CN111935141B - Single-time inadvertent anti-link query system and method for secret data - Google Patents

Single-time inadvertent anti-link query system and method for secret data Download PDF

Info

Publication number
CN111935141B
CN111935141B CN202010794635.9A CN202010794635A CN111935141B CN 111935141 B CN111935141 B CN 111935141B CN 202010794635 A CN202010794635 A CN 202010794635A CN 111935141 B CN111935141 B CN 111935141B
Authority
CN
China
Prior art keywords
data
cloud storage
query
party
prefix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010794635.9A
Other languages
Chinese (zh)
Other versions
CN111935141A (en
Inventor
李萌
陈毅飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hefei University of Technology
Original Assignee
Hefei University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hefei University of Technology filed Critical Hefei University of Technology
Priority to CN202010794635.9A priority Critical patent/CN111935141B/en
Publication of CN111935141A publication Critical patent/CN111935141A/en
Application granted granted Critical
Publication of CN111935141B publication Critical patent/CN111935141B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a query system and a query method aiming at single accidental link resistance of secret data, which are applied to a network environment consisting of a plurality of data uploading modules, a plurality of data requesting modules and a data cloud storage module; the data uploading module calculates the security index of the data, uploads the security index to the data cloud storage module together with the encrypted data and shares a secret key with some data uploading modules; the data request module generates a query token, submits the token to the data cloud storage module, decrypts matched data after the data is sent back, and otherwise, waits for valid data all the time; and the data cloud storage module receives the security index and the encrypted data from the data uploading module, receives the token from the data requesting module, searches the security index by using the token and returns a query result, and otherwise returns a null value. The invention can protect the privacy of the data requester from being damaged by the untrusted data cloud storage party.

Description

Single-time inadvertent anti-link query system and method for secret data
Technical Field
The invention relates to a single-time accidental link-resistant query system and a single-time accidental link-resistant query method for secret data, and belongs to the technical field of privacy protection, cloud service and encrypted data query.
Background
In the context of most smartphones equipped with GPS devices, the smartphone-side mobile application can provide location-based services by sending a data requestor's current location and geospatial query to a data cloud storage party (e.g., a cloud database server). And the data cloud storage party searches the database thereof according to the data submitted by the data uploading party and then returns the query result to the user.
Data cloud storage parties tend to store their geospatial data in a public cloud storage service to achieve lower maintenance costs, lower response latency, and greater flexibility. Privacy is a critical issue since public cloud storage services are not fully trusted. Therefore, it is crucial to enforce privacy safeguards for location-based queries on public cloud storage services.
To solve the privacy protection problem, location-based services using a secure K-nearest neighbor query processing method have emerged in recent years. These methods typically include three parties: the system comprises a data uploading party, a data requesting party and a data cloud storage party. Wherein the data uploading party stores the encrypted data and the security index on the data cloud storage party. The data request side submits a safe K nearest neighbor query to the data cloud storage side, the data cloud storage side returns a corresponding result after searching a database of the data cloud storage side, and the data cloud storage side is not completely credible. However, these methods do not address the problem of term exclusion, i.e., how to match a data query to a data item at most once in a manner that is both inadvertent and unlinkable. This also brings three new requirements:
(1) single use: excluding from the data query a particular item that was matched in a certain data query;
(2) unconsciousness: preventing the data cloud storage from knowing which attribute in the query has been used to exclude the particular item;
(3) unlinkability: the data cloud storage is prevented from knowing that the particular item has been previously matched to the query.
Disclosure of Invention
The invention aims to overcome the defects in the prior art, and provides a query system and a query method aiming at single-time inadvertent link of secret data, so that the security threat of an untrusted data cloud storage party can be resisted in the process of querying the secret data on the cloud, and the problem of item exclusion is solved, thereby protecting the privacy problem of a data requesting party and ensuring the life and property security of the data requesting party.
The invention adopts the following technical scheme for achieving the aim of the invention:
the invention relates to a query system aiming at single accidental link resistance of secret data, which is characterized by comprising a plurality of data uploading modules, a plurality of data requesting modules and a data cloud storage module;
the data uploading module comprises: an index generating unit and a shared key transmitting unit;
the data request module comprises: a shared key receiving unit, a token generating unit, and an encrypted data receiving unit;
the data cloud storage module comprises: an index receiving unit and a data searching unit;
the shared key sending unit sends the shared key to the index generating unit and the shared key receiving unit respectively;
the index generating unit extracts the spatial attributes and the identifiers of the data items to be uploaded so as to calculate a security index, encrypts the data items to be uploaded by using the shared secret key to obtain encrypted data, and sends the encrypted data and the security index to the data cloud storage module for storage;
the token generation unit generates a query token by using the spatial attribute of the data item to be requested, the shared key and the range of the identifier, and sends the query token to the data search unit;
the data searching unit searches a security index by using the query token, if the search is successful, corresponding encrypted data is sent to the encrypted data receiving unit, and if the search is failed, an empty character string is sent;
the encrypted data receiving unit receives the encrypted data and decrypts the encrypted data using the shared key, thereby obtaining valid data.
The invention relates to a query method aiming at single accidental link resistance of secret data, which is characterized by being applied to a network environment consisting of a plurality of data uploading parties, a plurality of data requesting parties and a data cloud storage party, and the query method is carried out according to the following steps:
step one, index construction:
step 1.1 any data uploading party with identifier n holds an item of data of location L
Figure GDA0003481013890000021
First using u projection functions p1,p2,...,pi,...,puConverting location L to feasible location fl for data uploader with identifier nn=AND(p1(L),p2(L),...,pi(L),...,pu(L)); wherein p isiRepresents the ith projection function, an
Figure GDA0003481013890000022
aiDenotes the ith division of the u divisions of the angle 2 π, biRepresents the interval [0, d]U is the ith of the u equal division, dDenotes the interval length, pi(L) denotes the ith projection function piProjection of the location L; AND represents an AND operation; i is an e [1, u ]];
Step 1.2 data uploading side uses prefix-free encoding to project the ith function piProjection p of the position Li(L) encoding for conversion into projections
Figure GDA0003481013890000023
Thereby obtaining the codes of all the projections and connecting the codes into character strings
Figure GDA0003481013890000024
Figure GDA0003481013890000025
Representing a projection p of a location Li(L), where | represents a join operation;
step 1.3 the data uploading party combines the identifier n with the character string strnConnection generation keyword Sn=n||strnAnd encoding the key S by prefixnConversion into a set of prefixes Sn
Step 1.4 given t pseudo-random hash functions h1,h2,...,htA random prediction machine H and m +1 secret keys K1,K2,...Km,Km+1The data uploading side initializes an empty indistinguishable bloom filter BnAnd is provided with
Figure GDA0003481013890000031
Thereby prefixing a set of SnThe kth prefix pr in (1)kAnd a random number rnInsert into bloom Filter BnPerforming the following steps; wherein the content of the first and second substances,
Figure GDA0003481013890000032
denotes hashing the message authentication code with a key of the jth key,
Figure GDA0003481013890000033
key hash elimination indicating use of m +1 th keyAn authentication code;
Figure GDA0003481013890000034
representing an exclusive-OR operation, k ∈ [1, | Sn|],j∈[1,m];|SnI denotes the prefix SnLength of (d);
step 1.5 data uploader will be filtered by bloom Filter BnAnd a random number rnThe formed security index and encrypted data D'l nSubmitting to the data cloud storage party;
step two, token generation:
step 2.1 any data requestor holds the identifier n 'to be excluded at location L' and utilizes u projection functions p1,p2,...,pi,...,puConverting self position L ' into feasible position fl ' of data requester 'n=AND(p1(L′),p2(L′),...,pi(L′),...,pu(L′));pi(L') denotes the ith projection function piA projection of the location L';
step 2.2 data requestor generates approximate string using prefix-free encoding and string join operations
Figure GDA0003481013890000035
The range R ═ 1, n '-1 is then generated using the identifier n' to be excluded]∪[n′+1,N]And calculate the keyword Sn=R||s′n(ii) a Wherein the content of the first and second substances,
Figure GDA0003481013890000036
representing a projection p of the location Li(L');
step 2.3 the data requestor encodes an approximate string s 'using a prefix'nSet S 'converted to prefix'nAnd calculates the kth prefix pr'kH ofj(pr′k);1≤j≤m;
Step 2.4 data requestor eventually generates a query token
Figure GDA0003481013890000037
And submitting to a data cloud storage party; wherein, | S'nL represents a prefix S'nLength of (d);
step three, query processing:
3.1, the data cloud storage party receives corresponding security indexes from a plurality of data uploading parties respectively and receives a query token T from a data requesting party;
step 3.2 the data cloud storage side utilizes
Figure GDA0003481013890000041
And checking whether the query token T can be matched with any one security index, if so, returning corresponding encrypted data to the data request party by the data cloud storage party to further decrypt the data, and otherwise, returning an empty character string.
Compared with the prior art, the invention has the beneficial effects that:
1. according to the method, a data uploading party extracts the spatial attributes and identifiers of data items and calculates a security index, the data are encrypted and then submitted to a data cloud storage party together with the index, and a secret key is shared with a data requesting party. The data requesting party generates a query token and submits the query token to the data cloud storage party to obtain the required data, and the data cloud storage party searches the security index by using the token and returns the corresponding data, so that the problem of item exclusion is solved, the requirements of single time, carelessness and unlinkability are met, and the privacy of the data requesting party is effectively protected;
2. according to the method, a data uploading party generates the safety index by using the non-regionally distributed bloom filter technology, the projection-based spatial coding technology, the prefix coding technology and the prefix-free coding technology, so that a malicious data cloud storage party cannot acquire information such as the spatial position of the data uploading party, and the strong index safety is achieved;
3. according to the invention, a data request party generates the query token by using a prefix encoding technology, a prefix-free encoding technology and a key hash message authentication code technology, so that the problem of item exclusion is solved, a malicious data cloud storage party cannot acquire the spatial information of the data request party and the item related information to be excluded, and strong token privacy is achieved;
4. the invention realizes low-computation-cost computing operation on each of a data uploading party, a data requesting party and a data cloud storage party, realizes low-overhead communication of each party, effectively reduces the query response time, avoids the complicated interactive operation taking local execution as a main part, and does not reduce the accuracy of safe K nearest neighbor query processing.
Drawings
FIG. 1 is a diagram of a secure K nearest neighbor query model in the prior art;
FIG. 2 is a model diagram of a single oblivious anti-chaining query system for dense state data in accordance with the present invention;
FIG. 3 is an overview of the present invention's single oblivious anti-chaining query method for dense data.
Detailed Description
In this embodiment, a typical secure K nearest neighbor query process is as shown in fig. 1, where a data upload module encrypts data and calculates a secure index to upload to a data cloud storage module, and a data request module sends a secure K nearest neighbor query to the data cloud storage module and obtains a return result;
in this embodiment, a single-time inadvertent link-resistant query system for secret data, as shown in fig. 2, includes a plurality of data uploading modules, a plurality of data requesting modules, and a data cloud storage module;
taking the cloud confidential data query processing in the primary car appointment service as an example, the data uploading module is a driver providing the car appointment service, the data request module is a passenger needing the car appointment service, the data cloud storage module is a third-party platform, the passenger submits the position of the passenger to the third-party platform, and the third-party platform is matched with a proper driver to take over driving;
the data uploading module and the data request module are implemented at an android platform end, the data cloud storage module is implemented at a notebook computer end, the cryptographic operation in the system is implemented by means of a Java Pairing Based Cryptography (JPBC) library, and the network communication among all the parties is implemented by building an HTTP (S) server by using a Spring Boot framework;
the data uploading module comprises: an index generation unit and a shared key transmission unit;
the data request module comprises: a shared key receiving unit, a token generating unit and an encrypted data receiving unit;
the data cloud storage module comprises: an index receiving unit and a data searching unit;
the shared key sending unit sends the keys to the index generating unit and the shared key receiving unit respectively;
the index calculation unit extracts the spatial attributes and the identifiers of the data items to be uploaded so as to calculate a security index, encrypts the data items to be uploaded by using a shared key to obtain encrypted data, and sends the encrypted data and the security index to the data cloud storage module for storage;
the token generation unit generates a query token by using the spatial attribute of the data item to be requested, the shared key and the range of the identifier, and sends the query token to the data search unit; (ii) a
The data searching unit searches the security index by using the received query token, if the search is successful, corresponding encrypted data is sent to the encrypted data receiving unit, and if the search is failed, a null character string is sent;
the encrypted data receiving unit receives the encrypted data and decrypts the encrypted data using the shared key, thereby obtaining valid data.
As shown in fig. 3, the query method for single-time inadvertent anti-linking of dense data uses projection-based spatial encoding to convert the K nearest neighbor problem into the equality check problem, uses prefix-free encoding and prefix encoding to convert the equality check problem and the item exclusion problem into the keyword query problem, and finally uses the non-regionally distributed bloom filter to construct a security index, and uses member checking in the bloom filter to implement secure and effective query processing.
In this embodiment, a single-time unintentional anti-link query method for secret data is applied to a network environment formed by a plurality of data uploading parties, a plurality of data requesting parties, and a data cloud storage party, and is performed according to the following steps:
step one, index construction:
step 1.1 any data uploading party with identifier n holds an item of data of location L
Figure GDA0003481013890000051
For useful information about the location L, such as the current vehicle idle information, speed and direction information uploaded by the driver in the vehicle reservation service, u projection functions p are first used1,p2,...,pi,...,puConverting location L to feasible location fl for data uploader with identifier nn=AND(p1(L),p2(L),...,pi(L),...,pu(L)); wherein p isiRepresents the ith projection function, an
Figure GDA0003481013890000061
aiDenotes the ith division of the u divisions of the angle 2 π, biRepresents the interval [0, d]I-th of u, d denotes the interval length, pi(L) denotes the ith projection function piProjection of the location L; AND means AND operation, a combination of two AND's that are equal when all elements in the two AND's are equal; i is an e [1, u ]];
Step 1.2 data uploading side uses prefix-free encoding to project the ith function piProjection p of the position Li(L) encoding for conversion into projections
Figure GDA0003481013890000062
Thereby obtaining the codes of all the projections and connecting the codes into character strings
Figure GDA0003481013890000063
Figure GDA0003481013890000064
Representing a projection p of a location Li(L), where | represents a join operation;
step 1.3 the data uploading party combines the identifier n with the character string strnConnection generation keySn=n||strnAnd encoding the key S by prefixnConversion into a set of prefixes Sn
Step 1.4 given t pseudo-random hash functions h1,h2,...,htA random prediction machine H and m +1 secret keys K1,K2,...Km,Km+1The data uploading side initializes an empty indistinguishable bloom filter BnAnd is provided with
Figure GDA0003481013890000065
Thereby prefixing a set of SnThe kth prefix pr in (1)kAnd a random number rnInsert into bloom Filter BnPerforming the following steps; wherein the content of the first and second substances,
Figure GDA0003481013890000066
denotes hashing the message authentication code with a key of the jth key,
Figure GDA0003481013890000067
the cipher key hash message authentication code which represents that the (m + 1) th cipher key is used is a hash value obtained by adding the cipher key into data and then carrying out hash operation;
Figure GDA0003481013890000068
represents XOR, k ∈ [1, | Sn|],j∈[1,m];|SnI denotes the prefix SnLength of (d);
step 1.5 data uploader will be filtered by bloom Filter BnAnd a random number rnThe formed security index and encrypted data D'l nSubmitting the data to a data cloud storage party, wherein the encryption algorithm is an AES encryption algorithm;
step two, token generation:
step 2.1 any data requester holds an identifier n ' to be excluded at a location L ', e.g. in a certain car-booking service the passenger does not want a car-booking driver of a certain network to pick up a ticket, in which case n ' may be the driver ID, and uses u projection functions p1,p2,...,pi,...,puConverting self position L' into feasible position fl of data requestern′=AND(p1(L′),p2(L′),...,pi(L′),...,pu(L′));pi(L') denotes the ith projection function piA projection of the location L';
step 2.2 data requestor generates approximate string using prefix-free encoding and string join operations
Figure GDA0003481013890000071
The range R ═ 1, n '-1 is then generated using the identifier n' to be excluded]∪[n′+1,N]And calculate the keyword Sn=R||s′n(ii) a Wherein the content of the first and second substances,
Figure GDA0003481013890000072
representing a projection p of the location Li(L');
step 2.3 the data requestor encodes an approximate string s 'using a prefix'nSet S 'converted to prefix'nAnd calculates the kth prefix pr'kH ofj(pr′k);1≤j≤m;
Step 2.4 data requestor eventually generates a query token
Figure GDA0003481013890000073
And submitting to a data cloud storage party; wherein, | S'nL represents a prefix S'nLength of (d);
step three, query processing:
step 3.1, the data cloud storage party receives corresponding security indexes from a plurality of data uploading parties respectively and receives a query token T from a data requesting party;
step 3.2 data cloud storage utilization
Figure GDA0003481013890000074
Checking whether the query token T can be matched with any one security index, and if so, returning corresponding encrypted data to the data cloud storage partyAnd the data is further decrypted according to the requester, otherwise, an empty character string is returned, and the data requester can select to send the request again after waiting for a period of time or send the request by the mobile place after receiving the empty character string.
In conclusion, the invention improves on the basis of the secure K nearest neighbor algorithm, solves the problem of item elimination, realizes the query method and system with single use, obliviousness and anti-chaining property, and can effectively resist the security threat of the untrusted data cloud storage party, thereby protecting the privacy safety, personal safety and property safety of the data requesting party.

Claims (2)

1. A single oblivious link resistant query system for confidential data, comprising: the system comprises a plurality of data uploading modules, a plurality of data requesting modules and a data cloud storage module;
the data uploading module comprises: an index generating unit and a shared key transmitting unit;
the data request module comprises: a shared key receiving unit, a token generating unit, and an encrypted data receiving unit;
the data cloud storage module comprises: an index receiving unit and a data searching unit;
the shared key sending unit sends the shared key to the index generating unit and the shared key receiving unit respectively;
the index generating unit extracts the spatial attributes and the identifiers of the data items to be uploaded so as to calculate a security index, encrypts the data items to be uploaded by using the shared secret key to obtain encrypted data, and sends the encrypted data and the security index to the data cloud storage module for storage;
the token generation unit generates a query token by using the spatial attribute of the data item to be requested, the shared key and the range of the identifier, and sends the query token to the data search unit;
the data searching unit searches a security index by using the query token, if the search is successful, corresponding encrypted data is sent to the encrypted data receiving unit, and if the search is failed, an empty character string is sent;
the encrypted data receiving unit receives the encrypted data and decrypts the encrypted data using the shared key, thereby obtaining valid data.
2. A single-time accidental link-resistant query method for secret data is applied to a network environment formed by a plurality of data uploading parties, a plurality of data requesting parties and a data cloud storage party, and is carried out according to the following steps:
step one, index construction:
step 1.1 any data uploading party with identifier n holds an item of data of location L
Figure FDA0003481013880000011
First using u projection functions p1,p2,...,pi,...,puConverting location L to feasible location fl for data uploader with identifier nn=AND(p1(L),p2(L),...,pi(L),...,pu(L)); wherein p isiRepresents the ith projection function, an
Figure FDA0003481013880000012
aiDenotes the ith division of the u divisions of the angle 2 π, biRepresents the interval [0, d]I-th of u, d denotes the interval length, pi(L) denotes the ith projection function piProjection of the location L; AND represents an AND operation; i is an e [1, u ]];
Step 1.2 data uploading side uses prefix-free encoding to project the ith function piProjection p of the position Li(L) encoding for conversion into projections
Figure FDA0003481013880000013
Thereby obtaining the codes of all the projections and connecting the codes into character strings
Figure FDA0003481013880000014
Figure FDA0003481013880000015
Representing a projection p of a location Li(L), where | represents a join operation;
step 1.3 the data uploading party combines the identifier n with the character string strnConnection generation keyword Sn=n||strnAnd encoding the key S by prefixnConversion into a set of prefixes Sn
Step 1.4 given t pseudo-random hash functions h1,h2,...,htA random prediction machine H and m +1 secret keys K1,K2,...Km,Km+1The data uploading side initializes an empty indistinguishable bloom filter BnAnd is provided with
Figure FDA0003481013880000021
Thereby prefixing a set of SnThe kth prefix pr in (1)kAnd a random number rnInsert into bloom Filter BnPerforming the following steps; wherein the content of the first and second substances,
Figure FDA0003481013880000022
denotes hashing the message authentication code with a key of the jth key,
Figure FDA0003481013880000023
a key hash message authentication code indicating that the m +1 th key is used;
Figure FDA0003481013880000024
representing an exclusive-OR operation, k ∈ [1, | Sn|],j∈[1,m];|SnI denotes the prefix SnLength of (d);
step 1.5 data uploader will be filtered by bloom Filter BnAnd a random number rnFormed security index and encrypted data DlnSubmitting to the data cloud storage party;
step two, token generation:
step 2.1 any data requestor holds the identifier n 'to be excluded at location L' and utilizes u projection functions p1,p2,...,pi,...,puConverting self position L ' into feasible position fl ' of data requester 'n=AND(p1(L′),p2(L′),...,pi(L′),...,pu(L′));pi(L') denotes the ith projection function piA projection of the location L';
step 2.2 data requestor generates approximate string using prefix-free encoding and string join operations
Figure FDA0003481013880000025
The range R ═ 1, n '-1 is then generated using the identifier n' to be excluded]∪[n′+1,N]And calculate the keyword Sn=R||s′n(ii) a Wherein the content of the first and second substances,
Figure FDA0003481013880000026
representing a projection p of the location Li(L');
step 2.3 the data requestor encodes an approximate string s 'using a prefix'nSet S 'converted to prefix'nAnd calculates the kth prefix pr'kH ofj(pr′k);1≤j≤m;
Step 2.4 data requestor eventually generates a query token
Figure FDA0003481013880000027
And submitting to a data cloud storage party; wherein, | S'nL represents a prefix S'nLength of (d);
step three, query processing:
3.1, the data cloud storage party receives corresponding security indexes from a plurality of data uploading parties respectively and receives a query token T from a data requesting party;
step 3.2 the data cloud storage side utilizes
Figure FDA0003481013880000031
And checking whether the query token T can be matched with any one security index, if so, returning corresponding encrypted data to the data request party by the data cloud storage party to further decrypt the data, and otherwise, returning an empty character string.
CN202010794635.9A 2020-08-10 2020-08-10 Single-time inadvertent anti-link query system and method for secret data Active CN111935141B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010794635.9A CN111935141B (en) 2020-08-10 2020-08-10 Single-time inadvertent anti-link query system and method for secret data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010794635.9A CN111935141B (en) 2020-08-10 2020-08-10 Single-time inadvertent anti-link query system and method for secret data

Publications (2)

Publication Number Publication Date
CN111935141A CN111935141A (en) 2020-11-13
CN111935141B true CN111935141B (en) 2022-03-22

Family

ID=73307878

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010794635.9A Active CN111935141B (en) 2020-08-10 2020-08-10 Single-time inadvertent anti-link query system and method for secret data

Country Status (1)

Country Link
CN (1) CN111935141B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114201773B (en) * 2021-12-13 2024-02-13 合肥工业大学 SkNN query method and system supporting access time limitation and verifiable result
CN114090638B (en) * 2022-01-20 2022-04-22 支付宝(杭州)信息技术有限公司 Combined data query method and device based on privacy protection
CN114595472B (en) * 2022-03-09 2024-02-20 合肥工业大学 Method and system for repeated, careless and anti-link query of secret state data
CN114707012B (en) * 2022-04-08 2024-02-13 合肥工业大学 Graph encryption shortest path query method and system supporting k unordered nodes

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109104404A (en) * 2018-06-20 2018-12-28 广州中国科学院软件应用技术研究所 A kind of medical big data system and method for dynamic encryption

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9740879B2 (en) * 2014-10-29 2017-08-22 Sap Se Searchable encryption with secure and efficient updates
CN105049196B (en) * 2015-07-13 2018-08-03 佛山市明茂网络科技有限公司 The encryption method that multiple keywords of designated position can search in cloud storage
CN110674521B (en) * 2019-09-27 2021-04-02 合肥工业大学 Privacy protection evidence management system and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109104404A (en) * 2018-06-20 2018-12-28 广州中国科学院软件应用技术研究所 A kind of medical big data system and method for dynamic encryption

Also Published As

Publication number Publication date
CN111935141A (en) 2020-11-13

Similar Documents

Publication Publication Date Title
CN111935141B (en) Single-time inadvertent anti-link query system and method for secret data
CN113194078B (en) Sequencing multi-keyword search encryption method with privacy protection supported by cloud
CN111835500B (en) Searchable encryption data secure sharing method based on homomorphic encryption and block chain
CN107491497B (en) Multi-user multi-keyword sequencing searchable encryption system supporting query in any language
US8266137B2 (en) Method and apparatus for generating index as well as search method and search apparatus
Yiu et al. Enabling search services on outsourced private spatial data
JP4958246B2 (en) Method, apparatus and system for fast searchable encryption
JP6180177B2 (en) Encrypted data inquiry method and system capable of protecting privacy
CN106803784A (en) The multi-user based on lattice is fuzzy in secure multimedia cloud storage can search for encryption method
Sun et al. Secure searchable public key encryption against insider keyword guessing attacks from indistinguishability obfuscation
CN104158827B (en) Ciphertext data sharing method, device, inquiry server and upload data client
CN106254324A (en) A kind of encryption method storing file and device
CN108062485A (en) A kind of fuzzy keyword searching method of multi-service oriented device multi-user
CN102176709A (en) Method and device with privacy protection function for data sharing and publishing
CN102187618A (en) Method and apparatus for pseudonym generation and authentication
KR100899450B1 (en) Method of similarity string matching from ciphertext, Recording medium and System using by the same
Ahmed et al. Toward fine‐grained access control and privacy protection for video sharing in media convergence environment
Yang et al. Mu-teir: Traceable encrypted image retrieval in the multi-user setting
CN117454442A (en) Anonymous security and traceable distributed digital evidence obtaining method and system
CN109672525B (en) Searchable public key encryption method and system with forward index
JP5799635B2 (en) ENCRYPTED DATA SEARCH SYSTEM, DEVICE, METHOD, AND PROGRAM
CN102098282B (en) Secure encryption method for database
Gupta et al. A differential privacy-based secure data sharing model in cloud environment
CN110059630B (en) Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection
Wang et al. An effective verifiable symmetric searchable encryption scheme in cloud computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant