CN112468284A - SHE-based secure outsourcing method - Google Patents

Abstract

The invention discloses a SHE (secure Shell) -based secure outsourcing method, which belongs to the technical field of network security, and comprises the steps that firstly, a trusted third party utilizes public information to respectively package generated addition homomorphic public and private keys and generated multiplication homomorphic public and private keys according to requirements, and the public and private keys are sent to a user, a proxy server and a public cloud server; the client user preprocesses the coefficients and the indexes of the outsourcing polynomial, encrypts the processed data and uploads the encrypted data to the proxy server; then establishing connection between the proxy server and the public cloud server to execute secret index calculation; the public cloud server utilizes the encryption index and the coefficient generated by calculation to calculate the processed outsourcing polynomial and carry out ciphertext conversion; and finally, the proxy server receives the ciphertext conversion result calculated by the public cloud server to perform initial decryption, and after the decryption is passed, the result is sent to the user to perform final decryption. The method can help the user to obtain the desired outsourcing calculation result more safely and efficiently.

Description

SHE-based secure outsourcing method

Technical Field

The invention relates to the technical field of network security, in particular to a SHE-based security outsourcing method.

Background

With the rapid development of the internet of things and internet technology, convenience is brought to daily life of people, for example, stock market real-time data can be used for predicting the rise of stocks, and medical equipment can be used for monitoring physical characteristics in real time. However, since the data is continuously generated in real time, the data volume is too large to be stored in the local device, and the storage and management on the outsourcing cloud server are usually required. Meanwhile, users are also required to outsource the data to the cloud server for computing when processing the data due to the limitation of local computing capability. Because the data are separated from the management control of the user, a malicious cloud server may tamper the stored data or view the data, but the malicious server pays more attention to the function outsourced by the user and the result calculated by disclosing the data, so that the practical significance of protecting the accuracy and the safety of the outsourced function and the calculation result is very important for the user to obtain the correct calculation result.

In order to promote and use the efficient secure outsourced computing service in an actual environment, not only the correctness and integrity of the computing result returned by the server need to be ensured, but also the availability of the outsourced computing system needs to be ensured. In the aspect of privacy protection, a user wants to protect a calculation result of a server and protect a whole outsourcing function method without information leakage to achieve semantic security, so that outsourcing encrypted data is required to be uploaded to a cloud server. How ciphertext data can be operated on a server and can be correctly restored after operation is also a problem. The efficiency of computing performed by the user on the proxy server is higher than the efficiency of computing performed by the user on the local client in the availability of the system, otherwise, the user loses meaning for outsourcing the computing.

The security calculation of the encrypted data stored on the untrusted cloud server is a very important target, and how to design and realize the secure outsourcing calculation becomes a hot problem for the pre-research of domestic and foreign scholars.

Disclosure of Invention

In view of the above disadvantages of the prior art, the present invention provides a secure outsourcing method based on SHE (Switchable Homomorphic Encryption).

In order to solve the technical problems, the technical scheme adopted by the invention is as follows: a SHE-based secure outsourcing method comprises the following steps:

step 1: the trusted third party utilizes the public security parameters, the cycle group and the definition function to respectively package the generated addition homomorphic public and private keys and respectively send the same to the user, the proxy server and the public cloud server;

the process of step 1 is executed by a trusted third party, and specifically includes the following steps:

step 1.1: giving a security parameter lambda, selecting two large security prime numbers p and q, and calculating N as pq, wherein N is the finally calculated large prime number and is used as a public key; and computing groups G and Z that generate large prime numbers p and q_N/2Defining a function T (x) is (x-1)/N, and calling a known calculation generator algorithm to generate a generator g with the order of pq/2;

step 1.2: in circulation group Z_N/2In the method, an addition homomorphic public and private key generation algorithm is called, and an addition homomorphic public and private key pair is calculated and generated

In order to be an additively homomorphic public key,

is an additively homomorphic private key and adds the homomorphic private key using the known key sharing algorithm SHE contained in the convertible homomorphic encryption method SHE

Splitting into two parts of lambda₁And λ₂；

Step 1.3: in circulation group Z_N/2Randomly selecting two odd numbers theta₁And theta₂And satisfies | θ₁|≈|θ₂| N |/2, and θ is set to θ₁θ₂Theta is a custom variable, the result of multiplying two odd numbersAnd calculating h ═ g^θmod N, h is a part of the multiplication homomorphic public key, a known multiplication homomorphic public and private key generation algorithm is called, and a public and private key pair of the multiplication homomorphic is calculated and generated

Step 1.4, establishing connection between the trusted third party and the user, the proxy server and the public cloud server, and waiting for feedback information of connection between the trusted third party and the user, the proxy server and the public cloud server;

step 1.5: after the connection is successful, the trusted third party respectively distributes the required public and private key information to the user, the public cloud server and the proxy server by calling a known key distribution algorithm.

Step 2: the client user preprocesses the coefficients and the indexes of the outsourcing polynomial, encrypts the processed data and uploads the encrypted data to the proxy server;

the data preprocessing in the step 2 specifically includes the following two processes:

the first process is as follows:

step 2.1: inputting a positive integer num as a coefficient or an index of the outsourcing polynomial, calling a known binary conversion method to convert the positive integer num into a binary form, wherein num is sigma_ka_i2^k；

Step 2.2: will 2^kRemoved from the positive integer num, and is recorded as num-2^kM, M is a binary coefficient after splitting, and M is an odd number and k is a maximum non-negative integer; calling a known power method for splitting 2 to obtain M and k;

step 2.3: calling a known binary conversion algorithm to convert M into a binary form:

two range values c and delta are defined, if c < delta, delta-c-1 elements are added to M, which will expand to

When i is less than or equal to c, m'_iAssigned a value of m ″)_i(ii) a When c < i < delta,assign "0" to m_i；

Step 2.4: and circularly judging whether the jacobian characteristic is satisfied: in the range of 0 < i < delta-1, if m ″', is satisfied_i1 and m ″)_i+1Condition 0 represents m'_iAnd m'_i+1Re-assigned values of m 'respectively'_i-1 and m'_i+11 is ═ 1; if m' is satisfied_i1 and m ″)_i+1Condition 1 represents corresponding m'_iAnd m'_i+1Re-assigned values of m 'respectively'_i1 and m'_i+11 is ═ 1; finally, a string of vectors is output

And each vector V_iAll satisfy (V)_i1 characteristics, | N) ═ 1 characteristics; circularly judging whether the Jacobian characteristic is met, then carrying out data processing by a message precoding algorithm MPCA and outputting a vector;

step 2.5: user calls multiplication homomorphic encryption algorithm vector in known convertible homomorphic encryption method SHE

And coefficients of the polynomial

Encrypting to obtain encrypted vector

Memo

The encrypted coefficient

And index of refraction

Sending to a proxy server PS;

and a second process:

step 2.6: firstly, calling a known message expansion coding algorithm to process null plain text by using an input positive integer num, namely a coefficient or an index of an outsourcing polynomial, and splitting the input positive integer num into num1 and num 2; if num ≠ 1, num1 ═ num-1 and num2 ≠ 1; if num equals 1, num1 equals 2 and num2 equals-1;

step 2.7: if num1 is-1, num1 is coded as

Wherein

And

otherwise, calling message precoding algorithm MPCA to process positive integer num1 into vector

Step 2.8: if num2 is-1, num2 is coded as

Wherein

And

otherwise, calling message precoding algorithm MPCA to process positive integer num2 into vector

Step 2.9: outputting two series of vectors

And

and each vector

And

are respectively all satisfied

And

a characteristic;

step 2.10: user calls multiplication homomorphic encryption algorithm vector in known convertible homomorphic encryption method SHE

And

and coefficient C of the polynomial_j＝1...ηEncrypting to obtain encrypted vector

And

memo

And

compares it with the encrypted coefficients

Sent to the proxy server PS.

And step 3: establishing connection between the proxy server and the public cloud server to execute secret index calculation, wherein the process is as follows:

step 3.1: the public cloud server PCS selects two random numbers R₁,R₂∈Z_2pqIs full ofSufficiently Jacobian character and gcd (R)₁,R₂) 1, sending it to the proxy server PS, which calls the multiplicative homomorphic encryption algorithm pair R in the known convertible homomorphic encryption method SHE₁,R₂Respectively encrypted to obtain

Then it is compared with the encrypted coefficient

And index of refraction

Sending the data to PCS;

step 3.2: PCS receives data sent by PS, and calls a scramble ciphertext exponential algorithm to obtain { X'₁,X′₂And sending the data to the PS;

step 3.3: PS receives data sent by PCS, and calls an encryption intermediate variable algorithm to obtain { H }₁,H₂And sending the data to the PCS;

step 3.4: the PCS receives data from the PS according to gcd (R)₁,R₂) Selecting an integer a, b satisfying the condition that aR is 1₁+b R₂If the equation is satisfied, calling a cipher text exponent calculation algorithm to obtain a cipher exponent

And 4, step 4: the public cloud server calculates the processed outsourcing polynomial by using the encryption index and the coefficient generated by calculation, and performs ciphertext conversion, wherein the process is as follows:

step 4.1: PCS obtains encrypted coefficients

And index of refraction

Step 4.2: continuously calling the outsourcing polynomial after the calculation of the calculation outsourcing polynomial function

Or

Step 4.3: the F 'or F' is obtained by calling the addition and conversion multiplication ciphertext algorithm SHE

Or

And sends the converted ciphertext to the proxy server.

And 5: the proxy server receives the ciphertext conversion result calculated by the public cloud server to perform initial decryption, and after the decryption is passed, the result is sent to the user to perform final decryption, and the process is as follows:

step 5.1: the PS receives the outsourcing polynomial calculation result F 'or F' and calls a decryption function in the Paillier algorithm to obtain a partial decryption ciphertext PC (F ') or PC (F');

step 5.2: sending the primarily decrypted partial decrypted ciphertext PC (F ') and the addition homomorphic ciphertext of the final outsourcing polynomial calculation result F', or the addition homomorphic ciphertexts of PC (F ') and F' to a user;

step 5.3: and the user receives the data transmitted by the PS, and finally decrypts the primarily decrypted ciphertext by calling the decryption function in the Paillier algorithm again by using the data to obtain a final calculation result.

Adopt the produced beneficial effect of above-mentioned technical scheme to lie in: the method adopts a scene of combining the public cloud server and the proxy server, utilizes the secret exponent protocol algorithm to calculate the ciphertext result, adopts a step-by-step decryption mode to realize the privacy protection of the outsourcing function and the calculation result, and can ensure that a user can obtain the required outsourcing calculation result more safely and efficiently.

Drawings

FIG. 1 is a flowchart of a SHE-based secure outsourcing method according to an embodiment of the present invention;

FIG. 2 is an initialization flowchart in an embodiment of the present invention;

FIG. 3 is a flowchart of a first data preprocessing process according to an embodiment of the present invention;

FIG. 4 is a flowchart of a second data preprocessing process according to an embodiment of the present invention;

FIG. 5 is a flow chart of a secret index calculation according to an embodiment of the present invention;

FIG. 6 is a flow chart of ciphertext transformation according to an embodiment of the present invention;

fig. 7 is a flowchart of ciphertext decryption in an embodiment of the invention.

Detailed Description

The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.

In the embodiment, a Public Cloud Server (PCS) stores Public data, a user can realize privacy protection of outsourcing functions and calculation results while outsourcing the function functions to the Public Cloud Server, when the user interacts with the Public Cloud Server through a Proxy Server (PS), the Public Cloud Server obtains the calculation results through calculation and returns the calculation results to the Proxy Server, only after the Proxy Server passes initial decryption, part of decrypted ciphertext and initial ciphertext are sent to the user for final decryption, otherwise, the user directly rejects the calculation results of the Public Cloud Server.

As shown in fig. 1, the method of the present embodiment is as follows.

Step 1: the trusted third party encapsulates the generated addition homomorphic and multiplication homomorphic public and private keys according to needs by using the public security parameters, the cycle group and the definition function, and sends the encapsulated keys to the user, the proxy server and the public cloud server, and the initialization process is as shown in fig. 2.

The process of step 1 is executed by a trusted third party, and specifically includes the following steps:

step 1.1: giving a security parameter lambda, selecting two large security prime numbers p and q, and calculating N as pq, wherein N is the finally calculated large prime number and is used as a public key; and computing groups G and Z that generate large prime numbers p and q_N/2Defining a function T (x) is (x-1)/N, and calling a known calculation generator algorithm to generate a generator g with the order of pq/2;

step 1.2: in circulation group Z_N/2In the method, an addition homomorphic public and private key generation algorithm is called, and an addition homomorphic public and private key pair is calculated and generated

In order to be an additively homomorphic public key,

is an additively homomorphic private key and adds the homomorphic private key using the known key sharing algorithm SHE contained in the convertible homomorphic encryption method SHE

Splitting into two parts of lambda₁And λ₂；

Step 1.3: in circulation group Z_N/2Randomly selecting two odd numbers theta₁And theta₂And satisfies | θ₁|≈|θ₂| N |/2, and θ is set to θ₁θ₂Theta is the result of multiplying two odd numbers by a custom variable, and h is calculated as g^θmod N, h is a part of the multiplication homomorphic public key, a known multiplication homomorphic public and private key generation algorithm is called, and a public and private key pair of the multiplication homomorphic is calculated and generated

Step 1.4, establishing connection between the trusted third party and the user, the proxy server and the public cloud server, and waiting for feedback information of connection between the trusted third party and the user, the proxy server and the public cloud server;

step 1.5: after the connection is successful, the trusted third party respectively distributes the required public and private key information to the user, the public cloud server and the proxy server by calling a known key distribution algorithm.

Step 2: the client user preprocesses the coefficients and the indexes of the outsourcing polynomial, encrypts the processed data and uploads the encrypted data to the proxy server;

the data preprocessing in the step 2 specifically includes the following two processes:

the first process, the flow, is shown in fig. 3:

step 2.1: inputting a positive integer num as a coefficient or an index of the outsourcing polynomial, calling a known binary conversion method to convert the positive integer num into a binary form, wherein num is sigma_ka_i2^k；

Step 2.2: will 2^kRemoved from the positive integer num, and is recorded as num-2^kM, M is a binary coefficient after splitting, and M is an odd number and k is a maximum non-negative integer; calling a known power method for splitting 2 to obtain M and k;

step 2.3: calling a known binary conversion algorithm to convert M into a binary form:

two range values c and delta are defined, if c < delta, delta-c-1 elements are added to M, which will expand to

When i is less than or equal to c, m'_iAssigned a value of m ″)_i(ii) a When c < i < δ, "0" is assigned to m_i；

Step 2.4: and circularly judging whether the jacobian characteristic is satisfied: in the range of 0 < i < delta-1, if m ″', is satisfied_i1 and m ″)_i+1Condition 0 represents m'_iAnd m'_i+1Re-assigned values of m 'respectively'_i-1 and m'_i+11 is ═ 1; if m' is satisfied_i1 and m ″)_i+1Condition 1 represents corresponding m'_iAnd m'_i+1Re-assigned values of m 'respectively'_i1 and m'_i+11 is ═ 1; finally, a string of vectors is output

And each vector V_iAll satisfy (V)_i1 characteristics, | N) ═ 1 characteristics; circularly judging whether the Jacobian characteristic is met, then carrying out data processing by a message precoding algorithm MPCA and outputting a vector;

step 2.5: user calls multiplication homomorphic encryption algorithm vector in known convertible homomorphic encryption method SHE

And coefficients of the polynomial

Encrypting to obtain encrypted vector

Memo

The encrypted coefficient

And index of refraction

Sending to a proxy server PS;

the process II, the flow is shown in FIG. 4:

step 2.6: firstly, calling a known message expansion coding algorithm to process null plain text by using an input positive integer num, namely a coefficient or an index of an outsourcing polynomial, and splitting the input positive integer num into num1 and num 2; if num ≠ 1, num1 ═ num-1 and num2 ≠ 1; if num equals 1, num1 equals 2 and num2 equals-1;

step 2.7: if num1 is-1, num1 is coded as

Wherein

And

otherwise, calling message precoding algorithm MPCA to process positive integer num1 into vector

Step 2.8: if num2 is-1, num2 is coded as

Wherein

And

otherwise, calling message precoding algorithm MPCA to process positive integer num2 into vector

Step 2.9: outputting two series of vectors

And

and each vector

And

are respectively all satisfied

And

a characteristic;

step 2.10: user calls multiplication homomorphic encryption algorithm vector in known convertible homomorphic encryption method SHE

And

and coefficient C of the polynomial_j＝1...ηEncrypting to obtain encrypted vector

And

memo

And

compares it with the encrypted coefficients

Sent to the proxy server PS.

And step 3: the process of establishing connection between the proxy server and the public cloud server to execute secret index calculation is shown in fig. 5, and the process is as follows:

step 3.1: the public cloud server PCS selects two random numbers R₁,R₂∈Z_2pqAnd satisfying the Jacobian characteristics and gcd (R)₁,R₂) 1, sending it to the proxy server PS, which calls the multiplicative homomorphic encryption algorithm pair R in the known convertible homomorphic encryption method SHE₁,R₂Respectively encrypted to obtain

Then it is compared with the encrypted coefficient

And index of refraction

Sending the data to PCS;

step 3.2: PCS receives data sent by PS, and calls a scramble ciphertext exponential algorithm to obtain { X'₁,X′₂And sending the data to the PS;

step 3.3: PS receives data sent by PCS, and calls an encryption intermediate variable algorithm to obtain { H }₁,H₂And sending the data to the PCS;

step 3.4: the PCS receives data from the PS according to gcd (R)₁,R₂) Selecting an integer a, b satisfying the condition that aR is 1₁+b R₂If the equation is satisfied, calling a cipher text exponent calculation algorithm to obtain a cipher exponent

And 4, step 4: the public cloud server calculates the processed outsourcing polynomial by using the encryption index and coefficient generated by calculation, and performs ciphertext conversion, wherein the process of ciphertext conversion is as shown in fig. 6, and the process is as follows:

step 4.1: PCS obtains encrypted coefficients

And index of refraction

Step 4.2: continuously calling the outsourcing polynomial after the calculation of the calculation outsourcing polynomial function

Or

Step 4.3: calling addition conversion multiplication ciphertext algorithm SHEThe method ciphertext algorithm SHE

Or

And sends the converted ciphertext to the proxy server.

And 5: the proxy server receives the ciphertext conversion result calculated by the public cloud server to perform initial decryption, the result is sent to the user for final decryption after the decryption is passed, the ciphertext decryption process is as shown in fig. 7, and the process is as follows:

step 5.1: the PS receives the outsourcing polynomial calculation result F 'or F' and calls a decryption function in the Paillier algorithm to obtain a partial decryption ciphertext PC (F ') or PC (F');

step 5.2: sending the primarily decrypted partial decrypted ciphertext PC (F ') and the addition homomorphic ciphertext of the final outsourcing polynomial calculation result F', or the addition homomorphic ciphertexts of PC (F ') and F' to a user;

step 5.3: and the user receives the data transmitted by the PS, and finally decrypts the primarily decrypted ciphertext by calling the decryption function in the Paillier algorithm again by using the data to obtain a final calculation result.

Claims (6)

1. A SHE-based secure outsourcing method is characterized by comprising the following steps:

step 1: the trusted third party utilizes the public security parameters, the cycle group and the definition function to respectively package the generated addition homomorphic public and private keys and respectively send the same to the user, the proxy server and the public cloud server;

step 2: the client user preprocesses the coefficients and the indexes of the outsourcing polynomial, encrypts the processed data and uploads the encrypted data to the proxy server;

and step 3: establishing connection between the proxy server and the public cloud server to execute secret index calculation;

and 4, step 4: the public cloud server utilizes the encryption index and the coefficient generated by calculation to calculate the processed outsourcing polynomial and carry out ciphertext conversion;

and 5: and the proxy server receives the ciphertext conversion result calculated by the public cloud server to perform initial decryption, and sends the result to the user for final decryption after the decryption is passed.

2. The SHE-based secure outsourcing method of claim 1, wherein: the process of step 1 is executed by a trusted third party, and specifically includes the following steps:

step 1.1: giving a security parameter lambda, selecting two large security prime numbers p and q, and calculating N as pq, wherein N is the finally calculated large prime number and is used as a public key; and computing groups G and Z that generate large prime numbers p and q_N/2Defining a function T (x) is (x-1)/N, and calling a known calculation generator algorithm to generate a generator g with the order of pq/2;

step 1.2: in circulation group Z_N/2In the method, an addition homomorphic public and private key generation algorithm is called, and an addition homomorphic public and private key pair is calculated and generated

In order to be an additively homomorphic public key,

is an additively homomorphic private key and adds the homomorphic private key using the known key sharing algorithm SHE contained in the convertible homomorphic encryption method SHE

Splitting into two parts of lambda₁And λ₂；

Step 1.3: in circulation group Z_N/2Randomly selecting two odd numbers theta₁And theta₂And satisfies | θ₁|≈|θ₂| N |/2, and θ is set to θ₁θ₂Theta is the result of multiplying two odd numbers by a custom variable, and h is calculated as g^θmodN, h is a part of the public key with multiplication homomorphism, and the public and private key pair with multiplication homomorphism is calculated and generated by calling the known public and private key generating algorithm with multiplication homomorphism

Step 1.4, establishing connection between the trusted third party and the user, the proxy server and the public cloud server, and waiting for feedback information of connection between the trusted third party and the user, the proxy server and the public cloud server;

step 1.5: after the connection is successful, the trusted third party respectively distributes the required public and private key information to the user, the public cloud server and the proxy server by calling a known key distribution algorithm.

3. The SHE-based secure outsourcing method of claim 1, wherein: the data preprocessing in the step 2 specifically includes the following two processes:

the first process is as follows:

step 2.1: inputting a positive integer num as a coefficient or an index of the outsourcing polynomial, calling a known binary conversion method to convert the positive integer num into a binary form, wherein num is sigma_ka_i2^k；

Step 2.2: will 2^kRemoved from the positive integer num, and is recorded as num-2^kM, M is a binary coefficient after splitting, and M is an odd number and k is a maximum non-negative integer; calling a known power method for splitting 2 to obtain M and k;

step 2.3: calling a known binary conversion algorithm to convert M into a binary form:

two range values c and delta are defined, if c < delta, delta-c-1 elements are added to M, which will expand to

When i is less than or equal to c, m'_iAssigned a value of m ″)_i(ii) a When c < i < δ, "0" is assigned to m_i；

Step 2.4: and circularly judging whether the jacobian characteristic is satisfied: in the range of 0 < i < delta-1, if m ″', is satisfied_i1 and m ″)_i+1Condition 0 represents m'_iAnd m'_i+1Re-assigned values of m 'respectively'_i-1 and m'_i+11 is ═ 1; if m' is satisfied_i1 and m ″)_i+1Condition 1 represents corresponding m'_iAnd m'_i+1Re-assigned values of m 'respectively'_i1 and m'_i+11 is ═ 1; finally, a string of vectors is output

And each vector V_iAll satisfy (V)_i1 characteristics, | N) ═ 1 characteristics; circularly judging whether the Jacobian characteristic is met, then carrying out data processing by a message precoding algorithm MPCA and outputting a vector;

step 2.5: user calls multiplication homomorphic encryption algorithm vector in known convertible homomorphic encryption method SHE

And coefficients of the polynomial

Encrypting to obtain encrypted vector

Memo

The encrypted coefficient

And index of refraction

Sending to a proxy server PS;

and a second process:

step 2.6: firstly, calling a known message expansion coding algorithm to process null plain text by using an input positive integer num, namely a coefficient or an index of an outsourcing polynomial, and splitting the input positive integer num into num1 and num 2; if num ≠ 1, num1 ═ num-1 and num2 ≠ 1; if num equals 1, num1 equals 2 and num2 equals-1;

step 2.7: if num1 is-1, num1 is coded as

Wherein

And

otherwise, calling message precoding algorithm MPCA to process positive integer num1 into vector

Step 2.8: if num2 is-1, num2 is coded as

Wherein

And

otherwise, calling message precoding algorithm MPCA to process positive integer num2 into vector

Step 2.9: outputting two series of vectors

And

and each vector theta_iAnd

are respectively all satisfied

And

a characteristic;

step 2.10: user calls multiplication homomorphic encryption algorithm vector in known convertible homomorphic encryption method SHE

And

and coefficient C of the polynomial_j＝1...ηEncrypting to obtain encrypted vector

And

memo

And

compares it with the encrypted coefficients

Sent to the proxy server PS.

4. The SHE-based secure outsourcing method of claim 1, wherein: the process of the step 3 is as follows:

step 3.1: the public cloud server PCS selects two random numbers R₁,R₂∈Z_2pqAnd satisfying the Jacobian characteristics and gcd (R)₁,R₂) 1, sending it to the proxy server PS, which calls the multiplicative homomorphic encryption algorithm pair R in the known convertible homomorphic encryption method SHE₁,R₂Respectively encrypted to obtain

Then it is compared with the encrypted coefficient

And index of refraction

Sending the data to PCS;

step 3.2: PCS receives data sent by PS, and calls scramble ciphertext exponential algorithm to obtain { X₁′,X₂' }, and sending to the PS;

step 3.3: PS receives data sent by PCS, and calls an encryption intermediate variable algorithm to obtain { H }₁,H₂And sending the data to the PCS;

step 3.4: the PCS receives data from the PS according to gcd (R)₁,R₂) Selecting an integer a, b satisfying the condition that aR is 1₁+b R₂If the equation is satisfied, calling a cipher text exponent calculation algorithm to obtain a cipher exponent

5. The SHE-based secure outsourcing method of claim 1, wherein: the process of the step 4 is as follows:

step 4.1: PCS obtains encrypted coefficients

And index of refraction

Step 4.2: continuously calling the outsourcing polynomial after the calculation of the calculation outsourcing polynomial function

Or

Step 4.3: the F 'or F' is obtained by calling the addition and conversion multiplication ciphertext algorithm SHE

Or

And sends the converted ciphertext to the proxy server.

6. The SHE-based secure outsourcing method of claim 1, wherein: the process of the step 5 is as follows:

step 5.1: the PS receives the outsourcing polynomial calculation result F 'or F' and calls a decryption function in the Paillier algorithm to obtain a partial decryption ciphertext PC (F ') or PC (F');

step 5.2: sending the primarily decrypted partial decrypted ciphertext PC (F ') and the addition homomorphic ciphertext of the final outsourcing polynomial calculation result F', or the addition homomorphic ciphertexts of PC (F ') and F' to a user;

step 5.3: and the user receives the data transmitted by the PS, and finally decrypts the primarily decrypted ciphertext by calling the decryption function in the Paillier algorithm again by using the data to obtain a final calculation result.

Images