CN111935141B - Single-time inadvertent anti-link query system and method for secret data - Google Patents
Single-time inadvertent anti-link query system and method for secret data Download PDFInfo
- Publication number
- CN111935141B CN111935141B CN202010794635.9A CN202010794635A CN111935141B CN 111935141 B CN111935141 B CN 111935141B CN 202010794635 A CN202010794635 A CN 202010794635A CN 111935141 B CN111935141 B CN 111935141B
- Authority
- CN
- China
- Prior art keywords
- data
- cloud storage
- query
- party
- prefix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a query system and a query method aiming at single accidental link resistance of secret data, which are applied to a network environment consisting of a plurality of data uploading modules, a plurality of data requesting modules and a data cloud storage module; the data uploading module calculates the security index of the data, uploads the security index to the data cloud storage module together with the encrypted data and shares a secret key with some data uploading modules; the data request module generates a query token, submits the token to the data cloud storage module, decrypts matched data after the data is sent back, and otherwise, waits for valid data all the time; and the data cloud storage module receives the security index and the encrypted data from the data uploading module, receives the token from the data requesting module, searches the security index by using the token and returns a query result, and otherwise returns a null value. The invention can protect the privacy of the data requester from being damaged by the untrusted data cloud storage party.
Description
Technical Field
The invention relates to a single-time accidental link-resistant query system and a single-time accidental link-resistant query method for secret data, and belongs to the technical field of privacy protection, cloud service and encrypted data query.
Background
In the context of most smartphones equipped with GPS devices, the smartphone-side mobile application can provide location-based services by sending a data requestor's current location and geospatial query to a data cloud storage party (e.g., a cloud database server). And the data cloud storage party searches the database thereof according to the data submitted by the data uploading party and then returns the query result to the user.
Data cloud storage parties tend to store their geospatial data in a public cloud storage service to achieve lower maintenance costs, lower response latency, and greater flexibility. Privacy is a critical issue since public cloud storage services are not fully trusted. Therefore, it is crucial to enforce privacy safeguards for location-based queries on public cloud storage services.
To solve the privacy protection problem, location-based services using a secure K-nearest neighbor query processing method have emerged in recent years. These methods typically include three parties: the system comprises a data uploading party, a data requesting party and a data cloud storage party. Wherein the data uploading party stores the encrypted data and the security index on the data cloud storage party. The data request side submits a safe K nearest neighbor query to the data cloud storage side, the data cloud storage side returns a corresponding result after searching a database of the data cloud storage side, and the data cloud storage side is not completely credible. However, these methods do not address the problem of term exclusion, i.e., how to match a data query to a data item at most once in a manner that is both inadvertent and unlinkable. This also brings three new requirements:
(1) single use: excluding from the data query a particular item that was matched in a certain data query;
(2) unconsciousness: preventing the data cloud storage from knowing which attribute in the query has been used to exclude the particular item;
(3) unlinkability: the data cloud storage is prevented from knowing that the particular item has been previously matched to the query.
Disclosure of Invention
The invention aims to overcome the defects in the prior art, and provides a query system and a query method aiming at single-time inadvertent link of secret data, so that the security threat of an untrusted data cloud storage party can be resisted in the process of querying the secret data on the cloud, and the problem of item exclusion is solved, thereby protecting the privacy problem of a data requesting party and ensuring the life and property security of the data requesting party.
The invention adopts the following technical scheme for achieving the aim of the invention:
the invention relates to a query system aiming at single accidental link resistance of secret data, which is characterized by comprising a plurality of data uploading modules, a plurality of data requesting modules and a data cloud storage module;
the data uploading module comprises: an index generating unit and a shared key transmitting unit;
the data request module comprises: a shared key receiving unit, a token generating unit, and an encrypted data receiving unit;
the data cloud storage module comprises: an index receiving unit and a data searching unit;
the shared key sending unit sends the shared key to the index generating unit and the shared key receiving unit respectively;
the index generating unit extracts the spatial attributes and the identifiers of the data items to be uploaded so as to calculate a security index, encrypts the data items to be uploaded by using the shared secret key to obtain encrypted data, and sends the encrypted data and the security index to the data cloud storage module for storage;
the token generation unit generates a query token by using the spatial attribute of the data item to be requested, the shared key and the range of the identifier, and sends the query token to the data search unit;
the data searching unit searches a security index by using the query token, if the search is successful, corresponding encrypted data is sent to the encrypted data receiving unit, and if the search is failed, an empty character string is sent;
the encrypted data receiving unit receives the encrypted data and decrypts the encrypted data using the shared key, thereby obtaining valid data.
The invention relates to a query method aiming at single accidental link resistance of secret data, which is characterized by being applied to a network environment consisting of a plurality of data uploading parties, a plurality of data requesting parties and a data cloud storage party, and the query method is carried out according to the following steps:
step one, index construction:
step 1.1 any data uploading party with identifier n holds an item of data of location LFirst using u projection functions p1,p2,...,pi,...,puConverting location L to feasible location fl for data uploader with identifier nn=AND(p1(L),p2(L),...,pi(L),...,pu(L)); wherein p isiRepresents the ith projection function, anaiDenotes the ith division of the u divisions of the angle 2 π, biRepresents the interval [0, d]U is the ith of the u equal division, dDenotes the interval length, pi(L) denotes the ith projection function piProjection of the location L; AND represents an AND operation; i is an e [1, u ]];
Step 1.2 data uploading side uses prefix-free encoding to project the ith function piProjection p of the position Li(L) encoding for conversion into projectionsThereby obtaining the codes of all the projections and connecting the codes into character strings Representing a projection p of a location Li(L), where | represents a join operation;
step 1.3 the data uploading party combines the identifier n with the character string strnConnection generation keyword Sn=n||strnAnd encoding the key S by prefixnConversion into a set of prefixes Sn;
Step 1.4 given t pseudo-random hash functions h1,h2,...,htA random prediction machine H and m +1 secret keys K1,K2,...Km,Km+1The data uploading side initializes an empty indistinguishable bloom filter BnAnd is provided withThereby prefixing a set of SnThe kth prefix pr in (1)kAnd a random number rnInsert into bloom Filter BnPerforming the following steps; wherein the content of the first and second substances,denotes hashing the message authentication code with a key of the jth key,key hash elimination indicating use of m +1 th keyAn authentication code;representing an exclusive-OR operation, k ∈ [1, | Sn|],j∈[1,m];|SnI denotes the prefix SnLength of (d);
step 1.5 data uploader will be filtered by bloom Filter BnAnd a random number rnThe formed security index and encrypted data D'l nSubmitting to the data cloud storage party;
step two, token generation:
step 2.1 any data requestor holds the identifier n 'to be excluded at location L' and utilizes u projection functions p1,p2,...,pi,...,puConverting self position L ' into feasible position fl ' of data requester 'n=AND(p1(L′),p2(L′),...,pi(L′),...,pu(L′));pi(L') denotes the ith projection function piA projection of the location L';
step 2.2 data requestor generates approximate string using prefix-free encoding and string join operationsThe range R ═ 1, n '-1 is then generated using the identifier n' to be excluded]∪[n′+1,N]And calculate the keyword Sn=R||s′n(ii) a Wherein the content of the first and second substances,representing a projection p of the location Li(L');
step 2.3 the data requestor encodes an approximate string s 'using a prefix'nSet S 'converted to prefix'nAnd calculates the kth prefix pr'kH ofj(pr′k);1≤j≤m;
Step 2.4 data requestor eventually generates a query tokenAnd submitting to a data cloud storage party; wherein, | S'nL represents a prefix S'nLength of (d);
step three, query processing:
3.1, the data cloud storage party receives corresponding security indexes from a plurality of data uploading parties respectively and receives a query token T from a data requesting party;
step 3.2 the data cloud storage side utilizesAnd checking whether the query token T can be matched with any one security index, if so, returning corresponding encrypted data to the data request party by the data cloud storage party to further decrypt the data, and otherwise, returning an empty character string.
Compared with the prior art, the invention has the beneficial effects that:
1. according to the method, a data uploading party extracts the spatial attributes and identifiers of data items and calculates a security index, the data are encrypted and then submitted to a data cloud storage party together with the index, and a secret key is shared with a data requesting party. The data requesting party generates a query token and submits the query token to the data cloud storage party to obtain the required data, and the data cloud storage party searches the security index by using the token and returns the corresponding data, so that the problem of item exclusion is solved, the requirements of single time, carelessness and unlinkability are met, and the privacy of the data requesting party is effectively protected;
2. according to the method, a data uploading party generates the safety index by using the non-regionally distributed bloom filter technology, the projection-based spatial coding technology, the prefix coding technology and the prefix-free coding technology, so that a malicious data cloud storage party cannot acquire information such as the spatial position of the data uploading party, and the strong index safety is achieved;
3. according to the invention, a data request party generates the query token by using a prefix encoding technology, a prefix-free encoding technology and a key hash message authentication code technology, so that the problem of item exclusion is solved, a malicious data cloud storage party cannot acquire the spatial information of the data request party and the item related information to be excluded, and strong token privacy is achieved;
4. the invention realizes low-computation-cost computing operation on each of a data uploading party, a data requesting party and a data cloud storage party, realizes low-overhead communication of each party, effectively reduces the query response time, avoids the complicated interactive operation taking local execution as a main part, and does not reduce the accuracy of safe K nearest neighbor query processing.
Drawings
FIG. 1 is a diagram of a secure K nearest neighbor query model in the prior art;
FIG. 2 is a model diagram of a single oblivious anti-chaining query system for dense state data in accordance with the present invention;
FIG. 3 is an overview of the present invention's single oblivious anti-chaining query method for dense data.
Detailed Description
In this embodiment, a typical secure K nearest neighbor query process is as shown in fig. 1, where a data upload module encrypts data and calculates a secure index to upload to a data cloud storage module, and a data request module sends a secure K nearest neighbor query to the data cloud storage module and obtains a return result;
in this embodiment, a single-time inadvertent link-resistant query system for secret data, as shown in fig. 2, includes a plurality of data uploading modules, a plurality of data requesting modules, and a data cloud storage module;
taking the cloud confidential data query processing in the primary car appointment service as an example, the data uploading module is a driver providing the car appointment service, the data request module is a passenger needing the car appointment service, the data cloud storage module is a third-party platform, the passenger submits the position of the passenger to the third-party platform, and the third-party platform is matched with a proper driver to take over driving;
the data uploading module and the data request module are implemented at an android platform end, the data cloud storage module is implemented at a notebook computer end, the cryptographic operation in the system is implemented by means of a Java Pairing Based Cryptography (JPBC) library, and the network communication among all the parties is implemented by building an HTTP (S) server by using a Spring Boot framework;
the data uploading module comprises: an index generation unit and a shared key transmission unit;
the data request module comprises: a shared key receiving unit, a token generating unit and an encrypted data receiving unit;
the data cloud storage module comprises: an index receiving unit and a data searching unit;
the shared key sending unit sends the keys to the index generating unit and the shared key receiving unit respectively;
the index calculation unit extracts the spatial attributes and the identifiers of the data items to be uploaded so as to calculate a security index, encrypts the data items to be uploaded by using a shared key to obtain encrypted data, and sends the encrypted data and the security index to the data cloud storage module for storage;
the token generation unit generates a query token by using the spatial attribute of the data item to be requested, the shared key and the range of the identifier, and sends the query token to the data search unit; (ii) a
The data searching unit searches the security index by using the received query token, if the search is successful, corresponding encrypted data is sent to the encrypted data receiving unit, and if the search is failed, a null character string is sent;
the encrypted data receiving unit receives the encrypted data and decrypts the encrypted data using the shared key, thereby obtaining valid data.
As shown in fig. 3, the query method for single-time inadvertent anti-linking of dense data uses projection-based spatial encoding to convert the K nearest neighbor problem into the equality check problem, uses prefix-free encoding and prefix encoding to convert the equality check problem and the item exclusion problem into the keyword query problem, and finally uses the non-regionally distributed bloom filter to construct a security index, and uses member checking in the bloom filter to implement secure and effective query processing.
In this embodiment, a single-time unintentional anti-link query method for secret data is applied to a network environment formed by a plurality of data uploading parties, a plurality of data requesting parties, and a data cloud storage party, and is performed according to the following steps:
step one, index construction:
step 1.1 any data uploading party with identifier n holds an item of data of location LFor useful information about the location L, such as the current vehicle idle information, speed and direction information uploaded by the driver in the vehicle reservation service, u projection functions p are first used1,p2,...,pi,...,puConverting location L to feasible location fl for data uploader with identifier nn=AND(p1(L),p2(L),...,pi(L),...,pu(L)); wherein p isiRepresents the ith projection function, anaiDenotes the ith division of the u divisions of the angle 2 π, biRepresents the interval [0, d]I-th of u, d denotes the interval length, pi(L) denotes the ith projection function piProjection of the location L; AND means AND operation, a combination of two AND's that are equal when all elements in the two AND's are equal; i is an e [1, u ]];
Step 1.2 data uploading side uses prefix-free encoding to project the ith function piProjection p of the position Li(L) encoding for conversion into projectionsThereby obtaining the codes of all the projections and connecting the codes into character strings Representing a projection p of a location Li(L), where | represents a join operation;
step 1.3 the data uploading party combines the identifier n with the character string strnConnection generation keySn=n||strnAnd encoding the key S by prefixnConversion into a set of prefixes Sn;
Step 1.4 given t pseudo-random hash functions h1,h2,...,htA random prediction machine H and m +1 secret keys K1,K2,...Km,Km+1The data uploading side initializes an empty indistinguishable bloom filter BnAnd is provided withThereby prefixing a set of SnThe kth prefix pr in (1)kAnd a random number rnInsert into bloom Filter BnPerforming the following steps; wherein the content of the first and second substances,denotes hashing the message authentication code with a key of the jth key,the cipher key hash message authentication code which represents that the (m + 1) th cipher key is used is a hash value obtained by adding the cipher key into data and then carrying out hash operation;represents XOR, k ∈ [1, | Sn|],j∈[1,m];|SnI denotes the prefix SnLength of (d);
step 1.5 data uploader will be filtered by bloom Filter BnAnd a random number rnThe formed security index and encrypted data D'l nSubmitting the data to a data cloud storage party, wherein the encryption algorithm is an AES encryption algorithm;
step two, token generation:
step 2.1 any data requester holds an identifier n ' to be excluded at a location L ', e.g. in a certain car-booking service the passenger does not want a car-booking driver of a certain network to pick up a ticket, in which case n ' may be the driver ID, and uses u projection functions p1,p2,...,pi,...,puConverting self position L' into feasible position fl of data requestern′=AND(p1(L′),p2(L′),...,pi(L′),...,pu(L′));pi(L') denotes the ith projection function piA projection of the location L';
step 2.2 data requestor generates approximate string using prefix-free encoding and string join operationsThe range R ═ 1, n '-1 is then generated using the identifier n' to be excluded]∪[n′+1,N]And calculate the keyword Sn=R||s′n(ii) a Wherein the content of the first and second substances,representing a projection p of the location Li(L');
step 2.3 the data requestor encodes an approximate string s 'using a prefix'nSet S 'converted to prefix'nAnd calculates the kth prefix pr'kH ofj(pr′k);1≤j≤m;
Step 2.4 data requestor eventually generates a query tokenAnd submitting to a data cloud storage party; wherein, | S'nL represents a prefix S'nLength of (d);
step three, query processing:
step 3.1, the data cloud storage party receives corresponding security indexes from a plurality of data uploading parties respectively and receives a query token T from a data requesting party;
step 3.2 data cloud storage utilizationChecking whether the query token T can be matched with any one security index, and if so, returning corresponding encrypted data to the data cloud storage partyAnd the data is further decrypted according to the requester, otherwise, an empty character string is returned, and the data requester can select to send the request again after waiting for a period of time or send the request by the mobile place after receiving the empty character string.
In conclusion, the invention improves on the basis of the secure K nearest neighbor algorithm, solves the problem of item elimination, realizes the query method and system with single use, obliviousness and anti-chaining property, and can effectively resist the security threat of the untrusted data cloud storage party, thereby protecting the privacy safety, personal safety and property safety of the data requesting party.
Claims (2)
1. A single oblivious link resistant query system for confidential data, comprising: the system comprises a plurality of data uploading modules, a plurality of data requesting modules and a data cloud storage module;
the data uploading module comprises: an index generating unit and a shared key transmitting unit;
the data request module comprises: a shared key receiving unit, a token generating unit, and an encrypted data receiving unit;
the data cloud storage module comprises: an index receiving unit and a data searching unit;
the shared key sending unit sends the shared key to the index generating unit and the shared key receiving unit respectively;
the index generating unit extracts the spatial attributes and the identifiers of the data items to be uploaded so as to calculate a security index, encrypts the data items to be uploaded by using the shared secret key to obtain encrypted data, and sends the encrypted data and the security index to the data cloud storage module for storage;
the token generation unit generates a query token by using the spatial attribute of the data item to be requested, the shared key and the range of the identifier, and sends the query token to the data search unit;
the data searching unit searches a security index by using the query token, if the search is successful, corresponding encrypted data is sent to the encrypted data receiving unit, and if the search is failed, an empty character string is sent;
the encrypted data receiving unit receives the encrypted data and decrypts the encrypted data using the shared key, thereby obtaining valid data.
2. A single-time accidental link-resistant query method for secret data is applied to a network environment formed by a plurality of data uploading parties, a plurality of data requesting parties and a data cloud storage party, and is carried out according to the following steps:
step one, index construction:
step 1.1 any data uploading party with identifier n holds an item of data of location LFirst using u projection functions p1,p2,...,pi,...,puConverting location L to feasible location fl for data uploader with identifier nn=AND(p1(L),p2(L),...,pi(L),...,pu(L)); wherein p isiRepresents the ith projection function, anaiDenotes the ith division of the u divisions of the angle 2 π, biRepresents the interval [0, d]I-th of u, d denotes the interval length, pi(L) denotes the ith projection function piProjection of the location L; AND represents an AND operation; i is an e [1, u ]];
Step 1.2 data uploading side uses prefix-free encoding to project the ith function piProjection p of the position Li(L) encoding for conversion into projectionsThereby obtaining the codes of all the projections and connecting the codes into character strings Representing a projection p of a location Li(L), where | represents a join operation;
step 1.3 the data uploading party combines the identifier n with the character string strnConnection generation keyword Sn=n||strnAnd encoding the key S by prefixnConversion into a set of prefixes Sn;
Step 1.4 given t pseudo-random hash functions h1,h2,...,htA random prediction machine H and m +1 secret keys K1,K2,...Km,Km+1The data uploading side initializes an empty indistinguishable bloom filter BnAnd is provided withThereby prefixing a set of SnThe kth prefix pr in (1)kAnd a random number rnInsert into bloom Filter BnPerforming the following steps; wherein the content of the first and second substances,denotes hashing the message authentication code with a key of the jth key,a key hash message authentication code indicating that the m +1 th key is used;representing an exclusive-OR operation, k ∈ [1, | Sn|],j∈[1,m];|SnI denotes the prefix SnLength of (d);
step 1.5 data uploader will be filtered by bloom Filter BnAnd a random number rnFormed security index and encrypted data Dl′nSubmitting to the data cloud storage party;
step two, token generation:
step 2.1 any data requestor holds the identifier n 'to be excluded at location L' and utilizes u projection functions p1,p2,...,pi,...,puConverting self position L ' into feasible position fl ' of data requester 'n=AND(p1(L′),p2(L′),...,pi(L′),...,pu(L′));pi(L') denotes the ith projection function piA projection of the location L';
step 2.2 data requestor generates approximate string using prefix-free encoding and string join operationsThe range R ═ 1, n '-1 is then generated using the identifier n' to be excluded]∪[n′+1,N]And calculate the keyword Sn=R||s′n(ii) a Wherein the content of the first and second substances,representing a projection p of the location Li(L');
step 2.3 the data requestor encodes an approximate string s 'using a prefix'nSet S 'converted to prefix'nAnd calculates the kth prefix pr'kH ofj(pr′k);1≤j≤m;
Step 2.4 data requestor eventually generates a query tokenAnd submitting to a data cloud storage party; wherein, | S'nL represents a prefix S'nLength of (d);
step three, query processing:
3.1, the data cloud storage party receives corresponding security indexes from a plurality of data uploading parties respectively and receives a query token T from a data requesting party;
step 3.2 the data cloud storage side utilizesAnd checking whether the query token T can be matched with any one security index, if so, returning corresponding encrypted data to the data request party by the data cloud storage party to further decrypt the data, and otherwise, returning an empty character string.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010794635.9A CN111935141B (en) | 2020-08-10 | 2020-08-10 | Single-time inadvertent anti-link query system and method for secret data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010794635.9A CN111935141B (en) | 2020-08-10 | 2020-08-10 | Single-time inadvertent anti-link query system and method for secret data |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111935141A CN111935141A (en) | 2020-11-13 |
CN111935141B true CN111935141B (en) | 2022-03-22 |
Family
ID=73307878
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010794635.9A Active CN111935141B (en) | 2020-08-10 | 2020-08-10 | Single-time inadvertent anti-link query system and method for secret data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111935141B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114201773B (en) * | 2021-12-13 | 2024-02-13 | 合肥工业大学 | SkNN query method and system supporting access time limitation and verifiable result |
CN114090638B (en) * | 2022-01-20 | 2022-04-22 | 支付宝(杭州)信息技术有限公司 | Combined data query method and device based on privacy protection |
CN114595472B (en) * | 2022-03-09 | 2024-02-20 | 合肥工业大学 | Method and system for repeated, careless and anti-link query of secret state data |
CN114707012B (en) * | 2022-04-08 | 2024-02-13 | 合肥工业大学 | Graph encryption shortest path query method and system supporting k unordered nodes |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109104404A (en) * | 2018-06-20 | 2018-12-28 | 广州中国科学院软件应用技术研究所 | A kind of medical big data system and method for dynamic encryption |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9740879B2 (en) * | 2014-10-29 | 2017-08-22 | Sap Se | Searchable encryption with secure and efficient updates |
CN105049196B (en) * | 2015-07-13 | 2018-08-03 | 佛山市明茂网络科技有限公司 | The encryption method that multiple keywords of designated position can search in cloud storage |
CN110674521B (en) * | 2019-09-27 | 2021-04-02 | 合肥工业大学 | Privacy protection evidence management system and method |
-
2020
- 2020-08-10 CN CN202010794635.9A patent/CN111935141B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109104404A (en) * | 2018-06-20 | 2018-12-28 | 广州中国科学院软件应用技术研究所 | A kind of medical big data system and method for dynamic encryption |
Also Published As
Publication number | Publication date |
---|---|
CN111935141A (en) | 2020-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111935141B (en) | Single-time inadvertent anti-link query system and method for secret data | |
CN113194078B (en) | Sequencing multi-keyword search encryption method with privacy protection supported by cloud | |
CN111835500B (en) | Searchable encryption data secure sharing method based on homomorphic encryption and block chain | |
CN107491497B (en) | Multi-user multi-keyword sequencing searchable encryption system supporting query in any language | |
US8266137B2 (en) | Method and apparatus for generating index as well as search method and search apparatus | |
Yiu et al. | Enabling search services on outsourced private spatial data | |
JP4958246B2 (en) | Method, apparatus and system for fast searchable encryption | |
JP6180177B2 (en) | Encrypted data inquiry method and system capable of protecting privacy | |
CN106803784A (en) | The multi-user based on lattice is fuzzy in secure multimedia cloud storage can search for encryption method | |
Sun et al. | Secure searchable public key encryption against insider keyword guessing attacks from indistinguishability obfuscation | |
CN104158827B (en) | Ciphertext data sharing method, device, inquiry server and upload data client | |
CN106254324A (en) | A kind of encryption method storing file and device | |
CN108062485A (en) | A kind of fuzzy keyword searching method of multi-service oriented device multi-user | |
CN102176709A (en) | Method and device with privacy protection function for data sharing and publishing | |
CN102187618A (en) | Method and apparatus for pseudonym generation and authentication | |
KR100899450B1 (en) | Method of similarity string matching from ciphertext, Recording medium and System using by the same | |
Ahmed et al. | Toward fine‐grained access control and privacy protection for video sharing in media convergence environment | |
Yang et al. | Mu-teir: Traceable encrypted image retrieval in the multi-user setting | |
CN117454442A (en) | Anonymous security and traceable distributed digital evidence obtaining method and system | |
CN109672525B (en) | Searchable public key encryption method and system with forward index | |
JP5799635B2 (en) | ENCRYPTED DATA SEARCH SYSTEM, DEVICE, METHOD, AND PROGRAM | |
CN102098282B (en) | Secure encryption method for database | |
Gupta et al. | A differential privacy-based secure data sharing model in cloud environment | |
CN110059630B (en) | Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection | |
Wang et al. | An effective verifiable symmetric searchable encryption scheme in cloud computing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |