CN114584283A - Privacy protection method, device, equipment and storage medium for blacklist matching - Google Patents

Privacy protection method, device, equipment and storage medium for blacklist matching Download PDF

Info

Publication number
CN114584283A
CN114584283A CN202210278244.0A CN202210278244A CN114584283A CN 114584283 A CN114584283 A CN 114584283A CN 202210278244 A CN202210278244 A CN 202210278244A CN 114584283 A CN114584283 A CN 114584283A
Authority
CN
China
Prior art keywords
blacklist
matching
card
person
determinant
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210278244.0A
Other languages
Chinese (zh)
Inventor
石显锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202210278244.0A priority Critical patent/CN114584283A/en
Publication of CN114584283A publication Critical patent/CN114584283A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption

Abstract

The invention relates to an artificial intelligence technology, and discloses a privacy protection method for blacklist matching, which comprises the following steps: acquiring matched persons in the matching formula and identity card IDs in a blacklist library from a pre-constructed block chain network; generating a public key and a private key by using a key generation algorithm, and performing full homomorphic encryption on the ID card by using the public key to obtain the ID card encrypted by a matching person and a blacklist library; encrypting the ID card according to the matched person and the blacklist library to construct a determinant, and calculating the value of the determinant; obtaining a private key through the matching formula, and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant; and judging whether the matched person in the matching formula is in the blacklist library or not according to the plaintext value. In addition, the invention also relates to a block chain technology, and the identity ID can be stored in the node of the block chain. The invention also provides a privacy protection device, electronic equipment and a storage medium for blacklist matching. The invention can improve the privacy of blacklist matching.

Description

Privacy protection method, device, equipment and storage medium for blacklist matching
Technical Field
The invention relates to the technical field of artificial intelligence, in particular to a privacy protection method and device for blacklist matching, electronic equipment and a computer readable storage medium.
Background
With the development of information, in order to resist some malicious behaviors, the number of blacklist matching scenes is increased. For example, when a bank loan is made, the bank can inquire whether the borrower is in the bad record blacklist; when buying insurance, the insurance company will inquire whether the purchasing personnel is in the fraud protection blacklist.
The existing blacklist matching schemes mainly include the following two schemes: one is that each data holder delivers data to a third party authorized by the big house, the data is matched by the third party, the third party system can see the plaintext data of the data provider after decrypting the received data, no privacy protection is provided for the data provider, and the third party system is attacked after the data is decrypted, and the risk that the plaintext data of the data provider is acquired by an untrusted party can also exist; the second is that the two matching parties encrypt the data, then the two parties exchange the data to complete the data matching, and the receiving party has a private key and does not protect the data.
In summary, the privacy of the current blacklist matching method needs to be improved.
Disclosure of Invention
The invention provides a privacy protection method and device for blacklist matching and a computer readable storage medium, and mainly aims to solve the problem of low privacy when blacklist matching is carried out.
In order to achieve the above object, the present invention provides a privacy protection method for blacklist matching, including:
acquiring a matched person in a blacklist matching formula and an identity card ID in a blacklist library from a pre-constructed block chain network, and converting the identity card ID of the matched person and the identity card ID in the blacklist library according to a preset rule to obtain a standard identity card ID of the matched person and a standard identity card ID in the blacklist library;
generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the ID of the matching person standard ID card by using the public key to obtain the ID of the matching person encrypted ID card, and broadcasting the public key and the ID of the matching person encrypted ID card to a blacklist library in the blockchain network;
acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant;
obtaining the private key through the blacklist matching party, and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant;
and judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant to obtain a matching conclusion.
Optionally, before obtaining the matching person in the blacklist matching formula and the identification card ID in the blacklist library from the pre-constructed blockchain network, the method further includes:
and constructing the block chain network by a blacklist matching formula, a blacklist library and a supervisor in a P2P mode, wherein the supervisor is not responsible for matching related operations, and only audits and traces the matching process according to data on the block chain network when needed.
Optionally, the generating a public key and a private key by using a key generation algorithm includes:
randomly selecting a prime number q in a finite field GF (q)n+1Randomly selecting an integer vector K as a private key SK, wherein n is a natural number;
in the finite field GF (q)tAnd randomly selecting a vector theta, and calculating to obtain a public key PK by using a preset encryption function Enc (K, theta), wherein t is a natural number.
Optionally, the constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating a value of the determinant includes:
establishing a Van der Mongolian determinant according to the encrypted ID of the matched person and the encrypted ID of the blacklist bank;
and calculating the value of the Van der Monte determinant by using a calculation function.
Optionally, the constructing a vandermonde determinant according to the matching person encrypted ID and the blacklist bank encrypted ID includes:
and using the matching person encrypted ID and the n-1 power of the blacklist bank encrypted ID as the nth row of the Van der Mongolian determinant, and obtaining the Van der Mongolian determinant, wherein n is more than or equal to 2.
Optionally, after determining whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant and obtaining a matching conclusion, the method further includes:
and when the blacklist matching formula or the blacklist library provider disputes the matching conclusion, the data of the blacklist matching formula and the blacklist library in the block chain network are obtained by the monitoring party to audit the blacklist matching process.
Optionally, the converting the ID of the matching person and the ID in the blacklist library according to a preset rule to obtain a standard ID of the matching person and a standard ID of the blacklist library, including:
judging whether the ID card of the matched person and the last bit of the ID card in the blacklist library are numbers or not;
when the last digit of the ID card ID of the matched person and the ID card ID in the blacklist library is a digit, taking the ID card ID of the matched person and the ID card ID in the blacklist library as a standard ID card ID of the matched person and a standard ID card ID in the blacklist library;
and when the ID of the matched person and the last bit of the ID in the blacklist bank are not numbers, converting the ID of the matched person and the last bit of the ID in the blacklist bank into numbers, and taking the converted ID of the matched person and the ID in the blacklist bank as a standard ID of the matched person and a standard ID of the blacklist bank.
In order to solve the above problem, the present invention further provides a privacy protecting apparatus for blacklist matching, the apparatus including:
an ID card acquisition module: the system comprises a block chain network, a matching person identification card ID in a blacklist matching formula and an identification card ID in a blacklist library, wherein the block chain network is pre-constructed and is used for acquiring the matching person ID in the blacklist matching formula and the identification card ID in the blacklist library, and converting the matching person ID and the identification card ID in the blacklist library according to a preset rule to obtain a matching person standard ID and a blacklist library standard ID;
fully homomorphic encryption module: generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the ID of the matching person standard ID card by using the public key to obtain the ID of the matching person encrypted ID card, and broadcasting the public key and the ID of the matching person encrypted ID card to a blacklist library in the blockchain network; acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
the determinant constructing module comprises: the system is used for constructing a determinant according to the encrypted ID of the matched person and the encrypted ID of the blacklist bank and calculating the value of the determinant;
a decryption module: the blacklist matching party is used for obtaining the private key and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant;
and the judging module is used for judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant to obtain a matching conclusion.
In order to solve the above problem, the present invention also provides an electronic device, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the above-described method of privacy protection for blacklist matching.
In order to solve the above problem, the present invention further provides a computer-readable storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in an electronic device to implement the above-mentioned privacy protection method for blacklist matching.
The embodiment of the invention obtains the ID of the matching person encrypted ID by constructing a block chain network and carrying out full homomorphic encryption on the ID of the matching person standard ID by using the public key, and broadcasts the public key and the ID of the matching person encrypted ID to a blacklist library in the block chain network; the public key is obtained from the blacklist library, the public key is used for carrying out full homomorphic encryption on the standard identity card ID of the blacklist library to obtain the encrypted identity card ID of the blacklist library, both cipher texts are adopted during data exchange, and the blacklist matching formula and the blacklist library do not know the plaintext data of the other party, so that the privacy of the data is greatly protected; constructing a determinant according to the encrypted ID of the matched person and the encrypted ID of the blacklist library, and calculating the value of the determinant, wherein the value of the determinant is a ciphertext, although a matching party has a private key, the determinant cannot be restored, and the plaintext of data provided by the blacklist library cannot be known; and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant, judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant, and judging whether the matched person is in the blacklist library only by the plaintext value of the determinant without knowing plaintext data of the matching formula or the blacklist library, so that the privacy of the blacklist matching method is greatly improved. Therefore, the privacy protection method and device for blacklist matching, the electronic equipment and the computer readable storage medium provided by the invention can solve the problem of low privacy of the blacklist matching method.
Drawings
Fig. 1 is a flowchart illustrating a privacy protection method for blacklist matching according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a detailed implementation of one step in the privacy protecting method for matching the blacklist shown in FIG. 1;
FIG. 3 is a functional block diagram of a blacklist matching privacy protection apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device implementing the privacy protection method for matching a blacklist according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The embodiment of the application provides a privacy protection method for blacklist matching. The execution subject of the privacy protection method for blacklist matching includes, but is not limited to, at least one of electronic devices, such as a server and a terminal, which can be configured to execute the method provided by the embodiment of the present application. In other words, the privacy protection method for blacklist matching may be performed by software or hardware installed in a terminal device or a server device, and the software may be a blockchain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like.
Referring to fig. 1, a schematic flow chart of a privacy protection method for blacklist matching according to an embodiment of the present invention is shown. In this embodiment, the privacy protection method for blacklist matching includes:
s1, obtaining the matching persons in the blacklist matching formula and the ID cards in the blacklist library from the pre-constructed blockchain network, and converting the ID cards I of the matching persons and the ID cards in the blacklist library according to preset rules to obtain the standard ID cards ID of the matching persons and the standard ID cards ID of the blacklist library.
In the embodiment of the invention, the block chain network is constructed by a blacklist matching formula, a blacklist library and a supervisor in a mode of P2P, wherein the blacklist matching formula is a user needing blacklist matching; the blacklist library can be composed of multiple blacklist providers; and the supervisor is not responsible for matching related operations, and only audits and traces the matching process according to the data on the block chain network when needed.
In detail, referring to fig. 2, the converting the ID of the matching person and the ID of the black list library in S1 according to a preset rule to obtain the standard ID of the matching person and the standard ID of the black list library includes:
s12, judging whether the ID of the matched person and the last bit of the ID in the blacklist library are numbers;
when the last digit of the ID card ID of the matched person and the ID card ID in the blacklist library is a digit, executing S12, and taking the ID card ID of the matched person and the ID card ID in the blacklist library as a standard ID card ID of the matched person and a standard ID card ID of the blacklist library;
and when the ID of the matched person and the last bit of the ID in the blacklist library are not numbers, executing S13, converting the ID of the matched person and the last bit of the ID in the blacklist library into numbers, and taking the converted ID of the matched person and the ID in the blacklist library as a standard ID of the matched person and a standard ID in the blacklist library.
In one embodiment of the present invention, when the last digit of the ID of the matching person and the ID in the blacklist library is a number, the ID of the matching person and the ID in the blacklist library are used as the standard ID of the matching person and the standard ID of the blacklist library; and when the ID card of the matched person and the last bit of the ID card ID in the blacklist library are X, converting X into 10.
S2, generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the matching person standard ID by using the public key to obtain a matching person encrypted ID, and broadcasting the public key and the matching person encrypted ID to a blacklist database in the blockchain network.
In the embodiment of the invention, the public key and the private key are a key pair obtained through an algorithm, the public key is a part which is disclosed to the outside, the private key is a non-public part, and the key pair obtained through the algorithm is unique in the world. When using this key pair, if one of the keys is used to encrypt a piece of data, the other key must be used to decrypt the piece of data. For example, encrypting data with a public key would necessitate decrypting with the corresponding private key or the decryption would not succeed.
In the embodiment of the present invention, the fully homomorphic encryption is an algorithm that simultaneously satisfies addition homomorphic encryption and multiplication homomorphic encryption, wherein the addition homomorphic encryption uses an encryption function f () to change two plain texts A, B into ciphers a ' and B ', and performs addition calculation on the ciphers a ' and B ' to obtain a cipher text C ', and uses a decryption function f to decrypt the cipher text-1() And decrypting to obtain C, wherein C is A + B.
The multiplicative homomorphic encryption is to use an encryption function to convert two plaintexts A, B into ciphertexts a ' and B ', to perform multiplicative calculation on the ciphertexts a ' and B ' to obtain a cipher text C ', and to decrypt the cipher text by using a decryption function to obtain C, where C is a × B.
In detail, the generating of the public key and the private key by using the key generation algorithm in S2 includes:
randomly selecting a prime number q in a finite field GF (q)n+1Randomly selecting an integer vector K as a private key SK, wherein n is a natural number;
in the finite field GF (q)tAnd randomly selecting a vector theta, and calculating to obtain a public key PK by using a preset encryption function Enc (K, theta), wherein t is a natural number.
In the embodiment of the present invention, the finite field is also called galois field (galois field), and is an algebraic structure capable of performing addition, subtraction, multiplication and division operations.
Further, the public key PK is used for carrying out full homomorphic encryption on the ID of the matched person standard ID card to obtain the ID (cirpherID) of the matched person encrypted ID card, the public key PK and the cirpherID are uploaded to a link of the block chain network, and the public key PK and the cirpherID are broadcasted to a blacklist database in the block chain network.
In the embodiment of the present invention, the blacklist matching formula only broadcasts the public key PK and the ciperid to the blacklist library in the blockchain network, and the blacklist library and the administrator in the blockchain network only know ciphertext content but not a private key, and cannot decrypt the ciperid.
S3, obtaining the public key from the blacklist library, and carrying out full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain the encrypted ID card ID of the blacklist library.
In one embodiment of the present invention, the public key PK is obtained from a blacklist bank in the blockchain network, and the public key PK is used to perform full homomorphic encryption on the blacklist bank standard identity card Id (IDA) to obtain an encrypted identity card id (eida) of the blacklist bank, where the IDA ═ a (a ═ a-1,A2,…,An-1) Wherein EIDA is (EA)1,EA2,…,EAn-1) Wherein n is a natural number greater than 1.
S4, constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant.
In an embodiment of the present invention, the determinant is a vandermonde determinant, and the vandermonde determinant is a matrix representing a geometric relationship.
In detail, the S4 includes:
establishing a Van der Mongolian determinant according to the encrypted ID of the matched person and the encrypted ID of the blacklist bank;
and calculating the value of the Van der Monte determinant by using a calculation function.
In the embodiment of the invention, the 0 th power of the matching person encrypted ID (cipereID) and the blacklist bank Encrypted ID (EIDA) is used as the 1 st line of the Van der Mongolian determinant; using the matching person encrypted ID (ciperiD) and the blacklist bank Encrypted ID (EIDA) to the power of 1 as line 2 of the Van der Mongolian determinant; until the n-1 power of the matching person encrypted ID card (CipherID) and the blacklist bank encrypted ID card (EIDA) is used as the nth row of the Van der Mongolian determinant, the Van der Mongolian determinant is obtained, wherein n is more than or equal to 2.
Wherein the vandermonde determinant is as follows:
Figure BDA0003556951550000081
in the embodiment of the present invention, the calculation result of the vandermonde determinant is as follows:
Figure BDA0003556951550000082
in an embodiment of the present invention, according to a value characteristic of the vandermonde determinant, the blacklist bank encrypts an ID card ID, and an EIDA ═ EA1,EA2,…,EAn-1) Where one value equals the matching person's encrypted identification card id (ciperid), the value of the vandermonde determinant is 0.
S5, obtaining the private key through the blacklist matching party, and decrypting the value of the determinant by using the private key to obtain the plaintext value of the determinant.
In the embodiment of the invention, the private key (SK) is obtained according to the blacklist matching formula, and the SK and a decryption function f of a homomorphic encryption algorithm are utilized-1() And decrypting the Van der Mongolian determinant to obtain a plaintext value (DP) of the Van der Mongolian determinant.
In the embodiment of the invention, the Van der Mongolian determinant calculation is to subtract and multiply the blacklist base Encryption ID (EIDA) and the matching person encryption ID (ciperiD), and then to use the decryption function f of the homomorphic encryption algorithm-1() And decrypting the Van der Mongolian determinant, wherein the decryption result is the same as the result calculated by using the ID of the matched person and the ID in the blacklist library.
In the embodiment of the invention, the matching person encrypted ID and the blacklist bank encrypted ID are matched by calculating the Van der Mongolian determinant value, and only a ciphertext is involved in the whole calculation process, but a plaintext is not involved; and decrypting the value of the Van der Mongolian determinant to obtain a plaintext value of the determinant, wherein the identity card ID of the matched person and the identity card ID in the blacklist library can not be identified through the plaintext value of the determinant, so that the matching formula and the supervisor can not know the identity card ID plaintext in the blacklist library.
S6, judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant, and obtaining a matching conclusion.
According to the embodiment of the invention, whether a matched person in the blacklist matching formula is in a blacklist bank is judged according to the value characteristics of the Van der Meng determinant, the blacklist bank is encrypted with an identity card ID (ID), and EIDA (EA) is encrypted according to the value characteristics of the Van der Meng determinant1,EA2,…,EAn-1) Wherein when one value of the matching person is equal to the matching person encrypted identification card id (ciperid), the value of the vandermonde determinant is a ciphertext value of 0.
When the plaintext value of the vandermonde determinant is 0, indicating that the matching person is in the blacklist bank; when the plaintext value of the vandermonde determinant is not equal to 0, the matching person is not in the blacklist library, and a matching conclusion is obtained.
In the embodiment of the invention, when the blacklist matching formula or the blacklist library provider disputes the matching conclusion, the data of the blacklist matching formula and the blacklist library in the block chain network are obtained by the monitoring party to audit the blacklist matching process.
The embodiment of the invention obtains the ID of the matching person encrypted ID by constructing a block chain network and carrying out full homomorphic encryption on the ID of the matching person standard ID by using the public key, and broadcasts the public key and the ID of the matching person encrypted ID to a blacklist library in the block chain network; the public key is obtained from the blacklist bank, the public key is used for carrying out full homomorphic encryption on the standard ID card ID of the blacklist bank to obtain the encrypted ID card ID of the blacklist bank, both cipher texts are adopted during data exchange, and both the blacklist matching formula and the blacklist bank do not know the plaintext data of the other party, so that the privacy of the data is greatly protected; constructing a determinant according to the encrypted ID of the matched person and the encrypted ID of the blacklist library, and calculating the value of the determinant, wherein the value of the determinant is a ciphertext, although a matching party has a private key, the determinant cannot be restored, and the plaintext of data provided by the blacklist library cannot be known; and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant, judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant, and judging whether the matched person is in the blacklist library only through the plaintext value of the determinant without knowing plaintext data of the matching formula or the blacklist library, so that the privacy of the blacklist matching method is greatly improved. Therefore, the privacy protection method for the blacklist matching can solve the problem of low privacy of the blacklist matching method.
Fig. 3 is a functional block diagram of a privacy protecting apparatus for blacklist matching according to an embodiment of the present invention.
The privacy protecting apparatus 100 for matching black lists according to the present invention may be installed in an electronic device. According to the implemented functions, the privacy protecting apparatus 100 for blacklist matching may include an ID obtaining module 101, a fully homomorphic encryption module 102, a determinant constructing module 103, a decryption module 104, and a determining module 105. The module of the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and that can perform a fixed function, and that are stored in a memory of the electronic device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the identification card ID acquisition module 101: the system comprises a block chain network, a matching person identification card ID in a blacklist matching formula and an identification card ID in a blacklist library, wherein the block chain network is pre-constructed and is used for acquiring the matching person ID in the blacklist matching formula and the identification card ID in the blacklist library, and converting the matching person ID and the identification card ID in the blacklist library according to a preset rule to obtain a matching person standard ID and a blacklist library standard ID;
the fully homomorphic encryption module 102: generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the matching person standard ID by using the public key to obtain a matching person encrypted ID, and broadcasting the public key and the matching person encrypted ID to a blacklist bank in the blockchain network; acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
the determinant building module 103: the system is used for constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant;
the decryption module 104: the blacklist matching party is used for obtaining the private key and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant;
the judging module 105 is configured to judge whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant, so as to obtain a matching conclusion.
In detail, in the embodiment of the present invention, when the modules in the privacy protecting apparatus 100 for matching a blacklist are used, the same technical means as the privacy protecting method for matching a blacklist described in fig. 1 to fig. 2 is adopted, and the same technical effect can be generated, which is not described herein again.
Fig. 4 is a schematic structural diagram of an electronic device implementing a privacy protection method for blacklist matching according to an embodiment of the present invention.
The electronic device 1 may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as a blacklist matching privacy protection program, stored in the memory 11 and executable on the processor 10.
In some embodiments, the processor 10 may be composed of an integrated circuit, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same function or different functions, and includes one or more Central Processing Units (CPUs), a microprocessor, a digital Processing chip, a graphics processor, a combination of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device by running or executing programs or modules (e.g., executing a privacy protection program for blacklist matching, etc.) stored in the memory 11 and calling data stored in the memory 11.
The memory 11 includes at least one type of readable storage medium including flash memory, removable hard disks, multimedia cards, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disks, optical disks, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device, for example a removable hard disk of the electronic device. The memory 11 may also be an external storage device of the electronic device in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device. The memory 11 may be used not only to store application software installed in the electronic device and various types of data, such as codes of a blacklist-matched privacy protection program, etc., but also to temporarily store data that has been output or is to be output.
The communication bus 12 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
The communication interface 13 is used for communication between the electronic device and other devices, and includes a network interface and a user interface. Optionally, the network interface may include a wired interface and/or a wireless interface (e.g., WI-FI interface, bluetooth interface, etc.), which are typically used to establish a communication connection between the electronic device and other electronic devices. The user interface may be a Display (Display), an input unit such as a Keyboard (Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable, among other things, for displaying information processed in the electronic device and for displaying a visualized user interface.
Fig. 4 only shows an electronic device with components, and it will be understood by those skilled in the art that the structure shown in fig. 4 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than those shown, or some components may be combined, or a different arrangement of components.
For example, although not shown, the electronic device may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so that functions of charge management, discharge management, power consumption management and the like are realized through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.
It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.
The blacklist matching privacy protection program stored in the memory 11 in the electronic device 1 is a combination of instructions that, when executed in the processor 10, may implement:
acquiring a matched person in a blacklist matching formula and an identity card ID in a blacklist library from a pre-constructed block chain network, and converting the identity card ID of the matched person and the identity card ID in the blacklist library according to a preset rule to obtain a standard identity card ID of the matched person and a standard identity card ID in the blacklist library;
generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the ID of the matching person standard ID card by using the public key to obtain the ID of the matching person encrypted ID card, and broadcasting the public key and the ID of the matching person encrypted ID card to a blacklist library in the blockchain network;
acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant;
obtaining the private key through the blacklist matching party, and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant;
and judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant to obtain a matching conclusion.
Specifically, the specific implementation method of the instruction by the processor 10 may refer to the description of the relevant steps in the embodiment corresponding to the drawings, which is not described herein again.
Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. The computer readable storage medium may be volatile or non-volatile. For example, the computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).
The present invention also provides a computer-readable storage medium, storing a computer program which, when executed by a processor of an electronic device, may implement:
acquiring a matched person in a blacklist matching formula and an identity card ID in a blacklist library from a pre-constructed blockchain network, and converting the identity card ID of the matched person and the identity card ID in the blacklist library according to a preset rule to obtain a standard identity card ID of the matched person and a standard identity card ID in the blacklist library;
generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the ID of the matching person standard ID card by using the public key to obtain the ID of the matching person encrypted ID card, and broadcasting the public key and the ID of the matching person encrypted ID card to a blacklist library in the blockchain network;
acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant;
the private key is obtained through the blacklist matching party, and the value of the determinant is decrypted by the private key to obtain a plaintext value of the determinant;
and judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant to obtain a matching conclusion.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
The embodiment of the application can acquire and process related data based on an artificial intelligence technology. Among them, Artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.
Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims (10)

1. A privacy preserving method of blacklist matching, the method comprising:
acquiring a matched person in a blacklist matching formula and an identity card ID in a blacklist library from a pre-constructed block chain network, and converting the identity card ID of the matched person and the identity card ID in the blacklist library according to a preset rule to obtain a standard identity card ID of the matched person and a standard identity card ID in the blacklist library;
generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the ID of the matching person standard ID card by using the public key to obtain the ID of the matching person encrypted ID card, and broadcasting the public key and the ID of the matching person encrypted ID card to a blacklist library in the blockchain network;
acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant;
obtaining the private key through the blacklist matching party, and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant;
and judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant to obtain a matching conclusion.
2. The privacy preserving method of blacklist matching as claimed in claim 1, wherein before obtaining matching persons in the blacklist matching formula and identification card IDs in the blacklist repository from the pre-constructed blockchain network, the method further comprises:
and constructing the block chain network by a blacklist matching formula, a blacklist library and a supervisor in a P2P mode, wherein the supervisor is not responsible for matching related operations, and only audits and traces back the matching process according to data on the block chain network when needed.
3. The blacklist matching privacy protection method of claim 1, wherein the generating a public key and a private key using a key generation algorithm comprises:
randomly selecting a prime number q in a finite field GF (q)n+1Randomly selecting an integer vector K as a private key SK, wherein n is a natural number;
in the finite field GF (q)tAnd randomly selecting a vector theta, and calculating to obtain a public key PK by using a preset encryption function Enc (K, theta), wherein t is a natural number.
4. The privacy protection method for blacklist matching as claimed in claim 3, wherein the constructing a determinant from the matchmaker encrypted ID card ID and the blacklist bank encrypted ID card ID and calculating a value of the determinant comprises:
establishing a Van der Mongolian determinant according to the encrypted ID of the matched person and the encrypted ID of the blacklist bank;
and calculating the value of the Van der Monte determinant by using a calculation function.
5. The blacklisted matching privacy protection method of claim 4, wherein the constructing a Van der Mongolian determinant from the matching person encrypted ID and the blacklist bank encrypted ID comprises:
and using the matching person encrypted ID and the n-1 power of the blacklist bank encrypted ID as the nth row of the Van der Mongolian determinant, and obtaining the Van der Mongolian determinant, wherein n is more than or equal to 2.
6. The privacy preserving method of blacklist matching according to any one of claims 1 to 5, wherein said judging whether said matching person in said blacklist matching formula is in said blacklist bank according to a plaintext value of said determinant, after obtaining a matching conclusion, said method further comprises:
and when the blacklist matching formula or the blacklist library provider disputes the matching conclusion, the data of the blacklist matching formula and the blacklist library in the block chain network are obtained by the supervisor to audit the blacklist matching process.
7. The privacy protection method for matching blacklists according to claim 1, wherein the converting the matching person's ID card ID and the ID card ID in the blacklist bank according to a preset rule to obtain a matching person's standard ID card ID and a blacklist bank standard ID card ID comprises:
judging whether the ID of the matched person and the last bit of the ID in the blacklist library are numbers or not;
when the ID card ID of the matched person and the last digit of the ID card ID in the blacklist bank are numbers, taking the ID card ID of the matched person and the ID card ID in the blacklist bank as a standard ID card ID of the matched person and a standard ID card ID in the blacklist bank;
and when the ID of the matched person and the last bit of the ID in the blacklist library are not numbers, converting the ID of the matched person and the last bit of the ID in the blacklist library into numbers, and taking the converted ID of the matched person and the ID in the blacklist library as a standard ID of the matched person and a standard ID of the blacklist library.
8. A blacklist matched privacy preserving apparatus, the apparatus comprising:
an ID card acquisition module: the system comprises a block chain network, a matching person identification card ID in a blacklist matching formula and an identification card ID in a blacklist library, wherein the block chain network is pre-constructed and is used for acquiring the matching person ID in the blacklist matching formula and the identification card ID in the blacklist library, and converting the matching person ID and the identification card ID in the blacklist library according to a preset rule to obtain a matching person standard ID and a blacklist library standard ID;
fully homomorphic encryption module: generating a public key and a private key by using a key generation algorithm, carrying out full homomorphic encryption on the ID of the matching person standard ID card by using the public key to obtain the ID of the matching person encrypted ID card, and broadcasting the public key and the ID of the matching person encrypted ID card to a blacklist library in the blockchain network; acquiring the public key from the blacklist library, and performing full homomorphic encryption on the standard ID card ID of the blacklist library by using the public key to obtain an encrypted ID card ID of the blacklist library;
the determinant constructing module comprises: the system is used for constructing a determinant according to the matching person encrypted ID and the blacklist library encrypted ID, and calculating the value of the determinant;
a decryption module: the blacklist matching party is used for obtaining the private key and decrypting the value of the determinant by using the private key to obtain a plaintext value of the determinant;
and the judging module is used for judging whether the matched person in the blacklist matching formula is in the blacklist library according to the plaintext value of the determinant to obtain a matching conclusion.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of privacy protection of blacklist matching as claimed in any one of claims 1 to 7.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out a privacy protection method for blacklist matching as claimed in any one of claims 1 to 7.
CN202210278244.0A 2022-03-21 2022-03-21 Privacy protection method, device, equipment and storage medium for blacklist matching Pending CN114584283A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210278244.0A CN114584283A (en) 2022-03-21 2022-03-21 Privacy protection method, device, equipment and storage medium for blacklist matching

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210278244.0A CN114584283A (en) 2022-03-21 2022-03-21 Privacy protection method, device, equipment and storage medium for blacklist matching

Publications (1)

Publication Number Publication Date
CN114584283A true CN114584283A (en) 2022-06-03

Family

ID=81777267

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210278244.0A Pending CN114584283A (en) 2022-03-21 2022-03-21 Privacy protection method, device, equipment and storage medium for blacklist matching

Country Status (1)

Country Link
CN (1) CN114584283A (en)

Similar Documents

Publication Publication Date Title
Zhao et al. Privacy protection scheme based on remote anonymous attestation for trusted smart meters
CN107078899B (en) Method of obfuscating data
Barker et al. Sp 800-90a. recommendation for random number generation using deterministic random bit generators
CN111695097A (en) Login checking method and device and computer readable storage medium
CN111314069A (en) Block chain-based shaking system and method, electronic device and storage medium
CN113055380B (en) Message processing method and device, electronic equipment and medium
CN113112252B (en) Resource transfer method and device based on block chain, electronic equipment and storage medium
CN113822675A (en) Block chain based message processing method, device, equipment and storage medium
CN114124502B (en) Message transmission method, device, equipment and medium
CN111612458A (en) Method and device for processing block chain data and readable storage medium
CN113127915A (en) Data encryption desensitization method and device, electronic equipment and storage medium
CN111404892B (en) Data supervision method and device and server
CN113158207A (en) Block chain based report generation method and device, electronic equipment and storage medium
CN115374150A (en) Character string data query method and device, electronic equipment and storage medium
CN114760114A (en) Identity authentication method, device, equipment and medium
CN113420049A (en) Data circulation method and device, electronic equipment and storage medium
CN112165383A (en) Encryption method, device, equipment and medium based on shared root key
CN112217639B (en) Data encryption sharing method and device, electronic equipment and computer storage medium
CN114584283A (en) Privacy protection method, device, equipment and storage medium for blacklist matching
CN114826736A (en) Information sharing method, device, equipment and storage medium
CN113055178B (en) Block chain system, and method, system, device and medium for transmitting numerical information
CN115001784A (en) Data storage method and device, electronic equipment and computer readable storage medium
CN111949996A (en) Generation method, encryption method, system, device and medium of security private key
CN111127020A (en) Transaction data confusion method based on block chain and related equipment
Lu et al. Data Security Encryption Method Based on Improved AES Algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination