CN113141247B - Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium - Google Patents

Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium Download PDF

Info

Publication number
CN113141247B
CN113141247B CN202110448838.7A CN202110448838A CN113141247B CN 113141247 B CN113141247 B CN 113141247B CN 202110448838 A CN202110448838 A CN 202110448838A CN 113141247 B CN113141247 B CN 113141247B
Authority
CN
China
Prior art keywords
elliptic curve
homomorphic encryption
point
ciphertext
homomorphic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110448838.7A
Other languages
Chinese (zh)
Other versions
CN113141247A (en
Inventor
李健
吴重寅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Duhui Information Technology Co ltd
Original Assignee
Chongqing Duhui Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Duhui Information Technology Co ltd filed Critical Chongqing Duhui Information Technology Co ltd
Priority to CN202110448838.7A priority Critical patent/CN113141247B/en
Publication of CN113141247A publication Critical patent/CN113141247A/en
Application granted granted Critical
Publication of CN113141247B publication Critical patent/CN113141247B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

The invention relates to the technical field of information security, in particular to a homomorphic encryption method, a homomorphic encryption device, a homomorphic encryption system and a homomorphic storage medium, wherein the homomorphic encryption method adopts two times points on an elliptic curve to carry out elliptic curve addition to generate a main ciphertext C 2 The double points on the two elliptic curves comprise M times points of the elliptic curve base point G and a public key P B Wherein M is plaintext, k is random number, and the purpose is to put M into the curve to enable the M to meet the addition of the elliptic curve, thereby realizing the homomorphism and having higher security.

Description

Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium
Technical Field
The invention relates to the technical field of information security, in particular to a homomorphic encryption method, a homomorphic encryption device, a homomorphic encryption system and a homomorphic encryption system.
Background
Homomorphic encryption is an encryption scheme for computing ciphertext, and the computed ciphertext can be decrypted to obtain the same result as the result of directly computing the original data. Nowadays, more and more people prefer to store data using public clouds or the internet. However, security is required to ensure its integrity, confidentiality and availability, regardless of any information system. The simplest straightforward way is to encrypt the data before storing it in the database, but if the encrypted data needs to be manipulated or operated on, it is necessary to decrypt the encrypted data. However, the decrypted data is no longer secure. Homomorphic encryption can solve this problem well because it can directly operate on ciphertext without decrypting it into plaintext.
In the existing cryptography field, since the elliptic curve public key cryptography (Elliptic Curve Cryptography, ECC) has a much smaller private key bit length and system parameters than the RSA encryption algorithm (RSA algorithm) under the same security strength, compared with the application of RSA, the application of ECC requires much smaller storage space, requires lower bandwidth for transmission, requires much fewer RSA gates for hardware implementation of the logic circuits of ECC, and consumes lower power consumption. This makes ECC more suitable than RSA for implementation in severely resource constrained devices such as mobile communication devices, wireless communication devices, smart cards, etc. with low power consumption requirements.
The advantage of ECC is that it becomes the public key cryptographic algorithm with the most development potential and application prospect, and a plurality of countries and industry organizations have adopted ECC as the public key cryptographic algorithm standard in the world to 2000. Under the background, the research of ECC of independent intellectual property rights is organized from 2001 in China, and a plurality of encryption algorithms are researched on the basis of absorbing the research results of the existing ECC at home and abroad by applying the public key cipher algorithm design and security analysis theory and method which are accepted by the international cipher community.
However, the existing encryption algorithm does not have homomorphism, but the homomorphism is a homomorphism commonly used in the fields of data aggregation, privacy protection, alliance learning, the internet of things and the like, and is an important property required by homomorphism encryption, so that the application of the existing encryption algorithm in the fields of data aggregation, privacy protection, alliance learning, the internet of things and the like is limited by the homomorphism. In addition, the main ciphertext is generated by performing exclusive or operation on the plaintext and the encrypted public key in the conventional encryption algorithm, so that the complexity of the generated main ciphertext is limited, and the cracking difficulty of the plaintext is limited, so that the security is required to be improved.
Disclosure of Invention
One of the purposes of the present invention is to provide a homomorphic encryption method, which generates a main ciphertext by a brand new method to form an encryption method with higher security and homomorphic property, so as to solve the problem that the existing encryption method does not have homomorphic property.
The basic scheme provided by the invention is as follows: a homomorphic encryption method adopts two times points on elliptic curve to carry out elliptic curve addition to generate main ciphertext C 2 The two times points on the elliptic curve comprise M times points of the elliptic curve base point G and a public key P B Where M is plaintext and k is a random number.
The first basic scheme has the beneficial effects that: c (C) 2 The scheme generates a main ciphertext by a brand new method, and generates the main ciphertext by elliptic curve addition by adopting two times points on an elliptic curveThe two points on the elliptic curve include M times the elliptic curve base point G and the public key P B Wherein M is plaintext and k is a random number, and the purpose is to put M into the curve so that the M meets the addition of the elliptic curve, thereby realizing the homomorphism adding property. Compared with the prior encryption algorithm, the method adopts two times points on the elliptic curve to carry out elliptic curve addition to generate the main ciphertext, wherein the M times points comprise M times points of the elliptic curve base point G, M is placed in the elliptic curve to enable the M to meet the addition of the elliptic curve, the plaintext is encrypted, and then the encrypted ciphertext and the public key after encryption are subjected to elliptic curve addition to generate the main ciphertext, compared with the main ciphertext generated by the prior encryption algorithm, the method is more complex, so the cracking difficulty is higher, and the security is improved.
Further, the main ciphertext C 2 The calculation process of (1) is specifically as follows: c (C) 2 =[M]G+[k]P B
The beneficial effects are that: [ M ]]G and [ k ]]P B M times point of elliptic curve base point G and B user public key P B Is a k times point of (c). [ M ]]The purpose of G is to put M into the curve to make it meet the addition of elliptic curve and realize the property of adding homomorphism.
Further, the main ciphertext C 2 The calculation of (1) further comprises the following contents:
a1: generating a random number k epsilon [1, n-1], wherein n is the order of the elliptic curve base point G;
a2: calculating elliptic curve point C 1 =[k]G=(x 1 ,y 1 ) Wherein [ k ]]G means performing a double point operation, i.e. C 1 =[k]G is a k times point of an elliptic curve base point G;
a3: calculate elliptic curve point s= [ h ]]P B If S is an infinite point, reporting error and exiting, wherein P B A public key that is a decryptor;
a4: calculating elliptic curve points [ k ]]P B =(x 2 ,y 2 );
The main ciphertext C 2 The calculation of (2) further comprises the following contents:
a6: calculation C 3 =Hash(x 2 ||M|| 2 ) Wherein Hash () is a key Hash function;
a7: output ciphertext c= (C 1 ,C 2 ,C 3 )。
Description: the meaning of terms and symbols is referred to in this scheme: x||y: x and y are concatenated, x and y being either bit strings or byte strings.
The beneficial effects are that: the above steps form a complete encryption process, wherein C 2 Performing auxiliary decryption, C 3 The function of (2) is to perform a decryption check. Wherein verification is performed for homomorphism: let ciphertext one be (C) 1 =kG,C 2 =[M 1 ]G+[k]P B ,C 3 ) Ciphertext two is (C 1 ′=k′G,C 2 ′=[M 2 ]G+[k′]P B ,C 3 ′)。C 1 ×C 1 ′=[(k+k′)]G, ciphertext C 1 And C 1 ' is two points on the elliptic curve, for C 1 And C 1 'an addition rule of an elliptic curve is adopted to obtain [ (k+k')]G;C 2 ×C 2 ′=[M 1 +M 2 ]G+[k+k′]P B And C 1 Similarly, ciphertext C 2 And C 2 ' is also two points on the elliptic curve, for C 2 And C 2 ' an addition rule of elliptic curve is adopted to obtain [ M ] 1 +M 2 ]G+[k+k′]P B ;[k+k′]P B =[d B ](C 1 ×C 1 '), due to P B =[d B ]G;[M 1 +M 2 ]G=C 2 ×C 2 ′-[d B ](C 1 ×C 1 ') from [ M 1 +M 2 ]G recovering M 1 +M 2 . Compared with the existing encryption algorithm, the scheme can directly calculate the main ciphertext according to the addition rule of the elliptic curve to directly obtain the addition result of the plurality of ciphertexts, and then decrypt to obtain the addition result of the plurality of plain texts, wherein the data in each plain text is unknown and cannot be leaked, and finally the plurality of plain texts are obtainedThe result of the text addition ensures the data security, so that the existing encryption algorithm has homomorphic property, and can be applied to the field requiring homomorphic encryption. In addition, in this scheme, the main ciphertext is calculated according to the addition rule of the elliptic curve, and is not limited to the two ciphertexts in the above discussion, and may be calculated according to the addition rule of the elliptic curve for a plurality of main ciphertexts, and the finally obtained result of adding a plurality of plain texts may be subjected to weight operation, for example: as a result, M 1 +M 2 +M 3 +M 4 The result may be weighted, i.e., k (M 1 +M 2 )+M 3 +M 4
Further, the s= [ h ]]P B In which h is 1.
The beneficial effects are that: s= [ h ]]P B In the method, h is 1, so h is negligible, and the counting processing difficulty is reduced.
The second objective of the present invention is to provide a homomorphic encryption device, so as to solve the problem that the public key encryption algorithm of the encryption algorithm operated in the existing encryption device does not have the homomorphic property.
The invention provides a basic scheme II: a homomorphic encryption device comprising a memory, a processor, and a computer program stored on the memory;
the processor is configured to execute the computer program to implement the steps of any of the homomorphic encryption methods described above.
The second basic scheme has the beneficial effects that: the device can realize the steps of any homomorphic encryption method, adopts the device to encrypt, and generates main ciphertext by a brand new method so as to have homomorphic property.
The third objective of the present invention is to provide a homomorphic encryption system, so as to solve the problem that the existing encryption algorithm running in the existing encryption system does not have the homomorphic property.
The invention provides a basic scheme III: the homomorphic encryption system adopts the homomorphic encryption method.
The third basic scheme has the beneficial effects that: the system adopts the homomorphic encryption method, encrypts by adopting the system, and generates main ciphertext by a brand new method so as to enable the main ciphertext to have homomorphic property.
The fourth object of the present invention is to provide a homomorphic encryption readable storage medium, so as to solve the problem that the existing encryption algorithm running in the existing readable storage medium does not have homomorphic property.
The invention provides a basic scheme IV: a homomorphic encryption readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of any one of the homomorphic encryption methods described above.
The fourth basic scheme has the beneficial effects that: a homomorphic encryption readable storage medium, the readable storage medium storing a computer program which, when executed by a processor, performs any one of the steps of the homomorphic encryption method described above, so as to facilitate application of the homomorphic encryption method.
Drawings
FIG. 1 is a diagram illustrating an encryption flow chart of an embodiment of a homomorphic encryption method of the present invention;
fig. 2 is a decryption flow chart of an embodiment of the homomorphic encryption method of the present invention.
Detailed Description
The following is a further detailed description of the embodiments:
an example is substantially as shown in figure 1: a homomorphic encryption method, comprising the following:
description: the meaning of terms and symbols is referred to in this scheme:
a and B: two users of public key cryptosystems are used.
n: the order of the base point G.
P B : user B's public key.
d B : user B's private key.
x||y: x and y are concatenated, x and y being either bit strings or byte strings.
[k] P: the k times the point on the elliptic curve.
M: a message to be encrypted.
M': decrypting the resulting message.
KDF (): key derivation function.
Hash (): cryptographic hash functions.
Let A be M and klen be M, the key pair of user B includes its private key d B And public key P B =[d B ]G。
In order to encrypt the plaintext M, the user a as the encryptor should implement the following steps:
a1: generating a random number k epsilon [1, n-1], wherein n is the order of the elliptic curve base point G; if there is a point P on the elliptic curve, there is a minimum positive integer n such that the number multiplied by np=o++n, then n will be referred to as the order of P; if n is absent, P is infinite. In this embodiment, a random number generator approved by the national password administration is used.
A2: calculating elliptic curve point C 1 =[k]G=(x 1 ,y 1 ) Wherein [ k ]]G means performing a double point operation, i.e. C 1 =[k]G is a k times point of an elliptic curve base point G; c (C) 1 The function of (a) is mainly to match with the private key d of B B And (5) performing ciphertext decryption.
A3: calculate elliptic curve point s= [ h ]]P B If S is an infinite point, reporting errors and exiting; wherein h is 1, so h can be omitted; this step is mainly for judging the public key P of B B Whether or not it is an infinity point, if so, the public key P of B is described B Not legal, may require regeneration.
A4: calculating elliptic curve points [ k ]]P B =(x 2 ,y 2 ) Then t=kdf (x 2 ||y 2 Klen), if t is an all 0 bit string, returning to A1, wherein KDF () is a key derivation function, klen is the bit length of the transmitted message as bit string M; in which the public key P of B is calculated B Since A3 has judged P B Is not an infinite point, so that it is unnecessary to judge [ k ]]P B Whether or not it is an infinity point. The key derivation function invokes a cryptographic hashing algorithm. Subsequent operations in this scheme will not affect even t is 0, i.e. tsecond is useless, but can be done by t during decryption [ k ]]P B Is verified by the verification system. Thus, to facilitate this method and other encryption schemes as much as possibleMatching, the present embodiment retains the calculation and determination of t here, and in other embodiments, the calculation and determination of t may be omitted.
A5: calculation C 2 =[M]G+[k]P B . Calculate two doubling points on elliptic curve and add them to elliptic curve, [ M ]]G and [ k ]]P B M times point of elliptic curve base point G and B user public key P B Is a k times point of (c). [ M ]]The purpose of G is to put M into the curve to make it meet the addition of elliptic curve and realize the property of adding homomorphism. C (C) 2 The form of (C) is substantially identical to the ciphertext form of EC-ElGamal, so that a form similar to EC-ElGamal can be used to prove that the homomorphic approach proposed in this scheme is safe.
A6: calculation C 3 =Hash(x 2 ||M||y 2 ) Where Hash () is a key Hash function, C 3 The purpose of (2) is to perform decryption verification of single encryption and decryption. But since Hash () is a key Hash function, the homomorphic property is not satisfied. Therefore C 3 And does not satisfy encryption homomorphic decryption verification.
A7: output ciphertext c= (C 1 ,C 2 ,C 3 )。C 1 ,C 2 Is decryption, and C 2 Is the main ciphertext, C 1 Performing auxiliary decryption, C 3 The function of (2) is to perform a decryption check. Ciphertext in the existing encryption algorithm is C 1 ,C 2 ,C 3 The encryption scheme can be used for converting the character strings into character strings and splicing the character strings, but the original form of the character strings is reserved, but the character strings can be converted, so that the problem of the ciphertext form is solved, and decryption is not influenced.
As shown in fig. 2, a decryption process corresponding to the homomorphic encryption method proposed in the present solution is as follows:
b1: verification C 1 If the elliptic curve equation is satisfied, 0 is reported wrong and exits if the elliptic curve equation is not satisfied. From the encryption process described above, it can be seen that C 1 Is a random number multiple point of an elliptic curve base point G, so that an elliptic curve equation is necessarily satisfied. If not, the ciphertext C is described 1 Is an erroneous ciphertext.
B2: calculating elliptic curvePoint s= [ h ]]C 1 If S is an infinite point, reporting errors and exiting. h is 1 as in the encryption scheme described above and may be omitted as well. Since B1 determines whether the elliptic curve equation is satisfied, C is determined 1 Whether or not it is an infinity point.
B3: calculating elliptic curve point d B ]C 1 =(x 2 ,y 2 ) Calculate t=kdf (x 2 ||y 2 Klen), if t is an all 0 bit string, reporting an error and exiting. Wherein C is the same as C of B1 and B2 1 After legal verification, C is carried out 1 D of (2) B Double point operation due to P B =[d B ]G, easy to obtain [ d ] B ]C 1 =[k]P B Usable C 2 And [ d ] B ]G reduction to [ M ]]G. In this embodiment, the calculation and determination of t in A4 of the corresponding encryption scheme can be used to verify [ d ] B ]C 1
B4: calculation [ M ]']G=C 2 -[d B ]C 1 From [ M ]']M 'is recovered in (1), wherein [ M ]']G is a discrete logarithm. Various methods of quickly solving discrete logarithms, such as a big-step-and-small-step algorithm, can be used herein.
B5: calculate u=hash (x 2 ||M′||y 2 ) If u is not equal to C 3 And reporting errors and exiting. Will be solved to obtain plaintext M' and [ d ] B ]C 1 Coordinates (x) 2 ,y 2 ) And splicing the character strings or the bit strings, and then calculating a key hash function. If plaintext M' and [ d ] B ]C 1 Correct, then u=c 3
B6: and outputting a plaintext M'.
In this embodiment, only the flow of encrypting plaintext M once and decrypting to obtain message M' is described, for different plaintext M 1 ,M 2 In this embodiment, the encryption and decryption processes are identical, and will not be described in detail.
In this embodiment, the public key encryption plaintext of user a and user B is M 1 And M 2 The user A encrypts and sends the ciphertext plaintext to the user B by using the encryption method, and the user B obtains M by using the decryption method 1 +M 2 The method is specifically as follows:
let ciphertext one be (C) 1 =kG,C 2 =[M 1 ]G+[k]P B ,C 3 ) Ciphertext 2 is (C 1 ′=k′G,C 2 ′=[M 2 ]G+[k′]P B ,C 3 ′)。
C1:C 1 ×C 1 ′=[(k+k′)]G. Ciphertext C 1 And C 1 ' is two points on the elliptic curve, for C 1 And C 1 'an addition rule of an elliptic curve is adopted to obtain [ (k+k')]G;
C2:C 2 ×C 2 ′=[M 1 +M 2 ]G+[k+k′]P B And C 1 Similarly, ciphertext C 2 And C 2 ' is also two points on the elliptic curve, for C 2 And C 2 ' an addition rule of elliptic curve is adopted to obtain [ M ] 1 +M 2 ]G+[k+k′]P B
C3:[k+k′]P B =[d B ](C 1 ×C 1 '), due to P B =[d B ]G;
C4:[M 1 +M 2 ]G=C 2 ×C 2 ′-[d B ](C 1 ×C 1 ') from [ M 1 +M 2 ]G recovering M 1 +M 2
Due to the slave [ M ] 1 +M 2 ]Recovery of M from G 1 +M 2 A discrete logarithm is needed to solve for. Therefore, compared with the existing encryption algorithm, the method has the advantages that a plurality of ciphertexts are required to be decrypted into plaintext respectively, the plaintext is subjected to operation processing, the main ciphertext can be directly calculated according to the addition rule of the elliptic curve, the result of adding the plurality of ciphertexts is directly obtained, then the decryption is performed, the result of adding the plurality of plaintext is obtained, the data in each plaintext is unknown and cannot be leaked, the result of adding the plurality of plaintext is finally obtained, the data safety is ensured, the existing encryption algorithm has the homomorphism adding property, and the existing encryption algorithm can be applied to the field requiring homomorphism encryption. In addition, the main ciphertext in the scheme is based on elliptic curveThe calculation of the addition rule is not limited to the two ciphertexts in the above-mentioned discussion process, and the calculation may be performed for a plurality of main ciphertexts according to the addition rule of the elliptic curve, and the final result of adding a plurality of plain texts may be subjected to weight calculation, for example: as a result, M 1 +M 2 +M 3 +M 4 The result may be weighted, i.e., k (M 1 +M 2 )+M 3 +M 4
The embodiment also provides a homomorphic encryption device, which comprises a memory, a processor and a computer program stored on the memory; the processor is configured to execute the computer program to implement the steps of any of the homomorphic encryption methods described above.
The embodiment also provides a homomorphic encryption system, which adopts the homomorphic encryption method.
The homomorphic encryption method described above, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a program to instruct related hardware, where the program may be stored in a readable storage medium, and when the program is executed by a processor, the program may implement the steps of the method embodiment. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, executable files or in some intermediate form, etc. The readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth.
In real life, more and more application scenes are similar to the privacy homomorphic, and here, three scenes are taken as an example, so as to illustrate the application of homomorphic encryption in the real scenes.
Example 1: data aggregation is a very effective method adopted in wireless network sensor networks (WSNs), and can reduce data transmission and storage to the greatest extent. Using this technique, we can have data transmitted in an aggregated form in the network. For example, rather than storing all of the data monitored by a plurality of nodes, the network obtains a unique, accurate value, such as the sum thereof. Firstly, because the storage space of the nodes in the network is limited, the storage and transmission of the messages should be reduced as much as possible on the premise of ensuring that the necessary information is not lost. Second, the power capacity of the nodes is limited, but the distributed data again needs to be transmitted in the sensor nodes. Since transmission affects power consumption, it must be minimized. Finally, WSNs are commonly used in public environments where data must be protected and hidden. In this case, the cryptographic scheme with homomorphic properties can solve the above problem, and the aggregation node can "sum" the ciphertext data of the other nodes and then transmit in the network. The result obtained after the ciphertext is decrypted is equal to the result obtained by directly adding the plaintext. As only one ciphertext is provided, the data transmission is greatly reduced, and the storage is reduced.
Example 2: smart meters are an essential element in building a "smart grid" for power production and distribution. Frequent meter readings may optimize the meter, as well as introduce some "additional data" that consumers are reluctant to see. Such as whether the resident is at home, at several points, getting up or sleeping. Longer data mining can lead to even more information such as which appliances are being used by the resident, when it is being used, etc. Thus, privacy concerns in this case should be more appreciated by the relevant authorities. The sum value of the electricity consumption can be calculated by using the homomorphic encryption technology, so that the electricity meter reading is visible at the level of a building or a community, and the electricity consumption data of the level of a user cannot be leaked. Meanwhile, the electricity consumption data such as failure, power failure and the like can be well utilized through comparison between the electricity consumption amounts of the same level.
Example 3: the success of deep learning is due to the physical hardware applied to neural networks and the breakthrough of algorithms to process massive amounts of data. The large amount of collected data is certainly very important for deep learning, which however causes privacy problems. For example, the collected photos may be permanently placed in the company's server, without the control of the photo owner; because of privacy and confidentiality concerns, hospitals and research centers often cannot easily access their own data, making them unable to enjoy the benefits of large-scale deep learning on a federated data set. For this problem, homomorphic encryption can still be solved. Phong et al propose a deep learning system for protecting privacy, which uses the property of addition homomorphism to ensure that data is not revealed to a service side while the accuracy and original of the combined data set remain unchanged.
The foregoing is merely an embodiment of the present invention, and a specific structure and characteristics of common knowledge in the art, which are well known in the scheme, are not described herein, so that a person of ordinary skill in the art knows all the prior art in the application day or before the priority date of the present invention, and can know all the prior art in the field, and have the capability of applying the conventional experimental means before the date, so that a person of ordinary skill in the art can complete and implement the present embodiment in combination with his own capability in the light of the present application, and some typical known structures or known methods should not be an obstacle for a person of ordinary skill in the art to implement the present application. It should be noted that modifications and improvements can be made by those skilled in the art without departing from the structure of the present invention, and these should also be considered as the scope of the present invention, which does not affect the effect of the implementation of the present invention and the utility of the patent. The protection scope of the present application shall be subject to the content of the claims, and the description of the specific embodiments and the like in the specification can be used for explaining the content of the claims.

Claims (5)

1. A homomorphic encryption method is characterized in that:
a1: generating a random number k epsilon [1, n-1], wherein n is the order of the elliptic curve base point G;
a2: calculating elliptic curve point C 1 =[k]G=(x 1 ,y 1 ) Wherein [ k ]]G means performing a double point operation, i.e. C 1 =[k]G is a k times point of an elliptic curve base point G;
a3: calculate elliptic curve point s= [ h ]]P B If S is an infinite point, reporting error and exiting, wherein P B A public key that is a decryptor;
a4: calculating elliptic curve points [ k ]]P B =(x 2 ,y 2 );
A5: elliptic curve addition using two doubling points on elliptic curve to produce main ciphertext C 2 The two times points on the elliptic curve comprise M times points of the elliptic curve base point G and a public key P B Wherein M is plaintext and k is a random number; wherein the main ciphertext C 2 The calculation process of (1) is specifically as follows: c (C) 2 =[M]G+[k]P B
A6: calculation C 3 =Hash(x 2 ||M||y 2 ) Wherein Hash () is a key Hash function;
a7: output ciphertext c= (C 1 ,C 2 ,C 3 )。
2. The homomorphic encryption method of claim 1, wherein: the S= [ h ]]P B In which h is 1.
3. A homomorphic encryption device comprising a memory, a processor, and a computer program stored on the memory, characterized in that: the processor is configured to execute the computer program to implement the steps of the homomorphic encryption method as claimed in any one of claims 1 to 2.
4. A homomorphic encryption system, characterized by: steps for implementing a homomorphic encryption method according to any one of claims 1 to 2.
5. A homomorphic encryption readable storage medium storing a computer program, characterized in that: the computer program, when executed by a processor, implements the steps of the homomorphic encryption method of any one of claims 1 to 2.
CN202110448838.7A 2021-04-25 2021-04-25 Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium Active CN113141247B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110448838.7A CN113141247B (en) 2021-04-25 2021-04-25 Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110448838.7A CN113141247B (en) 2021-04-25 2021-04-25 Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium

Publications (2)

Publication Number Publication Date
CN113141247A CN113141247A (en) 2021-07-20
CN113141247B true CN113141247B (en) 2023-07-04

Family

ID=76812088

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110448838.7A Active CN113141247B (en) 2021-04-25 2021-04-25 Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium

Country Status (1)

Country Link
CN (1) CN113141247B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114124349B (en) * 2021-11-19 2024-04-09 北京数牍科技有限公司 Rapid decryption method for homomorphic encryption scheme
CN115001685B (en) * 2022-07-22 2022-10-21 北京信安世纪科技股份有限公司 Method, device, equipment and storage medium for inadvertent transmission
CN115378588B (en) * 2022-10-25 2023-05-26 北京信安世纪科技股份有限公司 Method, apparatus and storage medium for inadvertent transmission

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2237474A1 (en) * 2009-03-30 2010-10-06 Mitsubishi Electric Corporation Secure Distortion Computation Among Untrusting Parties Using Homomorphic Encryption
CN102761412A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 P-element domain SM2 elliptic curve public key encryption, decryption and encryption-decryption hybrid system
CN107425968A (en) * 2017-06-22 2017-12-01 广东工业大学 A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system
CN109768864A (en) * 2019-01-14 2019-05-17 大连大学 Encryption method based on ECC and homomorphic cryptography
CN109818744A (en) * 2019-02-27 2019-05-28 矩阵元技术(深圳)有限公司 Shared secret key generation method, device, computer equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101795771B1 (en) * 2013-03-18 2017-11-09 한국전자통신연구원 System and method for providing compressed encryption and decryption in homomorphic cryptography based on intergers

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2237474A1 (en) * 2009-03-30 2010-10-06 Mitsubishi Electric Corporation Secure Distortion Computation Among Untrusting Parties Using Homomorphic Encryption
CN102761412A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 P-element domain SM2 elliptic curve public key encryption, decryption and encryption-decryption hybrid system
CN107425968A (en) * 2017-06-22 2017-12-01 广东工业大学 A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system
CN109768864A (en) * 2019-01-14 2019-05-17 大连大学 Encryption method based on ECC and homomorphic cryptography
CN109818744A (en) * 2019-02-27 2019-05-28 矩阵元技术(深圳)有限公司 Shared secret key generation method, device, computer equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Analysisi and Comparison of Various Fully Homomorphic Encryption Techniques;Pratibha Chaudhary等;2019 International Conference on Computing,Power and Communication Technologies(GUCON);全文 *
椭圆曲线软件及密码卡的设计与实现;董军武,邹候文,裴定一;计算机应用(第11期);全文 *

Also Published As

Publication number Publication date
CN113141247A (en) 2021-07-20

Similar Documents

Publication Publication Date Title
CN108292402B (en) Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CN104270249B (en) It is a kind of from the label decryption method without certificate environment to identity-based environment
CN104038341B (en) A kind of cross-system of identity-based acts on behalf of re-encryption method
CN113141247B (en) Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium
CN109274503A (en) Distributed collaboration endorsement method and distributed collaboration signature apparatus, soft shield system
CN104301108B (en) It is a kind of from identity-based environment to the label decryption method without certificate environment
CN113691380B (en) Multidimensional private data aggregation method in smart power grid
Nagarajan et al. Secure data transmission in internet of medical things using RES-256 algorithm
CN104967693B (en) Towards the Documents Similarity computational methods based on full homomorphism cryptographic technique of cloud storage
CN113162751B (en) Encryption method and system with homomorphism and readable storage medium
CN109981265B (en) Identity-based ciphertext equivalence determination method without using bilinear pairings
CN111147245A (en) Algorithm for encrypting by using national password in block chain
CN102104481B (en) Elliptic curve-based key exchange method
Vegh et al. Enhancing security in cyber-physical systems through cryptographic and steganographic techniques
CN106713349A (en) Inter-group proxy re-encryption method capable of resisting selected ciphertext attack
Barmana et al. DNA encoded elliptic curve cryptography system for IoT security
Ming et al. Proxy signcryption scheme in the standard model
Zhang et al. Antiquantum privacy protection scheme in advanced metering infrastructure of smart grid based on consortium blockchain and rlwe
CN110572788B (en) Wireless sensor communication method and system based on asymmetric key pool and implicit certificate
Eshghi et al. Security Enhancement of Wireless Sensor Networks: A Hybrid Efficient Encryption Algorithm Approach
CN114244567B (en) CP-ABE method for supporting circuit structure in cloud environment
Nesa et al. Combining merkle hash tree and chaotic cryptography for secure data fusion in iot
CN113343258B (en) Attribute-based agent re-encryption method applicable to lattice-based ciphertext strategy shared by body test result cloud
CN113141249B (en) Threshold decryption method, system and readable storage medium
CN115296809B (en) Data transmission method of intelligent engineering construction information system supporting asynchronous decryption at two ends

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant