CN114301702B - Proxy confusing transmission method and device, storage medium and electronic equipment - Google Patents

Proxy confusing transmission method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN114301702B
CN114301702B CN202111655962.7A CN202111655962A CN114301702B CN 114301702 B CN114301702 B CN 114301702B CN 202111655962 A CN202111655962 A CN 202111655962A CN 114301702 B CN114301702 B CN 114301702B
Authority
CN
China
Prior art keywords
public
key
private key
shared
proxy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111655962.7A
Other languages
Chinese (zh)
Other versions
CN114301702A (en
Inventor
徐帅健妮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN202111655962.7A priority Critical patent/CN114301702B/en
Publication of CN114301702A publication Critical patent/CN114301702A/en
Application granted granted Critical
Publication of CN114301702B publication Critical patent/CN114301702B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Compression, Expansion, Code Conversion, And Decoders (AREA)

Abstract

The disclosure relates to the technical field of cryptography, and relates to a proxy confusing transmission method and device, a storage medium and electronic equipment. The method comprises the following steps: determining a base point coordinate from the elliptic curve parameters, and generating a first public-private key pair according to the base point coordinate so as to send a first public key of the first public-private key pair to a selector; receiving a second public key sent by a selector, and generating a shared key shared with the selector according to the elliptic curve parameter, the second public key and a first private key in a first public-private key pair; and encoding the data to be transmitted corresponding to the sender based on the shared secret key, and transmitting an encoding result corresponding to the data to be transmitted to the proxy so that the proxy determines target data from the data to be transmitted. In the method, the data to be transmitted are encoded by the shared secret key and then transmitted to the proxy, so that the proxy can only acquire the target data in the data to be transmitted, and the data privacy of the transmitter is ensured.

Description

Proxy confusing transmission method and device, storage medium and electronic equipment
Technical Field
The present disclosure relates to the field of cryptography, and in particular, to a proxy transmission method, a proxy transmission device, a computer readable storage medium, and an electronic apparatus.
Background
In recent years, in order to provide a theoretical solution to the problems of information leakage and the like faced in developing security, proxy-based transport protocols have been used in various fields.
In the prior art, when a sender and a selector generate respective public and private key pairs, the utilized algorithm is generally high in complexity and weak in algorithm performance, so that the data privacy of each participant in the proxy-based transmission protocol cannot be ensured.
In view of this, there is a need in the art to develop a new proxy-based transmission method and apparatus.
It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The disclosure provides a proxy-based transmission method, a proxy-based transmission device, a computer-readable storage medium, and an electronic apparatus, which at least partially overcome the problem that the data privacy of each participant in a proxy-based transmission protocol cannot be ensured due to the related art.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
According to a first aspect of an embodiment of the present invention, there is provided a proxy confusing transmission method applied to a sender, the method including: determining base point coordinates from elliptic curve parameters, and generating a first public-private key pair according to the base point coordinates so as to send a first public key in the first public-private key pair to a selector; receiving a second public key sent by the selector, and generating a shared key shared with the selector according to the elliptic curve parameter, the second public key and a first private key in the first public-private key pair; and encoding the data to be transmitted corresponding to the sender based on the shared secret key, and transmitting an encoding result corresponding to the data to be transmitted to an agent, so that the agent determines target data from the data to be transmitted.
In an exemplary embodiment of the present invention, the elliptic curve parameter includes an order of a base point; the generating a first public-private key pair according to the base point coordinates comprises: generating a first random integer belonging to a first random interval by using a random number generator; wherein the first random interval is determined according to the order; and calculating the first random integer and the base point coordinate to obtain a first public key, and determining the first random integer as a first private key to determine a first public-private key pair consisting of the first public key and the first private key.
In an exemplary embodiment of the present invention, the generating a shared key shared with the selecting party according to the elliptic curve parameter, the second public key and the first private key in the first public-private key pair includes: generating a first random number belonging to a second random interval by using the random number generator, and calculating the first random number and the base point coordinates to obtain a first curve point of an elliptic curve corresponding to the elliptic curve parameter so as to send the first curve point to a selector; wherein the second random interval is determined according to the order; and receiving a second curve point sent by the selector, and generating a shared key shared with the selector based on the first curve point, the second public key and the elliptic curve parameter.
In an exemplary embodiment of the present invention, the elliptic curve parameters include a cofactor therein; the generating a shared key shared with the selector based on the first curve point, the second public key, and the elliptic curve parameter includes: calculating the orders to obtain a first order calculation result; updating a first curve point abscissa corresponding to the first curve point and a second curve point abscissa corresponding to the second curve point based on the first order calculation result, so as to obtain an updated first curve point abscissa and an updated second curve point abscissa; calculating the first random integer, the updated first curve point abscissa and the first random number to obtain a first calculation result, and generating a second calculation result according to the first calculation result, the cofactor, the second public key, the updated second curve point abscissa and the second curve point; and generating a shared key shared with the selector according to the first hash value corresponding to the sender, the second hash value corresponding to the selector, the second calculation result and a preset shared key length.
According to a second aspect of the embodiment of the present invention, there is provided a proxy confusing transmission protocol method applied to a selector, the method comprising: determining base point coordinates from elliptic curve parameters, and generating a second public-private key pair according to the base point coordinates so as to send a second public key in the second public-private key pair to a sender; receiving a first public key sent by the sender, and generating a shared key shared with the sender according to the elliptic curve parameter, the first public key and a second private key in the second public-private key pair; and encoding the identification corresponding to the receiver based on the shared secret key, and sending an encoding result corresponding to the identification to the proxy, so that the proxy determines target data consistent with the identification in number.
In an exemplary embodiment of the present invention, the elliptic curve parameter includes an order of a base point; the generating a second public-private key pair according to the base point coordinates comprises the following steps: generating a second random integer belonging to a third random interval by using a random number generator; wherein the third random interval is determined according to the order; and calculating the second random integer and the base point coordinate to obtain a second public key, and determining the second random integer as a second private key to determine a second public-private key pair consisting of the second public key and the second private key.
In an exemplary embodiment of the present invention, the generating a shared key shared with the sender according to the elliptic curve parameter, the first public key and the second private key in the second public-private key pair includes: generating a second random number belonging to a fourth random interval by using the random number generator, and calculating the second random number and the base point coordinates to obtain a second curve point of an elliptic curve corresponding to the elliptic curve parameter so as to send the second curve point to a sender; wherein the fourth random interval is determined according to the order; and receiving a first curve point sent by the sender, and generating a shared key shared with the sender based on the first curve point, the second curve point, the first public key and the elliptic curve parameter.
In an exemplary embodiment of the present invention, the elliptic curve parameters include a cofactor therein; the generating a shared key shared with the sender based on the first curve point, the second curve point, the first public key, and the elliptic curve parameter includes: calculating the order to obtain a second order calculation result; updating a first curve point abscissa corresponding to the first curve point and a second curve point abscissa corresponding to the second curve point based on the second order calculation result, so as to obtain an updated first curve point abscissa and an updated second curve point abscissa; calculating the second random integer, the updated first curve point abscissa and the second random number to obtain a third calculation result, and generating a fourth calculation result according to the third calculation result, the cofactor, the first public key, the updated second curve point abscissa and the second curve point; and generating a shared key shared with the sender according to the first hash value corresponding to the sender, the second hash value corresponding to the selector, the fourth calculation result and a preset shared key length.
According to a third aspect of the embodiment of the present invention, there is provided a proxy confusing transmission method, applied to a proxy, the method including: receiving a coding result corresponding to data to be transmitted, which is transmitted by a transmitting side; the encoding result corresponding to the data to be transmitted is obtained by the transmitting party encoding the data to be transmitted corresponding to the transmitting party based on a shared secret key, the shared secret key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is transmitted to the transmitting party in a selected direction, and the first public-private key pair is generated by the transmitting party according to base point coordinates in the elliptic curve parameters; receiving a coding result which is sent by a selector and corresponds to the identification; the coding result corresponding to the identifier is obtained by the selector coding the identifier corresponding to the selector based on a shared key, the shared key is generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by a transmitting direction, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters; and determining target data with the same number as the identification from the data to be transmitted by using the coding result corresponding to the data to be transmitted and the coding result corresponding to the identification.
According to a fourth aspect of an embodiment of the present invention, there is provided a proxy confusing transmission apparatus, the apparatus including: the first generation module is configured to determine base point coordinates from elliptic curve parameters, and generate a first public-private key pair according to the base point coordinates so as to send a first public key of the first public-private key pair to a selector; the second generation module is configured to receive a second public key sent by the selector and generate a shared secret key shared with the selector according to the elliptic curve parameter, the second public key and a first private key in the first public-private key pair; and the first sending module is configured to encode the data to be sent corresponding to the sender based on the shared secret key, and send the encoding result corresponding to the data to be sent to the proxy, so that the proxy determines target data from the data to be sent.
According to a fifth aspect of an embodiment of the present invention, there is provided a proxy confusing transmission apparatus, the apparatus including: the third generation module is configured to determine base point coordinates from elliptic curve parameters, and generate a second public-private key pair according to the base point coordinates so as to send a second public key in the second public-private key pair to a sender; a fourth generation module configured to receive the first public key sent by the sender and generate a shared key shared with the sender according to the elliptic curve parameter, the first public key and a second private key in the second public-private key pair; and the second sending module is configured to encode the identification corresponding to the receiver based on the shared secret key so as to send the encoding result corresponding to the identification to the proxy, so that the proxy determines target data consistent with the identification in number.
According to a sixth aspect of the embodiments of the present invention, there is provided a proxy confusing transmission apparatus, the apparatus comprising: the first receiving module is configured to receive a coding result corresponding to data to be transmitted, which is transmitted by a transmitting party; the encoding result corresponding to the data to be transmitted is obtained by the transmitting party encoding the data to be transmitted corresponding to the transmitting party based on a shared secret key, the shared secret key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is transmitted to the transmitting party in a selected direction, and the first public-private key pair is generated by the transmitting party according to base point coordinates in the elliptic curve parameters; the second receiving module is configured to receive the coding result corresponding to the identification sent by the selector; the coding result corresponding to the identifier is obtained by the selector coding the identifier corresponding to the selector based on a shared key, the shared key is generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by a transmitting direction, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters; and the determining module is configured to determine target data with the same number as the identification from the data to be transmitted by using the coding result corresponding to the data to be transmitted and the coding result corresponding to the identification.
According to a seventh aspect of an embodiment of the present invention, there is provided an electronic apparatus including: a processor and a memory; wherein the memory has stored thereon computer readable instructions which, when executed by the processor, implement the proxy confusing transmission method of any of the above-described exemplary embodiments.
According to an eighth aspect of the embodiments of the present invention, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the proxy-in-the-absence transmission method in any of the above-described exemplary embodiments.
As can be seen from the above technical solutions, the agent-based transmission method, the agent-based transmission device, the computer storage medium, and the electronic device according to the exemplary embodiments of the present invention have at least the following advantages and positive effects:
in the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared key is generated according to the elliptic curve parameter, the second public key and the first private key in the first public-private key pair, and the first public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared key is reduced; on the other hand, the data to be transmitted is encoded by the shared secret key and then transmitted to the proxy, so that the proxy can not acquire other data except the target data in the data to be transmitted, and the data privacy of the transmitter is ensured.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure. It will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without undue effort.
Fig. 1 schematically illustrates a flow chart of a proxy confusing transmission method in an embodiment of the disclosure;
FIG. 2 schematically illustrates a flow diagram for generating a first public-private key from base point coordinates in an embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow diagram of generating a shared key shared with a selector in an embodiment of the disclosure;
FIG. 4 schematically illustrates a flow diagram for generating a shared key shared with a selecting party in an embodiment of the disclosure;
fig. 5 schematically illustrates a flowchart of a flow diagram of a proxy confusing transmission method in an embodiment of the disclosure;
FIG. 6 schematically illustrates a flow diagram for generating a second public-private key pair from base point coordinates in an embodiment of the present disclosure;
FIG. 7 schematically illustrates a flow diagram for generating a shared key in an embodiment of the disclosure;
FIG. 8 schematically illustrates a flow diagram for generating a shared key in an embodiment of the present disclosure;
fig. 9 schematically illustrates a flowchart of a flow diagram of a proxy confusing transmission method in an embodiment of the disclosure;
fig. 10 schematically illustrates a structural diagram of three participants in proxy confusing transmission in an embodiment of the present disclosure;
FIG. 11 schematically illustrates a schematic structure of a proxy-based transport device in an embodiment of the disclosure;
FIG. 12 schematically illustrates a schematic configuration of a proxy-based transport device in an embodiment of the disclosure;
fig. 13 schematically illustrates a schematic structural diagram of a proxy-confusing transmission device in an embodiment of the disclosure;
FIG. 14 schematically illustrates an electronic device for a proxy confusing transmission method in an embodiment of the present disclosure;
fig. 15 schematically illustrates a computer-readable storage medium for a proxy-confusing transmission method in an embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments may be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the present disclosure. One skilled in the relevant art will recognize, however, that the aspects of the disclosure may be practiced without one or more of the specific details, or with other methods, components, devices, steps, etc. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.
The terms "a," "an," "the," and "said" are used in this specification to denote the presence of one or more elements/components/etc.; the terms "comprising" and "having" are intended to be inclusive and mean that there may be additional elements/components/etc. in addition to the listed elements/components/etc.; the terms "first" and "second" and the like are used merely as labels, and are not intended to limit the number of their objects.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities.
Aiming at the problems in the related art, the present disclosure proposes a proxy confusing transmission method. Fig. 1 shows a flow chart of a proxy-based transmission method applied to a sender, and as shown in fig. 1, the proxy-based transmission method at least includes the following steps:
s110, determining base point coordinates from elliptic curve parameters, and generating a first public-private key pair according to the base point coordinates so as to send a first public key of the first public-private key pair to a selector.
And S120, receiving a second public key sent by the selector, and generating a shared key shared with the selector according to the elliptic curve parameter, the second public key and the first private key in the first public-private key pair.
And S130, encoding the data to be transmitted corresponding to the sender based on the shared secret key, and transmitting an encoding result corresponding to the data to be transmitted to the proxy so that the proxy determines target data from the data to be transmitted.
In the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared key is generated according to the elliptic curve parameter, the second public key and the first private key in the first public-private key pair, and the first public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared key is reduced; on the other hand, the data to be transmitted is encoded by the shared secret key and then transmitted to the proxy, so that the proxy cannot directly acquire the data to be transmitted, and the data privacy of the transmitter is ensured.
The steps of the proxy confusing transmission method are described in detail below.
In step S110, base point coordinates are determined from the elliptic curve parameters, and a first public-private key pair is generated according to the base point coordinates to send a first public key of the first public-private key pair to the selector.
In an exemplary embodiment of the present disclosure, the proxy-based transmission method includes three parties, namely a sender, a selector, and a proxy, where the sender has n pieces of data, denoted as m respectively 1 ,m 2 ,m 3 ,…,m n Wherein n is greater than or equal to 2, the selector provides k identifiers for selecting k of the n data, wherein k is greater than or equal to 1 and less than or equal to n, and the proxy calculates the data sent by the sender and the data sent by the selector to obtain k data in the n data sent by the sender.
Specifically, when n >2, 1.ltoreq.k.ltoreq.n, the protocol is referred to as n-chose k proxy transport protocol; when n=2 and k=1, the protocol is called 2-to-1 proxy transmission, and the scheme is applicable to the 2-to-1 proxy transmission method.
The elliptic curve parameters refer to parameters preset in the three above-mentioned parties, and specific to the same elliptic curve, the elliptic curve parameters may include base point coordinates, the order of the base points and cofactors, which are not particularly limited in this exemplary embodiment.
The first public-private key pair refers to a key pair generated by using base point coordinates and aimed at a sender, and includes a first public key and a first private key in the first public-private key pair, and after determining the first public-private key pair, the first public key needs to be sent to a selector.
For example, the base point coordinate G is determined from the elliptic curve parameter T, and a first public-private key pair may be generated according to the base point coordinate G, where the first public key pk is included in the first public-private key pair s First private key sk s
In an alternative embodiment, fig. 2 shows a schematic flow chart of generating a first public-private key pair according to a base point coordinate in a proxy-based transmission method, where the elliptic curve parameter includes the order of the base point, and as shown in fig. 2, the method at least includes the following steps: in step S210, a first random integer belonging to a first random interval is generated by using a random number generator; wherein the first random interval is determined according to the order.
The random number generator may be a model for generating random numbers, or may be an algorithm for generating random numbers, which is not particularly limited in the present exemplary embodiment.
The first random integer refers to a random number belonging to a first random interval, and the random number belongs to an integer, wherein the first random interval is determined according to the order of the base point.
For example, if the base point has an order N, the first random interval is determined to be [1N-2 ] based on the order N]Further, a random generator is used to generate a first random interval [1N-2 ] ]Is a first random integer d of s
In step S220, the first random integer and the base point coordinate are calculated to obtain a first public key, and the first random integer is determined as the first private key, so as to determine a first public-private key pair composed of the first public key and the first private key.
The first public key is determined by using a first random integer and a base point coordinate, and the values of the first private key and the first random integer are the same, so that a first public-private key pair consisting of the first public key and the first private key is obtained.
For example, the first random integer is d s The base point coordinate is G, specifically, a first random integer d is utilized s And the calculation process of calculating the first public key by the base point coordinate G is shown in a formula (1).
P s =(x s ,y s )=[d s ]×G (1)
Wherein P is s D is the first public key s Is a first random integer, [ d ] s ]Representing that the calculation does not exceed d s G represents the base point coordinates, and the first public key specifically includes x s And y s First private key sk s And the firstThe random integer is consistent with d s Not only the first private key sk s =d s
In this exemplary embodiment, the first public-private key pair is determined by using elliptic curve parameters, so that the complexity of calculating the first public-private key pair is reduced, and in addition, a foundation is not laid for subsequent generation of the shared key.
In step S120, a second public key sent by the selecting party is received, and a shared key shared with the selecting party is generated according to the elliptic curve parameter, the second public key and the first private key in the first public-private key pair.
In an embodiment of the present disclosure, the second public key refers to a second public key in a second public-private key pair generated using the base point coordinates at the selector, and the shared key refers to a generated key that is known only to both the sender and the selector.
For example, the second public key sent by the receiving selector is pk c The first private key is pk s Further according to elliptic curve parameters, pk c Pk and pk s A shared key K may be generated.
In an alternative embodiment, fig. 3 is a schematic flow chart of generating a shared key shared with a selector in a proxy-based transmission method, and as shown in fig. 3, the method at least includes the following steps: in step S310, a first random number belonging to the second random interval is generated by using a random number generator, and the first random number and the base point coordinates are calculated to obtain a first curve point of the elliptic curve corresponding to the elliptic curve parameter, so as to send the first curve point to the selector; wherein the second random interval is determined according to the order.
Wherein the second random interval refers to an interval determined according to the order of the base point, which is different from the first random interval, and the first random number belongs to the second random interval.
The first curve point refers to a curve point of an elliptic curve corresponding to an elliptic curve parameter obtained using the first random number and the base point coordinates, and the first curve point is transmitted to the selector after the first curve point is determined.
For example, a second random interval [1N-1 ] associated with the order N of the base point can be determined]Further, a random number generator is used to generate a first random number R belonging to the second random interval s Then, a first curve point of the elliptic curve corresponding to the elliptic curve parameter is calculated by using the formula (2), and the first curve point is transmitted to the selector after the first curve point is calculated.
R s =[r s ]×G=(x 1 ,y 1 ) (2)
Wherein R is s For the first curve point, [ r ] s ]Indicating that the calculation does not exceed the first random number r s G is the base point coordinate, and the first curve point R s From x 1 And y 1 Composition is prepared.
In step S320, a second curve point sent by the selector is received, and a shared key shared with the selector is generated based on the first curve point, the second public key, and the elliptic curve parameter.
The second curve point is a curve point of an elliptic curve corresponding to the elliptic curve parameter calculated by the selector by using a second random number and a base point coordinate, and the second random number is different from the first random number and is a random number generated by the selector by using a random number generator.
After the second curve point is obtained, a shared key known only to both the sender and the selector may be generated based on the first curve point, the second public key, and the elliptic curve parameters.
For example, a second curve point R sent by the selector is received c And based on the first curve point R s Second curve point R c Second public key pk c And elliptic curve parameters generate the shared key K.
In the present exemplary embodiment, the shared key is a key shared with the selector, so that it is ensured that the subsequent agent cannot directly obtain the data to be transmitted and the identifier, and the data privacy of the sender and the selector is ensured.
In an alternative embodiment, fig. 4 shows a schematic flow chart of generating a shared key shared with a selector in a proxy-based transmission method, where the elliptic curve parameters include cofactors, and the method at least includes the following steps as shown in fig. 4: in step S410, the order is calculated to obtain a first order calculation result.
The elliptic curve parameter also comprises a cofactor, and the first order calculation result refers to a result obtained by calculating the order.
For example, the order of the base point may be calculated by using the formula (3) to obtain the first order calculation result.
Wherein w is the first order calculation result, and n is the order of the base point.
In step S420, the first curvilinear point abscissa corresponding to the first curvilinear point and the second curvilinear point abscissa corresponding to the second curvilinear point are updated based on the first order calculation result, so as to obtain an updated first curvilinear point abscissa and an updated second curvilinear point abscissa.
The coordinate information corresponding to the first curve point includes a first curve point abscissa, and the coordinate information corresponding to the second curve point includes a second curve point abscissa, based on which the first curve point abscissa can be updated by using the first order calculation result to obtain an updated first curve point abscissa, and the second curve point abscissa can be updated by using the first order calculation result to obtain an updated second curve point abscissa.
For example, the updated first curve point abscissa is obtained using equation (4), and the updated second curve point abscissa is obtained using equation (5).
x 1’ =2 w +(x 1 &(2 W -1)) (4)
x 2’ =2 w +(x 2 &(2 W -1)) (5)
Wherein x is 1’ X is the abscissa of the updated first curve point 2’ For the updated abscissa of the second curve point, w is the first order calculation result, x 1 To the abscissa of the first curve point before updating, x 2 Is the second curve point abscissa before updating.
In step S430, a first calculation result is obtained by calculating the first random integer, the updated first abscissa of the curve point, and the first random number, and a second calculation result is generated according to the first calculation result, the cofactor, the second public key, the updated second abscissa of the curve point, and the second curve point.
The first calculation result refers to a result obtained by calculating the first random integer, the first curve point abscissa and the first random number, and the second calculation result is a result obtained by calculating the first calculation result, the cofactor, the second public key, the updated second curve point abscissa and the second curve point.
For example, a first calculation result is obtained by using the formula (6), and a second calculation result is obtained by using the formula (7).
t s =d s +x 1’ ×r s (6)
U=(h×t s )×(P c +[x 2’ ]×R c )=(x U ,y U ) (7)
Wherein t is s D is the first calculation result s X is a first random integer 1’ R is the abscissa of the updated first curve point s For the first random number, U is the second calculation result, h is the cofactor, P c X is the second public key 2’ For the updated second curve point abscissa, R c Is the second curve point.
In step S440, a shared key shared with the selector is generated according to the first hash value corresponding to the sender, the second hash value corresponding to the selector, the second calculation result, and the preset shared key length.
The first hash value refers to a hash value set by a sender for data to be sent, and correspondingly, the second hash value refers to a hash value set by a selection party for an identifier, and the preset shared key length refers to a preset character string length of the shared key.
For example, the shared key K is generated using equation (8).
K=KDF(x U ||y U ||Z A ||Z B ,klen) (8)
Wherein K is a shared key, KDF is a key derivation function, and x U And y U Z is the second calculation result A Z is the value of the hash with the first hash B For the second hash value klen is a preset shared key length.
In the present exemplary embodiment, the shared key is a key shared with the selector, so that it is ensured that the subsequent agent cannot directly obtain the data to be transmitted and the identifier, and the data privacy of the sender and the selector is ensured.
In step S130, the data to be transmitted corresponding to the transmitting side is encoded based on the shared key, and the encoding result corresponding to the data to be transmitted is transmitted to the proxy side, so that the proxy side determines the target data from the data to be transmitted.
The data to be sent refers to data of a sender, the data to be sent is encoded by utilizing a shared secret key, so that the agent cannot directly acquire the data to be sent when receiving the encoding result, the data privacy of the sender is ensured, and the target data refers to some data in the data to be sent.
For example, three random numbers are generated using equation (9).
(z0,z1,π)=prf K (t) (9)
Wherein pi takes 0 or 1, K as a shared key, prf is the same pseudo-random function set by cosine in three participants of a sender, a selector and a proxy, t is the binary code of the current propagation round number, and then three random numbers z0, z1 and pi can be obtained by using formula 1.
Based on this, the transmission direction agent transmits a result of encoding α= (α) 0 ,α 1 ) Wherein, when pi is 0, alpha 0 Is Z0 and to be treatedExclusive or result of x0 in transmission data, α 1 As an exclusive OR result of Z1 and x1 in the data to be transmitted, alpha when pi is 1 1 As an exclusive OR result of Z0 and x0 in the data to be transmitted, alpha 0 And the exclusive OR result of Z1 and x1 in the data to be transmitted is adopted to determine target data from the data to be transmitted according to the coding result.
In the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared key is generated according to the elliptic curve parameter, the second public key and the first private key in the first public-private key pair, and the first public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared key is reduced; on the other hand, the data to be transmitted is encoded by the shared secret key and then transmitted to the proxy, so that the proxy can not acquire other data except the target data in the data to be transmitted, and the data privacy of the transmitter is ensured.
Aiming at the problems in the related art, the present disclosure proposes a proxy confusing transmission method. Fig. 5 shows a flow chart of a proxy-based transmission method applied to a selecting party, and as shown in fig. 5, the proxy-based transmission method at least includes the following steps:
s510, determining base point coordinates from the elliptic curve parameters, and generating a second public-private key pair according to the base point coordinates so as to send a second public key in the second public-private key pair to a sender.
And S520, receiving the first public key sent by the sender, and generating a shared secret key shared with the sender according to the elliptic curve parameter, the first public key and the second private key in the second public-private key pair.
In step S530, the identification corresponding to the receiver is encoded based on the shared key, so that the encoding result corresponding to the identification is sent to the proxy, and the proxy determines the target data consistent with the identification number.
In the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared secret key is generated according to the elliptic curve parameter, the first public key and the second private key in the second public-private key pair, and the second public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared secret key is reduced; on the other hand, the identification is encoded by the shared secret key and then sent to the agent, so that the agent cannot directly acquire the identification, and the data privacy of the selector is ensured.
The steps of the proxy confusing transmission method are described in detail below.
In step S510, base point coordinates are determined from the elliptic curve parameters, and a second public-private key pair is generated according to the base point coordinates to transmit a second public key of the second public-private key pair to the sender.
In the exemplary embodiment of the present disclosure, the elliptic curve parameters refer to parameters preset in three parties, that is, a sender, a selector, and an agent, and for the same elliptic curve, specifically, the elliptic curve parameters may include base point coordinates, an order of a base point, and a cofactor, which is not limited in particular in the exemplary embodiment.
The second public-private key pair refers to a key pair generated by using the base point coordinates and aimed at the selecting party, and includes a second public key and a second private key in the second public-private key pair, and after determining the second public-private key pair, the second public key needs to be sent to the sending party.
For example, the base point coordinate G is determined from the elliptic curve parameter T, and a second public-private key pair may be generated according to the base point coordinate G, wherein the second public-private key pair includes the second public key pk c First private key sk c
In an alternative embodiment, fig. 6 is a schematic flow chart of generating a second public-private key pair according to the base point coordinates in a proxy-based transmission method, and as shown in fig. 6, the method at least includes the following steps: in step S610, a second random integer belonging to a third random interval is generated by using a random number generator; wherein the third random interval is determined according to the order.
The random number generator may be a model for generating random numbers, or may be an algorithm for generating random numbers, which is not particularly limited in the present exemplary embodiment.
The second random integer refers to a random number belonging to a third random interval, and the random number is an integer, wherein the third random interval is determined according to the order of the base point.
For example, if the base point has an order N, the third random interval is determined to be [1N-2 ] based on the order N]Further, a random generator is used to generate a third random interval [1N-2 ]]Second random number d of (2) c
In step S620, the second random integer and the base point coordinate are calculated to obtain a second public key, and the second random integer is determined as the second private key, so as to determine a second public-private key pair composed of the second public key and the second private key.
The second public key is determined by using a second random integer and a base point coordinate, and the second private key and the second random integer have the same value, so that a second public-private key pair consisting of the second public key and the second private key is obtained.
For example, the first random integer is d c The base point coordinate is G, specifically, a second random integer d is utilized c And the calculation process of the base point coordinate G to calculate the second public key is shown in a formula (10).
P c =(x c ,y c )=[d c ]×G (10)
Wherein P is c D is the second public key c Is a second random integer, [ d ] c ]Representing that the calculation does not exceed d c G represents the base point coordinates, and the second public key specifically includes x c And y c The second private key sk c Consistent with the second random integer being d c Not only the second private key sk c =d c
In this exemplary embodiment, the second public-private key pair is determined by using elliptic curve parameters, so that the complexity of calculating the second public-private key pair is reduced, and in addition, a foundation is not laid for subsequent generation of the shared key.
In the present exemplary embodiment, in step S520, the first public key transmitted by the sender is received, and a shared key shared with the sender is generated according to the elliptic curve parameter, the first public key, and the second private key in the second public-private key pair.
In an exemplary embodiment of the present disclosure, the first public key refers to a first public key in a first public-private key pair generated using base point coordinates at a sender, and the shared key refers to a key that is known only to both the sender and the selector.
For example, the first public key sent by the receiving sender is pk s The second private key is pk c Further according to elliptic curve parameters, pk s Pk and pk c A shared key K may be generated.
In an alternative embodiment, fig. 7 is a schematic flow chart of generating a shared key in a proxy-based transmission method, and as shown in fig. 7, the method at least includes the following steps: in step S710, a second random number belonging to the fourth random interval is generated by using the random number generator, and the second random number and the base point coordinates are calculated to obtain a second curve point of the elliptic curve corresponding to the elliptic curve parameter, so as to send the second curve point to the sender; wherein the fourth random interval is determined according to the order.
Wherein the fourth random section refers to a section which is determined according to the order of the base point and is different from the first random section, the second random section and the third random section, and the second random number belongs to the fourth random section.
The second curve point refers to a curve point of an elliptic curve corresponding to an elliptic curve parameter obtained using the second random number and the base point coordinates, and the second curve point is transmitted to the sender after the second curve point is determined.
For example, a fourth random interval [1N-1 ] associated with the order N of the base point can be determined ]Further, a second random number r belonging to a fourth random interval is generated by using a random number generator c Then, a second curve point of the elliptic curve corresponding to the elliptic curve parameter is calculated by using the formula (11), and the second curve point is transmitted to the transmitting side after the second curve point is calculated.
R c =[r c ]×G=(x 2 ,y 2 ) (11)
Wherein R is c Is the second curve point, [ r ] c ]Indicating that the calculation does not exceed the second random number r c G is the base point coordinate, and the second curve point R c From x 2 And y 2 Composition is prepared.
In step S720, the first curve point sent by the sender is received, and a shared key shared with the sender is generated based on the first curve point, the second curve point, the first public key, and the elliptic curve parameter.
The first curve point is a curve point of an elliptic curve corresponding to an elliptic curve parameter calculated by a sender by using a first random number and a base point coordinate, and the first random number is a random number generated by the sender by using a random number generator.
After the first curve point is obtained, a shared key known only to both the sender and the selector may be generated based on the first curve point, the second curve point, the first public key, and the elliptic curve parameters.
For example, a first curve point R sent by a sender is received s And based on the first curve point R s Second curve point R c First public key pk s And elliptic curve parameters generate the shared key K.
In the present exemplary embodiment, the shared key is a key shared with the selector, so that it is ensured that the subsequent agent cannot directly obtain the data to be transmitted and the identifier, and the data privacy of the sender and the selector is ensured.
In an alternative embodiment, fig. 8 shows a schematic flow chart of generating a shared key in a proxy-based transmission method, where the elliptic curve parameters include cofactors, and as shown in fig. 8, the method at least includes the following steps: in step S810, the order is calculated to obtain a second order calculation result.
The elliptic curve parameter also comprises a cofactor, and the second order calculation result refers to a result obtained by calculating the order.
For example, the order of the base point may be calculated by using the formula (3) to obtain the second order calculation result.
Wherein w is the second order calculation result, and n is the order of the base point.
In step S820, the first curve point abscissa corresponding to the first curve point and the second curve point abscissa corresponding to the second curve point are updated based on the second order calculation result, so as to obtain the updated first curve point abscissa and the updated second curve point abscissa.
The coordinate information corresponding to the first curve point includes a first curve point abscissa, the coordinate information corresponding to the second curve point includes a second curve point abscissa, based on which, the first curve point abscissa can be updated by using the second order calculation result to obtain an updated first curve point abscissa, and the second curve point abscissa can be updated by using the second order calculation result to obtain an updated second curve point abscissa.
For example, the updated first curve point abscissa is obtained using equation (4), and the updated second curve point abscissa is obtained using equation (5).
x 1’ =2 w +(x 1 &(2 W -1)) (4)
x 2’ =2 w +(x 2 &(2 W -1)) (5)
Wherein x is 1’ X is the abscissa of the updated first curve point 2’ For the updated abscissa of the second curve point, w is the second order calculation result, x 1 To the abscissa of the first curve point before updating, x 2 Is the second curve point abscissa before updating.
In step S830, a third calculation result is obtained by calculating the second random integer, the updated first curve point abscissa and the second random number, and a fourth calculation result is generated according to the third calculation result, the cofactor, the first public key, the updated second curve point abscissa and the second curve point.
The third calculation result refers to a result obtained by calculating the second random integer, the first curve point abscissa and the second random number, and the fourth calculation result is a result obtained by calculating the third calculation result, the cofactor, the first public key, the updated second curve point abscissa and the second curve point.
For example, the third calculation result is obtained by using the formula (12), and the fourth calculation result is obtained by using the formula (13).
t c =d c +x 2’ ×r c (12)
V=(h×t c )×(P s +[x 1’ ]×R S )=(x V ,y V ) (13)
Wherein t is c D, for the third calculation result c Is a second random integer, x 2’ R is the abscissa of the updated second curve point c Is the second random number, V is the fourth calculation result, h is the cofactor, P S X is the first public key 1’ For the updated first curve point abscissa, R S Is the first curve point.
In step S840, a shared key shared with the sender is generated according to the first hash value corresponding to the sender, the second hash value corresponding to the selector, the fourth calculation result, and the preset shared key length.
The first hash value refers to a hash value set by a sender for data to be sent, and correspondingly, the second hash value refers to a hash value set by a selection party for an identifier, and the preset shared key length refers to a preset character string length of the shared key.
For example, the shared key K is generated using equation (14).
K=KDF(x V ||y V ||Z A ||Z B ,klen) (14)
Wherein K is a shared key, KDF is a key derivation function, and x V And y V Z is the fourth calculation result A Z is the value of the hash with the first hash B For the second hash value klen is a preset shared key length.
In the present exemplary embodiment, the shared key is a key shared with the selector, so that it is ensured that the subsequent agent cannot directly obtain the data to be transmitted and the identifier, and the data privacy of the sender and the selector is ensured.
In step S530, the identifier corresponding to the receiving side is encoded based on the shared key, so that the encoding result corresponding to the identifier is transmitted to the proxy side, so that the proxy side determines the target data consistent with the number of identifiers.
In the exemplary embodiment of the disclosure, the identifier refers to data of the selecting party, and the identifier to be transmitted is encoded by using the shared key, so that the agent party cannot directly acquire the identifier when receiving the encoding result, the data privacy of the selecting party is ensured, and the target data is determined to be the data which is consistent with the number of the identifiers.
For example, three random numbers z0, z1, pi are generated by using the formula (9), based on which the encoding result transmitted to the proxy is selected to be β= (b exclusive or pi, zb), where b is the identity.
In the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared secret key is generated according to the elliptic curve parameter, the first public key and the second private key in the second public-private key pair, and the second public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared secret key is reduced; on the other hand, the identification is encoded by the shared secret key and then sent to the agent, so that the agent cannot directly acquire the identification, and the data privacy of the selector is ensured.
Aiming at the problems in the related art, the present disclosure proposes a proxy confusing transmission method. Fig. 9 is a schematic flow chart of a proxy-based transmission method, which is applied to a proxy, as shown in fig. 9, and the proxy-based transmission method at least includes the following steps:
s910, receiving a coding result corresponding to data to be transmitted, which is transmitted by a transmitting party; the encoding result corresponding to the data to be transmitted is obtained by the sender encoding the data to be transmitted corresponding to the sender based on a shared secret key, the shared secret key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is transmitted to the sender in a selective way, and the first public-private key pair is generated by the sender according to base point coordinates in the elliptic curve parameters.
S920, receiving a coding result corresponding to the identification, which is sent by the selector; the encoding result corresponding to the identifier is obtained by the selector encoding the identifier corresponding to the selector based on a shared key, the shared key is generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by the transmitter, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters.
In step s930, the target data with the same number as the identifiers is determined from the data to be transmitted by using the encoding result corresponding to the data to be transmitted and the encoding result corresponding to the identifiers.
The target data refers to data which is determined from the data to be transmitted and is consistent with the identification number.
For example, the target data may be determined using equation (15).
Wherein b is the identification, y is the target data,may be alpha 0 May also be alpha 1 Zb may be z1 or z0.
In the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared secret key is generated according to the elliptic curve parameter, the first public key and the second private key in the second public-private key pair, and the second public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared secret key is reduced; on the other hand, the agent side obtains the coded data to be transmitted and the identification, so that the agent side cannot directly obtain the data to be transmitted and the identification, and the data privacy of the sender and the selector is ensured; in the other aspect, the target data is data with the same identification number determined from the data to be sent, so that the proxy party does not know the data except the target data in the data to be sent, and the data privacy of each participant in the proxy confusing transmission is further ensured.
The steps of the proxy confusing transmission method are described in detail below.
In step S910, receiving a coding result corresponding to data to be transmitted, which is transmitted by the transmitting side; the encoding result corresponding to the data to be transmitted is obtained by the sender encoding the data to be transmitted corresponding to the sender based on a shared secret key, the shared secret key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is transmitted to the sender in a selective way, and the first public-private key pair is generated by the sender according to base point coordinates in the elliptic curve parameters.
Wherein, the encoding result corresponding to the data to be transmitted is consistent with that in step S130, the shared key, the elliptic curve parameter, the base point coordinate, the first private key are consistent with that in step S110, and the second public key is consistent with that in step S120.
For example, the encoded data to be transmitted by the receiving transmitter is α= (α) 0 ,α 1 ) Wherein alpha is 0 Consistent with the example in step S130, α 1 Consistent with the example in step S130.
In step S920, receiving the encoding result corresponding to the identifier sent by the selecting party; wherein the coding result corresponding to the identifier is obtained by the selector coding the identifier corresponding to the selector based on a shared key generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by the transmitter, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters
Wherein the encoding result corresponding to the identifier is consistent with that in step S530, the shared key, the elliptic curve parameter, the base point coordinates, and the second private key are consistent with that in step S510, and the first public key is consistent with that in step S520.
For example, the encoded identifier sent by the selector is β= (b exclusive or pi, zb), where pi is a pseudo-random number generated using equation (9), b is the identifier, zb is z0 when b is 0, zb is z1 when b is 1, and z0 and z1 are also pseudo-random numbers generated using equation (9).
In step S930, the target data with the number identical to the number of the identifiers is determined from the data to be transmitted, using the encoding result corresponding to the data to be transmitted and the encoding result corresponding to the identifiers.
The target data refers to data which is consistent with the identification number and is determined from the data to be transmitted.
For example, the target data may be calculated using equation (15).
In the method and the device provided by the exemplary embodiment of the disclosure, on one hand, the shared secret key is generated according to the elliptic curve parameter, the first public key and the second private key in the second public-private key pair, and the second public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared secret key is reduced; on the other hand, the agent side obtains the coded data to be transmitted and the identification, so that the agent side cannot directly obtain the data to be transmitted and the identification, and the data privacy of the sender and the selector is ensured; in the other aspect, the target data is data with the same identification number determined from the data to be sent, so that the proxy party does not know the data except the target data in the data to be sent, and the data privacy of each participant in the proxy confusing transmission is further ensured.
The proxy-based transmission method in the embodiments of the present disclosure is described in detail below with reference to an application scenario.
Fig. 10 schematically illustrates a schematic structure of three participants in proxy-based transmission, as shown in fig. 10, where participant 1010 is a sender, participant 1020 is a selector, and participant 1030 is a proxy.
In step S1040, the first public-private key pair is transmitted Fang Shengcheng, and the first public key is transmitted to the selector 1020, in step S1050, the selector generates a second public-private key pair, and transmits the second public key to the sender 1010, in step S1060, the sender generates a shared key based on the second public key, in step S1070, the selector generates a shared key based on the first public key, in step S1080, the shared key in step S1060 is used to encode the data to be transmitted, in step S1090, the shared key in step S1070 is used to encode the identification, and in step S1092, the target data is generated from the encoded data to be transmitted and the encoded identification.
In the application scenario, on one hand, the shared secret key is generated according to elliptic curve parameters and the first public key and the second private key in the second public-private key pair, and the second public-private key pair is determined according to the base point coordinates, so that the complexity of generating the shared secret key is reduced; on the other hand, the agent side obtains the coded data to be transmitted and the identification, so that the agent side cannot directly obtain the data to be transmitted and the identification, and the data privacy of the sender and the selector is ensured; in the other aspect, the target data is data with the same identification number determined from the data to be sent, so that the proxy party does not know the data except the target data in the data to be sent, and the data privacy of each participant in the proxy confusing transmission is further ensured.
In addition, in an exemplary embodiment of the present disclosure, a proxy-based transmission apparatus is also provided. Fig. 11 shows a schematic structural diagram of a proxy-based transmission apparatus, and as shown in fig. 11, a proxy-based transmission apparatus 1100 may include: a first generation module 1110, a second generation module 1120, and a first party module 1130. Wherein:
a first generation module 1110 configured to determine base point coordinates from the elliptic curve parameters and generate a first public-private key pair according to the base point coordinates to send a first public key of the first public-private key pair to the selector; a second generating module 1120 configured to receive a second public key sent by the selector, and generate a shared key shared with the selector according to the elliptic curve parameter, the second public key, and the first private key in the first public-private key pair; the first transmitting module 1130 is configured to encode data to be transmitted corresponding to the transmitting party based on the shared key, and transmit an encoding result corresponding to the data to be transmitted to the proxy party, so that the proxy party determines target data from the data to be transmitted.
The details of the proxy transmission device 1100 are described in detail in the corresponding proxy transmission method, and thus are not described herein.
In addition, in an exemplary embodiment of the present disclosure, a proxy-based transmission apparatus is also provided. Fig. 12 is a schematic diagram of a proxy-based transmission apparatus, and as shown in fig. 12, a proxy-based transmission apparatus 1200 may include: a third generation module 1210, a fourth generation module 11220, and a second forwarding module 1230. Wherein:
a third generating module 1210 configured to determine base point coordinates from the elliptic curve parameters and generate a second public-private key pair according to the base point coordinates to send a second public key of the second public-private key pair to the sender; a fourth generation module 1220 configured to receive the first public key sent by the sender and generate a shared key shared with the sender according to the elliptic curve parameter, the first public key, and the second private key in the second public-private key pair; the second transmitting module 1230 is configured to encode the identifier corresponding to the receiving side based on the shared key, so as to transmit the encoding result corresponding to the identifier to the agent, so that the agent determines the target data consistent with the number of identifiers.
In addition, in an exemplary embodiment of the present disclosure, a proxy-based transmission apparatus is also provided. Fig. 13 shows a schematic structural diagram of a proxy-based transmission apparatus, and as shown in fig. 13, the proxy-based transmission apparatus 1300 may include: a first receiving module 1310, a second receiving module 1320, and a determining module 1330. Wherein:
A first receiving module 1310 configured to receive a coding result corresponding to data to be transmitted, which is transmitted by a transmitting side; the method comprises the steps that a sender encodes data to be sent corresponding to the sender based on a shared secret key, wherein the shared secret key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is sent to the sender in a selective way, and the first public-private key pair is generated by the sender according to base point coordinates in the elliptic curve parameters; a second receiving module 1320 configured to receive a result of encoding corresponding to the identifier, which is sent by the selecting party; the method comprises the steps that a coding result corresponding to an identifier is obtained by a selector coding the identifier corresponding to the selector based on a shared secret key, the shared secret key is generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by a transmitting direction, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters; the determining module 1330 is configured to determine, from the data to be sent, target data consistent with the number of identifiers, using the encoding result corresponding to the data to be sent and the encoding result corresponding to the identifiers.
The details of the proxy transmission apparatus 1300 are described in detail in the corresponding proxy transmission method, and thus are not described herein.
It should be noted that although the modules or units of the proxy-confusing transmission apparatus 1100, the proxy-confusing transmission apparatus 1200, and the proxy-confusing transmission apparatus 1300 are mentioned in the above detailed description, such division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
In addition, in an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
An electronic device 1400 according to such an embodiment of the invention is described below with reference to fig. 14. The electronic device 1400 shown in fig. 14 is merely an example and should not be construed as limiting the functionality and scope of use of embodiments of the present invention.
As shown in fig. 14, the electronic device 1400 is embodied in the form of a general purpose computing device. Components of electronic device 1400 may include, but are not limited to: the at least one processing unit 1410, the at least one memory unit 1420, a bus 1430 connecting the different system components (including the memory unit 1420 and the processing unit 1410), and a display unit 1440.
Wherein the storage unit stores program code that is executable by the processing unit 1410 such that the processing unit 1410 performs steps according to various exemplary embodiments of the present invention described in the above section of the "exemplary method" of the present specification.
The memory unit 1420 may include readable media in the form of volatile memory units, such as Random Access Memory (RAM) 1421 and/or cache memory 1422, and may further include Read Only Memory (ROM) 1423.
The memory unit 1420 may also include a program/usage tool 1424 having a set (at least one) of program modules 1425, such program modules 1425 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which may include the reality of a network environment, or some combination thereof.
Bus 1430 may be a local bus representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or using any of a variety of bus architectures.
The electronic device 1400 may also communicate with one or more external devices 1470 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 1400, and/or any device (e.g., router, modem, etc.) that enables the electronic device 1400 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 1450. Also, electronic device 1400 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 1460. As shown, the network adapter 1460 communicates with other modules of the electronic device 1400 via the bus 1430. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 1400, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, and includes several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, a computer-readable storage medium having stored thereon a program product capable of implementing the method described above in the present specification is also provided. In some possible embodiments, the various aspects of the invention may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the invention as described in the "exemplary methods" section of this specification, when said program product is run on the terminal device.
Referring to fig. 15, a program product 1500 for implementing the above-described method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (14)

1. A proxy confusing transmission method applied to a sender, the method comprising:
determining base point coordinates from elliptic curve parameters, and generating a first public-private key pair according to the base point coordinates so as to send a first public key in the first public-private key pair to a selector;
receiving a second public key sent by the selector, and generating a shared key shared with the selector according to the elliptic curve parameter, the second public key and a first private key in the first public-private key pair;
and encoding the data to be transmitted corresponding to the sender based on the shared secret key, and transmitting an encoding result corresponding to the data to be transmitted to an agent, so that the agent determines target data from the data to be transmitted.
2. The proxy-based transmission method of claim 1, wherein the elliptic curve parameters include the order of the base points;
the generating a first public-private key pair according to the base point coordinates comprises:
generating a first random integer belonging to a first random interval by using a random number generator; wherein the first random interval is determined according to the order;
and calculating the first random integer and the base point coordinate to obtain a first public key, and determining the first random integer as a first private key to determine a first public-private key pair consisting of the first public key and the first private key.
3. The proxy-based transmission method of claim 2, wherein the generating a shared key shared with the selector based on the elliptic curve parameter, the second public key, and a first private key of the first public-private key pair comprises:
generating a first random number belonging to a second random interval by using the random number generator, and calculating the first random number and the base point coordinates to obtain a first curve point of an elliptic curve corresponding to the elliptic curve parameter so as to send the first curve point to a selector; wherein the second random interval is determined according to the order;
And receiving a second curve point sent by the selector, and generating a shared key shared with the selector based on the first curve point, the second public key and the elliptic curve parameter.
4. A proxy confusing transmission method according to claim 3, wherein said elliptic curve parameter comprises a cofactor;
the generating a shared key shared with the selector based on the first curve point, the second public key, and the elliptic curve parameter includes:
calculating the orders to obtain a first order calculation result;
updating a first curve point abscissa corresponding to the first curve point and a second curve point abscissa corresponding to the second curve point based on the first order calculation result, so as to obtain an updated first curve point abscissa and an updated second curve point abscissa;
calculating the first random integer, the updated first curve point abscissa and the first random number to obtain a first calculation result, and generating a second calculation result according to the first calculation result, the cofactor, the second public key, the updated second curve point abscissa and the second curve point;
And generating a shared key shared with the selector according to the first hash value corresponding to the sender, the second hash value corresponding to the selector, the second calculation result and a preset shared key length.
5. A proxy confusing transmission method applied to a selector, the method comprising:
determining base point coordinates from elliptic curve parameters, and generating a second public-private key pair according to the base point coordinates so as to send a second public key in the second public-private key pair to a sender;
receiving a first public key sent by the sender, and generating a shared key shared with the sender according to the elliptic curve parameter, the first public key and a second private key in the second public-private key pair;
and encoding the identification corresponding to the receiver based on the shared secret key, and sending an encoding result corresponding to the identification to the proxy, so that the proxy determines target data consistent with the identification in number.
6. The proxy-based transmission method of claim 5, wherein the elliptic curve parameters include the order of the base points;
the generating a second public-private key pair according to the base point coordinates comprises the following steps:
Generating a second random integer belonging to a third random interval by using a random number generator; wherein the third random interval is determined according to the order;
and calculating the second random integer and the base point coordinate to obtain a second public key, and determining the second random integer as a second private key to determine a second public-private key pair consisting of the second public key and the second private key.
7. The proxy-based transmission method of claim 6, wherein the generating a shared key with the sender based on the elliptic curve parameter, the first public key, and a second private key in the second public-private key pair comprises:
generating a second random number belonging to a fourth random interval by using the random number generator, and calculating the second random number and the base point coordinates to obtain a second curve point of an elliptic curve corresponding to the elliptic curve parameter so as to send the second curve point to a sender; wherein the fourth random interval is determined according to the order;
and receiving a first curve point sent by the sender, and generating a shared key shared with the sender based on the first curve point, the second curve point, the first public key and the elliptic curve parameter.
8. The proxy confusing transmission method according to claim 7, wherein said elliptic curve parameter comprises a cofactor;
the generating a shared key shared with the sender based on the first curve point, the second curve point, the first public key, and the elliptic curve parameter includes:
calculating the order to obtain a second order calculation result;
updating a first curve point abscissa corresponding to the first curve point and a second curve point abscissa corresponding to the second curve point based on the second order calculation result respectively to obtain an updated first curve point abscissa and an updated second curve point abscissa;
calculating the second random integer, the updated first curve point abscissa and the second random number to obtain a third calculation result, and generating a fourth calculation result according to the third calculation result, the cofactor, the first public key, the updated second curve point abscissa and the second curve point;
and generating a shared key shared with the sender according to the first hash value corresponding to the sender, the second hash value corresponding to the selector, the fourth calculation result and a preset shared key length.
9. A proxy confusing transmission method applied to a proxy, the method comprising:
receiving a coding result corresponding to data to be transmitted, which is transmitted by a transmitting side; the encoding result corresponding to the data to be transmitted is obtained by the transmitting side encoding the data to be transmitted corresponding to the transmitting side based on a first shared key, the first shared key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is transmitted to the transmitting side in a selected direction, and the first public-private key pair is generated by the transmitting side according to base point coordinates in the elliptic curve parameters;
receiving a coding result which is sent by a selector and corresponds to the identification; the encoding result corresponding to the identifier is obtained by the selector encoding the identifier corresponding to the selector based on a second shared key, the second shared key is generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by a transmitting party, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters;
And determining target data with the same number as the identification from the data to be transmitted by using the coding result corresponding to the data to be transmitted and the coding result corresponding to the identification.
10. A proxy confusing transmission device for a sender, comprising:
the first generation module is configured to determine base point coordinates from elliptic curve parameters, and generate a first public-private key pair according to the base point coordinates so as to send a first public key of the first public-private key pair to a selector;
the second generation module is configured to receive a second public key sent by the selector and generate a shared secret key shared with the selector according to the elliptic curve parameter, the second public key and a first private key in the first public-private key pair;
and the first sending module is configured to encode the data to be sent corresponding to the sender based on the shared secret key, and send the encoding result corresponding to the data to be sent to the proxy, so that the proxy determines target data from the data to be sent.
11. A proxy confusing transmission device for a selector, comprising:
The third generation module is configured to determine base point coordinates from elliptic curve parameters, and generate a second public-private key pair according to the base point coordinates so as to send a second public key in the second public-private key pair to a sender;
a fourth generation module configured to receive the first public key sent by the sender and generate a shared key shared with the sender according to the elliptic curve parameter, the first public key and a second private key in the second public-private key pair;
and the second sending module is configured to encode the identification corresponding to the receiver based on the shared secret key so as to send the encoding result corresponding to the identification to the proxy, so that the proxy determines target data consistent with the identification in number.
12. A proxy confusing transmission device applied to a proxy, comprising:
the first receiving module is configured to receive a coding result corresponding to data to be transmitted, which is transmitted by a transmitting party; the encoding result corresponding to the data to be transmitted is obtained by the transmitting side encoding the data to be transmitted corresponding to the transmitting side based on a first shared key, the first shared key is generated according to elliptic curve parameters, a second public key and a first private key in a first public-private key pair, the second public key is transmitted to the transmitting side in a selected direction, and the first public-private key pair is generated by the transmitting side according to base point coordinates in the elliptic curve parameters;
The second receiving module is configured to receive the coding result corresponding to the identification sent by the selector; the encoding result corresponding to the identifier is obtained by the selector encoding the identifier corresponding to the selector based on a second shared key, the second shared key is generated according to elliptic curve parameters, a first public key and a second private key in a second public-private key pair, the first public key is transmitted to the selector by a transmitting party, and the second public-private key pair is generated by the selector according to base point coordinates in the elliptic curve parameters;
and the determining module is configured to determine target data with the same number as the identification from the data to be transmitted by using the coding result corresponding to the data to be transmitted and the coding result corresponding to the identification.
13. An electronic device, comprising:
a processor;
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the proxy-confusing transmission method of any of claims 1-9 via execution of the executable instructions.
14. A computer readable storage medium on which a computer program is stored, characterized in that the computer program, when executed by a processor, implements the proxy transmission method of any of claims 1-9.
CN202111655962.7A 2021-12-30 2021-12-30 Proxy confusing transmission method and device, storage medium and electronic equipment Active CN114301702B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111655962.7A CN114301702B (en) 2021-12-30 2021-12-30 Proxy confusing transmission method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111655962.7A CN114301702B (en) 2021-12-30 2021-12-30 Proxy confusing transmission method and device, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN114301702A CN114301702A (en) 2022-04-08
CN114301702B true CN114301702B (en) 2024-01-30

Family

ID=80974519

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111655962.7A Active CN114301702B (en) 2021-12-30 2021-12-30 Proxy confusing transmission method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN114301702B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115766006A (en) * 2022-11-17 2023-03-07 上海芷锐电子科技有限公司 Key agreement method, device, electronic equipment and computer readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112055021A (en) * 2020-09-08 2020-12-08 苏州同济区块链研究院有限公司 Imperial transmission method and device based on elliptic curve
CN113259329A (en) * 2021-04-26 2021-08-13 北京信安世纪科技股份有限公司 Method and device for data inadvertent transmission, electronic equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11190496B2 (en) * 2019-02-12 2021-11-30 Visa International Service Association Fast oblivious transfers

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112055021A (en) * 2020-09-08 2020-12-08 苏州同济区块链研究院有限公司 Imperial transmission method and device based on elliptic curve
CN113259329A (en) * 2021-04-26 2021-08-13 北京信安世纪科技股份有限公司 Method and device for data inadvertent transmission, electronic equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一个高效可完全模拟的n取1茫然传输协议;魏晓超等;计算机研究与发展;第53卷(第11期);全文 *

Also Published As

Publication number Publication date
CN114301702A (en) 2022-04-08

Similar Documents

Publication Publication Date Title
CN109150499B (en) Method and device for dynamically encrypting data, computer equipment and storage medium
CN101340443B (en) Session key negotiating method, system and server in communication network
CN107483191B (en) SM2 algorithm key segmentation signature system and method
CN107483192B (en) Data transmission method and device based on quantum communication
US20180302220A1 (en) User attribute matching method and terminal
CN111931474B (en) Information table generation method, device, electronic equipment and computer readable medium
CN114301702B (en) Proxy confusing transmission method and device, storage medium and electronic equipment
US20130010953A1 (en) Encryption and decryption method
CN113032833B (en) User query method and device, storage medium and electronic equipment
CN113158247B (en) User query method and device, storage medium and electronic equipment
CN109787955B (en) Information transmission method, device and storage medium
CN114697117B (en) Verification method, device, cipher device and system based on positioning information
US20060136714A1 (en) Method and apparatus for encryption and decryption, and computer product
CN116095686A (en) Wireless transmission method, device, equipment and medium for improving safety according to requirements
CN114186990A (en) Remote control method, device and system for digital currency wallet
CN111404673B (en) Quantum key distribution method and device
CN117520970B (en) Symbol position determining method, device and system based on multiparty security calculation
JP2022533535A (en) relationship discovery
CN113538129B (en) Cross-organization privacy query request method and device
CN112926076B (en) Data processing method, device and system
KR101591323B1 (en) Data transmission terminal apparatus and data transmission method for non-repudiation of the data transmission terminal apparatus
CN116108496B (en) Method, device, equipment and storage medium for inquiring trace
CN112995205B (en) Query method, device, equipment and storage medium based on block chain
Tran et al. Kyber, Saber, and SK‐MLWR Lattice‐Based Key Encapsulation Mechanisms Model Checking with Maude
WO2024146102A1 (en) Wireless transmission method and apparatus for improving security according to requirements, and related device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant