CN112312313A - Geographic area entering judgment method, device and system based on PSI - Google Patents
Geographic area entering judgment method, device and system based on PSI Download PDFInfo
- Publication number
- CN112312313A CN112312313A CN202010948190.5A CN202010948190A CN112312313A CN 112312313 A CN112312313 A CN 112312313A CN 202010948190 A CN202010948190 A CN 202010948190A CN 112312313 A CN112312313 A CN 112312313A
- Authority
- CN
- China
- Prior art keywords
- geographic area
- geographic
- key
- value
- elements
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/021—Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention provides a geographic area entry judgment method, a geographic area entry judgment device and a geographic area entry judgment system based on a privacy set intersection PSI, relates to the technical field of privacy protection, and is used for avoiding exposing the position privacy of a user in the geographic area entry judgment process. The method comprises the following steps: determining a first set; acquiring a fourth set from the third set based on the first set and a preset corresponding relation; encrypting the elements in the fourth set through the first key to obtain a fifth set; sending the fifth set to the second device; receiving the sixth set and the first encrypted value sent by the second device; encrypting the first encrypted value based on the first key to obtain a second encrypted value; in the case where the second cryptographic value belongs to the sixth set, determining that entry has been made; in case the second cryptographic value does not belong to the sixth set, it is determined not to be entered. The embodiment of the invention is used for judging the entering of the geographic area.
Description
Technical Field
The invention relates to the technical field of privacy protection, in particular to a method, a device and a system for judging entrance of a geographic area based on a Privacy Set Intersection (PSI).
Background
With the rapid development of communication technology, network technology and the like and the wide application of mobile computers, cloud computing, distributed computing and the like, the daily life of virtual networks and people is tighter, and various applications of internet big data penetrate the aspects of social contact, shopping trip and the like of people. The applications enable people to enjoy more convenient services, but simultaneously a great amount of valuable client information, personal privacy records and enterprise operation data are continuously mined, and the privacy of people is more and more strongly threatened, so the privacy protection in the big data era becomes the focus of general attention.
The geographic area entry judgment means to detect whether or not the position of a subject is within a specified area. The applications of the geographic location entry judgment are very wide, for example: in the social process, when the positions of two friends are in the same geographical area, a reminding service is sent to a user, and when a client enters a specific area, related information is pushed to the client; limiting the activity range of the executed person in judicial practice or not allowing the executed person to approach a specified area; determine whether the aircraft enters a particular area, etc. In the prior art, when a geographic area enters a judgment, the position information of a user must be accurately acquired, so that the position privacy of the user is exposed. For example: in the mobile social application, if a user wants to inquire nearby friends, the user needs to upload the position information of the user, so that the application server can determine the friends nearby the user by comparing the distance between the position of the user and the positions of other users.
Disclosure of Invention
In view of this, the present invention provides a geographic area entry determination method, apparatus and system based on PSI, which are used to avoid exposing the location privacy of the user during the geographic area entry determination process.
In order to achieve the above object, the embodiments of the present invention provide the following technical solutions:
in a first aspect, an embodiment of the present invention provides a geographic area entry determination method based on PSI, which is applied to a first device, and the method includes:
when judging whether the second equipment enters a designated geographical area, determining a first set, wherein the first set is a set formed by the geographical areas designated in the second set;
acquiring a fourth set from a third set based on the first set and a preset corresponding relation, wherein the preset corresponding relation comprises corresponding relations between each geographic area in the second set and elements in the third set, and the geographic areas in the second set correspond to the elements in the third set one by one;
encrypting the elements in the fourth set through a first key to obtain a fifth set;
sending the fifth set to the second device;
receiving a sixth set and a first encryption value sent by the second device, where the sixth set is a set obtained by encrypting elements in the fifth set with a second key, the first encryption value is a value obtained by encrypting a target element with the second key, the target element is an element corresponding to a target geographical area obtained from the third set according to the preset correspondence, and the target geographical area is a geographical area to which a geographical position of the second device in the second set belongs;
encrypting the first encrypted value based on the first key to obtain a second encrypted value;
determining that the second device has entered the designated geographic area if the second cryptographic value belongs to the sixth set;
determining that the second device has not entered the designated geographic area if the second cryptographic value does not belong to the sixth set.
In a second aspect, an embodiment of the present invention provides a geographic area entry determining method based on PSI, which is applied to a second device, and the method includes:
receiving a fifth set sent by a first device, where the fifth set is a set obtained by encrypting elements in a fourth set with a first key, the fourth set is a set obtained from a third set based on a first set and a preset correspondence, the first set is a set composed of geographic areas specified in a second set, the preset correspondence includes a correspondence between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
encrypting the elements in the fifth set through a second key to obtain a sixth set;
acquiring a first encryption value, wherein the first encryption value is obtained by encrypting a target element through the second key, the target element is an element which is acquired from the third set according to the preset corresponding relation and corresponds to a target geographical area, and the target geographical area is a geographical area to which the geographical position of the second equipment in the second set belongs;
transmitting the sixth set and the first cryptographic value to the first device.
In a third aspect, an embodiment of the present invention provides a geographic area entry determining device based on PSI, including:
the first acquisition unit is used for determining a first set when judging whether the second equipment enters a specified geographic area, wherein the first set is a set formed by the specified geographic areas in a second set;
a second obtaining unit, configured to obtain a fourth set from a third set based on the first set and a preset correspondence relationship, where the preset correspondence relationship includes a correspondence relationship between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
a third obtaining unit, configured to encrypt, by using a first key, elements in the fourth set to obtain a fifth set;
a sending unit, configured to send the fifth set to the second device;
a receiving unit, configured to receive a sixth set and a first encrypted value that are sent by the second device, where the sixth set is a set obtained by encrypting elements in the fifth set with a second key, the first encrypted value is a value obtained by encrypting a target element with the second key, the target element is an element that is obtained from the third set according to the preset correspondence and corresponds to a target geographic area, and the target geographic area is a geographic area to which a geographic location of the second device in the second set belongs;
a fourth obtaining unit configured to encrypt the first encrypted value based on the first key to obtain a second encrypted value;
a determining unit, configured to determine that the second device has entered the designated geographic area when the second cryptographic value belongs to the sixth set, and determine that the second device has not entered the designated geographic area when the second cryptographic value does not belong to the sixth set.
In a fourth aspect, an embodiment of the present invention provides a geographic area entry determining device based on PSI, including:
a receiving unit, configured to receive a fifth set sent by a first device, where the fifth set is a set obtained by encrypting elements in a fourth set with a first key, the fourth set is a set obtained from a third set based on a first set and a preset correspondence, the first set is a set composed of geographic areas specified in a second set, the preset correspondence includes a correspondence between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
a first obtaining unit, configured to encrypt elements in the fifth set by using a second key to obtain a sixth set;
a second obtaining unit, configured to obtain a first encrypted value, where the first encrypted value is a value obtained by encrypting a target element with the second key, and the target element is an element in the third set corresponding to a geographic area where the PSI-based geographic area entry determining device is located;
a transmitting unit, configured to transmit the sixth set and the first encrypted value to the first device.
In a fifth aspect, an embodiment of the present invention provides a geographic area entry determining system based on PSI, including: the PSI-based geographic area entry determining device of the third aspect and the PSI-based geographic area entry determining device of the fourth aspect.
A sixth aspect and an embodiment of the present invention provide an electronic device, including: a memory for storing a computer program and a processor; the processor is configured to execute the PSI-based geographic area entry determination method according to the first aspect or the second aspect when invoking a computer program.
In a seventh aspect, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and the computer program is executed by a processor to implement the PSI-based geographic area entry determining method according to the first aspect or the second aspect.
When judging whether a second device enters a designated geographic area, the geographic area entry judgment method based on PSI provided in the embodiment of the present invention first determines a first set composed of the designated geographic area in a second set, then obtains a fourth set from a third set based on the first set and a preset correspondence, encrypts elements in the fourth set with a first key to obtain a fifth set, then transmits the fifth set to the second device, receives a sixth set transmitted by the second device and obtained by encrypting the elements in the fifth set with a second key, encrypts elements in the third set corresponding to the geographic area to which the second device in the second set belongs with the second key to obtain a first encrypted value, and finally encrypts the first encrypted value with the first key to obtain a second encrypted value, and determining whether the second device enters the designated geographical area by determining whether the second cryptographic value belongs to the fifth set. Compared with the prior art that the first device must accurately acquire the location information of the second device when the geographic area enters the judgment, the first device in the embodiment of the invention can determine whether the second device enters the designated geographic area under the condition that the geographic location of the second device is not acquired, so that the location privacy of the user of the second device is prevented from being exposed.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings.
Fig. 1 is an interaction flowchart of a PSI-based geographic area entry determination method according to an embodiment of the present invention;
fig. 2 is one of schematic structural diagrams of a PSI-based geographic area entry determination device according to an embodiment of the present invention;
fig. 3 is a second schematic structural diagram of the PSI-based geographic region entry determining device according to the embodiment of the present invention;
fig. 4 is a hardware structure diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of the present invention.
The terms "first" and "second," and the like, in the description and in the claims of the present invention are used for distinguishing between different objects and not for describing a particular order of the objects. For example, the first set and the second set, etc., are used to distinguish between different sets and are not used to describe a particular order of the sets. In the following embodiments, there may be a case where "nth set" appears first and then "mth set", m < n, or only "xth set" appears and "yth set" does not appear, y < x, but since "first" and "second" etc. are used to distinguish different objects, the above case does not affect the clarity provided by the embodiments of the present application.
In the embodiments of the present invention, words such as "exemplary" or "for example" are used to mean serving as examples, illustrations or descriptions. Any embodiment or design described as "exemplary" or "e.g.," an embodiment of the present invention is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion. Further, in the description of the embodiments of the present invention, "a plurality" means two or more unless otherwise specified.
privacy-Preserving Set Intersection (PSI) is an important aspect of the secure multi-party computing field. The PSI protocol allows two parties holding respective sets to jointly compute the intersection of the two sets, and one or both parties can get the correct intersection and will not get any information in the other set except the intersection. Specifically, in the embodiment of the present invention, the geographic area entry determination method based on PSI allows the first device and the second device to jointly calculate whether the specified area held by the first device and the area where the second device is located have an intersection (whether the area where the second device is located belongs to the specified area or whether the second device enters the specified area), and in this process, the first device does not acquire the accurate position of the second device, and the second device does not acquire the specified area held by the first device. Therefore, the geographic area entering judgment method based on the PSI provided by the embodiment of the invention can avoid exposing the position privacy of the user in the process of judging the entering of the geographic area.
The encryption algorithm used in the scheme of the invention requires interchangeability. The properties of the encryption algorithm in the scheme of the present invention are described below by taking the PSI protocol based on Diffie-Hellman as an example. Assuming that the encryption algorithm used is defined on the group G, the order of the group is n, and a e {1,2,3,4, …, n-1} and b e {1,2,3,4, …, n-1} are selected as two keys, the encryption of the group element G0 is exchangeable. The commutative property means that two secondary encrypted ciphertexts obtained by encrypting the same plaintext twice by using two different keys according to different encryption sequences are equal; for example, a plaintext G0 is encrypted by using a key a to obtain a ciphertext aG0, and then aG0 is encrypted by using a key b to obtain a second-encrypted ciphertext baG 0; and for the same plaintext G0, G0 is encrypted by using a key b to obtain a ciphertext bG0, and then the ciphertext bG0 is encrypted by using a key a to obtain another secondary encrypted ciphertext abG0, so that the ciphertexts baG0 and abG0 which are encrypted for the two times are equal.
The following first explains the sets and the relationship between the sets in the embodiment of the present invention.
The set, the encryption value and the element in the embodiment of the invention comprise:
A first set of: { first zone, fourth zone, sixth zone };
a second set:
{ first region, second region, third region, fourth region, fifth region, sixth region … };
a third set: { G1, G2, G3, G4, G5, G6 … };
a fourth set: { G1, G6, G4 };
a fifth set: { aG1, aG6, aG4 };
a sixth set: { baG1, baG6, baG4 };
the target geographic area: an nth region;
target elements: gn;
first encrypted value: bGn, respectively;
the second encrypted value: abGn.
Based on relationships between sets including:
1.1, performing region division on a preset geographic range according to a preset rule, wherein an obtained set consisting of all geographic regions is a second set;
1.2, one or more designated areas are designated in the second set, and the set formed by all the designated areas is the first set;
1.3, carrying out Hash operation on the identification of each geographic area in the second set, wherein the set formed by all the obtained Hash values is a third set;
1.4, a set formed by elements corresponding to the specified area in the first set in the third set is a fourth set;
1.5, respectively encrypting each element in the fourth set based on the first key, wherein the set formed by the encrypted elements is a fifth set;
1.6, respectively encrypting each element in the fifth set based on the second key, wherein the set formed by the encrypted elements is a sixth set;
1.7, taking an element in the third set corresponding to a geographic area to which the geographic position of the second equipment in the second set belongs as a target element;
1.8, respectively encrypting the target elements based on the second secret key, wherein the encrypted target elements are first encrypted values;
and 1.9, respectively encrypting the first encryption values based on the first secret keys, wherein the re-encrypted first encryption values are second encryption values.
Based on the above, the embodiment of the present invention provides a geographic area entry determination method based on PSI. Referring to fig. 1, a method for determining entry into a geographic area based on PSI according to an embodiment of the present invention includes the following steps:
s101, when the first device judges whether the second device enters the designated geographic area, the first device determines a first set.
Wherein the first set is a set of geographic regions specified in a second set.
Specifically, the first device may display all the geographic areas in the second set on the display screen, then receive user input for one or more geographic areas, determine the one or more geographic areas for which user input is received as the designated area, and determine a set of the one or more geographic areas for which user input is received as the first set.
Illustratively, the second set is:
{ first region, second region, third region, fourth region, fifth region, sixth region … }
If the "first region", "fourth region" and "sixth region" in the second set receive user input, the "first region", "fourth region" and "sixth region" are determined to be designated regions, and the first set is: { first zone, fourth zone, sixth zone }.
Optionally, the second set in the above embodiment is a set formed by all geographic areas obtained by performing area division on a preset geographic range according to a preset rule.
The area division of the preset geographic range according to the preset rule may specifically be: and carrying out regional division on the preset geographic range according to grids with predefined shapes and sizes, or carrying out regional division on the preset geographic range according to national border lines, provincial border lines, city boundary lines and the like. The predefined shape of the grid can be a triangle, a parallelogram, a pentagon, a hexagon and the like, the predefined size of the grid can be 100 square meters, 500 square meters, 1 square kilometer and the like, and the predefined shape and size of the grid are not limited by the embodiment of the invention.
S102, the first equipment obtains a fourth set from the third set based on the first set and a preset corresponding relation.
The preset corresponding relation comprises a corresponding relation between each geographic area in the second set and an element in a third set, and the geographic areas in the second set correspond to the elements in the third set one by one.
As an optional implementation manner of the embodiment of the present invention, the third set is a set formed by all hash values obtained by performing a hash operation on the identifiers of the geographic areas in the second set.
Optionally, the identification of each geographic region in the second set may be a name of each geographic region in the second set. That is, hash calculation is performed on the names of the geographic areas in the second set, and a set formed by all the calculated hash values is used as the third set in the embodiment of the present invention.
For example, the preset correspondence may be stored in the first device in the form of a correspondence table, and when the preset correspondence is stored in the first device in the form of a correspondence table, the preset correspondence may be as shown in table 1 below:
TABLE 1 Preset correspondences
As will be described in the foregoing example,
the second set is:
{ first region, second region, third region, fourth region, fifth region, sixth region … };
the first set is:
{ first zone, fourth zone, sixth zone };
the third set is:
{G1,G2,G3,G4,G5,G6…}
as shown in table 1 above, since the first region corresponds to element G1 in the third set, the fourth region corresponds to element G4 in the third set, and the sixth region corresponds to element G6 in the third set, the elements obtained from the third set based on the first set and the preset correspondence relationship include: g1, G4, G6, the fourth set being: { G1, G6, G4 }.
In the above embodiment, the third set is described as an example of a set composed of all hash values obtained by performing a hash operation on the identifiers of the geographic areas in the second set, but the embodiment of the present invention is not limited thereto, and the third set may also be a set composed of other elements in addition to the above embodiment, for example: the third set may be a set of Q different random numbers, Q being the number of geographic regions in the second set. That is, the third set only needs to include the same number of elements as the second set, and the elements in the third set correspond to the geographic areas in the second set one by one, and the elements in the third set may be any elements.
S103, the first device encrypts the elements in the fourth set through the first key to obtain a fifth set.
Specifically, the first key is a key uniformly and randomly selected by the first device from the key set, and if the first key is a and the key set is {1,2,3,4, …, n-1}, there is a e {1,2,3,4, …, n-1 }.
As described in the above example, if the first key is a, the fifth set obtained by encrypting the elements in the fourth set with the first key is:
{aG1,aG6,aG4}。
s104, the first device sends the fifth set to the second device.
Correspondingly, the second device receives the fifth set sent by the first device.
S105, the second device encrypts the elements in the fifth set through the second key to obtain a sixth set.
Specifically, the second key is a key uniformly and randomly selected from the second device key set, and if the second key is b, the key set is {1,2,3,4, …, n-1}, then b belongs to {1,2,3,4, …, n-1 }.
As described in the above example, if the second key is b, the sixth set obtained by encrypting the elements in the fifth set with the second key is:
{baG1,baG6,baG4}。
s106, the second equipment obtains the first encryption value.
The first encryption value is obtained by encrypting a target element through the second key, and the target element is an element corresponding to a geographical area of the geographical position of the second device in the third set.
Specifically, the display manner in which the second device obtains the first encrypted value may include the following steps a to d.
Step a, obtaining the geographical position of the user.
Specifically, the geographic position of the user can be obtained through a Global Positioning System (GPS), a beidou satellite navigation System, a galileo System, a base station Positioning and the like.
And b, determining a target geographical area according to the geographical position of the target geographical area.
And the target geographic area is the geographic area to which the geographic position of the second device in the second set belongs.
Optionally, the second set is a set formed by all geographic areas obtained by performing area division on a preset geographic range according to a preset rule.
That is, the second set obtained by the first device and the second set obtained by the second device are identical. Specifically, the second set may be sent to the second device by the first device, or obtained by performing area division on the same preset geographic range by the first device and the second device according to the same preset rule, respectively.
And c, acquiring the target element.
And the target element is an element which is acquired from the third set according to the preset corresponding relation and corresponds to the target geographic area.
Setting: the target geographic area is: in the nth region, the correspondence table is shown in table 1 above, and the target elements are: gn.
And d, encrypting the target element based on a second secret key to obtain the first encryption value.
As described in the above example, the target elements are: gn, assuming the second secret key is b, the first encryption value is: bGn are provided.
It should be noted that, in the embodiment of the present invention, the timing for the second device to obtain the first encrypted value is not limited, the first encrypted value may be obtained after the fifth set sent by the first device is received, the first encrypted value may be obtained before the sixth set is obtained, the first encrypted value may be obtained after the sixth set is obtained, or the first encrypted value may be obtained simultaneously with the sixth set.
S107, the second device sends the sixth set and the first encrypted value to the first device.
Correspondingly, the first device receives the sixth set and the first encrypted value sent by the second device.
It should be noted that, in the embodiment of the present invention, the sixth set and the first cryptographic value sent by the second device to the first device by the second device are described in the same step, but the embodiment of the present invention does not limit the timing and the manner of sending the sixth set and the first cryptographic value, and the sixth set and the first cryptographic value may be encapsulated in the same message for sending, or may be encapsulated in two messages, and the sixth set and the first cryptographic value are sent in any order or in any sequence.
S108, the first equipment encrypts the first encryption value based on the first secret key to obtain a second encryption value.
As described in the above example, the first key is: a, the first encryption value is: bGn, the second cryptographic value is therefore: abGn.
S109, the first device judges whether the second encryption value belongs to the sixth set.
I.e. whether abGn belongs to { baG1, baG6, baG4}, or whether the intersection of the second cryptographic value with the sixth set is empty.
In the above step S109, if the second cryptographic value belongs to the sixth set, the following step S110 is performed, and if the second cryptographic value does not belong to the sixth set, the following step S111 is performed.
S110, determining that the second device enters the designated geographical area.
S111, determining that the second device does not enter the designated geographical area.
When judging whether a second device enters a designated geographic area, the geographic area entry judgment method based on PSI provided in the embodiment of the present invention first determines a first set composed of the designated geographic area in a second set, then obtains a fourth set from a third set based on the first set and a preset correspondence, encrypts elements in the fourth set with a first key to obtain a fifth set, then transmits the fifth set to the second device, receives a sixth set transmitted by the second device and obtained by encrypting the elements in the fifth set with a second key, encrypts elements in the third set corresponding to the geographic area to which the second device in the second set belongs with the second key to obtain a first encrypted value, and finally encrypts the first encrypted value with the first key to obtain a second encrypted value, and determining whether the second device enters the designated geographical area by determining whether the second cryptographic value belongs to the fifth set. Compared with the prior art that the first device must accurately acquire the location information of the second device when the geographic area enters the judgment, the first device in the embodiment of the invention can determine whether the second device enters the designated geographic area under the condition that the geographic location of the second device is not acquired, so that the location privacy of the user of the second device is prevented from being exposed.
Based on the same inventive concept, as an implementation of the foregoing method, an embodiment of the present invention further provides a geographic area entry determination device based on PSI for executing the method provided in the foregoing method embodiment, where the embodiment corresponds to the foregoing method embodiment, and for convenience of reading, details in the foregoing method embodiment are not repeated one by one in this embodiment, but it should be clear that the geographic area entry determination device based on PSI in this embodiment can correspondingly implement all the contents in the foregoing method embodiment.
Fig. 2 is a PSI-based geographic region entry determination device according to an embodiment of the present invention, and referring to fig. 2, a PSI-based geographic region entry determination device 200 according to an embodiment of the present invention includes:
a first obtaining unit 21, configured to determine a first set when determining whether a second device enters a specified geographic area, where the first set is a set formed by geographic areas specified in a second set;
a second obtaining unit 22, configured to obtain a fourth set from a third set based on the first set and a preset correspondence relationship, where the preset correspondence relationship includes a correspondence relationship between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
a third obtaining unit 23, configured to encrypt, by using a first key, elements in the fourth set to obtain a fifth set;
a sending unit 24, configured to send the fifth set to the second device;
a receiving unit 25, configured to receive a sixth set and a first encrypted value that are sent by the second device, where the sixth set is a set obtained by encrypting, using a second key, elements in the fifth set, the first encrypted value is a value obtained by encrypting, using the second key, a target element, and the target element is an element in the third set corresponding to a geographic area to which a geographic location of the second device belongs;
a fourth obtaining unit 26, configured to encrypt the first encrypted value based on the first key, and obtain a second encrypted value;
a determining unit 27, configured to determine that the second device has entered the designated geographic area if the second cryptographic value belongs to the sixth set, and determine that the second device has not entered the designated geographic area if the second cryptographic value does not belong to the sixth set.
As an optional implementation manner of the embodiment of the present invention, the second set is a set composed of all geographic areas obtained by performing area division on a preset geographic range according to a preset rule.
As an optional implementation manner of the embodiment of the present invention, the third set is a set formed by all hash values obtained by performing a hash operation on the identifiers of the geographic areas in the second set.
Fig. 3 is a schematic structural diagram of another PSI-based geographic area entry determination device according to an embodiment of the present invention, and referring to fig. 3, a PSI-based geographic area entry determination device 300 according to an embodiment of the present invention includes:
a receiving unit 31, configured to receive a fifth set sent by a first device, where the fifth set is a set obtained by encrypting elements in a fourth set with a first key, the fourth set is a set obtained from a third set based on a first set and a preset correspondence, the first set is a set composed of geographic areas specified in a second set, the preset correspondence includes a correspondence between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
a first obtaining unit 32, configured to encrypt elements in the fifth set by using a second key to obtain a sixth set;
a second obtaining unit 33, configured to obtain a first encrypted value, where the first encrypted value is a value obtained by encrypting a target element by using the second key, the target element is an element corresponding to a target geographic area, which is obtained from the third set according to the preset correspondence, and the target geographic area is a geographic area to which a geographic location of the second device in the second set belongs;
a transmitting unit 34, configured to transmit the sixth set and the first encrypted value to the first device.
As an optional implementation manner of the embodiment of the present invention, the second set is a set composed of all geographic areas obtained by performing area division on a preset geographic range according to a preset rule.
As an optional implementation manner of the embodiment of the present invention, the third set is a set formed by all hash values obtained by performing a hash operation on the identifiers of the geographic areas in the second set.
The PSI-based geographic area entry determination device according to the embodiment of the present invention may execute all the contents of the PSI-based geographic area entry determination method according to the embodiment, so that the same technical effects may be achieved, and the technical effects that can be achieved by the PSI-based geographic area entry determination device are not described herein again.
Based on the same inventive concept, the embodiment of the invention provides a geographic area entering judgment system based on PSI, which comprises: the PSI-based geographic area entry determining device shown in fig. 2 and the PSI-based geographic area entry determining device shown in fig. 3.
Based on the same inventive concept, the embodiment of the invention also provides electronic equipment. Fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 4, the electronic device according to the embodiment includes: a memory 41 and a processor 42, the memory 41 being for storing computer programs; processor 42 is operative to perform the steps of the PSI-based geographic area entry determination method described above upon invocation of the computer program.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the step of entering the determining method for the geographic area based on the PSI described in the above method embodiment is implemented.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media having computer-usable program code embodied in the medium.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer readable media include both permanent and non-permanent, removable and non-removable storage media. Storage media may implement information storage by any method or technology, and the information may be computer-readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. A geographic area entry judgment method based on a privacy set intersection PSI is applied to a first device, and comprises the following steps:
when judging whether the second equipment enters a designated geographical area, determining a first set, wherein the first set is a set formed by the geographical areas designated in the second set;
acquiring a fourth set from a third set based on the first set and a preset corresponding relation, wherein the preset corresponding relation comprises corresponding relations between each geographic area in the second set and elements in the third set, and the geographic areas in the second set correspond to the elements in the third set one by one;
encrypting the elements in the fourth set through a first key to obtain a fifth set;
sending the fifth set to the second device;
receiving a sixth set and a first encryption value sent by the second device, where the sixth set is a set obtained by encrypting elements in the fifth set with a second key, the first encryption value is a value obtained by encrypting a target element with the second key, the target element is an element corresponding to a target geographical area obtained from the third set according to the preset correspondence, and the target geographical area is a geographical area to which a geographical position of the second device in the second set belongs;
encrypting the first encrypted value based on the first key to obtain a second encrypted value;
determining that the second device has entered the designated geographic area if the second cryptographic value belongs to the sixth set;
determining that the second device has not entered the designated geographic area if the second cryptographic value does not belong to the sixth set.
2. The method according to claim 1, wherein the second set is a set of all geographical areas obtained by dividing a preset geographical range according to a preset rule.
3. The method according to claim 2, wherein the third set is a set of all hash values obtained by hashing the identifiers of the geographic regions in the second set.
4. A geographic area entry judgment method based on a privacy set intersection PSI is applied to a second device, and comprises the following steps:
receiving a fifth set sent by a first device, where the fifth set is a set obtained by encrypting elements in a fourth set with a first key, the fourth set is a set obtained from a third set based on a first set and a preset correspondence, the first set is a set composed of geographic areas specified in a second set, the preset correspondence includes a correspondence between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
encrypting the elements in the fifth set through a second key to obtain a sixth set;
acquiring a first encryption value, wherein the first encryption value is obtained by encrypting a target element through the second key, the target element is an element which is acquired from the third set according to the preset corresponding relation and corresponds to a target geographical area, and the target geographical area is a geographical area to which the geographical position of the second equipment in the second set belongs;
transmitting the sixth set and the first cryptographic value to the first device.
5. The method according to claim 1, wherein the second set is a set of all geographical areas obtained by dividing a preset geographical range according to a preset rule.
6. The method according to claim 5, wherein the third set is a set of all hash values obtained by hashing the identifiers of the geographic regions in the second set.
7. The utility model provides a geographical region gets into judgement device based on privacy set intersection PSI which characterized in that includes:
the first acquisition unit is used for determining a first set when judging whether the second equipment enters a specified geographic area, wherein the first set is a set formed by the specified geographic areas in a second set;
a second obtaining unit, configured to obtain a fourth set from a third set based on the first set and a preset correspondence relationship, where the preset correspondence relationship includes a correspondence relationship between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
a third obtaining unit, configured to encrypt, by using a first key, elements in the fourth set to obtain a fifth set;
a sending unit, configured to send the fifth set to the second device;
a receiving unit, configured to receive a sixth set and a first encrypted value that are sent by the second device, where the sixth set is a set obtained by encrypting elements in the fifth set with a second key, the first encrypted value is a value obtained by encrypting a target element with the second key, the target element is an element that is obtained from the third set according to the preset correspondence and corresponds to a target geographic area, and the target geographic area is a geographic area to which a geographic location of the second device in the second set belongs;
a fourth obtaining unit configured to encrypt the first encrypted value based on the first key to obtain a second encrypted value;
a determining unit, configured to determine that the second device has entered the designated geographic area when the second cryptographic value belongs to the sixth set, and determine that the second device has not entered the designated geographic area when the second cryptographic value does not belong to the sixth set.
8. The utility model provides a geographical region gets into judgement device based on privacy set intersection PSI which characterized in that includes:
a receiving unit, configured to receive a fifth set sent by a first device, where the fifth set is a set obtained by encrypting elements in a fourth set with a first key, the fourth set is a set obtained from a third set based on a first set and a preset correspondence, the first set is a set composed of geographic areas specified in a second set, the preset correspondence includes a correspondence between each geographic area in the second set and an element in the third set, and the geographic areas in the second set correspond to the elements in the third set one to one;
a first obtaining unit, configured to encrypt elements in the fifth set by using a second key to obtain a sixth set;
a second obtaining unit, configured to obtain a first encrypted value, where the first encrypted value is a value obtained by encrypting a target element with the second key, the target element is an element corresponding to a target geographic area, which is obtained from the third set according to the preset correspondence, and the target geographic area is a geographic area to which a geographic location of the second device in the second set belongs;
a transmitting unit, configured to transmit the sixth set and the first encrypted value to the first device.
9. A geographic area entering judgment system based on privacy set intersection PSI is characterized by comprising: the PSI based geographic area entry decision device of claim 7 and the PSI based geographic area entry decision device of claim 8.
10. An electronic device, comprising: a memory for storing a computer program and a processor; the processor is configured to execute the PSI-based geographic area entry decision method of any of claims 1-6 when invoking a computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010948190.5A CN112312313B (en) | 2020-09-10 | 2020-09-10 | PSI-based geographical area entry judging method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010948190.5A CN112312313B (en) | 2020-09-10 | 2020-09-10 | PSI-based geographical area entry judging method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112312313A true CN112312313A (en) | 2021-02-02 |
| CN112312313B CN112312313B (en) | 2023-07-04 |
Family
ID=74483953
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010948190.5A Active CN112312313B (en) | 2020-09-10 | 2020-09-10 | PSI-based geographical area entry judging method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112312313B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210235261A1 (en) * | 2018-10-17 | 2021-07-29 | Koa Health B.V. | Location Aware User Model That Preserves User Privacy Of Sensor Data Collected By A Smartphone |
| CN113556225A (en) * | 2021-07-07 | 2021-10-26 | 深圳前海新心数字科技有限公司 | Efficient PSI (program specific information) method based on Hash and key exchange |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150149763A1 (en) * | 2013-11-27 | 2015-05-28 | Microsoft Corporation | Server-Aided Private Set Intersection (PSI) with Data Transfer |
| US20160044625A1 (en) * | 2014-08-05 | 2016-02-11 | Wells Fargo Bank, N.A. | Location tracking |
| US20160171238A1 (en) * | 2014-12-11 | 2016-06-16 | Agostino Sibillo | Geolocation-based encryption method and system |
| CN107547525A (en) * | 2017-08-14 | 2018-01-05 | 复旦大学 | A kind of method for secret protection of big data query processing |
| CN108932057A (en) * | 2018-06-28 | 2018-12-04 | Oppo广东移动通信有限公司 | Method of controlling operation thereof, device, storage medium and electronic equipment |
| CN110234068A (en) * | 2019-05-29 | 2019-09-13 | 维沃移动通信有限公司 | A kind of localization method and terminal device |
| US20190289017A1 (en) * | 2018-03-14 | 2019-09-19 | Ca, Inc. | Time and location based authentication credentials |
| CN111552978A (en) * | 2020-04-21 | 2020-08-18 | 杭州趣链科技有限公司 | Privacy protection set intersection solving method based on DH encryption and Hash table |
| CN111641603A (en) * | 2020-05-15 | 2020-09-08 | 北京青牛技术股份有限公司 | Privacy set intersection data interaction method and system based on homomorphic encryption |
-
2020
- 2020-09-10 CN CN202010948190.5A patent/CN112312313B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150149763A1 (en) * | 2013-11-27 | 2015-05-28 | Microsoft Corporation | Server-Aided Private Set Intersection (PSI) with Data Transfer |
| CN105794145A (en) * | 2013-11-27 | 2016-07-20 | 微软技术许可有限责任公司 | Server-aided private set intersection (PSI) with data transfer |
| US20160044625A1 (en) * | 2014-08-05 | 2016-02-11 | Wells Fargo Bank, N.A. | Location tracking |
| US20160171238A1 (en) * | 2014-12-11 | 2016-06-16 | Agostino Sibillo | Geolocation-based encryption method and system |
| CN107547525A (en) * | 2017-08-14 | 2018-01-05 | 复旦大学 | A kind of method for secret protection of big data query processing |
| US20190289017A1 (en) * | 2018-03-14 | 2019-09-19 | Ca, Inc. | Time and location based authentication credentials |
| CN108932057A (en) * | 2018-06-28 | 2018-12-04 | Oppo广东移动通信有限公司 | Method of controlling operation thereof, device, storage medium and electronic equipment |
| CN110234068A (en) * | 2019-05-29 | 2019-09-13 | 维沃移动通信有限公司 | A kind of localization method and terminal device |
| CN111552978A (en) * | 2020-04-21 | 2020-08-18 | 杭州趣链科技有限公司 | Privacy protection set intersection solving method based on DH encryption and Hash table |
| CN111641603A (en) * | 2020-05-15 | 2020-09-08 | 北京青牛技术股份有限公司 | Privacy set intersection data interaction method and system based on homomorphic encryption |
Non-Patent Citations (1)
| Title |
|---|
| 申立艳;陈小军;时金桥;胡兰兰;: "隐私保护集合交集计算技术研究综述", 计算机研究与发展, no. 10 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210235261A1 (en) * | 2018-10-17 | 2021-07-29 | Koa Health B.V. | Location Aware User Model That Preserves User Privacy Of Sensor Data Collected By A Smartphone |
| CN113556225A (en) * | 2021-07-07 | 2021-10-26 | 深圳前海新心数字科技有限公司 | Efficient PSI (program specific information) method based on Hash and key exchange |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112312313B (en) | 2023-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9526007B2 (en) | Location brokering for providing security, privacy and services | |
| CN107347096B (en) | Location privacy protection method based on cloud server | |
| EP3813292A1 (en) | Blockchain-based service data encryption method and apparatus | |
| CN111611618B (en) | Data statistics method and device | |
| CN110677411B (en) | Data sharing method and system based on cloud storage | |
| US20170099133A1 (en) | Method and system for privacy-friendly location-based advertising | |
| US8800027B1 (en) | Authentication using privacy protected personally identifiable information | |
| JP2018530172A (en) | System and method for improving the accuracy of a position sensor | |
| CN110474908B (en) | Transaction supervision method and device, storage medium and computer equipment | |
| US9003486B2 (en) | Methods and apparatus for reliable and privacy protecting identification of parties' mutual friends and common interests | |
| CN116049626A (en) | Data statistics method, device, equipment and storage medium | |
| CN112312313B (en) | PSI-based geographical area entry judging method, device and system | |
| CN107222302A (en) | The space mass-rent task distribution system and method built with part homomorphic encryption scheme | |
| WO2018232957A1 (en) | Logistics information processing method and system | |
| US20240064001A1 (en) | Anonymous aggregation service for sensitive data | |
| Liu et al. | Efficient privacy protection protocols for 5G-enabled positioning in industrial IoT | |
| CN112507362A (en) | Data outsourcing privacy protection method, system and storage medium | |
| Yan et al. | Scalable privacy-preserving geo-distance evaluation for precision agriculture IoT systems | |
| Sakib et al. | Privacy preserving proximity testing using elliptic curves | |
| CN113922960A (en) | PSI (program specific information) acquisition method, device and system based on SM2 | |
| CN106961386A (en) | A kind of location privacy protection method in the service of registering | |
| Li et al. | How to protect query and report privacy without sacrificing service quality in participatory sensing | |
| CN114386072A (en) | Data sharing method, device and system | |
| Sarath et al. | Privacy preservation and content protection in location based queries | |
| AT&T |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220117 Address after: Unit 515, floor 5, building 1, No. a 12, Zhongguancun South Street, Haidian District, Beijing 100081 Applicant after: Shenzhou Rongan digital technology (Beijing) Co.,Ltd. Address before: 100081 Room 408, Huantai building, 12 Zhongguancun South Street, Haidian District, Beijing Applicant before: SHENZHOU RONGAN TECHNOLOGY (BEIJING) CO.,LTD. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |