CN114374518B - PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium - Google Patents

PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium Download PDF

Info

Publication number
CN114374518B
CN114374518B CN202111493660.4A CN202111493660A CN114374518B CN 114374518 B CN114374518 B CN 114374518B CN 202111493660 A CN202111493660 A CN 202111493660A CN 114374518 B CN114374518 B CN 114374518B
Authority
CN
China
Prior art keywords
intersection
data set
sender
encrypted
receiver
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111493660.4A
Other languages
Chinese (zh)
Other versions
CN114374518A (en
Inventor
李登峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhou Rongan Digital Technology Beijing Co ltd
Original Assignee
Shenzhou Rongan Digital Technology Beijing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhou Rongan Digital Technology Beijing Co ltd filed Critical Shenzhou Rongan Digital Technology Beijing Co ltd
Priority to CN202111493660.4A priority Critical patent/CN114374518B/en
Publication of CN114374518A publication Critical patent/CN114374518A/en
Application granted granted Critical
Publication of CN114374518B publication Critical patent/CN114374518B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a PSI intersection information acquisition method with intersection counting, a device and a storage medium, which relate to the technical field of multiparty security calculation and synchronously realize the functions of counting the intersection number by a sender and obtaining correct intersection by a receiver. The main technical scheme of the invention is as follows: through reconstructing a privacy intersection PSI protocol flow based on Diffie-Hellman, in the protocol flow, a receiving party needs to acquire intersection information of two party sets but cannot acquire other set elements of a sending party except the intersection, and the sending party needs to acquire the number of the intersection but cannot acquire other information. The invention is applied to a scene that the receiver obtains the correct intersection of the sets of the two parties and supports the sender to count the intersection number.

Description

PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium
Technical Field
The invention relates to the technical field of multiparty security computation, in particular to a PSI intersection information acquisition method and device with intersection counting.
Background
Privacy cross section (PSI) computing is a specific solution in the field of multi-party security computing (MPC). The PSI protocol allows two parties holding respective sets to jointly compute the intersection operation of the two sets. At the end of a protocol interaction, one or both parties should get the correct intersection, and neither party gets any information in the other party's set outside the intersection.
At present, the PSI scheme can be applied to many practical application scenarios, such as account security detection in login services like google, new user recommendation in an address book, black and white list matching, three-factor verification, and the like.
However, for the PSI scheme deployed in the actual application scenario, while the receiver obtains the correct intersection of the sets of the two parties, it does not support the sender to count the number of intersections at the same time, that is: the existing PSI scheme does not support the synchronous realization of the function of obtaining intersection count by the sender and the function of obtaining correct intersection by the receiver, so that the sender cannot synchronously know the service effect and cannot conveniently determine further service charge amount, and the like, and it will be difficult to avoid the situation that one party can deceive the other party (for example, the receiver reduces the intersection count maliciously but the sender does not synchronously know what the specific intersection count should be). Above, the requirement for the sender to count the intersection number and the requirement for the receiver to obtain the correct intersection need to be synchronously realized, and no better solution is available.
Disclosure of Invention
In view of the above, the present invention provides a method and an apparatus for PSI with intersection counting to obtain intersection information, and mainly aims to synchronously implement a function of counting the intersection number by a sender and a function of obtaining a correct intersection by a receiver by reconstructing a DH-based PSI protocol flow, so that the sender can synchronously obtain a service effect, and a situation that one party spoofs another party due to the asynchronism of the two functions is avoided.
In order to achieve the above purpose, the present invention mainly provides the following technical solutions:
the first aspect of the present application provides a method for acquiring intersection information by PSI with intersection count, where the method includes:
reconstructing a DH-based PSI protocol flow in which a receiver receives a data set S encrypted for the first time by a sender A The receiver then uses its own private key to encrypt the first encrypted data set S A Performing a second encryption to obtain a second encrypted data set S A In which S is A Indicating a data set that the sender has;
the receiving party sets S to the second encrypted data A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And transmitted to the sender;
the sender calculates a data set S of secondary encryption operations B With a second encrypted data set S out of order A The intersection between the two and obtain the number corresponding to the intersection, wherein S B A data set S representing the data set possessed by the receiving party and the secondary encryption operation B Is first connected byData set S with recipient private key performing first encryption B And then the private key of the sender executes the data set of the secondary encryption;
the receiver processes the intersection cooperatively by using the sender and the receiver, and the receiver processes the data set S B Determining the plaintext information corresponding to each element in the intersection.
In some variations of the present application, the receiver performs the intersection cooperation process by using the sender and the receiver, and the receiver performs the intersection cooperation process from the data set S B Determining plaintext information corresponding to each element in the intersection, including:
the sender generates a data set S of each element in the intersection encrypted for the first time B Obtaining a position set corresponding to the intersection;
the sender sends the collection and the position collection to a receiver;
the receiver uses the inverse element of the own private key to decrypt the secondary encryption corresponding to the intersection to obtain the intersection corresponding to the remaining primary encryption, wherein the remaining primary encryption is the first encryption operation executed by the sender by using the own private key;
the receiver selects the data set S according to the position set B Determine the plaintext elements and the number of intersections.
In some variations of the present application, the method further comprises:
the receiver checks whether the elements in the corresponding intersection of the remaining one-time encryption belong to the data set S encrypted for the first time A
If so, determining that no false intersection elements exist.
In some variations of the present application,
for the data set S that the sender has A Executing a first encryption operation, specifically: sender uses private key to data set S A Each element in the data set carries out encryption operation to obtain a first encrypted data set S A
Set of data S to the recipient B Perform a first additionThe secret operation specifically comprises the following steps: receiver pair data set S using private key B Each element in the data set is encrypted to obtain a first encrypted data set S B
For the data set S A Executing a second encryption operation, specifically: the receiving party uses a private key to encrypt the first encrypted data set S A Performing encryption operation to obtain a twice-encrypted data set S A
For the data set S B Executing a second encryption operation, specifically: the sender uses a private key to encrypt the first encrypted data set S B Performing encryption operation to obtain a twice-encrypted data set S B
In some variations of the present application, if the data set S A Each element in the data set is correspondingly associated with a label so that the data set S A Corresponding to a tag data set P, the method further comprises:
the sender also uses the target private key to the data set S A Executing target encryption operation on each element to obtain a first target encrypted data set S A
The sender uses the data set S encrypted by the first target A Each element in the label data set P is used as a symmetric encryption key, and encryption operation is respectively carried out on each label correspondingly associated in the label data set P to obtain an encrypted label data set P;
on the sender side, generating the first target encrypted data set S A Obtaining a hash value set by the hash value corresponding to each element in the file;
and the sender sends the encrypted label data set P and the hash value set to a receiver.
In some variations of the present application, the receiver performs the intersection cooperation process by using the sender and the receiver, and the receiver performs the intersection cooperation process from the data set S B Determining the plaintext information correspondingly contained in the intersection, including:
the receiver processes the intersection cooperatively by using the sender and the receiverData set S B Determine element plaintext corresponding to each element in the intersection and a tag corresponding to the element plaintext in the tag data set P.
In some variations of the present application, the receiver performs the collaborative processing on the intersection using the sender and the receiver, and the receiver selects the data set S from the data set S B Determining element plaintext corresponding to each element in the intersection and a tag corresponding to the element plaintext and associated with the element plaintext in the tag data set P, including:
the sender generates a data set S encrypted for each element in the intersection at the first time B Obtaining a position set corresponding to the intersection;
the sender collects S the data encrypted for the first time according to the position collection B Extracting corresponding elements to form a subset;
the sender encrypts each element in the subset by using the target private key to obtain a second target encrypted intersection set;
the sender sends the position set and the encrypted intersection set of the second target to a receiver;
the receiver decrypts the second target encryption corresponding to the intersection set of the second target encryption by using the own private key inverse element to obtain the intersection set corresponding to the remaining first target encryption;
the receiver calculates the hash value of each element in the intersection set corresponding to the remaining first target encryption to obtain a target hash value set;
the receiving party determines a data set S encrypted in the first target by each hash value in the target hash value set A Obtaining a target position set according to the position in the corresponding hash value set;
using each element in the intersection set corresponding to the remaining first target encryption as a symmetric encryption key, searching a tag ciphertext matched with the target position in the encrypted tag data set P according to the target position determined by the target position set, and performing decryption operation on the tag ciphertext to obtain a tag data plaintext set corresponding to the intersection element;
the receiving party collects S from the data set according to the position set corresponding to the intersection B Determining intersection elements;
and the receiving party determines the corresponding relation between the intersection element and each label in the label data plaintext set according to the position set corresponding to the intersection and the target position set, so as to obtain the intersection element of the sending party and the receiving party and the label corresponding to and associated with each intersection element.
In some variations of the present application, the method further comprises:
the receiver checks whether each hash value in the set of target hash values belongs to the first set of target encrypted data S A A corresponding set of hash values;
if so, it is determined that no false intersection elements exist.
This application second aspect provides a PSI with intersect count obtains intersection information's device, and the device includes:
the reconstruction unit is used for reconstructing the PSI protocol flow based on the DH;
an encryption unit for receiving the data set S encrypted for the first time by the sender in the protocol flow A The receiver then uses its own private key to encrypt the first encrypted data set S A Performing a second encryption to obtain a second encrypted data set S A In which S is A Indicating a data set that the sender has;
a random permutation unit for the receiving party to encrypt the second encrypted data set S A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And transmitted to the sender;
a calculation unit for the sender to calculate a data set S of a secondary encryption operation B Data set S encrypted for the second time out of order A The intersection between the two and obtain the number corresponding to the intersection, wherein S B Data representing a data set possessed by the receiving party, the data of the secondary encryption operationSet S B Is a data set S that is first encrypted by a private key of a receiving party B And then the private key of the sender executes the data set of the secondary encryption;
a determination unit for the receiver to collaboratively process the intersection from the data set S by using the sender and the receiver B Determining the plaintext information correspondingly contained in the intersection.
A third aspect of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the method for PSI with intersection count to acquire intersection information as described above.
A fourth aspect of the present application provides an electronic device, comprising: the PSI with the intersection count is used for acquiring intersection information, and the processor executes the computer program to realize the method for acquiring the intersection information by the PSI with the intersection count.
By the technical scheme, the technical scheme provided by the invention at least has the following advantages:
the invention provides a PSI intersection information acquisition method and device with intersection counting, wherein a receiver receives a data set S encrypted for the first time by a sender in a protocol flow by reconstructing a DH-based PSI protocol flow A The receiving party then uses its own private key to encrypt the first encrypted data set S A Performing secondary encryption to obtain a data set S of secondary encryption A The receiving party sets S on the second encrypted data A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And transmitted to the sender, who calculates the data set S of the secondary encryption operation B Data set S encrypted for the second time out of order A The intersection between the two parties and the number corresponding to the intersection are obtained (namely the sender can know the intersection number of the data sets of the two parties), and then the two parties collaborate with the intersection to ensure that the receiver receives the data sets S B Determining the plaintext information corresponding to each element in the intersection.Compared with the prior art, the method solves the problem that the requirement of counting the intersection quantity by the sender and the requirement of obtaining the correct intersection by the receiver cannot be effectively and synchronously realized. The invention synchronously realizes the function of counting the intersection quantity by the sender and the function of obtaining correct intersection by the receiver by reconstructing the PSI protocol flow based on DH so that the sender can synchronously acquire the service effect and the condition that one party deceives the other party because the two functions are asynchronous is avoided.
The above description is only an overview of the technical solutions of the present invention, and the present invention can be implemented in accordance with the content of the description so as to make the technical means of the present invention more clearly understood, and the above and other objects, features, and advantages of the present invention will be more clearly understood.
Drawings
Various additional advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a flowchart of a method for acquiring intersection information by PSI with intersection count according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating an exemplary step of a receiving party determining an intersection of two data sets according to an embodiment of the present invention;
FIG. 3 is a schematic diagram illustrating an exemplary step of a receiving party determining each element and an associated tag corresponding to the element in an intersection of two data sets according to an embodiment of the present invention;
fig. 4 is a block diagram illustrating a PSI apparatus for acquiring intersection information with intersection count according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
The embodiment of the invention provides a PSI intersection information acquisition method with intersection counting, which synchronously realizes the functions of counting the intersection quantity by a sender and acquiring correct intersection by a receiver, as shown in figure 1.
First, it should be noted that, in the embodiment of the present invention, the function is realized by reconstructing a DH-based PSI protocol flow. The existing DH-based PSI protocol refers to a PSI scheme based on the Diffie-Hellman assumption (abbreviated as DH-PSI or DH-based PSI), which is exemplified by the PSI scheme based on the Diffie-Hellman assumption on an elliptic curve as follows:
let E be an elliptic curve system (y satisfying the definition of a large prime number P) 2 =x 3 A point of + ax + b), giving parameters of a big prime number P, integers a and b, an order n of an elliptic curve group and a base point G; let m times of a point k be expressed as k m
S A The party is used as a sender; p B The party is used as a receiving party; executing the following PSI protocol, P B The party obtains the intersection of the two parties' sets, then the PSI protocol flow based on Diffie-Hellman, for clarity of explanation, P A Sum of formula P B The operation of the recipe at different times is illustrated by the following table one:
watch 1
Figure GDA0003786617550000071
Figure GDA0003786617550000081
Analysis of the DH-based PSI scheme described above yields two basic properties: the two parties encrypt respective set elements through a private key to protect the privacy of respective data; the encryption method has commutative property, and the intersection elements after the secondary encryption have the same ciphertext (namely for the same element, the two secrets are usedKey r a And r b Two ciphertexts are equal after being encrypted according to different encryption orders).
Therefore, the receiver can only obtain the intersection element and can not obtain the information of other elements except the intersection. By utilizing the two basic characteristics, the embodiment of the invention realizes the reconstruction of the PSI protocol flow based on DH, and realizes the synchronization in the protocol flow, thereby realizing the function of counting the intersection quantity by the sender and the function of obtaining the correct intersection by the receiver.
Then, in the interaction of the protocols, the method for acquiring intersection information by PSI with intersection count provided in the embodiment of the present invention is specifically set forth as follows:
101. in the protocol flow the receiver receives a data set S which is first encrypted by the sender A The receiving party then uses its own private key to encrypt the first encrypted data set S A Performing a second encryption to obtain a second encrypted data set S A In which S is A Indicating the set of data that the sender has.
In the embodiment of the present invention, for clearly explaining the respective operations of the sender and the receiver, for example, the operations may be illustrated by using mark-related identifiers, for example: sender is marked as P A ,P A The party has a data set S A ={a 1 ,a 2 ,a 3 Check, the receiver is marked as P B ,P B The party has a data set S B ={b 1 ,b 2 ,b 3 ,...}. The requirement of the embodiment of the present invention is that P B The party needs to obtain the intersection S of the two party sets A ∩S B But P outside the intersection cannot be obtained A Other set elements of the party, P A The party needs to obtain the number of intersections but cannot obtain other information.
Let the order of the group G be n, for any element G belonging to G and random number r belonging to [0, n-1 ]]Operation g r For a group of common large integers, the operation is an operation raised to the power of r of g; for elliptic curve groups, the operation represents multiplication or scalar multiplication of a point g on an elliptic curve with an integer r. The difficulty of guaranteeing the discrete logarithm problem in the population is required.
And further, in the interaction of protocols, P is illustrated for clarity A Sum of formula P B The respective operations of the parties at different times are exemplarily explained for step 101 by means of a table format as follows:
watch two
Figure GDA0003786617550000091
Figure GDA0003786617550000101
Wherein, as shown in the second table,
Figure GDA0003786617550000102
data set S encrypted for the first time for the sender A
Figure GDA0003786617550000103
Data set S encrypted for the first time for the receiver B
Figure GDA0003786617550000104
Data set S for secondary encryption of a sender B
Figure GDA0003786617550000105
Data set S secondarily encrypted for a receiver A
And as shown in the second table, the following,
Figure GDA0003786617550000106
representing the use of a private key r A For data set S A Is subjected to an encryption operation, specifically operated as r on the elliptic curve group A Multiplication of scalar multiples or r over large integer groups A And (4) performing power operation. The operation has interchangeability, namely for the same element a, two cipher texts are obtained by encrypting the same element a by using two keys according to different sequences,
Figure GDA0003786617550000107
Figure GDA0003786617550000108
102. the receiver encrypts the second encrypted data set S A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And delivered to the sender.
103. The sender calculates a data set S of secondary encryption operations B Data set S encrypted for the second time out of order A And obtaining the number corresponding to the intersection.
Wherein S is B Data set S representing data set, secondary encryption operation, possessed by receiver B Is a data set S that is first encrypted by a private key of a receiving party B And then the private key of the sender executes the data set of the secondary encryption.
In the embodiment of the present invention, steps 102-103 are exemplarily illustrated in conjunction with Table three, especially for the convenience of clearly explaining P A Sum of formula P B The operations performed by the parties separately.
As shown in the third table below, the following,
Figure GDA0003786617550000111
data set S secondarily encrypted for a receiver A Permute () means a random permutation operation on the positions of the elements in a set, i.e. an unordered set S of twice-encrypted data A Can completely disturb P A And the party pair ciphertext corresponds to the original text.
Watch III
Figure GDA0003786617550000112
And further, at P A Party receives P B Secondary encryption set after square random permutation
Figure GDA0003786617550000113
Then, P A The specific operation of obtaining the intersection of the two parties is as follows:
P A square computing quadratic encryption set
Figure GDA0003786617550000114
Figure GDA0003786617550000115
And secondary encryption set
Figure GDA0003786617550000116
Figure GDA0003786617550000117
The intersection between them
Figure GDA0003786617550000118
Figure GDA0003786617550000119
The number of the elements of the intersection is equal to the number of the intersections of the plain texts of the two parties
Figure GDA00037866175500001110
Figure GDA0003786617550000121
The symbol | | | represents the number of elements of the set.
P A The reason why a party cannot know the specific plaintext intersection element of both parties is that P A The party can not know the position corresponding relation between the ciphertext after the second encryption and the plaintext set element, but P A The method can obtain the number of elements of the intersection of the two parties.
104. The receiver is co-processing from the data set S by using the sender and receiver pair intersection B Determining the plaintext information corresponding to each element in the intersection.
In the embodiment of the present invention, the present step 104 can be explained in detail as following steps S201 to S204, as shown in fig. 2:
s201, the sender generates a data set S in which each element in the intersection is encrypted for the first time B And obtaining a position set corresponding to the intersection.
S202, the sender sends the intersection and the position set to the receiver.
S203, the receiver uses the reverse element of the private key of the receiver to decrypt the secondary encryption corresponding to the intersection to obtain the intersection corresponding to the remaining primary encryption, and the remaining primary encryption refers to the first encryption operation executed by the sender by using the private key of the receiver.
In the embodiment of the present invention, the intersection elements received by the receiver may also be checked, specifically: the receiver checks whether the elements in the corresponding intersection of the remaining primary encryption belong to the data set S of the primary encryption A (ii) a If so, determining that no false intersection elements exist.
S204, the receiver collects S from the data set according to the position set B Determine the plaintext elements and the number of intersections.
In the embodiment of the present invention, steps S201 to S204 are exemplarily explained by the following table four, and specifically, P is respectively explained A Operation of party and P B The operations of the parties are respectively operated and cooperate to process intersections, and the following concrete statements are made:
watch four
Figure GDA0003786617550000122
Figure GDA0003786617550000131
Figure GDA0003786617550000141
As described above, for the method for acquiring intersection information by PSI with intersection count according to the embodiment of the present invention, the implementation requirements are as follows: for P A The party has a data set S A And P B The party has a data set S B ,P B It is necessary to obtain the intersection S of the two sets A ∩S B But not obtaining P outside the intersection A Other collection element of, P A The party needs to obtain the number of intersections but cannot obtain other information. Therefore, the embodiment of the invention synchronously realizes the functions of counting the intersection quantity by the sender and obtaining the correct intersection by the receiver.
Further, another method for acquiring intersection information by PSI with intersection counting is provided in the embodiments of the present invention, and the another method is based on the method provided in the previous embodiment, and provides a PSI scheme with labeled data with intersection counting function, which mainly aims at the following scenes: if the sender' S data set S A Each element in the data set is correspondingly associated with a label, so that the data set S A Corresponding to a set of tag data P. E.g. P A The party has a data set S A ={a 1 ,a 2 ,a 3 Catalogue us and corresponding tag data set P = { d = 1 ,d 2 ,d 3 Analysis, data set S A The one-to-one corresponding relation of each element and each label in the system is S A :P={a 1 :b 1 ,a 2 :d 2 ,a 3 :d 3 ,...};P B The party has a data set S B ={b 1 ,b 2 ,b 3 ,...}。
Then the requirements that this other method needs to further implement are: p B The party needs to obtain the intersection of the two party data sets and the corresponding tag data
Figure GDA0003786617550000142
And no other information is available; p A The party needs to obtain the number of elements of the intersection of the data sets of the two parties, but cannot obtain other information.
For the embodiment of the present invention, before explaining "another method for acquiring intersection information by PSI with intersection count" specifically by way of example, the following concepts need to be summarized in advance:
(1) For another PSI with intersection countMethod' for further defining data set S A And data set S B The elements stored are identifier elements, whereby the data set S A Each identifier element within the tag is associated with a tag, and the tags form a tag data set P.
(2) For another PSI method with intersection count provided in the embodiment of the present invention, it is also to reconstruct the DH-based PSI protocol flow, and for clarity explanation, for example, in order to explain respective operations of the sender and the receiver, the auxiliary explanation is still performed by using the relevant symbols and table forms adopted in the "PSI method with intersection count to obtain intersection information" exemplified in the previous embodiment.
(3) For another method for acquiring intersection information by using PSI with intersection counting provided by the embodiment of the present invention, the technical effects achieved by the method are as follows: p is A The method still needs to synchronously acquire the number of intersections of the two parties as a sender, and the specific implementation steps are the same as the steps 101 to 103 of the previous embodiment because the acquisition of the number of intersections of the two parties can not relate to the tag data set P; p is B The party as the receiving party needs to know not only what the elements of the intersection are, but also what the tag associated with each element corresponds to.
Next, first, with the aid of Table five, for P A The specific implementation process of the method for acquiring the intersection number of the two parties is explained in detail, and specifically, P is explained respectively A Sum of formula P B The method specifically states the following operations:
watch five
Figure GDA0003786617550000151
Figure GDA0003786617550000161
Figure GDA0003786617550000171
Figure GDA0003786617550000181
Figure GDA0003786617550000191
To achieve the "determination of the tags in the tag data set P corresponding to the plain text of each element in the intersection and the plain text of the element" in addition to the above embodiment P A Side operation and P B Square operations in addition to the operations of tables two to three, P A The method also needs to execute the following operations;
(1) The sender also uses the target private key to the data set S A Executing target encryption operation on each element to obtain a first target encrypted data set S A
(2) The sender uses the data set S encrypted by the first target A Each element in the label data set P is used as a symmetric encryption key, and encryption operation is respectively carried out on each label correspondingly associated in the label data set P to obtain an encrypted label data set P;
(3) Generating a first target encrypted data set S at the side of a sender A Obtaining a hash value set by the hash value corresponding to each element in the file;
(4) And the sender sends the encrypted label data set P and the hash value set to the receiver.
In particular, P is illustrated by means of the following table six A The party needs to acquire the encrypted label data set P and the hash value set and sends the encrypted label data set P and the hash value set P to the party B And (4) preparing.
Watch six
Figure GDA0003786617550000192
Figure GDA0003786617550000201
Figure GDA0003786617550000211
For table six, it should be noted that the symbol SymmetricEnc (key, data) represents a process of symmetrically encrypting plaintext data by using the key, and the used symmetric encryption algorithm may be a block cipher algorithm, a sequence cipher or an authentication encryption algorithm, etc. Symmetricendec (key, data) represents a process of decrypting a ciphertext using a key, and a correct plaintext can be recovered from the ciphertext when the same key is used in the encryption and decryption processes. The Hash (data) indicates a process of processing the data using a Hash function.
Further, in the embodiment of the present invention, as to "determine the tag corresponding to the element plaintext and the element plaintext in the tag data set P" corresponding to each element in the intersection, "the refining is as shown in fig. 3, and the concrete statement includes:
s301, the sender generates a data set S in which each element in the intersection is encrypted for the first time B Obtaining a position set corresponding to the intersection;
s302, the sender collects the data from the first encryption according to the position collection S B Extracting corresponding elements to form a subset;
s303, the sender encrypts each element in the subset by using a target private key to obtain an intersection set of second target encryption;
s304, the sender sends the intersection set of the position set and the second target encryption to the receiver;
s305, the receiver decrypts a second target encryption corresponding to the intersection set of the second target encryption by using the inverse element of the private key of the receiver to obtain an intersection set corresponding to the remaining first target encryption;
s306, the receiver calculates the hash value of each element in the intersection set corresponding to the left first target encryption to obtain a target hash value set;
s307, the receiving party determines a data set S of each hash value in the target hash value set encrypted in the first target A Obtaining a target position set according to the position in the corresponding hash value set;
the receiving party checks whether each hash value in the target hash value set belongs to the first target encrypted data set S A A corresponding set of hash values; if so, it is determined that no false intersection elements exist.
S308, each element in the intersection set corresponding to the remaining first target encryption is used as a symmetric encryption key, a tag ciphertext matched with the target position in the encrypted tag data set P is searched according to the target position determined by the target position set, and decryption operation is performed on the tag ciphertext to obtain a tag data plaintext set corresponding to the intersection element;
s309, the receiver sets S from the data set according to the position set corresponding to the intersection B Determining intersection elements;
s310, the receiving party determines the corresponding relation between the intersection elements and each label in the label data plaintext set according to the position set corresponding to the intersection and the target position set, and the intersection elements of the sending party and the receiving party and the labels corresponding to the intersection elements are obtained.
In the embodiment of the present invention, steps S301 to S310 are exemplarily explained by the following table seven, specifically, P is separately explained A Operation of the parties and P B The operations of the parties respectively operate and cooperate to process intersections, and the following concrete statements are provided:
watch seven
Figure GDA0003786617550000221
Figure GDA0003786617550000231
Figure GDA0003786617550000241
Figure GDA0003786617550000251
As described above, another method for acquiring intersection information by PSI with intersection count provided in the embodiment of the present invention meets the following requirements: p A The party has a data set S A And a set of tag data P, P B The party has a data set S B ,P B It is necessary to obtain the intersection of the two sets of identifiers and the corresponding tag data
Figure GDA0003786617550000252
And no other information is available; p A The party needs to obtain the number of elements of the intersection of the two party identifier sets, but cannot obtain other information. Therefore, the embodiment of the invention synchronously realizes the function of counting the intersection quantity by the sender and the function of obtaining the correct intersection by the receiver.
Further, as an implementation of the methods shown in fig. 1, fig. 2, and fig. 3, an embodiment of the present invention provides an apparatus for acquiring intersection information by PSI with intersection count. The embodiment of the apparatus corresponds to the embodiment of the method, and for convenience of reading, details in the embodiment of the apparatus are not repeated one by one, but it should be clear that the apparatus in the embodiment can correspondingly implement all the contents in the embodiment of the method. The device is applied to synchronization, and realizes the function of counting the intersection quantity by the sender and the function of obtaining correct intersection by the receiver, specifically as shown in fig. 4, the device comprises:
a reconstructing unit 41, configured to reconstruct a PSI protocol flow based on DH;
an encryption unit 42 for receiving the first encrypted data set S by the sender in the protocol flow at the receiver A The receiver then uses its own private key to encrypt the first encrypted data set S A Performing a second encryption to obtain a second encrypted data set S A In which S is A Presentation deliveryA data set that the party has;
a random permutation unit 43 for the receiving side to encrypt the second encrypted data set S A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And transmitted to the sender;
a calculation unit 44 for the sender to calculate a data set S of a secondary encryption operation B With said out-of-order second encrypted data set S A The intersection between the two and obtain the number corresponding to the intersection, wherein S B A data set S representing the data set possessed by the receiving party and the secondary encryption operation B Is a data set S that is first encrypted by a private key of a receiving party B And then the private key of the sender executes the data set of the secondary encryption;
a determination unit 45 for the receiver to collaborate on the intersection by using the sender and the receiver, the receiver being from the data set S B Determining the plaintext information correspondingly contained in the intersection.
In summary, embodiments of the present invention provide a method and an apparatus for PSI obtaining intersection information with intersection count, where a receiver receives a data set S encrypted by a sender for the first time in a protocol flow by reconstructing a DH-based PSI protocol flow A The receiving party then uses its own private key to encrypt the first encrypted data set S A Performing secondary encryption to obtain a data set S of secondary encryption A The receiving party sets S on the second encrypted data A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And transmitted to the sender, who calculates the data set S of the secondary encryption operation B With a second encrypted data set S out of order A The intersection between the two parties and the number corresponding to the intersection are obtained (namely the sender can know the intersection number of the data sets of the two parties), and then the two parties collaborate with the intersection to ensure that the receiver receives the data sets S B Determining the plaintext information corresponding to each element in the intersection. Compared with the prior art, the method solves the requirement that the sender can not effectively count the intersection quantity synchronouslyAnd the receiver needs to get the correct intersection. The embodiment of the invention synchronously realizes the function of counting the intersection quantity by the sender and the function of obtaining the correct intersection by the receiver by reconstructing the PSI protocol flow based on DH, so that the sender can synchronously acquire the service effect, and the condition that one party cheats the other party due to the asynchronous two functions is avoided.
The PSI device with intersection counting for acquiring intersection information comprises a processor and a memory, wherein the reconstruction unit, the encryption unit, the random replacement unit, the calculation unit, the determination unit and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the function of counting the intersection quantity by the sender and the function of obtaining the correct intersection by the receiver are synchronously realized by reconstructing the PSI protocol flow based on the DH by adjusting the kernel parameters, so that the sender can synchronously acquire the service effect, and the condition that one party cheats the other party due to the asynchronous two functions is avoided.
An embodiment of the present invention provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the method for acquiring intersection information by PSI with intersection count as described above is implemented.
An embodiment of the present invention provides an electronic device, including: the PSI acquisition intersection information processing method comprises the following steps of storing a plurality of PSI acquisition intersection information, storing the PSI acquisition intersection information in a memory, storing the PSI acquisition intersection information in the memory, and executing a computer program stored on the memory and capable of running on the processor.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), including at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both permanent and non-permanent, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional identical elements in the process, method, article, or apparatus comprising the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (9)

1. A method for PSI with intersection count to obtain intersection information, the method comprising:
reconfiguring a Diffie-Hellman based privacy exchange PSI protocol flow in which a receiver receives a data set S encrypted for the first time by a sender A The receiving party then uses its own private key to encrypt the first encrypted data set S A Performing a second encryption to obtain a second encrypted data set S A In which S is A Indicating a data set that the sender has;
the receiver encrypts the second encrypted data set S A The positions of the medium elements are randomly replaced to obtain a disordered second encrypted data set S A And transmitted to the sender;
sender computing secondary encryption operationData set S made B With a second encrypted data set S out of order A The intersection between the two and obtain the number corresponding to the intersection, wherein S B A data set S representing the data set possessed by the receiving party and the secondary encryption operation B Is a data set S that is first encrypted by a private key of a receiving party B And then the private key of the sender executes the data set of the secondary encryption;
the receiver processes the intersection cooperatively by using the sender and the receiver, and the receiver processes the data set S B Determining plaintext information corresponding to each element in the intersection specifically includes the following steps:
the sender generates a data set S of each element in the intersection encrypted for the first time B Obtaining a position set corresponding to the intersection, wherein the intersection is as follows: data set S of secondary encryption operation calculated by sender B Data set S encrypted for the second time out of order A The intersection between them;
the sender sends the collection and the position collection to a receiver;
the receiver uses the inverse element of the private key of the receiver to decrypt the secondary encryption corresponding to each element in the intersection to obtain each element in the intersection corresponding to the rest primary encryption, wherein the rest primary encryption is as follows: for each element encrypted by the two private keys in the intersection, performing encryption by using the private key of the sender without decryption after using the inverse element of the private key of the receiver; the secondary encryption corresponding to each element in the intersection refers to that each element is encrypted twice based on two private keys, namely a sender private key and a receiver private key;
the receiver selects the data set S according to the position set B Determine the plaintext elements and the number of intersections.
2. The method of claim 1, further comprising:
the receiver checks whether the elements in the corresponding intersection of the remaining one-time encryption belong to the data set S encrypted for the first time A
If so, determining that no false intersection elements exist.
3. The method of claim 1,
for the data set S that the sender has A Executing a first encryption operation, specifically: sender uses self private key to data set S A Each element in the data set is encrypted to obtain a first encrypted data set S A
Set of data S to the recipient B Executing a first encryption operation, specifically: receiver uses its own private key to data set S B Each element in the data set is encrypted to obtain a first encrypted data set S B
For the data set S A Executing a second encryption operation, specifically: the receiver uses its own private key to encrypt the first encrypted data set S A Performing encryption operation to obtain a twice-encrypted data set S A
For the data set S B Executing a second encryption operation, specifically: the sender uses its own private key to encrypt the first encrypted data set S B Performing encryption operation to obtain a twice-encrypted data set S B
4. The method of claim 1, wherein after reconstructing the Diffie-Hellman based privacy exchange PSI protocol flow, S is applied to the data set of the sender A And a data set S of a receiving party B Before PSI operation with intersection counting is executed to obtain intersection information, if the data set S A Each element in the data set is correspondingly associated with a label so that the data set S A Corresponding to a tag data set P, the method further comprises:
the sender also uses the target private key to pair the data set S A Each element in the target encryption system executes target encryption operation to obtain a first target encrypted data set S A
Used by the senderThe first target encrypted data set S A Each element in the label data set P is used as a symmetric encryption key, and encryption operation is respectively carried out on each label correspondingly associated in the label data set P to obtain an encrypted label data set P;
on the sender side, generating the first target encrypted data set S A Obtaining a hash value set by the hash value corresponding to each element in the file;
and the sender sends the encrypted label data set P and the hash value set to a receiver.
5. The method of claim 4, wherein the receiver collaborates on the intersection with the sender and the receiver, and wherein the receiver is selected from the data set S B Determining the plaintext information correspondingly contained in the intersection, including:
the receiver co-processes the intersection with the sender and receiver, the receiver being from the data set S B Determine element plaintext corresponding to each element in the intersection and a tag corresponding to the element plaintext in the tag data set P.
6. The method of claim 5, wherein the receiver collaborates from the data set S by using the intersection of the sender and receiver B Determining element plaintext corresponding to each element in the intersection and a tag corresponding to the element plaintext and associated with the element plaintext in the tag data set P, including:
the sender generates a data set S of each element in the intersection encrypted for the first time B Obtaining a position set corresponding to the intersection;
the sender collects S the data encrypted for the first time according to the position collection B Extracting corresponding elements to form a subset;
the sender encrypts each element in the subset by using the target private key to obtain a second target encrypted intersection set;
the sender sends the position set and the encrypted intersection set of the second target to a receiver;
the receiving party decrypts the second target encryption corresponding to the intersection set of the second target encryption by using the inverse element of the private key of the receiving party to obtain the intersection set corresponding to the remaining first target encryption;
the receiver calculates the hash value of each element in the intersection set corresponding to the remaining first target encryption to obtain a target hash value set;
the receiving party determines a data set S encrypted by each hash value in the target hash value set at the first target A Obtaining a target position set according to the position in the corresponding hash value set;
each element in an intersection set corresponding to the rest first target encryption is used as a key of symmetric encryption, a tag ciphertext matched with the target position in an encrypted tag data set P is searched according to the target position determined by the target position set, decryption operation is performed on the tag ciphertext, and a tag data plaintext set corresponding to the intersection element is obtained;
the receiving party collects the data set S according to the position set corresponding to the intersection B Determining intersection elements;
and the receiver determines the corresponding relation between the intersection element and each label in the label data plaintext set according to the position set corresponding to the intersection and the target position set, so as to obtain the intersection element possessed by the sender and the receiver and the label corresponding to and associated with each intersection element.
7. The method of claim 6, further comprising:
the receiving party checks whether each hash value in the target hash value set belongs to the first target encrypted data set S A A corresponding set of hash values;
if so, it is determined that no false intersection elements exist.
8. An apparatus for PSI acquisition of intersection information with intersection count, the apparatus comprising:
the reconstruction unit is used for reconstructing privacy exchange PSI protocol flow based on Diffie-Hellman;
an encryption unit for receiving the data set S encrypted for the first time by the sender in the protocol flow A The receiver then uses its own private key to encrypt the first encrypted data set S A Performing a second encryption to obtain a second encrypted data set S A In which S is A Indicating a data set that the sender has;
a random permutation unit for the receiving party to encrypt the second encrypted data set S A The positions of the middle elements are randomly replaced to obtain a disordered data set S encrypted for the second time A And transmitted to the sender;
a calculation unit for the sender to calculate a data set S of a secondary encryption operation B Data set S encrypted for the second time out of order A The intersection between the two and obtain the number corresponding to the intersection, wherein S B A data set S representing the data set possessed by the receiving party and the secondary encryption operation B Is a data set S that is first encrypted by a private key of a receiving party B And then the private key of the sender executes the data set of the secondary encryption;
a determination unit for performing the intersection cooperation processing by using the sender and the receiver, the receiver being selected from the data set S B Determining plaintext information correspondingly contained in the intersection, specifically including the following steps:
the sender generates a data set S of each element in the intersection encrypted for the first time B Obtaining a position set corresponding to the intersection, wherein the intersection is as follows: the sender calculates a data set S of secondary encryption operations B With a second encrypted data set S out of order A The intersection between them;
the sender sends the collection and the position collection to a receiver;
the receiver uses the inverse element of the private key of the receiver to decrypt the secondary encryption corresponding to each element in the intersection to obtain each element in the intersection corresponding to the rest primary encryption, wherein the rest primary encryption is as follows: for each element encrypted by the two private keys in the intersection, performing encryption by using the private key of the sender without decryption after using the inverse element of the private key of the receiver; the secondary encryption corresponding to each element in the intersection refers to that each element is encrypted twice based on two private keys, namely a sender private key and a receiver private key;
the receiving party selects from the data set S according to the position set B Determine the plaintext elements and the number of intersections.
9. A computer-readable storage medium, wherein the computer-readable storage medium has stored thereon a computer program, which when executed by a processor, implements the method for PSI acquisition intersection information with intersection count as claimed in any one of claims 1-7.
CN202111493660.4A 2021-12-08 2021-12-08 PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium Active CN114374518B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111493660.4A CN114374518B (en) 2021-12-08 2021-12-08 PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111493660.4A CN114374518B (en) 2021-12-08 2021-12-08 PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium

Publications (2)

Publication Number Publication Date
CN114374518A CN114374518A (en) 2022-04-19
CN114374518B true CN114374518B (en) 2022-10-28

Family

ID=81139707

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111493660.4A Active CN114374518B (en) 2021-12-08 2021-12-08 PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium

Country Status (1)

Country Link
CN (1) CN114374518B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114722049B (en) * 2022-05-18 2022-08-12 华控清交信息科技(北京)有限公司 Multi-party data intersection calculation method and device and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109951443A (en) * 2019-01-28 2019-06-28 湖北工业大学 The set intersection calculation method and system of secret protection under a kind of cloud environment
CN112367170A (en) * 2021-01-12 2021-02-12 四川新网银行股份有限公司 Data hiding query security sharing system and method based on multi-party security calculation
CN112434329A (en) * 2020-10-23 2021-03-02 上海点融信息科技有限责任公司 Private data intersection acquisition method, computing device and storage medium
CN113225186A (en) * 2021-05-31 2021-08-06 平安科技(深圳)有限公司 Private data intersection solving method and device, computer equipment and storage medium
CN113569267A (en) * 2021-09-23 2021-10-29 上海钐昆网络科技有限公司 Privacy safety data set intersection method, device, equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931207B (en) * 2020-08-07 2024-04-09 北京百度网讯科技有限公司 Method, device, equipment and storage medium for obtaining privacy set intersection

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109951443A (en) * 2019-01-28 2019-06-28 湖北工业大学 The set intersection calculation method and system of secret protection under a kind of cloud environment
CN112434329A (en) * 2020-10-23 2021-03-02 上海点融信息科技有限责任公司 Private data intersection acquisition method, computing device and storage medium
CN112367170A (en) * 2021-01-12 2021-02-12 四川新网银行股份有限公司 Data hiding query security sharing system and method based on multi-party security calculation
CN113225186A (en) * 2021-05-31 2021-08-06 平安科技(深圳)有限公司 Private data intersection solving method and device, computer equipment and storage medium
CN113569267A (en) * 2021-09-23 2021-10-29 上海钐昆网络科技有限公司 Privacy safety data set intersection method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN114374518A (en) 2022-04-19

Similar Documents

Publication Publication Date Title
CN107196926B (en) Cloud outsourcing privacy set comparison method and device
CN106161034B (en) RSA decryption using multiplicative secret sharing
Shankar et al. An efficient image encryption technique based on optimized key generation in ECC using genetic algorithm
CN110100422B (en) Data writing method and device based on block chain intelligent contract and storage medium
Zhou et al. Identity-based proxy re-encryption version 2: Making mobile access easy in cloud
Bogos et al. Cryptanalysis of a homomorphic encryption scheme
US20180091301A1 (en) Method and system for switching public keys in ciphertexts
Abusukhon et al. A novel network security algorithm based on private key encryption
CN111800257A (en) 3D model encryption transmission method and decryption method
EP3817323A1 (en) Encryption processing system, encryption processing method, and program
Abusukhon et al. Secure network communication based on text-to-image encryption
KR20230141845A (en) Threshold key exchange
Ahmad et al. A secure network communication protocol based on text to barcode encryption algorithm
Ahmad et al. Distributed text-to-image encryption algorithm
CN114374518B (en) PSI (program specific information) intersection information acquisition method and device with intersection counting function and storage medium
Abusukhon et al. Analyzing the efficiency of Text-to-Image encryption algorithm
Tahat et al. Hybrid publicly verifiable authenticated encryption scheme based on chaotic maps and factoring problems
Adebayo et al. Data Privacy System Using Steganography and Cryptography
Zheng et al. Improved anonymous proxy re-encryption with CCA security
CN112713989B (en) Decryption method and device
Soni Performance analysis of cascaded hybrid symmetric encryption models
Oo et al. Encryption data measurement and data security of hybrid AES and RSA algorithm
Taka Secure Communication by combined Diffe-Hellman key exchange Based AES Encryption and Arabic Text Steganography.
WO2020169996A1 (en) Matrix-based cryptographic methods and apparatus
Harjito et al. Comparative Analysis between Elgamal and NTRU Algorithms and their implementation of Digital Signature for Electronic Certificate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant