CN114154200A - Privacy set merging method and system based on exchangeable weak pseudorandom function - Google Patents
Privacy set merging method and system based on exchangeable weak pseudorandom function Download PDFInfo
- Publication number
- CN114154200A CN114154200A CN202111501707.7A CN202111501707A CN114154200A CN 114154200 A CN114154200 A CN 114154200A CN 202111501707 A CN202111501707 A CN 202111501707A CN 114154200 A CN114154200 A CN 114154200A
- Authority
- CN
- China
- Prior art keywords
- secret key
- receiving end
- elements
- sending end
- exchangeable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000006870 function Effects 0.000 claims abstract description 70
- 239000013598 vector Substances 0.000 claims abstract description 26
- 230000005540 biological transmission Effects 0.000 claims abstract description 14
- 230000008569 process Effects 0.000 claims abstract description 12
- 238000012545 processing Methods 0.000 claims description 17
- 230000015654 memory Effects 0.000 claims description 13
- 238000004364 calculation method Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 8
- 241000544061 Cuculus canorus Species 0.000 description 5
- 238000004590 computer program Methods 0.000 description 5
- 238000013461 design Methods 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
- G06F7/582—Pseudo-random number generators
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a privacy set merging method and a system based on exchangeable weak pseudo-random functions.A receiving end randomly selects a second secret key in a secret key space, calculates a first set according to the second secret key and sends the first set to a sending end; a sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to a receiving end; the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and obtaining a vector according to whether a result is inquired; the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, and the receiving end inputs bits selected from the vector to obtain a union of the two parties.
Description
Technical Field
The invention relates to the technical field of passwords, in particular to a privacy set merging method and system based on exchangeable weak pseudorandom functions.
Background
The statements in this section merely provide background information related to the present disclosure and may not constitute prior art.
With the rapid development of information technology, the society has entered the era of "big data". Data has become a necessary production element and production data to promote the development of the whole society. The business of data collection, management, trading, analysis, etc. is growing into a huge new market. The first problem in developing digital economy is that data sharing is open, and the data sharing is low in openness among different systems and different organizations due to legal, regulatory and policy reasons and data privacy protection considerations, so that a data island problem, namely mutual isolation of mass data, is caused, and collision release potential is difficult to further fuse. Therefore, how to realize the calculation of the confidential data under the premise of privacy protection is a problem with great theoretical and practical significance.
Privacy calculations become a breakthrough in breaking the data islanding problem at present. In particular, Secure Multi-party computing (MPC) in privacy computing has significant advantages in both efficiency and security as a key cryptographic technique for balancing privacy protection and data sharing. The invention is a special case in secure multi-party computation, namely, a Private Set Union (PSU), namely, participants respectively have a group of Private data, the Union of the sets is computed together, and no other information is disclosed, especially including the information of whether each element belongs to an intersection. The privacy integration is widely applied in practice, and typical applications are as follows:
1. and jointly preventing network risks. The network management departments of the plurality of organizations have respective IP black lists and vulnerability lists, and by utilizing the PSU technology, the organizations can complete the union of the IP black lists and the vulnerability lists on the premise of not leaking private data of each other, thereby effectively improving the prevention of network risks.
2. The privacy database is fully connected. For example, in order to create a joint sales network, a plurality of automobile sales companies jointly merge respective owned customer lists by using the PSU technology on the premise of not leaking matching lists, so as to realize joint development.
According to the inventor, the two-party privacy set combination optimal protocol under the current semi-honest model is proposed by Kolesnikov et al in 2019 in Asian cryptography, and the core construction module of the protocol is Reverse Privacy Membership Test (RPMT), but the protocol does not reach linear complexity in both communication and calculation.
Disclosure of Invention
In order to solve the defects of the prior art, the invention provides a privacy set merging method and a system based on exchangeable weak pseudorandom functions;
in a first aspect, the invention provides a privacy set merging method based on exchangeable weak pseudo-random functions;
the privacy set merging method based on the exchangeable weak pseudo-random function comprises the following steps from a sending end:
randomly selecting a first secret key in a secret key space, calculating a second set according to the first secret key, inputting each element in the first set into a first pseudorandom function to obtain a third set, processing the elements in the third set to obtain a fourth set, and sending the fourth set and the second set to a receiving end;
the first set is obtained by randomly selecting a second secret key in a secret key space by a receiving end and calculating according to the second secret key;
according to the careless transmission protocol, the input message and the bit selected from the vector, obtaining a union set of the sending end and the receiving end;
inputting each element in the second set into a second pseudo-random function by the receiving end to obtain a fifth set; and sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not, thereby obtaining the result.
In a second aspect, the invention provides a privacy set merging method based on exchangeable weak pseudo-random functions;
the privacy set merging method based on the exchangeable weak pseudo-random function comprises the following steps from a receiving end:
randomly selecting a second secret key in the secret key space, calculating a first set according to the second secret key, and sending the first set to a sending end;
receiving a second set and a fourth set; the second set is obtained by randomly selecting a first key in a key space by the sending end and calculating according to the first key; the fourth set is obtained by inputting each element in the first set into a first pseudo-random function by the sending end, calculating a third set and then processing the elements of the third set;
inputting each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
and calling an inadvertent transmission protocol, and inputting bits selected from the vectors to obtain a union set of the sending end and the receiving end.
In a third aspect, the invention provides a privacy set merging method based on exchangeable weak pseudo-random functions;
the privacy set merging method based on the exchangeable weak pseudo-random function comprises the following steps:
the receiving end randomly selects a second secret key in the secret key space, calculates a first set according to the second secret key, and sends the first set to the sending end;
a sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to a receiving end;
the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, the receiving end inputs bits selected from the vector, and the receiving end obtains a union set of the sending end and the receiving end.
In a fourth aspect, the invention provides a privacy set merging system based on exchangeable weak pseudo-random functions;
the privacy set merging system based on the exchangeable weak pseudo-random function comprises the following steps: a sending end and a receiving end;
the receiving end randomly selects a second secret key in the secret key space, calculates a first set according to the second secret key and sends the first set to the sending end;
the sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to the receiving end;
the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, the receiving end inputs bits selected from the vector, and the receiving end obtains a union set of the sending end and the receiving end.
In a fifth aspect, the present invention further provides an electronic device, including:
a memory for non-transitory storage of computer readable instructions; and
a processor for executing the computer readable instructions,
wherein the computer readable instructions, when executed by the processor, perform the method of the first, second or third aspect.
In a sixth aspect, the present invention also provides a storage medium storing non-transitory computer readable instructions, wherein the non-transitory computer readable instructions, when executed by a computer, perform the instructions of the method of the first, second or third aspect.
In a seventh aspect, the present invention also provides a computer program product comprising a computer program for implementing the method of the first, second or third aspect when run on one or more processors.
Compared with the prior art, the invention has the beneficial effects that:
the invention provides a novel provable and safe two-party privacy set solution and general design based on exchangeable weak pseudo-random function (Commutable peak PRF) and Oblivious Transfer (OT), and provides a specific instantiation protocol. Our inventive design has the following outstanding advantages: (1) the communication and calculation complexity reaches the theoretical optimum and is linear progressive complexity; (2) the method is easy to implement, actual communication traffic is the lowest in known protocols, and the method is particularly suitable for environments with limited network bandwidth, such as the Internet of things.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
FIG. 1 is a process of interaction between two parties of the DH-PSU protocol according to the first embodiment;
FIG. 2 is the DH-PSU protocol optimized with Bloom filter according to the first embodiment.
Detailed Description
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, and it should be understood that the terms "comprises" and "comprising", and any variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In addition, in order to facilitate clear description of technical solutions of the embodiments of the present invention, in the embodiments of the present invention, terms such as "first" and "second" are used to distinguish the same items or similar items having substantially the same functions and actions. Those skilled in the art will appreciate that the words "first", "second", etc. do not necessarily define a quantity or order of execution and that the words "first", "second", etc. do not necessarily differ.
The embodiments and features of the embodiments of the present invention may be combined with each other without conflict.
All data are obtained according to the embodiment and are legally applied on the data on the basis of compliance with laws and regulations and user consent.
Example one
The embodiment provides a privacy set merging method based on exchangeable weak pseudo-random functions;
the privacy set merging method based on the exchangeable weak pseudo-random function comprises the following steps from a sending end:
s101: randomly selecting a first secret key in a secret key space, calculating a second set according to the first secret key, inputting each element in the first set into a first pseudorandom function to obtain a third set, processing the elements in the third set to obtain a fourth set, and sending the fourth set and the second set to a receiving end;
the first set is obtained by randomly selecting a second secret key in a secret key space by a receiving end and calculating according to the second secret key;
s102: according to the careless transmission protocol, the input message and the bit selected from the vector, obtaining a union set of the sending end and the receiving end;
inputting each element in the second set into a second pseudo-random function by the receiving end to obtain a fifth set; and sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not, thereby obtaining the result.
Further, the second set is calculated according to the first secret key, specifically, a hash function is used for processing an input value of the sending end to obtain a first hash value, and a first pseudorandom function is used for processing the first hash value and the first secret key to obtain elements in the second set.
Further, the elements in the third set are processed to obtain a fourth set, and the elements in the third set are processed to obtain the fourth set in a random element replacement manner, or the elements in the third set are inserted into the filter one by one to obtain the fourth set.
Further, the filter is a Bloom filter, a Cuckoo filter or a vacuum filter.
Example two
The embodiment provides a privacy set merging method based on exchangeable weak pseudo-random functions;
the privacy set merging method based on the exchangeable weak pseudo-random function comprises the following steps from a receiving end:
s201: randomly selecting a second secret key in the secret key space, calculating a first set according to the second secret key, and sending the first set to a sending end;
s202: receiving a second set and a fourth set;
the second set is obtained by randomly selecting a first key in a key space by the sending end and calculating according to the first key;
the fourth set is obtained by inputting each element in the first set into a first pseudo-random function by the sending end, calculating a third set and then processing the elements of the third set;
s203: inputting each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
s204: and calling an inadvertent transmission protocol, and inputting bits selected from the vectors to obtain a union set of the sending end and the receiving end.
Further, the calculating the first set according to the second secret key specifically includes:
processing the input value of the receiving end by adopting a hash function to obtain a second hash value;
and processing the second hash value and the second secret key by adopting a second pseudorandom function to obtain elements in the first set.
Further, the processing of the elements in the third set is specifically to process the elements in the third set in a random element replacement manner to obtain a fourth set, or to insert the elements in the third set into the filter one by one to obtain the fourth set.
Further, the filter is a Bloom filter, a Cuckoo filter or a vacuum filter.
EXAMPLE III
The embodiment provides a privacy set merging method based on exchangeable weak pseudo-random functions;
the privacy set merging method based on the exchangeable weak pseudo-random function comprises the following steps:
s301: the receiving end randomly selects a second secret key in the secret key space, calculates a first set according to the second secret key, and sends the first set to the sending end;
s302: a sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to a receiving end;
s303: the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
s304: the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, the receiving end inputs bits selected from the vector, and the receiving end obtains a union set of the sending end and the receiving end.
Further, the elements in the third set are processed to obtain a fourth set, and the elements in the third set are processed to obtain the fourth set in a random element replacement manner, or the elements in the third set are inserted into the filter one by one to obtain the fourth set.
Further, the filter is a Bloom filter, a Cuckoo filter or a vacuum filter.
Illustratively, let the key space be {0,1}mThe general design and construction of the two-party privacy set based on exchangeable weak pseudo-random functions and inadvertent transmission is as follows:
parameters are as follows:
let hash function H: {0,1}*→{0,1}lFor a cryptographic hash function (which will be the random oracle machine in security attestation), F: {0,1}m×{0,1}l→{0,1}lIs a weak pseudo-random function.
Inputting:
sender input set X ═ { X ═ X1,……,xn}。
Receiver input set Y ═ Y1,……,yn}。
And (3) outputting:
the receiver output X @ Y.
Protocol:
(11) the receiver randomly selects a key k in the key space2Calculating
The set Y' is sent to the sender.
(12) The sender randomly selects a secret key k in the secret key space1Calculating
And inputting each element in Y
Namely calculation
Randomly permuting the elements in the set Y 'to obtain Γ (Y'), and then sending the set Γ (Y ') and X' together to the recipient.
(13) The recipient also enters each element in X
Namely calculation
For the element X 'in X' in turniLooking up in the set Γ (Y'), if present, setting eiOtherwise, set e to 1i0, so that the receiver can obtain an n-ary 0/1 vector
(14) Both parties call one-sided OT protocol and the sender inputs a message { (x)i,⊥)}i∈[n]The receiver inputs the selection bit ei}i∈[n]The receiver gets the set X-X.andgate Y.
(15) The receiver outputs the set X utoy.
The following inventors have assumed to instantiate the above general design based on DDH (hereinafter this instantiation protocol is referred to as DH-PSU protocol, as shown in fig. 1).
Parameters are as follows:
common inputs: group of order p
The key space is
Let hash function
Is a cryptographic hash function.
Taking the weak pseudo-random function Fk(x)=xkWherein
Inputting:
sender input set X ═ { X ═ X1,……,xn}。
Receiver input set Y ═ Y1,……,yn}。
And (3) outputting:
the receiver output X @ Y.
Protocol:
(21) the receiver randomly selects a key b in the key space, and calculates Y' ═ H (Y)1)b,……,H(yn)bAnd sending the set Y' to the sender.
(22) The sender randomly selects a secret key a in the secret key space, and calculates X' ═ { H (X)1)a,……,H(xn)aAnd each element in Y' is input into Fa(. to) calculate Y { (Y'1)a,……,(y′n)a|y′iE.g. Y ', randomly permute the elements in the set Y ", resulting in Γ (Y"), and then send the set Γ (Y ") and X' together to the recipient.
(23) The recipient also enters each element in X' into Fb(. to) calculate X { (X'1)b,……,(x′n)b|x′iBelongs to X '}, and sequentially aiming at the element X' in XiLooking up in the set Γ (Y'), if present, setting eiOtherwise, set e to 1i0, so that the receiver can obtain an n-ary 0/1 vector
(24) Both parties call one-sided OT protocol and the sender inputs a message { (x)i,⊥)}i∈[n]The receiver inputs the selection bit ei}i∈[n]The receiver gets the set X-X.andgate Y.
(25) The receiver outputs the set X utoy.
The above protocol is based on deterministic Diffie-Hellman difficulty assumptions and can prove secure under a semi-honest model. The communication and computational complexity of the protocol is linearly related to the set size of the participants.
The inventor researches and discovers that if the random replacement operation is replaced by a high-level data structure (such as a Bloom filter, a Cuckoo filter, a vacuum filter and the like) in the second step of the protocol, the communication and calculation overhead of the protocol can be further reduced. The following takes the Bloom filter as an example, and shows the optimized protocol (as shown in fig. 2):
protocol:
(31) the receiver randomly selects a key b in the key space, and calculates Y' ═ H (Y)1)b,……,H(yn)bAnd sending the set Y' to the sender.
(32) The sender randomly selects a secret key a in the secret key space, and calculates X' ═ { H (X)1)a,……,H(xn)aAnd each element in Y' is input into Fa(. to) calculate Y { (Y'1)b,……,(y′n)b|y′iE.g. Y ', insert the elements in the set Y "one by one into the Bloom filter, resulting in filter D, which is then sent to the receiver together with the set X'.
(33) The recipient also enters each element in X' into Fb(. to) calculate X { (X'1)b,……,(x′n)b|x′iBelongs to X '}, and sequentially aiming at the element X' in XiLooking up in filter D, if present, setting eiOtherwise, set e to 1i0, whereby the recipient canTo obtain an n-ary 0/1 vector
(34) Both parties call one-sided OT protocol and the sender inputs a message { (x)i,⊥)}i∈[n]The receiver inputs the selection bit ei}i∈[n]The receiver gets the set X-X.andgate Y.
(35) The receiver outputs the set X utoy.
The inventor programs the DH-PSU protocol optimized by the Bloom filter, and tests the actual running time and communication size of the scheme under different set sizes. The programming language is C + +, the development and test environment is 2.6GHz Intel CPU and 16GB memory MacBook Pro, and the network environment is Gigabit LAN. To ensure security, each element in the set is 128 bits long. Specific data are shown in the following table.
1. TABLE 1 calculation and communication complexity of optimized DH-PSU
| Collective size (one) | Time(s) | Communication volume (MB) |
| 212 | 0.45 | 0.47 |
| 216 | 5.3 | 7.4 |
| 220 | 86.9 | 117.6 |
Example four
The embodiment provides a privacy set merging system based on exchangeable weak pseudo-random functions;
the privacy set merging system based on the exchangeable weak pseudo-random function comprises the following steps: a sending end and a receiving end;
the receiving end randomly selects a second secret key in the secret key space, calculates a first set according to the second secret key and sends the first set to the sending end;
the sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to the receiving end;
the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, the receiving end inputs bits selected from the vector, and the receiving end obtains a union set of the sending end and the receiving end.
Further, the elements in the third set are processed to obtain a fourth set, and the elements in the third set are processed to obtain the fourth set in a random element replacement manner, or the elements in the third set are inserted into the filter one by one to obtain the fourth set.
Further, the filter is a Bloom filter, a Cuckoo filter or a vacuum filter.
EXAMPLE five
The present embodiment also provides an electronic device, including: one or more processors, one or more memories, and one or more computer programs; wherein, a processor is connected with the memory, the one or more computer programs are stored in the memory, and when the electronic device runs, the processor executes the one or more computer programs stored in the memory, so as to make the electronic device execute the method of the first, second or third embodiment.
It should be understood that in this embodiment, the processor may be a central processing unit CPU, and the processor may also be other general purpose processors, digital signal processors DSP, application specific integrated circuits ASIC, off-the-shelf programmable gate arrays FPGA or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and so on. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include both read-only memory and random access memory, and may provide instructions and data to the processor, and a portion of the memory may also include non-volatile random access memory. For example, the memory may also store device type information.
In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software.
The method in the first, second or third embodiment may be directly implemented by a hardware processor, or may be implemented by a combination of hardware and software modules in the processor. The software modules may be located in ram, flash, rom, prom, or eprom, registers, among other storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor. To avoid repetition, it is not described in detail here.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
EXAMPLE six
The present embodiment also provides a computer-readable storage medium for storing computer instructions, which when executed by a processor, perform the method of the first, second or third embodiment.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. The privacy set merging method based on the exchangeable weak pseudo-random function is characterized by comprising the following steps of:
randomly selecting a first secret key in a secret key space, calculating a second set according to the first secret key, inputting each element in the first set into a first pseudorandom function to obtain a third set, processing the elements in the third set to obtain a fourth set, and sending the fourth set and the second set to a receiving end;
the first set is obtained by randomly selecting a second secret key in a secret key space by a receiving end and calculating according to the second secret key;
according to the careless transmission protocol, the input message and the bit selected from the vector, obtaining a union set of the sending end and the receiving end;
inputting each element in the second set into a second pseudo-random function by the receiving end to obtain a fifth set; and sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not, thereby obtaining the result.
2. The exchangeable weak pseudorandom function-based privacy set merging method as claimed in claim 1, wherein the second set is calculated according to the first secret key, specifically, a hash function is applied to a value input from a transmitting end to obtain a first hash value, and the first hash value and the first secret key are processed by the first pseudorandom function to obtain elements in the second set.
3. The exchangeable weak pseudorandom function-based privacy set merging method as claimed in claim 1, wherein the processing of the elements in the third set to obtain a fourth set, the processing of the elements in the third set to obtain the fourth set by using an element random permutation method, or the inserting of the elements in the third set into the filter one by one to obtain the fourth set.
4. The privacy set merging method based on the exchangeable weak pseudorandom function is characterized by comprising the following steps of:
randomly selecting a second secret key in the secret key space, calculating a first set according to the second secret key, and sending the first set to a sending end;
receiving a second set and a fourth set; the second set is obtained by randomly selecting a first key in a key space by the sending end and calculating according to the first key; the fourth set is obtained by inputting each element in the first set into a first pseudo-random function by the sending end, calculating a third set and then processing the elements of the third set;
inputting each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
and calling an inadvertent transmission protocol, and inputting bits selected from the vectors to obtain a union set of the sending end and the receiving end.
5. The exchangeable weak pseudorandom function based privacy set merging method as claimed in claim 4, wherein said first set is calculated from said second secret key, specifically:
processing the input value of the receiving end by adopting a hash function to obtain a second hash value;
and processing the second hash value and the second secret key by adopting a second pseudorandom function to obtain elements in the first set.
6. The exchangeable weak pseudorandom function-based privacy set merging method as claimed in claim 4, wherein the processing of the elements of the third set is specifically to process the elements in the third set in an element random permutation manner to obtain a fourth set, or to insert the elements in the third set into the filter one by one to obtain the fourth set.
7. The privacy set merging method based on the exchangeable weak pseudorandom function is characterized by comprising the following steps:
the receiving end randomly selects a second secret key in the secret key space, calculates a first set according to the second secret key, and sends the first set to the sending end;
a sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to a receiving end;
the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, the receiving end inputs bits selected from the vector, and the receiving end obtains a union set of the sending end and the receiving end.
8. The privacy set merging system based on the exchangeable weak pseudo-random function is characterized by comprising the following steps: a sending end and a receiving end;
the receiving end randomly selects a second secret key in the secret key space, calculates a first set according to the second secret key and sends the first set to the sending end;
the sending end randomly selects a first secret key in a secret key space, calculates a second set according to the first secret key, inputs each element in the first set into a first pseudorandom function to obtain a third set, processes the elements in the third set to obtain a fourth set, and sends the fourth set and the second set to the receiving end;
the receiving end inputs each element in the second set into a second pseudo-random function to obtain a fifth set; sequentially inquiring the elements in the fifth set in the fourth set, and setting element values according to whether a result is inquired or not so as to obtain a vector;
the sending end and the receiving end both call an inadvertent transmission protocol, the sending end inputs a message, the receiving end inputs bits selected from the vector, and the receiving end obtains a union set of the sending end and the receiving end.
9. An electronic device, comprising:
a memory for non-transitory storage of computer readable instructions; and
a processor for executing the computer readable instructions,
wherein the computer readable instructions, when executed by the processor, perform the method of any of claims 1-7.
10. A storage medium storing non-transitory computer-readable instructions, wherein the non-transitory computer-readable instructions, when executed by a computer, perform the instructions of the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111501707.7A CN114154200B (en) | 2021-12-09 | 2021-12-09 | Privacy set merging method and system based on exchangeable weak pseudo-random function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111501707.7A CN114154200B (en) | 2021-12-09 | 2021-12-09 | Privacy set merging method and system based on exchangeable weak pseudo-random function |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114154200A true CN114154200A (en) | 2022-03-08 |
| CN114154200B CN114154200B (en) | 2024-05-24 |
Family
ID=80454307
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111501707.7A Active CN114154200B (en) | 2021-12-09 | 2021-12-09 | Privacy set merging method and system based on exchangeable weak pseudo-random function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114154200B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115529118A (en) * | 2022-08-25 | 2022-12-27 | 山东大学 | Privacy set operation method and system based on fully homomorphic encryption |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060179319A1 (en) * | 2005-02-10 | 2006-08-10 | International Business Machines Corporation | Method and structure for challenge-response signatures and high-performance secure diffie-hellman protocols |
| US20090041239A1 (en) * | 2005-05-27 | 2009-02-12 | Nec Corporation | Pseudo-random function calculating device and method and number-limited anonymous authentication system and method |
| CN107196926A (en) * | 2017-04-29 | 2017-09-22 | 河南师范大学 | A kind of cloud outsourcing privacy set comparative approach and device |
| CN112910631A (en) * | 2021-02-08 | 2021-06-04 | 上海海洋大学 | Efficient privacy set intersection calculation method and system based on assistance of cloud server |
| CN113271209A (en) * | 2021-04-21 | 2021-08-17 | 山东大学 | Trustable public key encryption system and method based on non-interactive zero-knowledge proof |
-
2021
- 2021-12-09 CN CN202111501707.7A patent/CN114154200B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060179319A1 (en) * | 2005-02-10 | 2006-08-10 | International Business Machines Corporation | Method and structure for challenge-response signatures and high-performance secure diffie-hellman protocols |
| US20090041239A1 (en) * | 2005-05-27 | 2009-02-12 | Nec Corporation | Pseudo-random function calculating device and method and number-limited anonymous authentication system and method |
| CN107196926A (en) * | 2017-04-29 | 2017-09-22 | 河南师范大学 | A kind of cloud outsourcing privacy set comparative approach and device |
| CN112910631A (en) * | 2021-02-08 | 2021-06-04 | 上海海洋大学 | Efficient privacy set intersection calculation method and system based on assistance of cloud server |
| CN113271209A (en) * | 2021-04-21 | 2021-08-17 | 山东大学 | Trustable public key encryption system and method based on non-interactive zero-knowledge proof |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115529118A (en) * | 2022-08-25 | 2022-12-27 | 山东大学 | Privacy set operation method and system based on fully homomorphic encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114154200B (en) | 2024-05-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Brickell et al. | Privacy-preserving graph algorithms in the semi-honest model | |
| US7860245B2 (en) | Methods and systems for multi-party sorting of private values | |
| CN110719159A (en) | Multi-party privacy set intersection method for resisting malicious enemies | |
| RU2534944C2 (en) | Method for secure communication in network, communication device, network and computer programme therefor | |
| WO2021239008A1 (en) | Privacy protection-based encryption method and system | |
| Jayapandian et al. | Secure and efficient online data storage and sharing over cloud environment using probabilistic with homomorphic encryption | |
| CN110971390A (en) | Fully homomorphic encryption method for intelligent contract privacy protection | |
| CN110166423B (en) | User credit determination method, device and system and data processing method | |
| CN116506124B (en) | Multiparty privacy exchange system and method | |
| CN113541946B (en) | Multi-party security calculation method and device and electronic equipment | |
| Hong et al. | Privacy-preserving linear programming | |
| CN115051791A (en) | Efficient three-party privacy set transaction method and system based on key agreement | |
| Gai et al. | An optimal fully homomorphic encryption scheme | |
| Ankele et al. | Applying the trustworthy remote entity to privacy-preserving multiparty computation: Requirements and criteria for large-scale applications | |
| CN114154200A (en) | Privacy set merging method and system based on exchangeable weak pseudorandom function | |
| Zeng et al. | Cryptanalyzing an image encryption algorithm based on scrambling and Veginère cipher | |
| WO2023207735A1 (en) | Method and system for realizing secure multi-party computation by using hardware chips | |
| CN116681141A (en) | Federal learning method, terminal and storage medium for privacy protection | |
| CN115361196A (en) | Service interaction method based on block chain network | |
| Taha et al. | Generation S-box and P-layer For PRESENT Algorithm Based On 6D Hyper Chaotic System | |
| CN113645022A (en) | Method and device for determining privacy set intersection, electronic equipment and storage medium | |
| Sato et al. | Generic construction of sequential aggregate MACs from any MACs | |
| Xu et al. | Information security protocol based system identification with binary-valued observations | |
| Do et al. | Privacy-preserving triangle counting in distributed graphs | |
| Jung et al. | A framework for optimization in big data: Privacy-preserving multi-agent greedy algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |