CN113067694B

CN113067694B - Method, device and equipment for comparing safety of two parties in communication optimization

Info

Publication number: CN113067694B
Application number: CN202110350705.6A
Authority: CN
Inventors: 贾晓玮
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2021-03-31
Filing date: 2021-03-31
Publication date: 2022-08-26
Anticipated expiration: 2041-03-31
Also published as: CN113067694A

Abstract

The embodiment of the specification discloses a method, a device and equipment for comparing security of two parties in communication optimization. The scheme comprises the following steps: dividing a first value of a first party and a second value of a second party into a plurality of digital segments; the first party determines an assumed first size relation between the digital segment of the first numerical value and the digital segment corresponding to the second numerical value; the first party compares the digital segment with the value in the corresponding value-taking range, encrypts the comparison result and sends the ciphertext information to the second party; the second party takes the corresponding digit section in the second numerical value as selection information, and a second size relation is obtained through careless transmission selection; the first party and the second party carry out combination and comparison recursively according to the first magnitude relation and the second magnitude relation and the direction of reducing the digital segments to the first numerical value and the second numerical value, and a first comparison result and a second comparison result are obtained; and determining the magnitude relation between the first numerical value and the second numerical value according to the first comparison result and the second comparison result.

Description

Method, device and equipment for comparing safety of two parties in communication optimization

Technical Field

The present disclosure relates to the field of information security technologies, and in particular, to a method, an apparatus, and a device for comparing security of two parties in communication optimization.

Background

With the development of science and technology, the circulation and interaction of data become more and more extensive, and the security and privacy of data also become more and more important.

At present, when two parties not mutually trusted compare data without a trusted third party, the two parties generally calculate a function together through a garbled circuit and ensure that the input parties of the functions are unknown so as to obtain a comparison result, in order to make the two parties not mutually trusted not to know the size of data held by the parties.

Based on this, a scheme capable of optimizing the communication transmission amount in the comparison process and improving the comparison security is also required.

Disclosure of Invention

One or more embodiments of the present disclosure provide a method, an apparatus, a device, and a storage medium for comparing security of two parties in communication optimization, so as to solve the following technical problems: there is a need for a scheme that can optimize the amount of communication traffic in the comparison process and improve the security of the comparison.

To solve the above technical problems, one or more embodiments of the present specification are implemented as follows:

one or more embodiments of the present specification provide a method for comparing security of two parties for communication optimization, including:

dividing a first numerical value of a first party and a second numerical value of a second party to be compared into a plurality of digital segments respectively;

the first party determines an assumed first size relationship between the digital segment and a corresponding digital segment in the second numerical value for the plurality of digital segments in the first numerical value;

the first party compares the digital segment with the value in the corresponding value-taking range, encrypts the comparison result according to the first size relation to obtain ciphertext information and sends the ciphertext information to the second party;

the second party takes the digit section corresponding to the digit section in the second numerical value as selection information, the selection is carried out in the ciphertext information through the careless transmission, and a second size relation is obtained through the selection;

the first party recursively performs combination comparison according to the first magnitude relation and the direction of reducing the digital segments to the first numerical value by combining the digital segments step by step to obtain a first comparison result, and the second party recursively performs combination comparison according to the second magnitude relation and the direction of reducing the digital segments to the second numerical value by combining the digital segments step by step to obtain a second comparison result;

and determining the magnitude relation between the first numerical value and the second numerical value according to the first comparison result and the second comparison result.

One or more embodiments of the present specification provide a two-party security comparison apparatus for communication optimization, including:

the dividing module is used for dividing a first numerical value of a first party and a second numerical value of a second party to be compared into a plurality of digital segments;

a first magnitude relationship determining module, configured to determine, by the first party, for the plurality of digit segments in the first numerical value, an assumed first magnitude relationship between the digit segment and a corresponding digit segment in the second numerical value;

the encryption sending module is used for comparing the digital section with the value in the corresponding value-taking range by the first party, encrypting the comparison result according to the first size relation to obtain ciphertext information and sending the ciphertext information to the second party;

a second size relationship determining module, configured to select, by the second party, a digit segment corresponding to the digit segment in the second numerical value as selection information, in the ciphertext information through inadvertent transmission, and obtain a second size relationship through the selection;

a recursive combination module, wherein the first party recursively combines and compares according to the first magnitude relation and the direction of stepwise combination from the digit segments to restore to the first numerical value to obtain a first comparison result, and the second party recursively combines and compares according to the second magnitude relation and the direction of stepwise combination from the digit segments to restore to the second numerical value to obtain a second comparison result;

and the comparison determining module is used for determining the magnitude relation between the first numerical value and the second numerical value according to the first comparison result and the second comparison result.

One or more embodiments of the present specification provide a two-party security comparison device for communication optimization, including:

at least one processor; and the number of the first and second groups,

a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores instructions executable by the at least one processor to cause the at least one processor to:

the first party recursively performs combination comparison according to the first magnitude relation in a direction from the digit sections to the first numerical value for restoration, and the second party recursively performs combination comparison according to the second magnitude relation in a direction from the digit sections to the second numerical value for restoration, to obtain a second comparison result;

One or more embodiments of the present specification provide a non-transitory computer storage medium storing computer-executable instructions configured to:

At least one technical scheme adopted by one or more embodiments of the specification can achieve the following beneficial effects: the first numerical value and the second numerical value to be compared are divided into a plurality of digital segments respectively, and are recursively compared and combined to obtain the magnitude relation between the first numerical value and the second numerical value. The method avoids the adoption of a method of a confusion circuit, can realize the safe comparison of the two numerical values only through the careless transmission, has smaller transmission communication traffic in the comparison process, and is beneficial to reducing the calculation complexity and improving the calculation efficiency. And, when dividing the digital segment, can confirm the length of the digital segment freely, does not need to limit to the single bit Boolean circuit in the garbled circuit, have strengthened the flexibility.

Drawings

In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.

Fig. 1 is a schematic flowchart of a method for comparing security of two parties for communication optimization according to one or more embodiments of the present disclosure;

FIG. 2 is a schematic diagram illustrating a binary comparison principle provided in one or more embodiments of the present disclosure;

FIG. 3 is a schematic diagram of a tree structure provided in one or more embodiments of the present disclosure;

FIG. 4 is a schematic diagram of a recursive merge comparison scheme according to one or more embodiments of the present disclosure;

fig. 5 is a schematic structural diagram of a communication-optimized two-party security comparison apparatus according to one or more embodiments of the present disclosure;

fig. 6 is a schematic structural diagram of a two-party security comparison device for communication optimization according to one or more embodiments of the present disclosure.

Detailed Description

The embodiment of the specification provides a method, a device, equipment and a storage medium for comparing security of two parties in communication optimization.

In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any inventive step based on the embodiments of the present disclosure, shall fall within the scope of protection of the present disclosure.

In one or more embodiments of the present description, two numerical values to be compared are respectively divided into a plurality of numerical segments, and the numerical segments are compared and combined up step by step until a comparison result of the two numerical values is obtained, and by means of encryption processing and inadvertent transmission, the two parties do not know the specific size of the numerical segment of the other party and only know the size relationship between the corresponding numerical segments, thereby implementing secure comparison. The following is a detailed description based on such a concept.

Fig. 1 is a schematic flowchart of a method for comparing security of two parties for communication optimization according to one or more embodiments of the present disclosure. The method can be applied to different business fields, such as the field of internet financial business, the field of electric business, the field of wind control business and the like. The process can be executed by computing equipment in the corresponding field (for example, a wind control server or an intelligent mobile terminal corresponding to the payment service, and the like), and some input parameters or intermediate results in the process allow manual intervention and adjustment to help improve the accuracy.

The process in fig. 1 may include the following steps:

s102: the first value of the first party and the second value of the second party to be compared are divided into a plurality of digit sections.

In one or more embodiments of the present description, the first and second numerical values may be represented in any form, such as decimal, binary, and the like. For comparison, in practical applications, the bit lengths of the first and second values can be respectively complemented to the preset bit length by presetting a bit length long enough, so that the complemented bits of the first and second values are equal. When dividing, the first and second values are divided into a plurality of equal number of digit segments with the same digit segment length.

S104: the first party determines, for the plurality of digit segments in the first value, an assumed first size relationship between the digit segment and a corresponding digit segment in the second value.

In the process of comparing the first numerical value and the second numerical value, the two parties finally determine the size between the two numerical values through the comparison between the corresponding numerical segments. In steps S104 to S106, the first party needs to perform the same operation for the divided digital segments. For ease of understanding, the following description is made in detail with reference to a digital section.

The first party determines a first magnitude relationship between the digit field in the first value and a corresponding digit field in the second value by assuming. Specifically, the first party may determine the assumed first size relationship by specifying a fixed value, randomly generating, or the like.

S106: and the first party compares the digital segment with the value in the corresponding value-taking range, encrypts the comparison result according to the first size relationship to obtain ciphertext information and sends the ciphertext information to the second party.

In order not to expose the specific size of the digit field in the first value to the second party, the first party compares with the second party by a specified intermediate number.

Specifically, the first party may determine the value in its corresponding range of desirable values as the intermediate number based on the digit segment. The first party compares the digital segment with the intermediate number. And in order to prevent the second party from knowing the specific size of the digital segment through the comparison between the digital segment and the intermediate number, the first party can encrypt the comparison result through the first size relationship to obtain the ciphertext information, and then send the ciphertext information to the second party.

In this way, the ciphertext message received by the second party includes the size information of the digital segment of the first party, but the second party cannot clearly know the specific size of the digital segment of the first party, so that the secure comparison between the first party and the second party can be realized.

S108: and the second party takes the digit section corresponding to the digit section in the second numerical value as selection information, selects the digit section in the ciphertext information through careless transmission, and obtains a second size relation through the selection.

And after receiving the ciphertext information sent by the first party, the second party selects the digit section corresponding to the digit section of the first party in the second numerical value as selection information through inadvertent transmission, and determines a second size relationship between the digit section in the first numerical value and the corresponding digit section in the second numerical value according to a selection result. The process of selecting by the second party according to the selection information and the accidental transmission is the same as the existing accidental transmission principle, and the description of the present specification is omitted.

S110: and the second party recursively performs combination comparison according to the second magnitude relation and according to the direction of reducing the digital segments from the digital segments to the second value, so as to obtain a second comparison result.

The first party recursively combines and compares the plurality of digit segments in the direction from the digit segments being combined step by step to restore to the first value according to the first magnitude relationship between the digit segments in the first value and the corresponding digit segments in the second value determined in step S104 to obtain a first comparison result. Since the first party is the first magnitude relationship determined by the assumption, the first comparison result is a result obtained based on the assumption and does not represent a true magnitude relationship between the first value and the second value.

The second party recursively combines and compares the plurality of digit segments in the direction from the step-by-step combination of the digit segments to the restoration of the second value according to the second magnitude relationship between the digit segment in the first value and the corresponding digit segment in the second value determined in step S108, to obtain a second comparison result. Since the second party is the second magnitude relationship determined by the selection in the inadvertent transmission, the selected ciphertext information cannot truly represent the magnitude relationship between the two values, and therefore, the second comparison result cannot represent the true magnitude relationship between the first value and the second value.

S112: and determining the magnitude relation between the first numerical value and the second numerical value according to the first comparison result and the second comparison result.

Because the first party and the second party compare the digit sections by using the intermediate numbers, the magnitude relation between the digit section of the first numerical value and the intermediate number and the magnitude relation between the digit section of the second numerical value and the intermediate number can be indirectly compared to obtain the magnitude relation between the digit section of the first numerical value and the digit section of the second numerical value.

Therefore, in order to obtain the magnitude relation between the first numerical value and the second numerical value, the first party and the second party can obtain the magnitude relation between the first numerical value and the second numerical value by combining according to the obtained first comparison result and the second comparison result.

The present specification divides the first and second numerical values to be compared into a plurality of digital segments, and recursively compares and combines the first and second numerical values to obtain a magnitude relationship therebetween. The method avoids the adoption of a method of a confusion circuit, can realize the safe comparison of the two numerical values only through the careless transmission, has smaller transmission communication traffic in the comparison process, and is beneficial to reducing the calculation complexity and improving the calculation efficiency. And, when dividing the digital segment, can determine the length of the digital segment freely, does not need to be limited to the single bit Boolean circuit in the garbled circuit, have strengthened the flexibility.

Based on the process of fig. 1, some specific embodiments and embodiments of the process are also provided in the present specification, and the description is continued below.

In one or more embodiments of the present disclosure, when determining a first size relationship between a digit segment in a first numerical value and a corresponding digit segment in a second numerical value, a first party may randomly generate a first character and a second character corresponding to the digit segment according to a preset character pair. The first party can specifically assume whether the relationship between the digit section and the corresponding digit section in the second numerical value is smaller than the relationship through the first character (the first party can be considered to be in a secret sharing state, and a true and correct relationship can be finally restored through subsequent processing); whether the digit section is equal to the corresponding digit section of the second numerical value is assumed by the second character. The first size relationship corresponding to the digit segment in the first numerical value is represented by two information, namely the first character and the second character. For example, the preset character pair may be a "0, 1" character pair, with "0" indicating no and "1" indicating yes. By determining the first magnitude relationship in a randomly generated form, uncertainty can be increased, thereby enhancing privacy of the first value and preventing the second party from being likely to know the specific magnitude of the first value given a fixed value.

Further, when comparing the digital segment with the intermediate number, the first party may traverse the values in the range of values that can be taken corresponding to the digital segment, and use all the values obtained by the traversal as the intermediate number. And then, the first party respectively compares the digit section with the values obtained by traversal to obtain multiple groups of comparison results corresponding to the number of the intermediate numbers. And then, the first party encrypts the multiple groups of comparison results respectively according to the first size relationship to obtain corresponding multiple groups of ciphertext information. The range of values that can be taken by the digit section is determined by the number of digits and the representation form of the digit section. For example, if the digit segment is in decimal form and has 2 digits, the corresponding range of the possible values is 0 to 99. By traversing the range of values that can be taken, the size of the digital segment can be unambiguously determined by comparison of the intermediate number with the digital segment, in order to facilitate subsequent indirect comparison of the size of the digital segment of the first party with the digital segment of the second party.

Furthermore, since the first size relationship is represented by the two information of the first character and the second character, when the first party encrypts the comparison result through the first size relationship, the comparison result can be processed through the first character and the second character respectively.

Specifically, the first party performs xor processing according to whether the value (i.e., the intermediate number) in the digital segment and the retrievable value range is smaller than the relationship, and the first character, to obtain the first ciphertext information. And the first party carries out XOR processing according to whether the value in the digital section and the value range is equal to the relation or not and the second character to obtain second ciphertext information.

In one or more embodiments of the present specification, the second party receives the first ciphertext information and the second ciphertext information sent by the first party, respectively. And the second party takes the digit section corresponding to the digit section in the first numerical value in the second numerical value as selection information, selects the digit section in the first ciphertext information through inadvertent transmission, and uses the information obtained through selection to judge whether the digit section in the first numerical value and the corresponding digit section in the second numerical value are in a smaller relation or not.

And, the second party selects in the second ciphertext message by transmitting inadvertently according to the same selection information described above in this embodiment, and the information obtained by the selection is used to determine whether the digit section in the first value and the corresponding digit section in the second value are in an equal relationship.

Thus, the second party can determine a second size relationship between the digit field in the first value and a corresponding digit field of the second value by the two inadvertent transmissions and selections. Meanwhile, because the selection information adopted in the two times of careless transmission is the same, the second party can replace the two times of careless transmission by one time of careless transmission so as to reduce the communication traffic and improve the calculation efficiency.

In one or more embodiments of the present disclosure, the first party may determine a tree structure composed of a plurality of digit segments as leaf nodes, a plurality of digit segments as branch nodes, and a first numerical value as root nodes according to a direction from the digit segments to be merged step by step to be restored to the first numerical value. Then, when comparing, the first party compares from the high-order digit segment to the low-order digit segment in the leaf node according to the first size relationship, recursively combines, and gets the branch node step by step upwards until getting the root node (i.e. the first value), thereby determining the first comparison result. Wherein the first comparison result is a magnitude relationship between the first value and the second value based on the assumption by the first party.

Similarly, the second party may determine a tree structure composed of the digit segments and the second numerical values by a method similar to that of the first party, and perform recursive combination comparison to obtain a second comparison result. Wherein the second comparison result is a magnitude relationship between the first value and the second value derived by the second party based on the information selected by the inadvertent transmission.

By adopting the tree structure, the comparison process of the digital sections in the first numerical value and the second numerical value is executed, the calculation times in the comparison process can be optimized, the calculation amount is reduced, and the calculation efficiency is improved.

Further, the first party compares the upper digit sections of the leaf nodes to the lower digit sections according to the first size relationship in the specific process of performing recursive combination comparison. And the first party starts from a high position, combines the size relations according to the size relations respectively corresponding to the two adjacent child nodes to obtain the size relation corresponding to the father node, and gradually upwards until the obtained father node is the root node, and then completes the combination. Finally, the first party can determine a first comparison result according to the size relationship corresponding to the root node.

Specifically, in the merging comparison process, if the size relationship corresponding to the higher child node in the two adjacent child nodes is smaller than or larger than the size relationship corresponding to the lower child node, it is not necessary to compare the size relationship corresponding to the lower child node, and it is possible to obtain that the size relationship corresponding to the parent node is correspondingly smaller than or larger than the size relationship corresponding to the higher child node. Or, if the size relationship corresponding to the higher-order child node in the two adjacent child nodes is equal to the size relationship corresponding to the lower-order child node, and the size relationship corresponding to the lower-order child node is smaller or larger than the size relationship corresponding to the parent node, it can also be obtained that the size relationship corresponding to the parent node is smaller or larger than the size relationship corresponding to the parent node. And if the corresponding size relationships of the two adjacent child nodes are equal, the corresponding size relationship of the parent node is equal.

Similarly, the second party may use a principle similar to that of the first party to obtain the second comparison result.

Furthermore, in order to obtain the true magnitude relationship between the first numerical value and the second numerical value, the first comparison result obtained by the first party and the second comparison result obtained by the second party are subjected to exclusive or processing, so that the influence of the ciphertext information obtained by exclusive or can be reversely counteracted. The true magnitude relationship between the first value and said second value may be determined based on the result of the xor processing.

In addition, when dividing the digit segment, a plurality of candidate digit segment lengths can be determined according to the lengths of the first numerical value and the second numerical value. And then determining the corresponding traffic size when the first numerical value and the second numerical value are divided according to the lengths of the plurality of candidate numerical bit sections. Based on the obtained traffic volume, an optimized bit segment length corresponding to the partition method with a small traffic volume can be selected from the plurality of candidate bit segment lengths as a standard bit segment length. Therefore, the communication traffic can be reduced, the calculation amount can be reduced, and the calculation efficiency can be improved.

Further, since the lengths of the first numerical value and the second numerical value are variable, the obtained standard digital segment length is not necessarily divisible by the first numerical value and the second numerical value. Therefore, when the division is performed, a plurality of standard digit sections having the same length as the standard digit section and one free digit section can be obtained by dividing the standard digit section from the upper bits of the first numerical value and the second numerical value, respectively, according to the length of the standard digit section. The free digit section may or may not be the same length as the standard digit section. Therefore, the flexibility of dividing the digital section is increased, and the method has stronger adaptability and is beneficial to comparison of numerical values with various lengths.

In conjunction with the foregoing description, one or more embodiments of the present disclosure provide a detailed flow of the method of fig. 1 in an application scenario, in which some of the foregoing alternatives are used. For convenience of description, the flow takes the first value and the second value as binary format as an example for description.

The process specifically comprises the following steps:

firstly, determining the digit length of the first numerical value and the second numerical value after complement as l, and dividing the first numerical value and the second numerical value to be compared into q digit sections respectively, wherein the length of the standard digit section is m, the length of the former q-1 section is m, and the length of the last section is r, wherein r and m may be equal or unequal. This can be expressed as l ═ q-1 × m + r.

Depending on the division, the first numerical value may be represented as x ═ x _q-1 ||…||x ₀ And expressing the second numerical value as y ═ y _q-1 ||…||y ₀ 。

Second, a q-bit segment in the first value is represented by j ═ {0,1, …, q-1 }. The first party randomly generates a first character corresponding to the digit section according to a preset character pair {0,1} aiming at q digit sections in the first numerical value

And a second character

Specifically can be prepared by

Where $ denotes random, B denotes boolean secret sharing state, and the subscript 0 of the tip bracket denotes the first party.

Thirdly, the first party determines the corresponding range of the desirable value 0-2 according to the length m of the digital segment ^m -1 and traversing the values therein to obtain an intermediate number k ═ {0,1, …, M-1}, where M ═ 2 ^m 。

The digital segment x _j And comparing the intermediate numbers with a plurality of intermediate numbers k respectively to obtain a plurality of groups of comparison results.

A comparison result 1{ x } according to whether the digit section and the intermediate number are less than the relationship _j <k, and the first character

Performing XOR processing to obtain multiple first ciphertext information

Wherein x is _j <k is then 1{ x _j <k is 1, otherwise 1{ x _j <k is 0. It can be seen that the first ciphertext message includes information associated with a bit segment of the first value that is less than a bit segment of the first value.

A comparison result 1{ x } according to whether the digit section and the intermediate number are equal to each other _j K, and a second character

Performing XOR processing to obtain multiple second ciphertext information

Wherein x is _j K then 1{ x ═ k _j K is 1, otherwise 1{ x } _j K is 0. It can be seen that the second ciphertext message includes information associated with an equality that exists between the digit segment and the intermediate number in the first value.

And sending the obtained first ciphertext information and the second ciphertext information to a second party. Each k corresponds to a first ciphertext message and a second ciphertext message, and the first party transmits k groups of ciphertext messages.

Fourthly, after the second party receives the first ciphertext information sent by the first party, the second numerical value is matched with the digital segment x _j Corresponding digit section y _j As selection information, selection is made among a plurality of first ciphertext information by inadvertent transmission, and the information obtained by the selection is recorded as

As part of the secret sharing content, if combined

The digital segment x can be determined _j And the corresponding digit section y in the second value _j Whether there is a less than relationship between. Wherein the subscript 1 of the angle brackets represents the second party.

Similarly, after receiving the second ciphertext message sent by the first party, the second party also uses the digit segment y in the second value _j As selection information, the selection is made among the plurality of second ciphertext information by being transmitted unintentionally, and the information obtained by the selection is recorded as

As part of the secretly shared content, if combined

The digital segment x can be determined _j And the corresponding digit section y in the second value _j Whether there is an equal relationship between them.

Fifthly, as shown in fig. 2, when two equal-length digit segments x, y are larger, the digit segment x is divided into two sub-digit segments x ₁ ,x ₀ When comparing, the first (i.e. higher) sub-digit segment x is compared ₁ If equal, then compare the second (i.e., lower) sub-digital segment x ₀ May be compared to obtain the size between the two digit segments. Based on the thought, in order to facilitate implementation and improve processing efficiency, the specification further provides a simplified formula obtained by summarizing and transforming the thought, and the simplified formula can be specifically expressed as

By performing recursive calculations based on this formula, the final comparison result can be obtained more efficiently.

In a specific embodiment, the first party may divide the first value in two halves. As shown in FIG. 3, determining that the first value is log is performed based on dividing the first value into q segments ₂ q divisions, representing the digital segment of the first layer (i.e., the first value) as

After a segmentation, two digital segments of the second layer are obtained, respectively denoted as

By analogy, the digital segment obtained by dividing the bottommost layer can be obtained and is represented as

Wherein the first subscript of x indicates the number of layers the digit section is in, and the second subscript indicates that the digit section is the number of sections at the current layer.

The first party may determine a tree structure composed of a plurality of digital segments at the bottom layer in fig. 3 as leaf nodes, a plurality of digital segments at the middle layer in fig. 3 as branch nodes, and a first numerical value at the first layer in fig. 3 as a root node, according to a direction from the digital segments to the first numerical value by combining up step by step.

Based on the above principle, as shown in fig. 4, in the comparison process, the first party compares the higher order digit segment of the leaf node with the lower order digit segment according to the first magnitude relation. And the first party combines the size relations corresponding to the parent nodes according to the size relations corresponding to the two adjacent child nodes respectively, and gradually upwards until the size relations corresponding to the root nodes are obtained through combination so as to determine a first comparison result.

Specifically, if the size relationship corresponding to the higher child node of the two adjacent child nodes is smaller or larger than the size relationship corresponding to the higher child node, the size relationship corresponding to the parent node is smaller or larger than the size relationship corresponding to the higher child node. And if the size relationship corresponding to the higher child node in the two adjacent child nodes is equal to the size relationship corresponding to the lower child node, and the size relationship corresponding to the lower child node is smaller or larger than the size relationship corresponding to the parent node, the size relationship corresponding to the parent node is smaller or larger than the size relationship corresponding to the parent node. Specifically can be prepared by

Is realized by

Wherein, F _AND Presentation AND gate lt _i,j ＝1{x _i,j <y _i,j }，eq _i,j ＝1{x _i,j ＝y _i,j }。

And if the corresponding size relationships of the two adjacent child nodes are equal, the corresponding size relationship of the parent node is equal. Specifically can be prepared by

Is realized by

By recursively combining the calculations, eventually the first party can be calculated

Similarly, the second party compares the higher order digit segments of the leaf nodes to the lower order digit segments according to a second size relationship based on the same calculation principle. And the second party combines the size relations to obtain the size relation corresponding to the parent node according to the size relations respectively corresponding to the two adjacent child nodes, and the size relations are gradually increased until the size relations corresponding to the root node are obtained through combination so as to determine a second comparison result. The specific calculation process may refer to the calculation process of the first party, and is not described herein again. Finally, the second party can calculate

The comparison process only involves logical exclusive or and logical and processing, the comparison result can be obtained safely by switching to the Boolean homomorphism, the communication quantity is small, the calculation quantity is small, and the calculation efficiency can be improved.

Sixthly, the first party and the second party mutually transmit the comparison results obtained by the first party and the second party, the first comparison result obtained by the first party and the second comparison result obtained by the second party are subjected to exclusive-or processing, and the magnitude relation between the first numerical value and the second numerical value can be determined according to the result of the exclusive-or processing. Specifically can be prepared by

And (5) realizing.

Based on the same idea, one or more embodiments of the present specification further provide apparatuses and devices corresponding to the above-described method, as shown in fig. 5 and fig. 6.

Fig. 5 is a schematic structural diagram of a two-party security comparison apparatus for communication optimization according to one or more embodiments of the present disclosure, where the apparatus includes:

a dividing module 502, which divides the first value of the first party and the second value of the second party to be compared into a plurality of digital segments;

a first magnitude relationship determining module 504, wherein the first party determines, for the plurality of digit segments in the first numerical value, an assumed first magnitude relationship between the digit segment and a corresponding digit segment in the second numerical value;

an encryption sending module 506, where the first party compares the digital segment with a value in a corresponding range of a value, encrypts a comparison result according to the first magnitude relationship to obtain ciphertext information, and sends the ciphertext information to the second party;

a second size relationship determining module 508, where the second party selects a digit segment corresponding to the digit segment in the second numerical value as selection information, and performs selection in the ciphertext information through inadvertent transmission, so as to obtain a second size relationship through the selection;

a recursive combination module 510, wherein the first party recursively performs combination and comparison according to the first magnitude relationship in a direction from the digital segments to the first numerical value for restoration, and the second party recursively performs combination and comparison according to the second magnitude relationship in a direction from the digital segments to the second numerical value for restoration, to obtain a second comparison result;

the comparison determining module 512 determines a magnitude relationship between the first value and the second value according to the first comparison result and the second comparison result.

Optionally, in the first magnitude relationship determining module 504, the first party randomly generates, according to a preset character pair, a first character and a second character corresponding to the digit segment for the plurality of digit segments in the first numerical value; through the first character, whether the digit section and the corresponding digit section in the second numerical value are smaller or not is assumed; and through the second character, whether the digit section and the corresponding digit section in the second numerical value are in an equal relation or not is assumed.

Optionally, the encryption sending module 506, where the first party traverses values in the range of the desirable value corresponding to the digital segment; and respectively comparing the digital segment with the values obtained by traversal to obtain a plurality of groups of comparison results so as to obtain a plurality of groups of ciphertext information according to the plurality of groups of comparison results.

Optionally, the encryption sending module 506 performs xor processing according to whether the value in the digital segment and the range of the retrievable value is smaller than the relationship, and the first character, to obtain first ciphertext information; and performing XOR processing according to the relation between the digital segment and the value in the range of the retrievable value and the second character to obtain second ciphertext information.

Optionally, the second party receives the first ciphertext information and the second ciphertext information sent by the first party, respectively, by the second size relationship determining module 508; selecting a digit section corresponding to the digit section in the second numerical value as selection information in the first ciphertext information through careless transmission, and obtaining whether the relation between the digit section and the corresponding digit section in the second numerical value is smaller than or not through the selection; and according to the selection information, selecting in the second ciphertext information through careless transmission, and obtaining whether the digital section is equal to the corresponding digital section in the second numerical value or not through the selection.

Optionally, the recursive merging module 510 determines, by the first party, a tree structure composed of a plurality of digital segments as leaf nodes, a plurality of digital segments as branch nodes, and a first numerical value as root nodes according to a direction from the digital segments to the first numerical value by step merging; and comparing the high-order digit sections in the leaf nodes to the low-order digit sections according to the first size relation, recursively combining to obtain the branch nodes until the root node, and determining a first comparison result.

Optionally, the recursive merging module 510 compares the upper digit segment of the leaf node to the lower digit segment according to the first size relationship; according to the size relationship corresponding to each of two adjacent child nodes, combining step by step to obtain the size relationship corresponding to a parent node until the parent node is a root node, and determining a first comparison result according to the size relationship corresponding to the root node; if the size relationship corresponding to the higher child node in the two adjacent child nodes is smaller or larger than the size relationship corresponding to the parent node, the size relationship corresponding to the parent node is smaller or larger than the size relationship corresponding to the parent node; if the size relationship corresponding to the higher-order child node in the two adjacent child nodes is equal to the size relationship corresponding to the lower-order child node, and the size relationship corresponding to the lower-order child node is smaller than or larger than the size relationship corresponding to the parent node, the size relationship corresponding to the parent node is smaller than or larger than the size relationship corresponding to the parent node; and if the corresponding size relationships of the two adjacent child nodes are equal, the corresponding size relationship of the parent node is equal.

Optionally, the comparison determining module 512 performs an exclusive or process on the first comparison result obtained by the first party and the second comparison result obtained by the second party; and determining the magnitude relation between the first numerical value and the second numerical value according to the result of the exclusive-or processing.

Optionally, the dividing module 502 determines a plurality of candidate bit lengths; determining the corresponding traffic size when the first numerical value and the second numerical value are divided according to the lengths of the candidate digit sections; according to the traffic size, selecting an optimized digit segment length from the candidate digit segment lengths as a standard digit segment length; and dividing the standard digit section into a plurality of standard digit sections with the same length as the standard digit section and a free digit section from the high order of the first numerical value and the second numerical value respectively according to the length of the standard digit sections.

Fig. 6 is a schematic structural diagram of a two-party security comparison device for communication optimization according to one or more embodiments of the present specification, where the device includes:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the at least one processor to:

the second party takes the digit section corresponding to the digit section in the second numerical value as selection information, selects the digit section in the ciphertext information through careless transmission, and obtains a second size relation through the selection;

The processor and the memory may communicate via a bus, and the device may further include an input/output interface for communicating with other devices.

Based on the same idea, one or more embodiments of the present specification further provide a non-volatile computer storage medium corresponding to the method, storing computer-executable instructions configured to:

In the 90's of the 20 th century, improvements to a technology could clearly distinguish between improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements to process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD) (e.g., a Field Programmable Gate Array (FPGA)) is an integrated circuit whose Logic functions are determined by a user programming the Device. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in purely computer readable program code means, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be conceived to be both a software module implementing the method and a structure within a hardware component.

The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more pieces of software and/or hardware in the practice of this description.

As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.

The description has been presented with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the description. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

This description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the embodiments of the apparatus, the device, and the nonvolatile computer storage medium, since they are substantially similar to the embodiments of the method, the description is simple, and for the relevant points, reference may be made to the partial description of the embodiments of the method.

The foregoing description of specific embodiments has been presented for purposes of illustration and description. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

The above description is merely one or more embodiments of the present disclosure and is not intended to limit the present disclosure. Various modifications and alterations to one or more embodiments of the present description will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement or the like made within the spirit and principle of one or more embodiments of the present specification should be included in the scope of the claims of the present specification.

Claims

1. A method for comparing the safety of two parties in communication optimization comprises the following steps:

the first party determines, for the plurality of digit segments in the first numerical value, an assumed first size relationship between the digit segment and a corresponding digit segment in the second numerical value, and specifically includes: the first party randomly generates a first character and a second character corresponding to the digit section according to a preset character pair aiming at the plurality of digit sections in the first numerical value, and assumes whether the corresponding digit sections in the digit section and the second numerical value are smaller than or equal to each other through the first character and the second character;

the first party compares the digital segment with the value in the corresponding value-taking range, encrypts the comparison result through the first size relationship to obtain ciphertext information and sends the ciphertext information to the second party, wherein the ciphertext information is obtained by carrying out XOR processing on the first size relationship, the first character and the second character;

the second party selects a digit segment corresponding to the digit segment in the second numerical value as selection information through careless transmission, and the information obtained through the selection is used for determining a second size relationship, wherein the second size relationship comprises: whether the digital section and the corresponding digital section in the second numerical value are in a smaller relation or not and whether the digital section and the corresponding digital section in the second numerical value are in a equal relation or not;

2. The method of claim 1, wherein said first party compares said digital segment to values in its corresponding range of desirable values, and further comprising:

the first party traverses the values in the range of the available values corresponding to the digital segment;

and respectively comparing the digital segment with the values obtained by traversal to obtain a plurality of groups of comparison results so as to obtain a plurality of groups of ciphertext information according to the plurality of groups of comparison results.

3. The method according to claim 2, wherein the encrypting the comparison result according to the first size relationship to obtain ciphertext information specifically includes:

performing XOR processing according to whether the value in the digital section and the value-acquirable range is smaller than the relation and the first character to obtain first ciphertext information;

and performing XOR processing according to the relation between the digital segment and the value in the range of the retrievable value and the second character to obtain second ciphertext information.

4. The method according to claim 3, wherein the second party selects, by taking a digit segment corresponding to the digit segment in the second numerical value as selection information, the ciphertext information through inadvertent transmission, and obtains a second size relationship through the selection, specifically including:

the second party respectively receives the first ciphertext information and the second ciphertext information sent by the first party;

selecting a digit section corresponding to the digit section in the second numerical value as selection information in the first ciphertext information through inadvertent transmission, and obtaining whether the relation between the digit section and the corresponding digit section in the second numerical value is smaller than the relation through the selection;

and according to the selection information, selecting in the second ciphertext information through careless transmission, and obtaining whether the digital section is equal to the corresponding digital section in the second numerical value or not through the selection.

5. The method of claim 1, wherein the first party recursively performs the combining and comparing according to the first magnitude relationship and in a direction of progressively combining from the digit segments to restore to the first value to obtain a first comparison result, and specifically comprises:

the first party determines a tree structure which is composed of a plurality of digit sections as leaf nodes, a plurality of digit sections combined as branch nodes and a first numerical value as root nodes according to the direction of reducing the first numerical value from the digit sections combined step by step;

and comparing the high-order digit sections in the leaf nodes to the low-order digit sections according to the first size relation, recursively combining to obtain the branch nodes until the root node, and determining a first comparison result.

6. The method according to claim 5, wherein the comparing the high-order digit segments of the leaf nodes to the low-order digit segments according to the first size relationship, and recursively combining the leaf nodes to obtain the branch nodes until the root node to determine a first comparison result, specifically includes:

comparing from a higher order digit segment to a lower order digit segment in the leaf node according to the first magnitude relationship;

according to the size relationship corresponding to each of two adjacent child nodes, combining step by step to obtain the size relationship corresponding to a parent node until the parent node is a root node, and determining a first comparison result according to the size relationship corresponding to the root node;

if the size relationship corresponding to the higher-order child node in the two adjacent child nodes is smaller or larger than the size relationship corresponding to the parent node, the size relationship corresponding to the parent node is smaller or larger than the size relationship corresponding to the higher-order child node;

if the size relationship corresponding to the higher-order child node in the two adjacent child nodes is equal to the size relationship corresponding to the lower-order child node, and the size relationship corresponding to the lower-order child node is smaller than or larger than the size relationship corresponding to the parent node, the size relationship corresponding to the parent node is smaller than or larger than the size relationship corresponding to the parent node;

and if the corresponding size relationships of the two adjacent child nodes are equal, the corresponding size relationship of the parent node is equal.

7. The method according to claim 3, wherein the determining the magnitude relationship between the first numerical value and the second numerical value according to the first comparison result and the second comparison result specifically comprises:

performing exclusive or processing on the first comparison result obtained by the first party and the second comparison result obtained by the second party;

and determining the magnitude relation between the first numerical value and the second numerical value according to the result of the exclusive-or processing.

8. The method according to claim 1, wherein the dividing the first value of the first party and the second value of the second party to be compared into a plurality of digital segments respectively comprises:

determining a plurality of candidate bit segment lengths;

determining the corresponding traffic size when the first numerical value and the second numerical value are divided according to the lengths of the candidate digit sections;

according to the traffic size, selecting an optimized digit segment length from the candidate digit segment lengths as a standard digit segment length;

and dividing the standard digit section into a plurality of standard digit sections with the same length as the standard digit section and a free digit section from the high order of the first numerical value and the second numerical value respectively according to the length of the standard digit sections.

9. A two-party security comparison device for communication optimization comprises:

a first size relationship determining module, where the first party determines, for the plurality of digit segments in the first numerical value, an assumed first size relationship between the digit segment and a corresponding digit segment in the second numerical value, and specifically includes: the first party randomly generates a first character and a second character corresponding to the digit section according to a preset character pair aiming at the plurality of digit sections in the first numerical value, and assumes whether the corresponding digit sections in the digit section and the second numerical value are smaller than or equal to each other through the first character and the second character;

the encryption sending module is used for comparing the digital section with a value in a corresponding value-taking range by the first party, encrypting a comparison result according to the first size relationship to obtain ciphertext information and sending the ciphertext information to the second party, wherein the ciphertext information is obtained by carrying out XOR processing on the first size relationship, the first character and the second character;

a second size relationship determining module, where the second party selects a digit segment corresponding to the digit segment in the second numerical value as selection information, and selects the digit segment in the ciphertext information through inadvertent transmission, where information obtained through the selection is used to determine a second size relationship, where the second size relationship includes: whether the digital section and the corresponding digital section in the second numerical value are in a smaller relation or not and whether the digital section and the corresponding digital section in the second numerical value are in a equal relation or not;

10. The apparatus of claim 9, the encryption sending module, the first party traversing values in a range of desirable values corresponding to the digital segment;

11. The apparatus according to claim 10, wherein said encryption transmission module performs xor processing according to whether the values in the digital segment and the desirable value range are smaller than each other and the first character to obtain first ciphertext information;

12. The apparatus according to claim 11, wherein the second party receives first ciphertext information and second ciphertext information sent by the first party, respectively;

and according to the selection information, selecting in the second ciphertext information through careless transmission, and obtaining whether the digit section is equal to the corresponding digit section in the second numerical value or not through the selection.

13. The apparatus of claim 9, said recursive combining module, said first party determining a tree structure consisting of said plurality of digit segments as leaf nodes, said plurality of digit segments as branch nodes, and said first numerical value as root nodes according to a direction from said digit segments to said first numerical value;

14. The apparatus of claim 13, said recursive merging module comparing from higher order segments to lower order segments in said leaf nodes according to said first magnitude relationship;

15. The apparatus of claim 11, the comparison determination module to xor the first comparison result obtained by the first party and the second comparison result obtained by the second party;

16. The apparatus of claim 9, said partitioning module to determine a plurality of candidate bit-segment lengths;

determining the corresponding traffic size when the first numerical value and the second numerical value are divided according to the lengths of the plurality of candidate digit segments;

17. A two-party security comparison device for communication optimization, comprising:

at least one processor; and the number of the first and second groups,