CN113420314A - Fully homomorphic encryption algorithm suitable for high-speed operation - Google Patents

Fully homomorphic encryption algorithm suitable for high-speed operation Download PDF

Info

Publication number
CN113420314A
CN113420314A CN202110827719.2A CN202110827719A CN113420314A CN 113420314 A CN113420314 A CN 113420314A CN 202110827719 A CN202110827719 A CN 202110827719A CN 113420314 A CN113420314 A CN 113420314A
Authority
CN
China
Prior art keywords
ciphertext
sum
data
mul
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110827719.2A
Other languages
Chinese (zh)
Inventor
庞皓天
曹珍富
周俊
魏立斐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Tongtai Information Technology Co ltd
Original Assignee
Shanghai Tongtai Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Tongtai Information Technology Co ltd filed Critical Shanghai Tongtai Information Technology Co ltd
Priority to CN202110827719.2A priority Critical patent/CN113420314A/en
Publication of CN113420314A publication Critical patent/CN113420314A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Complex Calculations (AREA)

Abstract

The invention discloses a fully homomorphic encryption algorithm suitable for high-speed operation, which comprises the following steps: firstly, randomly selecting two lambda-bit large prime numbers p and q for a safety parameter input by a system, wherein the public parameter is N ═ pq; and a second step of encryption: for plaintext data mi,i∈[1,n]Encrypting to obtain cipher text C suitable for addition calculation according to specific formulai,sumAnd ciphertext C suitable for addition calculationi,mulAnd calculates a random number riR ofsumAnd rmul(ii) a Thirdly, carrying out ciphertext operation, namely, carrying out ciphertext C operation according to a specific formulai,sumPerforming addition operation or on ciphertext Ci,mulPerforming multiplication operation; fourthly, decrypting the ciphertext subjected to the addition operation according to a specific formula to obtain MsumOr decrypting the ciphertext subjected to multiplication to obtain Mmul. The invention can reduce the storage space occupied by the ciphertext obtained by encrypting the plaintext data, realize high-efficiency encryption and high-efficiency operation, and ensure that the safety can reach the unconditional safety level.

Description

Fully homomorphic encryption algorithm suitable for high-speed operation
Technical Field
The invention relates to the technical field of fully homomorphic encryption algorithms, in particular to a fully homomorphic encryption algorithm suitable for high-speed operation.
Background
A fully homomorphic encryption algorithm refers to an encryption method that has a fully homomorphic nature. The ciphertext generated by the algorithm supports mathematical operation, and the result of the operation based on the ciphertext is the same as the result of the operation based on the ciphertext after decryption.
The classical fully homomorphic encryption algorithm has three main problems:
1. the efficiency is low: traditional homomorphic encryption is based on a lattice cipher design, has a large number of matrix operations, and is bit-by-bit encrypted. This results in a high complexity of the execution time of the algorithm, which is difficult to be applied in practical engineering.
2. And (3) ciphertext expansion: the ciphertext produced by the homomorphic encryption is a plurality of large matrices, while the plaintext input is bits. Therefore, fully homomorphic encryption can expand the storage space occupied by data by thousands of times. The storage efficiency is seriously lowered.
3. The safety problem is as follows: fully homomorphic encryption because the ciphertext is malleable, the security of fully homomorphic encryption can only reach CPA level, but not CCA security and CCA2 security.
How to improve the operation speed in the fully homomorphic encryption algorithm, simultaneously prevent the expansion of the ciphertext and ensure the safety of the ciphertext is the problem to be solved at present.
Disclosure of Invention
The invention aims to provide a fully homomorphic encryption algorithm suitable for high-speed operation, a ciphertext obtained by the algorithm can be directly used for mathematical operation, and meanwhile, the occupied storage space is small.
In order to achieve the purpose, the invention provides the following technical scheme: an all homomorphic encryption algorithm suitable for high speed operations, comprising the steps of:
firstly, randomly selecting two lambda-bit large prime numbers p and q for a safety parameter input by a system, wherein the public parameter is N ═ pq;
and a second step of encryption:
when a data owner wishes to have a batch of plaintext data mi,i∈[1,n]When encrypting and adding the encrypted ciphertext by using the cloud service, the data m is encryptediEncryption is performed as follows:
Ci,sum=mi+rimod N, to obtain ciphertext C suitable for addition computationi,sum
Obtained all for addingCiphertext C of arithmetic operationi,sumAfter that, the following calculation is performed:
Figure BDA0003174294850000021
when the data owner wishes to outsource the batch of data onto the cloud for multiplication, data m is multipliediEncryption is performed as follows:
Ci,mul=mi·r1mod N, to obtain ciphertext C suitable for addition computationi,mul
Obtaining ciphertext C all for multiplicationi,mulAfter that, the following calculation is performed:
Figure BDA0003174294850000022
wherein r in the encryption operation processiIs a random number, the resulting ciphertext Ci,sumAnd ciphertext Ci,mulCan be directly used for mathematical operation;
thirdly, carrying out ciphertext following operation:
after receiving the encrypted data sent by the data provider, the cloud service performs operation in the following manner:
and (3) addition:
Figure BDA0003174294850000023
multiplication:
Figure BDA0003174294850000024
fourthly, decrypting the result of the ciphertext operation:
after the server finishes the operation, the operation ciphertext is returned to the data provider, the data provider decrypts the operation ciphertext, and after the decryption is successful, the data provider can obtain a calculation result, wherein the decryption process is as follows:
for the addition decryption result: msum=Csum-rsum mod N;
For the multiplication result, r is first pair as followsmulInversion:
Figure BDA0003174294850000031
then, the decryption operation is performed as follows, so that the multiplication decryption calculation result can be obtained:
Figure BDA0003174294850000032
preferably, in the second step, the random number r needs to be selected again when each plaintext in the data batch is encryptedi
Compared with the prior art, the invention has the following beneficial effects:
the invention provides an efficient fully homomorphic mapping which can be combined with other cryptography technologies to form a fully homomorphic encryption scheme, and can realize efficient encryption and efficient operation; in consideration of ciphertext expansion, ciphertext-free expansion can be realized theoretically; security can also reach an unconditional security level.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments of the present invention, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a technical scheme that: an all homomorphic encryption algorithm suitable for high speed operations, comprising the steps of:
firstly, randomly selecting two lambda-bit large prime numbers p and q for a safety parameter input by a system, wherein the public parameter is N ═ pq;
and a second step of encryption: for plaintext data mi,i∈[1,n]Encrypting to obtain cipher text C suitable for addition calculation according to specific formulai,sumAnd ciphertext C suitable for addition calculationi,mulAnd calculates a random number riR ofsumAnd rmul
Thirdly, carrying out ciphertext operation, namely, carrying out ciphertext C operation according to a specific formulai,sumPerforming addition operation or on ciphertext Ci,mulPerforming multiplication operation;
fourthly, decrypting the ciphertext subjected to the addition operation according to a specific formula to obtain MsumOr decrypting the ciphertext subjected to multiplication to obtain Mmul
In the second step of this embodiment, when the data owner wishes to have a batch of plaintext data mi,i∈[1,n]When encrypting and adding the encrypted ciphertext by using the cloud service, the data m is encryptediEncryption is performed as follows:
Ci,sum=mi+rimod N, to obtain ciphertext C suitable for addition computationi,sum
Obtaining ciphertext C all for additioni,sumAfter that, the following calculation is performed:
Figure BDA0003174294850000041
when the data owner wishes to outsource the batch of data onto the cloud for multiplication, data m is multipliediEncryption is performed as follows:
Ci,mul=mi·r1mod N, to obtain ciphertext C suitable for addition computationi,mul
Obtaining ciphertext C all for multiplicationi,mulAfter that, the following calculation is performed:
Figure BDA0003174294850000042
wherein r in the encryption operation processiIs a random number, ciphertext Ci,sumAnd ciphertext Ci,mulCan be directly used for mathematical operation;
in the third step of this embodiment:
after receiving the encrypted data sent by the data provider, the cloud service performs ciphertext operation as follows:
and (3) addition:
Figure BDA0003174294850000051
multiplication:
Figure BDA0003174294850000052
in the fourth step of this embodiment:
after the server finishes the operation, the operation ciphertext is returned to the data provider, the data provider decrypts the operation ciphertext, and after the decryption is successful, the data provider can obtain a calculation result, wherein the decryption process is as follows:
for the addition decryption result: msum=Csum-rsum mod N;
For the multiplication result, r is first pair as followsmulInversion:
Figure BDA0003174294850000053
then, the decryption operation is performed as follows, so that the multiplication decryption calculation result can be obtained:
Figure BDA0003174294850000054
in the present embodiment, in the second step, each plaintext m in the batch of dataiThe random number r needs to be reselected when encryption is carried outiFurther improving the plaintext miSecurity of the ciphertext obtained after encryption.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (2)

1. A fully homomorphic cryptographic algorithm suitable for high speed operations, comprising the steps of:
firstly, randomly selecting two lambda-bit large prime numbers p and q for a safety parameter input by a system, wherein the public parameter is N ═ pq;
and a second step of encryption:
when a data owner wishes to have a batch of plaintext data mi,i∈[1,n]When encrypting and adding the encrypted ciphertext by using the cloud service, the data m is encryptediEncryption is performed as follows:
Ci,sum=mi+rimod N, to obtain ciphertext C suitable for addition computationi,sum
Obtaining ciphertext C all for additioni,sumAfter that, the following calculation is performed:
Figure FDA0003174294840000011
when the data owner wishes to outsource the batch of data onto the cloud for multiplication, data m is multipliediEncryption is performed as follows:
Ci,mul=mi·r1mod N, to obtain ciphertext C suitable for addition computationi,mul
Obtaining ciphertext C all for multiplicationi,mulAfter that, the following calculation is performed:
Figure FDA0003174294840000012
wherein the encryption operation processR iniIs a random number;
thirdly, carrying out ciphertext following operation:
after receiving the encrypted data sent by the data provider, the cloud service performs operation in the following manner:
and (3) addition:
Figure FDA0003174294840000013
multiplication:
Figure FDA0003174294840000014
fourthly, decrypting the result of the ciphertext operation:
after the server finishes the operation, the operation ciphertext is returned to the data provider, the data provider decrypts the operation ciphertext, and after the decryption is successful, the data provider can obtain a calculation result, wherein the decryption process is as follows:
for the addition decryption result: msum=Csum-rsummod N;
For the multiplication result, r is first pair as followsmulInversion:
Figure FDA0003174294840000021
then, the decryption operation is performed as follows, so that the multiplication decryption calculation result can be obtained:
Figure FDA0003174294840000022
2. the fully homomorphic encryption algorithm for high speed operations according to claim 1, wherein: in the second step, each plaintext in the data block needs to be encrypted by re-selecting the random number ri
CN202110827719.2A 2021-07-22 2021-07-22 Fully homomorphic encryption algorithm suitable for high-speed operation Pending CN113420314A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110827719.2A CN113420314A (en) 2021-07-22 2021-07-22 Fully homomorphic encryption algorithm suitable for high-speed operation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110827719.2A CN113420314A (en) 2021-07-22 2021-07-22 Fully homomorphic encryption algorithm suitable for high-speed operation

Publications (1)

Publication Number Publication Date
CN113420314A true CN113420314A (en) 2021-09-21

Family

ID=77718138

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110827719.2A Pending CN113420314A (en) 2021-07-22 2021-07-22 Fully homomorphic encryption algorithm suitable for high-speed operation

Country Status (1)

Country Link
CN (1) CN113420314A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115001649A (en) * 2022-04-15 2022-09-02 支付宝(杭州)信息技术有限公司 Batch encryption method, related device, system, equipment, medium and program product

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115001649A (en) * 2022-04-15 2022-09-02 支付宝(杭州)信息技术有限公司 Batch encryption method, related device, system, equipment, medium and program product

Similar Documents

Publication Publication Date Title
CN108418686B (en) Multi-distributed SM9 decryption method and medium, and key generation method and medium
CN110147681B (en) Privacy protection big data processing method and system supporting flexible access control
CN105406966B (en) A kind of distribution of threshold secret information, reduction, integrity verification method and device
CN108111295B (en) Homomorphic encryption method based on analog-to-analog operation
CN107359979A (en) Symmetrical full homomorphic cryptography method based on Representation theorem
WO2013156758A1 (en) Method of encrypting data
Agrawal et al. Elliptic curve cryptography with hill cipher generation for secure text cryptosystem
CN110851845A (en) Light-weight single-user multi-data all-homomorphic data packaging method
CN112383388A (en) Double-key encryption system and method based on cloud computing big data
CN111639345A (en) Secure multi-party cloud computing method and system based on homomorphic encryption
CN112737764A (en) Lightweight multi-user multi-data all-homomorphic data encryption packaging method
CN115842617A (en) Security homomorphic calculation method supporting batch processing, storage device and equipment
CN105653983B (en) Information distribution, reduction, integrity verification method and device based on cloud storage
CN113420314A (en) Fully homomorphic encryption algorithm suitable for high-speed operation
CN111835766B (en) Re-random public key encryption and decryption method
CN112580071A (en) Data processing method and device
CN114362912A (en) Identification password generation method based on distributed key center, electronic device and medium
Purwinarko et al. A Hybrid Security Algorithm AES and Blowfish for Authentication in Mobile Applications
CN115361109B (en) Homomorphic encryption method supporting bidirectional proxy re-encryption
CN107342855B (en) Signature method based on SM2 algorithm
CN109495478A (en) A kind of distributed security communication means and system based on block chain
CN114499845A (en) Multi-party secure computing method, device and system
CN107276759A (en) A kind of efficient Threshold cryptosystem scheme
WO2018011825A1 (en) Encryption and decryption of messages
CN112367159A (en) Medical data safety storage oriented hybrid encryption and decryption method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination