret distance data to the LBS client so that the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on a private key, respectively obtains the distances between the target node and the adjacent nodes, and sequences based on the distances between the target node and the adjacent nodes to obtain the neighbor interest points corresponding to the neighbor number.

Specific limitations on the location privacy protection system based on the neighbor query can be referred to the above limitations on the location privacy protection method based on the neighbor query, and are not described herein again. The various modules in the above proximity query-based location privacy protection system may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.

In one embodiment, a computer device is provided, which may be either an LBS client or an LBS server, and its internal structure diagram may be as shown in fig. 14. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for executing data adopted or formed in the position privacy protection method process based on the neighbor query, such as a Z-order tree. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a location privacy preserving method based on neighbor query.

In an embodiment, a computer device is provided, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the steps of the location privacy protection method based on neighbor query in the foregoing embodiments are implemented, for example, the steps shown in fig. 3, and are not described here again to avoid repetition.

In an embodiment, a computer-readable storage medium is provided, where a computer program is stored on the computer-readable storage medium, and when executed by a processor, the computer program implements the steps of the location privacy protection method based on neighbor query in the foregoing embodiments, for example, the steps shown in fig. 3, and in order to avoid repetition, details are not repeated here.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).

It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions.

The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.

Claims

1. A location privacy protection method based on neighbor query is characterized by comprising the following steps executed by an LBS client:

wherein, the adoption of the improved privacy homomorphic encryption algorithm comprises the following steps:

randomly making plaintext a be Z_m'Is divided into t parts, a₁,...,a_tTo make

a_j∈Z_mAfter the segmentation, the plaintext a becomes the following form:

E_k(a)＝(a₁r mod m,a₂r² mod m,...,a_tr^t mod m)

there is a corresponding r^-1Make r be^-1×r≡1modm；

Wherein the employing the improved privacy homomorphic decryption algorithm comprises:

there is a corresponding r^-1Make r be^-1×r≡1modm，Z_mThe distance between the target node and the adjacent node is an integer set formed by m integers from 0 to m-1, e is secret distance data of a ciphertext, and a is a plaintext, specifically, the distance between the target node and the adjacent node.

2. The location privacy protection method based on neighbor query as claimed in claim 1, wherein the querying a Z-order tree corresponding to the type of interest point, which is created in advance based on a quadtree and a Z-order curve, based on the target location and the type of interest point, to obtain a corresponding target node and a target sub-tree comprises:

based on the target position and the interest point type, inquiring a Z-order tree which is created in advance based on a quadtree and a Z-order curve and corresponds to the interest point type, and acquiring a target node of the target position in the Z-order tree;

and sequentially determining the original interest point quantity of the quantity domain corresponding to the superior node of the target node as a target quantity, and if the target quantity is greater than the neighbor quantity, acquiring a target sub-tree of which the parent node of the superior node is the root node.

3. A location privacy protection method based on neighbor query is characterized by comprising the following steps executed by an LBS server:

sending the secret distance data to an LBS client so that the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on a private key, respectively obtains the distances between a target node and adjacent nodes, and sequences based on the distances between the target node and the adjacent nodes to obtain neighbor interest points corresponding to the number of the neighbors;

randomly making plaintext a be Z_m'Is divided into t parts, a₁,...,a_tTo make

a_j∈Z_mAfter the segmentation, the plaintext a becomes the following form:

E_k(a)＝(a₁r mod m,a₂r² mod m,...,a_tr^t mod m)

there is a corresponding r^-1Make r be^-1×r≡1modm；

there is a corresponding r^-1Make r be^-1×r≡1 mod m，Z_mThe distance between the target node and the adjacent node is an integer set formed by m integers from 0 to m-1, e is secret distance data of a ciphertext, and a is a plaintext, specifically, the distance between the target node and the adjacent node.

4. The neighbor query-based location privacy protection method according to claim 3, wherein before the target node encrypted data and the neighboring node encrypted data sent by the receiving client, the neighbor query-based location privacy protection method comprises:

marking original interest points corresponding to the same interest point type in a regional map;

decomposing the area map by adopting a quadtree decomposition rule according to the marked position of the original interest point to obtain a corresponding grid map, wherein the grid map comprises at least one grid;

and connecting at least one grid in the grid map by adopting a Z-order curve to obtain a Z-order tree corresponding to the interest point type, wherein the Z-order tree comprises at least one node, and each node corresponds to a quantity domain for storing the quantity of the original interest points.

5. The location privacy protection method based on neighbor query as claimed in claim 4, wherein the connecting at least one of the grids in the grid map by using a Z-order curve to obtain a Z-order tree corresponding to the interest point type includes:

acquiring grid coordinates (x, y) corresponding to each grid in the grid map;

binary conversion is carried out on the grid coordinates (x, y), and corresponding x-axis binary coordinates and y-axis binary coordinates are obtained;

performing bit crossing operation on the x-axis binary coordinate and the y-axis binary coordinate to obtain a node Z value;

and connecting at least one grid according to the ascending sequence of the Z values of the nodes to obtain a Z-order tree corresponding to the type of the interest point.

6. A location privacy protection system based on neighbor query is characterized by comprising an LBS client and an LBS server;

the LBS client executes the following steps:

the LBS server executes the following steps:

sending the secret distance data to an LBS client so that the LBS client decrypts the secret distance data by adopting an improved privacy homomorphic decryption algorithm based on a private key, respectively obtains the distances between a target node and adjacent nodes, and sequences based on the distances between the target node and the adjacent nodes to obtain neighbor interest points corresponding to the neighbor number;

randomly making plaintext a be Z_m'Is divided into t parts, a₁,...,a_tTo make

a_j∈Z_mAfter the segmentation, the plaintext a becomes the following form:

E_k(a)＝(a₁r mod m,a₂r² mod m,...,a_tr^t mod m)

there is a corresponding r^-1Make r be^-1×r≡1 mod m；

7. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor when executing the computer program performs the steps of the neighbor query based location privacy protection method of any one of claims 1 to 5.

8. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out the steps of the neighbor query based location privacy protection method according to any one of claims 1 to 5.