CN112182660A - Data sorting method and device - Google Patents

Data sorting method and device Download PDF

Info

Publication number
CN112182660A
CN112182660A CN202011174485.8A CN202011174485A CN112182660A CN 112182660 A CN112182660 A CN 112182660A CN 202011174485 A CN202011174485 A CN 202011174485A CN 112182660 A CN112182660 A CN 112182660A
Authority
CN
China
Prior art keywords
encrypted data
data
bit
privacy
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011174485.8A
Other languages
Chinese (zh)
Inventor
廖飞强
严强
李昊轩
王朝阳
李辉忠
张开翔
范瑞彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WeBank Co Ltd
Original Assignee
WeBank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WeBank Co Ltd filed Critical WeBank Co Ltd
Priority to CN202011174485.8A priority Critical patent/CN112182660A/en
Publication of CN112182660A publication Critical patent/CN112182660A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Abstract

The invention discloses a data sorting method and a device, wherein the method comprises the following steps: the method comprises the steps that a first privacy calculation end encrypts plaintext data of a home end user through a preset homomorphic encryption algorithm based on random numbers to obtain first encrypted data; the first privacy computation terminal acquires second encrypted data of anonymous users; the first privacy calculation end compares the sizes of the first encrypted data and the second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm to obtain encryption comparison results; the first privacy computation end decrypts the encryption comparison results according to a preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain decryption comparison results; and the first privacy calculation terminal determines the ranking of the home terminal user according to the decryption comparison results. When the method is applied to financial technology (Fintech), the privacy of the user can be protected.

Description

Data sorting method and device
Technical Field
The invention relates to the technical field of block chains in the field of financial technology (Fintech), in particular to a data sorting method and device.
Background
With the development of computer technology, more and more technologies are applied in the financial field, and the traditional financial industry is gradually changing to financial technology (Fintech), but due to the requirements of security and real-time performance of the financial industry, higher requirements are also put forward on the technologies (BlockChain, big data, distributed type, etc.). Financial institutions have many users and in some scenarios, it is desirable to rank the users' data.
The current sorting mode is that a user submits plaintext data, and a centralized mechanism sorts the plaintext, for example, a sorting result of an account balance of the user. After plaintext ordering, the centralized mechanism can see the plaintext data and ordering result of the user. Therefore, in the process, the plaintext data and the sequencing result of the user are not protected by privacy, which is a problem to be solved urgently.
Disclosure of Invention
The invention provides a data sequencing method and a data sequencing device, which solve the problem that plaintext data and sequencing results are not protected by privacy in the sequencing process of a user in the prior art.
In a first aspect, the present invention provides a data sorting method, including: the method comprises the steps that a first privacy calculation end encrypts plaintext data of a home end user through a preset homomorphic encryption algorithm based on random numbers to obtain first encrypted data; the first privacy computation terminal acquires second encrypted data of anonymous users; the second encrypted data are obtained by encrypting through the preset homomorphic encryption algorithm; the preset homomorphic encryption algorithm meets homomorphic characteristics of a size relation; the first privacy calculation end compares the sizes of the first encrypted data and the second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm to obtain encryption comparison results; the first privacy computation end decrypts the encryption comparison results according to a preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain decryption comparison results; and the first privacy calculation terminal determines the ranking of the home terminal user according to the decryption comparison results.
In the above manner, the first privacy computation end only knows the corresponding relationship between the first encrypted data and the local end user, and does not know the actual user corresponding to each second encrypted data, and the first encrypted data and each second encrypted data are obtained by encrypting through a preset homomorphic encryption algorithm, the preset homomorphic encryption algorithm satisfies homomorphic characteristics of size relationship, so that the first encrypted data and each second encrypted data can hide original plaintext data, and the preset homomorphic encryption algorithm contains random numbers, so that the original plaintext data cannot be obtained by reverse extrapolation, and homomorphic characteristics of size relationship of the original plaintext data can be retained, so that each encrypted comparison result can be obtained according to the preset homomorphic comparison algorithm without revealing the original plaintext and actual identity, and each decrypted comparison result can only represent whether one piece of anonymous encrypted data is larger or smaller than the first encrypted data, and each decrypted comparison result can only represent whether the anonymous encrypted data is larger or smaller than the first encrypted data As a result, the first privacy computation end can only know the name of the user at the end and can not know the plaintext data and the actual identity of other anonymous users, so that the privacy is protected.
Optionally, for any encrypted data in the first encrypted data and the second encrypted data, the encrypted data is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner: converting the plaintext data of the encrypted data into binary plaintext data; and encrypting each bit of plaintext of the binary plaintext data according to the preset homomorphic encryption algorithm to obtain a bit ciphertext of the bit plaintext, so as to obtain the encrypted data.
In the method, the plaintext data of the encrypted data is converted into binary plaintext data and the binary plaintext data is encrypted one by one according to bits, so that the encryption is carried out in a finer granularity, and the privacy of a user is further protected.
Optionally, the bit ciphertext is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner:
Figure BDA0002748322370000021
ckfor the bit cipher text, bkFor the plaintext of said bit, rkTo aim at bkAnd k is the number of the bit plaintext in the binary plaintext data, mod is a modular operation, w is a public key, w is p q, p and q are prime numbers, and p and q are private keys.
In the method, the bit plaintext is more difficult to be inverted by the bit ciphertext through random number and modular operation, and privacy protection of a user is further improved.
Optionally, for any one of the second encrypted data, the first privacy calculating end obtains an encryption comparison result between the first encrypted data and the second encrypted data by using the following formula:
Figure BDA0002748322370000031
f is the result of the comparison between the first and second encrypted data, n is the maximum value of the binary digits in the first and second encrypted data, C1,jPadding the first encrypted data with n-bit th bit ciphertext, C2,jPadding the second encrypted data with n-bit j-th bit ciphertext, C1,iPadding the first encrypted data with an i-th bit ciphertext of n bits, C2,iPadding the second encrypted data with the i-th bit ciphertext of the n bits,
Figure BDA0002748322370000033
is logic non-operation, V-V is logic OR operation, Pi represents product operation, Enc is the preset homomorphic encryption algorithm,EncANDAnd performing homomorphism and operation in the preset comparison algorithm.
Optionally, for any second encrypted data in the second encrypted data, the first privacy computation end specifically decrypts the encrypted comparison result between the first encrypted data and the second encrypted data by using the following formula, so as to obtain the decrypted comparison result between the first encrypted data and the second encrypted data:
Figure BDA0002748322370000032
dtfor the result of the bit t in the comparison of the decryption of the first encrypted data and the second encrypted data, FtThe bit cipher text of the t-th bit in the encryption comparison result of the first encrypted data and the second encrypted data; if for any one of t, dtIf both are 0, it means that the second encrypted data is less than or equal to the first encrypted data; if any t is present, dtA value of 1 indicates that the second encrypted data is larger than the first encrypted data.
Optionally, each second encrypted data is stored in the blockchain by each second privacy computation end of each second anonymous user; the first privacy computing terminal obtains second encrypted data of anonymous users, and the method comprises the following steps: and the first privacy computation end acquires the second encrypted data from the block chain.
In the above manner, the blockchain is used as a medium for sharing the second encrypted data, so that the second encrypted data can be prevented from being tampered, and the credibility of the second encrypted data is increased.
Optionally, the first privacy computation end obtains a query request of the home terminal user; and the first privacy computing terminal sends the name of the home terminal user to the home terminal user through a security channel constructed by a hypertext transfer security protocol (HTTPS).
In the above manner, the first privacy computation side sends the ranking of the home terminal user to the home terminal user through a secure channel constructed by HTTPS, so that the transmission privacy of the ranking of the home terminal user can be increased.
In a second aspect, the present invention provides a data sorting apparatus, including: the processing module is used for encrypting plaintext data of a home terminal user through a preset homomorphic encryption algorithm based on a random number to obtain first encrypted data; the acquisition module is used for acquiring each second encrypted data of each anonymous user; the second encrypted data are obtained by encrypting through the preset homomorphic encryption algorithm; the preset homomorphic encryption algorithm meets homomorphic characteristics of a size relation; the processing module is further configured to compare the sizes of the first encrypted data and the second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm to obtain encryption comparison results; decrypting each encrypted comparison result according to a preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain each decrypted comparison result; and determining the name of the home terminal user according to the decryption comparison results.
Optionally, for any encrypted data in the first encrypted data and the second encrypted data, the encrypted data is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner: converting the plaintext data of the encrypted data into binary plaintext data; and encrypting each bit of plaintext of the binary plaintext data according to the preset homomorphic encryption algorithm to obtain a bit ciphertext of the bit plaintext, so as to obtain the encrypted data.
Optionally, the bit ciphertext is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner:
Figure BDA0002748322370000041
ckfor the bit cipher text, bkFor the plaintext of said bit, rkTo aim at bkAnd k is the number of the bit plaintext in the binary plaintext data, mod is a modular operation, w is a public key, w is p q, p and q are prime numbers, and p and q are private keys.
Optionally, for any one of the second encrypted data, the first privacy calculating end obtains an encryption comparison result between the first encrypted data and the second encrypted data by using the following formula:
Figure BDA0002748322370000051
f is the result of the comparison between the first and second encrypted data, n is the maximum value of the binary digits in the first and second encrypted data, C1,jPadding the first encrypted data with n-bit th bit ciphertext, C2,jPadding the second encrypted data with n-bit j-th bit ciphertext, C1,iPadding the first encrypted data with an i-th bit ciphertext of n bits, C2,iPadding the second encrypted data with the i-th bit ciphertext of the n bits,
Figure BDA0002748322370000053
is a logic non-operation, V is a logic OR operation, II represents a continuous product operation, Enc is the preset homomorphic encryption algorithm, EncANDAnd performing homomorphism and operation in the preset comparison algorithm.
Optionally, for any second encrypted data in the second encrypted data, the first privacy computation end specifically decrypts the encrypted comparison result between the first encrypted data and the second encrypted data by using the following formula, so as to obtain the decrypted comparison result between the first encrypted data and the second encrypted data:
Figure BDA0002748322370000052
dtfor the result of the bit t in the comparison of the decryption of the first encrypted data and the second encrypted data, FtThe bit cipher text of the t-th bit in the encryption comparison result of the first encrypted data and the second encrypted data; if for any one of t, dtAll are 0, then representThe second encrypted data is less than or equal to the first encrypted data; if any t is present, dtA value of 1 indicates that the second encrypted data is larger than the first encrypted data.
Optionally, each second encrypted data is stored in the block chain by each second privacy computation end of each second anonymous user, and the obtaining module is specifically configured to: and acquiring the second encrypted data from the block chain.
Optionally, the processing module is further configured to: acquiring a query request of the home terminal user; and sending the name of the home terminal user to the home terminal user through a secure channel constructed by a hypertext transfer security protocol (HTTPS).
The advantageous effects of the second aspect and the various optional apparatuses of the second aspect may refer to the advantageous effects of the first aspect and the various optional methods of the first aspect, and are not described herein again.
In a third aspect, the present invention provides a computer device comprising a program or instructions for performing the method of the first aspect and the alternatives of the first aspect when the program or instructions are executed.
In a fourth aspect, the present invention provides a storage medium comprising a program or instructions which, when executed, is adapted to perform the method of the first aspect and the alternatives of the first aspect.
These and other aspects of the invention are apparent from and will be elucidated with reference to the embodiments described hereinafter.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a schematic flow chart corresponding to a data sorting method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a system architecture of a data sorting system according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a data sorting apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms and definitions appearing in the present application are listed first.
Sorting: the method is characterized in that a series of numbers are provided and arranged from large to small, and the ranking of each number in the series of numbers is calculated. For example, provide [5,1,8], then the ordering result is: 8 is the 1 st name, 5 is the second name, and 1 is the 3 rd name.
CA: a Certificate Authority (CA), an Authority that issues digital certificates, is a centralized Authority. And the system is responsible for issuing and managing the digital certificate and for verifying the validity of the public key in the public key system.
HTTPS, Hyper Text Transfer Protocol over Secure Socket Layer, which is an HTTP channel with security as the target, ensures the security of the transmission process through transmission encryption and identity authentication on the basis of HTTP.
In the operation of a financial institution (banking institution, insurance institution or security institution) in a business (such as loan business, deposit business, etc. of a bank), the financial institution has many users, and in some cases, the data of the users needs to be sorted. The current sorting mode is that a user submits plaintext data, and a centralized mechanism sorts the plaintext, for example, a sorting result of an account balance of the user. After plaintext sequencing, the centralized mechanism can see the plaintext data and sequencing result of the user, and the plaintext data and sequencing result of the user are not protected by privacy in the case of the situation. This situation does not meet the requirements of financial institutions such as banks, and the efficient operation of various services of the financial institutions cannot be ensured. To this end, the present application provides a data sorting method, as shown in fig. 1.
Step 101: the first privacy calculation end encrypts plaintext data of a home-end user through a preset homomorphic encryption algorithm based on a random number to obtain first encrypted data.
Step 102: and the first privacy calculation end acquires each second encrypted data of each anonymous user.
Step 103: and the first privacy calculation end compares the sizes of the first encrypted data and the second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm to obtain encryption comparison results.
Step 104: and the first privacy calculation end decrypts the encryption comparison results according to the preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain the decryption comparison results.
Step 105: and the first privacy calculation terminal determines the ranking of the home terminal user according to the decryption comparison results.
In steps 101 to 105, each second encrypted data is obtained by encrypting through the preset homomorphic encryption algorithm; the preset homomorphic encryption algorithm meets homomorphic characteristics of a size relationship.
In the method of steps 101 to 105, the first privacy computation end only knows the corresponding relationship between the first encrypted data and the local end user, and does not know the actual user corresponding to each second encrypted data, and the first encrypted data and each second encrypted data are obtained by encrypting through a preset homomorphic encryption algorithm, the preset homomorphic encryption algorithm satisfies homomorphic characteristics of the size relationship, so the first encrypted data and each second encrypted data can hide the original plaintext data, and because the preset homomorphic encryption algorithm contains random numbers, the original plaintext data cannot be obtained by reverse extrapolation, and homomorphic characteristics of the size relationship of the original plaintext data can be retained, so that each encrypted comparison result can be obtained according to the preset homomorphic comparison algorithm without revealing the original plaintext data and the actual identity, and each decrypted comparison result can be obtained by decrypting, then each decryption comparison result can only represent the result that one anonymous encrypted data is compared with the first encrypted data to be large or small, so that the first privacy calculation end can only know the name of the user at the end and cannot know the plaintext data and the actual identity of other anonymous users, and privacy is protected.
In an optional implementation manner (binary implementation manner), for any encrypted data of the first encrypted data and the second encrypted data, the encrypted data may be obtained by encrypting through the preset homomorphic encryption algorithm in the following manner:
converting the plaintext data of the encrypted data into binary plaintext data;
and encrypting each bit of plaintext of the binary plaintext data according to the preset homomorphic encryption algorithm to obtain a bit ciphertext of the bit plaintext, so as to obtain the encrypted data.
For example, the plaintext data of the encrypted data is b1b2…bnEach bit of plaintext biAre encrypted into a bit cipher text ci
In a binary implementation, in one possible scenario, the bit ciphertext is obtained by encrypting according to the preset homomorphic encryption algorithm in the following manner:
Figure BDA0002748322370000081
ckfor the bit cipher text, bkFor the plaintext of said bit, rkTo aim at bkAnd k is the number of the bit plaintext in the binary plaintext data, mod is a modular operation, w is a public key, w is p q, p and q are prime numbers, and p and q are private keys.
It should be noted that p and q in the above process may be large prime numbers, i.e. prime numbers greater than 2^ 128.
More specifically, based on the above situation, for any one of the second encrypted data, the first privacy computation end may specifically obtain the encryption comparison result between the first encrypted data and the second encrypted data by using the following formula:
Figure BDA0002748322370000091
f is the result of the comparison between the first and second encrypted data, n is the maximum value of the binary digits in the first and second encrypted data, C1,jPadding the first encrypted data with n-bit th bit ciphertext, C2,jPadding the second encrypted data with n-bit j-th bit ciphertext, C1,iPadding the first encrypted data with an i-th bit ciphertext of n bits, C2,iPadding the second encrypted data with the i-th bit ciphertext of the n bits,
Figure BDA0002748322370000093
is a logic non-operation, V is a logic OR operation, II represents a continuous product operation, Enc is the preset homomorphic encryption algorithm, EncANDAnd performing homomorphism and operation in the preset comparison algorithm.
Further, based on the above situation, the following may be compared:
for any second encrypted data in the second encrypted data, the first privacy computation end specifically decrypts the encryption comparison result of the first encrypted data and the second encrypted data by using the following formula, so as to obtain the decryption comparison result of the first encrypted data and the second encrypted data:
Figure BDA0002748322370000092
dtfor the result of the bit t in the comparison of the decryption of the first encrypted data and the second encrypted data, FtEncrypting the first encrypted data and the second encrypted dataBit cipher text of t in the encryption comparison result of the data; if for any one of t, dtIf both are 0, it means that the second encrypted data is less than or equal to the first encrypted data; if any t is present, dtA value of 1 indicates that the second encrypted data is larger than the first encrypted data.
For example, if the obtained F1 is 00000000, it indicates that the second encrypted data is smaller than or equal to the first encrypted data, and if the obtained F1 is 00010000, it indicates that the second encrypted data is larger than the first encrypted data.
In an optional implementation manner, the second encrypted data is stored in the blockchain by each second privacy calculating end of each second anonymous user, and step 102 may specifically be:
and the first privacy computation end acquires the second encrypted data from the block chain.
In the above manner, the blockchain is used as a medium for sharing the second encrypted data, so that the second encrypted data can be prevented from being tampered, and the credibility of the second encrypted data is increased.
It should be noted that after step 105, an alternative implementation is as follows:
the first privacy computation terminal acquires a query request of the local terminal user; and the first privacy computing terminal sends the name of the home terminal user to the home terminal user through a security channel constructed by a hypertext transfer security protocol (HTTPS).
For example, the first privacy computation side obtains the query request of the home terminal user 1, and returns the query request only to the name of the home terminal user 1.
The data sorting method shown in fig. 1 is described in detail below with reference to fig. 2. It should be noted that fig. 2 only shows one possible scenario and is not a limitation to fig. 1.
The architecture shown in fig. 2 includes: a client, a privacy compute node (privacy compute side) and a blockchain. Note that the private compute node does not belong to the blockchain.
A client: the method is used for the users to submit plaintext data to participate in sequencing, and the client and the privacy computing node perform data transmission through the secure encryption channel. The client serves as a lightweight terminal, ciphertext processing of the sorting algorithm is not performed, and ciphertext calculation of the sorting algorithm is handed over to a privacy calculation node of an organization to which the client belongs to process.
The privacy computing node: the privacy computing node is a privacy computing server in an organization to which a client (user) belongs, and the user in the organization only submits data to the privacy computing node of the organization through the client. For example, client a1 would only submit data to private computing node a and not to private computing nodes B, C and D of other organizations. Without a centralized server in the architecture shown in fig. 2, the privacy computing nodes A, B, C and D would perform distributed cooperative computing to compute the ranking results of users in their respective organizations.
Block chains: the block chain is a platform for cooperative computing of the privacy computing nodes, and each privacy computing node is connected with one block chain node. And the privacy computing nodes uplink the generated ciphertext data to the block chain platform, and other privacy computing nodes can acquire the uplink ciphertext data through the block chain. The calculated ciphertext data result is also sent point to point through the block chain.
Specifically, the process illustrated in FIG. 2 is as follows:
step one, a user submits plaintext data and encrypts transmission data:
and the user submits plaintext data m to the privacy computing node, and a secure channel constructed by HTTPS is adopted between the client and the privacy computing node for encrypting and transmitting data. The confidentiality of the process of sending data to the privacy computing node by the client is ensured, and only the privacy computing node can decrypt ciphertext data submitted by a user.
Secondly, the privacy computing node generates ciphertext data and links the ciphertext data up:
the privacy calculation node acquires plaintext data m submitted by a user, and then encrypts the data to generate a ciphertext. The preset homomorphic encryption algorithm is designed as follows:
1) the privacy computation node generates two large prime numbers p and q as a private key sk, and the public key pk is w ═ p × q.
2) Converting m into binary plaintext data b1b2 … bn, wherein n is the number of bits of the binary plaintext data, then selecting a random number ri for each bit bi, and then encrypting each bit bi to generate a ciphertext:
Figure BDA0002748322370000111
(w is a public key);
3) and serially connecting the bit ciphertext ci of each bit plaintext bi to form a ciphertext character string C (C1 … cn), and linking C and the anonymous user identifier as ciphertext data to a block chain. The privacy computing nodes each link the ciphertext of the user in the respective organization to the blockchain.
Thirdly, ciphertext comparison and point-to-point transmission of ciphertext comparison results:
the privacy computation node queries the ciphertext data (encrypted data) of all users through the block chain, and then ciphertext comparison is carried out to generate an encryption comparison result. The algorithm is designed as follows:
for plaintext data, the plaintext comparison algorithm is:
Figure BDA0002748322370000112
the above formula represents: for the j-th bit, if all the bits in the plaintext are greater than j are equal, m is equalbIf the jth bit is large, F returns to 1 to represent mb>ma. The truth table example is as follows:
mb ma comparison results
0 0 0
0 1 0
1 0 1
1 1 0
Since the plaintext data, but the ciphertext data, acquired by the privacy computing node need to be compared according to the ciphertext data, the plaintext data needs to be compared by mapping to the ciphertext through homomorphism.
The homomorphic mapping rule is as follows:
non-homomorphic nature of encryption:
Figure BDA0002748322370000125
encrypted xor homomorphic properties:
Figure BDA0002748322370000121
encrypted and homomorphic properties: encAND(b1)·EncAND(b2)=EncAND(b1∧b2)。
Wherein EncAND(b) G0 g1 … gn, wherein
Figure BDA0002748322370000122
Wherein y isiIs a random bit, 0 or 1, m being plaintext data.
And the privacy calculation node inquires all ciphertext data Ci of the users participating in the sequencing on the chain.
The comparison algorithm under ciphertext is therefore:
Figure BDA0002748322370000123
the privacy computing node compares the ciphertext size of each user through a ciphertext comparison algorithm, the F value is a comparison result in a ciphertext state, decryption is needed to be carried out on each digit, and the decryption algorithm is as follows:
the privacy computation node decrypts the comparison result of each user through a decryption algorithm, and finally obtains a final result of comparison size through OR operation, wherein the property of the OR operation is as follows:
if the decryption result of each bit ciphertext in the F is 0, it indicates that the data of the other user is less than or equal to the data of the user.
Figure BDA0002748322370000124
If one of the decryption results of each bit ciphertext in the F is 1, it indicates that the data of other users is larger than the data of the user.
And finally, ranking the user names, wherein the ranking is specifically designed as follows: the name of a user is initially set to be 1, when the ciphertext of the user is larger than that of the user, the name of the user is increased by 1, and otherwise, the name of the user is not changed. After the comparison with all other users is completed, the privacy computing node determines the ranking of the users. Examples are as follows:
for example, the data of three users U1, U2 and U3 are m 1-5, m 2-1 and m 3-8 respectively, the privacy computation node generates corresponding ciphertext data, U1: C1, U: C2 and U2: C3, and then chains up the ciphertext data. The privacy node compares and decrypts the ciphertexts of the three users in sequence through a cipher text comparison algorithm to obtain a final comparison result as follows:
u1 comparative process (vs for comparison):
u2 vs U1 ═ C2 vs C1, resulting in 0, m2 less than or equal to m1, with the designation R1 ═ 1.
U3 vs U1 ═ C3 vs C1, resulting in 1, m3 greater than m1, the designation R1 ═ 1+1 ═ 2, and U1 finally the designation 2.
U2 comparative process (vs for comparison):
u1 vs U2 ═ C1 vs C2, resulting in 1, m1 greater than m2, and the nomenclature R2 ═ 1+1 ═ 2.
U3 vs U2 ═ C3 vs C2, resulting in 1, m3 greater than m2, the designation R2 ═ 2+1 ═ 3, and U2 finally the designation 3.
U3 comparative process (vs for comparison):
u1 vs U3 ═ C1 vs C3, resulting in 0, m1 less than or equal to m3, with the designation R3 ═ 1.
U2 vs U3 ═ C2 vs C3, resulting in 0, m2 less than or equal to m3, with the designation R3 ═ 1, and U3 finally named 1.
Fourthly, the privacy computing node transmits the sequencing result:
the user sends a query request to the privacy computing node through the client to obtain the nouns of the user, and the privacy computing node adopts HTTPS to construct a secure channel to carry out encryption transmission on sequencing results. The confidentiality of the data sent to the client by the privacy computing node is ensured, other users and third-party organizations cannot obtain the sequencing result of the user, and the privacy safety is ensured.
U1, U2, and U3 all know the respective ranking, but not the rankings of other users.
As shown in fig. 3, the present invention provides a data sorting apparatus, including: the processing module 301 is configured to encrypt plaintext data of a home terminal user by using a preset homomorphic encryption algorithm based on a random number to obtain first encrypted data; an obtaining module 302, configured to obtain each second encrypted data of each anonymous user; the second encrypted data are obtained by encrypting through the preset homomorphic encryption algorithm; the preset homomorphic encryption algorithm meets homomorphic characteristics of a size relation; the processing module 301 is further configured to compare the size of the first encrypted data with the size of each second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm, so as to obtain each encryption comparison result; decrypting each encrypted comparison result according to a preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain each decrypted comparison result; and determining the name of the home terminal user according to the decryption comparison results.
Optionally, for any encrypted data in the first encrypted data and the second encrypted data, the encrypted data is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner: converting the plaintext data of the encrypted data into binary plaintext data; and encrypting each bit of plaintext of the binary plaintext data according to the preset homomorphic encryption algorithm to obtain a bit ciphertext of the bit plaintext, so as to obtain the encrypted data.
Optionally, the bit ciphertext is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner:
Figure BDA0002748322370000141
ckfor the bit cipher text, bkFor the plaintext of said bit, rkTo aim at bkAnd k is the number of the bit plaintext in the binary plaintext data, mod is a modular operation, w is a public key, w is p q, p and q are prime numbers, and p and q are private keys.
Optionally, for any one of the second encrypted data, the first privacy calculating end obtains an encryption comparison result between the first encrypted data and the second encrypted data by using the following formula:
Figure BDA0002748322370000142
f is the result of the comparison between the first and second encrypted data, n is the maximum value of the binary digits in the first and second encrypted data, C1,jPadding the first encrypted data with n-bit th bit ciphertext, C2,jPadding the second encrypted data with n-bit j-th bit ciphertext, C1,iPadding the first encrypted data with an i-th bit ciphertext of n bits, C2,iPadding the second encrypted data with the i-th bit ciphertext of the n bits,
Figure BDA0002748322370000143
is a logic non-operation, V is a logic OR operation, II represents a continuous product operation, Enc is the preset homomorphic encryption algorithm, EncANDAnd performing homomorphism and operation in the preset comparison algorithm.
Optionally, for any second encrypted data in the second encrypted data, the first privacy computation end specifically decrypts the encrypted comparison result between the first encrypted data and the second encrypted data by using the following formula, so as to obtain the decrypted comparison result between the first encrypted data and the second encrypted data:
Figure BDA0002748322370000151
dtfor the result of the bit t in the comparison of the decryption of the first encrypted data and the second encrypted data, FtThe bit cipher text of the t-th bit in the encryption comparison result of the first encrypted data and the second encrypted data; if for any one of t, dtIf both are 0, it means that the second encrypted data is less than or equal to the first encrypted data; if any t is present, dtA value of 1 indicates that the second encrypted data is larger than the first encrypted data.
Optionally, the second encrypted data is stored in the block chain by each second privacy computation end of each second anonymous user, and the obtaining module 302 is specifically configured to: and acquiring the second encrypted data from the block chain.
Optionally, the processing module 301 is further configured to: acquiring a query request of the home terminal user; and sending the name of the home terminal user to the home terminal user through a secure channel constructed by a hypertext transfer security protocol (HTTPS).
Based on the same inventive concept, the embodiment of the present invention also provides a computer device, which includes a program or instructions, and when the program or instructions are executed, the data sorting method and any optional method provided by the embodiment of the present invention are executed.
Based on the same inventive concept, the embodiment of the present invention also provides a computer-readable storage medium, which includes a program or instructions, and when the program or instructions are executed, the data sorting method and any optional method provided by the embodiment of the present invention are executed.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (10)

1. A method of data ordering, comprising:
the method comprises the steps that a first privacy calculation end encrypts plaintext data of a home end user through a preset homomorphic encryption algorithm based on random numbers to obtain first encrypted data;
the first privacy computation terminal acquires second encrypted data of anonymous users; the second encrypted data are obtained by encrypting through the preset homomorphic encryption algorithm; the preset homomorphic encryption algorithm meets homomorphic characteristics of a size relation;
the first privacy calculation end compares the sizes of the first encrypted data and the second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm to obtain encryption comparison results;
the first privacy computation end decrypts the encryption comparison results according to a preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain decryption comparison results;
and the first privacy calculation terminal determines the ranking of the home terminal user according to the decryption comparison results.
2. The method according to claim 1, wherein for any one of the first encrypted data and the second encrypted data, the encrypted data is obtained by encrypting through the preset homomorphic encryption algorithm in the following manner:
converting the plaintext data of the encrypted data into binary plaintext data;
and encrypting each bit of plaintext of the binary plaintext data according to the preset homomorphic encryption algorithm to obtain a bit ciphertext of the bit plaintext, so as to obtain the encrypted data.
3. The method of claim 2, wherein the bit cipher text is encrypted by the pre-defined homomorphic encryption algorithm in particular in the following manner:
Figure FDA0002748322360000011
ckfor the bit cipher text, bkFor the plaintext of said bit, rkTo aim at bkAnd k is the number of the bit plaintext in the binary plaintext data, mod is a modular operation, w is a public key, w is p q, p and q are prime numbers, and p and q are private keys.
4. The method according to claim 3, wherein the first privacy-calculating terminal obtains the encrypted comparison result of the first encrypted data and the second encrypted data by specifically using the following formula for any one of the second encrypted data:
Figure FDA0002748322360000021
f is the first encrypted data and the second encryptionThe result of the encrypted comparison of data, n being the maximum value of the number of binary digits in the first encrypted data and the second encrypted data, C1,jPadding the first encrypted data with n-bit th bit ciphertext, C2,jPadding the second encrypted data with n-bit j-th bit ciphertext, C1,iPadding the first encrypted data with an i-th bit ciphertext of n bits, C2,iPadding the second encrypted data with the i-th bit ciphertext of the n bits,
Figure FDA0002748322360000023
is a logic non-operation, V is a logic OR operation, II represents a continuous product operation, Enc is the preset homomorphic encryption algorithm, EncANDAnd performing homomorphism and operation in the preset comparison algorithm.
5. The method according to claim 4, wherein for any one of the second encrypted data, the first privacy-calculating terminal decrypts the encrypted comparison result of the first encrypted data and the second encrypted data by using the following formula, to obtain the decrypted comparison result of the first encrypted data and the second encrypted data:
Figure FDA0002748322360000022
dtfor the result of the bit t in the comparison of the decryption of the first encrypted data and the second encrypted data, FtThe bit cipher text of the t-th bit in the encryption comparison result of the first encrypted data and the second encrypted data; if for any one of t, dtIf both are 0, it means that the second encrypted data is less than or equal to the first encrypted data; if any t is present, dtA value of 1 indicates that the second encrypted data is larger than the first encrypted data.
6. The method of any of claims 1 to 5, wherein the respective second encrypted data is stored in a blockchain by the respective second privacy computation side of the respective second anonymous user; the first privacy computing terminal obtains second encrypted data of anonymous users, and the method comprises the following steps:
and the first privacy computation end acquires the second encrypted data from the block chain.
7. The method of any of claims 1 to 5, further comprising:
the first privacy computation terminal acquires a query request of the local terminal user;
and the first privacy computing terminal sends the name of the home terminal user to the home terminal user through a security channel constructed by a hypertext transfer security protocol (HTTPS).
8. A data sorting apparatus, comprising:
the processing module is used for encrypting plaintext data of a home terminal user through a preset homomorphic encryption algorithm based on a random number to obtain first encrypted data;
the acquisition module is used for acquiring each second encrypted data of each anonymous user; the second encrypted data are obtained by encrypting through the preset homomorphic encryption algorithm; the preset homomorphic encryption algorithm meets homomorphic characteristics of a size relation;
the processing module is further configured to compare the sizes of the first encrypted data and the second encrypted data according to a preset homomorphic comparison algorithm corresponding to the preset homomorphic encryption algorithm to obtain encryption comparison results; decrypting each encrypted comparison result according to a preset homomorphic decryption algorithm corresponding to the preset homomorphic encryption algorithm to obtain each decrypted comparison result; and determining the name of the home terminal user according to the decryption comparison results.
9. A computer device comprising a program or instructions that, when executed, perform the method of any of claims 1 to 7.
10. A computer-readable storage medium comprising a program or instructions which, when executed, perform the method of any of claims 1 to 7.
CN202011174485.8A 2020-10-28 2020-10-28 Data sorting method and device Pending CN112182660A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011174485.8A CN112182660A (en) 2020-10-28 2020-10-28 Data sorting method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011174485.8A CN112182660A (en) 2020-10-28 2020-10-28 Data sorting method and device

Publications (1)

Publication Number Publication Date
CN112182660A true CN112182660A (en) 2021-01-05

Family

ID=73916107

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011174485.8A Pending CN112182660A (en) 2020-10-28 2020-10-28 Data sorting method and device

Country Status (1)

Country Link
CN (1) CN112182660A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112906044A (en) * 2021-05-10 2021-06-04 腾讯科技(深圳)有限公司 Multi-party security calculation method, device, equipment and storage medium
CN116150795A (en) * 2023-04-17 2023-05-23 粤港澳大湾区数字经济研究院(福田) Homomorphic encryption-based data processing method, system and related equipment
CN116204912A (en) * 2023-04-28 2023-06-02 北京天润基业科技发展股份有限公司 Data processing method and device based on isomorphic encryption
CN116881950A (en) * 2023-09-05 2023-10-13 北京天润基业科技发展股份有限公司 Processing method and device of privacy data, electronic equipment and readable storage medium

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112906044A (en) * 2021-05-10 2021-06-04 腾讯科技(深圳)有限公司 Multi-party security calculation method, device, equipment and storage medium
CN112906044B (en) * 2021-05-10 2021-07-30 腾讯科技(深圳)有限公司 Multi-party security calculation method, device, equipment and storage medium
WO2022237450A1 (en) * 2021-05-10 2022-11-17 腾讯科技(深圳)有限公司 Secure multi-party computation method and apparatus, and device and storage medium
CN116150795A (en) * 2023-04-17 2023-05-23 粤港澳大湾区数字经济研究院(福田) Homomorphic encryption-based data processing method, system and related equipment
CN116204912A (en) * 2023-04-28 2023-06-02 北京天润基业科技发展股份有限公司 Data processing method and device based on isomorphic encryption
CN116204912B (en) * 2023-04-28 2023-09-12 北京天润基业科技发展股份有限公司 Data processing method and device based on isomorphic encryption
CN116881950A (en) * 2023-09-05 2023-10-13 北京天润基业科技发展股份有限公司 Processing method and device of privacy data, electronic equipment and readable storage medium
CN116881950B (en) * 2023-09-05 2023-11-10 北京天润基业科技发展股份有限公司 Processing method and device of privacy data, electronic equipment and readable storage medium

Similar Documents

Publication Publication Date Title
US11936774B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CN110008717B (en) Decision tree classification service system and method supporting privacy protection
CN112182660A (en) Data sorting method and device
WO2019115697A1 (en) Method for faster secure multiparty inner product with spdz
CN106961336A (en) A kind of key components trustship method and system based on SM2 algorithms
CN106487506B (en) Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption
Erkin et al. Privacy-preserving distributed clustering
Jayapandian et al. Secure and efficient online data storage and sharing over cloud environment using probabilistic with homomorphic encryption
Morales-Sandoval et al. Attribute-based encryption approach for storage, sharing and retrieval of encrypted data in the cloud
Liu et al. A privacy-preserving outsourced functional computation framework across large-scale multiple encrypted domains
CN113992325B (en) Private data sharing method and device
Zhu et al. Efficient quantum blind signature scheme based on quantum Fourier transform
Yang et al. Efficient and provably secure data selective sharing and acquisition in cloud-based systems
Bera et al. Designing attribute-based verifiable data storage and retrieval scheme in cloud computing environment
CN112580071A (en) Data processing method and device
Cui et al. Towards Multi-User, Secure, and Verifiable $ k $ NN Query in Cloud Database
Hong et al. Constructing conditional PKEET with verification mechanism for data privacy protection in intelligent systems
Jiang et al. A novel privacy preserving keyword search scheme over encrypted cloud data
GB2612310A (en) Generating shared keys
Wu et al. Bit-oriented quantum public-key cryptosystem based on bell states
Joseph et al. Design a hybrid optimization and homomorphic encryption for securing data in a cloud environment
Gupta et al. Make your query anonymous with oblivious transfer
Baseri et al. Controlling cloud data access privilege: Cryptanalysis and security enhancement
Li et al. Bilinear‐map accumulator‐based verifiable intersection operations on encrypted data in cloud
Gangula Computation of Numbers using Homomorphic Encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination