CN114726542B - Data transmission method and device based on privacy intersection - Google Patents
Data transmission method and device based on privacy intersection Download PDFInfo
- Publication number
- CN114726542B CN114726542B CN202210368082.XA CN202210368082A CN114726542B CN 114726542 B CN114726542 B CN 114726542B CN 202210368082 A CN202210368082 A CN 202210368082A CN 114726542 B CN114726542 B CN 114726542B
- Authority
- CN
- China
- Prior art keywords
- data
- data set
- intersection
- user
- user identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 230000005540 biological transmission Effects 0.000 title claims abstract description 25
- 230000008569 process Effects 0.000 claims abstract description 18
- 238000004364 calculation method Methods 0.000 claims description 30
- 238000004590 computer program Methods 0.000 claims description 8
- 239000000654 additive Substances 0.000 description 6
- 230000000996 additive effect Effects 0.000 description 6
- 230000003993 interaction Effects 0.000 description 6
- 238000007781 pre-processing Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 239000003999 initiator Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3257—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a data transmission method based on privacy intersection, wherein a first device acquires a first data set, the first data set comprises first data to be signed, the first data set is sent to a second device, and the second device signs the first data to obtain a second data set. The first device receives the second data set and blinds the second data in the second data set to obtain a third data set. The first device receives a fourth data set sent by the second device, wherein the fourth data set is obtained by signing the user identification stored by the second device. The first device performs intersection on the third data set and the fourth data set to obtain an intersection set. The first device processes the intersection set in an addition secret sharing mode to obtain a second intersection set, and sends the second intersection set to the second device. The method and the device protect the intersection result through an addition secret sharing mode, and protect data of a party with a tag.
Description
Technical Field
The application relates to the technical field of data processing, in particular to a data transmission method and device based on privacy intersection.
Background
The privacy set intersection (Private Set Intersection, PSI) is that the parties participate in the intersection of the data held by the parties without revealing any additional information. Wherein the additional information refers to any information other than the intersection of the data of the two parties. Privacy set intersection is very useful in real-world scenarios, is a key pre-step in vertical federal learning, used to find multiple common data samples before joint computation by multiple vendors, and does not expose samples unique to each vendor.
However, in practical applications, the intersection result is often visible to both parties, which presents a safety hazard for the party with the tag value.
Disclosure of Invention
In view of this, the present application provides a data transmission method and apparatus based on privacy intersection, so as to realize secure transmission of intersection results without exposing the intersection results.
In order to achieve the above purpose, the technical scheme provided by the application is as follows:
in a first aspect of the present application, a data transmission method based on privacy intersection is provided, the method comprising:
the method comprises the steps that first equipment obtains a first data set, wherein the first data set comprises m pieces of first data to be signed, the m pieces of first data to be signed are data obtained by blinding m user identifications, and m is a positive integer greater than or equal to 1;
the first device sends the first data set to a second device so that the second device signs each first data to be signed in the first data set;
the first device receives a second data set sent by the second device, wherein the second data set comprises m second data carrying signatures, and the second data set is obtained by the first device after signing the first data in the first data set by using a private key;
the first device performs blind removing processing on the second data set to obtain a third data set, wherein the third data set comprises m pieces of third data, and the third data is signature data of user identification;
the first device receives a fourth data set sent by the second device, wherein the fourth data set is obtained after the second device performs signature processing on k user identifiers stored by the second device, the fourth data set comprises k fourth data, and the fourth data is signature data of the user identifiers;
the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set, wherein data in the intersection set are located in the third data set and the fourth data set;
the first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set;
the first device sends the second intersection set to the second device.
In a second aspect of the present application, there is provided a data transmission device based on privacy interaction, the device comprising:
the device comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is used for acquiring a first data set, the first data set comprises m pieces of first data to be signed, the m pieces of first data to be signed are data obtained by blinding m user identifiers, and m is a positive integer greater than or equal to 1;
a sending unit, configured to send the first data set to a second device, so that the second device signs each first data to be signed in the first data set;
the receiving unit is used for receiving a second data set sent by the second device, wherein the second data set comprises m second data carrying signatures, and the second data set is obtained by the first device after signing the first data in the first data set by using a private key;
the processing unit is used for performing blind removing processing on the second data set to obtain a third data set, wherein the third data set comprises m pieces of third data, and the third data is signature data of user identification;
the receiving unit is further configured to receive a fourth data set sent by the second device, where the fourth data set is obtained after the second device performs signature processing on k user identifiers stored by the second device, and the fourth data set includes k fourth data, where the fourth data is signature data of the user identifiers;
the intersection unit is used for performing intersection according to the third data set and the fourth data set to obtain an intersection set, and data in the intersection set are located in the third data set and the fourth data set;
the processing unit is further used for processing the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set;
the sending unit is further configured to send the second intersection set to the second device.
In a third aspect of the embodiments of the present application, there is provided an electronic device, including: a processor, a memory;
the memory is used for storing computer readable instructions or computer programs;
the processor is configured to read the computer readable instructions or the computer program, so that the electronic device implements the data transmission method based on privacy interaction according to the first aspect.
In a fourth aspect of the present application, there is provided a computer readable storage medium having instructions stored therein, which when executed on a device, cause the device to perform the data transmission method based on privacy-based interaction of the first aspect.
In a fifth aspect of the present application, there is provided a computer program product which, when run on a computer, causes the computer to perform the data transmission method based on privacy-based mediation of the first aspect.
From this, this application has following beneficial effect:
in the method, a first device which initiates signature obtains a first data set, wherein the first data set comprises m pieces of first data to be signed, and the m pieces of first data to be signed are data after blind processing. The first device sends the first data set to a second device (signer) to sign the first data in the first data set with a private key by the second device to obtain a second data set. After the first device receives the second data set, blind removing processing is carried out on the second data in the second data set, and a third data set is obtained, wherein the third data set comprises m signatures of user identifiers. The first device also receives a fourth data set sent by the second device, where the fourth data set is obtained by the second device after performing signature processing on k user identifiers stored by the second device, and the fourth data set includes k fourth data, where the fourth data is signature data of the user identifiers. The first device performs intersection on the third data set and the fourth data set to obtain an intersection set, wherein data in the intersection set is included in the third data set and the fourth data set. The first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set, and sends the second intersection set to the second device. That is, the present application protects the intersection result by adding the secret sharing manner, so that the second device cannot directly learn the user identifier in the second intersection set when receiving the second intersection set, thereby protecting the data of the party (the first device) with the tag.
Drawings
Fig. 1 is a flowchart of a data transmission method based on privacy interaction according to an embodiment of the present application;
fig. 2 is a schematic view of an application scenario provided in an embodiment of the present application;
fig. 3 is a block diagram of a data transmission device based on privacy interaction according to an embodiment of the present application.
Detailed Description
In order to make the above objects, features and advantages of the present application more comprehensible, embodiments accompanied with figures and detailed description are described in further detail below.
In order to facilitate understanding of the technical solutions of the embodiments of the present application, technical terms related to the embodiments of the present application will be described below.
The PSI in the application adopts a private interaction technology based on public key encryption blind signature, namely RSA blind signature technology. In addition to satisfying the general digital signature conditions, the blind signature technique must satisfy two properties: 1. the signer is not visible to the message he signed, i.e. the signer does not know the specific content of the message he signed. 2. The signed message is not traceable, i.e. after the signed message is published, the signer cannot know which time he signed.
The blind signature process comprises the following steps: (1) The user blindly processes the message, so that the signer cannot identify the content of the message; (2) The user sends the self-blinded message to the signer; (3) the signer signs the blinded message; (4) The signer returns the blind message and the signature to the user; (5) After receiving the blinded information and signature returned by the signer, the user carries out blind removing processing to obtain the signature of the signer on the original information.
Let user be a, signer be B, public key be e, private key be d, and a public modulus n, user a requests user B to blindly sign message m.
1. Blind message: m' =m×r e *(mod n);
2. Signature message s '= (m') d *(mod n);
3. Blind message removal s=s' ×r -1 *(mod n)。
Add secret sharing (Additive Secret Sharing, ASS): the data owner has a data x and now shares the x secret to both parties a, B, party a randomly gets a part of it (after encryption) and party B randomly gets a part of it (after encryption). When the data needs to be recovered or calculated, one party sends the data to the other party or sends the data to a third party together.
Among them, additive has two meanings: 1. additive sharing (emphasis): this process differs from the general secret sharing in that all of its sharing is achieved by additive (additive) sharing, i.e. for each piece of shared information there is x =<x> a +<x> b The method comprises the steps of carrying out a first treatment on the surface of the 2. Additional information: the encryption is completed by sharing additional information on the original data, and the additional information needs to be stripped according to a certain rule during decryption.
Based on the above description, a data transmission method provided in the present application will be described below with reference to the accompanying drawings.
Referring to fig. 1, the flowchart of a data transmission method based on privacy intersection provided in an embodiment of the present application, as shown in fig. 1, the method may include:
s101: the first device obtains a first data set comprising m first data to be signed.
In this embodiment, as a signature initiator, a first device first acquires a first data set including one or more data to be signed. The first data in the first data set is the data after the user identification is subjected to the blinding treatment.
The specific implementation of the first device for performing the blinding processing on the user identifier includes: the method comprises the steps that first equipment obtains an initial data set, wherein the initial data set comprises m user identifications; the first device obtains a random number set, wherein the random number set comprises m random numbers, and the random numbers are in one-to-one correspondence with the user identifications. For any random number, the first device generates a blinding factor of a user identifier corresponding to the random number according to the public key and the random number. The first equipment carries out hash calculation on the user identification to obtain the processed user identification; for any processed user identifier, the first device multiplies the processed user identifier by a blinding factor corresponding to the processed user identifier to obtain a first data set. Wherein each random number in the set of random numbers is mutually exclusive of the modulus n, the public key e and the private key d are a key pair that is generated by the second device and that transmits the public key to the first device.
For example, the initial data set acquired by the first device is a user identifier list { P1, P2, …, P m } stored in the first device, where Pi represents an ith user identifier in the initial data set.
The first device generates a set of random numbers r= { R1, R2, …, rk }, ri representing an i-th random number in the set of random numbers, and Ri corresponding to Pi. The length of Ri may be determined according to practical situations, for example, ri is a 128-bit random number.
The blinding factor corresponding to the ith user identity is (Ri) e *mod n。
For each user identifier Pi, a Hash calculation may be performed on the user identifier Pi to obtain a Hash value of the user identifier, i.e. a processed user identifier Hash (Pi). The preprocessing step is optional, if the first device performs hash computation on the user identifier, the second device also performs hash computation on the user identifier before signing the user identifier stored by the second device, so that the consistency of the processing of the user identifier by the two parties is ensured.
Multiplying the hash value of the user identifier by a corresponding blinding factor to obtain first data: y (i) = { [ (Ri) e *mod n]*Hash(Pi)}。
S102: the first device transmits the first data set to the second device.
S103: the second device signs the first data in the first data set by using the private key to obtain a second data set.
In this embodiment, after acquiring the first data set, the first device sends the first data set to the second device, so that the second device signs the first data in the first data set to obtain the second data set. Wherein the second data set comprises m second data carrying signatures. Specifically, the second device signs each of the first data with the private key to obtain second data. For example, the second device signs the first data with a fast power modulo algorithm Z (i) =y (i) d mod n。
When the second device signs, the corresponding signature object is the first data and is not the user identifier, so that the confidentiality of the user identifier in the first data can be ensured, and the second device cannot acquire the signed user identifier.
S104: the second device sends the second data set to the first device.
And after the second device completes the signature, the second data set obtained after the signature is sent to the second device, so that the first device processes the signature data aiming at the user identifier.
S105: and the first device performs blind removing processing on the second data set to obtain a third data set.
When the second device signs, the signed object is the first data, namely the data of the user identifier after blind processing, and the first device needs to perform blind removing processing on the second data in the second data set in order to obtain the signed data aiming at the user identifier.
Optionally, the blind removing process is an inverse process of the blinding process, and the first device divides the second data by a random number corresponding to the user identifier in the second data for any second data in the second data set, so as to obtain a third data set. For example, the third data is { [ (Ri) e mod n]*Hash(Pi)} d mod n/Ri=[Hash(Pi)] d mod n。
It should be noted that if the first device pre-processes the user identifier, the third data is [ Hash (Pi)] d mod n, i.e. the signature data of the hash value of the user identity. If the first device does not preprocess the user identification, the third data is (Pi)] d mod n, the signature data of the user identity.
After blind removal processing, for verifying that the obtained signature data is signed by the second device to obtain data, for any third data obtained, the first device calculates the third data by using the public key to obtain a first calculation result; when the first calculation result is equal to the processed user identification corresponding to the user identification in the third data, the first device determines that the third data is signature data generated by the second device. Specifically, the first device performs a fast power modulo calculation on the third data using the public key to obtain a first calculation result. For example, the first calculation result= [ third data ]] e mod n=[[Hash(Pi)] d mod n] e mod n, if the first calculation result=hash (Pi), indicates that the third data is signature data generated by the second device.
If the first calculation result is not equal to the processed user identification corresponding to the user identification in the third data, the first equipment respectively takes the remainder of the second data for the modulus n and the random number corresponding to the user identification in the second data aiming at any second data in the second data set to obtain a first remainder and the second data; the first device determines a target value according to the first remainder, the second remainder and the random number; the first device multiplies the target value by the modulus, adds second data, and obtains a second calculation result when the sum value is at the random number; the first device generates a third data set using the second calculation result. The target data satisfies a preset condition, wherein the preset condition means that the sum of the product of the target value and the second remainder plus the first remainder can be divided by the random number, and the target value is the minimum value of a plurality of values satisfying the preset condition.
Specifically, the remainder of Z (i) and modulus n for Ri, respectively, is calculated as modZ (i) (first remainder) and modn (second remainder), respectively. The loop calculates the smallest positive integer ti (target value) so that (ti x modn+modz (i)) can be divided by Ri. After ti is obtained, calculating (ti+n+Z (i))/Ri, and taking the calculation result as signature data [ Hash (Pi) of the ith user identifier] d mod n。
And obtaining a second calculation result corresponding to each second data through the calculation, and generating a third data set by using the plurality of second calculation results.
S106: the second device signs k user identifications stored by the second device to obtain a fourth data set.
In order to achieve the exchange, the second device also needs to sign k user identities stored in the second device to obtain a fourth data set. The fourth data set includes k fourth data, which are signature data of the user identification.
Optionally, if the first device performs a preprocessing operation on the self-stored user identifier, the second device also performs preprocessing on the self-stored user identifier, and then performs signature to obtain fourth data, where the fourth data is signature data of the processed user identifier. For example, if the Hash preprocessing is performed, the fourth data is [ Hash (Qi)] d mod n is the signature data of the hash value of the user identification.
In this embodiment, the execution order of S105 and S106 is not limited, and S106 may be executed first, S105 may be executed later, or S105 and S106 may be executed simultaneously.
S107: the second device sends the fourth data set to the first device.
S108: and the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set.
After the second device obtains the fourth data set, the fourth data set is sent to the first device, so that the first device performs intersection on the third data set and the fourth data set after receiving the fourth data set, and an intersection set is obtained. Wherein the data in the intersection set is contained in both the third data set and the fourth data set.
Optionally, when the fourth data in the fourth data set is obtained by performing hash computation on the user identifier stored by the second device, signing the user identifier, and performing hash computation again, the first device performs hash computation on the third data before performing intersection, so as to obtain the processed third data set. And then, the first device performs intersection according to the processed third data set and the processed fourth data set to obtain an intersection set. For example, the processed third data set dpi=hash { [ Hash (Pi)] d mod n }, fourth data set DQi = Hash { [ Hash (Qi)] d mod n, the data in the set is the hash value of the signature value of the hash value of the user identification.
S109: the first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set.
After the first device obtains the intersection set, the first device performs division processing on the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set. Wherein the first intersection set and the second intersection set are part of the encrypted information in the intersection set. That is, the union of the first intersection set and the second intersection set is the intersection set.
S110: the first device sends the second intersection set to the second device.
The first device sends the second intersection set to the second device, so that the second device can store the encrypted second intersection set, and the second device can be prevented from knowing the user identification with the intersection, and the protection information is exposed.
Optionally, the first device transmits the second intersection set to the second device via an unintentional transport protocol. Wherein the careless transmission protocol is a cryptographic protocol in which the sender of a message sends a message to the recipient from a number of messages to be sent, but it is not known afterwards which message was sent. That is, the first device is unknowable about the second set of intersections sent to the second device.
Alternatively, when the first device needs to perform model training with the intersection set, it may request the second device to send the second intersection set to the first device. The first device, upon receiving the second intersection set, may restore the intersection set in conjunction with the first intersection set.
Through the embodiment, the first device acquires a first data set, where the first data set includes m pieces of first data to be signed, and the m pieces of first data to be signed are data after blind processing. The first device sends the first data set to a second device (signer) to sign the first data in the first data set with a private key by the second device to obtain a second data set. After the first device receives the second data set, blind removing processing is carried out on the second data in the second data set, and a third data set is obtained, wherein the third data set comprises m signatures of user identifiers. The first device also receives a fourth data set sent by the second device, where the fourth data set is obtained by the first device after performing signature processing on k user identifiers stored by the first device, and the fourth data set includes k fourth data, where the fourth data is signature data of the user identifiers. The first device performs intersection on the third data set and the fourth data set to obtain an intersection set, wherein data in the intersection set is included in the third data set and the fourth data set. The first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set, and sends the second intersection set to the second device. That is, the present application protects the intersection result by adding the secret sharing manner, so that the second device cannot directly learn the user identifier in the second intersection set when receiving the second intersection set, thereby protecting the data of the party (the first device) with the tag.
For easy understanding of the embodiment of the present application, the second intersection set is sent to the second device through addition secret sharing, see the application scenario schematic shown in fig. 2. Such asIn this application scenario, as shown in fig. 2, including party a (with a tag) and party B, party a may provide insurance purchase data, party B may be e-commerce user data, and in order to avoid that party B may exit which users purchase insurance in combination with the intersection result, when sending the intersection result to party B, the intersection result is sent to party B in an additive secret sharing manner. Specifically, the intersection result X is shared to the party A and the party B in secret, and the encryption result is { X } a Sum { x }, of b . Party a uses an unintentional transport protocol to transmit { x } b And additional data c is sent to party B. When party A needs to restore intersection result x, party B will share result c { x } b And the message is sent to the participant A, and the participant A restores the message.
Based on the above method embodiments, the embodiments of the present application further provide a data transmission device, which will be described below with reference to the accompanying drawings.
Referring to fig. 3, the diagram is a structure diagram of a data transmission device based on privacy intersection provided in an embodiment of the present application, and as shown in fig. 3, the device includes: acquisition unit 301, transmission unit 302, reception unit 303, processing unit 304, and delivery unit 305.
An obtaining unit 301, configured to obtain a first data set, where the first data set includes m pieces of first data to be signed, where the m pieces of first data to be signed are data obtained by performing blind processing on m user identifiers, and m is a positive integer greater than or equal to 1;
a sending unit 302, configured to send the first data set to a second device, so that the second device signs each first data to be signed in the first data set;
a receiving unit 303, configured to receive a second data set sent by the second device, where the second data set includes m second data carrying signatures, and the second data set is obtained by the first device performing signature processing on first data in the first data set by using a private key;
a processing unit 304, configured to perform blind removal processing on the second data set, to obtain a third data set, where the third data set includes m third data, and the third data is signature data of a user identifier;
the receiving unit 303 is further configured to receive a fourth data set sent by the second device, where the fourth data set is obtained by performing signature processing on k user identifiers stored by the second device, and the fourth data set includes k fourth data, where the fourth data is signature data of the user identifiers;
an intersection unit 305, configured to perform intersection according to the third data set and the fourth data set, so as to obtain an intersection set, where data in the intersection set is located in the third data set and the fourth data set;
the processing unit 304 is further configured to process the intersection set in an addition secret sharing manner to obtain a first intersection set and a second intersection set;
a sending unit 302, configured to send the second intersection set to the second device.
In a specific implementation, the sending unit 302 is specifically configured to send the second intersection set to the second device through an unintentional transport protocol.
In a specific implementation manner, the obtaining unit 301 is specifically configured to obtain an initial data set by using the first device, where the initial data set includes the m user identities; acquiring a random number set, wherein the random number set comprises m random numbers, and the random numbers are in one-to-one correspondence with the user identifications; generating a blinding factor of a user identifier corresponding to the random number according to a public key and the random number aiming at any random number in the random number set, wherein the public key and the private key are a key pair; performing hash calculation on the user identification aiming at any user identification in the initial data set to obtain a processed user identification; and multiplying the processed user identifier by a blinding factor corresponding to the processed user identifier for any processed user identifier to obtain a first data set.
In a specific implementation manner, the processing unit 304 is specifically configured to divide, for any second data in the second data set, the second data by a random number corresponding to a user identifier in the second data, so as to obtain a third data set.
In a specific implementation manner, before obtaining a third data set and before performing the intersection, the processing unit 304 is further configured to calculate, for any third data in the third data set, the third data with the public key, to obtain a first calculation result; and when the first calculation result is equal to the processed user identification corresponding to the user identification in the third data, determining that the third data is signature data generated by the second equipment.
In a specific implementation manner, when the first calculation result is not equal to the processed user identifier corresponding to the user identifier in the third data, the processing unit 304 is further configured to, for any second data in the second data set, respectively remainder the second data and the modulus with respect to the random number corresponding to the user identifier in the second data, to obtain a first remainder and a second remainder; determining a target numerical value according to the first remainder, the second remainder and the random number, wherein the target numerical value meets a preset condition, the preset condition is that the sum of the product of the target numerical value and the second remainder plus the first remainder can be divided by the random number, and the target numerical value is the minimum value of a plurality of numerical values meeting the preset condition; multiplying the target value by the modulus, adding the second data, and dividing the sum by the random number to obtain a second calculation result; and generating a third data set by using the second calculation result.
In a specific implementation manner, the intersection unit 305 is further configured to, when the fourth data set is obtained by signing and hashing k user identifiers stored by the second device, perform hash computation on any third data in the third data set to obtain a processed third data set; and performing intersection according to the processed third data set and the fourth data set to obtain an intersection set.
It should be noted that, specific implementations of each unit in this embodiment may refer to related descriptions in the foregoing method embodiment, and this embodiment is not repeated herein.
In addition, an embodiment of the present application provides an apparatus, including: a processor, a memory;
the memory is used for storing computer readable instructions or computer programs;
the processor is configured to read the computer readable instructions or the computer program, so that the device implements the data transmission method.
The embodiments of the present application provide a computer readable storage medium comprising instructions or a computer program which, when run on a computer, causes the computer to perform the data transmission method described above.
It should be noted that, in the present description, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different manner from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the system or device disclosed in the embodiments, since it corresponds to the method disclosed in the embodiments, the description is relatively simple, and the relevant points refer to the description of the method section.
It should be understood that in this application, "at least one" means one or more, and "a plurality" means two or more. "and/or" for describing the association relationship of the association object, the representation may have three relationships, for example, "a and/or B" may represent: only a, only B and both a and B are present, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
It is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. A data transmission method based on privacy intersection, the method comprising:
the method comprises the steps that first equipment obtains a first data set, wherein the first data set comprises m pieces of first data to be signed, the m pieces of first data to be signed are data obtained by blinding m user identifications, and m is a positive integer greater than or equal to 1;
the first device sends the first data set to a second device so that the second device signs each first data to be signed in the first data set;
the first device receives a second data set sent by the second device, wherein the second data set comprises m second data carrying signatures, and the second data set is obtained by the second device after signing the first data in the first data set by using a private key;
the first device performs blind removing processing on the second data set to obtain a third data set, wherein the third data set comprises m pieces of third data, and the third data is signature data of user identification;
before the third data set is acquired and before the intersection is made, the method further comprises:
for any one third data in the third data set, the first device calculates the third data by using a public key to obtain a first calculation result;
when the first calculation result is equal to the processed user identifier corresponding to the user identifier in the third data, the first device determines that the third data is signature data generated by the second device;
the first device receives a fourth data set sent by the second device, wherein the fourth data set is obtained after the second device performs signature processing on k user identifiers stored by the second device, the fourth data set comprises k fourth data, and the fourth data is signature data of the user identifiers;
the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set, wherein data in the intersection set are located in the third data set and the fourth data set;
the first device processes the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set; the union of the first intersection set and the second intersection set is an intersection set;
the first device sends the second intersection set to the second device.
2. The method of claim 1, wherein the first device transmitting the second intersection set to the second device comprises:
the first device transmits the second intersection set to the second device via an unintentional transport protocol.
3. The method according to claim 1 or 2, wherein the first device obtaining a first data set comprises:
the first device obtains an initial data set, wherein the initial data set comprises the m user identifications;
the first device obtains a random number set, wherein the random number set comprises m random numbers, and the random numbers are in one-to-one correspondence with the user identifications;
for any random number in the random number set, the first device generates a blinding factor of a user identifier corresponding to the random number according to a public key and the random number, wherein the public key and the private key are a key pair;
for any user identifier in the initial data set, the first device performs hash calculation on the user identifier to obtain a processed user identifier;
for any processed user identifier, the first device multiplies the processed user identifier by a blinding factor corresponding to the processed user identifier to obtain a first data set.
4. A method according to claim 3, wherein the first device blindly processing the second data set to obtain a third data set, comprising:
and for any second data in the second data set, the first device divides the second data by a random number corresponding to the user identification in the second data to obtain a third data set.
5. The method according to claim 4, wherein the method further comprises:
when the first calculation result is unequal to the processed user identifier corresponding to the user identifier in the third data, for any second data in the second data set, the first device respectively takes the remainder of the random number corresponding to the user identifier in the second data by the second data and the modulus to obtain a first remainder and a second remainder;
the first device determines a target value according to the first remainder, the second remainder and the random number, wherein the target value meets a preset condition, the preset condition is that the product of the target value and the second remainder plus the sum of the first remainder can be divided by the random number, and the target value is the minimum value of a plurality of values meeting the preset condition;
the first device multiplies the target value by the modulus and then adds the second data, and divides the sum by the random number to obtain a second calculation result;
the first device generates a third data set using the second calculation result.
6. The method according to any one of claims 4-5, wherein the fourth data set is obtained by the second device after signing and hashing k user identities stored by the second device, and the first device performs intersection according to the third data set and the fourth data set to obtain an intersection set, including:
for any one third data in the third data set, the first device performs hash calculation on the third data to obtain a processed third data set;
and the first equipment performs intersection according to the processed third data set and the fourth data set to obtain an intersection set.
7. A data transmission device based on privacy exchange, the device comprising:
the device comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is used for acquiring a first data set, the first data set comprises m pieces of first data to be signed, the m pieces of first data to be signed are data obtained by blinding m user identifiers, and m is a positive integer greater than or equal to 1;
a sending unit, configured to send the first data set to a second device, so that the second device signs each first data to be signed in the first data set;
the receiving unit is used for receiving a second data set sent by the second equipment, wherein the second data set comprises m second data carrying signatures, and the second data set is obtained by the second equipment after signing the first data in the first data set by utilizing a private key;
the processing unit is used for performing blind removing processing on the second data set to obtain a third data set, wherein the third data set comprises m pieces of third data, and the third data is signature data of user identification;
the processing unit is used for calculating any one of third data in the third data set by utilizing a public key before acquiring the third data set and carrying out intersection so as to obtain a first calculation result; when the first calculation result is equal to the processed user identification corresponding to the user identification in the third data, determining that the third data is signature data generated by the second device;
the receiving unit is further configured to receive a fourth data set sent by the second device, where the fourth data set is obtained after the second device performs signature processing on k user identifiers stored by the second device, and the fourth data set includes k fourth data, where the fourth data is signature data of the user identifiers;
the intersection unit is used for performing intersection according to the third data set and the fourth data set to obtain an intersection set, and data in the intersection set are located in the third data set and the fourth data set;
the processing unit is further used for processing the intersection set in an addition secret sharing mode to obtain a first intersection set and a second intersection set; the union of the first intersection set and the second intersection set is an intersection set;
the sending unit is further configured to send the second intersection set to the second device.
8. An electronic device, comprising: a processor, a memory;
the memory is used for storing computer readable instructions or computer programs;
the processor is configured to read the computer readable instructions or the computer program to cause the electronic device to implement the data transmission method based on privacy intersection as claimed in any one of claims 1 to 6.
9. A computer readable storage medium having instructions stored therein which, when executed on a device, cause the device to perform the privacy-based data transmission method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210368082.XA CN114726542B (en) | 2022-04-08 | 2022-04-08 | Data transmission method and device based on privacy intersection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210368082.XA CN114726542B (en) | 2022-04-08 | 2022-04-08 | Data transmission method and device based on privacy intersection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114726542A CN114726542A (en) | 2022-07-08 |
| CN114726542B true CN114726542B (en) | 2024-04-09 |
Family
ID=82240965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210368082.XA Active CN114726542B (en) | 2022-04-08 | 2022-04-08 | Data transmission method and device based on privacy intersection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114726542B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116821936A (en) * | 2023-06-30 | 2023-09-29 | 北京海泰方圆科技股份有限公司 | Method and device for determining data intersection |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018119670A1 (en) * | 2016-12-27 | 2018-07-05 | 深圳大学 | Method and device for certificateless partially blind signature |
| CN109274501A (en) * | 2018-10-25 | 2019-01-25 | 广西师范大学 | License block chain method for secret protection based on Proxy Signature |
| CN109818730A (en) * | 2019-03-06 | 2019-05-28 | 矩阵元技术(深圳)有限公司 | Acquisition methods, device and the server of Proxy Signature |
| CN113032840A (en) * | 2021-05-26 | 2021-06-25 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and computer readable storage medium |
| CN113127916A (en) * | 2021-05-18 | 2021-07-16 | 腾讯科技(深圳)有限公司 | Data set processing method, data processing device and storage medium |
| CN113434888A (en) * | 2021-07-06 | 2021-09-24 | 建信金融科技有限责任公司 | Data sharing method, device, equipment and system |
| CN113569267A (en) * | 2021-09-23 | 2021-10-29 | 上海钐昆网络科技有限公司 | Privacy safety data set intersection method, device, equipment and storage medium |
| CN113761570A (en) * | 2021-08-16 | 2021-12-07 | 高语澈 | Privacy intersection-oriented data interaction method |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3741081B1 (en) * | 2018-01-16 | 2021-10-13 | Nchain Holdings Limited | Computer implemented method and system for obtaining digitally signed data |
| EP3580685B1 (en) * | 2018-04-19 | 2021-03-24 | Google LLC | Security measures for determination of private set intersections |
| CN111931207B (en) * | 2020-08-07 | 2024-04-09 | 北京百度网讯科技有限公司 | Method, device, equipment and storage medium for obtaining privacy set intersection |
-
2022
- 2022-04-08 CN CN202210368082.XA patent/CN114726542B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018119670A1 (en) * | 2016-12-27 | 2018-07-05 | 深圳大学 | Method and device for certificateless partially blind signature |
| CN109274501A (en) * | 2018-10-25 | 2019-01-25 | 广西师范大学 | License block chain method for secret protection based on Proxy Signature |
| CN109818730A (en) * | 2019-03-06 | 2019-05-28 | 矩阵元技术(深圳)有限公司 | Acquisition methods, device and the server of Proxy Signature |
| CN113127916A (en) * | 2021-05-18 | 2021-07-16 | 腾讯科技(深圳)有限公司 | Data set processing method, data processing device and storage medium |
| CN113032840A (en) * | 2021-05-26 | 2021-06-25 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and computer readable storage medium |
| CN113434888A (en) * | 2021-07-06 | 2021-09-24 | 建信金融科技有限责任公司 | Data sharing method, device, equipment and system |
| CN113761570A (en) * | 2021-08-16 | 2021-12-07 | 高语澈 | Privacy intersection-oriented data interaction method |
| CN113569267A (en) * | 2021-09-23 | 2021-10-29 | 上海钐昆网络科技有限公司 | Privacy safety data set intersection method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114726542A (en) | 2022-07-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110166239B (en) | User private key generation method and system, readable storage medium and electronic device | |
| CN111130803B (en) | Method, system and device for digital signature | |
| EP1830514B1 (en) | Hybrid digital signature scheme | |
| EP2228942A1 (en) | Securing communications sent by a first user to a second user | |
| CN109728906B (en) | Anti-quantum-computation asymmetric encryption method and system based on asymmetric key pool | |
| CN112118113B (en) | Multi-party cooperative group signature method, device, system and medium based on SM2 algorithm | |
| CN109905229B (en) | Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool | |
| CN113360943A (en) | Block chain private data protection method and device | |
| CN105354233A (en) | Linear SVM classification service query system and method with two-way privacy protection | |
| JP2004336794A (en) | Method and apparatus for generation of public key based on user-defined id in cryptosystem | |
| CN114726542B (en) | Data transmission method and device based on privacy intersection | |
| CN111161075B (en) | Blockchain transaction data proving and supervising method, system and related equipment | |
| CN112350820B (en) | Multi-receiver signcryption method, sending end, receiving end, system and storage medium | |
| CN110830237A (en) | CPK key generation method, device, entity and key center based on time | |
| WO2021115591A1 (en) | Devices and sharing methods for private set intersection | |
| CN111552950A (en) | Software authorization method and device and computer readable storage medium | |
| Lin et al. | Efficient vehicle ownership identification scheme based on triple-trapdoor chameleon hash function | |
| Omote et al. | An anonymous auction protocol with a single non-trusted center using binary trees | |
| Kasunde et al. | Verification of multi-owner shared data with collusion resistant user revocation in cloud | |
| CN114257374B (en) | Verifiable secure outsourcing calculation method and system for identifying cryptosystem | |
| CN113268749B (en) | Bid information processing method and module and electronic equipment | |
| CN110598427A (en) | Data processing method, system and storage medium | |
| CN112769539B (en) | Method and system for generating RSA key and cooperating with RSA signature and decryption | |
| CN113268777B (en) | Bid information processing method and module based on block chain and electronic equipment | |
| CN112491840B (en) | Information modification method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |