CN113904808A - Private key distribution and decryption method, device, equipment and medium - Google Patents

Private key distribution and decryption method, device, equipment and medium Download PDF

Info

Publication number
CN113904808A
CN113904808A CN202111050686.1A CN202111050686A CN113904808A CN 113904808 A CN113904808 A CN 113904808A CN 202111050686 A CN202111050686 A CN 202111050686A CN 113904808 A CN113904808 A CN 113904808A
Authority
CN
China
Prior art keywords
private key
sub
ciphertext
private
numerical value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111050686.1A
Other languages
Chinese (zh)
Inventor
张宇
张庆勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Infosec Technologies Co Ltd
Original Assignee
Beijing Infosec Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Infosec Technologies Co Ltd filed Critical Beijing Infosec Technologies Co Ltd
Priority to CN202111050686.1A priority Critical patent/CN113904808A/en
Publication of CN113904808A publication Critical patent/CN113904808A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3093Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving Lattices or polynomial equations, e.g. NTRU scheme

Abstract

The invention discloses a method, a device, equipment and a medium for distributing and decrypting a private key.

Description

Private key distribution and decryption method, device, equipment and medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method, an apparatus, a device, and a medium for distributing and decrypting a private key.
Background
Along with the attention paid to the security degree in the file transmission and information transmission processes, more and more encryption methods and decryption algorithms are applied, wherein the lattice encryption algorithm is the encryption algorithm which is generally accepted at present and can resist quantum computers.
However, in the prior art, in the process of applying the lattice encryption algorithm, the private key is held in the hand of a single decryptor, that is, the private key is stored in one device. After encrypting a file to be encrypted according to the published public key, an encryptor sends the encrypted ciphertext to the equipment, and after receiving the ciphertext, the equipment decrypts the ciphertext according to a prestored private key to generate a corresponding plaintext. Since the private key is only held by a single decryption party, that is, the private key is only stored in one device, once the device is invaded, the private key is leaked, and the security of the information is seriously affected.
Disclosure of Invention
The invention provides a method, a device, equipment and a medium for distributing and decrypting a private key, which are used for solving the problems that in the prior art, once the equipment is invaded, the private key is leaked and the safety of information is seriously influenced because the private key is stored in the equipment.
In a first aspect, an embodiment of the present invention provides a private key distribution method, where the method includes:
generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key;
splitting the private key into at least two sub-private keys, wherein the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are obtained;
and sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
In a second aspect, an embodiment of the present invention provides a decryption method based on the private key distribution method, where the method includes:
receiving a decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to a received target sub-private key;
and determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
In a third aspect, an embodiment of the present invention provides a decryption method, where the method includes:
receiving a ciphertext;
and decrypting the ciphertext according to the received target sub private key to obtain a first numerical value and sending the first numerical value.
In a fourth aspect, an embodiment of the present invention provides a private key distribution apparatus, where the apparatus includes:
the generating module is used for generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key;
the splitting module is used for splitting the private key into at least two sub-private keys, wherein the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are obtained;
and the sending module is used for sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
In a fifth aspect, an embodiment of the present invention provides a decryption apparatus based on the private key distribution apparatus, where the apparatus includes:
the first receiving module is used for receiving the decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to the received target sub-private key;
and the determining module is used for determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
In a sixth aspect, an embodiment of the present invention provides a decryption apparatus, where the apparatus includes:
the second receiving module is used for receiving the ciphertext;
and the processing module is used for decrypting the ciphertext according to the received target sub-private key to obtain a first numerical value and sending the first numerical value.
In a seventh aspect, an embodiment of the present invention provides an electronic device, where the electronic device at least includes a processor and a memory, and the processor is configured to execute, when executing a computer program stored in the memory, the steps of any one of the above private key distribution methods, or the steps of any one of the above decryption methods based on the key distribution method, or the steps of any one of the above decryption methods.
In an eighth aspect, an embodiment of the present invention provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program performs the steps of any one of the above-mentioned private key distribution methods or performs the steps of any one of the above-mentioned decryption methods based on the key distribution method or performs the steps of any one of the above-mentioned decryption methods.
In the embodiment of the invention, a corresponding public and private key pair is generated according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key, the private key is divided into at least two sub-private keys, the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are used, and a target sub-private key in the at least two sub-private keys is sent to a first device. In the embodiment of the invention, after the private key is generated, the private key is split into at least two sub private keys, and the target sub private key in the at least two sub private keys is sent to the first device, so that different sub private keys are stored in different devices, even if one device is invaded, the private key cannot be leaked, and the information security is ensured.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a schematic process diagram of a private key distribution method according to an embodiment of the present invention;
fig. 2 is a schematic process diagram of a decryption method based on a private key distribution method according to an embodiment of the present invention;
fig. 3 is a schematic process diagram of a decryption method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a device for distributing a private key according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a decryption apparatus based on a private key distribution apparatus according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a decryption apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to embodiment 11 of the present invention;
fig. 8 is a schematic structural diagram of an electronic device according to embodiment 12 of the present invention;
fig. 9 is a schematic structural diagram of an electronic device according to embodiment 13 of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1:
in order to reduce the risk of private key leakage and protect the security of information, embodiments of the present invention provide a private key distribution method, a private key decryption method, a private key distribution device, a private key decryption device, and a private key distribution medium.
Fig. 1 is a schematic process diagram of a private key distribution method provided in an embodiment of the present invention, where the process includes the following steps:
s101: and generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key.
The private key distribution method provided by the embodiment of the invention is applied to electronic equipment, and the electronic equipment can be intelligent terminals, PCs or servers and other equipment.
In order to ensure the security of the information, the file or the information to be transmitted may be encrypted based on an encryption algorithm at the transmitting end, and the encrypted file or information may be decrypted at the receiving end. Therefore, in order to encrypt and decrypt the file or information to be transmitted, a public key capable of encrypting the file or information to be transmitted and a private key capable of decrypting the encrypted file or information are obtained. In the embodiment of the present invention, a corresponding public-private key pair may be generated according to a lattice encryption algorithm, where the public-private key pair includes a private key and a public key, and the private key is used to decrypt an encrypted file or encrypted information after receiving the encrypted file or the encrypted information.
Specifically, in the process of generating a corresponding public-private key pair based on a lattice encryption algorithm, two random bit strings are generated first, where the random bit strings may also be referred to as seeds, and the length of the random bit strings is 256. Can be expressed as: (ρ, σ) ← {0,1}256Where ρ and σ are the two random bit strings, respectively, and the expression characterizes the two random bit strings ρ and σ as 256-length random bit strings of 0 or 1, respectively.
In the embodiment of the present invention, for convenience of description, ρ may be referred to as a first random bit string, and σ may be referred to as a second random bit string. The two random bit strings are then input into a Sam function, respectively, which is used to generate corresponding matrices after the random bit strings are input, and the elements in each matrix are a polynomial on a polynomial ring, and the polynomial corresponding to each element is a polynomial random in the polynomial ring.
Specifically, after the first random bit string ρ is input into the Sam function, a K × K matrix is obtained, which can be expressed as:
Figure BDA0003252833790000051
the expression characterization inputs rho into the Sam function to obtain a K multiplied by K matrix A, and each element in the matrix A is a random polynomial contained in a polynomial ring. Wherein the polynomial ring comprises three parts, each of which is (R)qAnd, +,) wherein,
Figure BDA0003252833790000052
wherein Z isqIs the set of all non-negative integers less than q, where n may be 256 and q may be 3329, that is, if q is 3329, then Z isq={0,1,2……3328},aiIs at ZqX is a variable of the polynomial.
In the embodiment of the present invention, the process of determining the addition + is: r is to beqWherein any one polynomial is determined to be P1And is and
Figure BDA0003252833790000053
the P is1Is that
Figure BDA0003252833790000054
For convenience of describing the operation between arbitrary polynomials, the other polynomial is determined as P2And is and
Figure BDA0003252833790000061
wherein, the
Figure BDA0003252833790000062
Also is that
Figure BDA0003252833790000063
In the above, the coefficients of the polynomial are represented by b for the sake of distinctioniAnd (4) showing. Wherein the content of the first and second substances,
Figure BDA0003252833790000064
wherein, ci=ai+bimodq, wherein the P1And P2Are each RqA corresponding polynomial, and the P1And P2Which may be the same or different, e.g. the RqIncludes two polynomials x and x2Then P is1+P2Comprises 3, x + x2、x2+x2And x + x.
In the embodiment of the present invention, the process of determining multiplication is: r is to beqWherein any one polynomial is determined to be P1And is and
Figure BDA0003252833790000065
the P is1Is that
Figure BDA0003252833790000066
For convenience of describing the operation between arbitrary polynomials, the other polynomial is determined as P2And is and
Figure BDA0003252833790000067
wherein, the
Figure BDA0003252833790000068
Also is that
Figure BDA0003252833790000069
In the above, the coefficients of the polynomial are represented by b for the sake of distinctionjAnd (4) showing. Wherein the content of the first and second substances,
Figure BDA00032528337900000610
wherein the content of the first and second substances,
Figure BDA00032528337900000611
wherein the P is1And P2Are each RqA corresponding polynomial, and the P1And P2Which may be the same or different, e.g. the RqIncludes two polynomials x and x2Then P is1.P2Comprises 3, each of which is x.x2、x2·x2And x · x.
The second random bit string σ is input to the Sam function, s and e are obtained, where s and e are each a K × 1 matrix, and each matrix contains K elements, that is, s and e are each a vector containing K elements, and each vector contains K components. For the sake of convenience of distinction, s is referred to as a first matrix obtained by inputting the second random bit string σ to the Sam function, and e is referred to as a second matrix obtained by inputting the second random bit string σ to the Sam function, and can be expressed as:
Figure BDA00032528337900000612
Figure BDA00032528337900000613
the equation represents the second random ratioInputting a special string sigma into a Sam function to obtain two K multiplied by 1 matrixes of s and e, wherein each element in the first matrix s corresponds to a polynomial, each element in the second matrix e also corresponds to a polynomial, eta is a numerical value far smaller than q, coefficients before variables in each polynomial included in s and e are smaller than eta, and s is a matrix corresponding to a private key in a public and private key pair generated based on a lattice encryption algorithm.
Based on a lattice encryption algorithm, a generated public key is a two-dimensional vector, in order to determine a public key in a public and private key pair, a component of the two-dimensional vector corresponding to the public key is determined first, for convenience of description, a first component of the two-dimensional vector is referred to As a first component, and a second component of the two-dimensional vector is referred to As a second component.
S102: splitting the private key into at least two sub-private keys, wherein the numerical value of the corresponding component in the vector corresponding to the at least two sub-private keys and the value of the component at the corresponding position of the vector corresponding to the private key are obtained.
Since the general private key is only held by a single decryption party, that is, the general private key is only stored in one device, if the device is invaded, the key is leaked, and the security of the information is affected. In order to ensure the security of information, in the embodiment of the present invention, after obtaining the private key, the private key may be split into at least two sub-private keys. And the numerical value of the corresponding component in the vector corresponding to the at least two sub private keys and the value of the component at the position corresponding to the vector corresponding to the private key are obtained. That is, random selection
Figure BDA0003252833790000071
Where s is a private key, siIs as followsThe i sub-private keys are,
Figure BDA0003252833790000072
characterization siThe K elements contained in (a) are polynomials in a polynomial ring,
Figure BDA0003252833790000073
the sum value of the components corresponding to the vector corresponding to each sub-private key is the value of the component at the corresponding position of the vector corresponding to the private key, that is, the sum value of the elements corresponding to the K × 1 matrix corresponding to each sub-private key is the value of the elements corresponding to the K × 1 matrix corresponding to the private key.
For example, the vector corresponding to the private key is (a, b, c), the private key is split into two sub-private keys, and the vectors corresponding to the two sub-private keys are (a) respectively1,b1,c1) And (a)2,b2,c2) And then the components corresponding to the private key and the sub private key satisfy: a is1+a2=a,b1+b2=b,c1+c2=c。
S103: and sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
In the embodiment of the present invention, after the private key is split into two sub-private keys, in order to ensure the security of information, each sub-private key may be sent to different first devices, specifically, at least one target sub-private key of the at least two split sub-private keys may be sent to the first devices, where each first device receives one target sub-private key, where all sub-private keys of the at least two sub-private keys may be determined as the target sub-private key, or a part of sub-private keys of the at least two sub-private keys may be determined as the target sub-private keys, and the number of the target sub-private keys is not greater than the number of the sub-private keys.
In the embodiment of the invention, after the private key is generated, the private key is split into at least two sub private keys, and the target sub private key in the at least two sub private keys is sent to the first device, so that different sub private keys are stored in different devices, even if one device is invaded, the private key cannot be leaked, and the information security is ensured.
Example 2:
in order to encrypt a plaintext and generate a corresponding ciphertext, on the basis of the foregoing embodiment, in an embodiment of the present invention, after generating a corresponding public-private key pair, the method further includes:
and publishing a public key contained in the public and private key pair.
After a corresponding public and private key pair is generated according to a lattice encryption algorithm, in order to enable an electronic device where an encryptor is located to encrypt a file or information to be transmitted, that is, to enable the encryptor to encrypt a plaintext and generate a corresponding ciphertext, in the embodiment of the present invention, after the electronic device obtains the public and private key pair, a public key included in the public and private key pair is published.
Example 3:
in order to implement that the sub-private keys can be stored in different devices, and a risk of private key leakage is reduced, on the basis of the foregoing embodiments, in an embodiment of the present invention, the sending at least one target sub-private key of the at least two sub-private keys to the first device includes:
and determining each sub-private key of the at least two sub-private keys as a target sub-private key, and respectively sending the at least two target sub-private keys to the corresponding at least two first devices.
In order to prevent the risk of private key leakage when one or several devices are intruded, the split sub-private keys may be stored in different devices, and in the embodiment of the present invention, each of the at least two sub-private keys may be determined as a target sub-private key, and the at least two target sub-private keys are respectively sent to the corresponding at least two first devices, that is, each target sub-private key is respectively sent to different first devices.
For example, the private key is split into two sub-private keys, namely a sub-private key 1 and a sub-private key 2, the sub-private key 1 and the sub-private key 2 are both determined as target sub-private keys, the sub-private key 1 can be sent to the first device 1, and the sub-private key 2 can be sent to the first device 2.
In order to achieve that when one device or several devices are hacked, there is no risk of revealing the private key, on the basis of the above embodiments, in an embodiment of the present invention, the sending at least one target private sub-key of the at least two private sub-keys to the first device includes:
and storing one of the at least two sub-private keys, determining other sub-private keys except the stored sub-private key in the at least two sub-private keys as target sub-private keys, and respectively sending the at least one target sub-private key to the corresponding at least one first device.
In order to prevent the risk of private key leakage when one or more devices are invaded, the split sub-private keys can be stored in different devices, in the embodiment of the present invention, because the electronic device itself can also decrypt according to the ciphertext and the sub-private keys, the electronic device can also store one of the at least two sub-private keys for subsequent decryption operation based on the stored sub-private keys and the received ciphertext. And determining other sub-private keys except the stored sub-private key in the at least two sub-private keys as target sub-private keys, and distributing the at least one target sub-private key to corresponding at least one first device, that is, the electronic device stores one sub-private key in the at least two sub-private keys, and respectively sends each sub-private key in the other sub-private keys except the stored sub-private key to different first devices.
For example, the private key is split into two sub-private keys, namely a sub-private key 1 and a sub-private key 2, the electronic device stores the sub-private key 1, determines the sub-private key 2 as a target sub-private key, and can send the sub-private key 2 to the first device 1.
Example 4:
fig. 2 is a schematic process diagram of a decryption method based on a private key distribution method according to an embodiment of the present invention, where the process includes the following steps:
s201: and receiving a decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to the received target sub-private key.
The decryption method provided by the embodiment of the invention is applied to electronic equipment, the electronic equipment can be intelligent terminals, PCs or servers and other equipment, and the electronic equipment is the same as the electronic equipment applied by the private key distribution method.
After the electronic device sends the target sub-private key of the at least two sub-private keys to the first device, the received target sub-private keys are stored in the first device, and in the process of decrypting the ciphertext, the electronic device can directly receive the target sub-private key sent by each first device, determine the private key based on each received target sub-private key, and then decrypt the ciphertext based on the determined private key. However, after the electronic device determines the private key, if the electronic device is invaded, the private key is still leaked, and the security of the information is affected.
Therefore, in order to avoid disclosure of the private key, in the embodiment of the present invention, after the electronic device sends the target sub-private key of the at least two sub-private keys to the first device, the first device may decrypt the received ciphertext based on the received target sub-private key. The encryptor firstly sends the ciphertext to the electronic device based on the published public key and the ciphertext generated by the plaintext, and then the electronic device sends the ciphertext to each first device after receiving the ciphertext because the target sub-private key is stored in the first device. The first device may decrypt the ciphertext based on the received target sub-private key to obtain a first numerical value and send the first numerical value, where the first numerical value is an intermediate quantity obtained when the ciphertext is decrypted and is not a decrypted plaintext obtained finally, that is, the electronic device receives the first numerical value obtained by decrypting each first device, where the first numerical value is obtained by decrypting the ciphertext by the first device according to the received target sub-private key.
S202: and determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
In order to decrypt a ciphertext, in the embodiment of the present invention, after receiving a first numerical value sent by each first device, the electronic device determines, according to the first numerical value sent by each first device and a preset function, a plaintext corresponding to the ciphertext.
In the embodiment of the invention, based on the first numerical value obtained by decryption in each first device and the preset function, the plaintext corresponding to the ciphertext can be obtained, instead of receiving the sub-private key of each first device to form the private key and then decrypting the ciphertext, the information security is improved.
Example 5:
in order to determine a plaintext corresponding to a ciphertext, on the basis of the foregoing embodiment, in an embodiment of the present invention, the determining the plaintext corresponding to the ciphertext according to the first value and a preset function sent by each first device includes:
and if each sub-private key in the at least two sub-private keys is determined as a target sub-private key, determining a first sum of the first numerical values of all the first devices, and determining a plaintext corresponding to the ciphertext according to the first sum and a preset function.
In this embodiment of the present invention, the target sub-private key may be all sub-private keys of at least two sub-private keys obtained by splitting the private key, that is, the electronic device sends all sub-private keys of the at least two sub-private keys obtained by splitting the private key to the corresponding at least two first devices, or determines, as the target private key, other sub-private keys of the at least two sub-private keys obtained by splitting the private key except for the stored sub-private key, that is, the electronic device stores one sub-private key of the at least two sub-private keys obtained by splitting the private key, and sends other sub-private keys except for the stored sub-private key to the corresponding at least one first device.
Therefore, in order to determine the plaintext corresponding to the ciphertext, if each of the at least two sub-private keys is determined as the target sub-private key, the electronic device determines a first sum of the first numerical values of all the first devices after receiving the first numerical value of each first device, and determines the plaintext corresponding to the ciphertext according to the first sum and a preset function. It is composed ofIn which the preset function is
Figure BDA0003252833790000111
Wherein y is a plaintext corresponding to the ciphertext, q is a preset parameter, and X isiIs a first numerical value of the ith first device, n is the total number of the sub private keys split by the private key and is also the total number of the first devices, wherein mod is a remainder function, wherein,
Figure BDA0003252833790000112
is a pair of
Figure BDA0003252833790000113
Rounding up nearby.
In order to determine a plaintext corresponding to a ciphertext, on the basis of the foregoing embodiments, in an embodiment of the present invention, if a sub-private key other than a stored sub-private key of the at least two sub-private keys is determined as a target private key, before determining the plaintext corresponding to the ciphertext according to the first value and a preset function sent by each first device, the method further includes:
receiving the ciphertext;
determining, according to the first numerical value sent by each first device and a preset function, a plaintext corresponding to the ciphertext, includes:
determining a second sum of said first values for all first devices;
decrypting the ciphertext according to the stored sub private key to obtain a second numerical value;
and determining a third sum of the second sum and the second numerical value, and determining a plaintext corresponding to the ciphertext according to the third sum and a preset function.
If the other sub-private keys except the stored sub-private key in the at least two sub-private keys are determined as the target private keys, in order to determine the plaintext corresponding to the ciphertext, in the embodiment of the present invention, before determining the plaintext corresponding to the ciphertext according to the first value and the preset function sent by each first device, the ciphertext is received, where the ciphertext is determined by the encryptor based on the plaintext and the published public key.
In the embodiment of the invention, in the process of determining the plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and the preset function, the electronic device determines the second sum of the first numerical values sent by all the first devices, decrypts the received ciphertext according to the stored sub-private key to obtain the second numerical value, and then determines the plaintext corresponding to the ciphertext according to the third sum of the second sum and the second numerical value and the third sum and the preset function.
Wherein the predetermined function is
Figure BDA0003252833790000121
Wherein y is a plaintext corresponding to the ciphertext, and q is a preset parameteriIs a first value of the ith first device, Z is a second value, n is a total number of first devices, where mod is a remainder function, where
Figure BDA0003252833790000122
Is a pair of
Figure BDA0003252833790000123
Rounding up nearby.
In order to determine the second value and further implement decryption of the ciphertext, on the basis of the foregoing embodiments, in an embodiment of the present invention, the decrypting the ciphertext according to the stored sub-private key to obtain the second value includes:
and determining a first inner product of a target component in the vector corresponding to the ciphertext and the vector corresponding to the saved sub private key, and determining the first inner product as the second numerical value.
In order to determine the second value, in an embodiment of the present invention, the second value is a first inner product corresponding to the sub-private key and a target component in a vector corresponding to the ciphertext, where a length of the target component in the vector corresponding to the ciphertext is the same as a length of a vector corresponding to the sub-private key, for example, if the length of the target component in the vector corresponding to the ciphertext is 3, the length of the vector corresponding to the sub-private key is also 3. The vector corresponding to the ciphertext obtained by encrypting a plaintext based on a public key is (u, v), where u and v are two components of the vector corresponding to the ciphertext, respectively, and u is a target component in the vector corresponding to the ciphertext, and since the target component is also a vector including K elements, that is, the target component is also a K × 1 matrix, for convenience of description, the target component of the vector corresponding to the ciphertext may also be referred to as a target vector, each component in the target vector is a polynomial on a polynomial ring, v is a 1 × 1 matrix, and an element in the 1 × 1 matrix is also a polynomial on the polynomial ring.
For convenience of description, u is referred to as a first component of a ciphertext corresponding vector, and v is referred to as a second component of the ciphertext corresponding vector, where the first vector is the target vector. Specifically, in the process of determining the ciphertext by the encryptor, since the plaintext is a bit string with a length of 256, in order to encrypt the plaintext based on the public key, the bit string corresponding to the plaintext is first converted into a polynomial, and specifically, in the process of converting the bit string corresponding to the plaintext into the polynomial, a numerical value corresponding to each bit in the bit string may be determined as a coefficient of the polynomial. For example, if the bit string corresponding to the plaintext is 1010, the polynomial converted based on the plaintext is 1+ Y2. Wherein, Y is a variable in a polynomial corresponding to the plaintext.
Then, a random bit string is generated, for convenience of description, the randomly generated bit string is referred to as a third random bit string, and the length of the third random bit string is 256, which can be expressed as: (τ) ← {0,1 })256The equation characterizes the bit string of 256 length consisting of 0 or 1 for τ. To encrypt a plaintext and generate a ciphertext, in an embodiment of the present invention, the third random bit string is input into a Sam function, which is used to generate a corresponding matrix after the random bit string is input. After inputting the third random bit string into the Sam function, three matrices are obtained, r, e respectively1And e2For convenience of description, willr is called a third matrix, let e1Referred to as a fourth matrix, let e2Referred to as the fifth matrix, may be expressed, in particular, as:
Figure BDA0003252833790000131
the expression represents that the third random bit string tau is input into the Sam function to obtain r and e1And e2Three matrices, r is a K x 1 matrix, each element in r is a polynomial, e1Is a K × 1 matrix, and the e1Each element in the set is also corresponding to a polynomial, e2Is a 1 × 1 matrix, and the e2The middle element also corresponds to a polynomial, η is a number much smaller than q, and r, e1,e2The coefficients preceding the respective argument in each polynomial included in (a) are less than η.
Based on u ═ ATr+e1Determining a first component of a vector corresponding to the ciphertext, wherein u is the first component of the vector corresponding to the ciphertext, wherein A is a matrix obtained by inputting a first random bit string into a Sam function, and A isTThe matrix is a transposed matrix of the matrix A, the r is a third matrix obtained by inputting a third random bit string into the Sam function, the third matrix is a K x 1 matrix, and the e1To input the third random bit string to the fourth matrix obtained by the Sam function, the fourth matrix is a K × 1 matrix, and therefore, the first component of the vector corresponding to the ciphertext is the K × 1 matrix, that is, the target component of the vector corresponding to the ciphertext is the K × 1 matrix.
Based on
Figure BDA0003252833790000141
Determining a second component of the vector corresponding to the ciphertext, wherein v is the second component of the vector corresponding to the ciphertext, wherein t is the first component in the two-dimensional vector corresponding to the public key, the first component is a K multiplied by 1 matrix, and t isTA transposed matrix of a component in the vector corresponding to the public key, the transposed matrix being a 1 XK matrix, e2To input a third random bit string into the Sam function to obtain the second random bit stringA fourth matrix, the fourth matrix being a 1 x 1 matrix,
Figure BDA0003252833790000142
is a pair of
Figure BDA0003252833790000143
Rounding up nearby, where m is the polynomial corresponding to the plaintext, and the second component of the vector corresponding to the ciphertext is a 1 × 1 matrix.
After obtaining a first component u of a vector corresponding to the ciphertext and a second component v of the vector corresponding to the ciphertext, determining the ciphertext obtained by encrypting the plaintext based on the public key, wherein the ciphertext is (u, v).
For example, if the target component of the vector corresponding to the ciphertext is (a, b, c), and the vector corresponding to the saved child private key is (d, e, f), the first inner product, that is, the second value is a + d + b + e + c + f.
Example 6:
fig. 3 is a schematic process diagram of a decryption method according to an embodiment of the present invention, where the process includes the following steps:
s301: a ciphertext is received.
The decryption method provided by the embodiment of the invention is applied to the first equipment, and the first equipment can be intelligent terminals, PCs or servers and other equipment.
In the embodiment of the invention, the first device receives the ciphertext, wherein the ciphertext is obtained by encrypting the plaintext based on the published key by the encryptor.
S302: and decrypting the ciphertext according to the received target sub private key to obtain a first numerical value and sending the first numerical value.
In order to determine the first value, in the embodiment of the present invention, the first device decrypts the ciphertext according to the received target sub-private key to obtain the first value, and sends the first value, where the target sub-private key received by the first device is the target sub-private key sent by the electronic device.
Example 7:
in order to determine the first value and further implement decryption of the ciphertext, on the basis of the foregoing embodiment, in an embodiment of the present invention, the decrypting the ciphertext according to the target sub-private key to obtain the first value includes:
and determining a second inner product of the target component of the vector corresponding to the ciphertext and the vector corresponding to the target sub private key, and determining the second inner product as a first numerical value.
In order to determine the first value, in this embodiment of the present invention, the first value is a second inner product of a target component of a vector corresponding to the ciphertext and a vector corresponding to the received target sub-private key. The length of the target component of the vector corresponding to the ciphertext is the same as the length of the vector corresponding to the target sub-private key, for example, if the length of the target component of the vector corresponding to the ciphertext is 4, the length of the vector corresponding to the target sub-private key is also 4. The ciphertext obtained by encrypting a plaintext based on a public key is (u, v), where u is a target component of a vector corresponding to the ciphertext, the target component of the vector corresponding to the ciphertext may also be referred to as a target vector, and each component of the target vector is an element on a polynomial ring.
For example, if the target component of the vector corresponding to the ciphertext is (a, b, c), and the vector corresponding to the saved child private key is (d, e, f), the second inner product, that is, the first value is a + d + b + e + c.
Example 8:
fig. 4 is a schematic structural diagram of an apparatus for distributing a private key according to an embodiment of the present invention, where the apparatus includes:
a generating module 401, configured to generate a corresponding public and private key pair according to a lattice encryption algorithm, where the public and private key pair includes a private key;
a splitting module 402, configured to split the private key into at least two sub-private keys, where a numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and a value of a component in a position corresponding to a vector corresponding to the private key are obtained;
a sending module 403, configured to send at least one target sub-private key of the at least two sub-private keys to a first device, where one first device receives one target sub-private key.
In a possible embodiment, the apparatus further comprises:
a publishing module 404 configured to publish a public key included in the public-private key pair.
In a possible implementation manner, the generating module 401 is specifically configured to determine each of the at least two sub-private keys as a target sub-private key, and send the at least two target sub-private keys to the corresponding at least two first devices respectively.
In a possible implementation manner, the generating module 401 is specifically configured to store one of the at least two sub-private keys, determine, as a target sub-private key, another sub-private key of the at least two sub-private keys except the stored sub-private key, and send at least one target sub-private key to the corresponding at least one first device respectively.
Example 9:
fig. 5 is a schematic structural diagram of a decryption apparatus based on a private key distribution apparatus according to an embodiment of the present invention, where the apparatus includes:
a first receiving module 501, configured to receive a decrypted first numerical value sent by each first device, where the first numerical value is obtained by the first device by decrypting a ciphertext according to a received target sub-private key;
a determining module 502, configured to determine a plaintext corresponding to the ciphertext according to the first value sent by each first device and a preset function.
In a possible implementation manner, the determining module 502 is specifically configured to determine, if each of the at least two sub-private keys is determined as a target sub-private key, a first sum of the first numerical values of all the first devices, and determine a plaintext corresponding to the ciphertext according to the first sum and a preset function.
In a possible implementation manner, the first receiving module 501 is further configured to receive the ciphertext; the determining module 502 is specifically configured to determine a second sum of the first numerical values of all the first devices; decrypting the ciphertext according to the stored sub private key to obtain a second numerical value; and determining a third sum of the second sum and the second numerical value, and determining a plaintext corresponding to the ciphertext according to the third sum and a preset function.
In a possible implementation manner, the determining module 502 is specifically configured to determine a first inner product of a target component of a vector corresponding to the ciphertext and a vector corresponding to the saved child private key, and determine the first inner product as the second numerical value.
Example 10:
fig. 6 is a schematic structural diagram of a decryption apparatus according to an embodiment of the present invention, where the decryption apparatus includes:
a second receiving module 601, configured to receive a ciphertext;
the processing module 602 is configured to decrypt the ciphertext according to the received target sub-private key to obtain a first numerical value, and send the first numerical value.
In a possible implementation manner, the processing module 602 is specifically configured to determine a second inner product of a target component of a vector corresponding to the ciphertext and a vector corresponding to the target sub-private key, and determine the second inner product as the first numerical value.
Example 11:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides an electronic device, as shown in fig. 7, including: the system comprises a processor 701, a communication interface 702, a memory 703 and a communication bus 704, wherein the processor 701, the communication interface 702 and the memory 703 are communicated with each other through the communication bus 704.
The memory 703 has stored therein a computer program which, when executed by the processor 701, causes the processor 701 to perform the steps of:
generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key;
splitting the private key into at least two sub-private keys, wherein the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are obtained;
and sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
Further, the processor 701 is further configured to publish a public key included in the public-private key pair.
Further, the processor 701 is further configured to determine each of the at least two sub-private keys as a target sub-private key, and send the at least two target sub-private keys to the corresponding at least two first devices respectively.
Further, the processor 701 is further configured to store one of the at least two sub-private keys, determine, as a target sub-private key, another sub-private key of the at least two sub-private keys except the stored sub-private key, and send the at least one target sub-private key to the corresponding at least one first device respectively.
Example 12:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides an electronic device, as shown in fig. 8, including: the system comprises a processor 801, a communication interface 802, a memory 803 and a communication bus 804, wherein the processor 801, the communication interface 802 and the memory 803 are communicated with each other through the communication bus 804.
The memory 803 has stored therein a computer program which, when executed by the processor 801, causes the processor 801 to perform the steps of:
receiving a decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to a received target sub-private key;
and determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
Further, the processor 801 is further configured to determine a first sum of the first numerical values of all the first devices if each of the at least two sub-private keys is determined as a target sub-private key, and determine a plaintext corresponding to the ciphertext according to the first sum and a preset function.
Further, the processor 801 is further configured to receive the ciphertext; determining a second sum of said first values for all first devices; decrypting the ciphertext according to the stored sub private key to obtain a second numerical value; and determining a third sum of the second sum and the second numerical value, and determining a plaintext corresponding to the ciphertext according to the third sum and a preset function.
Further, the processor 801 is further configured to determine a first inner product of a target component of a vector corresponding to the ciphertext and a vector corresponding to the saved child private key, and determine the first inner product as the second numerical value.
Example 13:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides an electronic device, as shown in fig. 9, including: a processor 901, a communication interface 902, a memory 903 and a communication bus 904, wherein the processor 901, the communication interface 902 and the memory 903 are communicated with each other through the communication bus 904.
The memory 903 has stored therein a computer program which, when executed by the processor 901, causes the processor 901 to perform the steps of:
receiving a ciphertext;
and decrypting the ciphertext according to the received target sub private key to obtain a first numerical value and sending the first numerical value.
Further, the processor 901 is further configured to determine a second inner product of the target component of the vector corresponding to the ciphertext and the vector corresponding to the target sub-private key, and determine the second inner product as the first numerical value.
Example 14:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a computer-readable storage medium, in which a computer program executable by an electronic device is stored, and when the program is run on the electronic device, the electronic device is caused to execute the following steps:
the memory having stored therein a computer program that, when executed by the processor, causes the processor to perform the steps of:
generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key;
splitting the private key into at least two sub-private keys, wherein the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are obtained;
and sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
Further, after generating the corresponding public-private key pair, the method further includes:
and publishing a public key contained in the public and private key pair.
Further, the sending at least one target one of the at least two sub-private keys to the first device comprises:
and determining each sub-private key of the at least two sub-private keys as a target sub-private key, and respectively sending the at least two target sub-private keys to the corresponding at least two first devices.
Further, the sending at least one target one of the at least two sub-private keys to the first device comprises:
and storing one of the at least two sub-private keys, determining other sub-private keys except the stored sub-private key in the at least two sub-private keys as target sub-private keys, and respectively sending the at least one target sub-private key to the corresponding at least one first device.
Example 15:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a computer-readable storage medium, in which a computer program executable by an electronic device is stored, and when the program is run on the electronic device, the electronic device is caused to execute the following steps:
the memory having stored therein a computer program that, when executed by the processor, causes the processor to perform the steps of:
receiving a decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to a received target sub-private key;
and determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
Further, the determining the plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function includes:
and if each sub-private key in the at least two sub-private keys is determined as a target sub-private key, determining a first sum of the first numerical values of all the first devices, and determining a plaintext corresponding to the ciphertext according to the first sum and a preset function.
Further, if the other sub-private keys except the stored sub-private key in the at least two sub-private keys are determined as the target private key, before determining the plaintext corresponding to the ciphertext according to the first numerical value and a preset function sent by each first device, the method further includes:
receiving the ciphertext;
determining, according to the first numerical value sent by each first device and a preset function, a plaintext corresponding to the ciphertext, includes:
determining a second sum of said first values for all first devices;
decrypting the ciphertext according to the stored sub private key to obtain a second numerical value;
and determining a third sum of the second sum and the second numerical value, and determining a plaintext corresponding to the ciphertext according to the third sum and a preset function.
Further, the decrypting the ciphertext according to the stored sub-private key to obtain the second numerical value includes:
and determining a first inner product of a target component of the vector corresponding to the ciphertext and the vector corresponding to the saved sub private key, and determining the first inner product as the second numerical value.
Example 16:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a computer-readable storage medium, in which a computer program executable by an electronic device is stored, and when the program is run on the electronic device, the electronic device is caused to execute the following steps:
the memory having stored therein a computer program that, when executed by the processor, causes the processor to perform the steps of:
receiving a ciphertext;
and decrypting the ciphertext according to the received target sub private key to obtain a first numerical value and sending the first numerical value.
Further, the decrypting the ciphertext according to the target sub-private key to obtain a first value includes:
and determining a second inner product of the target component of the vector corresponding to the ciphertext and the vector corresponding to the target sub private key, and determining the second inner product as a first numerical value.
In the embodiment of the invention, after the private key is generated, the private key is split into at least two sub private keys, and the target sub private key in the at least two sub private keys is sent to the first device, so that different sub private keys are stored in different devices, even if one device is invaded, the private key cannot be leaked, and the information security is ensured.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (22)

1. A method of private key distribution, the method comprising:
generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key;
splitting the private key into at least two sub-private keys, wherein the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are obtained;
and sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
2. The method of claim 1, wherein after generating the corresponding public-private key pair, the method further comprises:
and publishing a public key contained in the public and private key pair.
3. The method of claim 1, wherein sending at least one target one of the at least two sub-private keys to the first device comprises:
and determining each sub-private key of the at least two sub-private keys as a target sub-private key, and respectively sending the at least two target sub-private keys to the corresponding at least two first devices.
4. The method of claim 1, wherein sending at least one target one of the at least two sub-private keys to the first device comprises:
and storing one of the at least two sub-private keys, determining other sub-private keys except the stored sub-private key in the at least two sub-private keys as target sub-private keys, and respectively sending the at least one target sub-private key to the corresponding at least one first device.
5. A decryption method based on the private key distribution method of any one of claims 1 to 4, characterized in that the method comprises:
receiving a decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to a received target sub-private key;
and determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
6. The method according to claim 5, wherein the determining the plaintext corresponding to the ciphertext according to the first value sent by each first device and a preset function comprises:
and if each sub-private key in the at least two sub-private keys is determined as a target sub-private key, determining a first sum of the first numerical values of all the first devices, and determining a plaintext corresponding to the ciphertext according to the first sum and a preset function.
7. The method according to claim 5, wherein if the other sub-private keys except the stored sub-private key are determined as the target private key, before determining the plaintext corresponding to the ciphertext according to the first numerical value and a preset function sent by each first device, the method further comprises:
receiving the ciphertext;
determining, according to the first numerical value sent by each first device and a preset function, a plaintext corresponding to the ciphertext, includes:
determining a second sum of said first values for all first devices;
decrypting the ciphertext according to the stored sub private key to obtain a second numerical value;
and determining a third sum of the second sum and the second numerical value, and determining a plaintext corresponding to the ciphertext according to the third sum and a preset function.
8. The method of claim 7, wherein the decrypting the ciphertext according to the saved child private key to obtain the second value comprises:
and determining a first inner product of a target component in the vector corresponding to the ciphertext and the vector corresponding to the saved sub private key, and determining the first inner product as the second numerical value.
9. A decryption method, applied to a first device, the method comprising:
receiving a ciphertext;
and decrypting the ciphertext according to the received target sub private key to obtain a first numerical value and sending the first numerical value.
10. The method of claim 9, wherein decrypting the ciphertext according to the target child private key to obtain the first value comprises:
and determining a second inner product of a target component in the vector corresponding to the ciphertext and the vector corresponding to the target sub private key, and determining the second inner product as a first numerical value.
11. An apparatus for distributing a private key, the apparatus comprising:
the generating module is used for generating a corresponding public and private key pair according to a lattice encryption algorithm, wherein the public and private key pair comprises a private key;
the splitting module is used for splitting the private key into at least two sub-private keys, wherein the numerical value of a corresponding component in a vector corresponding to the at least two sub-private keys and the value of a component at a position corresponding to the vector corresponding to the private key are obtained;
and the sending module is used for sending at least one target sub private key in the at least two sub private keys to the first equipment, wherein one first equipment receives one target sub private key.
12. The apparatus of claim 11, further comprising:
and the publishing module is used for publishing the public key contained in the public-private key pair.
13. The apparatus of claim 11, wherein the generating module is specifically configured to determine each of the at least two sub-private keys as a target sub-private key, and send the at least two target sub-private keys to the corresponding at least two first devices respectively.
14. The apparatus according to claim 11, wherein the generating module is specifically configured to store one of the at least two sub-private keys, determine, as the target sub-private key, another sub-private key of the at least two sub-private keys other than the stored sub-private key, and send at least one of the target sub-private keys to the corresponding at least one first device respectively.
15. A decryption apparatus based on the private key distribution apparatus of any one of claims 11 to 14, characterized in that the apparatus comprises:
the first receiving module is used for receiving the decrypted first numerical value sent by each first device, wherein the first numerical value is obtained by the first device through decryption of a ciphertext according to the received target sub-private key;
and the determining module is used for determining a plaintext corresponding to the ciphertext according to the first numerical value sent by each first device and a preset function.
16. The apparatus according to claim 15, wherein the determining module is specifically configured to determine a first sum of the first numerical values of all the first devices if each of the at least two sub-private keys is determined as a target sub-private key, and determine a plaintext corresponding to the ciphertext according to the first sum and a preset function.
17. The apparatus of claim 15, wherein the first receiving module is further configured to receive the ciphertext;
the determining module is specifically configured to determine a second sum of the first numerical values of all the first devices; decrypting the ciphertext according to the stored sub private key to obtain a second numerical value; and determining a third sum of the second sum and the second numerical value, and determining a plaintext corresponding to the ciphertext according to the third sum and a preset function.
18. The apparatus according to claim 17, wherein the determining module is specifically configured to determine a first inner product of a target component in a vector corresponding to the ciphertext and a vector corresponding to the saved child private key, and determine the first inner product as the second numerical value.
19. A decryption apparatus, characterized in that the apparatus comprises:
the second receiving module is used for receiving the ciphertext;
and the processing module is used for decrypting the ciphertext according to the received target sub-private key to obtain a first numerical value and sending the first numerical value.
20. The apparatus of claim 19, wherein the processing module is specifically configured to determine a second inner product of a target component in the vector corresponding to the ciphertext and the vector corresponding to the target sub-private key, and determine the second inner product as the first numerical value.
21. An electronic device, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory has stored therein a computer program;
the program, when executed by the processor, causes the processor to perform the steps of the private key distribution method of any one of claims 1-4, the decryption method of any one of claims 5-8 based on the private key distribution method, and the decryption method of any one of claims 9-10.
22. A computer-readable storage medium storing a computer program executable by an electronic device;
when the program is run on the electronic device, the electronic device is caused to perform the steps of the private key distribution method of any one of claims 1-4, the decryption method of any one of claims 5-8 based on the private key distribution method, and the decryption method of any one of claims 9-10.
CN202111050686.1A 2021-09-08 2021-09-08 Private key distribution and decryption method, device, equipment and medium Pending CN113904808A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111050686.1A CN113904808A (en) 2021-09-08 2021-09-08 Private key distribution and decryption method, device, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111050686.1A CN113904808A (en) 2021-09-08 2021-09-08 Private key distribution and decryption method, device, equipment and medium

Publications (1)

Publication Number Publication Date
CN113904808A true CN113904808A (en) 2022-01-07

Family

ID=79188841

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111050686.1A Pending CN113904808A (en) 2021-09-08 2021-09-08 Private key distribution and decryption method, device, equipment and medium

Country Status (1)

Country Link
CN (1) CN113904808A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114091089A (en) * 2022-01-20 2022-02-25 北京信安世纪科技股份有限公司 Data processing method, device, system and computer readable storage medium
CN115426134A (en) * 2022-08-11 2022-12-02 北京海泰方圆科技股份有限公司 Data encryption transmission method and device
CN115801308A (en) * 2022-09-16 2023-03-14 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium
CN116170142A (en) * 2023-04-20 2023-05-26 北京信安世纪科技股份有限公司 Distributed collaborative decryption method, device and storage medium
WO2023159888A1 (en) * 2022-02-28 2023-08-31 中国银联股份有限公司 Data matching method and apparatus, device, and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000165372A (en) * 1998-11-27 2000-06-16 Murata Mach Ltd Encryption communication method, encryption method and encryption communication system
KR20170087663A (en) * 2016-01-21 2017-07-31 주식회사 한컴시큐어 Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof
CN109039611A (en) * 2018-08-31 2018-12-18 北京海泰方圆科技股份有限公司 Decruption key segmentation and decryption method, device, medium based on SM9 algorithm

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000165372A (en) * 1998-11-27 2000-06-16 Murata Mach Ltd Encryption communication method, encryption method and encryption communication system
KR20170087663A (en) * 2016-01-21 2017-07-31 주식회사 한컴시큐어 Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof
CN109039611A (en) * 2018-08-31 2018-12-18 北京海泰方圆科技股份有限公司 Decruption key segmentation and decryption method, device, medium based on SM9 algorithm

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114091089A (en) * 2022-01-20 2022-02-25 北京信安世纪科技股份有限公司 Data processing method, device, system and computer readable storage medium
WO2023159888A1 (en) * 2022-02-28 2023-08-31 中国银联股份有限公司 Data matching method and apparatus, device, and medium
CN115426134A (en) * 2022-08-11 2022-12-02 北京海泰方圆科技股份有限公司 Data encryption transmission method and device
CN115801308A (en) * 2022-09-16 2023-03-14 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium
CN115801308B (en) * 2022-09-16 2023-08-29 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium
CN116170142A (en) * 2023-04-20 2023-05-26 北京信安世纪科技股份有限公司 Distributed collaborative decryption method, device and storage medium
CN116170142B (en) * 2023-04-20 2023-07-18 北京信安世纪科技股份有限公司 Distributed collaborative decryption method, device and storage medium

Similar Documents

Publication Publication Date Title
EP3552338B1 (en) Method of rsa signature or decryption protected using a homomorphic encryption
CN113904808A (en) Private key distribution and decryption method, device, equipment and medium
US11394525B2 (en) Cryptography device having secure provision of random number sequences
US20170070340A1 (en) Homomorphically-created symmetric key
CN102099780B (en) Exponent obfuscation
JP6517436B2 (en) Encryption device and encoding device
CN114095170B (en) Data processing method, device, system and computer readable storage medium
CN108933650A (en) The method and device of data encrypting and deciphering
WO2013021360A1 (en) Encryption and decryption method
EP3709561A1 (en) Method for generating a digital signature of an input message
CN116170142B (en) Distributed collaborative decryption method, device and storage medium
CN113572604B (en) Method, device and system for sending secret key and electronic equipment
CN113645022A (en) Method and device for determining privacy set intersection, electronic equipment and storage medium
JP2022077754A (en) Encryption device, decryption device, cipher method, decryption method, encryption program, and decryption program
EP3419213B1 (en) Computer implemented method, computer system and computer readable computer program product
EP2068490A1 (en) Method to generate a private key in a Boneh-Franklin scheme
CN116455575B (en) Key generation, encryption and decryption methods, electronic equipment and storage medium
CN115065470B (en) Data transmission method and device
US20230138384A1 (en) Method for securely performing a public key algorithm
JP7383949B2 (en) Information processing equipment and programs
CN116226874A (en) Data processing method, decryption terminal, encryption terminal and storage medium
CN117499010A (en) Data processing method and device
TW201528754A (en) Encryption and decryption system and method using chaotic mapping with spatial-temporal perturbation
CN115865335A (en) Information encryption method and decryption method
Ostrowski et al. Conjecture of Two Finite Fields and its Applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination