CN114513304A - Decentralized secure multiparty privacy summation calculation method and system - Google Patents

Decentralized secure multiparty privacy summation calculation method and system Download PDF

Info

Publication number
CN114513304A
CN114513304A CN202210409188.XA CN202210409188A CN114513304A CN 114513304 A CN114513304 A CN 114513304A CN 202210409188 A CN202210409188 A CN 202210409188A CN 114513304 A CN114513304 A CN 114513304A
Authority
CN
China
Prior art keywords
shared secret
participant
participants
local
privacy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210409188.XA
Other languages
Chinese (zh)
Inventor
陈嘉俊
张敬之
徐莹丽
臧铖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Zheshang Bank Co Ltd
Original Assignee
China Zheshang Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Zheshang Bank Co Ltd filed Critical China Zheshang Bank Co Ltd
Priority to CN202210409188.XA priority Critical patent/CN114513304A/en
Publication of CN114513304A publication Critical patent/CN114513304A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a decentralized security multiparty privacy summation calculation method and a decentralized security multiparty privacy summation calculation system, which can realize the security summation of private data of a cross organization/department under the condition of ensuring the secure storage, transmission and legal utilization of multiparty local data, can quickly and accurately master the user condition required in specific business without a trusted third party, not only meet the requirements of supervision and compliance, but also improve the risk control capability of a financial institution, and simultaneously maximally release the value of data elements. Meanwhile, as the number of the participants increases, the network communication cost among the multiple servers increases, the main process of the method can be in multi-node distributed parallel computing, the computing turns are constant and do not increase along with the increase of the nodes, and the method is suitable for large-scale network scenes such as finance and the like.

Description

Decentralized secure multiparty privacy summation calculation method and system
Technical Field
The invention relates to the technical field of information security and computers, in particular to a decentralized security multi-party privacy summation calculation method and system.
Background
In the credit business, the financial institutions need to jointly calculate the loan data of the enterprises so as to prevent the high risk caused by the multi-head loan and the excess loan of the individual enterprises. In the domestic and foreign linkage business in a single financial institution, domestic and foreign credit general ledger calculation of a client needs to collect domestic and foreign credit information of the client for processing. For the problem of joint statistics of data across institutions/departments, each financial institution/department usually needs to perform statistical calculation on summarized data in a centralized manner, and the calculation turns generally increase linearly with the increase of the number of institutions/departments. The traditional cross-organization/department statistical method is difficult to meet the requirements of financial services in timeliness, expansibility, safety and privacy. Therefore, how to ensure the safety and reliability of data transmission and realize cross-institution/department multiparty private data real-time interactive statistics becomes a technical challenge on the premise of legal compliance.
Disclosure of Invention
The invention aims to provide a decentralized safe multi-party privacy summation calculation method and a decentralized safe multi-party privacy summation calculation system, which can sum data of a user in a plurality of organizations/departments under the condition that the data is not local, avoid the full interaction of private data and realize decentralized data collaborative calculation.
The purpose of the invention is realized by the following technical scheme:
according to a first aspect of the present specification, there is provided a decentralized secure multi-party privacy summation computing method, comprising the steps of:
s1, screening cross users for specific services by a plurality of participants, and sorting local data of the cross users;
s2, each participant encrypts the local data code of the cross user to generate shared secret information, and then splits the shared secret information into a plurality of shared secret fragments;
s3, each participant sends the shared secret fragments to each other, verifies the received shared secret fragments respectively, and sums the received shared secret fragments with the local shared secret fragments to obtain shared secret fragment sums;
and S4, each participant provides the respective sharing secret sharding sum to the initiator, the initiator verifies the received sharing secret sharding sum respectively, then combines the received sharing secret sharding sum with the local sharing secret sharding sum, and finally decodes the local sharing secret sharding sum to obtain the data sum of all participants.
Further, in step S2, there is a step of detectingnWhen the participants are at home, each participant constructs its ownn-a polynomial of degree 1, each participant encoding the shared cross-user local data as a constant term of the polynomial and randomly generating the remaining polynomial seriesThe numbers respectively form a promise for verification aiming at all polynomial coefficients, and each participant respectively takes the promises on the respective polynomialnDot formationnA sharable shared secret.
Further, in step S3, each participant reserves one shared secret segment as a local shared secret segment, and the rest are storedn-1 shared secret shards distributed to others respectivelyn-1 participant and distributing the complete commitment of each participant to each of the other participants;
each participant verifies the received shared secret fragments respectively by using the corresponding commitments of the participants to which the shared secret fragments belong; and after all verification passes, combining and summing all the received shared secret fragments and the local shared secret fragment to obtain a shared secret fragment sum.
Further, in step S4, the participant as the initiator verifies all the received shard secrets sent by other participants respectively; after all verification passes, combining all received shared secret fragments sent by other participants with local shared secret fragments to obtain shared secret sums;
the sum of the shared secret isnData points, uniquely identified by Lagrange interpolationn1 time curve, calculatenCoefficient of curve constant of degree 1, and decoding to obtainnThe data of the home participants and.
Further, system parameters disclosed to each participant are setpqgAnd the following three conditions are satisfied:pqis a large prime number;qcan be removedp-1;gIs one of the multiplicative groupsqA rank element;
each participant constructs its ownnA polynomial of degree 1, thiPolynomial of family participant
Figure 650646DEST_PATH_IMAGE001
The following were used:
Figure 36628DEST_PATH_IMAGE002
whereinxIs the independent variable of the number of the variable,
Figure 81945DEST_PATH_IMAGE003
is a polynomial coefficient;
each participant encodes the shared local data as a constant term
Figure 696728DEST_PATH_IMAGE004
Randomly generating the remaining polynomial coefficients
Figure 714363DEST_PATH_IMAGE005
Respectively aim at
Figure 5667DEST_PATH_IMAGE006
Composing commitments for verification
Figure 741541DEST_PATH_IMAGE007
Wherein
Figure 206021DEST_PATH_IMAGE008
Mod represents a remainder;
each participant respectively takes on respective polynomialsnDot
Figure 327429DEST_PATH_IMAGE009
Form anIndividual shared secret sharding sub
Figure 789635DEST_PATH_IMAGE010
Further, in step S3, the participantkPreserving shared secret sharding subkeys
Figure 12806DEST_PATH_IMAGE011
As a local shared secret sharding and receiving other participantsiSent shared secret sharding subkey
Figure 15397DEST_PATH_IMAGE012
Participant sidekFragmenting a received shared secret
Figure 7624DEST_PATH_IMAGE013
Utilizing participantsiVerifying the corresponding commitment, specifically, verifying whether the addition homomorphism is met by verifying whether the following equation is established, and if the equation is established, verifying that the addition homomorphism is passed;
Figure 388533DEST_PATH_IMAGE014
wherein
Figure 99000DEST_PATH_IMAGE015
Is shown asiEach promise element in the promise corresponding to each participant is multiplied after different power operations are carried out on the promise elements.
Further, in step S4, calculation is madenCoefficient of-1-degree curve constant
Figure 639703DEST_PATH_IMAGE016
The formula of (1) is:
Figure 752015DEST_PATH_IMAGE018
wherein
Figure 556023DEST_PATH_IMAGE019
According to a second aspect of the present specification, there is provided a decentralized secure multi-party privacy summation computing system, comprising a storage module, a scheduling module and a computing module local to each participant;
the storage module is used for storing local privacy data by each participant;
the scheduling module is used for receiving data information of other participants or sending local data information to other participants by each participant;
the calculation module is used for processing local data information by each participant, verifying data information of other participants, combining the data information of the local participants and the data information of the other participants and performing summation calculation; if the participant serves as the initiator, the data information merged and summed by other participants is verified in the calculation module, and finally all the data information is merged to calculate the data sum of all the participants.
According to a third aspect of the present specification, there is provided a computer device comprising a memory and a processor, the memory having stored therein computer-readable instructions which, when executed by the processor, cause the processor to perform the steps of the above-mentioned decentralized secure multi-party privacy summation calculation method.
According to a fourth aspect of the present specification, there is provided a storage medium storing computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the decentralized secure multi-party privacy summation computing method described above.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
the decentralized safe multiparty privacy summation calculation method and the decentralized safe multiparty privacy summation calculation system realize safe summation of the private data of the cross-institution/department under the condition of ensuring safe storage, transmission and legal utilization of the multiparty local data, can quickly and accurately master the user condition required in specific business without a trusted third party, meet the requirements of supervision and compliance, improve the risk control capability of a financial institution, and release the value of data elements to the maximum extent. Meanwhile, as the number of the participants increases, the network communication cost among the multiple servers increases, the main process of the method can be in multi-node distributed parallel computing, the computing turns are constant and do not increase along with the increase of the nodes, and the method is suitable for large-scale network scenes such as finance and the like.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a flow diagram of a decentralized secure multiparty privacy summation calculation method according to an exemplary embodiment;
FIG. 2 is a schematic detail diagram illustrating an implementation of a decentralized secure multi-party privacy summation calculation method according to an exemplary embodiment;
FIG. 3 is a block diagram of a decentralized secure multi-party privacy summation computing system provided in an exemplary embodiment.
Detailed Description
For better understanding of the technical solutions of the present application, the following detailed descriptions of the embodiments of the present application are provided with reference to the accompanying drawings.
It should be understood that the embodiments described are only a few embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terminology used in the embodiments of the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the examples of this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
The invention aims to solve the technical problem of how to quickly realize cross-institution/department data combined statistics on the premise of meeting the requirements of supervision and compliance so as to improve the quality and efficiency of related services of financial institutions. At present, the data joint statistics of each financial institution/department usually needs to adopt a centralized mode to sum and calculate the summarized data, and the calculation times generally increase linearly with the increase of the number of the institutions/departments. The traditional scheme is difficult to meet the requirements of financial business on timeliness, expansibility, safety and privacy. In order to solve the problems existing in the existing method, the invention provides a decentralized safe multi-party privacy summation calculation method and a decentralized safe multi-party privacy summation calculation system.
As shown in fig. 1, the decentralized secure multiparty privacy summation calculation method provided by the present invention includes the following steps:
s1, screening cross users for specific services by a plurality of participants participating in joint statistics, and sorting local data of the cross users, such as loan data, credit balance, consumption records and the like; the participating parties may be financial institutions such as banks, small credit companies, etc.
S2, each participant encrypts the local data code of the cross user to generate shared secret information, and then splits the shared secret information into a plurality of shared secret fragments; the method specifically comprises the following steps:
setting system parameters exposed to each participantpqgAnd the following three conditions are satisfied: parameter(s)pqIs a large prime number;q | (p-1), where | represents the ability to divide exactly, i.e.qCan be removedp-1;gIs one of the multiplicative groupsqAnd (4) order elements.
When there is anWhen the participants are involved, any one of the participants can be used as the initiator and marked as Guest, and the rest can be used as the initiatorn-1 participant as
Figure 737475DEST_PATH_IMAGE020
As shown in fig. 2.
Each participant constructs its ownnA polynomial of degree 1, thiPolynomial of family participant
Figure 285131DEST_PATH_IMAGE021
The following were used:
Figure 48687DEST_PATH_IMAGE022
whereinxIs the independent variable of the number of the variable,
Figure 289176DEST_PATH_IMAGE023
is a polynomial coefficient.
Each participant encodes the shared cross-user local data as a constant term
Figure 708656DEST_PATH_IMAGE024
And randomly generating polynomial coefficients except for constant terms
Figure 545156DEST_PATH_IMAGE025
Respectively aim at
Figure 366481DEST_PATH_IMAGE026
Composing commitments for verification
Figure 574609DEST_PATH_IMAGE027
Wherein, in the step (A),
Figure 215806DEST_PATH_IMAGE028
mod denotes a remainder operation.
Each participant respectively takes on respective polynomialsnDot
Figure 105264DEST_PATH_IMAGE029
Form anIndividual shared secret sharding sub
Figure 295943DEST_PATH_IMAGE030
Usually to reduce the amount of computation, take
Figure 674972DEST_PATH_IMAGE031
Are respectively as
Figure 69044DEST_PATH_IMAGE032
I.e. constructednSharding shared secret into subkeys
Figure 496614DEST_PATH_IMAGE033
S3, each participant sends the shared secret fragments to each other, verifies the received shared secret fragments respectively, and sums the received shared secret fragments with the local shared secret fragments to obtain shared secret fragment sums; the method specifically comprises the following steps:
s31, the Guest of the initiator reserves a shared secret sub
Figure 26953DEST_PATH_IMAGE034
As a local shared secret sharding, it is shardedSurplusn-1 secret shard subkey
Figure 576883DEST_PATH_IMAGE035
Respectively to other than the initiator Guestn-1 participant
Figure 206054DEST_PATH_IMAGE036
And send the full commitments of the initiator Guest
Figure 702894DEST_PATH_IMAGE037
Distributing to each participant;
participant side
Figure 87739DEST_PATH_IMAGE038
Preserving a shared secret sharding sub
Figure 746254DEST_PATH_IMAGE039
As a local shared secret sharding, the rest aren-1 secret shard subkey
Figure 911656DEST_PATH_IMAGE040
Respectively to the initiator Guest and the restn2 participating parties
Figure 930296DEST_PATH_IMAGE041
And will participate in
Figure 700806DEST_PATH_IMAGE042
Complete commitments of
Figure 530222DEST_PATH_IMAGE043
To the initiator Guest and the remaining participants
Figure 182920DEST_PATH_IMAGE044
Participant side
Figure 21563DEST_PATH_IMAGE044
And so on, the shared secret fragments subkeys and commitments are distributed.
S32, the Guest of the initiator is applied to all but the Guest of the initiatorn-1 participant Host sent shared secret shard subkey
Figure 866154DEST_PATH_IMAGE045
Utilizing commitments corresponding to each participant
Figure 132050DEST_PATH_IMAGE046
And respectively carrying out verification.
Normally, the specific coefficient of the initiator Guest is not clear
Figure 6465DEST_PATH_IMAGE047
In this case, it can be verified whether the addition homomorphism is satisfied by verifying whether the following equation is satisfied, and if so, the verification is passed;
Figure 648799DEST_PATH_IMAGE048
wherein
Figure 862743DEST_PATH_IMAGE049
Is shown asiEach promise element in the promise corresponding to each participant is multiplied after different power operations are carried out on the promise elements.
S33, participant Host1Shared secret sharding subkey sent to Guest of initiator
Figure 548808DEST_PATH_IMAGE050
Utilizing commitments corresponding to Guest of initiator
Figure 910519DEST_PATH_IMAGE051
Carrying out verification; shareable subkey sent by Host of other participants
Figure 90965DEST_PATH_IMAGE052
Utilizing commitments corresponding to each participant
Figure 159415DEST_PATH_IMAGE053
And respectively carrying out verification.
Under normal conditions, the participants
Figure 767114DEST_PATH_IMAGE054
In the case that specific coefficients are unclear
Figure 616121DEST_PATH_IMAGE055
In the case of (1), whether the addition homomorphism is satisfied can be verified by verifying whether the following equation is established, and if the equation is established, the verification is passed;
Figure 82481DEST_PATH_IMAGE056
wherein
Figure 536596DEST_PATH_IMAGE057
Is shown asiEach promise element in the promise corresponding to each participant is multiplied after different power operations are carried out on the promise elements.
Participant side
Figure 49617DEST_PATH_IMAGE058
The same can be verified.
S34, after the Guest of the initiator verifies all the Host participants, the shared secret sub sent by all the Host participants is divided into sub
Figure 589183DEST_PATH_IMAGE059
Sharing secret sharding sub with local
Figure 908169DEST_PATH_IMAGE060
Merging and summing to obtain shared secret fragments and sumkeys
Figure 466058DEST_PATH_IMAGE061
In the same way, the participating parties
Figure 149980DEST_PATH_IMAGE062
Are respectively combined and summed to obtainTo respective shared secret shards and sumkeys
Figure 911263DEST_PATH_IMAGE063
S4, each participant provides the sharing secret slicing sum to the initiator, the initiator verifies the received sharing secret slicing sum respectively, then combines the local sharing secret slicing sum, and finally decodes to obtain the data sum of all participants; the method specifically comprises the following steps:
s41, the initiator Guest pairs the received participants
Figure 33939DEST_PATH_IMAGE064
Transmitted shared secret sharding and sumkey
Figure 197067DEST_PATH_IMAGE065
And (6) carrying out verification.
Under normal conditions, the initiator Guest is not clear of specific coefficients
Figure 68203DEST_PATH_IMAGE066
In case of (2), can pass the verificationn-1 equation is true to verify whether additive homomorphism is satisfied, and if true, verify that two of the equations are listed below:
Figure 316781DEST_PATH_IMAGE067
s42, after the initiator passes the verification of all Host, the initiator divides the shared secret sent by all Host into fragments and sumkeys
Figure 180832DEST_PATH_IMAGE068
Sharing secret sharding and sumkey with local
Figure 995204DEST_PATH_IMAGE069
And obtaining the shared secret and the data _ sum after merging:
Figure 552088DEST_PATH_IMAGE070
shared secret and data _ sumnData points, uniquely identifiable by Lagrange interpolationn1 degree of curve, thereby calculating then-1 order curve constant coefficient:
Figure 271651DEST_PATH_IMAGE071
wherein
Figure 939393DEST_PATH_IMAGE072
In this example, take
Figure 608271DEST_PATH_IMAGE073
To pair
Figure 336056DEST_PATH_IMAGE074
Decoding to obtainnThe data of the home participants and.
In the whole calculation verification process, the discrete logarithm is calculated according to the difficulty
Figure 293648DEST_PATH_IMAGE075
Is known in
Figure 247304DEST_PATH_IMAGE076
Is difficult to calculate
Figure 36268DEST_PATH_IMAGE077
And the computing safety is ensured.
In one embodiment, suppose a business has existing credits at three bank participants a, B, and C as shown in table 1 below. If the company applies for a loan at bank D, bank D needs to separately account for the approved credit line and used credit line in the company's existing loan data at bank A, B, C.
TABLE 1
Figure 934954DEST_PATH_IMAGE078
In order to realize the intuitiveness of the calculation process of the technical scheme in the embodiment, the local approved credit limits of the bank participants A, B and C are directly assigned to the constant item without being coded
Figure 114263DEST_PATH_IMAGE079
Random value
Figure 123807DEST_PATH_IMAGE080
And
Figure 32857DEST_PATH_IMAGE081
form respective polynomials
Figure 86133DEST_PATH_IMAGE082
Taking three points on the polynomial as three shared secret shards
Figure 18317DEST_PATH_IMAGE083
A, B and C respectively send two of the shared secret fragments to the other two parties, respectively verify the two received shared secret fragments, and then merge and sum the two received shared secret fragments with the local shared secret fragment to obtain a shared secret fragment sum
Figure 565973DEST_PATH_IMAGE084
As shown in table 2 below, there are:
Figure 532792DEST_PATH_IMAGE085
TABLE 2
Figure 304438DEST_PATH_IMAGE086
Participant A receives and verifies the shared secret shards sent by B and C
Figure 740230DEST_PATH_IMAGE087
Plus a local shared secret shard and
Figure 825998DEST_PATH_IMAGE088
obtaining three data points, and determining a unique quadratic curve through Lagrange interpolation so as to obtain the constant coefficient of the curve:
Figure 647323DEST_PATH_IMAGE089
Figure 58713DEST_PATH_IMAGE090
the approved credit line sum of the enterprise in three banks A, B and C can be obtained in the same way, and the latest credit line for the enterprise can be determined according to the approved credit line sum and the used credit line sum.
Corresponding to the embodiment of the decentralized secure multi-party privacy summation calculation method, the invention also provides an embodiment of the decentralized secure multi-party privacy summation calculation system.
As shown in fig. 3, a decentralized secure multiparty privacy summation computing system provided in an embodiment of the present invention includes a storage module, a scheduling module, and a computing module that are disposed locally at each participant, where fig. 3 takes three participants a, B, and C as an example;
and the storage module is used for storing local privacy data, such as loan data, credit balance, consumption records and the like, by each participant.
And the scheduling module is used for receiving the data information of other participants or sending the local data information to other participants by each participant.
And the calculation module is used for processing the local data information, verifying the data information of other participants, combining the data information of the local participants and the data information of the other participants and performing summation calculation. In addition, if the participant serves as the initiator, the data information merged and summed by other participants needs to be verified in the calculation module, and finally all the data information is merged to calculate the data sum of all the participants.
Based on the foregoing decentralized secure multiparty privacy summation computing system embodiment, an implementation example of a decentralized secure multiparty privacy summation computing method is given below:
s1, screening cross users for specific services by a plurality of participants, sorting local data of the cross users, and storing the data in a local storage module;
s2, each participant first takes out local data of the cross user from the local storage module and sends the local data to the computing module for encoding and encryption to generate shared secret information, and then splits the shared secret information into a plurality of shared secret fragments;
s3, each participant transmits a plurality of shared secret fragments to other participants in parallel through a scheduling module, receives the shared secret fragments provided by other participants through the scheduling module, sends the shared secret fragments to a computing module for verification and sums with local shared secret fragments to finally obtain a shared secret fragment sum;
and S4, the initiator receives the shared secret shards provided by other participants through the scheduling module, sends the shared secret shards to the computing module for verification, then combines the shared secret shards with the local shared secret shards, and finally decodes the shared secret shards to obtain the data sum of all the participants.
In one embodiment, a computer device is provided, which includes a memory and a processor, the memory having stored therein computer readable instructions, which when executed by the processor, cause the processor to perform the steps of the decentralized secure multi-party privacy summation calculation method in the above embodiments.
In one embodiment, a storage medium is provided that stores computer readable instructions, which when executed by one or more processors, cause the one or more processors to perform the steps of the decentralized secure multi-party privacy summation computing method in the above embodiments. The storage medium may be a nonvolatile storage medium.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in one or more embodiments of the present description to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of one or more embodiments herein. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
The above description is only for the purpose of illustrating the preferred embodiments of the one or more embodiments of the present disclosure, and is not intended to limit the scope of the one or more embodiments of the present disclosure, and any modifications, equivalent substitutions, improvements, etc. made within the spirit and principle of the one or more embodiments of the present disclosure should be included in the scope of the one or more embodiments of the present disclosure.

Claims (10)

1. A decentralized secure multiparty privacy summation calculation method is characterized by comprising the following steps of:
s1, screening cross users for specific services by a plurality of participants, and sorting local data of the cross users;
s2, each participant encrypts the local data code of the cross user to generate shared secret information, and then splits the shared secret information into a plurality of shared secret fragments;
s3, each participant sends the shared secret fragments to each other, verifies the received shared secret fragments respectively, and sums the received shared secret fragments with the local shared secret fragments to obtain shared secret fragment sums;
and S4, each participant provides the respective sharing secret sharding sum to the initiator, the initiator verifies the received sharing secret sharding sum respectively, then combines the received sharing secret sharding sum with the local sharing secret sharding sum, and finally decodes the local sharing secret sharding sum to obtain the data sum of all participants.
2. The method for decentralized secure multiparty privacy summation calculation according to claim 1 wherein in step S2, when there is any one, the method is executednWhen the participants are at home, each participant constructs its ownn-a polynomial of degree 1, each participant encoding the shared local data of the cross-users as constant terms of the polynomial and randomly generating the remaining polynomial coefficients, for all polynomial systemsThe numbers respectively constitute commitments for verification, and each participant respectively takes on respective polynomialsnDot formationnA sharable shared secret.
3. The decentralized secure multiparty privacy summation calculation method according to claim 2, wherein in step S3, each participant reserves one shared secret segment as a local shared secret segment, and the rest are used as the local shared secret segmentsn-1 shared secret shards distributed to others respectivelyn-1 participant and distributing the complete commitment of each participant to each of the other participants;
each participant verifies the received shared secret fragments respectively by using the corresponding commitments of the participants to which the shared secret fragments belong; and after all verification passes, combining and summing all the received shared secret fragments and the local shared secret fragment to obtain a shared secret fragment sum.
4. The decentralized secure multiparty privacy summation calculation method according to claim 3, wherein in step S4, the participant as initiator verifies the received shard secret sum sent by other participants respectively; after all verification passes, combining all received shared secret fragments sent by other participants with local shared secret fragments to obtain shared secret sums;
the sum of the shared secret isnData points, uniquely identified by Lagrange interpolationn1 time curve, calculatenCoefficient of curve constant of degree 1, and decoding to obtainnThe data of the home participants and.
5. The decentralized secure multiparty privacy summation calculation method according to claim 4, wherein system parameters exposed to each participant are setpqgAnd the following three conditions are satisfied:pqis a large prime number;qcan be removedp-1;gIs one of the multiplicative groupsqA rank element;
each participant constructs its ownnA polynomial of degree 1, thiPolynomial of family participant
Figure 694744DEST_PATH_IMAGE001
The following were used:
Figure 143043DEST_PATH_IMAGE002
whereinxIs the independent variable of the number of the variable,
Figure 594884DEST_PATH_IMAGE003
is a polynomial coefficient;
each participant encodes the shared local data as a constant term
Figure 521252DEST_PATH_IMAGE004
Randomly generating the remaining polynomial coefficients
Figure 70045DEST_PATH_IMAGE005
Respectively aim at
Figure 70272DEST_PATH_IMAGE006
Composing commitments for verification
Figure 540568DEST_PATH_IMAGE007
Wherein
Figure 270627DEST_PATH_IMAGE008
Mod represents a remainder;
each participant respectively takes on respective polynomialsnDot
Figure 595298DEST_PATH_IMAGE009
Form anIndividual shared secret sharding sub
Figure 119820DEST_PATH_IMAGE010
6. The method for decentralized secure multiparty privacy summation calculation according to claim 5 wherein in step S3, the participating parties arekPreserving shared secret sharding subkeys
Figure 608570DEST_PATH_IMAGE011
As a local shared secret sharding and receiving other participantsiSent shared secret sharding subkey
Figure 752106DEST_PATH_IMAGE012
Participant sidekFragmenting a received shared secret
Figure 72229DEST_PATH_IMAGE013
Utilizing participantsiVerifying the corresponding commitment, specifically, verifying whether the addition homomorphism is met by verifying whether the following equation is established, and if the equation is established, verifying that the addition homomorphism is passed;
Figure 659331DEST_PATH_IMAGE014
wherein
Figure 635377DEST_PATH_IMAGE015
Is shown asiEach promise element in the promise corresponding to each participant is multiplied after different power operations are carried out on the promise elements.
7. The decentralized secure multiparty privacy summation calculation method according to claim 6, wherein in step S4, the calculation is performednCoefficient of-1-degree curve constant
Figure 441659DEST_PATH_IMAGE016
The formula of (1) is:
Figure 757234DEST_PATH_IMAGE017
wherein
Figure 623559DEST_PATH_IMAGE018
8. A decentralized secure multi-party privacy summation computing system for implementing the method according to any one of claims 1 to 7, wherein the system comprises a storage module, a scheduling module and a computing module local to each participant;
the storage module is used for storing local privacy data by each participant;
the scheduling module is used for receiving data information of other participants or sending local data information to other participants by each participant;
the calculation module is used for processing local data information by each participant, verifying data information of other participants, combining the data information of the local participants and the data information of the other participants and performing summation calculation; if the participant serves as the initiator, the data information merged and summed by other participants is verified in the calculation module, and finally all the data information is merged to calculate the data sum of all the participants.
9. A computer device comprising a memory and a processor, the memory having stored therein computer-readable instructions that, when executed by the processor, cause the processor to perform the steps in the decentralized secure multi-party privacy summation computing method according to any one of claims 1-7.
10. A storage medium having stored thereon computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps in the decentralized secure multi-party privacy summation computing method according to any one of claims 1-7.
CN202210409188.XA 2022-04-19 2022-04-19 Decentralized secure multiparty privacy summation calculation method and system Pending CN114513304A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210409188.XA CN114513304A (en) 2022-04-19 2022-04-19 Decentralized secure multiparty privacy summation calculation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210409188.XA CN114513304A (en) 2022-04-19 2022-04-19 Decentralized secure multiparty privacy summation calculation method and system

Publications (1)

Publication Number Publication Date
CN114513304A true CN114513304A (en) 2022-05-17

Family

ID=81554862

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210409188.XA Pending CN114513304A (en) 2022-04-19 2022-04-19 Decentralized secure multiparty privacy summation calculation method and system

Country Status (1)

Country Link
CN (1) CN114513304A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115688185A (en) * 2022-12-30 2023-02-03 成方金融科技有限公司 Multi-party privacy summation method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100268877A1 (en) * 2009-04-20 2010-10-21 Cleversafe, Inc. Securing data in a dispersed storage network using shared secret slices
CN111737767A (en) * 2020-07-31 2020-10-02 支付宝(杭州)信息技术有限公司 Method and device for performing secure operation on private data
CN112468302A (en) * 2020-10-23 2021-03-09 湖南天河国云科技有限公司 Editable blockchain based on verifiable multiparty secret sharing
CN113037489A (en) * 2021-05-25 2021-06-25 北京百度网讯科技有限公司 Data processing method, device, equipment and storage medium
CN114239032A (en) * 2021-12-21 2022-03-25 贵州数据宝网络科技有限公司 Multi-party data interaction method and system based on secure multi-party computation
CN114297487A (en) * 2021-12-27 2022-04-08 深圳前海微众银行股份有限公司 Anti-fraud secret sharing method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100268877A1 (en) * 2009-04-20 2010-10-21 Cleversafe, Inc. Securing data in a dispersed storage network using shared secret slices
CN111737767A (en) * 2020-07-31 2020-10-02 支付宝(杭州)信息技术有限公司 Method and device for performing secure operation on private data
CN112468302A (en) * 2020-10-23 2021-03-09 湖南天河国云科技有限公司 Editable blockchain based on verifiable multiparty secret sharing
CN113037489A (en) * 2021-05-25 2021-06-25 北京百度网讯科技有限公司 Data processing method, device, equipment and storage medium
CN114239032A (en) * 2021-12-21 2022-03-25 贵州数据宝网络科技有限公司 Multi-party data interaction method and system based on secure multi-party computation
CN114297487A (en) * 2021-12-27 2022-04-08 深圳前海微众银行股份有限公司 Anti-fraud secret sharing method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ANTONINO GALLETTA;MARIA FAZIO;ANTONIO CELESTI;MASSIMO VILLARI: "Verifiable Secret Share for file storage with cheater identification", 《2020 20TH IEEE/ACM INTERNATIONAL SYMPOSIUM ON CLUSTER, CLOUD AND INTERNET COMPUTING (CCGRID)》 *
高若愚: "异步环境下的理性秘密分享方案", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115688185A (en) * 2022-12-30 2023-02-03 成方金融科技有限公司 Multi-party privacy summation method and device, electronic equipment and storage medium
CN115688185B (en) * 2022-12-30 2023-04-28 成方金融科技有限公司 Multiparty privacy summation method, multiparty privacy summation device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
Yun et al. DQN-based optimization framework for secure sharded blockchain systems
Dai et al. A low storage room requirement framework for distributed ledger in blockchain
US11341487B2 (en) System and method for information protection
US20210090375A1 (en) System and method for information protection
Androulaki et al. Reputation systems for anonymous networks
Camenisch et al. Oblivious transfer with access control
KR20200139223A (en) Computer-implemented methods and systems for delivering access to digital assets
CN110784320A (en) Distributed key implementation method and system and user identity management method and system
El Defrawy et al. Founding digital currency on secure computation
US11811934B2 (en) Distributed machine learning via secure multi-party computation and ensemble learning
CN112597542B (en) Aggregation method and device of target asset data, storage medium and electronic device
Huang et al. EVA: Efficient versatile auditing scheme for IoT-based datamarket in jointcloud
Sonnino et al. Asterisk: Auction-based shared economy resolution system for blockchain
Banupriya et al. An analysis of privacy issues and solutions in public blockchain (bitcoin)
CN114513304A (en) Decentralized secure multiparty privacy summation calculation method and system
Dolev et al. SodsBC: a post-quantum by design asynchronous blockchain framework
Blum et al. Superlight–A permissionless, light-client only blockchain with self-contained proofs and BLS signatures
Bilal et al. Blockchain technology: Opportunities & challenges
US8868903B2 (en) Digital arbitration
Kopp et al. Cryptographic Design of PriCloud, a Privacy-preserving Decentralized Storage with Remuneration
Borse et al. A Review of Blockchain Consensus Algorithm
Reddy et al. Optimal blowfish algorithm-based technique for data security in cloud
Shah et al. Introduction to Blockchain
Li et al. Privacy-Preserving and Poisoning-Defending Federated Learning in Fog Computing
CN113656829A (en) Medical data security sharing method based on lattice code and alliance chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20220517

RJ01 Rejection of invention patent application after publication