CN112883403A

CN112883403A - Verifiable encrypted image retrieval privacy protection method

Info

Publication number: CN112883403A
Application number: CN202110291106.1A
Authority: CN
Inventors: 李先贤; 雷杰; 石贞奎
Original assignee: Guangxi Normal University
Current assignee: Guangxi Normal University
Priority date: 2021-03-18
Filing date: 2021-03-18
Publication date: 2021-06-01
Anticipated expiration: 2041-03-18
Also published as: CN112883403B

Abstract

The invention discloses a verifiable encrypted image retrieval privacy protection method, which utilizes the skill of a Mercker Hash tree to link a Mercker hierarchical clustering index tree and a Mercker KD tree together, the Mercker hierarchical clustering index tree can accelerate the searching process, find and inquire clusters with high similarity of images, and use the Mercker KD tree to construct a spatial index of clustering encrypted characteristic vectors, thus improving the speed of searching similar characteristic vectors in clustering and reversely verifying the searching process. The Mercker KD tree is built on the feature vector of the picture encrypted by the ASPE, and the expression vectors of the hierarchical clustering index tree nodes are all the expression vectors encrypted by the ASPE method, so that the privacy of the feature vector of the picture is protected, and the feasibility of picture retrieval under the encryption condition is realized.

Description

Verifiable encrypted image retrieval privacy protection method

Technical Field

The invention relates to the technical field of image retrieval, in particular to a verifiable encrypted image retrieval privacy protection method.

Background

With the rapid development and popularization of cloud computing, people enjoy various conveniences brought by cloud services, such as storing pictures on the cloud. However, outsourcing pictures directly to the public cloud inevitably raises privacy concerns. Massive images containing highly sensitive information, such as medical images of patients, can have serious consequences or be unnecessarily cumbersome if leaked to an unauthorized entity. The encryption mechanism may alleviate the security and privacy issues of picture data to some extent, but it defeats the content-based image retrieval (CBIR) technique in ciphertext. And although this outsourcing mode relieves the burden on the user, the user may lose control over the data and fail to ensure the integrity of the service delivered to the user. Particularly, due to various reasons such as software and hardware failures, hacking, etc., a cloud service provider may intentionally or unintentionally return incorrect or incomplete query results to a user. Meanwhile, the performance of the cloud server search service, such as the accuracy and efficiency of the search, will affect the search experience of the user deeply.

Based on the analysis of the current background technology, the current cloud scene picture retrieval faces the following three problems:

1. because the cloud service provider is in the interest problem in reality, the retrieval operation may not be completely performed, and even the privacy of the picture may be acquired. The picture is encrypted when the data owner outsources the data, and a verifiable picture feature vector index structure is designed to ensure that the picture is completely retrieved on the cloud server, and the result is returned and simultaneously the client side is provided with a cryptology certification to prove that the retrieval result is from the data owner and the retrieval process is completely and correctly executed.

2. Assuming that the user is a doctor who relies on the search results to diagnose the condition of a patient, the wrong search results may result in a wrong diagnosis, endangering the health or even life of the patient. The feature vectors of the pictures are extracted by using the pre-trained CNN model, so that higher searching precision is obtained.

3. If the user is a mobile user requiring a high real-time response, then an excessively long search time is intolerable, which can easily cause the search time to be time-ineffective. And classifying the image database by using a K-means clustering algorithm, and constructing a hierarchical clustering index tree from bottom to top according to a clustering result. Thus, traversing the entire picture database while performing a search operation is avoided, reducing the search time to a sub-linear time.

Disclosure of Invention

The invention aims to solve the problems of privacy protection and query verification of encrypted image retrieval in a cloud computing environment, and provides a verifiable encrypted image retrieval privacy protection method.

In order to solve the problems, the invention is realized by the following technical scheme:

a verifiable encrypted image retrieval privacy protection method specifically comprises the following steps:

step 1, extracting a feature vector of each picture in a local picture database by a picture owner by using a pre-trained CNN model;

step 2, clustering the feature vectors of the pictures obtained in the step 1 by adopting a K-means clustering algorithm by the picture owner to obtain K clusters;

step 3, encrypting the feature vector of the picture obtained in the step 1 by using an ASPE encryption method by a picture owner to obtain an encrypted feature vector, and obtaining K encrypted clusters by combining the K clusters obtained in the step 2;

step 4, the picture owner firstly uses each encrypted cluster obtained in the step 3 to respectively construct a KD tree;

step 5, adding a clustering Mercker Hash value to each node of each KD tree obtained in the step 4 by the picture owner to obtain a Mercker KD tree;

step 6, the picture owner utilizes the K clusters obtained in the step 2 to jointly construct a hierarchical clustering index tree;

step 7, encrypting the expression vector of each node of the hierarchical clustering index tree obtained in the step 6 by the picture owner by adopting an ASPE encryption method to obtain an encrypted expression vector of each node and obtain an encrypted hierarchical clustering index tree;

step 8, adding 2 levels of Merck hash values to each node of the encrypted hierarchical clustering index tree obtained in the step 7 by the picture owner to obtain a Merck hierarchical clustering index tree;

step 9, the image owner forms a verifiable index structure by the Mercker hierarchical clustering index tree obtained in the step 8 and the K Mercker KD trees obtained in the step 5;

step 10, encrypting each picture in the local picture database by the picture owner to obtain an encrypted picture, obtaining an encrypted picture database, and uploading the encrypted picture database and the verifiable index structure tree obtained in the step 9 to the cloud server;

step 11, when a user needs to inquire a similar picture of a picture to be detected, extracting a feature vector of the picture to be detected by using a pre-trained CNN model, encrypting the feature vector of the picture to be detected by using an ASPE encryption method to obtain an encrypted feature vector of the picture to be detected, and then sending the encrypted feature vector of the picture to be detected to a cloud server;

step 12, after the cloud server receives the encrypted feature vector of the picture to be detected sent by the user,

firstly, carrying out two-stage query on a verifiable index structure by using an encrypted feature vector of a picture to be detected:

firstly, when the first-level query is used for querying the Mercker hierarchical clustering index tree of the verifiable index structure, the encryption representation vectors and the second-level Mercker hash values of all accessed nodes on the search path from the root node of the Mercker hierarchical clustering index tree to the leaf node are used as the first-level cryptography proof,

secondly, when the Mercker KD tree with the verifiable index structure is queried, the clustered Mercker hash values of the root node of the Mercker KD tree, all the visited nodes on the search path from the root node to the leaf node of the Mercker KD tree to the leaf node, and the clustered Mercker hash values of the adjacent nodes are used as a second-level cryptology proof;

then, the top which is obtained by two-stage query and is closest to the encrypted feature vector of the picture to be detected is used_kTaking the encrypted picture corresponding to each encrypted feature vector as a retrieval result;

finally, the first-level cryptography certification, the second-level cryptography certification and the retrieval result are returned to the user;

step 13, the user performs two-stage verification on the retrieval result by using the first-stage cryptography certificate and the second-stage cryptography certificate returned by the cloud server, namely:

reconstructing the Mercker KD by utilizing all accessed nodes and clustered Mercker hash values of adjacent nodes on a search path from a root node to a leaf node to the leaf node of the Mercker KD in a second-level cryptography proof, and calculating the clustered Mercker hash values of the root node of the reconstructed Mercker KD; if the cluster Mercker hash value of the root node of the reconstructed Mercker KD tree is consistent with the cluster Mercker hash value of the root node of the Mercker KD tree in a second-level cryptography proof returned to the user by the cloud server, the first-level verification is passed, otherwise, the user considers that the retrieval result returned by the cloud server is not credible, and the retrieval result is abandoned;

reconstructing the Merckel hierarchical clustering index tree by using the encrypted expression vectors and the second hierarchical Merckel hash values of all accessed nodes on the searching path from the root node to the leaf node of the Merckel hierarchical clustering index tree in the first-level cryptography proof, and calculating the first hierarchical Merckel hash value of the reconstructed Merckel hierarchical clustering index tree; if the first-level Merckel hash value of the reconstructed Merckel hierarchical clustering index tree is consistent with the first-level Merckel hash value of the Merckel hierarchical clustering index tree sent to the user by the picture owner, passing the second-level verification, otherwise, the user regards the retrieval result returned by the cloud server as not credible, and abandons the retrieval result;

step 14, after the retrieval result passes the two-stage verification of the step 13, the user decrypts the retrieval result by using the key sent to the user by the picture owner to obtain a plaintext picture;

wherein K and top_kIs a set positive integer.

In the step 5, when the node Nj is a leaf node of the KD tree, the cluster merkel hash value of the node is:

h_Nj＝h(f'_id|id)

in the step 5, when the node Nj is an internal node of the KD tree, the clustering merkel hash value of the node is:

in the formula, h_NjRepresenting the clustered Mercker hash value of node Nj, h representing the hash function, | representing a connector, f'_idAn encrypted feature vector representing a picture corresponding to the node Nj, id being the number of the picture corresponding to the node Nj, l_NjA partition plane representing the node Nj,

a clustered merkel hash value representing the left node of node Nj,

the cluster merkel hash value of the right node representing node Nj.

In step 8, when the p-th node of the q-th layer is a leaf node of the encrypted hierarchical clustering index tree, 2 hierarchical merkel hash values of the node are:

hash1_q,p＝h(V'_q,p|hash2_q,p)，hash2_q,p＝h_Rootτ

in step 8, when the p-th node at the q-th layer is an internal node of the encrypted hierarchical clustering index tree, 2 hierarchical merkel hash values of the node are:

wherein, hash1_q,pTo representThe first level of the merkel hash value, hash2, for the p-th node at level q_q,pA second level Mercker hash value representing the p-th node of the q-th layer, h represents a hash function, | represents a connector, V'_q,pRepresenting the encrypted representation vector, h, corresponding to the p-th node of the q-th layer_RootτRepresents the clustered merkel hash value of the root node of the merkel KD tree corresponding to the p-th node of the q-th layer,

and the summation of the clustered Mercker hash values corresponding to all the child nodes of the p-th node of the q-th layer is represented.

Compared with the prior art, the invention has the following characteristics:

1. the merkel hierarchical clustering index tree and the merkel KD tree are linked together by utilizing the merkel hash tree skill, the merkel hierarchical clustering index tree can accelerate the searching process, find and inquire the clusters with high similarity of the pictures, and the merkel KD tree is used for constructing the spatial index of the clustering encryption characteristic vector, so that the speed of searching the similar characteristic vector in the clustering process can be improved, and the reverse verification of the searching process can be realized.

2. The Mercker KD tree is built on the feature vector of the picture encrypted by the ASPE, and the expression vectors of the hierarchical clustering index tree nodes are all the expression vectors encrypted by the ASPE method, so that the privacy of the feature vector of the picture is protected, and the feasibility of picture retrieval under the encryption condition is realized.

Drawings

FIG. 1 is a schematic diagram of the Mercker KD tree.

FIG. 2 is a diagram of a Mercker hierarchical clustering index tree.

FIG. 3 is a diagram of a verifiable index structure tree.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to specific examples.

In order to ensure that the encrypted picture can be verified in the inquiry of the cloud scene, the invention provides a new inquiry authentication scheme to defend an untrusted cloud service provider. The key to implementing query validation is to design a query validation index structure by integrating existing indexing and cryptographic tools. The picture retrieval verification index structure comprises two parts: and constructing a Merckel hierarchical clustering index tree and an MRKD tree. The present invention allows picture owners to outsource their picture databases to cloud-based service providers and ensure the integrity and correctness of query processing. Like other common data as a service (DaaS) systems, consist of three parties: (i) picture owners outsourcing the database. (ii) A service provider (cloud server) that performs the query validation process. (iii) A user side that issues a search query request. By adopting a new query verification scheme, the system not only supports the cloud-based picture retrieval, but also generates a cryptography proof VO for each picture retrieval, and the client can verify the integrity and correctness of the query result through the cryptography proof VO.

step 1, extracting a characteristic vector f of each picture in a local picture database by a picture owner by using a pre-trained CNN model_id. Where id is the number of the picture.

Feature vector f of picture by CNN (conditional Neural Networks, CNN) model_idBy extracting, higher search accuracy can be obtained.

Step 2, all picture characteristic vectors f of the picture database extracted in the step 1 are subjected to K-means clustering algorithm by the picture owner_idClustering to obtain K clusters c_i. Wherein i is 1,2, …, K, K is the set cluster number.

The K-means clustering algorithm can cluster the feature vectors of similar pictures into the same cluster, the similarity between the clusters is low, and each cluster c_iIncluding more than 2 picture feature vectors f_id。

Step 3, the picture owner adopts an ASPE encryption method to carry out encryption on the picture characteristic vector f obtained in the step 1_idEncrypting to obtain an encrypted picture feature vector f'_idAnd in combination with the steps ofCluster c obtained in step 2_iObtaining encrypted cluster c'_i。

Picture feature vector f by ASPE encryption method (asymmetric scalar product encryption method)_idAnd cluster c_iAnd encryption is carried out, so that an attacker can be prevented from acquiring the privacy content of the picture by a method for reconstructing the image by the picture feature vector.

Step 4, using each encrypted cluster c 'obtained in step 3 by the picture owner'_iAnd respectively constructing a KD tree.

A KD-tree is a tree-like data structure that stores instance points in k-dimensional space for fast retrieval thereof. The method is mainly applied to searching of multidimensional space key data (such as range searching and nearest neighbor searching), and the KD tree is a special case of a binary space partition tree.

And 5, adding a clustering Mercker hash value to each node of each KD tree by the picture owner to obtain a Mercker KD tree (MRKD tree), as shown in FIG. 1.

The merkel tree is a hash binary tree, stores data in leaf nodes of a tree structure, and ensures non-tamper-resistance of the data through a step-by-step hash operation on the data. Any change in the leaf node data is passed to the node at the previous level and ultimately reflects the change in the tree root. The MRKD tree is the combination of the KD tree and the Mercker tree, and the encrypted KD tree is constructed for the encrypted characteristic vector f' in each cluster by using a KD tree method, so that the characteristic vectors can be quickly retrieved, and a cryptology proof of the retrieval process can be generated to verify the correctness of the retrieval path.

The MRKD tree consists of two types of nodes: internal nodes and leaf nodes.

Each leaf node consists of 2 components: an encrypted feature vector and a clustered merkel hash value, wherein the content of the encrypted feature vector is the same as the KD-tree. Clustering Mercker hash value h of leaf node_Nj＝h(f'_idId). Wherein f'_idRepresenting the encrypted feature vector of the picture with the number id, wherein id represents the number of the picture, | represents a connector, and h is a hash function.

Each inner jointThe dots are composed of 3 parts: and dividing the hyperplane, pointers pointing to the child nodes and clustering the Merckel hash values, wherein the contents of the pointers which divide the hyperplane and point to the child nodes are the same as those of the KD tree. Clustered merkel hash values of internal nodes

Wherein l_NjA partition plane representing the node Nj,

a clustered merkel hash value representing the left node of node Nj,

the cluster merkel hash value of the right node representing node Nj.

Since the root node of the MRKD tree belongs to a special internal node, the root node clusters the Mercker hash value h_RootτThe same algorithm as for the internal nodes.

Step 6, the picture owner utilizes the K clusters { c obtained in step 2₁,c₂,…,c_kAnd constructing a hierarchical clustering index tree together.

Hierarchical clustering is a kind of clustering algorithm, and a nested cluster tree with hierarchy is created by calculating the similarity between data points of different classes. In a cluster tree, the original data points of different classes are the lowest level of the tree, and the top level of the tree is the root node of a cluster. The hierarchical clustering index tree is constructed in a bottom-up mode, so that the cloud server only needs to search a subset of the image database, the whole image database does not need to be searched, and meanwhile, the retrieval time is saved.

The p node of the q layer of the hierarchical clustering index tree is C_q,p＝{V_q,p,E_q,p,IND_q,pQ is the layer where the node is located, p is the index number of the layer where the node is located, V_q,pA representation vector representing the nodes is generated by the nodes,

representing child nodes of a node, IND_q,pTo representThe maximum distance between all children of a node.

Step 7, the picture owner adopts an ASPE encryption method to represent a vector V of each node of the hierarchical clustering index tree_q,pEncrypted to obtain an encrypted representation vector V'_q,pAnd obtaining the encryption hierarchical clustering index tree.

Step 8, adding 2 levels of Mercker hash values hash1 on each node of the encryption level cluster index tree by the picture owner_q,pAnd hash2_q,pAnd obtaining a merkel hierarchical clustering index tree as shown in fig. 2.

When a node is a leaf node of an encryption hierarchical clustering index tree, 2-level Mercker hash values of the node are hash1_q,pAnd hash2_q,pComprises the following steps: hash1_q,p＝h(V'_q,p|hash2_q,p)，hash2_q,p＝h_Rootτ

When the node is an internal node of the encryption hierarchical clustering index tree, 2-level Mercker hash values of the node are hash1_q,pAnd hash2_q,pComprises the following steps:

by means of iterative hash, a global hash h of a verifiable index structure related to the combination of the Mercker hierarchical clustering index tree and the MRKD tree is generated at the root node of the Mercker hierarchical clustering index tree_RootThe global hash h_RootHierarchical Mercker hash value hash1 for root node of Mercker hierarchical clustering index tree_q,p。

And 9, forming a verifiable index structure tree by the picture owner through the Merckel hierarchical clustering index tree obtained in the step 8 and the K Merckel KD trees obtained in the step 5, as shown in FIG. 3.

Step 10, the picture owner firstly compares the Image of each picture in the local picture database_idAnd after encryption, obtaining an encrypted picture database, and uploading the encrypted picture database and the verifiable index structure tree to the cloud server.

Step 11, when a user needs to retrieve a similar picture of a picture to be detected, extracting a feature vector f of the picture to be detected by using a pre-trained CNN model; then, encrypting the characteristic vector f of the picture to be detected by adopting an ASPE encryption method to obtain an encrypted characteristic vector f' of the picture to be detected; and then sending the encrypted feature vector of the picture to be detected to a cloud server.

Step 12, after the cloud server receives the encrypted feature vector f' of the picture to be detected sent by the user,

firstly, two-stage query is carried out on a verifiable index structure by using an encrypted feature vector f' of a picture to be detected:

first-level query is to query the Mercker hierarchical clustering index tree of the verifiable index structure, and the encrypted representation vectors V 'of all accessed nodes on the search path from the root node of the Mercker hierarchical clustering index tree to the leaf nodes'_q,pAnd a second level merkel hash value hash2_q,pAs a first-level cryptographic proof;

secondly, when the Mercker KD tree with the verifiable index structure is inquired in the second-level inquiry, the clustered Mercker Hash value h of the root node of the Mercker KD tree is used_RootAll visited nodes on the path from the root node of the Merckel KD tree to the leaf node and the clustered Merckel hash value h of the adjacent nodes_NjAs a second level of cryptographic proof;

then, the top which is obtained by two-stage query and is closest to the encrypted feature vector f' of the picture to be detected_kTaking the encrypted picture R' corresponding to the encrypted characteristic vector as a retrieval result; wherein top_kIs a set positive integer;

and finally, returning the first-level cryptography certification, the second-level cryptography certification and the retrieval result to the user.

The cloud server enters an entry point of a next layer of the Mercker hierarchical clustering index tree of the verifiable index structure tree by calculating a node representation vector with the minimum distance f ' and accesses a representation vector V ' of the node for each layer '_q,pAnd hash2 into first-order proof of cryptography VO 1. Searching the Mercker hierarchical clustering index tree of the verifiable index structure tree from top to bottom until the cloud serviceAnd after finding the matched leaf nodes, the server enters the MRKD tree search of the verifiable index structure tree, and the candidate search results are locked in the clusters represented by the leaf nodes. f' searching approximate nearest neighbor from the top end of MRKD tree of verifiable index structure tree according to KD tree searching method, and searching top_kAnd (3) searching k characteristic vectors which are sequentially decreased in the similarity for k times on the MRKD according to the searching mode of the KD tree in a recursion way, encrypting pictures corresponding to the characteristic vectors searched by the leaf nodes of the MRKD tree, putting the encrypted pictures into a search result R', and putting the clustered Mercker hash value h of the root node of the Mercker KD tree into a search result R_RootτSearching all visited nodes and cluster merkel hash values h of adjacent nodes on paths from root node to leaf node_NjThe second-order cryptology certificate VO2 was put in.

Step 13, the user performs two-stage verification on the retrieval result R' by using the first-stage cryptography certificate and the second-stage cryptography certificate returned by the cloud server, namely:

firstly, a user utilizes a clustered Mercker hash value h of all visited nodes and adjacent nodes on a search path from a root node to a leaf node of a Mercker KD tree in a second-level cryptography proof returned by a cloud server_NjPerforming reconstruction of the Merck KD tree and calculating a clustered Merck hash value h 'of a root node of the reconstructed Merck KD tree'_Root(ii) a If the clustered Mercker hash values h 'of the root nodes of the reconstructed Mercker KD tree'_RootClustering Mercker hash value h of root node of Mercker KD tree in second-level cryptography proof returned by cloud server_RootAre uniform, i.e. h'_Root＝h_RootIf the search result is not credible, the user gives up the search result;

② the encrypted representation vector V 'of all visited nodes on the lookup path from the root node to the leaf node of the Mercker hierarchical clustering index tree in the first-level cryptology certification returned by the user through the cloud server'_q,pAnd a second level merkel hash value hash2_q,pReconstructing the merkel hierarchy clustering index tree and calculating the reconstructed merkel hierarchyFirst-level merkel hash value hash1 'of cluster index tree'_Root(ii) a Hash1 'if the first-level Mercker hash value of reconstructed Mercker hierarchical cluster index tree'_RootFirst-level merkel hash1 of merkel-level cluster index tree sent to user with picture owner_RootOf consistent value, i.e. hash 1'_Root＝hash1_RootAnd if the user does not judge that the retrieval result returned by the cloud server is not credible, the user gives up the retrieval result.

And 14, after the two-stage verification of the retrieval result R 'is passed, the user decrypts the retrieval result R' by using the key sent to the user by the picture owner to obtain the retrieval picture set R of the plaintext.

It should be noted that, although the above-mentioned embodiments of the present invention are illustrative, the present invention is not limited thereto, and thus the present invention is not limited to the above-mentioned embodiments. Other embodiments, which can be made by those skilled in the art in light of the teachings of the present invention, are considered to be within the scope of the present invention without departing from its principles.

Claims

1. A verifiable encrypted image retrieval privacy protection method is characterized by comprising the following steps:

wherein K and top_kIs a set positive integer.

2. The verifiable encrypted image retrieval privacy protection method of claim 1, wherein, in step 5,

when the node Nj is a leaf node of the KD tree, the clustering Mercker hash value of the node is as follows:

h_Nj＝h(f'_id|id)

when the node Nj is an internal node of the KD tree, the clustering Mercker hash value of the node is as follows:

a clustered merkel hash value representing the left node of node Nj,

the cluster merkel hash value of the right node representing node Nj.

3. The verifiable encrypted image retrieval privacy protection method of claim 1, wherein, in step 8,

when the p-th node of the q-th layer is a leaf node of the encryption hierarchical clustering index tree, the 2 hierarchical merkel hash values of the node are as follows:

hash1_q,p＝h(V'_q,p|hash2_q,p)，hash2_q,p＝h_Rootτ

when the p-th node of the q-th layer is an internal node of the encryption hierarchical clustering index tree, the 2-level merkel hash values of the node are as follows:

hash1_q,p＝h(V'_q,p|hash2_q,p)，

wherein, hash1_q,pThe first level of the merkel hash, hash2, representing the p-th node at level q_q,pA second level Mercker hash value representing the p-th node of the q-th layer, h represents a hash function, | represents a connector, V'_q,pRepresenting the encrypted representation vector, h, corresponding to the p-th node of the q-th layer_RootτRepresents the clustered merkel hash value of the root node of the merkel KD tree corresponding to the p-th node of the q-th layer,