CN114386070A - Multi-party safety intersection solving method and system - Google Patents
Multi-party safety intersection solving method and system Download PDFInfo
- Publication number
- CN114386070A CN114386070A CN202210033431.2A CN202210033431A CN114386070A CN 114386070 A CN114386070 A CN 114386070A CN 202210033431 A CN202210033431 A CN 202210033431A CN 114386070 A CN114386070 A CN 114386070A
- Authority
- CN
- China
- Prior art keywords
- cluster
- partition
- participants
- partitions
- data element
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000005192 partition Methods 0.000 claims abstract description 268
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 32
- 238000000638 solvent extraction Methods 0.000 claims abstract description 28
- 238000012545 processing Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 3
- 208000022417 sinus histiocytosis with massive lymphadenopathy Diseases 0.000 description 14
- 230000008569 process Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000003860 storage Methods 0.000 description 5
- 238000012549 training Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 230000006872 improvement Effects 0.000 description 3
- 239000000463 material Substances 0.000 description 3
- 230000000644 propagated effect Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000014509 gene expression Effects 0.000 description 2
- MZWGYEJOZNRLQE-KXQOOQHDSA-N 1-stearoyl-2-myristoyl-sn-glycero-3-phosphocholine Chemical compound CCCCCCCCCCCCCCCCCC(=O)OC[C@H](COP([O-])(=O)OCC[N+](C)(C)C)OC(=O)CCCCCCCCCCCCC MZWGYEJOZNRLQE-KXQOOQHDSA-N 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000013210 evaluation model Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000010977 jade Substances 0.000 description 1
- 238000005304 joining Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 241000894007 species Species 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the specification discloses a method and a system for solving an intersection safely by multiple parties, wherein two or more parties are involved, each party is provided with a first cluster and a second cluster, and the first cluster of each party stores a private data set of the first cluster. The method is performed by one of the participants and comprises the following steps: partitioning the data elements in the private data set of the first cluster according to a preset partitioning algorithm to obtain a plurality of local partitions; obtaining the multilevel ciphertext of the data elements in each local partition by the first cluster under the assistance of the second cluster of other participants, and obtaining the multilevel ciphertext of the data elements in each partition of other participants by the first cluster of the second cluster assisting other participants; and obtaining intersection solving results corresponding to the local partitions through the first cluster, and determining the intersection of the private data sets of the participants through the first cluster based on the intersection solving results corresponding to the local partitions.
Description
Technical Field
The present disclosure relates to the field of information technology, and in particular, to a method and system for solving an intersection safely among multiple parties.
Background
PSI (Private Set Intersection), also called Secure Intersection (or Secure Intersection for short), is one of the basic functions of Secure Multi-Party computing (SMPC or MPC for short). When multiple parties respectively hold private data sets (namely private sets), the PSI can enable any party to obtain the intersection of the private data sets of the parties on the premise of protecting the data privacy of the parties. At present, especially in the case of big data, it is desirable to provide an efficient secure transaction method.
Disclosure of Invention
One of the embodiments of the present specification provides a method for solving an intersection safely by multiple parties, which involves two or more parties, where each party is deployed with a first cluster and a second cluster, and the first cluster of each party stores its private data set, where the private data set includes multiple data elements; the method is performed by one of the participants and comprises the following steps: partitioning the data elements in the private data set of the first cluster according to a preset partitioning algorithm to obtain a plurality of local partitions; the partition algorithm enables the plurality of local partitions to be in one-to-one correspondence with a plurality of partitions obtained by other participants, and the partitions to which the same data elements in privacy data sets of different participants belong correspond; obtaining a multilevel ciphertext of a data element in each local partition by the first cluster under the assistance of a second cluster of other participants; the multilevel ciphertext of the data element is obtained by encrypting the data element for two times or more by using an exchangeable encryption algorithm; assisting the first cluster of other participants to obtain the multilevel ciphertext of the data elements in each partition of the other participants through the second cluster; obtaining intersection solving results corresponding to local partitions through the first cluster, wherein the intersection solving results corresponding to the partitions indicate intersections of the multilevel ciphertexts of the data elements in the partitions and the multilevel ciphertexts of the data elements in the partitions of other participants corresponding to the partitions; and determining the intersection of the privacy data sets of all the participants through the intersection solving result corresponding to the local multiple partitions of the first cluster.
One of the embodiments of the present specification provides a secure intersection solving system, where two or more participants are respectively deployed with the system, the system includes a first cluster and a second cluster, the first cluster of each participant stores its private data set, and the private data set includes a plurality of data elements; the first cluster is used for partitioning the data elements in the private data sets according to a preset partitioning algorithm to obtain a plurality of local partitions, wherein the local partitions are in one-to-one correspondence with the partitions obtained by other participants through the partitioning algorithm, and the partitions to which the same data elements in the private data sets of different participants belong correspond; the first cluster is further to: obtaining a multilevel ciphertext of a data element in each local partition with the assistance of a second cluster of other participants; the multilevel ciphertext of the data element is obtained by encrypting the data element for two times or more by using an exchangeable encryption algorithm; the second cluster is to: assisting the first cluster of other participants to obtain the multilevel ciphertext of the data element in each partition of the other participants; the first cluster is further used for obtaining intersection solving results corresponding to the local partitions, wherein the intersection solving results corresponding to the partitions indicate intersections of the multilevel ciphertexts of the data elements in the partition and the multilevel ciphertexts of the data elements in the partitions of other participants corresponding to the partition; the first cluster is further used for determining the intersection of the private data sets of the participants based on intersection solving results corresponding to the local multiple partitions.
Drawings
The present description will be further explained by way of exemplary embodiments, which will be described in detail by way of the accompanying drawings. These embodiments are not intended to be limiting, and in these embodiments like numerals are used to indicate like structures, wherein:
FIG. 1 is an exemplary block diagram of a multi-party secure intersection system shown in some embodiments herein;
FIG. 2 is an exemplary flow diagram of a multi-party secure intersection method, shown in some embodiments herein;
FIG. 3 is a flow diagram illustrating a method for two-party secure intersection, according to some embodiments of the present disclosure.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only examples or embodiments of the present description, and that for a person skilled in the art, the present description can also be applied to other similar scenarios on the basis of these drawings without inventive effort. Unless otherwise apparent from the context, or otherwise indicated, like reference numbers in the figures refer to the same structure or operation.
It should be understood that "system", "device", "unit" and/or "module" as used herein is a method for distinguishing different components, elements, parts, portions or assemblies at different levels. However, other words may be substituted by other expressions if they accomplish the same purpose.
As used in this specification, the terms "a", "an" and/or "the" are not intended to be inclusive of the singular, but rather are intended to be inclusive of the plural, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that steps and elements are included which are explicitly identified, that the steps and elements do not form an exclusive list, and that a method or apparatus may include other steps or elements.
Flow charts are used in this description to illustrate operations performed by a system according to embodiments of the present description. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, the various steps may be processed in reverse order or simultaneously. Meanwhile, other operations may be added to the processes, or a certain step or several steps of operations may be removed from the processes.
In the case of large data, great importance is placed on the execution efficiency of the secure transaction (PSI). It can be understood that when the data volume of the private set is large, a single device may not implement the security intersection due to limited performance or may take a long time to perform the security intersection. In some embodiments, the secure intersection may be implemented based on a computing cluster, and the execution efficiency of the secure intersection may be improved by parallel processing of multiple devices in the cluster. It is understood that a computing cluster (hereinafter referred to as a cluster) includes a plurality of computing devices, each of which may be referred to as a node.
In the multi-party secure intersection, each party has a private data set, and on the premise of not revealing the data privacy of each party, one party or each party can obtain the intersection of the private data sets of each party. For example only, the private data set may be an ID set, which may include IDs of a plurality of users, such as UID (User Identification). On the premise that the IDs of the two parties are the same and the users with the same ID are also the same, through multi-party secure intersection, the authorized party can obtain the intersection of the ID sets of the parties, so that the common users of the parties can be determined. In some application scenarios, determining a common user facilitates joining user data of different dimensions of both parties. For example, in a credit scenario, the tax bureau has tax payment data of the user, the bank has credit data of the user, and if the credit evaluation model is to be trained, the tax bureau and the bank need to determine a common user of both parties. Furthermore, the tax bureau can provide tax payment data of the common users of the two parties as characteristic data required by training, and the bank can provide credit data of the common users of the two parties as label data required by training. In some embodiments, the training herein may refer to distributed model training based on secure multi-party computing (MPC), or may refer to centralized model training based on Trusted third party devices, such as TEE (Trusted Execution Environment) devices.
FIG. 1 is an exemplary block diagram of a secure intersection system shown in accordance with some embodiments of the present description. Wherein participants (e.g., a first party and a second party) deploy the system 100, respectively. As shown in fig. 1, system 100 may include a first cluster 110 and a second cluster 120.
In some embodiments, the first cluster may employ a big data frame-based cluster (hereinafter referred to as big data cluster), such as a Spark cluster. Large data clusters can be deployed through public cloud services that can be used over public networks (e.g., the internet), which are generally cost-effective or even free.
In some embodiments, the second cluster may be used for secure computing, where secure refers to securing data during computing. Specifically, the first/second party may deploy the second cluster over the intranet to ensure high controllability in the data security aspect.
The first clusters of the parties each store a private data set, which may include a plurality of data elements. In some embodiments, the private data set of any party may be stored centrally in one first node or may be stored in a distributed manner in a plurality of first nodes. For example, when the first cluster is a Spark cluster, the private data set may be stored in the form of RDD (flexible Distributed data sets), the RDD being divided into a plurality of portions and different portions of the RDD being stored in different first nodes. In some embodiments, one or more data elements in the private data set of either party may be native data internal to the cluster, or may originate from a device external to the cluster (e.g., an external database). For example, when the first cluster is a Spark cluster, the Spark cluster may obtain the private data set to be converted from the external device, and then convert the private data set into RDD, that is, the converted private data set.
Reference may be made to fig. 2 and its associated description for the operational principles of system 100, i.e., how multi-party security intersection may be implemented.
FIG. 2 is an exemplary flow diagram of a secure intersection method, shown in accordance with some embodiments of the present description.
Two or more parties may participate in the security intersection, and in the process of multi-party security intersection, the flow performed by each party is the same, and some embodiments of the present specification mainly explain the security intersection method from the perspective of one party, as shown in fig. 2, for any party (which may be referred to as a first party for convenience in the following description), an exemplary security intersection process 200 includes:
step 210, partitioning the data elements in the private data set by the first cluster according to a preset partitioning algorithm to obtain a plurality of local partitions.
The partitioning algorithm may be such that: the local partitions correspond to partitions obtained by other parties one by one, and partitions to which the same data elements in privacy data sets of the parties belong correspond to each other. It should be appreciated that parties may agree on the partitioning algorithm to use before partitioning.
Specific partitioning algorithms are provided below as examples to understand the role of the partitioning algorithms.
In some embodiments, for any data element, the partition of the data element may be determined from the hash value of the data element. The hash function is capable of converting an input of arbitrary length to an output of fixed length, and in the case of large data, the data elements in the private data set can be relatively evenly divided into partitions.
In some embodiments, a remainder of the hash value of the data element divided by the preset value (i.e., hash value% preset value, where% represents modulo or modulo operation) may be determined, and the partition corresponding to the remainder may be determined as the partition corresponding to or belonging to the data element. It is to be understood that the local partition and the other party partition corresponding to the same remainder are mutually corresponding. In addition, one remainder may correspond to one partition, or a plurality of remainders may correspond to one partition. For example, the hash value of a certain data element is represented as 197 in decimal, if the divisor (the preset value) is 10, each remainder in 0 to 9 may correspond to a partition (in this case, the divisor is the number of partitions), and the data element is divided into partitions corresponding to the remainder 7. Of course, the remainder 0-9 may be divided into five groups of {0,1}, {2,3}, {4,5}, {6,7}, and {8,9} at regular intervals, each group corresponding to a partition, and at this time, the data element is divided into the partitions corresponding to the {6,7} group.
In some embodiments, the data elements in the private data set may be in a hashed form. For example, when the private data set is an ID set, the IDs in the ID set may be hash IDs. In the case where the data element itself is a hash value, referring to the foregoing embodiment, a remainder of dividing the data element by a preset value (i.e. a% preset value of the data element, where% represents a modulo or modulo operation) may be determined, and a partition corresponding to the remainder may be determined as a partition corresponding to the data element.
Different partitions can be stored in different first nodes, so that multiple partitions can be processed in parallel by multiple nodes, and the execution efficiency of the safe intersection can be improved. For example only, assuming that the number of partitions obtained by any one party is N, the N (N is an integer not less than 2) partitions can be processed in parallel by N first nodes in the first cluster of the party. With regard to the specific implementation of the parallel processing, reference may be made to the following description of the relevant steps.
And step 220, for each local partition, obtaining the multilevel ciphertext of each data element in the partition by the first cluster under the assistance of the second cluster of the other party.
The multilevel ciphertext of the data element may be obtained by encrypting the data element at least twice using an exchangeable encryption algorithm. The exchangeable encryption algorithm provides support for subsequently determining the intersection of the private data sets of the parties, and reference may be made to the relevant description of step 240 and step 250.
For two-party secure intersection, the multi-level ciphertext of the data element may be obtained by each of the two parties sequentially encrypting the data element (e.g., the plaintext of the data element) using the own-party key. For multi-party (assuming that there are k parties, k is greater than or equal to 3) secure intersection, the multi-level ciphertext of the data element can be obtained by each of the multiple parties sequentially encrypting the data element by using own party secret key. It can be seen that each party can encrypt the data element once by using the own party key, that is, n participants (n ≧ 2) can encrypt the data element n times in an iteration way to obtain n times of ciphertext of the data element. It should be understood that the key of any party belongs to the private information of that party and is not shared with other parties.
In some embodiments, the first cluster of the first party may encrypt each data element in its own private data set using a local key (or referred to as a first key) to obtain a local primary ciphertext of the plurality of partitioned data elements. Further, for each local partition, the first cluster of the first party may send the primary ciphertext of each data element in the partition to the second cluster of the other party. Furthermore, the second cluster of the other party may encrypt the first-level ciphertext of each data element in the partition at least once by using its own key (or referred to as a second key), obtain a multi-level ciphertext of each data element in the partition, and return the multi-level ciphertext to the first cluster of the first party. In other words, the first cluster of the first party may receive the multi-level ciphertext for each data element in the partition from the second cluster of the other party.
It should be noted that the second key mentioned in this specification is a generic term of the other party's key, that is, the other party's key is referred to as the second key regardless of whether there is one or more other parties, so as to distinguish it from the first party's own party's key.
Referring to the foregoing, for two-party secure intersection, the first cluster of the first party may send the primary ciphertext of each data element in each local partition to the second cluster of the other party (or marked as the second party), and the second cluster of the second party may encrypt the primary ciphertext of each data element in the partition by using the own key (the second key), so as to obtain the secondary ciphertext of each data element in the partition and return the secondary ciphertext to the first cluster of the first party. Thus, a first cluster of a first party may receive a secondary ciphertext for each data element in the partition from a second cluster of a second party.
Referring to the foregoing, for a multi-party (assuming that k is a party, k is greater than or equal to 3) secure intersection, a first cluster of a first party may send a primary ciphertext of each data element in each local partition to a second cluster of some other party (or denoted as a second party). The second cluster of the second party may encrypt the primary ciphertext of each data element in the partition using the own key (second key), obtain the secondary ciphertext of each data element in the partition, and send the secondary ciphertext to the second cluster of the next other party (or denoted as a third party). The second cluster of the third party may encrypt the secondary ciphertext for each data element in the partition using the own party key (also referred to as the second key with respect to the first party) to obtain the tertiary ciphertext for each data element in the partition. And repeating the steps until each data element of the partition is encrypted once by the own-party key of each participant to obtain k-level ciphertext of each data element in the partition, and finally, the encrypted participant sends the ciphertext to the first cluster of the first party.
In still other embodiments, a first cluster of a first party may send data elements of a plurality of local partitions to a second cluster (of its own), where each data element in the partitions is encrypted with a first key by the second cluster (of its own). And then, the second cluster sends the encrypted primary ciphertext of each data element in each partition to a second cluster of another party (such as a second party), or the second cluster returns the encrypted primary ciphertext of each data element in each partition to the (own) first cluster, so that the first cluster sends the primary ciphertext of each local partition to the second cluster of another party. Furthermore, the second cluster of the other party can encrypt the first-level ciphertext of each data element in each partition at least once by using the second key to obtain the multi-level ciphertext of each data element in each partition. Reference may be made to the foregoing embodiments for details of the at least one encryption process performed by the second cluster of the other party on the primary ciphertext of each partitioned data element local to the first party.
And step 230, for each partition of the other party, assisting the first cluster of the other party to obtain the multilevel ciphertext of each data element in the partition through the second cluster.
Referring to the description of step 220, a first cluster of a first party obtains a multi-level ciphertext of each data element in each local partition with the assistance of a second cluster of the other party. Equivalently, the second cluster of the first party also assists the first cluster of the other party to obtain the multi-level ciphertext of each data element in each partition of the other party.
Referring to the foregoing, for the secure intersection between the two parties, the first cluster of the second party may send the primary ciphertext of each data element in each partition to the second cluster of the first party, and the second cluster of the first party may encrypt the primary ciphertext of each data element in the partition by using a local key (first key) to obtain the secondary ciphertext of each data element in the partition and return the secondary ciphertext to the first cluster of the second party. Thus, the second cluster of the first party may assist the first cluster of the second party in obtaining the secondary ciphertext of each partitioned data element.
Referring to the foregoing, for a multi-party (assuming that k is a party k, k is greater than or equal to 3) secure intersection, the second cluster of the first party may receive at least one-stage ciphertext (such as a first-stage ciphertext or a second-stage ciphertext or more) of the partitioned data element of the other party, which is transmitted from the other party, encrypt the ciphertext by using the first key, and transmit the encrypted ciphertext to the second cluster of the next other party for next-stage encryption, or return the encrypted ciphertext to the first cluster of the party to which the partitioned data element belongs. For example, a second cluster of the first party may receive a primary ciphertext of a partitioned data element of the second party transmitted by the first cluster of the second party. The second cluster of the first party may encrypt the primary ciphertext of each data element in the partition using a key of the own party (the first key), obtain the secondary ciphertext of each data element in the partition, and send the secondary ciphertext to the second cluster of the third party. The second cluster of the third party can encrypt the second-level ciphertext of each data element in the partition by using the own-party key to obtain the third-level ciphertext of each data element in the partition. And repeating the steps until each data element of the partition of the second party is encrypted once by the own party key of each participant to obtain k-level ciphertext of each data element in the partition, and finally sending the ciphertext to the first cluster of the second party by the encrypted participant. As another example, the parties are three parties. The second cluster of the first party may receive the second-level ciphertext of the third-party partition data element transmitted by the second party (e.g., the second cluster of the second party). The second cluster of the first party may encrypt the secondary ciphertext of each data element in the partition using a key of the own party (the first key) to obtain the tertiary ciphertext of each data element in the partition and send the tertiary ciphertext to the first cluster of the third party.
It should be understood that the details of assisting encryption can also be referred to the detailed description of step 220, which is not repeated herein.
And step 250, determining the intersection of the private data sets of all parties through the first cluster based on the intersection solving result corresponding to the local multiple partitions.
The intersection result corresponding to the partition may indicate an intersection of the multilevel ciphertext of each data element in the partition and the multilevel ciphertext of each data element in the other partition corresponding to the partition.
As mentioned above, the multilevel cipher text is obtained based on a commutative encryption algorithm. The exchangeable encryption algorithm satisfies: when a plurality of keys are used for continuously encrypting the same plaintext, the finally obtained ciphertext has nothing to do with the encryption sequence. Iterative encryption using multiple keys refers to: each time encryption uses a key, each time encryption is carried out, the currently obtained ciphertext is used as input for encryption again until the final ciphertext is obtained. To facilitate understanding of the nature of the commutative algorithm, the following mathematical expression is given for the example of two encryptions: ekey2(Ekey1(M))=Ekey1(Ekey2(M)). Where key1 and key2 represent keys used for two-time encryption, E () represents the exchangeable encryption algorithm, and M represents plaintext. It can be seen that the obtained secondary ciphertext is always the same whether encrypted first using key1 or key 2.
Based on the property of the exchangeable encryption algorithm, for the same data element, although the encryption sequence corresponding to the multi-level ciphertext of the data element obtained by each party is different (for example, the encryption key used in the first encryption process corresponding to the multi-level ciphertext obtained by the first party is the key of the first party, and the encryption key used in the first encryption process corresponding to the multi-level ciphertext obtained by the second party is the key of the second party), the multi-level ciphertext of the data element finally obtained by each party is the same. Thus, the intersection of the multilevel ciphertexts of data elements may reflect the same data element. In other words, the intersection result corresponding to a local partition may reflect the same data elements in the partition and other partitions corresponding to the partition. Thus, the first cluster of the first party may determine the intersection of the private data sets of the parties based on the intersection result corresponding to the local multiple partitions.
In some embodiments, each party may send the multilevel ciphertexts of the data elements of the respective partitions to a certain party set to determine the intersection of the multilevel ciphertexts of the data elements in the partitions corresponding to each party, thereby improving the execution efficiency of the secure intersection. Furthermore, different partitions of each party can be distributed to different nodes of a certain party, meanwhile, the partitions corresponding to each party are guaranteed to be sent to the same node, and the intersection is obtained by the corresponding node for the multilevel ciphertexts of the data elements in the partitions corresponding to each party. The certain party may be the first party or some other party (such as the second party or the third party in the foregoing example) or an independent party device whose data does not participate in the security intersection. In some embodiments, the first cluster of the first party may send the multi-level ciphertext for each data element in each local partition to the second cluster (of its own party) or the other second cluster or the independent party device. Furthermore, the second cluster of the first party or the second cluster of the other party or the independent party device finds an intersection of the received multilevel ciphertext of each data element in the partition and the multilevel ciphertext of each data element in the partition of the other party corresponding to the partition, obtains an intersection finding result corresponding to the partition, and sends the intersection finding result to the first cluster of the first party. In other words, the first cluster of the first party may receive the intersection result corresponding to the partition from the second cluster of the first party or the second cluster of the other party or the independent party device. According to the related encrypted content, the first clusters of all the parties can obtain multi-level ciphertexts under the condition of no direct interaction, on the basis, the first clusters of all the parties can obtain intersection solving results corresponding to a plurality of partitions so as to determine intersection of private data sets of all the parties, and in the whole safe intersection solving process, direct interaction does not exist among the first clusters of all the parties, so that data safety can be guaranteed through the second cluster for realizing safe calculation.
In some embodiments, each data element in the private data set may correspond to a number. The number may be arranged by each party for each data element in their private data set, the number corresponding to the data element one to one. It will be appreciated that the corresponding number is not changed whether the data element is in plaintext form or ciphertext form. That is, the plaintext and the multilevel ciphertext of the same data element correspond to the same number. In some embodiments, each party may send the multilevel ciphertext of the data element of each partition to a certain party, and send the number corresponding to each data element together. For example, a first cluster of the first party may send the multilevel ciphertexts and corresponding numbers of the data elements in each local partition to a second cluster (of its own party) or the other party second cluster or an independent party device. Correspondingly, the intersection result corresponding to the local partition of the first party may include the own number corresponding to the intersection of the multilevel ciphertext of each data element in the partition and the multilevel ciphertext of each data element in the partition of the other party corresponding to the partition, that is, the intersection result corresponding to any partition may include the own number of the same data element in the partition and the partition of the other party corresponding to the partition. Through the corresponding relation of the numbers, the first party can quickly acquire the data element plaintext corresponding to the intersection solving result without decrypting the multilevel ciphertext in the intersection solving result, so that the intersection solving efficiency is further improved, and the significance is more remarkable in a big data scene. Because the numbers of all parties are arranged by self, the multilevel ciphertext of the data element and the corresponding number I are sent to one party, and extra information leakage cannot be caused. After the certain party obtains the intersection of the partitions, the number sets of different participants corresponding to the intersection of the partitions can be naturally obtained, and the certain party can correspondingly send the numbers of the different parties corresponding to the intersection to the parties, so that the parties can quickly obtain the data element plaintext corresponding to the intersection result without decrypting the multilevel ciphertext in the intersection result.
In some embodiments, to improve the efficiency of execution of the secure intersection, one or more of the following steps may be in parallel: a step of obtaining a multilevel ciphertext of each data element in at least part of the plurality of local partitions (refer to step 220); a step of assisting in obtaining a multilevel ciphertext for each data element in at least a portion of the plurality of other party partitions (refer to step 230); and obtaining an intersection result corresponding to at least part of the local multiple partitions (refer to step 240). As an example, a first partition local to a first party is stored on a first node 110-1, and a second partition is stored on a second node 110-2; the first node 110-1 of the first party obtains the secondary ciphertext of each data element of the first partition under the cooperation of a certain second node (such as the second node 120-1) of the second party, the first node 110-2 of the first party obtains the secondary ciphertext of each data element of the second partition under the cooperation of a certain second node (such as the second node 120-2) of the second party, and then the first party obtains the multi-level ciphertext of the data elements in each local partition in parallel under the assistance of the second clusters of other participating parties through the first cluster. For another example, the second node 120-1 of the first party may assist the first node 110-1 of the second party to obtain the second-level ciphertext of each data element of the first partition of the second party, and the second node 120-2 of the first party assists the first node 110-2 of the second party to obtain the second-level ciphertext of each data element of the second partition of the second party, so that the first party assists the first clusters of other participants to obtain the multi-level ciphertext of each data element in each partition of other participants in parallel through the second cluster. For another example, the first node 110-1 of the first party may obtain the intersection result corresponding to the first partition from a certain second node (e.g., the second node 120-1) of the own second cluster, and the first node 110-2 of the first party may obtain the intersection result corresponding to the second partition from a certain second node (e.g., the second node 120-2) of the own second cluster, so that the first party obtains the intersection result corresponding to each local partition in parallel through the first cluster.
In some embodiments, the intersection result corresponding to the local partitions may be distributively stored in the first cluster. For example, the intersection result corresponding to each partition local to the first party may be distributively stored at a plurality of first nodes of the first cluster of the first party. Specifically, for each local partition, the first node storing the partition may determine, based on the intersection result corresponding to the partition, the same data element in the partition and the other party partition corresponding to the partition as part of the intersection of the respective private data sets, and the intersection of the respective private data sets may be distributively stored in the first cluster. In still other embodiments, each first node may uniformly send a part of the intersection of the private data sets obtained by itself to one of the first nodes (or referred to as a target first node) for storage, so that the intersection of the private data sets may be centrally stored in the target first node in the first cluster.
It is understood that two or more parties may each execute the process shown in fig. 2 to cooperatively complete the multi-party security intersection. In order to provide a more intuitive understanding of the interaction process, the following embodiment of two-party secure intersection is provided as a reference.
FIG. 3 is a flow diagram illustrating a method for two-party secure intersection, according to some embodiments of the present disclosure. Wherein the two parties include a first party and a second party.
As shown in fig. 3, each party may be deployed with a Spark cluster and a second cluster (referred to as a PSI cluster) for implementing secure computations. The Spark clusters of both parties respectively store respective private data sets, and each private data set includes a plurality of data elements (elements). For example, the first party's private data set may include data element B, A, G and the second party's private data set may include data element A, B, C. The private data sets may be converted to RDDs by the Spark clusters of both parties.
The Spark cluster of each party may add a number to each data element in the RDD, and the number may also be referred to as a line number (line) because each data element is organized in a data column.
The Spark cluster of each party can perform a map operation on the RDD, where the map operation uses a first function (denoted as f1), and f1 has the role of encrypting data elements of each line in the RDD by an exchangeable encryption algorithm using a local key (referred to as local encryption). Through map (f1), the Spark cluster of each party can obtain the primary ciphertext of each data element in the RDD. For example, a first party Spark cluster may obtain a primary ciphertext E1(B) of data element B, a primary ciphertext E1(a) of data element a, and a primary ciphertext E1(G) of data element G, and a second party Spark cluster may obtain a primary ciphertext E1(a) of data element a, a primary ciphertext E1(B) of data element B, and a primary ciphertext E1(C) of data element C. After local encryption (i.e. first encryption), the data elements in the RDD are in a primary ciphertext form.
Then, the spare cluster of each party may perform a partitioning operation on the data elements in the RDD by using a preset partitioning algorithm. Since the RDD itself is a distributed storage (i.e., it itself has multiple partitions), the partitioning operation here is equivalent to repartitioning. It will be appreciated that both parties may agree in advance on the algorithm to be used for repartitioning. The partitioning algorithm is such that: the plurality of partitions obtained by the first party and the plurality of partitions obtained by the second party are in one-to-one correspondence, and the partitions where the same data elements in the privacy data sets of the parties are located correspond to each other. For example, the partitioning algorithm may be to compute a hash value of the plaintext of the data element; determining the remainder of the hash value of the plaintext of the data element divided by the preset value, determining the partition corresponding to the remainder as a new partition to which the primary ciphertext of the data element belongs, and after re-partitioning, wherein the RDD of the first party comprises a partition 1-1 and a partition 1-2, the RDD of the second party comprises a partition 2-1 and a partition 2-2, the partition 1-1 and the partition 2-1 correspond to each other, and the partition 1-2 and the partition 2-2 correspond to each other. The same data element A in the two private data sets falls in the partition 1-1 and the partition 2-1 corresponding to each other, and the same data element B in the two private data sets falls in the partition 1-2 and the partition 2-2 corresponding to each other. It will be appreciated that when a data element is described as belonging to a partition, the ciphertext of that data element also belongs to that partition.
The Spark cluster of each party can execute a mapPartitions operation for each partition of the own party, where the mapPartitions operation uses a second function (denoted as f2), and f2 is used to send the primary ciphertext of each data element in the partition to the PSI cluster of the other party. Furthermore, the PSI cluster of the opposite party may encrypt the primary ciphertext of each data element in the partition by using the key thereof through the exchangeable encryption algorithm to obtain the secondary ciphertext of each data element in the partition and return the secondary ciphertext to the Spark cluster of the first party. Thus, the Spark cluster of each party can obtain the secondary ciphertext of the data element in each partition. For example, a first party's Spark cluster may obtain a secondary ciphertext E2(E1(A)) for data element A and E2(E1(G)) for data element G in partition 1-1 and a primary ciphertext E1(B) for data element B in partition 1-2, and a second party's Spark cluster may obtain a secondary ciphertext E2(E1(A)) for data element A in partition 2-1 and a secondary ciphertext E2(E1(B)) for data element B and E2(E1(C)) for data element C in partition 2-2. After the encryption (i.e. the second encryption) of the other party, the data elements in the partitions are in a two-level ciphertext form.
Each party can continue to execute the mapPartitions operation on each own party, where the mapPartitions operation uses a third function (denoted as f3), and the function of f3 is to send the secondary ciphertext of each data element in the partition to one of the PSI clusters, such as the PSI cluster of the first party. Furthermore, the PSI cluster of the first party may compare the received secondary ciphertexts of the data elements in the partitions corresponding to each other, and return the comparison result to the Spark cluster of one or both parties. For example, the Spark cluster of the first party may obtain the comparison result corresponding to the partition 1-1 and the comparison result corresponding to the partition 1-2, and the Spark cluster of the second party may obtain the comparison result corresponding to the partition 2-1 and the comparison result corresponding to the partition 2-2. The comparison result corresponding to the partition (i.e., intersection calculation result corresponding to the partition) may include a line number corresponding to an intersection of the secondary ciphertext of each data element in the partition and the secondary ciphertext of each data element in the partition corresponding to the partition, that is, the comparison result corresponding to the partition may include the line number of the same data element in the partition and the partition corresponding to the partition. For example, the alignment result for partition 1-1 and partition 2-1 may include the row number of data element A, and the alignment result for partition 1-2 and partition 2-2 may include the row number of data element B. Correspondingly, the PSI cluster of the first party may send the row number 1 of the data element a on the first party to the Spark cluster of the first party, and send the row number 0 of the data element a on the second party to the Spark cluster of the second party; the PSI cluster of the first party may send the data element B to the Spark cluster of the first party at the row number 0 of the first party, and send the data element B to the Spark cluster of the second party at the row number 1 of the second party. Of course, the secondary ciphertext of each data element in the partition may also be sent to the PSI cluster of the second party or the independent party device for comparison (not shown in fig. 3).
The Spark cluster of any party can combine the comparison results corresponding to all the partitions of the own party to obtain the line number corresponding to the intersection of the private data sets of the both parties, and then the corresponding plaintext can be found through the line number to realize the safe intersection solving. For example, the Spark cluster of the first party may find the corresponding plaintext a and B by line number 1 and line number 0, and the intersection of the two privacy data sets may include the plaintext a and B. For another example, the Spark cluster of the second party may find the corresponding plaintext a and B by line number 0 and line number 1, and the intersection of the two privacy data sets may include the plaintext a and B.
It should be noted that the above description of the flow is for illustration and description only and does not limit the scope of the application of the present specification. Various modifications and alterations to the flow may occur to those skilled in the art, given the benefit of this description. However, such modifications and variations are intended to be within the scope of the present description.
The beneficial effects that may be brought by the embodiments of the present description include, but are not limited to: (1) through partitioning, the number of multi-level ciphertext pairs to be selected can be reduced when the intersection of multi-level ciphertexts is solved, and the execution efficiency of safe intersection can be further improved; (2) the multiple nodes process multiple partitions in parallel, so that the execution efficiency of the safety intersection can be improved; (3) by utilizing the first cluster based on the big data frame, the execution efficiency of the safety intersection can be improved; (4) linear expansion can be realized by simply increasing or decreasing machines (such as the first node or the second node) so as to adapt to safe intersection with larger data volume; (5) by means of the second cluster for secure computing, direct interaction between the first clusters can be reduced or even avoided, and data security can be guaranteed, such as avoiding private data disclosure. It is to be noted that different embodiments may produce different advantages, and in different embodiments, any one or combination of the above advantages may be produced, or any other advantages may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be considered merely illustrative and not restrictive of the embodiments herein. Various modifications, improvements and adaptations to the embodiments described herein may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the embodiments of the present specification and thus fall within the spirit and scope of the exemplary embodiments of the present specification.
Also, the description uses specific words to describe embodiments of the description. Reference to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the specification. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the specification may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the embodiments of the present description may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereof. Accordingly, aspects of embodiments of the present description may be carried out entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.), or by a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the embodiments of the present specification may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
The computer storage medium may comprise a propagated data signal with the computer program code embodied therewith, for example, on baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, etc., or any suitable combination. A computer storage medium may be any computer-readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer storage medium may be propagated over any suitable medium, including radio, cable, fiber optic cable, RF, or the like, or any combination of the preceding.
Computer program code required for operation of various portions of the embodiments of the present description may be written in any one or more programming languages, including an object oriented programming language such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C + +, C #, VB.NET, Python, and the like, a conventional programming language such as C, VisualBasic, Fortran2003, Perl, COBOL2002, PHP, ABAP, a dynamic programming language such as Python, Ruby, and Groovy, or other programming languages, and the like. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or processing device. In the latter scenario, the remote computer may be connected to the user's computer through any network format, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service, such as a software as a service (SaaS).
In addition, unless explicitly stated in the claims, the order of processing elements and sequences, use of numbers and letters, or use of other names in the embodiments of the present specification are not intended to limit the order of the processes and methods in the embodiments of the present specification. While various presently contemplated embodiments of the invention have been discussed in the foregoing disclosure by way of example, it is to be understood that such detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments herein. For example, although the system components described above may be implemented by hardware devices, they may also be implemented by software-only solutions, such as installing the described system on an existing processing device or mobile device.
Similarly, it should be noted that in the preceding description of embodiments of the specification, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more embodiments of the invention. This method of disclosure, however, is not intended to imply that more features are required than are expressly recited in the claims. Indeed, the embodiments may be characterized as having less than all of the features of a single embodiment disclosed above.
For each patent, patent application publication, and other material, such as articles, books, specifications, publications, documents, etc., cited in this specification, the entire contents of each are hereby incorporated by reference into this specification. Except where the application is filed in a manner inconsistent or contrary to the present specification, and except where a claim is filed in a manner limited to the broadest scope of the application (whether present or later appended to the application). It is to be understood that the descriptions, definitions and/or uses of terms in the accompanying materials of this specification shall control if they are inconsistent or contrary to the descriptions and/or uses of terms in this specification.
Finally, it should be understood that the embodiments described herein are merely illustrative of the principles of the embodiments of the present disclosure. Other variations are possible within the scope of the embodiments of the present description. Thus, by way of example, and not limitation, alternative configurations of the embodiments of the specification can be considered consistent with the teachings of the specification. Accordingly, the embodiments of the present description are not limited to only those embodiments explicitly described and depicted herein.
Claims (10)
1. A safe intersection solving method relates to two or more participants, wherein each participant is provided with a first cluster and a second cluster, the first cluster of each participant stores a private data set of the participant, and the private data set comprises a plurality of data elements;
the method is performed by one of the participants and comprises the following steps:
partitioning the data elements in the private data set of the first cluster according to a preset partitioning algorithm to obtain a plurality of local partitions; the partition algorithm enables the plurality of local partitions to be in one-to-one correspondence with a plurality of partitions obtained by other participants, and the partitions to which the same data elements in privacy data sets of different participants belong correspond;
obtaining a multilevel ciphertext of a data element in each local partition by the first cluster under the assistance of a second cluster of other participants; the multilevel ciphertext of the data element is obtained by encrypting the data element for two times or more by using an exchangeable encryption algorithm;
assisting the first cluster of other participants to obtain the multilevel ciphertext of the data elements in each partition of the other participants through the second cluster;
obtaining intersection solving results corresponding to local partitions through the first cluster, wherein the intersection solving results corresponding to the partitions indicate intersections of the multilevel ciphertexts of the data elements in the partitions and the multilevel ciphertexts of the data elements in the partitions of other participants corresponding to the partitions;
and determining the intersection of the privacy data sets of all the participants through the intersection solving result corresponding to the local multiple partitions of the first cluster.
2. The method of claim 1, wherein the first cluster is a big data processing framework based cluster and the second cluster is used to perform security computations.
3. The method of claim 1, wherein the first cluster is a Spark cluster.
4. The method of claim 1, wherein partitioning, by the first cluster, data elements in its private data set according to a preset partitioning algorithm to obtain a plurality of partitions locally comprises, by the first cluster:
calculating the hash value of the data element;
and determining the remainder of the hash value of the data element divided by the preset value, and determining the partition corresponding to the remainder as the partition to which the data element belongs.
5. The method of claim 1, wherein obtaining, by the first cluster with the assistance of the second cluster of the other participants, the multi-level ciphertext of the data elements in the local partitions comprises, for one of the local partitions:
encrypting each data element of the partition by using a first key through the first cluster to obtain a primary ciphertext of each data element in the partition;
the first-level ciphertext of each data element in the partition is sent to second clusters of other participants through the first cluster, so that the second clusters of the other participants can encrypt the first-level ciphertext of each data element in the partition at least once by using a second key to obtain multi-level ciphertexts of each data element in the partition;
receiving, by the first cluster, a multi-level ciphertext for each data element in the partition from a second cluster of the other participant;
or, the method comprises the following steps of for one local partition:
by the first cluster: sending the data elements in the partition to the second cluster such that the second cluster encrypts each data element in the partition with the first key; sending the encrypted primary ciphertext of each data element in the partition to a second cluster of other participants, so that the second cluster of other participants can encrypt the primary ciphertext of each data element in the partition at least once by using a second key to obtain a multi-level ciphertext of each data element in the partition;
a multi-level ciphertext for each data element in the partition is received by the first cluster from a second cluster of the other participants.
6. The method of claim 1, wherein assisting the first cluster of the other participants with the second cluster to obtain the multi-level ciphertext of the data elements in the partitions of the other participants comprises, for one of the partitions of the other participants:
and encrypting the at least once encrypted ciphertext of each data element in the partition by the second cluster by using the first key.
7. The method of claim 1, wherein obtaining intersection results for local partitions by the first cluster comprises, for a local one of the partitions:
by the first cluster: sending the multi-level ciphertext of each data element in the partition to a second cluster or a second cluster of other parties or an independent party device, so that the second cluster or the second cluster of other parties or the independent party device can conveniently calculate the intersection of the received multi-level ciphertext of each data element in the partition and the multi-level ciphertext of each data element in the partition of other participating parties corresponding to the partition, and obtain the intersection calculation result corresponding to the partition; and receiving the intersection result corresponding to the partition from the second cluster or the second cluster of the other party or the independent party device.
8. The method of claim 1, wherein each data element in the private data set corresponds to a number; the intersection result corresponding to any local partition comprises the numbers of the same data elements in the partition and the partitions of other participants corresponding to the partition.
9. The method of claim 1, wherein obtaining, by the first cluster and with the assistance of the second cluster of the other participants, the multi-level ciphertext of the data elements in the local partitions comprises: the method comprises the steps that a first cluster is used for obtaining multistage ciphertexts of data elements in local partitions in parallel under the assistance of second clusters of other participants;
the obtaining of the multilevel cryptograph of the data element in each partition of the other participants by the first cluster of the other participants assisted by the second cluster comprises: the second cluster assists the first cluster of other participants to parallelly obtain the multilevel ciphertexts of the data elements in the partitions of the other participants;
the obtaining of the intersection result corresponding to each local partition through the first cluster includes: and obtaining intersection solving results corresponding to local partitions in parallel through the first cluster.
10. A secure intersection solving system is provided, wherein two or more participants are respectively provided with the system, the system comprises a first cluster and a second cluster, the first cluster of each participant is stored with a private data set thereof, and the private data set comprises a plurality of data elements;
the first cluster is used for partitioning the data elements in the private data sets according to a preset partitioning algorithm to obtain a plurality of local partitions, wherein the local partitions are in one-to-one correspondence with the partitions obtained by other participants through the partitioning algorithm, and the partitions to which the same data elements in the private data sets of different participants belong correspond;
the first cluster is further to: obtaining a multilevel ciphertext of a data element in each local partition with the assistance of a second cluster of other participants; the multilevel ciphertext of the data element is obtained by encrypting the data element for two times or more by using an exchangeable encryption algorithm;
the second cluster is to: assisting the first cluster of other participants to obtain the multilevel ciphertext of the data element in each partition of the other participants;
the first cluster is further used for obtaining intersection solving results corresponding to the local partitions, wherein the intersection solving results corresponding to the partitions indicate intersections of the multilevel ciphertexts of the data elements in the partition and the multilevel ciphertexts of the data elements in the partitions of other participants corresponding to the partition;
the first cluster is further used for determining the intersection of the private data sets of the participants based on intersection solving results corresponding to the local multiple partitions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210033431.2A CN114386070A (en) | 2022-01-12 | 2022-01-12 | Multi-party safety intersection solving method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210033431.2A CN114386070A (en) | 2022-01-12 | 2022-01-12 | Multi-party safety intersection solving method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114386070A true CN114386070A (en) | 2022-04-22 |
Family
ID=81201240
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210033431.2A Pending CN114386070A (en) | 2022-01-12 | 2022-01-12 | Multi-party safety intersection solving method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114386070A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115033599A (en) * | 2022-08-12 | 2022-09-09 | 深圳市洞见智慧科技有限公司 | Graph query method, system and related device based on multi-party security |
| CN115412364A (en) * | 2022-10-19 | 2022-11-29 | 北京融数联智科技有限公司 | Method, system and medium for safely solving intersection of multiple parties without third party |
-
2022
- 2022-01-12 CN CN202210033431.2A patent/CN114386070A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115033599A (en) * | 2022-08-12 | 2022-09-09 | 深圳市洞见智慧科技有限公司 | Graph query method, system and related device based on multi-party security |
| CN115033599B (en) * | 2022-08-12 | 2022-11-11 | 深圳市洞见智慧科技有限公司 | Graph query method, system and related device based on multi-party security |
| CN115412364A (en) * | 2022-10-19 | 2022-11-29 | 北京融数联智科技有限公司 | Method, system and medium for safely solving intersection of multiple parties without third party |
| CN115412364B (en) * | 2022-10-19 | 2023-03-24 | 北京融数联智科技有限公司 | Method, system and medium for safely solving intersection of multiple parties without third party |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yang et al. | Lightweight and privacy-preserving delegatable proofs of storage with data dynamics in cloud storage | |
| Li et al. | Privacy-preserving machine learning with multiple data providers | |
| Chen et al. | BL-MLE: Block-level message-locked encryption for secure large file deduplication | |
| CN107317666B (en) | Parallel full homomorphic encryption and decryption method supporting floating point operation | |
| Liu et al. | MuR-DPA: Top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud | |
| Zhu et al. | Efficient provable data possession for hybrid clouds | |
| US9158925B2 (en) | Server-aided private set intersection (PSI) with data transfer | |
| Li et al. | A searchable symmetric encryption scheme using blockchain | |
| Abadi et al. | O-PSI: delegated private set intersection on outsourced datasets | |
| Tahir et al. | A new secure and lightweight searchable encryption scheme over encrypted cloud data | |
| CN111784001B (en) | Model training method and device and computer readable storage medium | |
| Ren et al. | Secure searching on cloud storage enhanced by homomorphic indexing | |
| Fu et al. | DIPOR: An IDA-based dynamic proof of retrievability scheme for cloud storage systems | |
| Zhu et al. | A round-optimal lattice-based blind signature scheme for cloud services | |
| CN114386070A (en) | Multi-party safety intersection solving method and system | |
| Jayapandian et al. | Secure and efficient online data storage and sharing over cloud environment using probabilistic with homomorphic encryption | |
| Lim et al. | $\mathsf {PrivateLink} $: Privacy-Preserving Integration and Sharing of Datasets | |
| Ying et al. | Reliable policy updating under efficient policy hidden fine-grained access control framework for cloud data sharing | |
| US20190081790A1 (en) | Authenticated broadcast encryption | |
| Xu et al. | Toward practical privacy-preserving linear regression | |
| Cao et al. | Analysis of One Scheme for Enabling Cloud Storage Auditing with Verifiable Outsourcing of Key Updates. | |
| Cao et al. | Committed private information retrieval | |
| Wei et al. | Efficient dynamic replicated data possession checking in distributed cloud storage systems | |
| Hou et al. | Provable Multiple-Replica Dynamic Data Possession for Big Data Storage in Cloud Computing. | |
| Li et al. | Securely outsourcing ID3 decision tree in cloud computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |