CN113901425B - Method, device, storage medium and equipment for solving intersection safely by multiple parties - Google Patents

Method, device, storage medium and equipment for solving intersection safely by multiple parties Download PDF

Info

Publication number
CN113901425B
CN113901425B CN202111084911.3A CN202111084911A CN113901425B CN 113901425 B CN113901425 B CN 113901425B CN 202111084911 A CN202111084911 A CN 202111084911A CN 113901425 B CN113901425 B CN 113901425B
Authority
CN
China
Prior art keywords
hash
intersection
controller
original data
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111084911.3A
Other languages
Chinese (zh)
Other versions
CN113901425A (en
Inventor
张凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yidu Cloud Beijing Technology Co Ltd
Original Assignee
Yidu Cloud Beijing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yidu Cloud Beijing Technology Co Ltd filed Critical Yidu Cloud Beijing Technology Co Ltd
Priority to CN202111084911.3A priority Critical patent/CN113901425B/en
Publication of CN113901425A publication Critical patent/CN113901425A/en
Application granted granted Critical
Publication of CN113901425B publication Critical patent/CN113901425B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a method for solving intersection safely by multiple parties, which is used for any party in a plurality of parties, wherein any party is configured with a local server and a first controller, and the method comprises the following steps: the first controller receives a random value sent by a server; the first controller determines a hash result corresponding to the original data according to the random value and the original data, and sends the hash result to the server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data; the first controller receives a hash result intersection sent by the server, wherein the hash result intersection is determined by the server according to the hash value set of each participant; and the first controller determines an intersection result according to the intersection of the hash results and the mapping relation. The safety of the intersection solving process of multi-party safety is effectively improved, the parallel processing capacity of the first controller is far greater than that of a general processor of the local server, and the processing efficiency is remarkably improved.

Description

Method, device, storage medium and equipment for solving intersection safely by multiple parties
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a method, an apparatus, a computer-readable storage medium, and a device for solving an intersection safely among multiple parties.
Background
With the importance of users on data privacy protection, people are enjoying the convenience of various services depending on personal information, and at the same time, the demands for protection awareness and desired protection degree of private data are also increasing. Protection of many Private data relates to secure multiparty computation, and PSI (Private Set interaction, privacy protection Set Intersection) computation belongs to a specific application problem of secure multiparty computation, and has not only important theoretical significance but also strong application value. Most algorithms in the existing PSI calculation scheme are based on complex encryption algorithms, have large calculation amount and are mostly used for two-party PSI calculation. If multi-party PSI (the number of participants is more than 2) calculation is needed, intersection of the multiple parties can be calculated only by performing pairwise intersection for multiple times, and the calculation complexity and the communication traffic are multiplied. In other schemes, PSI calculation is carried out based on naive Hash, so that repeated intersection calculation can be avoided. But the PSI calculation scheme based on the naive hash has poor safety.
Disclosure of Invention
The embodiment of the invention provides a method and a device for solving intersection safely by multiple parties, a computer readable storage medium and equipment.
According to a first aspect of the present invention, there is provided a method for secure intersection of multiple parties, for any party of multiple parties, where any party is configured with a local server and a first controller, the method including: the first controller receives a random value sent by a server; the first controller determines a hash result corresponding to the original data according to the random value and the original data, and sends the hash result to a server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data; the first controller receives a hash result intersection sent by the service party, wherein the hash result intersection is determined by the service party according to the hash value set of each participant; and the first controller determines an intersection result according to the hash result intersection and the mapping relation.
According to an embodiment of the present invention, the determining, by the first controller, a hash result corresponding to original data according to the random value and the original data includes: determining a salt value according to the random value; and determining a hash result corresponding to the original data according to the salt value and the original data.
According to an embodiment of the present invention, determining a hash result corresponding to original data according to the salt value and the original data includes: according to the salt value, hashing and sequencing de-duplication are carried out on the original data to obtain a hash value set; and constructing a mapping relation between each hash value in the hash value set and each original value in the original data.
According to an embodiment of the present invention, the service side is configured with a PSI server and the second controller.
According to an embodiment of the invention, said random value is generated by said second controller for a plurality of said parties.
According to an embodiment of the present invention, before the first controller receives the random value sent by the server, the method further includes: the local server sends the equipment information of the local server to the first controller; the first controller determines the attribute characteristics of the local server according to the equipment information; and performing remote authentication with the server through the first controller according to the attribute characteristics.
According to an embodiment of the present invention, the determining, by the first controller, an intersection result according to the intersection of the hash results and the mapping relationship includes: and the first controller inquires an original value corresponding to each hash value in the hash result intersection from the mapping relation, and the set of all the original values obtained through inquiry is the intersection result.
According to an embodiment of the present invention, the first controller is an FPGA or an SGX.
According to the second aspect of the present invention, there is also provided a method for secure intersection between multiple parties, where the method is used for a serving party, and the serving party is configured with a PSI server and a second controller, and the method includes: the second controller generating a random value for a plurality of participants and sending the random value to the first controller of any one of the plurality of participants; the second controller receives a hash result corresponding to the original data of the participant sent by the first controller, wherein the hash result comprises the hash value set and a mapping relation, and the mapping relation is used for reflecting the corresponding relation between the hash value set and the original data; the second controller performs intersection according to the hash results of the multiple participants, and determines a hash result intersection of the participants, wherein the hash result intersection is determined according to the hash value set of each participant; sending the intersection of the hash results to a first controller of the participants, so as to determine, by the first controller, an intersection of the multiple participants according to the first intersection array and the mapping relationship.
According to a third aspect of the present invention, there is further provided an apparatus for secure intersection of multiple parties, where any party is configured with a local server and a first controller, the apparatus includes: the first receiving module is used for receiving the random value sent by the server by the first controller; the first controller is used for determining a hash result corresponding to the original data according to the random value and the original data and sending the hash result to a server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data; a second receiving module, configured to receive, by the first controller, a hash result intersection sent by the server, where the hash result intersection is determined by the server according to a hash value set of each participant; and the intersection determining module is used for determining an intersection result by the first controller according to the hash result intersection and the mapping relation.
According to the fourth aspect of the present invention, there is further provided an apparatus for secure intersection of multiple parties, configured with a PSI server and a second controller, for a service party, the apparatus including: a random value generation module for the second controller to generate random values for a plurality of participants and to send the random values to the first controller of any one of the plurality of participants; a hash receiving module, configured to receive, by the second controller, a hash result corresponding to original data of the participant sent by the first controller, where the hash result includes the set of hash values and a mapping relationship, and the mapping relationship is used to reflect a correspondence between the set of hash values and the original data; the intersection module is used for the second controller to perform intersection according to the hash results of the multiple participants and determine the intersection of the hash results of the participants, wherein the intersection of the hash results is determined according to the hash value set of each participant; and the intersection sending module is used for sending the intersection of the hash result to the first controllers of the participants so as to determine the intersection of the participants according to the first intersection array and the mapping relation through the first controllers.
According to a fifth aspect of the present invention, there is further provided a system for secure intersection of multiple parties, the system comprising: the server is provided with a PSI server and a second controller, and the second controller is used for generating random values for a plurality of participants and sending the random values to a first controller of any one of the participants; receiving a hash result corresponding to original data of the participant sent by the first controller, wherein the hash result includes the hash value set and a mapping relation, and the mapping relation is used for reflecting a corresponding relation between the hash value set and the original data; performing intersection according to the hash results of the multiple participants, and determining the hash result intersection of the participants, wherein the hash result intersection is determined according to the hash value set of each participant; and sending the hash result intersection to a first controller of the participants, so as to determine, by the first controller, an intersection of the multiple participants according to the first intersection array and the mapping relation; a plurality of participants, any one of the plurality of participants configured with a local server and a first controller; the first controller is used for receiving a random value sent by a server; according to the random value and the original data, determining a hash result corresponding to the original data, and sending the hash result to a server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data; receiving a hash result intersection sent by the service party, wherein the hash result intersection is determined by the service party according to the hash value set of each participant; and determining an intersection result according to the hash result intersection and the mapping relation.
According to a sixth aspect of the present invention, there is also provided an apparatus comprising: one or more processors; storage means for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to implement the above-described method of multi-party secure intersection.
According to a seventh aspect of the present invention, there is further provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements the above-mentioned method for secure intersection of multiple parties.
The embodiment of the invention provides a method, a device, a system computer readable storage medium and equipment for safely solving intersection among multiple parties, wherein any party is configured with a local server and a first controller, and the method comprises the following steps: the first controller receives a random value sent by a server; the first controller determines a hash result corresponding to the original data according to the random value and the original data, and sends the hash result to the server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data; the first controller receives a hash result intersection sent by the server, wherein the hash result intersection is determined by the server according to the hash value set of each participant; and the first controller determines an intersection result according to the intersection of the hash results and the mapping relation. The overall safety of the intersection solving process of multi-party safety is effectively improved. And the parallel processing capacity of the first controller is far larger than that of general processors in servers such as a local server of a participant and a PSI server of a service party, for example: the FPGA with high data processing speed and the like can be selected, so that the processing speed of intersection solving for multi-party safety is greatly improved, the processing efficiency is obviously improved, and the user experience is effectively improved.
It is to be understood that the teachings of the present invention need not achieve all of the above-described benefits, but rather that specific embodiments may achieve specific technical results, and that other embodiments of the present invention may achieve benefits not mentioned above.
Drawings
The above and other objects, features and advantages of exemplary embodiments of the present invention will become readily apparent from the following detailed description read in conjunction with the accompanying drawings. Several embodiments of the invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which:
in the drawings, the same or corresponding reference numerals indicate the same or corresponding parts.
Fig. 1 is a schematic diagram illustrating an application scenario of a method for safely intersecting multiple parties according to an embodiment of the present invention;
fig. 2 is a schematic flow chart illustrating an implementation of a method for safely solving intersection between multiple parties according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart illustrating an implementation of a method for securely intersecting multiple parties according to another embodiment of the present invention;
fig. 4 is a schematic diagram illustrating an implementation flow of a specific application example of a method for solving an intersection safely by multiple parties according to an embodiment of the present invention
Fig. 5 is a schematic structural diagram illustrating a device for securely intersecting multiple parties according to an embodiment of the present invention;
FIG. 6 is a schematic diagram illustrating a structure of an apparatus for securely intersecting multiple parties according to another embodiment of the present invention;
fig. 7 is a schematic diagram illustrating a structure of a device according to an embodiment of the present invention.
Detailed Description
The principles and spirit of the present invention will be described with reference to several exemplary embodiments. It is understood that these embodiments are given only to enable those skilled in the art to better understand and to implement the present invention, and do not limit the scope of the present invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
The technical scheme of the invention is further elaborated by combining the attached drawings and specific embodiments.
Fig. 1 is a schematic view illustrating an application scenario of a method for solving an intersection safely by multiple parties according to an embodiment of the present invention, and referring to fig. 1, the method for solving an intersection safely by multiple parties of the present invention may be applied to a process of solving intersection of original data of multiple parties, where the original data of multiple parties may be personal information, medical characteristic information, commodity browsing information, and other data that need privacy protection, and the present invention is not limited in this respect. And respectively connecting the participants 1 to n with the server in a distributed connection mode. The participants 1 to n are only exemplary illustrations of a plurality of participants, and the number of participants in the actual application process may be determined according to actual situations.
Each participant may include a local server and a first controller operating independently of the server, and the server may include a PSI server and a second controller having very high data processing capability and very fast data processing speed. In addition, the data in the first controller cannot be acquired by the local server, and the data in the second controller cannot be acquired by the PSI server, so that important calculation operation can be configured in the first controller and the second controller to be executed, and the safety of the multi-party safety calculation process is effectively improved.
In this embodiment of the present invention, the first controller may be an FPGA or an SGX, and the second controller may be an FPGA or an SGX.
It should be noted that the first controller and the second controller are only used for distinguishing different controllers provided at the service side or different participants. Participants 1 to n and the first and second participants 1, 2, n, first and second, etc. as hereinafter devised do not have sequentially expressed meanings, nor do they represent importance levels between the different participants, nor are they used in other specific meanings, but merely to illustrate the different participants.
Due to the ultra-strong data processing capacity and the ultra-fast data processing speed of the FPGA and the higher compatibility of the FPGA to the server, the FPGA is almost suitable for all server types. However, the SGX is only applicable to a case where a CPU processor in a high-strength isolation operating environment is configured in a server of an Intel (Intel) company, and therefore, in the embodiment of the present invention described below, both the first controller and the second controller preferably use an FPGA, but it should be noted that the present invention does not specifically limit this, and the FPGA or the SGX may be flexibly selected according to a situation in an actual application process, or other applicable controllers may also be used.
It should be noted that fig. 1 is a simple schematic diagram for expressing the application scheme of the present invention, where the FPGA may be configured in a local server of a participant or a PSI server of a service side, and can communicate with the system, but the FPGA may independently perform operations such as data storage and computation. The SGX may be applied to a specific server, and provides an isolated operating environment (enclave) with trusted and high-strength hardware rooted in the CPU. Even if an attacker has control over the operating system and other privileged level software, enclave cannot be directly accessed (i.e., cannot be modified nor read). Intel SGX also provides remote authentication services, i.e., programs in the enave prove their trustworthiness to their third party.
Fig. 2 is a schematic diagram illustrating an implementation flow of a method for performing secure intersection between multiple parties according to an embodiment of the present invention.
Referring to fig. 2, a method for safely intersecting multiple parties in an embodiment of the present invention is used for any party of multiple parties, where any party is configured with a local server and a first controller, and the method at least includes the following operation flows:
in operation 201, the first controller receives a random value transmitted by a server.
In this embodiment of the invention, any one of the parties is configured with a local server and the first controller may receive, via the local server, the first random value generated by the serving party for the plurality of parties.
In this embodiment of the present invention, the service is configured with a PSI server and a second controller, the second controller operating independently of the PSI server, and the service may generate a first random value for the plurality of participants through the second controller of the service.
In this embodiment of the present invention, both the first controller and the second controller may select to use an FPGA or an SGX according to an actual application scenario.
The second controller of the server generates a first random value for the plurality of participants, which may be generated using a built-in random number generator. The most important characteristics of the random number generator are: the latter number generated by the random number generator has no relation to the former number. Therefore, the random number used in one round of multi-party secure transaction process is different from the random number used in the next round of multi-party secure transaction process. In a round of multi-party secure intersection process, if true random values received by a plurality of participants are the same, each participant adopts the same processing logic and the same input, the obtained salt values are the same, and further, hash values obtained by hashing the same original values according to the same salt values are the same.
Further, before the first controller receives the random value sent by the server, and before the server receives the first random value generated for the plurality of participants by the second controller of the server, the embodiment of the present invention further sends the device information of the local server to the first controller by the local server, and then the first controller determines the attribute feature of the local server according to the device information and performs remote authentication with the server by the first controller according to the attribute feature.
Specifically, the attribute feature may show validity of the local server, and the first controller determines whether the local server is valid according to the device information, and performs remote authentication with the service party through the first controller when it is determined that the local server is valid.
For example, after receiving the device information of the local server, the FPGA authenticates the local server, where the device information may include a CPU serial number, a hard disk serial number, a hardware modification table, a user password, and the like.
The FPGA can be applied to one of a plurality of servers, and in order to improve the configuration efficiency of the FPGA, equipment information data of the plurality of local servers of the participants need to be preset in the FPGA and can be stored in an equipment list A.
Here, the FPGA may be configured in the local server of the party 1, and when the local server is turned on or within a set time after the local server is turned on, the device information W of the local server of the party 1 is sent to the FPGA of the party 1, and the FPGA compares the device information W with the internal device list a.
Therefore, the digital certificate and the authentication logic based on the FPGA internal solidification are adopted to realize the authentication of the local server and the remote authentication of the PSI server of the service party, realize the binding of the functions and the hardware and effectively improve the safety performance.
In operation 202, the first controller determines, according to the random value and the original data, a hash result corresponding to the original data, and sends the hash result to a server, where the hash result includes a hash value set and a mapping relationship, and the mapping relationship is used to reflect a relationship between the hash value set and the original data.
In this embodiment of the present invention, the random value may be sent to the first controller through the local server, and then the first controller generates the salt value corresponding to the random value through the built-in random number generator.
Therefore, the generation of the salt value is transferred to the participant for carrying out, the server side cannot acquire the salt value, namely, the original data of the participant cannot be reversely deduced, and the data security of the participant is effectively improved.
In this embodiment of the present invention, a hash result corresponding to original data is determined by the first controller according to the salt value and the original data, where the hash result includes a hash value set and a mapping relationship, and the mapping relationship is used to reflect a relationship between the hash value set and the original data.
In this embodiment of the present invention, the local server sends the original data to the first controller, and the first controller may hash and sort the original data to remove duplicate according to the salt value, to obtain a hash value set, and construct a mapping relationship between each hash value in the sorted hash value set and each original value in the original data, thereby determining, by the first controller, a hash result of the original data of the participant according to the salt value.
In this embodiment of the invention, the hash result is also sent to the server. Specifically, the first controller of the participant can directly communicate with the second controller of the server, and the hash result is sent to the server. The PSI server sends the hash result to the first controller of the service party, and the PSI server sends the hash result to the second controller of the service party.
In this embodiment of the invention, the first hash value result is also encrypted before being sent to the second controller. Accordingly, the second controller needs to decrypt the encrypted hash result before performing intersection based on the hash results of the multiple participants.
Encryption and decryption are applicable to the data transmission process, are optional operations of the preferred embodiment of the present invention, and do not necessarily need to be performed. For example: the first controller and the second controller of the invention are both FPGA, the calculation of the invention is executed in FPGA, and the parallel processing capability of FPGA is much larger than that of other general processors. Therefore, the hash function with higher complexity can be selected to hash the original data, and the safety of data transmission is ensured. For example: 10000 iterations of the PBKDF2 algorithm were used. As such, the key generation, key transmission operation, data encryption operation, and data decryption operation involved in the embodiments of the present invention may be omitted. The operation of directly transmitting data between each participant and the service party is adopted, and similarly, other data encryption algorithms can also be adopted to realize the encrypted transmission of the data. Therefore, the processing steps of the FPGA on the PSI server are further reduced, and the data processing speed is improved.
At operation 203, the first controller receives the hash result intersection sent by the server, where the hash result intersection is determined by the server according to the hash value set of each participant.
In this embodiment of the present invention, the first controller may receive the intersection of the hash results of the participants sent by the second controller. The second controller may perform intersection based on the hash results of the multiple participants to obtain an intersection of the hash results of the participants.
Here, a specific operation of the second controller performing intersection based on the hash results of the multiple participants to obtain an intersection of the hash results of the participants will be specifically described with reference to fig. 3, and details thereof are not repeated here.
In operation 204, the first controller determines an intersection result according to the hash result intersection and the mapping relationship.
In this embodiment of the present invention, the first controller queries an original value corresponding to each hash value of the intersection of the hash results of the participants from the mapping relationship, and a set of all the original values obtained by the query is an intersection result of the multiple participants, so that the intersection result of the multiple participants can be determined by the first controller according to the intersection of the hash results and the mapping relationship.
For example, the original data of the participant 1 includes { a, B, C, D, E }, a hash result obtained by hashing the original data is { E1, A1, C1, D1, B1}, a mapping relationship between an original value of the original data and a hashed hash value shows that a correspondence between the original value and the hashed hash value is { E1-E, A1-a, C1-C, D1-D, B1-B }, a first intersection array obtained by a second controller intersecting a set of hash values of multiple participants is { E1, A1, D1}, and then an intersection { a, D, E } of the multiple participants can be determined according to the mapping relationship and the first intersection array.
The first controller sends the intersection result of the multiple participants to the local server of the participant 1, and the participant 1 can apply the intersection result of the multiple participants.
Fig. 3 is a schematic flow chart illustrating an implementation of a method for performing secure intersection between multiple parties according to another embodiment of the present invention.
Referring to fig. 3, a method for solving intersection safely by multiple parties in an embodiment of the present invention is used for solving intersection of raw data of multiple parties, where a first party of the multiple parties is configured with a local server and a first controller that operates independently of the local server, the method is applied to a serving party, the serving party is configured with a PSI server and a second controller, and the second controller operates independently of the PSI server, and the method at least includes the following operation flows:
in operation 301, the second controller generates a random value for a plurality of participants and sends the random value to the first controller of any one of the plurality of participants.
In operation 302, the second controller receives a hash result corresponding to the original data of the participant sent by the first controller, where the hash result includes the set of hash values and a mapping relationship, and the mapping relationship is used to reflect a correspondence relationship between the set of hash values and the original data.
In this embodiment of the present invention, the PSI server of the service party may receive the hash result corresponding to the original data of the participant sent by the first controller, and the PSI server sends the hash results sent by the multiple participants to the second controller, where the hash result includes the hash value set and a mapping relationship, and the mapping relationship is used to reflect a corresponding relationship between the hash value set and the original data.
In operation 303, the second controller performs intersection according to the hash results of the multiple participants to determine an intersection of the hash results of the participants, the intersection of the hash results being determined according to the hash value set of each participant
In this embodiment of the present invention, the second controller performs intersection on the hash results of multiple participants, so as to obtain an intersection of the hash results. Specifically, the second controller of the service party may receive the hash results obtained by hashing the original data sent by the multiple participants through the operation 302, where the hash values in the hash results are all subjected to deduplication and sorting, so that streaming intersection may be performed, and distributed parallel processing may be adopted.
For example, the set of hash values of the participant 1 received by the second controller is { E1, A1, C1, D1, B1}, the set of hash values of the participant 2 received by the second controller is { E1, A1, D1, B1}, the set of hash values of the participant 3 received by the second controller is { E1, A1, C1, D1}, the set of hash values of the participant 4 received by the second controller is { E1, A1, D1}, the set of hash values of the participant 5 received by the second controller is { E1, A1, C1, D1, F1}, the set of hash values of the participant 6 received by the second controller is { E1, A1, G1, D1, B1}, and after the intersection, the intersection result of the hash values of the multiple participants is { E1, A1, D1}. And determining the hash values belonging to the hash value intersection result in the first hash value set to obtain a first intersection array of { E1, A1 and D1}.
Operation 304, sending the intersection of the hash results to the first controller of the participants, so as to determine, by the first controller, an intersection of the multiple participants according to the first intersection array and the mapping relationship.
Other specific implementation processes of operations 301 to 304 are similar to the specific implementation processes of operations 201 to 204 in the embodiment shown in fig. 2, and are not described here again.
Fig. 4 is a schematic implementation flow diagram of a specific application example of the method for safely intersecting multiple parties according to an embodiment of the present invention.
Here, based on fig. 1, the first controller of each participant and the second controller of the service side are configured with FPGAs as an example, and the interaction between the participant 1 and the service side is described as follows.
Referring to fig. 4, a specific application example of the method for safely finding an intersection by multiple parties in the embodiment of the present invention at least includes the following operation steps:
and S01, the local server of the participant 1 sends the equipment information W. Here, the device information may include a CPU serial number, a hard disk serial number, a hardware change table, a user password, and the like.
And S02, comparing the equipment information W with the internal equipment list A by the FPGA of the participant 1.
And S03, the FPGA of the participant 1 sends a remote authentication request to the FPGA of the server under the condition that the W belongs to A, wherein the remote authentication request carries the digital certificate solidified in the FPGA.
If the device information W is in the device list a, it indicates that the local server of party 1 is able to perform the corresponding operation through the FPGA. At this time, the digital certificate of the FPGA may be sent to the server FPGA for remote authentication.
And S04, the FPGA of the service party performs remote authentication on the participant 1 according to the digital certificate.
The remote authentication is performed by a remote authentication method commonly used in the art, and details are not described herein.
And S05, generating a true random value B by the FPGA of the server.
And the server executes the generation operation of the random value in the FPGA to generate a true random value B.
And S06, the service side FPGA generates a secret key aiming at the participant 1, wherein the secret key comprises a public key Y1 and a private key Y2.
It should be noted that, in this specific application example, main computations are all executed in an FPGA, and the parallel processing capability of the FPGA is much greater than that of other general-purpose processors, so a hash function with higher complexity may be selected in the following operation S11 to ensure the security of data transmission, for example: 10000 iterations of the PBKDF2 algorithm were used. As such, the key generation operation of the present operation S06, and the key transmission operation of S07 to S09, the data encryption operation of S14, and the data decryption operation of S18 described below can be omitted. And the operation of directly transmitting data between each participant and the service party is adopted, for example: the transmission of set C described below is done directly. Other data encryption algorithms may be used to encrypt the data for transmission. Therefore, the processing steps of the FPGA on the PSI server are further reduced, and the data processing speed is improved.
And S07, the service party FPGA sends the true random value B and the public key Y1 aiming at the participant 1 to the service party PSI server.
S08, the server PSI server forwards the true random value B and the public key Y1 for party 1 to the party 1 local server.
And S09, the local server of the participant 1 sends the true random value B, the public key Y1 aiming at the participant 1 and the original data to be solved to the FPGA of the participant 1.
And S10, the FPGA of the participant 1 inputs a true random value B through a built-in random number generator to generate salt.
The FPGA of the participant 1 inputs the true random value B through the built-in random number generator to generate the salt value, and the external PSI server is ensured not to obtain the salt value. The following situations are effectively avoided: under the condition that the salt is generated by the PSI server, if the PSI server receives or presets the data range and the step of the participant at the same time, the PSI server can reversely deduce the original data of the participant according to the salt, the data range and the step of the participant.
The PSI server of the service party cannot acquire the salt value, and even if a proper hash function is selected, the PSI server cannot crack original data uploaded by each participant in the modes of exhaustion and the like. The data security of the participants is effectively ensured.
S11, the FPGA of the participant 1 calls an internal high-level hash (hash) function to hash the original data to be submitted.
And S12, the FPGA of the participant 1 performs sorting and duplicate removal according to the hash values to obtain a hash value set C.
After the original data is hashed, the original value in the original data corresponds to a hash value, and since the data is processed by using the hash function, the value of the data is greatly changed, and the sorting is disordered, so that the hash value obtained by hashing the original data to be solved is subjected to duplication removal and sorting, and a hash value set C is obtained.
S13, the FPGA of the participant 1 constructs a mapping relation D between the hash value in the set C and the original finger in the original data to be subjected to intersection.
In order to subsequently restore the original values of the multi-party intersection, a mapping relation D between the hash values in the set C and the original fingers in the original data to be intersected needs to be constructed.
And S14, the FPGA of the participant 1 encrypts the data of the set C by using the public key Y1 to obtain data E.
And S15, the FPGA of the participant 1 sends the E to a local server of the participant 1.
And S16, the local server of the participant 1 sends the E to the PSI server of the service party.
And S17, the PSI server of the service party sends the E to the FPGA of the service party.
And S18, the FPGA of the server decrypts the E by using the private key Y2 to obtain a set C.
And S19, the FPGA of the service party performs intersection on the decrypted sets of the hash values of the multiple participants to obtain an intersection of the hash values, and determines an index F of the hash value in the set C in the intersection of the hash values.
Here, the server may receive a set of hash values obtained by hashing original data sent by multiple participants, where the multiple sets are all subjected to deduplication and sorting, so that streaming intersection may be performed, and distributed parallel processing may be adopted.
And S20, the FPGA of the service party sends the F to the PSI server of the service party.
S21, the PSI server of the service party sends F to the local server of the participant 1.
And S22, the local server of the participant 1 sends F to the FPGA of the participant 1.
And S23, restoring a multi-party intersection R by the FPGA of the participant 1 according to the F and the D.
S24, the FPGA of the participant 1 sends the multi-party intersection R to the local server of the participant 1.
The specific implementation process of operations S01 to S24 is similar to the related specific implementation process in the embodiment shown in fig. 2 and fig. 3, and is not described here again.
Therefore, in the method, the device, the computer-readable storage medium and the equipment for solving the intersection safely by multiple parties, controllers which are independent of the operation of the server are configured for the parties involved and the parties served, the main calculations such as the salt value calculation, the hash calculation of the original data of the parties involved and the like are operated in the independent controllers, the independent controllers can be FPGAs, and the local server of the parties involved and the PSI server of the parties served only play a role in transmission and storage, so that the calculation data in the independently operated controllers cannot be obtained. The overall safety of the process of solving intersection safely by multiple parties is effectively improved. And the parallel processing capacity of the controller which runs independently is far larger than that of a general processor in a server such as a local server of a participant and a PSI server of a service party, for example: an FPGA with high data processing speed and the like can be selected. Therefore, the embodiment of the invention adopts the FPGA as the trust root, is independent of a specific CPU, reduces the knowledge range and improves the safety performance. And the processing speed of solving intersection safely in many ways is greatly improved, the processing efficiency is obviously improved, and the user experience is effectively improved.
Fig. 5 shows an embodiment of the apparatus for intersection of multi-party security according to the present invention. The apparatus of the present embodiment is a physical apparatus for performing the method of fig. 1 to 4. The technical solution is essentially the same as that in the above embodiment, and the corresponding description in the above embodiment is also applicable to this embodiment. Referring to fig. 5, an apparatus for secure intersection of multiple parties is provided, where the apparatus is used for any party in multiple parties, and any party is configured with a local server and a first controller, and the apparatus 50 includes: a first receiving module 501, configured to receive, by the first controller, a random value sent by a server; a hashing module 502, configured to determine, by the first controller according to the random value and original data, a hash result corresponding to the original data, and send the hash result to a server, where the hash result includes a hash value set and a mapping relationship, and the mapping relationship is used to reflect a relationship between the hash value set and the original data; a second receiving module 503, configured to receive, by the first controller, a hash result intersection sent by the service party, where the hash result intersection is determined by the service party according to the hash value set of each participant; an intersection determining module 504, configured to determine an intersection result according to the intersection of the hash results and the mapping relationship by the first controller.
According to one embodiment of the invention, the hashing module 502 includes: the salt value determining submodule is used for determining a salt value according to the random value; and the hashing submodule is used for determining a hashing result corresponding to the original data according to the salt value and the original data.
According to an embodiment of the invention, the hash submodule comprises: the data processing unit is used for hashing, sequencing and de-duplicating the original data according to the salt value to obtain the hash value set; and the mapping relation construction unit is used for constructing the mapping relation between each hash value in the hash value set and each original value in the original data.
According to an embodiment of the present invention, the service side is configured with a PSI server and the second controller.
According to an embodiment of the invention, the random value is generated by the second controller for a plurality of the parties.
According to an embodiment of the invention, the apparatus 50 further comprises: the device information sending module is used for sending the device information of the local server to the first controller through the local server before the first controller receives the random value sent by the server; the attribute determining module is used for determining the attribute characteristics of the local server according to the equipment information through the first controller; and the authentication module is used for performing remote authentication with the server side through the first controller according to the attribute characteristics.
According to an embodiment of the present invention, the intersection determining module 504 includes: and the original value query submodule is used for querying an original value corresponding to each hash value in the intersection of the hash results from the mapping relation through the first controller, and a set of all the original values obtained through query is the intersection result.
According to an embodiment of the present invention, the first controller is an FPGA or an SGX.
Fig. 6 shows another embodiment of the apparatus for secure intersection of multiple parties according to the present invention. The apparatus of this embodiment is a physical apparatus for performing the method of fig. 1 to 4. The technical solution is essentially the same as that in the above embodiment, and the corresponding description in the above embodiment is also applicable to this embodiment. Referring to fig. 6, an embodiment of the present invention is applied to a service party configured with a PSI server and a second controller, and the apparatus 60 includes: a random value generating module 601, configured to generate a random value for a plurality of participants by the second controller, and send the random value to the first controller of any one of the plurality of participants; a hash receiving module 602, configured to receive, by the second controller, a hash result corresponding to original data of the participant sent by the first controller, where the hash result includes the set of hash values and a mapping relationship, and the mapping relationship is used to reflect a correspondence relationship between the set of hash values and the original data; an intersection module 603, configured to perform intersection by the second controller according to the hash results of the multiple participants, and determine an intersection of the hash results of the participants, where the intersection of the hash results is determined according to the hash value set of each participant; an intersection sending module 604, configured to send the intersection of the hash results to the first controllers of the participants, so as to determine, by the first controller, an intersection of the multiple participants according to the first intersection array and the mapping relationship.
Fig. 7 is a schematic structural diagram of an apparatus according to an embodiment of the present invention. On the hardware level, the device comprises a processor and optionally an internal bus, a network interface and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the device may also include hardware required for other services.
The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 7, but this does not indicate only one bus or one type of bus.
And the memory is used for storing the execution instruction. In particular, a computer program that can be executed by executing instructions. The memory may include both memory and non-volatile storage and provides execution instructions and data to the processor.
In a possible implementation manner, the processor reads the corresponding execution instruction from the nonvolatile memory to the memory and then runs the corresponding execution instruction, and may also obtain the corresponding execution instruction from other devices, so as to form the multi-party security intersection device on a logical level. The processor executes the execution instruction stored in the memory, so that the method for performing multi-party secure intersection provided in any embodiment of the invention is realized through the executed execution instruction.
The method performed by the apparatus for securely intersecting multiple parties provided by the embodiments of the present invention shown in fig. 5 and 6 can be applied to or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.
An embodiment of the present invention further provides a readable storage medium, where the readable storage medium stores an execution instruction, and when the stored execution instruction is executed by a processor of an electronic device, the electronic device can be caused to perform the method for securely intersection-solving among multiple parties provided in any embodiment of the present invention, and is specifically configured to perform the method shown in fig. 1 to 4.
The electronic device in the foregoing embodiments may be a computer.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects.
The embodiments of the present invention are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and reference may be made to the partial description of the method embodiment for relevant points.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional identical elements in the process, method, article, or apparatus comprising the element.
The above description is only an example of the present invention and is not intended to limit the present invention. Various modifications and alterations to this invention will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the scope of the claims of the present invention.

Claims (12)

1. A method for secure intersection of multiple parties, wherein each party is configured with a local server and a first controller, the method comprising:
the first controller receives a random value sent by a server;
the first controller determines a hash result corresponding to the original data according to the random value and the original data, and sends the hash result to a server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data;
the first controller receives a hash result intersection sent by the service party, wherein the hash result intersection is determined by the service party according to the hash value set of each participant;
the first controller determines an intersection result according to the hash result intersection and the mapping relation;
wherein, the first controller determines a hash result corresponding to the original data according to the random value and the original data, and includes:
determining a salt value according to the random value;
according to the salt value, hashing and sequencing de-duplication are carried out on the original data to obtain a hash value set;
and constructing a mapping relation between each hash value in the hash value set and each original value in the original data.
2. The method of claim 1, wherein the server is configured with a PSI server and a second controller.
3. The method of claim 2, wherein the random value is generated by the second controller for a plurality of the participants.
4. The method of claim 1, wherein before the first controller receives the random value sent by the server, the method further comprises:
the local server sends the equipment information of the local server to the first controller;
the first controller determines the attribute characteristics of the local server according to the equipment information;
and performing remote authentication with the server through the first controller according to the attribute characteristics.
5. The method of claim 1, wherein determining, by the first controller, an intersection result from the intersection of hash results and the mapping relationship comprises:
and the first controller inquires an original value corresponding to each hash value in the hash result intersection from the mapping relation, and the set of all the original values obtained through inquiry is the intersection result.
6. The method of any one of claims 1-5, wherein the first controller is an FPGA or an SGX.
7. A method for secure intersection of multiple parties, for a serving party configured with a PSI server and a second controller, the method comprising:
a first controller that generates random values for a plurality of participants and transmits the random values to any one of the plurality of participants;
the second controller receives a hash result corresponding to the original data of the participant, which is sent by the first controller, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the corresponding relation between the hash value set and the original data; the hash result is obtained by the first controller by: determining a salt value according to the random value; according to the salt value, hashing and sequencing de-duplication are carried out on the original data to obtain a hash value set; constructing a mapping relation between each hash value in the hash value set and each original value in the original data;
the second controller performs intersection according to the hash results of the multiple participants, and determines a hash result intersection of the participants, wherein the hash result intersection is determined according to the hash value set of each participant;
the second controller sends the intersection of the hash results to the first controller of the participants, so that the first controller determines the intersection of the participants according to the first intersection array and the mapping relation.
8. An apparatus for secure intersection of multiple parties, any party of the multiple parties being configured with a local server and a first controller, the apparatus comprising:
the first receiving module is used for receiving the random value sent by the server by the first controller;
the first controller determines a hash result corresponding to original data according to the random value and the original data, and sends the hash result to a server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting a relation between the hash value set and the original data;
a second receiving module, configured to receive, by the first controller, a hash result intersection sent by the service party, where the hash result intersection is determined by the service party according to a hash value set of each participant;
the intersection determining module is used for determining an intersection result by the first controller according to the hash result intersection and the mapping relation;
the hash module is specifically configured to determine, by the first controller, a salt value according to the random value; according to the salt value, hashing and sequencing de-duplication are carried out on the original data to obtain a hash value set; and constructing a mapping relation between each hash value in the hash value set and each original value in the original data.
9. An apparatus for secure intersection of multiple parties, wherein a serving party is configured with a PSI server and a second controller, the apparatus comprising:
a random value generation module for the second controller to generate random values for a plurality of participants and to send the random values to the first controller of any one of the plurality of participants;
a hash receiving module, configured to receive, by the second controller, a hash result corresponding to original data of the participant sent by the first controller, where the hash result includes a hash value set and a mapping relationship, and the mapping relationship is used to reflect a correspondence between the hash value set and the original data; the hash result is obtained by the first controller by: determining a salt value according to the random value; according to the salt value, hashing and sequencing de-duplication are carried out on the original data to obtain a hash value set; constructing a mapping relation between each hash value in the hash value set and each original value in the original data;
the intersection module is used for the second controller to perform intersection according to the hash results of the multiple participants and determine the intersection of the hash results of the participants, wherein the intersection of the hash results is determined according to the hash value set of each participant;
and the intersection sending module is used for sending the intersection of the hash results to the first controllers of the participants so that the first controllers determine the intersection of the participants according to the first intersection array and the mapping relation.
10. A system for secure intersection of multiple parties, the system comprising:
the server is provided with a PSI server and a second controller, and the second controller is used for generating random values for a plurality of participants and sending the random values to a first controller of any one of the participants; receiving a hash result corresponding to the original data of the participant, which is sent by the first controller, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the corresponding relation between the hash value set and the original data; performing intersection according to the hash results of the multiple participants, and determining the intersection of the hash results of the participants, wherein the intersection of the hash results is determined according to the hash value set of each participant; and sending the hash result intersection to a first controller of the participants, so that the first controller determines the intersection of the participants according to a first intersection array and the mapping relation;
a plurality of participants, any one of the plurality of participants configured with a local server and a first controller; the first controller is used for receiving a random value sent by a server; according to the random value and the original data, determining a hash result corresponding to the original data, and sending the hash result to a server, wherein the hash result comprises a hash value set and a mapping relation, and the mapping relation is used for reflecting the relation between the hash value set and the original data; receiving a hash result intersection sent by the server, wherein the hash result intersection is determined by the server according to the hash value set of each participant; determining an intersection result according to the hash result intersection and the mapping relation; determining a hash result corresponding to the original data according to the random value and the original data, wherein the determining includes: determining a salt value according to the random value; according to the salt value, hashing and sequencing de-duplication are carried out on the original data to obtain a hash value set; and constructing a mapping relation between each hash value in the hash value set and each original value in the original data.
11. An apparatus, characterized in that the apparatus comprises:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of multi-party security intersection as recited in any of claims 1-7.
12. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method for multi-party secure intersection set according to any one of claims 1-7.
CN202111084911.3A 2021-09-16 2021-09-16 Method, device, storage medium and equipment for solving intersection safely by multiple parties Active CN113901425B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111084911.3A CN113901425B (en) 2021-09-16 2021-09-16 Method, device, storage medium and equipment for solving intersection safely by multiple parties

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111084911.3A CN113901425B (en) 2021-09-16 2021-09-16 Method, device, storage medium and equipment for solving intersection safely by multiple parties

Publications (2)

Publication Number Publication Date
CN113901425A CN113901425A (en) 2022-01-07
CN113901425B true CN113901425B (en) 2022-12-16

Family

ID=79028598

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111084911.3A Active CN113901425B (en) 2021-09-16 2021-09-16 Method, device, storage medium and equipment for solving intersection safely by multiple parties

Country Status (1)

Country Link
CN (1) CN113901425B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114519585A (en) * 2022-01-29 2022-05-20 中银金融科技有限公司 Early warning method and system based on multi-party united card opening information
CN114553593B (en) * 2022-03-22 2024-05-28 杭州博盾习言科技有限公司 Multiparty secure computing privacy exchange method, device, equipment and storage medium
CN114866312B (en) * 2022-04-24 2024-07-12 支付宝(杭州)信息技术有限公司 Shared data determining method and device for protecting data privacy
CN115396091A (en) * 2022-08-25 2022-11-25 太保科技有限公司 Secure computing method and device based on SGX technology
CN115412364B (en) * 2022-10-19 2023-03-24 北京融数联智科技有限公司 Method, system and medium for safely solving intersection of multiple parties without third party
CN116506227B (en) * 2023-06-27 2023-09-19 腾讯科技(深圳)有限公司 Data processing method, device, computer equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179150A (en) * 2021-04-26 2021-07-27 杭州宇链科技有限公司 Homomorphic privacy set intersection method based on order preserving function

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10380098B1 (en) * 2015-09-30 2019-08-13 EMC IP Holding Company LLC Fine-grained shared multi-tenant de-duplication system
CN109951443B (en) * 2019-01-28 2021-06-04 湖北工业大学 Set intersection calculation method and system for privacy protection in cloud environment
CN111222165B (en) * 2020-01-10 2022-09-23 北京百度网讯科技有限公司 Multi-party computing method, device, equipment and medium based on block chain
CN112699386B (en) * 2020-12-22 2024-06-11 杭州趣链科技有限公司 Method, equipment, electronic device and storage medium for acquiring private data intersection
CN112910631B (en) * 2021-02-08 2022-11-22 上海海洋大学 Efficient privacy set intersection calculation method and system based on cloud server assistance
CN113312641B (en) * 2021-06-02 2023-07-18 杭州趣链科技有限公司 Multi-point multi-party data interaction method, system, electronic device and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179150A (en) * 2021-04-26 2021-07-27 杭州宇链科技有限公司 Homomorphic privacy set intersection method based on order preserving function

Also Published As

Publication number Publication date
CN113901425A (en) 2022-01-07

Similar Documents

Publication Publication Date Title
CN113901425B (en) Method, device, storage medium and equipment for solving intersection safely by multiple parties
JP6547079B1 (en) Registration / authorization method, device and system
CN108377189B (en) Block chain user communication encryption method and device, terminal equipment and storage medium
CN108632292B (en) Data sharing method and system based on alliance chain
WO2021013245A1 (en) Data key protection method and system, electronic device and storage medium
Yuan et al. Secure cloud data deduplication with efficient re-encryption
Sun et al. Catch you if you lie to me: Efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data
EP2912800B1 (en) Methods and apparatus for data access control
CN112926051B (en) Multi-party security computing method and device
CN113037484B (en) Data transmission method, device, terminal, server and storage medium
CN108696518B (en) Block chain user communication encryption method and device, terminal equipment and storage medium
CN112835912B (en) Data storage method and device based on block chain and storage medium
CN111046427A (en) Block chain-based data access control method, device, equipment and medium
CN113434555B (en) Data query method and device based on searchable encryption technology
CN114826652A (en) Traceable access control method based on double block chains
Wen et al. BDO-SD: An efficient scheme for big data outsourcing with secure deduplication
CN111723384A (en) Data processing method, system and equipment
CN111314066B (en) Block chain-based data transfer method, terminal and computer-readable storage medium
US10785193B2 (en) Security key hopping
CN115134084A (en) Search method, device and equipment based on elliptic curve password and storage medium
Park et al. PKIS: practical keyword index search on cloud datacenter
CN117390675A (en) Data query method, electronic device, and readable storage medium
CN117371010A (en) Data trace query method, electronic device and readable storage medium
CN114866244B (en) Method, system and device for controllable anonymous authentication based on ciphertext block chaining encryption
CN113626146B (en) Container mirror image safe distribution method and device based on user attributes

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant