CN112235111A - Key generation method, device, equipment and computer readable storage medium - Google Patents

Key generation method, device, equipment and computer readable storage medium Download PDF

Info

Publication number
CN112235111A
CN112235111A CN202011493114.6A CN202011493114A CN112235111A CN 112235111 A CN112235111 A CN 112235111A CN 202011493114 A CN202011493114 A CN 202011493114A CN 112235111 A CN112235111 A CN 112235111A
Authority
CN
China
Prior art keywords
plaintext
range
ciphertext
value
nth
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011493114.6A
Other languages
Chinese (zh)
Other versions
CN112235111B (en
Inventor
刘洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202011493114.6A priority Critical patent/CN112235111B/en
Publication of CN112235111A publication Critical patent/CN112235111A/en
Application granted granted Critical
Publication of CN112235111B publication Critical patent/CN112235111B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Abstract

The application provides a key generation method, a device, equipment and a computer readable storage medium; the method is applied to the technical field of cloud, and comprises the following steps: dividing a plaintext numerical value region of a plaintext data set into N plaintext ranges which are sequentially arranged; n is a positive integer; generating a ciphertext numerical region according to the plaintext numerical region; dividing the ciphertext numerical region into N ciphertext ranges which are arranged in sequence; generating an nth key according to the nth plaintext range and the nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range. By the key generation method, the key cracking difficulty can be improved while the order-preserving key is generated.

Description

Key generation method, device, equipment and computer readable storage medium
Technical Field
The present application relates to the field of data security technologies, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for generating a secret key.
Background
With the rapid development and wide application of computer technology, in order to improve the security of data transmission, data to be transmitted can be encrypted through a secret key, so that the leakage of data content is avoided. In a conventional manner, data is encrypted by an asymmetric encryption method including a public key and a private key, and the private key is used for decrypting the data encrypted by the public key.
For plaintext data having a size order, it is difficult for the key generated in the related art to generate ciphertext having the same size order in encrypting the plaintext data having a size order.
Disclosure of Invention
The embodiment of the application provides a key generation method, a key generation device and a computer-readable storage medium, which can improve the key cracking difficulty while generating an order-preserving key.
The technical scheme of the embodiment of the application is realized as follows:
the embodiment of the application provides a key generation method, which comprises the following steps: dividing a plaintext numerical value region of a plaintext data set into N plaintext ranges which are sequentially arranged; n is a positive integer; generating a ciphertext numerical region according to the plaintext numerical region; dividing the ciphertext numerical region into N ciphertext ranges which are arranged in sequence; generating an nth key according to the nth plaintext range and the nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range.
An embodiment of the present application provides a key generation apparatus, including:
the first dividing module is used for dividing a plaintext numerical value area of a plaintext data set into N plaintext ranges which are arranged in sequence; n is a positive integer;
the first generation module is used for generating a ciphertext numerical value region according to the plaintext numerical value region;
the second dividing module is used for dividing the ciphertext numerical region into N ciphertext ranges which are arranged in sequence;
the second generation module is used for generating an nth key according to the nth plaintext range and the nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range.
An embodiment of the present application provides a key generation device, including:
a memory for storing executable instructions;
and the processor is used for realizing the key generation method provided by the embodiment of the application when the processor executes the executable instructions stored in the memory.
The embodiment of the present application provides a computer-readable storage medium, which stores executable instructions for causing a processor to implement the key generation method provided by the embodiment of the present application when executed.
The embodiment of the application has the following beneficial effects:
according to the embodiment of the application, a plaintext numerical value region corresponding to a plaintext data set is divided into N plaintext ranges which are sequentially arranged, a ciphertext numerical value region is divided into N ciphertext ranges which are sequentially arranged, and the corresponding relation between the plaintext numerical value in the plaintext range and the ciphertext numerical value in the ciphertext range is realized through a conversion function with order preservation. Therefore, the secret key generated according to the embodiment of the application can realize the encryption and decryption process with order preservation; in addition, as the corresponding nth key is generated aiming at the nth plaintext range and the nth ciphertext range, the generated N keys are completely different due to different plaintext ranges or ciphertext ranges, and the key cracking difficulty can be improved.
Drawings
Fig. 1 is a schematic diagram of an alternative architecture of a key generation system provided in an embodiment of the present application;
fig. 2 is a schematic structural diagram of a key generation device provided in an embodiment of the present application;
fig. 3 is an alternative flow chart of a key generation method provided in the embodiment of the present application;
fig. 4 is an alternative flow chart of a key generation method provided in the embodiment of the present application;
fig. 5 is an alternative flow chart of a key generation method provided in the embodiment of the present application;
fig. 6 is an alternative flow chart of a key generation method provided in the embodiment of the present application;
fig. 7 is an alternative flowchart of a key generation method provided in an embodiment of the present application;
fig. 8 is a schematic diagram of an alternative segmentation process provided in an embodiment of the present application.
Detailed Description
In order to make the objectives, technical solutions and advantages of the present application clearer, the present application will be described in further detail with reference to the attached drawings, the described embodiments should not be considered as limiting the present application, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.
In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" may be the same subset or different subsets of all possible embodiments, and may be combined with each other without conflict.
In the following description, the terms "first \ second \ third" are used merely for distinguishing similar objects and do not represent specific ordering for the objects, and it is understood that "first \ second \ third" may be interchanged with specific order or sequence where permitted so that the embodiments of the present application described in the present embodiment can be implemented in an order other than that shown or described in the present embodiment.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of the present application only and is not intended to be limiting of the application.
Before further detailed description of the embodiments of the present invention, terms and expressions mentioned in the embodiments of the present invention are explained, and the terms and expressions mentioned in the embodiments of the present invention are applied to the following explanations.
(1) A cryptographic system: is secretThe basic unit in cryptography, a cryptosystem, can be represented by a five-tuple:
Figure 21037DEST_PATH_IMAGE001
wherein
Figure 934766DEST_PATH_IMAGE002
The plaintext space is represented as a space in the clear,
Figure 209889DEST_PATH_IMAGE003
the space of the ciphertext is represented,
Figure 525464DEST_PATH_IMAGE004
representing a key space, representing a cryptographic function space,
Figure 302708DEST_PATH_IMAGE005
representing the decryption function space.
(2) Order preservation of cryptographic systems: considering a cryptographic system
Figure 500471DEST_PATH_IMAGE001
The cryptographic system executes a key generation algorithm to obtain a key
Figure 516969DEST_PATH_IMAGE006
The corresponding encryption function is
Figure 483788DEST_PATH_IMAGE007
. If the cryptographic system has order preserving property, then it can process any plaintext
Figure 927539DEST_PATH_IMAGE008
Satisfy the requirement of
Figure 612598DEST_PATH_IMAGE009
(ii) a If and only if
Figure 665742DEST_PATH_IMAGE010
(3) Secure multi-party computing: secure multiparty computing is a sub-field of cryptography, a question of researchThe question is when
Figure 955909DEST_PATH_IMAGE011
A participant
Figure 632878DEST_PATH_IMAGE012
Respectively hold secrets
Figure 742917DEST_PATH_IMAGE013
How to accomplish specific and common calculation targets under the premise of protecting privacy from disclosure
Figure 163534DEST_PATH_IMAGE014
(4) Strictly increasing (stringly increasing): meaning that as any argument of the function increases, the value of the function also increases.
(5) KL distance: is short for Kullback-Leibler difference (Kullback-Leibler bias), also called Relative Entropy (Relative Entropy). It measures the difference between two probability distributions in the same event space.
Referring to fig. 1, fig. 1 is an alternative architecture diagram of a key generation system 100 provided in this embodiment of the present application, in order to support a key generation application, terminals (terminal 400-1 and terminal 400-2 are exemplarily shown) are connected to a server 200 through a network 300, and the network 300 may be a wide area network or a local area network, or a combination of both. Fig. 1 further shows that the server 200 may be a server cluster, where the server cluster includes servers 200-1 to 200-3, and similarly, the servers 200-1 to 200-3 may be physical machines, or virtual machines constructed by using virtualization technologies (such as container technology and virtual machine technology), which is not limited in this embodiment, and of course, a single server may also be used to provide services in this embodiment.
In some embodiments of the present application, the server 200 may divide the plaintext value region of the plaintext data set into N plaintext ranges arranged in order; n is a positive integer; generating a ciphertext numerical region according to the plaintext numerical region; dividing the ciphertext numerical region into N ciphertext ranges which are arranged in sequence; generating an nth key according to the nth plaintext range and the nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range. The server 200 may also encrypt plaintext data to be transmitted by using the N generated keys, transmit the obtained ciphertext data to the terminal 400-1, decrypt the ciphertext data by using the N keys at the terminal 400-1, and display the decrypted plaintext data on the interactive interface 410-1; after the terminal 400-1 receives the plaintext data input by the user through the interactive interface 410-2, the terminal 400-1 encrypts the plaintext data through the N keys and transmits the obtained ciphertext data to the server 200, and the server 200 may further receive the ciphertext data sent by the terminal and decrypt the ciphertext data through the generated N keys.
The embodiments of the present application may be implemented by means of Cloud Technology (Cloud Technology), which refers to a hosting Technology for unifying series resources such as hardware, software, and network in a wide area network or a local area network to implement data calculation, storage, processing, and sharing.
The cloud technology is based on the general names of network technology, information technology, integration technology, management platform technology, application technology and the like applied in the cloud computing business model, can form a resource pool, is used as required, and is flexible and convenient. Cloud computing technology will become an important support. Background services of technical network systems require a large amount of computing, storage resources, such as web portals of educational systems.
As an example, the server 200 may be an independent physical server, may be a server cluster or a distributed system formed by a plurality of physical servers, and may also be a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a web service, cloud communication, a middleware service, a domain name service, a security service, a CDN, and a big data and artificial intelligence platform. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server 200 may be directly or indirectly connected through wired or wireless communication, and the embodiment of the present application is not limited thereto.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a key generation device 500 provided in an embodiment of the present application, where the key generation device 500 shown in fig. 2 includes: at least one processor 510, memory 550, at least one network interface 520, and a user interface 530. The various components in the key generation device 500 are coupled together by a bus system 540. It is understood that the bus system 540 is used to enable communications among the components. The bus system 540 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 540 in fig. 2.
The Processor 510 may be an integrated circuit chip having Signal processing capabilities, such as a general purpose Processor, a Digital Signal Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like, wherein the general purpose Processor may be a microprocessor or any conventional Processor, or the like.
The user interface 530 includes one or more output devices 531 enabling presentation of media content, including one or more speakers and/or one or more visual display screens. The user interface 530 also includes one or more input devices 532, including user interface components to facilitate user input, such as a keyboard, mouse, microphone, touch screen display, camera, other input buttons and controls.
The memory 550 may comprise volatile memory or nonvolatile memory, and may also comprise both volatile and nonvolatile memory. The non-volatile Memory may be a Read Only Memory (ROM), and the volatile Memory may be a Random Access Memory (RAM). The memory 550 described in embodiments herein is intended to comprise any suitable type of memory. Memory 550 optionally includes one or more storage devices physically located remote from processor 510.
In some embodiments of the present application, memory 550 can store data to support various operations, examples of which include programs, modules, and data structures, or subsets or supersets thereof, as exemplified below.
An operating system 551 including system programs for processing various basic system services and performing hardware-related tasks, such as a framework layer, a core library layer, a driver layer, etc., for implementing various basic services and processing hardware-based tasks;
a network communication module 552 for communicating to other computing devices via one or more (wired or wireless) network interfaces 520, exemplary network interfaces 520 including: bluetooth, wireless compatibility authentication (WiFi), and Universal Serial Bus (USB), etc.;
a display module 553 for enabling presentation of information (e.g., a user interface for operating peripherals and displaying content and information) via one or more output devices 531 (e.g., a display screen, speakers, etc.) associated with the user interface 530;
an input processing module 554 to detect one or more user inputs or interactions from one of the one or more input devices 532 and to translate the detected inputs or interactions.
In some embodiments of the present application, the key generation apparatus provided in the embodiments of the present application may be implemented by a combination of hardware and software, and by way of example, the key generation apparatus provided in the embodiments of the present application may be a processor in the form of a hardware decoding processor, which is programmed to execute the key generation method provided in the embodiments of the present application.
In some embodiments of the present application, the key generation apparatus provided in the embodiments of the present application may be implemented in software, and fig. 2 shows a key generation apparatus 555 stored in a memory 550, which may be software in the form of programs and plug-ins, and includes the following software modules: the first dividing module 5551, the first generating module 5552, the second dividing module 5553 and the second generating module 5554 are logical, and thus may be arbitrarily combined or further divided according to the implemented functions.
The functions of the respective modules will be explained below.
In other embodiments, the apparatus provided in the embodiments of the present Application may be implemented in hardware, and for example, the apparatus provided in the embodiments of the present Application may be a processor in the form of a hardware decoding processor, which is programmed to execute the key generation method provided in the embodiments of the present Application, for example, the processor in the form of the hardware decoding processor may be one or more Application Specific Integrated Circuits (ASICs), DSPs, Programmable Logic Devices (PLDs), Complex Programmable Logic Devices (CPLDs), Field Programmable Gate Arrays (FPGAs), or other electronic components.
In this embodiment of the present application, a key generation method provided by this embodiment of the present application will be described with a server as an execution subject.
Referring to fig. 3, fig. 3 is an alternative flowchart of a key generation method provided in an embodiment of the present application, and will be described with reference to the steps shown in fig. 3.
In step 301, a plaintext value region of a plaintext data set is divided into N plaintext ranges arranged in a sequence.
In some embodiments of the present application, the present application may generate different keys based on the plaintext value regions of the plaintext data set. The plaintext data set is a real number set with a sequence, for example, for a consumption data scene, the plaintext data set may be at least one consumption amount arranged according to an amount size; for a counting scenario, the plaintext data set may be at least one count value arranged in count values.
In some embodiments of the present application, the plaintext data set corresponds to a plaintext value region such that at least one plaintext sample in the plaintext data set may fall within the plaintext value region.
Wherein the plaintext value field may be determined by the largest plaintext sample and the smallest plaintext sample in the plaintext data set. For example, if there exists a plaintext data set of "-1.5, 0.5, 3.2, 11.3, 32.0", the plaintext value field corresponding to the plaintext data set may be [ -1.5, 32], and all the plaintext samples may be allowed to fall within the plaintext value field through the plaintext value field.
It should be noted that "(" and ")" in "(a, b)" used in the present application means an open section, that is, a boundary of the section is not included in the range of the section; "[" and "]" in "[ a, b ]" indicate a closed interval, that is, the inclusion of interval boundaries within an interval range. For example:
[ a, b ]: a < = x < = b, and the value of x comprises a and b;
a < x < b, wherein the value of x does not include a and b;
[ a, b): a < = x < b, wherein the values of x comprise a and not comprise b;
(a, b: a < x < = b, x takes the values excluding a and including b.
The plaintext numerical value area can be determined by tolerance value parameters, the largest plaintext sample and the smallest plaintext sample in the plaintext data set; the tolerance parameter may be any real number. For example, if there exists a plaintext data set of "-1.5, 0.5, 3.2, 11.3, 32.0", the plaintext value region corresponding to the plaintext data set may be [ -1.5-e, 32+ e ], [ -1.5-e, 32] or [ -1.5, 32+ e ], and all plaintext samples may fall into the plaintext region through the obtained plaintext value region.
It should be noted that, in order to make the plaintext value region embody the range characteristic of the plaintext data set, the smaller the tolerance parameter setting, the more the range characteristic can be embodied.
In some embodiments of the present application, the above step 301 may be implemented by: and extracting N-1 segmentation values from the plaintext numerical value region, and segmenting the plaintext numerical value region through the segmentation values to obtain N plaintext ranges. For example, if there is a plaintext data set of "-1.5, 0.5, 3.2, 11.3, 32.0", and the corresponding plaintext value field is [ -1.5, 32], in the case where N is 2, 1 division value, such as "10", may be extracted in the plaintext value field, and the plaintext value field may be divided into 2 plaintext ranges arranged in order by the division value, including: [ -1.5, 10], (10, 32 ].
In step 302, a ciphertext numerical region is generated from the plaintext numerical region.
In some embodiments of the present application, the plaintext numerical value region is subjected to region transformation to obtain a ciphertext numerical value region corresponding to the plaintext numerical value region. The region transformation processing is used for generating a maximum ciphertext numerical value and a minimum ciphertext numerical value of the ciphertext numerical region based on the maximum plaintext numerical value and the minimum plaintext numerical value of the plaintext numerical region, and further determining the ciphertext numerical region according to the maximum ciphertext numerical value and the minimum ciphertext numerical value.
For example, for the plain text value region of [ -1.5, 32 [ ]]The maximum plaintext value is 32 and the minimum plaintext value is-1.5. May be adjusted by a predetermined transformation rule, for example, when the transformation rule is Y = X2Under the condition of (2), the minimum ciphertext numerical value corresponding to the minimum plaintext numerical value is 2.25, the maximum ciphertext numerical value corresponding to the maximum plaintext numerical value is 1024, and the ciphertext numerical value region is [2.25 ] or 1024]。
In step 303, the ciphertext value region is divided into N ciphertext ranges arranged in order.
In some embodiments of the present application, step 303 may be implemented as follows: determining N-1 third segmentation numerical values according to the minimum ciphertext numerical value and the maximum ciphertext numerical value of the ciphertext numerical value region; and dividing the ciphertext numerical region into N ciphertext ranges arranged in sequence according to the N-1 third division numerical values.
For example, if there is a ciphertext value region of [2.25, 1024], where N is 2, 1 partition value, such as "500", may be extracted within the ciphertext value region, and the ciphertext value region may be divided into 2 ciphertext ranges arranged in order by the partition value, including: [2.25, 500], (500, 1024 ].
In step 304, an nth key is generated according to an nth plaintext range and an nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range.
In some embodiments of the present application, for the generated N plaintext extents and N ciphertext extents arranged in order, the nth plaintext extent may be corresponding to the nth ciphertext extent according to the number of the plaintext extents and the number of the ciphertext extents. Further, an nth key is generated according to the nth plaintext range and the nth ciphertext range, and further N keys can be obtained.
In some embodiments of the present application, for an nth plaintext range and an nth ciphertext range, a conversion function between any plaintext value in the nth plaintext range and only one ciphertext value in the nth ciphertext range may be determined according to a minimum range value and a maximum range value of the nth plaintext range and a minimum range value and a maximum range value of the nth ciphertext range, and the conversion function may be used as the nth key.
It should be noted that the conversion function is a strictly increasing function, that is, as the extracted plaintext value increases in a plaintext range, the only ciphertext value falling into the ciphertext range determined according to the plaintext value and the conversion function also increases.
According to the above description, since the N plaintext ranges and the N ciphertext ranges are arranged in sequence, the only one ciphertext value in the first ciphertext range corresponding to any one plaintext value in the first plaintext range is necessarily smaller than the only one ciphertext value in the second ciphertext range to the N ciphertext range corresponding to any one plaintext value in the second plaintext range to the N plaintext range. Moreover, because the conversion relationship between any plaintext range and any ciphertext range is also a strict increasing function, the N keys obtained by the present application can implement order-preserving encryption, that is, when the first plaintext value is greater than the second plaintext value, the first ciphertext value obtained after encryption is also greater than the second ciphertext value.
In some embodiments of the present application, the method may further comprise: obtaining a plaintext to be encrypted; determining a target plaintext range corresponding to a plaintext to be encrypted in the N plaintext ranges; and encrypting the plaintext to be encrypted according to the key corresponding to the target plaintext range.
In some embodiments of the present application, the method may further comprise: obtaining a ciphertext to be decrypted; determining a target ciphertext range corresponding to the ciphertext to be decrypted in the N ciphertext ranges; and decrypting the cipher text to be decrypted according to the key corresponding to the target cipher text range.
As can be seen from the foregoing exemplary implementation of fig. 3 in the embodiment of the present application, a plaintext numerical value region corresponding to a plaintext data set is divided into N plaintext ranges arranged in sequence, and a ciphertext numerical value region is divided into N ciphertext ranges arranged in sequence, and a corresponding relationship between a plaintext numerical value in the plaintext range and a ciphertext numerical value in the ciphertext range is implemented by a conversion function with order preserving property. Therefore, the secret key generated according to the embodiment of the application can realize the encryption and decryption process with order preservation; in addition, as the corresponding nth key is generated aiming at the nth plaintext range and the nth ciphertext range, the generated N keys are completely different due to different plaintext ranges or ciphertext ranges, and the key cracking difficulty can be improved.
In some embodiments of the present application, referring to fig. 4, fig. 4 is an optional flowchart of a key generation method provided in the embodiments of the present application, and based on fig. 3, step 301 shown in fig. 3 may be updated to step 401 to step 403.
In step 401, determining a first segmentation value according to the minimum plaintext value and the maximum plaintext value of the plaintext value region to generate a first initial plaintext range and a second initial plaintext range; a first initial plaintext range is determined by the minimum plaintext value and the first split value; the second initial plaintext range is determined by the first split value and the largest plaintext value.
In some embodiments of the present application, in the process of dividing the plaintext value field into N plaintext ranges, the plaintext value field needs to be initially divided to obtain a first initial plaintext range and a second initial plaintext range. The method comprises the steps of determining a first division value according to a minimum plaintext value and a maximum plaintext value of a plaintext value area, and dividing the plaintext value area according to the first division value.
The minimum plaintext value and the maximum plaintext value may be input to a preset first division value determining function, so as to obtain a first division value output by the first division value determining function. The first segmentation value determination function is configured to determine a real number between the minimum plaintext value and the maximum plaintext value as the first segmentation value. For example, the first segmentation value function may be set to be a random function between the minimum plaintext value and the maximum plaintext value, or may be an average of the minimum plaintext value and the maximum plaintext value.
In step 402, determining a plaintext range to be segmented in at least two initial plaintext ranges generated currently under the condition that the at least two initial plaintext ranges generated currently meet the segmentation requirement, and segmenting the plaintext range to be segmented; the at least two initial plaintext extents that are currently generated comprise a first initial plaintext extent and a second initial plaintext extent.
In some embodiments of the present application, after generating the first initial plaintext extent and the second initial plaintext extent, the at least two initial plaintext extents that have been currently generated include only the first initial plaintext extent and the second initial plaintext extent. Then, whether at least two initial plaintext ranges which are generated currently meet a preset segmentation requirement needs to be judged, under the condition that the at least two initial plaintext ranges which are generated currently meet the segmentation requirement, a plaintext range to be segmented is determined in the at least two initial plaintext ranges which are generated currently, the plaintext range to be segmented is further segmented, and whether the at least two initial plaintext ranges which are generated currently meet the segmentation requirement is continuously judged; in case that the at least two initial plaintext ranges that have been currently generated do not satisfy the splitting requirement, the splitting is stopped and step 403 is performed.
The segmentation requirement may include that the range number of the at least two initial plaintext ranges that have been currently generated is smaller than the range number threshold, and the number of plaintext samples in at least one initial plaintext range is larger than a preset sample number.
In step 403, the at least two initial plaintext ranges that are currently generated are arranged in sequence to obtain N plaintext ranges until the at least two initial plaintext ranges that are currently generated do not satisfy the segmentation requirement.
In some embodiments of the present application, in step 402, in a case that at least two initial plaintext ranges that have been currently generated satisfy the segmentation requirement, the steps of determining a plaintext range to be segmented and segmenting the plaintext range to be segmented are repeatedly performed until at least two initial plaintext ranges that have been currently generated do not satisfy the segmentation requirement, and the at least two initial plaintext ranges that have been currently generated are sequentially arranged to obtain the N plaintext ranges.
For example, if the plaintext value region is [ -1.5, 32], in the case where the first division value is determined to be 10, the first initial plaintext range [ -1.5, 10] and the second initial plaintext range (10, 32) can be obtained, in the case where it is determined that the at least two initial plaintext ranges that have been currently generated (including [ -1.5, 10] and (10, 32 ]) satisfy the division requirement, the plaintext range to be divided can be determined to be (10, 32), the plaintext range to be divided can be further divided to obtain (10, 22) and (22, 32), in the case where the at least two initial plaintext ranges that have been currently generated include [ -1.5, 10], (10, 22] and (22, 32), and in the case where it is determined that the at least two initial plaintext ranges that have been currently generated do not satisfy the division requirement, the plaintext range [ -1.5, 10], (10, 32) can be, (10, 22] and (22, 32) are sequentially taken as the 1 st plaintext range to the 3 rd plaintext range.
As can be seen from the foregoing exemplary implementation of fig. 4 in the embodiment of the present application, the embodiment of the present application can ensure that the number of plaintext samples in each plaintext range generated finally is substantially the same, the number of plaintext samples does not differ greatly, and the rationality of plaintext range segmentation is improved by segmenting the plaintext value region into the first initial plaintext range and the second initial plaintext range and further segmenting the currently generated initial plaintext range according to the segmentation requirement.
In some embodiments of the present application, referring to fig. 5, fig. 5 is an optional flowchart of a key generation method provided in this embodiment of the present application, based on fig. 4, step 402 shown in fig. 4 may be implemented by steps 501 to 505, which will be described in conjunction with the steps shown in fig. 5.
In step 501, in the case that the at least two initial plaintext extents that are currently generated satisfy the splitting requirement, the number of extents of the at least two initial plaintext extents that are currently generated is determined.
In some embodiments of the present application, the range number is the number of initial plaintext ranges currently generated.
For example, if the plain text value region is divided into [ -1.5, 32], a first initial plain text range [ -1.5, 10] and a second initial plain text range (10, 32) can be obtained, in which case the number of initial plain text ranges is 2, and after the plain text range to be divided is determined to be (10, 32), the plain text range to be divided is further divided into (10, 22] and (22, 32), in which case at least two initial plain text ranges that have been currently generated include [ -1.5, 10], (10, 22] and (22, 32], in which case the number of initial plain text ranges is 3.
In step 502, determining the number of plaintext samples in each initial plaintext range if the number of ranges is less than a preset threshold value of the number of ranges; the number of plaintext samples is the number of plaintext samples that are in the initial plaintext range.
In some embodiments of the present application, by using the range number threshold, the maximum number of generated plaintext ranges may be determined, that is, the number of keys corresponding to the plaintext data set is determined, which may avoid an excessively complex encryption algorithm caused by an excessively large number of keys, and may also reduce the data amount of the synchronous data in the data sender and the data receiver.
In some embodiments of the present application, the plaintext data set includes a plurality of plaintext samples, and after at least two initial plaintext ranges that have been generated currently are obtained, an initial plaintext range in which each plaintext sample is located may be determined, respectively, and then the number of plaintext samples in each initial plaintext range may be determined.
For example, based on the above example, in the case where the plaintext data set is "-1.5, 0.5, 3.2, 11.3, 32.0", and the at least two initial plaintext ranges that have been currently generated are [ -1.5, 10], (10, 22], and (22, 32], it can be known that the number of plaintext samples corresponding to [ -1.5, 10] is 3, (the number of plaintext samples corresponding to 10, 22] is 1, and the number of plaintext samples corresponding to 22, 32] is 1.
In step 503, at least one plaintext range to be selected is determined among the at least two initial plaintext ranges; the number of plaintext samples in the plaintext range to be selected is larger than a preset sample number threshold.
In some embodiments of the present application, an initial plaintext extent in which the number of plaintext samples is greater than a preset sample number threshold may be determined as the plaintext extent to be selected.
For example, in the case where the number of plaintext samples corresponding to at least two initial plaintext ranges that have been currently generated, i.e., [ -1.5, 10], (10, 22], and (22, 32], [ -1.5, 10], is 3, (10, 22] corresponds to 1, (22, 22] corresponds to 1), (22, 32] corresponds to 1, and the threshold value of the number of samples is 2, it is possible to determine [ -1.5, 10] as the plaintext range to be selected.
In step 504, a plaintext range to be partitioned is determined among at least one plaintext range to be selected.
In some embodiments of the present application, the above step 504 may be implemented by: in step 5041, a probability distribution function and a uniform distribution function corresponding to each to-be-selected plaintext extent are determined according to at least one plaintext sample in each to-be-selected plaintext extent. In step 5042, a distance quantization value corresponding to each plaintext range to be selected is determined according to the probability distribution function and the uniform distribution function corresponding to each plaintext range to be selected. In step 5043, a plaintext range to be partitioned is determined among the at least one plaintext range to be selected according to the distance quantization value.
Wherein the distance quantization value may be determined by calculating a KL divergence, or a total variation, between the probability distribution function and the uniform distribution function. After the distance quantization value corresponding to each to-be-selected plaintext range is obtained, the to-be-selected plaintext range corresponding to the maximum distance quantization value can be determined as the to-be-segmented plaintext range.
In some embodiments, after the distance quantization value corresponding to each to-be-selected plaintext range is obtained, the distance quantization value may be constrained according to the number of plaintext samples corresponding to each to-be-selected plaintext range, and the to-be-selected plaintext range corresponding to the most recent distance quantization value in each to-be-selected plaintext range is determined as the to-be-segmented plaintext range.
In step 505, the plaintext range to be segmented is segmented.
In some embodiments of the present application, the step 505 may be implemented as follows: in step 5051, a second cut plaintext is generated based on the minimum range value and the maximum range value of the plaintext range to be cut. In step 5052, the plaintext range to be partitioned is divided into a third initial plaintext range and a fourth initial plaintext range; the third initial plaintext range is determined by the minimum range value and the second divided plaintext; the fourth initial plaintext range is determined by the second split plaintext and the maximum range value.
The second division plaintext can be generated through a preset conversion rule according to the minimum range value and the maximum range value of the range of the plaintext to be divided; for example, the second divisional plain text may be an average of the minimum range value and the maximum range value, or the like.
For example, based on the above example, in the case where the plaintext data set is "-1.5, 0.5, 3.2, 11.3, 32.0", and the current plaintext range to be divided is (3, 32], the average "17.5" of "3" and "32" therein may be determined as the second divided plaintext, and the third initial plaintext range (3, 17.5] and the fourth initial plaintext range (17.5, 32.0) may be obtained from "17.5".
In some embodiments of the present application, the step 505 may be implemented as follows: acquiring at least one plaintext sample in a plaintext range to be segmented; generating a second segmentation plaintext according to at least one plaintext sample; dividing a plaintext range to be segmented into a third initial plaintext range and a fourth initial plaintext range; the third initial plaintext range is determined by the minimum range value of the plaintext range to be divided and the second divided plaintext; the fourth initial plaintext range is determined by the maximum range value of the second divided plaintext and the plaintext range to be divided.
The second division plaintext may be generated according to the at least one plaintext sample through a preset conversion rule; the second cut plaintext may also be one of the at least one plaintext samples; for example, the second cut plaintext may be a median, average, or the like, of the at least one plaintext sample.
For example, based on the above example, in the case where the plaintext data set is "-1.5, 0.5, 3.2, 11.3, 32.0", and the current plaintext range to be segmented is (3, 32 "), at least one plaintext sample within the plaintext range to be segmented may be obtained to include" 3.2, 11.3, 32.0 ", a median" 11.3 "therein may be determined as the second segmented plaintext, and a third initial plaintext range (3, 11.3] and a fourth initial plaintext range (11.3, 32.0) may be obtained from" 11.3 ".
As can be seen from the foregoing exemplary implementation of fig. 5 in the embodiment of the present application, according to the segmentation requirement, the embodiment of the present application further segments the currently generated initial plaintext range, so as to ensure that the number of plaintext samples in each plaintext range generated finally is substantially the same, and the situation that the number of plaintext samples differs greatly does not occur, thereby improving the rationality of plaintext range segmentation. Moreover, the maximum number of generated plaintext ranges can be determined through the range number threshold, namely the number of keys corresponding to the plaintext data set is determined, so that the situation that an encryption algorithm is too complex due to too many keys can be avoided, and the data volume of synchronous data in a data sending party and a data receiving party can be reduced; and moreover, by calculating the distance quantization value corresponding to each plaintext range to be selected, the distribution characteristics of each plaintext sample in each plaintext range to be selected can be determined, the uniformly distributed plaintext ranges to be selected are segmented, and the rationality of the plaintext range segmentation can be further realized.
In some embodiments of the present application, referring to fig. 6, fig. 6 is an optional flowchart of a key generation method provided in the embodiments of the present application, and based on fig. 3, step 302 shown in fig. 3 may be implemented through step 601 to step 605, which will be described in conjunction with the steps shown in fig. 6.
In step 601, a first amplitude and a second amplitude are determined according to a predetermined amplitude transformation parameter and a minimum plaintext value and a maximum plaintext value of the plaintext value region.
In some embodiments of the present application, the magnitude transformation parameter may be obtained by: obtaining a preset amplitude transformation parameter set, and randomly determining a parameter in the amplitude transformation parameter set as the amplitude transformation parameter. The amplitude transformation parameter is used for enriching randomness of ciphertext generation and increasing confusion.
For example, the set of magnitude transformation parameters may be
Figure 541163DEST_PATH_IMAGE015
By means of random decimation, a magnitude transformation parameter, such as "-5", can be obtained.
In some embodiments of the present application, the minimum plaintext value is transformed according to the amplitude transformation parameter to obtain a first amplitude; and transforming the maximum plaintext value according to the amplitude transformation parameter to obtain a second amplitude. The amplitude transformation parameter can be used as a multiplier of the value to be transformed, can also be used as an index of the value to be transformed, and can also be used as a divisor of the value to be transformed.
For example, taking the amplitude transformation parameter as the index of the value to be transformed as an example, if the amplitude transformation parameter is "-5", the minimum plaintext value is "-1.5", and the maximum plaintext value is "32", then the first amplitude is (-1.5) ^ (5); the second amplitude is (32) ^ (-5).
In step 602, a mean parameter and a variance parameter are determined based on the ciphertext magnitude parameter, the first magnitude, and the second magnitude.
In some embodiments of the present application, a target amplitude is determined based on the first and second amplitudes, the target amplitude being the maximum of the first and second amplitudes.
The mean parameter may be determined by equation (1-1):
Figure 592296DEST_PATH_IMAGE016
formula (1-1);
wherein the content of the first and second substances,
Figure 251947DEST_PATH_IMAGE017
is an average parameter, L is a ciphertext magnitude parameter,
Figure 148359DEST_PATH_IMAGE018
is the target amplitude. The mean parameter is used to make the ciphertext magnitude more matched to the set.
The variance parameter may be determined by equation (1-2):
Figure 911654DEST_PATH_IMAGE019
formula (1-2);
wherein the content of the first and second substances,
Figure 664846DEST_PATH_IMAGE020
is a parameter of the variance, and is,
Figure 749477DEST_PATH_IMAGE017
is a mean parameter.
In step 603, an amplitude constraint parameter is obtained in a first normal distribution determined from the mean parameter and the variance parameter.
In some embodiments of the present application, the first normal distribution may be expressed as
Figure 511896DEST_PATH_IMAGE021
. Can be represented by formula (1-3)Determining the amplitude constraint parameter
Figure 631162DEST_PATH_IMAGE022
Figure 251194DEST_PATH_IMAGE023
Formula (1-3);
in step 604, the oscillation constraint parameter is obtained in a second normal distribution determined according to the mean parameter and a preset variance constant.
In some embodiments of the present application, the second normal distribution may be expressed as
Figure 823121DEST_PATH_IMAGE024
. The oscillation constraint parameter can be determined by the equations (1-4)
Figure 858073DEST_PATH_IMAGE025
Figure 894162DEST_PATH_IMAGE026
Formulas (1-4);
in step 605, a ciphertext value region is determined according to the first amplitude, the second amplitude, the amplitude constraint parameter, and the concussion constraint parameter.
In some embodiments of the present application, the above step 605 may be implemented by: determining a first ciphertext numerical value according to the first amplitude, the amplitude constraint parameter and the oscillation constraint parameter; determining a second ciphertext numerical value according to the second amplitude, the amplitude constraint parameter and the oscillation constraint parameter; taking the maximum value of the first ciphertext numerical value and the second ciphertext numerical value as the maximum ciphertext numerical value of the ciphertext numerical value region, and taking the minimum value of the first ciphertext numerical value and the second ciphertext numerical value as the minimum ciphertext numerical value of the ciphertext numerical value region; and determining a ciphertext numerical value region according to the minimum ciphertext numerical value and the maximum ciphertext numerical value.
In some embodiments of the present application, the ciphertext value region is determined by a minimum ciphertext value and a maximum ciphertext value. The minimum ciphertext numerical value may be determined by equations (1-5) and the maximum ciphertext numerical value may be determined by equations (1-6).
Figure 192419DEST_PATH_IMAGE027
Formula (1-5);
Figure 48380DEST_PATH_IMAGE028
formulas (1-6);
wherein the content of the first and second substances,
Figure 588820DEST_PATH_IMAGE029
is the minimum value of the ciphertext number,
Figure 682678DEST_PATH_IMAGE030
the value of the maximum ciphertext is the maximum value,
Figure 214154DEST_PATH_IMAGE031
is a first amplitude and Z is a second amplitude.
As can be seen from the above exemplary implementation of fig. 6 in the embodiment of the present application, the ciphertext numerical region generated by the above embodiment can generate a control ciphertext numerical region having a completely different magnitude from that of the plaintext numerical region while ensuring that the ciphertext numerical region is related to the plaintext numerical region, so that a cracker cannot reverse the magnitude of the plaintext by observing the magnitude of the ciphertext, thereby improving the security of data; in addition, since the amplitude transformation parameters in the method are randomly selected from the set, the complexity and the confusability of the ciphertext can be further improved, and the difficulty in ciphertext decryption is improved.
In some embodiments of the present application, referring to fig. 7, fig. 7 is an optional flowchart of a key generation method provided in this embodiment of the present application, and based on fig. 3, step 304 shown in fig. 3 may be implemented by steps 701 to 702, which will be described in conjunction with the steps shown in fig. 7.
In step 701, an nth slope value and an nth intercept value are determined based on an nth plaintext range and an nth ciphertext range.
In some embodiments of the present application, for the nth plaintext range and the nth ciphertext range, the minimum range value and the maximum range value of the nth plaintext range and the minimum range value and the maximum range value of the nth ciphertext range may be obtained.
Wherein the nth slope value can be obtained by the formula (1-7):
Figure 495093DEST_PATH_IMAGE032
formulas (1-7);
wherein the content of the first and second substances,
Figure 839225DEST_PATH_IMAGE033
is the value of the n-th slope,
Figure 584327DEST_PATH_IMAGE034
the maximum range value of the nth ciphertext range;
Figure 224387DEST_PATH_IMAGE035
the minimum range value of the nth ciphertext range,
Figure 54940DEST_PATH_IMAGE036
the maximum range value of the nth plaintext range;
Figure 704227DEST_PATH_IMAGE037
is the minimum range value of the nth plaintext range.
Wherein the nth intercept value can be obtained by the following formula (1-8):
Figure 740054DEST_PATH_IMAGE038
formulas (1-8);
wherein the content of the first and second substances,
Figure 613332DEST_PATH_IMAGE039
is the nth intercept value.
In step 702, an nth key is determined based on an nth slope value and an nth intercept value.
In some embodiments of the present application, the nth key may include an nth encryption function and an nth decryption function.
Wherein the nth encryption function can be obtained by the following formula (1-9):
Figure 868864DEST_PATH_IMAGE040
formulas (1-9);
wherein the content of the first and second substances,
Figure 118579DEST_PATH_IMAGE041
in order to be the n-th encryption function,
Figure 510378DEST_PATH_IMAGE042
is the plaintext data located in the nth plaintext range.
Wherein the nth decryption function can be obtained by the following formula (1-10):
Figure 554557DEST_PATH_IMAGE043
formulas (1-10);
wherein the content of the first and second substances,
Figure 801780DEST_PATH_IMAGE044
for the purpose of the n-th decryption function,
Figure 589607DEST_PATH_IMAGE045
is the ciphertext data located in the nth ciphertext range.
As can be seen from the above exemplary implementation of fig. 7 in the embodiment of the present application, by determining a slope value and an intercept value between each plaintext range and the corresponding ciphertext range, the corresponding key can be quickly determined, so that the generation efficiency of the key is improved while the encryption and decryption order retention performance is realized, and a cracker cannot observe the ciphertext difference to deduce the plaintext difference because of being in different plaintext ranges or ciphertext ranges corresponding to different keys, thereby improving the security of data.
Next, an exemplary application of the embodiment of the present application in a practical application scenario will be described.
For example, the scheme of the application can be applied to a plurality of secure multiparty computing scenes, and two scenes of resident travel statistics of government and platform user consumption layering are taken as an example below.
A. And (4) a resident trip statistic scene of the government.
The first department of the government wants to combine with the second department, and makes median statistics on the trip frequency of each provincial resident so as to make a corresponding decision.
Specifically, the first department grasps the data in table 1.
TABLE 1
Figure 101491DEST_PATH_IMAGE046
The second department grasps the data of table 2.
TABLE 2
Figure 316572DEST_PATH_IMAGE047
The simplest scheme is that the second department (or first department) sends data to the first department (or second department), forming the data set in table 3.
TABLE 3
Figure 546696DEST_PATH_IMAGE048
From table 3, it is directly obtained that the province a of the median of the trip frequency is 2 times and the province B is 9 times.
However, the circulation of the original data set grasped by each of such government departments is not allowed in view of privacy protection of the resident data. Therefore, the second department can encrypt the travel frequency of the residents by using the scheme of the application, and the data set in the following table 4 is obtained.
TABLE 4
Figure 105591DEST_PATH_IMAGE049
Next, the second department sends the information of the above table except the plain text columns to the first department, which takes the data set in table 5 below.
TABLE 5
Figure 737560DEST_PATH_IMAGE050
The first department obtains the median in the ciphertext space, the province A is 0.49, the province B is 73.42, the two numbers are sent to the second department, and the median plaintext is obtained according to the decryption method of the scheme of the application, the province A is 2 times, and the province B is 9 times.
B. The platform user consumes the layered scenario.
In fact, there is a large overlap between game product users and cartoon product users. There is a large game product company that grasps the monthly consumption data of the users as in table 6.
TABLE 6
Figure 592384DEST_PATH_IMAGE051
There is another original cartoon product company, the user group is
Figure 106542DEST_PATH_IMAGE052
Is a subset of users of the gaming product company.
At present, cartoon product companies want to stratify the value of users according to consumption level, and formulate different marketing strategies, i.e., obtain the analysis results in table 7.
TABLE 7
Figure 173855DEST_PATH_IMAGE053
Because of the lack of historical data for new businesses, the animation products company may wish to target users with monthly consumption data for the gaming products company
Figure 424446DEST_PATH_IMAGE052
And layering the values. For the protection of user privacy and the interest of business, two parties want to satisfy the following two constraints of data privacy in the cooperation process: the animation products company does not want the gaming products company to know
Figure 981329DEST_PATH_IMAGE052
As its user. This will enable cartoon product companies to
Figure 920466DEST_PATH_IMAGE052
Direct transmission of the information is not allowed. The game product company does not want the cartoon product company to know the consumption information of the user on its platform. This makes it impossible for the game product company to directly send out information in clear of monthly payment amount.
In order to achieve data cooperation under the premise of privacy protection, a game product company encrypts the monthly consumption of each user by using the scheme of the application to obtain a data set in a table 8 and sends the data set to an animation product company, and the order preservation of the scheme of the application allows the animation product company to layer the users in a ciphertext space directly based on the size of a ciphertext of the monthly consumption.
TABLE 8
Figure 853787DEST_PATH_IMAGE054
In the related art, the polynomial can be strictly increased
Figure 194770DEST_PATH_IMAGE055
Can be used as an order-preserving encryption mode, which is an existing scheme. Take the simplest linear function as an example, namely the form of equation (2-1).
Figure 421089DEST_PATH_IMAGE056
Formula (2-1);
in the following description, the order
Figure 847523DEST_PATH_IMAGE057
To implement the encryption process, the encryption process of table 9 can be obtained.
TABLE 9
Figure 522218DEST_PATH_IMAGE058
It can be seen that the ciphertext is encoded by a strictly increasing polynomial "
Figure 780024DEST_PATH_IMAGE059
"the size order of the plaintext is still maintained"
Figure 881972DEST_PATH_IMAGE060
", i.e. satisfy
Figure 577394DEST_PATH_IMAGE061
However, the applicant has found through research that the above technical solution has the following three safety defects.
The first security flaw comes from the risk of leakage of plaintext differences, e.g., an adversary taking the ciphertext can observe the ciphertext differences by equation (2-2):
Figure 586938DEST_PATH_IMAGE062
formula (2-2);
further, the formula (2-3) can be derived:
Figure 902513DEST_PATH_IMAGE063
formula (2-3);
alternatively, the opponent may knead through the formula (2-4)
Figure 972100DEST_PATH_IMAGE064
So that the plaintext after decryption
Figure 638705DEST_PATH_IMAGE065
Satisfy the requirement of
Figure 888158DEST_PATH_IMAGE066
Is that
Figure 120556DEST_PATH_IMAGE067
Arbitrary multiple of (here is
Figure 564307DEST_PATH_IMAGE068
Multiple).
Figure 249366DEST_PATH_IMAGE069
Formula (2-4);
this shows that the ciphertext of the above scheme reveals another item of information, namely the plaintext difference information, besides the plaintext order information. Even for the general, highest order
Figure 69555DEST_PATH_IMAGE070
Polynomial of
Figure 592678DEST_PATH_IMAGE071
Because of
Figure 269647DEST_PATH_IMAGE072
So that for a sufficient size
Figure 379685DEST_PATH_IMAGE073
The adversary can still observe
Figure 534723DEST_PATH_IMAGE074
To infer
Figure 679397DEST_PATH_IMAGE075
Causing privacy disclosure.
The second security flaw arises from the low difficulty of key cracking. For example, if an adversary somehow obtains only two pairs of plaintext-ciphertext correspondences
Figure 25802DEST_PATH_IMAGE076
Then the decryption result formula (2-6) can be obtained by solving the linear equation formula (2-5).
Figure 623137DEST_PATH_IMAGE077
Formula (2-5);
Figure 581865DEST_PATH_IMAGE078
formula (2-6);
the adversary is obtaining the key
Figure 112204DEST_PATH_IMAGE079
After the information, it will pass
Figure 68658DEST_PATH_IMAGE080
Cracking all remaining ciphertext
Figure 215606DEST_PATH_IMAGE081
And corresponding plain text causes privacy disclosure. For more general, more complex
Figure 420103DEST_PATH_IMAGE055
The polynomial structure can obtain the key by only mastering more plaintext-ciphertext observations and then solving a high-order nonlinear equation, and the security is extremely low.
A third security flaw comes from privacy disclosure arising from the uniformity of the ciphertext magnitude. For example, an adversary can view
Figure 336107DEST_PATH_IMAGE082
Ratio of
Figure 197883DEST_PATH_IMAGE083
One order of magnitude larger, thereby concluding that
Figure 566548DEST_PATH_IMAGE084
Ratio of
Figure 867079DEST_PATH_IMAGE085
One order of magnitude larger, resulting in privacy disclosure. Even for the general, highest order
Figure 339387DEST_PATH_IMAGE070
Polynomial of
Figure 434382DEST_PATH_IMAGE071
For large enough
Figure 759184DEST_PATH_IMAGE086
An adversary can observe
Figure 801089DEST_PATH_IMAGE087
Ratio of
Figure 426105DEST_PATH_IMAGE088
Big (a)
Figure 393799DEST_PATH_IMAGE089
Magnitude, inference
Figure 737056DEST_PATH_IMAGE090
Ratio of
Figure 848231DEST_PATH_IMAGE091
Big (a)
Figure 531017DEST_PATH_IMAGE092
And the privacy is leaked due to the magnitude order.
Aiming at the three security defects, the embodiment of the application provides a new cipher system with confidentiality, and simultaneously ensures poor privacy of a plaintext, high difficulty in key cracking and non-uniform cipher text magnitude.
The embodiment of the application provides a new cryptosystem with order preserving performance, and the key generation stage is divided into three sub-stages of plaintext box generation, ciphertext box construction and mapping, so that a plaintext can be encrypted into a ciphertext with an unchangeable sequence, and the triple security is ensured: plaintext difference is not leaked; the key is difficult to break; generating a non-uniform ciphertext magnitude.
The embodiments of the present application provideA cryptosystem with order preserving function is disclosed, which is based on
Figure 233393DEST_PATH_IMAGE093
The order of introduction is described.
One, plaintext space
Figure 500164DEST_PATH_IMAGE002
The scheme of the application can encrypt all real numbers (R), namely
Figure 946189DEST_PATH_IMAGE094
Two, ciphertext space
Figure 749060DEST_PATH_IMAGE003
Ciphertext space of the present application
Figure 560021DEST_PATH_IMAGE003
Not real space
Figure 877870DEST_PATH_IMAGE095
But is a subset of the real space. The specific composition of the ciphertext space is related to the data to be encrypted.
Three, key space
Figure 292366DEST_PATH_IMAGE004
The key generation of the scheme of the application is related to the data to be encrypted, and can be divided into three sub-stages of plaintext box generation, ciphertext box construction and mapping, which are sequentially introduced below. Let the plaintext data set to be encrypted be
Figure 215322DEST_PATH_IMAGE089
. One box
Figure 993922DEST_PATH_IMAGE096
Is defined as an interval
Figure 799067DEST_PATH_IMAGE097
Wherein
Figure 524578DEST_PATH_IMAGE098
Is the left end point of the tank,
Figure 98779DEST_PATH_IMAGE099
is the right end point of the tank. Order to
Figure 750078DEST_PATH_IMAGE100
The number of samples in the box is indicated.
For the plaintext bin generation phase, the parameters used include: minimum tolerance
Figure 776939DEST_PATH_IMAGE101
Number of minimum samples in the case
Figure 306141DEST_PATH_IMAGE102
Maximum number of boxes
Figure 938111DEST_PATH_IMAGE103
(ii) a Input as a plaintext data set
Figure 324093DEST_PATH_IMAGE104
(ii) a The output is a series of plaintext boxes
Figure 805627DEST_PATH_IMAGE105
Satisfy to
Figure 872940DEST_PATH_IMAGE106
All are provided with
Figure 156154DEST_PATH_IMAGE107
In some embodiments of the present application, 2 bins are initialized
Figure 916300DEST_PATH_IMAGE108
Satisfy the requirement of
Figure 619551DEST_PATH_IMAGE109
Wherein, in the step (A),
Figure 552872DEST_PATH_IMAGE110
can be determined by the formula (2-7);
Figure 628276DEST_PATH_IMAGE111
can be determined by the formula (2-8);
Figure 824902DEST_PATH_IMAGE112
can be determined by the equations (2-9).
Figure 48073DEST_PATH_IMAGE113
Formula (2-7);
Figure 519505DEST_PATH_IMAGE114
formula (2-8);
Figure 484968DEST_PATH_IMAGE115
formula (2-9);
in some embodiments of the present application, if a certain box still exists
Figure 586916DEST_PATH_IMAGE116
Satisfy the requirement of
Figure 31804DEST_PATH_IMAGE117
And is and
Figure 306928DEST_PATH_IMAGE118
repeating the following steps:
for each satisfaction
Figure 622503DEST_PATH_IMAGE117
Case (A)
Figure 190625DEST_PATH_IMAGE116
Executing the following steps: computing
Figure 591650DEST_PATH_IMAGE116
Probability distribution function of sample values within
Figure 608148DEST_PATH_IMAGE119
. Calculating a probability distribution
Figure 840546DEST_PATH_IMAGE119
At a uniformly distributed distance from
Figure 18718DEST_PATH_IMAGE120
. Note that the distance between probabilities can be defined by a number of metrics, such as KL divergence (or total variation). Zoom
Figure 467891DEST_PATH_IMAGE121
(ii) a Finding the box number corresponding to the maximum distance
Figure 22501DEST_PATH_IMAGE122
. Please refer to the schematic diagram of the dividing process shown in fig. 8, the box is divided
Figure 312668DEST_PATH_IMAGE123
From the middle
Figure 989637DEST_PATH_IMAGE124
Separated into two boxes to obtain a new box
Figure 365254DEST_PATH_IMAGE123
And a new case
Figure 956510DEST_PATH_IMAGE125
(ii) a Front case
Figure 366763DEST_PATH_IMAGE125
To
Figure 949054DEST_PATH_IMAGE126
K = K +1, i.e. the distance moved back by one bin in sequence.
For the ciphertext box construction stage, the required parameters include ciphertext magnitude referenceValue of
Figure 546389DEST_PATH_IMAGE127
(ii) a Inputting a plaintext data set
Figure 505117DEST_PATH_IMAGE104
Number of plaintext boxes
Figure 20411DEST_PATH_IMAGE004
(ii) a The output is a series of ciphertext boxes
Figure 39182DEST_PATH_IMAGE128
Satisfy to
Figure 920551DEST_PATH_IMAGE106
All are provided with
Figure 355074DEST_PATH_IMAGE129
In some embodiments of the present application, the construction of the ciphertext box may be achieved by: from
Figure 474340DEST_PATH_IMAGE015
In randomly drawing one
Figure 896969DEST_PATH_IMAGE130
. Computing
Figure 531212DEST_PATH_IMAGE131
And
Figure 35006DEST_PATH_IMAGE132
further calculate
Figure 743199DEST_PATH_IMAGE133
(ii) a Determined by the formula (2-10)
Figure 838194DEST_PATH_IMAGE134
Determined by the formula (2-11)
Figure 959734DEST_PATH_IMAGE135
(ii) a According to
Figure 500174DEST_PATH_IMAGE134
And
Figure 328453DEST_PATH_IMAGE135
determining left end point of ciphertext interval
Figure 859928DEST_PATH_IMAGE136
And a right endpoint
Figure 140868DEST_PATH_IMAGE137
(ii) a Dividing the ciphertext interval to construct a ciphertext box
Figure 48781DEST_PATH_IMAGE138
Figure 230102DEST_PATH_IMAGE016
Formula (2-10);
Figure 932479DEST_PATH_IMAGE019
formula (2-11);
in some embodiments of the present application, the left endpoint of the ciphertext interval may be determined in the following manner
Figure 700714DEST_PATH_IMAGE136
And a right endpoint
Figure 615581DEST_PATH_IMAGE137
: randomly extracting a parameter a from the normal distribution shown in the formula (2-12), and randomly extracting a parameter b from the normal distribution shown in the formula (2-13); according to a, b,
Figure 480769DEST_PATH_IMAGE139
Figure 796124DEST_PATH_IMAGE140
Determining the left endpoint
Figure 113973DEST_PATH_IMAGE136
And a right endpoint
Figure 35793DEST_PATH_IMAGE137
Figure 755487DEST_PATH_IMAGE023
Formula (2-12);
Figure 737350DEST_PATH_IMAGE026
formula (2-13);
in some embodiments of the present application, the left endpoint may be determined by equations (2-14)
Figure 542495DEST_PATH_IMAGE136
(ii) a The right endpoint can be determined by equations (2-15)
Figure 766540DEST_PATH_IMAGE137
Figure 340741DEST_PATH_IMAGE141
Formula (2-14);
Figure 493505DEST_PATH_IMAGE142
formula (2-15);
in some embodiments of the present application, over an interval
Figure 520367DEST_PATH_IMAGE143
Find all
Figure 49568DEST_PATH_IMAGE004
-1 equi-division point, construct ciphertext box
Figure 976811DEST_PATH_IMAGE138
For the mapping phase, its inputAs a plaintext case
Figure 97213DEST_PATH_IMAGE105
Ciphertext box
Figure 80213DEST_PATH_IMAGE128
(ii) a The output is a secret key
Figure 944264DEST_PATH_IMAGE144
In some embodiments of the present application, the key acquisition may be achieved in the following manner.
For the
Figure 987623DEST_PATH_IMAGE145
Repeatedly executing the following steps: calculating the slope and intercept; a key is generated based on the slope and the intercept. Wherein, the slope can be obtained by the formula (2-16); the intercept can be obtained by the formula (2-17); the key can be obtained by the equations (2-18).
Figure 425295DEST_PATH_IMAGE146
Formula (2-16);
Figure 296299DEST_PATH_IMAGE147
formula (2-17);
Figure 434020DEST_PATH_IMAGE148
formulas (2-18);
four, encrypt the function space
Figure 427384DEST_PATH_IMAGE149
Defining functions
Figure 588238DEST_PATH_IMAGE150
Satisfy the following requirements
Figure 817925DEST_PATH_IMAGE151
Representing plaintext
Figure 13414DEST_PATH_IMAGE152
Fall in a plaintext box
Figure 912100DEST_PATH_IMAGE116
. The encryption function of the scheme of the present application is the formula (2-19).
Figure 622567DEST_PATH_IMAGE153
Formulas (2-19);
fifthly, decrypting function space
Figure 100953DEST_PATH_IMAGE005
The decryption function of the scheme of the application is formula (2-20).
Figure 947686DEST_PATH_IMAGE154
Formula (2-20);
aiming at three safety defects in the related art, the scheme of the application is improved in the following way.
The first is to address the risk of leakage of poor plaintext. Suppose an adversary observes, for example, an adversary taking a ciphertext can observe a ciphertext difference
Figure 719071DEST_PATH_IMAGE155
(ii) a Inference based on such observation
Figure 120097DEST_PATH_IMAGE156
Are clearly erroneous. This is because the sample points
Figure 933332DEST_PATH_IMAGE157
And
Figure 165730DEST_PATH_IMAGE158
divided in two different plaintext blocks and passed through
Figure 343902DEST_PATH_IMAGE159
And (4) mapping is carried out, random noise is contained in the ciphertext difference, and plaintext difference information cannot be directly deduced.
The second is the increased difficulty of key cracking. It can be seen that the structure of the key is determined by the corpus of the input plaintext data sets on the premise of having random elements, different plaintext boxes are suitable for different mapping rules, and different plaintext corpora will affect the result of key generation. The adversary has no way to perceive which plaintext box each sample belongs to, so that grasping several plaintext-ciphertext pairs alone cannot completely solve the key backwards.
The third is to make the ciphertext magnitude non-uniform. The different mapping rules are applied to the samples belonging to different plaintext boxes, so that the magnitude of plaintext of all the samples cannot be uniformly reflected in the ciphertext of the samples, and a non-uniform form of ciphertext magnitude is formed. For example, though
Figure 793075DEST_PATH_IMAGE160
Ratio of
Figure 347684DEST_PATH_IMAGE161
Is an order of magnitude larger, but because
Figure 434589DEST_PATH_IMAGE162
Is divided into different plaintext boxes, so the magnitude information is not reflected in the corresponding ciphertext
Figure 783662DEST_PATH_IMAGE163
In (1).
Continuing with the exemplary structure of the key generation apparatus 555 provided by the embodiments of the present application as a software module, in some embodiments of the present application, as shown in fig. 2, the software module stored in the key generation apparatus 555 of the memory 550 may include:
a first dividing module 5551, configured to divide the plaintext value area of the plaintext data set into N plaintext ranges arranged in sequence; n is a positive integer;
a first generating module 5552, configured to generate a ciphertext numerical region according to the plaintext numerical region;
a second dividing module 5553, configured to divide the ciphertext value region into N ciphertext ranges arranged in sequence;
a second generating module 5554, configured to generate an nth key according to an nth plaintext range and an nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range.
In some embodiments of the present application, the first division module 5551 is further configured to: determining a first segmentation value according to the minimum plaintext value and the maximum plaintext value of the plaintext value area to generate a first initial plaintext range and a second initial plaintext range; a first initial plaintext range is determined by the minimum plaintext value and the first split value; the second initial plaintext range is determined by the first split value and the largest plaintext value; determining a plaintext range to be segmented in the at least two initial plaintext ranges generated currently under the condition that the at least two initial plaintext ranges generated currently meet the segmentation requirement, and segmenting the plaintext range to be segmented; the at least two initial plaintext ranges that are currently generated comprise a first initial plaintext range and a second initial plaintext range; and arranging the at least two initial plaintext ranges generated currently in sequence to obtain N plaintext ranges until the at least two initial plaintext ranges generated currently do not meet the segmentation requirement.
In some embodiments of the present application, the plaintext data set comprises a plurality of plaintext samples; the first division module 5551 is further configured to: determining the range number of at least two initial plaintext ranges which are generated currently; determining the number of plaintext samples in each initial plaintext range under the condition that the range number is smaller than a preset range number threshold; the number of plaintext samples is the number of plaintext samples in the initial plaintext range; determining at least one plaintext range to be selected from at least two initial plaintext ranges; the number of plaintext samples in the plaintext range to be selected is larger than a preset sample number threshold; and determining a plaintext range to be segmented in at least one plaintext range to be selected.
In some embodiments of the present application, the first division module 5551 is further configured to: determining a probability distribution function and a uniform distribution function corresponding to each plaintext range to be selected according to at least one plaintext sample in each plaintext range to be selected; determining a distance quantization value corresponding to each plaintext range to be selected according to the probability distribution function and the uniform distribution function corresponding to each plaintext range to be selected; and determining a plaintext range to be segmented in at least one plaintext range to be selected according to the distance quantization value.
In some embodiments of the present application, the first dividing module 5551 is further configured to generate a second divided plaintext according to a minimum range value and a maximum range value of a plaintext range to be divided; dividing a plaintext range to be segmented into a third initial plaintext range and a fourth initial plaintext range; the third initial plaintext range is determined by the minimum range value and the second divided plaintext; the fourth initial plaintext range is determined by the second split plaintext and the maximum range value.
In some embodiments of the present application, the first division module 5551 is further configured to: acquiring at least one plaintext sample in a plaintext range to be segmented; generating a second segmentation plaintext according to at least one plaintext sample; dividing a plaintext range to be segmented into a third initial plaintext range and a fourth initial plaintext range; the third initial plaintext range is determined by the minimum range value of the plaintext range to be divided and the second divided plaintext; the fourth initial plaintext range is determined by the maximum range value of the second divided plaintext and the plaintext range to be divided.
In some embodiments of the present application, the first generation module 5552 is further configured to: determining a first amplitude value and a second amplitude value according to a preset amplitude value transformation parameter and the minimum plaintext value and the maximum plaintext value of the plaintext value area; determining a mean parameter and a variance parameter according to the ciphertext magnitude parameter and the first amplitude and the second amplitude; obtaining an amplitude constraint parameter in a first normal distribution determined according to the mean parameter and the variance parameter; acquiring a shock constraint parameter in a second normal distribution determined according to the mean parameter and a preset variance constant; and determining a ciphertext numerical value region according to the first amplitude, the second amplitude, the amplitude constraint parameter and the oscillation constraint parameter.
In some embodiments of the present application, the first generation module 5552 is further configured to: determining a first ciphertext numerical value according to the first amplitude, the amplitude constraint parameter and the oscillation constraint parameter; determining a second ciphertext numerical value according to the second amplitude, the amplitude constraint parameter and the oscillation constraint parameter; taking the maximum value of the first ciphertext numerical value and the second ciphertext numerical value as the maximum ciphertext numerical value of the ciphertext numerical value region, and taking the minimum value of the first ciphertext numerical value and the second ciphertext numerical value as the minimum ciphertext numerical value of the ciphertext numerical value region; and determining a ciphertext numerical value region according to the minimum ciphertext numerical value and the maximum ciphertext numerical value.
In some embodiments of the present application, the second dividing module 5553 is further configured to: determining N-1 third segmentation numerical values according to the minimum ciphertext numerical value and the maximum ciphertext numerical value of the ciphertext numerical value region; and dividing the ciphertext numerical region into N ciphertext ranges arranged in sequence according to the N-1 third division numerical values.
In some embodiments of the present application, the second generating module 5554 is further configured to: determining an nth slope value and an nth intercept value according to the nth plain text range and the nth cipher text range; an nth key is determined based on the nth slope value and the nth intercept value.
In some embodiments of the present application, the second generating module 5554 is further configured to: obtaining a plaintext to be encrypted; determining a target plaintext range corresponding to a plaintext to be encrypted in the N plaintext ranges; and encrypting the plaintext to be encrypted according to the key corresponding to the target plaintext range.
In some embodiments of the present application, the second generating module 5554 is further configured to: obtaining a ciphertext to be decrypted; determining a target ciphertext range corresponding to the ciphertext to be decrypted in the N ciphertext ranges; and decrypting the cipher text to be decrypted according to the key corresponding to the target cipher text range.
Embodiments of the present application provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device executes the key generation method described in the embodiment of the present application.
Embodiments of the present application provide a computer-readable storage medium storing executable instructions, which when executed by a processor, will cause the processor to perform a key generation method provided by embodiments of the present application, for example, the method as shown in fig. 3 to 7.
In some embodiments of the present application, the computer readable storage medium may be memory such as FRAM, ROM, PROM, EPROM, EEPROM, flash memory, magnetic surface memory, optical disk, or CD-ROM; or may be various devices including one or any combination of the above memories.
In some embodiments of the application, the executable instructions may be in the form of a program, software module, script, or code, written in any form of programming language, including compiled or interpreted languages, or declarative or procedural languages, and may be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment.
By way of example, executable instructions may correspond, but do not necessarily have to correspond, to files in a file system, and may be stored in a portion of a file that holds other programs or data, such as in one or more scripts stored in a hypertext markup Language (HTML) document, in a single file dedicated to the program in question, or in multiple coordinated files (e.g., files that store one or more modules, sub-programs, or portions of code).
By way of example, executable instructions may be deployed to be executed on one computing device or on multiple computing devices at one site or distributed across multiple sites and interconnected by a communication network.
In summary, the following technical effects can be achieved through the embodiments of the present application:
(1) according to the embodiment of the application, a plaintext numerical value region corresponding to a plaintext data set is divided into N plaintext ranges which are sequentially arranged, a ciphertext numerical value region is divided into N ciphertext ranges which are sequentially arranged, and the corresponding relation between the plaintext numerical value in the plaintext range and the ciphertext numerical value in the ciphertext range is realized through a conversion function with order preservation. Therefore, the secret key generated according to the embodiment of the application can realize the encryption and decryption process with order preservation; in addition, as the corresponding nth key is generated aiming at the nth plaintext range and the nth ciphertext range, the generated N keys are completely different due to different plaintext ranges or ciphertext ranges, and the key cracking difficulty can be improved.
(2) According to the embodiment of the application, the plaintext numerical value region is divided into the first initial plaintext range and the second initial plaintext range, and the currently generated initial plaintext range is further divided according to the dividing requirement, so that the number of plaintext samples in each finally generated plaintext range is approximately the same, the situation that the number of plaintext samples is greatly different is avoided, and the rationality of plaintext range division is improved.
(3) According to the embodiment of the application, the initial plaintext range generated at present is further segmented according to the segmentation requirement, so that the number of plaintext samples in each finally generated plaintext range is approximately the same, the condition that the number of plaintext samples is greatly different is avoided, and the rationality of the plaintext range segmentation is improved. Moreover, the maximum number of generated plaintext ranges can be determined through the range number threshold, namely the number of keys corresponding to the plaintext data set is determined, so that the situation that an encryption algorithm is too complex due to too many keys can be avoided, and the data volume of synchronous data in a data sending party and a data receiving party can be reduced; and moreover, by calculating the distance quantization value corresponding to each plaintext range to be selected, the distribution characteristics of each plaintext sample in each plaintext range to be selected can be determined, the uniformly distributed plaintext ranges to be selected are segmented, and the rationality of the plaintext range segmentation can be further realized.
(4) The ciphertext numerical region generated by the embodiment can be related to the plaintext numerical region, and meanwhile, a control ciphertext numerical region with a completely different magnitude from that of the plaintext numerical region is generated, so that a cracker cannot reversely deduce the magnitude of the plaintext by observing the magnitude of the ciphertext, and the safety of data is improved; in addition, since the amplitude transformation parameters in the method are randomly selected from the set, the complexity and the confusability of the ciphertext can be further improved, and the difficulty in ciphertext decryption is improved.
(5) According to the method and the device, the corresponding key can be quickly determined by determining the slope value and the intercept value between each plaintext range and the corresponding ciphertext range, the generation efficiency of the key is improved while the encryption and decryption order retention are realized, and moreover, since the key is in different plaintext ranges or ciphertext ranges and corresponds to different keys, a cracker cannot observe ciphertext differences to deduce the plaintext differences, and the data security is improved.
The above description is only an example of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, and improvement made within the spirit and scope of the present application are included in the protection scope of the present application.

Claims (15)

1. A method for generating a key, comprising
Dividing a plaintext numerical value region of a plaintext data set into N plaintext ranges which are sequentially arranged; n is a positive integer;
generating a ciphertext numerical region according to the plaintext numerical region;
dividing the ciphertext numerical region into N ciphertext ranges which are arranged in sequence;
generating an nth key according to the nth plaintext range and the nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range.
2. The method of claim 1, wherein said dividing the plaintext value regions of the plaintext data set into N plaintext extents arranged in a sequence comprises:
determining a first segmentation value according to the minimum plaintext value and the maximum plaintext value of the plaintext value area to generate a first initial plaintext range and a second initial plaintext range; the first initial plaintext range is determined by the minimum plaintext value and the first split value; said second initial plaintext range is determined by said first split value and said maximum plaintext value;
determining a plaintext range to be segmented in at least two initial plaintext ranges generated currently under the condition that the at least two initial plaintext ranges generated currently meet the segmentation requirement, and segmenting the plaintext range to be segmented; the at least two initial plaintext extents that are currently generated comprise the first initial plaintext extent and the second initial plaintext extent;
and arranging the at least two initial plaintext ranges generated currently in sequence to obtain the N plaintext ranges until the at least two initial plaintext ranges generated currently do not meet the segmentation requirement.
3. The method of claim 2, wherein the plaintext data set comprises a plurality of plaintext samples; determining a plaintext range to be segmented from at least two initial plaintext ranges generated currently comprises the following steps:
determining the range number of at least two initial plaintext ranges which are generated currently;
determining the number of plaintext samples in each initial plaintext range under the condition that the range number is smaller than a preset range number threshold; the number of plaintext samples is the number of plaintext samples in the initial plaintext range;
determining at least one plaintext range to be selected from the at least two initial plaintext ranges; the number of the plaintext samples in the plaintext range to be selected is larger than a preset sample number threshold;
and determining the plaintext range to be segmented in the at least one plaintext range to be selected.
4. The method according to claim 3, wherein said determining the plaintext range to be partitioned among the at least one plaintext range to be selected comprises:
determining a probability distribution function and a uniform distribution function corresponding to each plaintext range to be selected according to at least one plaintext sample in each plaintext range to be selected;
determining a distance quantization value corresponding to each plaintext range to be selected according to the probability distribution function and the uniform distribution function corresponding to each plaintext range to be selected;
and determining the plaintext range to be segmented in at least one to-be-selected plaintext range according to the distance quantization value.
5. The method according to claim 2, wherein the segmenting the plaintext range to be segmented comprises:
generating a second segmentation plaintext according to the minimum range value and the maximum range value of the plaintext range to be segmented;
dividing the plaintext range to be segmented into a third initial plaintext range and a fourth initial plaintext range; the third initial plaintext range is determined by the minimum range value and the second split plaintext; the fourth initial plaintext range is determined by the second split plaintext and the maximum range value.
6. The method according to claim 2, wherein the segmenting the plaintext range to be segmented comprises:
acquiring at least one plaintext sample in the plaintext range to be segmented;
generating a second segmentation plaintext according to the at least one plaintext sample;
dividing the plaintext range to be segmented into a third initial plaintext range and a fourth initial plaintext range; the third initial plaintext range is determined by the minimum range value of the plaintext range to be divided and the second divided plaintext; the fourth initial plaintext range is determined by the maximum range value of the second split plaintext and the range of plaintext to be split.
7. The method of claim 1, wherein the generating a ciphertext numerical region from the plaintext numerical region comprises:
determining a first amplitude value and a second amplitude value according to a preset amplitude value transformation parameter and the minimum plaintext value and the maximum plaintext value of the plaintext value area;
determining a mean parameter and a variance parameter according to the ciphertext magnitude parameter and the first amplitude and the second amplitude;
obtaining an amplitude constraint parameter in a first normal distribution determined according to the mean parameter and the variance parameter;
acquiring a shock constraint parameter in a second normal distribution determined according to the mean parameter and a preset variance constant;
and determining the ciphertext numerical value region according to the first amplitude, the second amplitude, the amplitude constraint parameter and the oscillation constraint parameter.
8. The method of claim 7, wherein determining the ciphertext numerical region based on the first amplitude, the second amplitude, the amplitude constraint parameter, and the concussion constraint parameter comprises:
determining a first ciphertext numerical value according to the first amplitude, the amplitude constraint parameter and the oscillation constraint parameter;
determining a second ciphertext numerical value according to the second amplitude, the amplitude constraint parameter and the oscillation constraint parameter;
taking the maximum value of the first ciphertext numerical value and the second ciphertext numerical value as the maximum ciphertext numerical value of the ciphertext numerical value region, and taking the minimum value of the first ciphertext numerical value and the second ciphertext numerical value as the minimum ciphertext numerical value of the ciphertext numerical value region;
and determining the ciphertext numerical value region according to the minimum ciphertext numerical value and the maximum ciphertext numerical value.
9. The method of claim 8, wherein the dividing the ciphertext numerical region into N ciphertext ranges arranged in a sequence comprises:
determining N-1 third segmentation numerical values according to the minimum ciphertext numerical value and the maximum ciphertext numerical value of the ciphertext numerical value region;
and dividing the ciphertext numerical value region into N ciphertext ranges which are sequentially arranged according to the N-1 third division numerical values.
10. The method according to any one of claims 1 to 9, wherein the generating the nth key from the nth plaintext range and the nth ciphertext range comprises:
determining an nth slope value and an nth intercept value according to the nth plain text range and the nth cipher text range;
determining the nth key according to the nth slope value and the nth intercept value.
11. The method according to any one of claims 1 to 9, further comprising:
obtaining a plaintext to be encrypted;
determining a target plaintext range corresponding to the plaintext to be encrypted in the N plaintext ranges;
and encrypting the plaintext to be encrypted according to the key corresponding to the target plaintext range.
12. The method according to any one of claims 1 to 9, further comprising:
obtaining a ciphertext to be decrypted;
determining a target ciphertext range corresponding to the ciphertext to be decrypted in the N ciphertext ranges;
and decrypting the ciphertext to be decrypted according to the key corresponding to the target ciphertext range.
13. A key generation apparatus, comprising:
the first dividing module is used for dividing a plaintext numerical value area of a plaintext data set into N plaintext ranges which are arranged in sequence; n is a positive integer;
the first generation module is used for generating a ciphertext numerical value region according to the plaintext numerical value region;
the second dividing module is used for dividing the ciphertext numerical region into N ciphertext ranges which are arranged in sequence;
the second generation module is used for generating an nth key according to the nth plaintext range and the nth ciphertext range; n is a positive integer less than or equal to N; the nth key is used for encrypting the plaintext to be encrypted in the nth plaintext range into a ciphertext in the nth ciphertext range; the nth key is also used for decrypting the ciphertext to be decrypted in the nth ciphertext range into the ciphertext in the nth plaintext range.
14. A key generation device, comprising:
a memory for storing executable instructions;
a processor for implementing the method of any one of claims 1 to 12 when executing executable instructions stored in the memory.
15. A computer-readable storage medium having stored thereon executable instructions for, when executed by a processor, implementing the method of any one of claims 1 to 12.
CN202011493114.6A 2020-12-17 2020-12-17 Key generation method, device, equipment and computer readable storage medium Active CN112235111B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011493114.6A CN112235111B (en) 2020-12-17 2020-12-17 Key generation method, device, equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011493114.6A CN112235111B (en) 2020-12-17 2020-12-17 Key generation method, device, equipment and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN112235111A true CN112235111A (en) 2021-01-15
CN112235111B CN112235111B (en) 2021-03-09

Family

ID=74124186

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011493114.6A Active CN112235111B (en) 2020-12-17 2020-12-17 Key generation method, device, equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN112235111B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114595479A (en) * 2022-05-10 2022-06-07 富算科技(上海)有限公司 Data median determination method and device
CN116599768A (en) * 2023-07-13 2023-08-15 北京奇立软件技术有限公司 Data encryption method for private data

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030174835A1 (en) * 2002-03-14 2003-09-18 Kaoru Yokota Data encryption device, data decryption device, and data encryption/decryption device
CN101436208A (en) * 2008-12-09 2009-05-20 北京交通大学 Ciphertext database privacy protection enquiring method
CN102843372A (en) * 2012-08-28 2012-12-26 西安交通大学 Order-preserving encryption method based on random interval partition
CN102932141A (en) * 2012-09-27 2013-02-13 汉柏科技有限公司 Order-preserving method and system for encrypting and decrypting messages by multiple encryption and decryption chips in parallel
CN103684761A (en) * 2013-12-25 2014-03-26 广西宝恒电子科技有限公司 Coding and decoding method
CN105208038A (en) * 2015-10-10 2015-12-30 郑志超 Encryption method and device
CN110401527A (en) * 2018-04-25 2019-11-01 腾讯科技(深圳)有限公司 Data encryption, decryption method, device and storage medium
CN110995685A (en) * 2019-11-26 2020-04-10 中国银联股份有限公司 Data encryption and decryption method, device, system and storage medium
CN111600700A (en) * 2020-04-03 2020-08-28 中电科鹏跃电子科技有限公司 Nonlinear mapping order-preserving encryption method based on random function

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030174835A1 (en) * 2002-03-14 2003-09-18 Kaoru Yokota Data encryption device, data decryption device, and data encryption/decryption device
CN101436208A (en) * 2008-12-09 2009-05-20 北京交通大学 Ciphertext database privacy protection enquiring method
CN102843372A (en) * 2012-08-28 2012-12-26 西安交通大学 Order-preserving encryption method based on random interval partition
CN102932141A (en) * 2012-09-27 2013-02-13 汉柏科技有限公司 Order-preserving method and system for encrypting and decrypting messages by multiple encryption and decryption chips in parallel
CN103684761A (en) * 2013-12-25 2014-03-26 广西宝恒电子科技有限公司 Coding and decoding method
CN105208038A (en) * 2015-10-10 2015-12-30 郑志超 Encryption method and device
CN110401527A (en) * 2018-04-25 2019-11-01 腾讯科技(深圳)有限公司 Data encryption, decryption method, device and storage medium
CN110995685A (en) * 2019-11-26 2020-04-10 中国银联股份有限公司 Data encryption and decryption method, device, system and storage medium
CN111600700A (en) * 2020-04-03 2020-08-28 中电科鹏跃电子科技有限公司 Nonlinear mapping order-preserving encryption method based on random function

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郭晶晶等: ""保序加密技术研究与进展"", 《密码学报》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114595479A (en) * 2022-05-10 2022-06-07 富算科技(上海)有限公司 Data median determination method and device
CN114595479B (en) * 2022-05-10 2022-08-26 富算科技(上海)有限公司 Data median determination method and device
CN116599768A (en) * 2023-07-13 2023-08-15 北京奇立软件技术有限公司 Data encryption method for private data
CN116599768B (en) * 2023-07-13 2023-09-26 北京奇立软件技术有限公司 Data encryption method for private data

Also Published As

Publication number Publication date
CN112235111B (en) 2021-03-09

Similar Documents

Publication Publication Date Title
Kalpana et al. Shifted adaption homomorphism encryption for mobile and cloud learning
WO2020034751A1 (en) Multi-party security computing method and apparatus, and electronic device
KR102149996B1 (en) System and method for establishing links between identifiers without exposing specific identification information
WO2020034754A1 (en) Secure multi-party computation method and apparatus, and electronic device
Xue et al. Two-cloud secure database for numeric-related SQL range queries with privacy preserving
DE112018001285B4 (en) Cryptographic key generation with application to data deduplication
EP3075098B1 (en) Server-aided private set intersection (psi) with data transfer
US20190205568A1 (en) Providing security against user collusion in data analytics using random group selection
CN109214201B (en) Data sharing method, terminal equipment and computer readable storage medium
CN112235111B (en) Key generation method, device, equipment and computer readable storage medium
US9641328B1 (en) Generation of public-private key pairs
WO2023098294A1 (en) Heterogeneous data processing method and apparatus, and electronic device
Xu et al. Leakage resilient proofs of ownership in cloud storage, revisited
Jiang et al. Online/offline ciphertext retrieval on resource constrained devices
Souza et al. Client-side encryption for privacy-sensitive applications on the cloud
Dodis et al. Towards defeating backdoored random oracles: indifferentiability with bounded adaptivity
Kapoor Data encryption and decryption using modified RSA cryptography based on multiple public keys and ‘n’prime number
Sharma et al. Security architecture of cloud computing based on elliptic curve cryptography (ECC)
Kopal Secure volunteer computing for distributed cryptanalysis
Zhou et al. Continuous leakage-resilient certificate-based encryption scheme without bilinear pairings
Zhao et al. A lattice-based redactable signature scheme using cryptographic accumulators for trees
Shah et al. Secure featurization and applications to secure phishing detection
Sun et al. A privacy‐preserving density peak clustering algorithm in cloud computing
Kjamilji Blockchain assisted secure feature selection, training and classifications in cloud and distributed edge IoT environments
Miyaji et al. Privacy-preserving set operations in the presence of rational parties

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40037748

Country of ref document: HK