CN114172631A - Sorting method and system based on secret sharing - Google Patents
Sorting method and system based on secret sharing Download PDFInfo
- Publication number
- CN114172631A CN114172631A CN202210131397.2A CN202210131397A CN114172631A CN 114172631 A CN114172631 A CN 114172631A CN 202210131397 A CN202210131397 A CN 202210131397A CN 114172631 A CN114172631 A CN 114172631A
- Authority
- CN
- China
- Prior art keywords
- sequence
- fragment
- encrypted
- target sequence
- sorting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Abstract
The embodiment of the specification discloses a secret sharing-based sorting method and system. Wherein, the method comprises the following steps: obtaining an encrypted second fragment from a second party; homomorphically encrypting the first fragment of the sequence to be ordered by using a first public key to obtain an encrypted first fragment; acquiring an encrypted sequence to be ordered based on the encrypted first fragment and the encrypted second fragment; sequencing the encrypted sequence to be sequenced by using the sequencing sequence to obtain an encrypted target sequence; wherein the target sequence is equal to a result of ordering the sequence to be ordered based on the ordering sequence; acquiring a random sequence as a first fragment of a target sequence; acquiring a second fragment of the encrypted target sequence based on the encrypted target sequence and the first fragment of the target sequence; and sending the second fragment of the encrypted target sequence to the second party so that the second party can decrypt the second fragment of the encrypted target sequence based on the first private key to obtain the second fragment of the target sequence.
Description
Technical Field
The present disclosure relates to the field of information security technologies, and in particular, to a method and a system for sorting based on secret sharing.
Background
Data plays an increasingly important role in the world today, and in many application scenarios, data has become a resource to be protected. In an actual business scenario, some troublesome problems are often encountered due to the need to protect data privacy security and data isolation. For example, multiple collaborators participating in a business want to complete modeling, statistical analysis and other tasks together, but cannot perform direct fusion modeling or statistical analysis on data due to data privacy, data isolation and other reasons. Tools in cryptography to address multi-party security computing can be used to accomplish such tasks.
Therefore, the present specification provides a sorting method and system based on secret sharing, which can be implemented as the bottom layer of some multiparty secure computing.
Disclosure of Invention
One aspect of embodiments of the present specification provides a sorting method based on secret sharing. The first participant holds a first fragment and a sequencing sequence of a sequence to be sequenced, and the second participant holds a second fragment of the sequence to be sequenced; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the method is performed by a first party, comprising: obtaining an encrypted second fragment from a second party; the second fragment to be sequenced is obtained by a second participant through homomorphic encryption by using a first public key to encrypt the second fragment, and the second participant holds a first private key corresponding to the first public key; using the first public key to perform homomorphic encryption on the first fragment of the sequence to be sequenced to obtain an encrypted first fragment; acquiring an encrypted sequence to be sequenced based on the encrypted first fragment and the encrypted second fragment; sequencing the encrypted sequence to be sequenced by using the sequencing sequence to obtain an encrypted target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence; acquiring a random sequence as a first fragment of a target sequence; acquiring a second fragment of the encrypted target sequence based on the encrypted target sequence and the first fragment of the target sequence; and sending the second fragment of the encrypted target sequence to a second party so that the second party decrypts the second fragment of the encrypted target sequence based on the first private key to obtain the second fragment of the target sequence.
Another aspect of embodiments of the present specification provides a secret sharing based ranking system. The system is arranged on a first participant, wherein the first participant holds a first fragment and a sequencing sequence of a sequence to be sequenced, and a second participant holds a second fragment of the sequence to be sequenced; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the system comprises: the first encrypted fragment obtaining module is used for obtaining an encrypted second fragment from a second party; the second fragment to be sequenced is obtained by a second participant through homomorphic encryption by using a first public key to encrypt the second fragment, and the second participant holds a first private key corresponding to the first public key; the second encrypted fragment obtaining module is used for homomorphic encryption of the first fragment of the sequence to be sequenced by using the first public key to obtain an encrypted first fragment; the encrypted sequence to be sequenced acquiring module is used for acquiring an encrypted sequence to be sequenced based on the encrypted first fragment and the encrypted second fragment; the encrypted target sequence acquisition module is used for sequencing the encrypted sequence to be sequenced by using the sequencing sequence to obtain an encrypted target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence; the random sequence acquisition module is used for acquiring a random sequence as a first fragment of a target sequence; the encrypted target sequence fragment acquisition module is used for acquiring a second fragment of the encrypted target sequence based on the encrypted target sequence and the first fragment of the target sequence; and the first sending module is used for sending the second fragment of the encrypted target sequence to a second party so that the second party can decrypt the second fragment of the encrypted target sequence based on the first private key to obtain the second fragment of the target sequence.
Another aspect of embodiments of the present specification provides a method for sorting based on secret sharing. Wherein, the first participant holds a first fragment of the sequence to be sorted and a sorting sequence; a second participant holds a second fragment of the sequence to be ordered; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the method is performed by a second party, comprising: using a first public key to perform homomorphic encryption on the second fragment of the sequence to be sequenced to obtain an encrypted second fragment; sending the encrypted second fragment to a first participant; obtaining a second fragment of the encrypted target sequence from the first party; decrypting the second fragment of the encrypted target sequence by using a first private key corresponding to the first public key to obtain the second fragment of the target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence.
Another aspect of embodiments of the present specification provides a secret sharing based ranking system. The system is arranged on a second participant, wherein the first participant holds a first fragment of a sequence to be sorted and a sorting sequence; a second participant holds a second fragment of the sequence to be ordered; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the system comprises: the third encrypted fragment obtaining module is used for homomorphic encryption of the second fragment of the sequence to be sequenced by using the first public key to obtain an encrypted second fragment; a second sending module, configured to send the encrypted second segment to the first party; the fourth encrypted fragment acquisition module is used for acquiring a second fragment of the encrypted target sequence from the first party; the encrypted fragment decryption module is used for decrypting the second fragment of the encrypted target sequence by using a first private key corresponding to the first public key to obtain the second fragment of the target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence.
Another aspect of embodiments of the present specification provides a secret sharing-based ranking apparatus comprising at least one storage medium and at least one processor, the at least one storage medium for storing computer instructions; the at least one processor is configured to execute the computer instructions to implement a secret sharing based ranking method.
Another aspect of embodiments of the present specification provides a computer-readable storage medium storing computer instructions, and when the computer instructions in the storage medium are read by a computer, the computer executes a sorting method based on secret sharing.
Drawings
The present description will be further explained by way of exemplary embodiments, which will be described in detail by way of the accompanying drawings. These embodiments are not intended to be limiting, and in these embodiments like numerals are used to indicate like structures, wherein:
FIG. 1 is an exemplary diagram of a secret sharing arrangement protocol or operator, shown in accordance with some embodiments of the present description;
FIG. 2 is an exemplary interaction flow diagram of a secret sharing based ranking method, shown in accordance with some embodiments of the present description;
FIG. 3 is an exemplary diagram illustrating generating an ordered sequence according to some embodiments of the present description;
FIG. 4 is an exemplary block diagram of a secret sharing based ranking system according to some embodiments of the present description;
FIG. 5 is an exemplary block diagram of a secret sharing based ranking system according to some embodiments of the present description.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only examples or embodiments of the present description, and that for a person skilled in the art, the present description can also be applied to other similar scenarios on the basis of these drawings without inventive effort. Unless otherwise apparent from the context, or otherwise indicated, like reference numbers in the figures refer to the same structure or operation.
It should be understood that "system", "device", "unit" and/or "module" as used herein is a method for distinguishing different components, elements, parts, portions or assemblies at different levels. However, other words may be substituted by other expressions if they accomplish the same purpose.
As used in this specification and the appended claims, the terms "a," "an," "the," and/or "the" are not intended to be inclusive in the singular, but rather are intended to be inclusive in the plural, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that steps and elements are included which are explicitly identified, that the steps and elements do not form an exclusive list, and that a method or apparatus may include other steps or elements.
Flow charts are used in this description to illustrate operations performed by a system according to embodiments of the present description. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, the various steps may be processed in reverse order or simultaneously. Meanwhile, other operations may be added to the processes, or a certain step or several steps of operations may be removed from the processes.
The multi-party secure computing enables participating parties to achieve task goals and the like based on joint data of the parties without exposing respective data privacy.
In the course of multiparty security computing, it is often the case that data is jointly ordered (e.g., sorted in ascending order, sorted in descending order, or sorted according to some rule). For example, feature ordering of training samples used for machine learning, primary key ordering for joint statistical analysis, and so forth. Taking the sample feature ranking of machine learning as an example, there may be a need to rank the feature data and the tag data in the training sample set when performing model training of machine learning. For example, after the feature data are sorted from small to large according to the numerical values of the feature data, the tag data corresponding to the feature data need to be sorted according to a corresponding sorting manner, so that the tag data can be in one-to-one correspondence with the feature data after sorting.
For example only, in a multi-party secure computing scenario, a feature data column may be private to one party (e.g., a first party), the first party may generate a private ordering sequence (vector) based on the feature data column, and a tag column is private to another party (e.g., a second party).
In some embodiments, the ordering of secret sharing of data columns may be implemented based on a secret sharing arrangement protocol or operator. The secret sharing arrangement protocol may be a permutation algorithm or operator based on secret sharing, and in some embodiments may be described as using a private ordering sequence of one party (e.g., a first party or a second party) to perform secret arrangement on a secret sharing sequence of length n, resulting in an arrangement result still existing in the form of secret sharing. For example, p represents a private sorting sequence of one party, k1 represents a sequence to be sorted, k1 is stored in secret sharing form at each participant (e.g., a first shard of k1 is stored at a first participant, a second shard of k1 is stored at a second participant), k1 'represents a sorting result p (k) after sorting the sequence to be sorted k1 based on the sorting sequence p, and k1' is also obtained in secret sharing form by each participant (e.g., a first shard of k1 'is obtained by the first participant, a second shard of k1' is obtained by the second participant), and data held by each party is not known by other parties in the secret sorting process. The secret sharing arrangement protocol may be further denoted as ObliviousPerm function or operator:<k1'>=<p(<k1>)>,<>the representation of the ciphertext form may specifically be a sliced form. An ObliviousPerm function is understood to be a function whose set of input data comprises the ordered sequence p and the first slice of the sequence to be ordered<k1>1From the first participant whose other set of input data comprises a second slice of the sequence to be arranged<k1>2From the second party; the output data of which is a first slice comprising a sequence of results<k1'>1And a second section<k1'>2A first piece of the result sequence is obtained by a first participant and a second piece of the result sequence is obtained by a second participant. In some embodiments, the secret sharing arrangement protocol or operator may be as shown in FIG. 1.
Some embodiments of the present specification provide a sorting method based on secret sharing, which may secretly sort another data column based on a sorting sequence while protecting data privacy. It should be noted that the method provided by the present specification is applicable to any scene where the to-be-sorted data columns are safely sorted based on the sorting sequence. In some embodiments, the columns of data to be sorted may exist in both parties in a shared form. In some embodiments, the data column to be sorted may be held by one party, such as a second party, independently, at this time, the second party may split the data column to be sorted into fragments in a shared form, and send one of the fragments to another party, such as the first party, at this time, the sorting method provided in this specification may be used continuously.
The first fragment and the second fragment of the sequence to be sorted according to some embodiments of the present specification may refer to two fragments obtained by dividing the sequence to be sorted in a secret sharing manner. The first fragment and the second fragment of the sorting sequence may refer to two fragments obtained by dividing the sorting sequence in a secret sharing manner. Wherein, the fragments can be additive fragments, and the sum of the fragments is the original data. "first" and "second" are used only to distinguish slices stored in different participants. When the present specification refers to a fragment of a sequence, it mainly means that each element of the sequence is split separately, the first fragment of the sequence comprises one fragment of each element of the sequence, and the second fragment of the sequence comprises another fragment of each element of the sequence.
FIG. 2 is an exemplary interaction flow diagram of a secret sharing based ranking method, shown in accordance with some embodiments of the present description. In some embodiments, the interaction flow 200 shown in FIG. 2 may be performed cooperatively by the processing devices of the two parties participating in the ranking. For example, the portion of the interaction flow executed by the first party may be stored in the form of a program or instructions in a storage device of the first party (e.g., an on-board storage unit of the processing device or an external storage device), and the portion of the interaction flow executed by the second party may be stored in the form of a program or instructions in a storage device of the second party. The programs or instructions, when executed, may implement a secret sharing based ranking process.
In some embodiments, a first participant holds a first slice of a sequence to be sorted and a sorting sequence, and a second participant holds a second slice of the sequence to be sorted. The sorted sequence may be used to identify operations that sort a sequence of equal length, with elements indicating the positions of the alignment elements in the sequence of equal length in the resulting sequence. Referring to fig. 3, fig. 3 is an exemplary diagram illustrating generating an ordered sequence according to some embodiments of the present description. As shown in fig. 3, assuming that there exists one data column K including 5 elements, the original element index column identifies the positions of the 5 elements in the data column K, and assuming that the data column K needs to be sorted in ascending dictionary order (i.e., sorted in alphabetical order). And sorting the data column K to obtain a data column K'. The new subscript for the 1 st element a of K is 0, the new subscript for the 2 nd element b is 2, and so on, resulting in an ordered sequence p of [0, 2, 1, 4, 3] describing this permutation operation of K — > K'. In some embodiments, this ordering sequence may act on the data column K as an ordering function, which may be denoted as p (K) = K'.
In some embodiments, the sorting may be a stable sorting, that is, two or more elements in the sequence to be sorted may be the same, taking element "a" in data column K as an example, if element "a" with sequence number 0 in the sequence before sorting leads element "a" with sequence number 2, element "a" with sequence number 0 in the sequence after sorting still leads element "a" with sequence number 2. In some other embodiments, the present specification scheme is equally applicable to unstable ordering.
In the following embodiments, the letter "a" after a step indicates execution by a processing device of a first party, and the letter "B" after a step indicates execution by a processing device of a second party.
At step 202A, an encrypted second fragment is obtained from a second party. In some embodiments, step 202A may be performed by first crypto-slice acquisition module 410.
Encrypting the second fragment may refer to encrypting a fragment of the sequence to be ordered held by the second party to obtain a data fragment.
In some embodiments, prior to performing step 202A, the encrypted second segment may be obtained by homomorphic encryption of the second segment of the to-be-sorted sequence by the second party using the first public key.
In some embodiments, the first public key may be from a public-private key pair. For example, a public-private key pair may be generated by a second party and a first public key sent to the first party, with the second party holding a first private key corresponding to the first public key.
In some embodiments, the processing device of the first party may obtain the encrypted second fragment from the second party by way of a network or by invoking a data interface, etc.
In some embodiments, the second party may send the encrypted second fragment to the first party by performing step 202B.
Illustratively, with PKBRepresenting a first public key, SKBWhich represents the first private key, is,<X>Arepresenting the first slice of the sequence to be ordered,<X>Brepresenting the second slice of the sequence to be ordered. The processing device of the second party may use the first public key PKBTo pair<X>BCarrying out encryption to obtain an encrypted second section<X>B]BAnd sent to the first party.
In some embodiments, the first participant's processing device may use the first public key PK locally theretoBFirst slice of sequence to be sorted<X>APerforming homomorphic encryption to obtain an encrypted first partial [ 2 ]<X>A]B。
Homomorphic encryption has the characteristic that operations such as addition, multiplication and the like are carried out on a plaintext for re-encryption, and corresponding operations are carried out on a ciphertext after encryption, and the results of the operations are equivalent. Based on the characteristic, after obtaining the encrypted fragments (i.e., the first encrypted fragment and the second encrypted fragment) corresponding to the fragments of the sequence to be ordered, the processing device of the first party may perform a merging operation on the first encrypted fragment and the second encrypted fragment (e.g., an addition operation, which is equivalent to merging and re-encrypting the first fragment and the second fragment of the sequence to be ordered), and a result of the operation is the encrypted sequence to be ordered.
In some embodiments, the process of obtaining the encrypted sequence to be ordered may be represented as:
[<X>A]B+[<X>B]B=[X]B。
and step 208A, sequencing the encrypted sequence to be sequenced by using the sequencing sequence to obtain an encrypted target sequence. In some embodiments, step 208A may be performed by the encryption target sequence acquisition module 440.
The target sequence is equal to the result of ordering the to-be-ordered sequence based on the ordering sequence. The sorting may include ascending, descending, sorting by a particular manner (e.g., periodic sorting), and so on. The encrypted target sequence may be a result obtained by sequencing a sequence to be sequenced in an encrypted state, and in this process, the data privacy of the sequence to be sequenced is under encryption privacy protection.
In some embodiments, the processing device of the first participant may implement the sorting operation by a permutation function. For example, the ordering sequence is represented by pi, and the result of ordering the encrypted sequence to be ordered using the ordering sequence pi can be represented by pi ([ X ]]B) Based on the definition of the ordered sequence, pi ([ X ]]B)=[π(X)B]Thus, the encrypted target sequence can be expressed as [ pi (X)B]。
In some embodiments, the processing device of the first participant may generate the random sequence by a random sequence generation algorithm<Y>AAnd this is taken as the first fragment of the target sequence. Naturally, the length of the random sequence is the same as the length of the sequence to be ordered.
In some embodiments, the processing device of the first party may also obtain the random sequence by reading the random sequence from its private database, storage device.
In some embodiments, for better security of data privacy, the first public key PK may be used by the processing device of the first party prior to obtaining the second fragment of the encrypted target sequenceBFor random sequence (first fragment of target sequence)<Y>APerforming encryption to obtain a first fragment of an encrypted target sequence<Y>A]B. The encryption mode may be the homomorphic encryption, so that after the random sequence is encrypted, the second fragment of the encrypted target sequence is obtained through a certain operation, and meanwhile, after the second fragment of the encrypted target sequence is sent to the second party, the second party may decrypt based on the second fragment of the encrypted target sequence to obtain the second fragment of the target sequence.
In some embodiments, the processing device of the first participant may obtain a second segment of the encrypted target sequence based on the encrypted target sequence and the first segment of the encrypted target sequence. For example, the processing device of the first participant may obtain the second fragment of the encrypted target sequence by subtracting the first fragment of the encrypted target sequence from the encrypted target sequence. The process can be expressed as:
[<Y>B]B=[π(X)B] - [<Y>A]B。
In some embodiments, the processing device of the first party may send the second fragment of the encrypted target sequence to the second party over the network.
In some embodiments, the processing device of the second party may perform step 214B to obtain the second segment of the encrypted target sequence from the first party. After obtaining the second slice of the encrypted target sequence, the processing device of the second participant may perform step 216B, using a first private key SK corresponding to the first public keyBSubjecting the encrypted target sequence [ 2 ]<Y>B]BDecrypting the second slice to obtain the second slice of the target sequence<Y>B。
In some embodiments of the present description, the parties may implement the ordering of columns of data in the form of secret sharing without exposing the privacy of the respective data. Meanwhile, the method of the scheme has the advantages of small communication traffic and memory occupation among all the participants in the implementation process, wide application scenes and capability of being used in application scenes with large data scale.
It should be noted that the above description of the respective flows is only for illustration and description, and does not limit the applicable scope of the present specification. Various modifications and alterations to the flow may occur to those skilled in the art, given the benefit of this description. However, such modifications and variations are intended to be within the scope of the present description. For example, changes to the flow steps described herein, such as the addition of pre-processing steps and storage steps, may be made.
FIG. 4 is an exemplary block diagram of a secret sharing based ranking system according to some embodiments of the present description. As shown in fig. 4, the system 400 may include a first encryption slice obtaining module 410, a second encryption slice obtaining module 420, an encryption to-be-sorted sequence obtaining module 430, an encryption target sequence obtaining module 440, a random sequence obtaining module 450, an encryption target sequence slice obtaining module 460, and a first sending module 470.
The first encrypted slice acquisition module 410 may be configured to acquire an encrypted second slice from a second party.
And the second fragment to be sequenced is obtained by using a first public key to homomorphically encrypt the second fragment by a second participant, and the second participant holds a first private key corresponding to the first public key.
The second encrypted fragment obtaining module 420 may be configured to perform homomorphic encryption on the first fragment of the sequence to be ordered by using the first public key, so as to obtain an encrypted first fragment.
The encrypted sequence to be ordered obtaining module 430 may be configured to obtain an encrypted sequence to be ordered based on the encrypted first segment and the encrypted second segment.
The encrypted target sequence obtaining module 440 may be configured to use the sorting sequence to sort the encrypted sequence to be sorted, so as to obtain an encrypted target sequence.
Wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence.
The random sequence acquisition module 450 may be configured to acquire a random sequence as a first fragment of a target sequence.
The encrypted target sequence segment obtaining module 460 may be configured to obtain a second segment of an encrypted target sequence based on the encrypted target sequence and the first segment of the target sequence.
The first sending module 470 may be configured to send the second fragment of the encrypted target sequence to the second participant so that the second participant decrypts the second fragment of the encrypted target sequence based on the first private key to obtain the second fragment of the target sequence.
FIG. 5 is an exemplary block diagram of a secret sharing based ranking system according to some embodiments of the present description. As shown in fig. 5, the system 500 may include a third cryptographic slice acquisition module 510, a second transmission module 520, a fourth cryptographic slice acquisition module 530, and a cryptographic slice decryption module 540.
The third encrypted fragment obtaining module 510 may be configured to perform homomorphic encryption on the second fragment of the sequence to be sorted by using the first public key, so as to obtain an encrypted second fragment.
The second sending module 520 may be configured to send the encrypted second segment to the first party.
The fourth encryption slice acquisition module 530 may be configured to acquire a second slice of the encryption target sequence from the first party.
The encrypted fragment decryption module 540 may be configured to decrypt the second fragment of the encrypted target sequence using the first private key corresponding to the first public key to obtain the second fragment of the target sequence.
Wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence.
With regard to the detailed description of the modules of the system shown above, reference may be made to the flow chart portion of this specification, e.g., the associated description of fig. 2.
It should be understood that the systems shown in fig. 4 and 5 and their modules may be implemented in a variety of ways. For example, in some embodiments, the system and its modules may be implemented in hardware, software, or a combination of software and hardware. Wherein the hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory for execution by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the methods and systems described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided, for example, on a carrier medium such as a diskette, CD-or DVD-ROM, a programmable memory such as read-only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The system and its modules in this specification may be implemented not only by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., but also by software executed by various types of processors, for example, or by a combination of the above hardware circuits and software (e.g., firmware).
It should be noted that the above description of the sorting system and its modules based on secret sharing is only for convenience of description, and does not limit the present specification to the scope of the illustrated embodiments. It will be appreciated by those skilled in the art that, given the teachings of the present system, any combination of modules or sub-system configurations may be used to connect to other modules without departing from such teachings. For example, in some embodiments, the first encryption slice acquiring module 410, the second encryption slice acquiring module 420, the encryption to-be-sorted sequence acquiring module 430, the encryption target sequence acquiring module 440, the random sequence acquiring module 450, the encryption target sequence slice acquiring module 460, and the first sending module 470 may be different modules in one system, or may be a module that implements functions of two or more modules described above. For example, each module may share one memory module, and each module may have its own memory module. Such variations are within the scope of the present disclosure.
The beneficial effects that may be brought by the embodiments of the present description include, but are not limited to: (1) each participant can realize the sequencing of data columns in a secret sharing mode under the condition of not exposing respective data privacy; (2) in the implementation process, the communication traffic and the memory occupation among all the participants are small, the application scene is wide, and the method can be used in the application scene with larger data scale. It is to be noted that different embodiments may produce different advantages, and in different embodiments, any one or combination of the above advantages may be produced, or any other advantages may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be regarded as illustrative only and not as limiting the present specification. Various modifications, improvements and adaptations to the present description may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the present specification and thus fall within the spirit and scope of the exemplary embodiments of the present specification.
Also, the description uses specific words to describe embodiments of the description. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the specification is included. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the specification may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the present description may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereof. Accordingly, aspects of this description may be performed entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.), or by a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the present description may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
The computer storage medium may comprise a propagated data signal with the computer program code embodied therewith, for example, on baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, etc., or any suitable combination. A computer storage medium may be any computer-readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer storage medium may be propagated over any suitable medium, including radio, cable, fiber optic cable, RF, or the like, or any combination of the preceding.
Computer program code required for the operation of various portions of this specification may be written in any one or more programming languages, including an object oriented programming language such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C + +, C #, VB.NET, Python, and the like, a conventional programming language such as C, Visual Basic, Fortran 2003, Perl, COBOL 2002, PHP, ABAP, a dynamic programming language such as Python, Ruby, and Groovy, or other programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any network format, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service, such as a software as a service (SaaS).
Additionally, the order in which the elements and sequences of the process are recited in the specification, the use of alphanumeric characters, or other designations, is not intended to limit the order in which the processes and methods of the specification occur, unless otherwise specified in the claims. While various presently contemplated embodiments of the invention have been discussed in the foregoing disclosure by way of example, it is to be understood that such detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments herein. For example, although the system components described above may be implemented by hardware devices, they may also be implemented by software-only solutions, such as installing the described system on an existing server or mobile device.
Similarly, it should be noted that in the preceding description of embodiments of the present specification, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to imply that more features than are expressly recited in a claim. Indeed, the embodiments may be characterized as having less than all of the features of a single embodiment disclosed above.
Numerals describing the number of components, attributes, etc. are used in some embodiments, it being understood that such numerals used in the description of the embodiments are modified in some instances by the use of the modifier "about", "approximately" or "substantially". Unless otherwise indicated, "about", "approximately" or "substantially" indicates that the number allows a variation of ± 20%. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximations that may vary depending upon the desired properties of the individual embodiments. In some embodiments, the numerical parameter should take into account the specified significant digits and employ a general digit preserving approach. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of the range are approximations, in the specific examples, such numerical values are set forth as precisely as possible within the scope of the application.
For each patent, patent application publication, and other material, such as articles, books, specifications, publications, documents, etc., cited in this specification, the entire contents of each are hereby incorporated by reference into this specification. Except where the application history document does not conform to or conflict with the contents of the present specification, it is to be understood that the application history document, as used herein in the present specification or appended claims, is intended to define the broadest scope of the present specification (whether presently or later in the specification) rather than the broadest scope of the present specification. It is to be understood that the descriptions, definitions and/or uses of terms in the accompanying materials of this specification shall control if they are inconsistent or contrary to the descriptions and/or uses of terms in this specification.
Finally, it should be understood that the embodiments described herein are merely illustrative of the principles of the embodiments of the present disclosure. Other variations are also possible within the scope of the present description. Thus, by way of example, and not limitation, alternative configurations of the embodiments of the specification can be considered consistent with the teachings of the specification. Accordingly, the embodiments of the present description are not limited to only those embodiments explicitly described and depicted herein.
Claims (8)
1. A sorting method based on secret sharing is disclosed, wherein a first participant holds a first fragment of a sequence to be sorted and a sorting sequence, and a second participant holds a second fragment of the sequence to be sorted; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the method is performed by a first party, comprising:
obtaining an encrypted second fragment from a second party; the second fragment to be sequenced is obtained by a second participant through homomorphic encryption by using a first public key to encrypt the second fragment, and the second participant holds a first private key corresponding to the first public key;
using the first public key to perform homomorphic encryption on the first fragment of the sequence to be sequenced to obtain an encrypted first fragment;
acquiring an encrypted sequence to be sequenced based on the encrypted first fragment and the encrypted second fragment;
sequencing the encrypted sequence to be sequenced by using the sequencing sequence to obtain an encrypted target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence;
acquiring a random sequence as a first fragment of a target sequence;
acquiring a second fragment of the encrypted target sequence based on the encrypted target sequence and the first fragment of the target sequence;
and sending the second fragment of the encrypted target sequence to a second party so that the second party decrypts the second fragment of the encrypted target sequence based on the first private key to obtain the second fragment of the target sequence.
2. The method of claim 1, wherein obtaining a second slice of an encrypted target sequence based on the encrypted target sequence and the first slice of the target sequence comprises:
encrypting the random sequence by using the first public key to obtain a first fragment of an encrypted target sequence;
obtaining a second slice of the encrypted target sequence based on the encrypted target sequence and the first slice of the encrypted target sequence.
3. The method of claim 2, wherein the second slice of the encrypted target sequence is equal to the encrypted target sequence minus the first slice of the encrypted target sequence.
4. A sorting system based on secret sharing is arranged on a first participant, wherein the first participant holds a first fragment of a sequence to be sorted and a sorting sequence, and a second participant holds a second fragment of the sequence to be sorted; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the system comprises:
the first encrypted fragment obtaining module is used for obtaining an encrypted second fragment from a second party; the second fragment to be sequenced is obtained by a second participant through homomorphic encryption by using a first public key to encrypt the second fragment, and the second participant holds a first private key corresponding to the first public key;
the second encrypted fragment obtaining module is used for homomorphic encryption of the first fragment of the sequence to be sequenced by using the first public key to obtain an encrypted first fragment;
the encrypted sequence to be sequenced acquiring module is used for acquiring an encrypted sequence to be sequenced based on the encrypted first fragment and the encrypted second fragment;
the encrypted target sequence acquisition module is used for sequencing the encrypted sequence to be sequenced by using the sequencing sequence to obtain an encrypted target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence;
the random sequence acquisition module is used for acquiring a random sequence as a first fragment of a target sequence;
the encrypted target sequence fragment acquisition module is used for acquiring a second fragment of the encrypted target sequence based on the encrypted target sequence and the first fragment of the target sequence;
and the first sending module is used for sending the second fragment of the encrypted target sequence to a second party so that the second party can decrypt the second fragment of the encrypted target sequence based on the first private key to obtain the second fragment of the target sequence.
5. A secret sharing based ranking apparatus comprising at least one storage medium and at least one processor, the at least one storage medium for storing computer instructions; the at least one processor is configured to execute the computer instructions to implement the method of any of claims 1-3.
6. A sorting method based on secret sharing is disclosed, wherein a first participant holds a first fragment of a sequence to be sorted and a sorting sequence; a second participant holds a second fragment of the sequence to be ordered; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the method is performed by a second party, comprising:
using a first public key to perform homomorphic encryption on the second fragment of the sequence to be sequenced to obtain an encrypted second fragment;
sending the encrypted second fragment to a first participant;
obtaining a second fragment of the encrypted target sequence from the first party;
decrypting the second fragment of the encrypted target sequence by using a first private key corresponding to the first public key to obtain the second fragment of the target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence.
7. A sorting system based on secret sharing is arranged on a second party, wherein the first party holds a first fragment of a sequence to be sorted and a sorting sequence; a second participant holds a second fragment of the sequence to be ordered; the sorting sequence is used for identifying the operation of sorting the equal-length sequence, and the element of the sorting sequence indicates the position of the alignment element in the equal-length sequence in the result sequence; the system comprises:
the third encrypted fragment obtaining module is used for homomorphic encryption of the second fragment of the sequence to be sequenced by using the first public key to obtain an encrypted second fragment;
a second sending module, configured to send the encrypted second segment to the first party;
the fourth encrypted fragment acquisition module is used for acquiring a second fragment of the encrypted target sequence from the first party;
the encrypted fragment decryption module is used for decrypting the second fragment of the encrypted target sequence by using a first private key corresponding to the first public key to obtain the second fragment of the target sequence; wherein the target sequence is equal to a result of sorting the sequence to be sorted based on the sorting sequence.
8. A secret sharing based ranking apparatus comprising at least one storage medium and at least one processor, the at least one storage medium for storing computer instructions; the at least one processor is configured to execute the computer instructions to implement the method of claim 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210131397.2A CN114172631B (en) | 2022-02-14 | 2022-02-14 | Sorting method and system based on secret sharing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210131397.2A CN114172631B (en) | 2022-02-14 | 2022-02-14 | Sorting method and system based on secret sharing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114172631A true CN114172631A (en) | 2022-03-11 |
| CN114172631B CN114172631B (en) | 2022-05-06 |
Family
ID=80489941
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210131397.2A Active CN114172631B (en) | 2022-02-14 | 2022-02-14 | Sorting method and system based on secret sharing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114172631B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941181A (en) * | 2023-02-02 | 2023-04-07 | 华控清交信息科技(北京)有限公司 | Out-of-order secret sharing method and system and readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140105385A1 (en) * | 2010-12-10 | 2014-04-17 | Shantanu Rane | Method for Privacy-Preserving Order Selection of Encrypted Element |
| CN105138923A (en) * | 2015-08-11 | 2015-12-09 | 苏州大学 | Privacy protection time sequence similarity calculation method |
| CN110971405A (en) * | 2019-12-06 | 2020-04-07 | 支付宝(杭州)信息技术有限公司 | SM2 signing and decrypting method and system with cooperation of multiple parties |
| US20200242234A1 (en) * | 2019-01-28 | 2020-07-30 | Nec Corporation Of America | Secure multiparty computation of shuffle, sort, and set operations |
| WO2021197037A1 (en) * | 2020-04-01 | 2021-10-07 | 支付宝(杭州)信息技术有限公司 | Method and apparatus for jointly performing data processing by two parties |
| CN113746620A (en) * | 2021-09-13 | 2021-12-03 | 深圳前海微众银行股份有限公司 | Homomorphic encryption method, apparatus, medium, and computer program product |
-
2022
- 2022-02-14 CN CN202210131397.2A patent/CN114172631B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140105385A1 (en) * | 2010-12-10 | 2014-04-17 | Shantanu Rane | Method for Privacy-Preserving Order Selection of Encrypted Element |
| CN105138923A (en) * | 2015-08-11 | 2015-12-09 | 苏州大学 | Privacy protection time sequence similarity calculation method |
| US20200242234A1 (en) * | 2019-01-28 | 2020-07-30 | Nec Corporation Of America | Secure multiparty computation of shuffle, sort, and set operations |
| CN110971405A (en) * | 2019-12-06 | 2020-04-07 | 支付宝(杭州)信息技术有限公司 | SM2 signing and decrypting method and system with cooperation of multiple parties |
| WO2021197037A1 (en) * | 2020-04-01 | 2021-10-07 | 支付宝(杭州)信息技术有限公司 | Method and apparatus for jointly performing data processing by two parties |
| CN113746620A (en) * | 2021-09-13 | 2021-12-03 | 深圳前海微众银行股份有限公司 | Homomorphic encryption method, apparatus, medium, and computer program product |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941181A (en) * | 2023-02-02 | 2023-04-07 | 华控清交信息科技(北京)有限公司 | Out-of-order secret sharing method and system and readable storage medium |
| CN115941181B (en) * | 2023-02-02 | 2023-05-12 | 华控清交信息科技(北京)有限公司 | Out-of-order secret sharing method, system and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114172631B (en) | 2022-05-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10572677B2 (en) | Performing secure queries from a higher security domain of information in a lower security domain | |
| CN110969264B (en) | Model training method, distributed prediction method and system thereof | |
| CN110944011B (en) | Joint prediction method and system based on tree model | |
| CN110661764A (en) | Input acquisition method and device of secure multi-party computing protocol | |
| CN114282256B (en) | Secret sharing-based sorting scrambling method and recovery method | |
| CN112953974B (en) | Data collision method, device, equipment and computer readable storage medium | |
| CN110378138A (en) | Data encryption, decryption method and neural network training method and equipment | |
| CN114172648B (en) | Sorting method and system based on secret sharing | |
| CN114153808B (en) | Sorting method and system based on secret sharing | |
| CN111628966A (en) | Data transmission, processing and authorization method and system thereof | |
| CN114172631B (en) | Sorting method and system based on secret sharing | |
| US9231978B2 (en) | Cryptographic construction for anonymity during interaction for collective outcome | |
| CN114338017B (en) | Sorting method and system based on secret sharing | |
| CN114282255B (en) | Sorting sequence merging method and system based on secret sharing | |
| CN116204903A (en) | Financial data security management method and device, electronic equipment and storage medium | |
| US20120216287A1 (en) | Social network privacy using morphed communities | |
| CN115329359A (en) | Secret query method and system | |
| WO2017065122A1 (en) | Device for adding secret authentication code, method for adding secret authentication code, and program | |
| CN115396222B (en) | Device instruction execution method, system, electronic device and readable storage medium | |
| JP6466812B2 (en) | Name identification system, apparatus, method and program | |
| CN115603910A (en) | Multi-party safety vector bitwise multiplication calculation method and system | |
| Maata et al. | Performance analysis of twofish cryptography algorithm in big data | |
| CN114978620B (en) | Encryption method and decryption method for identity identification number | |
| Baby et al. | COBBS: a multicloud architecture for better business solutions | |
| EP4252385A1 (en) | Concept for sharing data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |