CN112948890A - Fully homomorphic encryption retrieval method and system - Google Patents
Fully homomorphic encryption retrieval method and system Download PDFInfo
- Publication number
- CN112948890A CN112948890A CN202110347391.4A CN202110347391A CN112948890A CN 112948890 A CN112948890 A CN 112948890A CN 202110347391 A CN202110347391 A CN 202110347391A CN 112948890 A CN112948890 A CN 112948890A
- Authority
- CN
- China
- Prior art keywords
- data
- enc
- retrieval
- information
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a method for fully homomorphic encryption retrieval, which comprises the following steps: the data provider carries out data splitting on a data information set corresponding to the word to be retrieved; and the data provider retrieves the split multiple segments of data through full homomorphic encryption and returns the query result to the information query party. The invention also correspondingly provides a system for fully homomorphic encryption retrieval. The invention can effectively improve the retrieval efficiency of large-capacity data.
Description
Technical Field
The invention relates to the technical field of retrieval, in particular to a method and a system for fully homomorphic encrypted retrieval.
Background
Fully homomorphic encryption means that ciphertext can be arbitrarily computed without knowledge of the ciphertext, i.e., there is a property f (Enc (m)) ═ Enc (f (m))) for any valid function f and plaintext m, where Enc is an encryption function that transforms plaintext m into ciphertext Enc (m).
The fully homomorphic encryption retrieval refers to the retrieval of information or data by using a fully homomorphic encryption technology, and the retrieval mainly comprises the following processes: the method comprises the steps that an information inquiring party generates a pair of public and private keys which are encrypted in a fully homomorphic mode, then the public key is used for encrypting a retrieval keyword, then the inquiring party sends the encrypted retrieval keyword and the public key to a data provider, the data provider performs retrieval operation and then returns a result to the inquiring party, finally the inquiring party decrypts the returned result by using a private key, and the decrypted result is the final retrieval data.
However, when the fully homomorphic encryption library is used for retrieval operation, the retrieval operation time and the size of a retrieval result show an exponential growth relationship, that is, along with the linear increase of the size of the retrieval result, the retrieval operation time shows exponential growth, so that the retrieval of large-capacity data by using fully homomorphic encryption is caused, the time consumption is too long, and the efficiency is low.
Disclosure of Invention
The invention aims to improve the retrieval speed of using fully homomorphic encryption, and provides a fully homomorphic encryption retrieval method for the purpose, which comprises the following steps: the data provider carries out data splitting on a data information set corresponding to the word to be retrieved; and the data provider retrieves the split multiple segments of data through full homomorphic encryption and returns the query result to the information query party.
The invention also provides a system for fully homomorphic encryption retrieval, which comprises: the data splitting module is used for splitting data of the data information set corresponding to the word to be retrieved; and the retrieval module is used for carrying out fully homomorphic encrypted retrieval on the plurality of segments of data split by the data splitting module and returning the query result to the information query party.
The beneficial effects of the invention include: the retrieval efficiency of large-capacity data can be effectively improved by the method for splitting the retrieval data result, the retrieval of the large-capacity data is converted into the retrieval of a plurality of small-capacity data by the method for splitting the data, the time complexity of exponential level is converted into linear time complexity, and the time complexity of the retrieval is effectively reduced.
Drawings
In order that the invention may be more readily understood, it will be described in more detail with reference to specific embodiments thereof that are illustrated in the accompanying drawings. These drawings depict only typical embodiments of the invention and are not therefore to be considered to limit the scope of the invention.
FIG. 1 is a flow chart of one embodiment of the method of the present invention.
FIG. 2 is a flow chart of one embodiment of the system of the present invention.
Detailed Description
Embodiments of the present invention will be described below with reference to the accompanying drawings so that those skilled in the art can better understand the present invention and can carry out the present invention, but the illustrated embodiments are not intended to limit the present invention, and technical features in the following embodiments and embodiments can be combined with each other without conflict, wherein like parts are denoted by like reference numerals.
As shown in FIG. 1, the method of the present invention includes steps S1-S5.
S1, the information inquirer a generates the public key pk and the private key sk for the fully homomorphic encryption.
Alternatively, the information inquirer a may generate the public key pk and the private key sk for the fully homomorphic encryption using the HELib.
S2, the information querying part a encrypts the search key U with the public key pk to generate encrypted data Ex ═ Enc (U, pk), where Enc represents an encryption function of the homomorphic encryption, and then sends the encrypted data Ex and the public key pk to the data providing part B.
And S3, the data provider B performs data splitting on the data information set List.
Data provider B owns data information set List { (U)1,D1),...,(Ui,Di),...,(Un,Dn) In which U isiRepresenting a search key, DiRepresentative search key UiCorresponding data information. List data can be read from the database in the form of a two-dimensional array of N x 2, where N is the number of database tables.
The data in the List may be retrieved on-the-fly (e.g., the data is read from a database, which itself may store such key-value type data).
Data provider B performs data splitting on data information set ListSplit into List { (U)1,d11),(U1,d12),...,(U1,d1k),...,(Ui,di1),(Ui,di2),...,(Ui,dik),...,(Un,dnk) The splitting rule is: if search key UiCorresponding data information DiIs larger than a certain threshold value M, i.e. for the data information DiSplitting the data information DiDivision into a plurality of data segments di1..dikThe specific rule satisfies the equation
In one embodiment, the threshold M may be set to 50B, assuming DiHas a data size of 1000B, then D isiThe data of (2) is divided into 20 parts, and each part of data is 50B, so that the time efficiency is high. That is, for equation (1) described below, when dikIs greater than 50 bytes, or greater, the time consumption of R and dikAlmost exponentially growing; when homomorphic retrieval of large-capacity data is needed, the large-capacity data can be divided into small-capacity data for retrieval by combining the formulas (2), (3) and (4).
And S4, the data provider retrieves the split data through fully homomorphic encryption and returns the query result to the information query party. Including steps S41-S42.
S41, after the data provider B receives the encrypted data Ex and the public key pk of the information inquirer A, the public key pk is used for searching the keyword UiAnd segment data d of data informationikEncrypting to generate EUi=Enc(Ui,pk),Edik=Enc(dik,pk)。
And S42, the data provider B uses the formula (1) to perform full homomorphic encryption retrieval, the calculation result is R, and the query result R is returned to the information inquirer A.
Wherein the function F has the following characteristics: f (Enc (a), Enc (b)) satisfies that when a equals b, the result of F (Enc (a), Enc (b)) is Enc (1), otherwise the result is Enc (0).
Wherein, the fully homomorphic encryption also satisfies the following 3 formulas:
enc (0) × Enc (dik) ═ Enc (0 × dik) ═ Enc (0) formula (2)
Enc (1) × Enc (dik) ═ Enc (1 × dik) ═ Enc (1) formula (3)
Optionally, the calculation process of R is multiple addition operations, each addition operation may be performed in parallel by using a multi-thread scheme, and finally, each addition operation is summarized to obtain a final retrieval result. The retrieval of the fully homomorphic encryption is executed in a multithreading way, and the retrieval of the fully homomorphic encryption is executed in parallel, so that the efficiency of the fully homomorphic encryption retrieval is improved.
And S5, after the information inquiry party A obtains the inquiry result R, decrypting the inquiry result R by using the private key sk of the information inquiry party A to obtain a final retrieval result R' ═ Dec (sk, R), wherein Dec is a decryption function of the fully homomorphic encryption.
The encryption function Enc and the decryption function Dec in the fully homomorphic encryption exist in pairs, that is, the public key is used for encryption, and the private key is used for decryption. The decryption function satisfies the equation Dec (sk, Enc (pk, U)i))=Ui。
The invention also provides a system for fully homomorphic encryption retrieval, which comprises: the device comprises a verification module, a data splitting module, a retrieval module and a sending module.
And the verification module verifies the query request after receiving the query request of the information query party. The query request comprises a public key pk of an information query party and encrypted data Ex for encrypting the retrieval keyword U by using the public key pk.
The splitting module splits the data of the data information set List, wherein the data information set Lsit { (U)1,D1),...,(Ui,Di),...,(Un,Dn) In which U isiRepresenting a search key, DiRepresentative search key UiCorresponding data information. List data can be read from the database in the form of a 2-dimensional array of N x 2, where N is the number of database tables.
The data information set Lsit is split into lists':
List’={(U1,d11),(U1,d12),...,(U1,d1k),...,(Ui,di1),(Ui,di2),...,(Ui,dik),...,(Un,dnk)}
the splitting rule is as follows: if search key UiCorresponding data information DiIs larger than a certain threshold value M, i.e. for the data information DiSplitting the data information DiDivided into a plurality of pieces of data di1ikThe specific rule satisfies the equation
In one embodiment, the threshold M may be set to 50B, assuming DiHas a data size of 1000B, then D isiThe data of (2) was split into 20 shares, each of which was 50B.
Then, the retrieval module carries out retrieval of full homomorphic encryption on the split data and returns the query result to the information query party, and the retrieval method comprises the following steps:
1) using public key pk to search key word UiAnd segment data d of data informationikEncrypting to generate EUi=Enc(Ui,pk),Edik=Enc(dik,pk)。
2) The formula (1) is used to perform the search of the fully homomorphic encryption, and the calculation result is R.
Then, the sending module returns the query result R to the information querying party.
The embodiments described above are merely preferred specific embodiments of the present invention, and the present specification uses the phrases "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which may each refer to one or more of the same or different embodiments in accordance with the present disclosure. General changes and substitutions by those skilled in the art within the technical scope of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A method for fully homomorphic encrypted retrieval, comprising:
the data provider carries out data splitting on a data information set corresponding to the word to be retrieved;
and the data provider retrieves the split multiple segments of data through full homomorphic encryption and returns the query result to the information query party.
2. The method for fully homomorphic encrypted retrieval according to claim 1, further comprising:
before a data provider splits data, an information inquirer encrypts a retrieval keyword by using a public key of the information inquirer to generate encrypted data, and then sends the encrypted data and the public key to the data provider, wherein the encryption is full homomorphic encryption;
and after the information inquiry party obtains the inquiry result sent by the data provider, the information inquiry party decrypts the inquiry result by using the private key of the information inquiry party to obtain the final retrieval result.
3. The method of fully homomorphic cryptographic retrieval of claim 2,
the set of data information includes: the search key and the data information corresponding to the search key.
4. The method for fully homomorphic encrypted retrieval according to claim 3, wherein the method for splitting data is as follows: and if the data size of the data information corresponding to the retrieval key is larger than a certain threshold value, splitting the data information, and dividing the data information into a plurality of data.
5. The method of claim 4, wherein the fully homomorphic encrypted retrieval comprises:
1) after the data provider receives the encrypted data and the public key of the information inquirer, the public key is used for encrypting the retrieval key and the segment data of the data information to generate EUi=Enc(Ui,pk),Edik=Enc(dikPk) in which dikFurther representing the segmented data, UiRepresenting a search key, pk representing an information inquirer public key, Ex representing encrypted data,
2) the data provider uses the following formula to carry out the retrieval of the fully homomorphic encryption, returns the query result to the information inquirer,
wherein the function F has the following characteristics: f (Enc (a), Enc (b)) satisfies that when a equals b, the result of F (Enc (a), Enc (b)) is Enc (1), otherwise the result is Enc (0); wherein, the fully homomorphic encryption satisfies the following formula:
Enc(0)×Enc(dik)=Enc(0×dik)=Enc(0)
Enc(1)×Enc(dik)=Enc(1×dik)=Enc(1)
6. the method for fully homomorphic encrypted retrieval according to claim 5, further comprising:
after obtaining the query result, the information querying party decrypts the query result by using the private key to obtain a retrieval result R' ═ Dec (sk, R), where sk is the private key of the information querying party, and the fully homomorphic encryption function Enc and the decryption function Dec satisfy an equation Dec (sk, Enc (pk, U)i))=Ui。
7. A system for fully homomorphic encrypted retrieval, comprising:
the data splitting module is used for splitting data of the data information set corresponding to the word to be retrieved;
and the retrieval module is used for carrying out fully homomorphic encrypted retrieval on the plurality of segments of data split by the data splitting module and returning the query result to the information query party.
8. The system for fully homomorphic encrypted retrieval according to claim 7, comprising:
the set of data information includes: the method comprises the following steps of searching keywords and data information corresponding to the searching keywords; and if the data size of the data information corresponding to the retrieval key word is larger than a certain threshold value, the data splitting module splits the data information and divides the data information into a plurality of sections of data.
9. The system for fully homomorphic encrypted retrieval according to claim 8, comprising:
the method comprises the steps that retrieval data of an information inquirer received by a data splitting module are encrypted, the information inquirer encrypts retrieval keywords by using a public key of the information inquirer to generate encrypted data, and then the encrypted data and the public key are sent to the data splitting module, wherein the encryption is full homomorphic encryption.
10. The system for fully homomorphic encrypted retrieval of claim 9, wherein the retrieval module performs the retrieval by:
1) after receiving the encrypted data and the public key of the information inquiring party, the public key is used for encrypting the retrieval key and the segment data of the data information to generate EUi=Enc(Ui,pk),Edik=Enc(dikPk) in which dikFurther representing the segmented data, UiRepresenting a search key, pk representing an information inquirer public key, Ex representing encrypted data,
2) the following formula is used for searching the fully homomorphic encryption, the query result is returned to the information inquirer,
wherein the function F has the following characteristics: f (Enc (a), Enc (b)) satisfies that when a equals b, the result of F (Enc (a), Enc (b)) is Enc (1), otherwise the result is Enc (0); wherein, the fully homomorphic encryption satisfies the following formula:
Enc(0)×Enc(dik)=Enc(0×dik)=Enc(0)
Enc(1)×Enc(dik)=Enc(1×dik)=Enc(1)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110347391.4A CN112948890A (en) | 2021-03-31 | 2021-03-31 | Fully homomorphic encryption retrieval method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110347391.4A CN112948890A (en) | 2021-03-31 | 2021-03-31 | Fully homomorphic encryption retrieval method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112948890A true CN112948890A (en) | 2021-06-11 |
Family
ID=76231367
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110347391.4A Withdrawn CN112948890A (en) | 2021-03-31 | 2021-03-31 | Fully homomorphic encryption retrieval method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112948890A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105468986A (en) * | 2015-12-02 | 2016-04-06 | 深圳大学 | Confidential information retrieval method and system |
| CN106685980A (en) * | 2017-01-13 | 2017-05-17 | 桂林电子科技大学 | Cryptographic method of large files |
| CN107135062A (en) * | 2017-05-08 | 2017-09-05 | 桂林电子科技大学 | A kind of encryption method of improved big file |
| CN109063496A (en) * | 2018-07-26 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of method and device of data processing |
| CN109726567A (en) * | 2018-11-27 | 2019-05-07 | 南京邮电大学 | A kind of mobile target encryption method based on full homomorphic cryptography |
| CN109857763A (en) * | 2019-02-19 | 2019-06-07 | 携程旅游网络技术(上海)有限公司 | Big data processing method based on Websocket, device, electronic equipment, storage medium |
| CN111683058A (en) * | 2020-05-18 | 2020-09-18 | 国科微城市智能科技(南京)有限责任公司 | Data storage system based on block chain and storage method thereof |
-
2021
- 2021-03-31 CN CN202110347391.4A patent/CN112948890A/en not_active Withdrawn
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105468986A (en) * | 2015-12-02 | 2016-04-06 | 深圳大学 | Confidential information retrieval method and system |
| CN106685980A (en) * | 2017-01-13 | 2017-05-17 | 桂林电子科技大学 | Cryptographic method of large files |
| CN107135062A (en) * | 2017-05-08 | 2017-09-05 | 桂林电子科技大学 | A kind of encryption method of improved big file |
| CN109063496A (en) * | 2018-07-26 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of method and device of data processing |
| CN109726567A (en) * | 2018-11-27 | 2019-05-07 | 南京邮电大学 | A kind of mobile target encryption method based on full homomorphic cryptography |
| CN109857763A (en) * | 2019-02-19 | 2019-06-07 | 携程旅游网络技术(上海)有限公司 | Big data processing method based on Websocket, device, electronic equipment, storage medium |
| CN111683058A (en) * | 2020-05-18 | 2020-09-18 | 国科微城市智能科技(南京)有限责任公司 | Data storage system based on block chain and storage method thereof |
Non-Patent Citations (1)
| Title |
|---|
| 刘明杰、王安: "全同态加密研究动态及其应用概述", 《计算机研究与发展》, pages 2593 - 2602 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106815350B (en) | Dynamic ciphertext multi-keyword fuzzy search method in cloud environment | |
| US11144663B2 (en) | Method and system for search pattern oblivious dynamic symmetric searchable encryption | |
| US10554385B2 (en) | Method for providing encrypted data in a database and method for searching on encrypted data | |
| US10489604B2 (en) | Searchable encryption processing system and searchable encryption processing method | |
| WO2024077948A1 (en) | Private query method, apparatus and system, and storage medium | |
| US8225107B2 (en) | Methods of storing and retrieving data in/from external server | |
| CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
| US10095719B2 (en) | Method and system to perform secure Boolean search over encrypted documents | |
| US20150270958A1 (en) | Decryptable index generation method for range search, search method, and decryption method | |
| EP2951945B1 (en) | Method and system for providing encrypted data for searching of information therein and a method and system for searching of information on encrypted data | |
| JP5348337B2 (en) | Encrypted database management system, client and server, natural join method and program | |
| EP3217293B1 (en) | Method for retrieving encrypted graph, system for retrieving encrypted graph, and computer | |
| WO2019090841A1 (en) | Encrypted file retrieval method and system, terminal device and storage medium | |
| CN110263570B (en) | Gene data desensitization method for realizing efficient similarity query and access control | |
| EP3264314B1 (en) | System and method for searching over encrypted data | |
| Rane et al. | Multi-user multi-keyword privacy preserving ranked based search over encrypted cloud data | |
| CN117223002A (en) | Encrypted information retrieval | |
| CN115098649A (en) | Keyword search method and system based on double-key accidental pseudorandom function | |
| Mittal et al. | Privacy preserving synonym based fuzzy multi-keyword ranked search over encrypted cloud data | |
| Zhang et al. | A verifiable and dynamic multi-keyword ranked search scheme over encrypted cloud data with accuracy improvement | |
| CN116821056A (en) | Trusted third party-based hidden query method, system, device and storage medium | |
| CN112948890A (en) | Fully homomorphic encryption retrieval method and system | |
| US20230006813A1 (en) | Encrypted information retrieval | |
| JP7217844B1 (en) | CONFIDENTIAL SEARCH SYSTEM AND CONFIDENTIAL SEARCH METHOD | |
| KR101264286B1 (en) | System and method for database encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210611 |
|
| WW01 | Invention patent application withdrawn after publication |