CN114756895A - Secret trace data verification method and system based on homomorphic encryption - Google Patents

Secret trace data verification method and system based on homomorphic encryption Download PDF

Info

Publication number
CN114756895A
CN114756895A CN202210676985.4A CN202210676985A CN114756895A CN 114756895 A CN114756895 A CN 114756895A CN 202210676985 A CN202210676985 A CN 202210676985A CN 114756895 A CN114756895 A CN 114756895A
Authority
CN
China
Prior art keywords
data
vector
party
characteristic value
query
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210676985.4A
Other languages
Chinese (zh)
Other versions
CN114756895B (en
Inventor
冯新宇
王湾湾
何浩
姚明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dongjian Intelligent Technology Co ltd
Original Assignee
Shenzhen Dongjian Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Dongjian Intelligent Technology Co ltd filed Critical Shenzhen Dongjian Intelligent Technology Co ltd
Priority to CN202210676985.4A priority Critical patent/CN114756895B/en
Publication of CN114756895A publication Critical patent/CN114756895A/en
Application granted granted Critical
Publication of CN114756895B publication Critical patent/CN114756895B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The embodiment of the application provides a traceback data verification method and system based on homomorphic encryption, and relates to the technical field of data security and privacy protection. A homomorphic encryption technology is introduced, data to be checked are coded into a computable integer value after characteristic value operation, encryption calculation is carried out through the homomorphic encryption technology, a query function in a ciphertext state is constructed to calculate a data checking result, the data privacy of a query party is not exposed in the whole query process, meanwhile, the query party can only obtain the final checking result of the data to be checked, and other additional information of the queried party cannot be obtained, so that the data privacy of both parties is protected. And the communication overhead is greatly reduced, and better query performance can be ensured in the scene of mass data.

Description

Secret trace data verification method and system based on homomorphic encryption
Technical Field
The application relates to the technical field of data security and privacy protection, in particular to a traceable data verification method and system based on homomorphic encryption.
Background
The three-element check is used for checking the identity of a user who is resident or uses the product authority by comparing a name, an identity card number and a mobile phone number, and is mainly used for the identity check of a network platform, an inquiring party provides three-element (identity card, name and mobile phone number) inquiry information of the user to initiate the inquiry check to an operator mechanism, the inquiry check is compared with a database of an operator, and a check result is returned, so that whether the three elements to be checked are consistent with data stored by the operator is judged, the inquiring party is helped to make a decision on a service level, and fraudulent behaviors are avoided from a source.
The existing three-element verification method comprises the following two steps:
1. direct verification: the inquiring party provides three-element plaintext or corresponding hash values, the server (inquired party) performs direct matching, and returns an inquiry result.
The method has the advantages that: and a special calculation process is not needed, only plaintext matching or character string matching after hash value calculation is performed, and the query efficiency is high.
The disadvantages of this approach: without any privacy protection measures, the three-element information of the inquirer can be exposed to the inquired party.
2. Verification based on an oblivious transport protocol: the inquiring party randomly encodes the three elements to be inquired, and determines whether the three elements to be inquired exist or not by executing an Oblivious Transfer (OT) protocol with the inquired party.
The method has the advantages that: the method can contain the three-element information of the inquirer, namely, the inquired party can only return the inquiry result, but does not know the specific content of the three elements inquired by the inquirer.
The disadvantages of this approach: the number of communication rounds is large, the communication overhead is large, the requirement on the network environment is harsh, and the requirement on the query performance is difficult to meet under the condition of mass data.
Disclosure of Invention
An object of the embodiments of the present application is to provide a method and a system for verifying covert data based on homomorphic encryption, which are capable of achieving efficient data verification on the premise of protecting privacy information of both parties.
The specific technical scheme is as follows:
in order to achieve the above object, an embodiment of the present application provides a traceback data verification method based on homomorphic encryption, where the method includes:
the method comprises the steps that an inquirer calculates a target characteristic value of data to be checked, the barrel number of a target barrel to which the target characteristic value belongs is calculated according to a barrel dividing rule of the inquired party on the data characteristic value, and the first number of the data characteristic value contained in the target barrel is determined;
the inquiring party segments the target characteristic value based on a preselected coding length and copies a segmentation result based on the first number to obtain an inquiry vector;
the inquiring party encrypts the inquiry vector in a homomorphic way to obtain an encrypted inquiry vector, and sends a public key, the barrel number, the coding length and the encrypted inquiry vector which are encrypted in the homomorphic way to the inquired party;
the inquired party determines a sub-bucket characteristic value corresponding to the bucket number, wherein the sub-bucket characteristic value consists of the data characteristic values of the first number;
the inquired party divides each data characteristic value in the sub-bucket characteristic values according to the coding length to obtain a plaintext vector;
The inquired party calculates the difference value between the encrypted query vector and the plaintext vector under homomorphic encryption according to the public key, multiplies the difference value by a random mask under homomorphic encryption to obtain a ciphertext query result vector, and sends the ciphertext query result vector to the inquired party;
and the inquiring party decrypts the ciphertext inquiry result vector according to the homomorphic encrypted private key to obtain a plaintext inquiry result vector, and judges whether the data to be checked is correct or not according to the plaintext inquiry result vector.
Optionally, the step of homomorphically encrypting the query vector to obtain an encrypted query vector includes:
and performing homomorphic encryption calculation of a preset type on the query vector by adopting a single instruction multiple data technology to obtain an encrypted query vector.
Optionally, the step of determining whether the data to be verified is correct according to the plaintext query result vector includes:
and traversing elements in the plaintext inquiry result vector by taking the encoding length as a unit, and if the elements with continuous encoding lengths are zero, determining that the data to be checked is correct.
Optionally, the method further includes:
The inquired party converts the stored data into data characteristic values in advance, carries out barrel division on the data characteristic values according to a preset barrel division rule to obtain a plurality of barrel division characteristic values, and sends the number of the data characteristic values contained in each barrel division characteristic value to the inquired party.
Optionally, after the queried party determines the sub-bucket feature value corresponding to the bucket number, the method further includes:
and carrying out random reordering on the data characteristic values contained in the sub-bucket characteristic values corresponding to the bucket numbers.
Optionally, the data characteristic value is a hash value obtained by performing hash operation on data.
Optionally, the data to be verified is three-factor data including a name, an identification card number and a mobile phone number.
In order to achieve the above object, an embodiment of the present application further provides a traceback data verification system based on homomorphic encryption, where the system includes: an inquirer and an inquired party;
the inquiring party is used for calculating a target characteristic value of the data to be checked, calculating a barrel number of a target barrel to which the target characteristic value belongs according to a barrel dividing rule of the inquired party on the data characteristic value, and determining a first number of the data characteristic value contained in the target barrel;
The inquiring party is also used for segmenting the target characteristic value based on the preselected coding length and copying the segmentation result based on the first number to obtain an inquiring vector;
the inquiring party is also used for carrying out homomorphic encryption on the inquiry vector to obtain an encrypted inquiry vector and sending a homomorphic encrypted public key, the barrel number, the coding length and the encrypted inquiry vector to the inquired party;
the inquired party is used for determining a sub-bucket characteristic value corresponding to the bucket number, wherein the sub-bucket characteristic value consists of the data characteristic values of the first number;
the inquired party is also used for segmenting each data characteristic value in the barreled characteristic values according to the coding length to obtain a plaintext vector;
the inquired party is also used for calculating a difference value between the encrypted query vector and the plaintext vector under homomorphic encryption according to the public key, multiplying the difference value by a random mask under homomorphic encryption to obtain a ciphertext query result vector, and sending the ciphertext query result vector to the inquiring party;
the inquiring party is also used for decrypting the ciphertext inquiry result vector according to the homomorphic encrypted private key to obtain a plaintext inquiry result vector, and judging whether the data to be checked is correct or not according to the plaintext inquiry result vector.
The embodiment of the application has the following beneficial effects:
by applying the secret trail data verification method and system based on homomorphic encryption, a homomorphic encryption technology is introduced, data to be verified are coded into a computable integer value after characteristic value operation, encryption calculation is carried out through the homomorphic encryption technology, a query function in a ciphertext state is constructed to calculate a data verification result, the data privacy of a query party cannot be exposed in the whole query process, and secret trail data verification can be achieved. Meanwhile, the inquiring party can only obtain the final verification result of the data to be verified, and cannot obtain other additional information of the inquired party, so that the data privacy of the two parties is protected.
And when the inquired party checks the data under homomorphic encryption, only addition and multiplication operations at corresponding positions are needed to be carried out on the elements in the vector, a large amount of multiplication and concatenation operations are cancelled, and finally the inquired party determines a three-element checking result by judging whether zero elements exist in the vector, so that the inquiry efficiency is greatly improved.
In addition, in the whole data verification process, the number of communication rounds between the inquiring party and the inquired party is small, compared with the verification process based on an accidental transmission protocol, the communication overhead is greatly reduced, and better query performance can be ensured in the scene of mass data.
Of course, it is not necessary for any product or method of the present application to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a traceback data verification method based on homomorphic encryption according to an embodiment of the present application;
fig. 2 is a schematic diagram of an obfuscated data verification method based on homomorphic encryption according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments that can be derived by one of ordinary skill in the art from the description herein are intended to be within the scope of the present disclosure.
In order to solve the technical problem that massive data is difficult to process due to the fact that no privacy protection measures are provided or the number of communication rounds is large and communication overhead is large in the existing data verification method, the embodiment of the application provides a traceable data verification method and system based on homomorphic encryption.
Referring to fig. 1, fig. 1 is a schematic flowchart of a method for verifying cloak data based on homomorphic encryption according to an embodiment of the present application, where the method may include the following steps:
s101: the inquiring party calculates a target characteristic value of the data to be checked, calculates a barrel number of a target barrel to which the target characteristic value belongs according to a barrel dividing rule of the inquired party on the data characteristic value, and determines a first number of the data characteristic values contained in the target barrel.
For ease of understanding, the covert trace data verification is briefly described below. The missing data verification can be understood as data verification for protecting privacy information, which means that a query party hides keywords of a queried object, and the query party provides a matched query result but cannot know which query object specifically corresponds to.
In the embodiment of the present application, the inquiring party may be an electronic device or a server that needs to verify data, for example, a server that verifies user information in a network platform; the inquired party refers to an electronic device or a server storing a large amount of real data, such as a server or a database storing user information in an operator institution. And the data to be verified may be data for verifying the identity of the user.
In an embodiment of the application, the data to be verified is three-factor data including a name, an identification card number and a mobile phone number.
As an example, the network platform performs identity verification on the user who is in residence or uses the product right, and the server of the network platform may be used as an inquirer and initiate inquiry verification to the server of the operator institution, that is, the server of the operator institution is used as an inquired party. And through the inquiry check, judging whether the three-element data required to be checked by the inquirer is consistent with the data stored by the operator institution or not, thereby helping the inquirer to make a decision on a service level.
In this step, the inquiring party performs characteristic value operation on the data to be checked to obtain a target characteristic value.
In an embodiment of the present application, the characteristic value operation may be a hash operation, and correspondingly, the data characteristic value is a hash value obtained by performing a hash operation on data.
And then calculating the bucket number of the target bucket to which the target characteristic value belongs according to the bucket dividing rule of the inquired party on the data characteristic value.
The inquired party can send the bucket-dividing rule of the inquired party on the data characteristic value to the inquiring party in advance.
Specifically, in an embodiment of the present disclosure, the inquired party converts the stored data into the data characteristic values in advance, and then performs barrel division on the data characteristic values according to a preset barrel division rule to obtain a plurality of barrel division characteristic values.
Because the inquired party stores a large amount of data, in order to avoid comparing with the whole database when checking the data each time, the inquired party can pre-partition the stored data into buckets.
As one example, the bucketing rule may be expressed as:
Figure 768361DEST_PATH_IMAGE001
Figure 662367DEST_PATH_IMAGE002
the number of the sub-bucket is shown,
Figure 229615DEST_PATH_IMAGE003
a hash value representing the three elements of the hash value,
Figure 921015DEST_PATH_IMAGE004
it is indicated that the remainder operation is performed,
Figure 370451DEST_PATH_IMAGE005
indicating the number of buckets that are preset.
The inquired party can send the rule of the sub-bucket, the number of the sub-buckets and the number of the data characteristic value contained in each sub-bucket to the inquired party in advance.
Therefore, the inquiring party can calculate the bucket number of the target bucket to which the target characteristic value belongs according to the bucket dividing rule of the inquired party on the data characteristic value, and determine the first number of the data characteristic value contained in the target bucket.
It should be noted that, because the queried party introduces the bucket dividing technology based on the hash module operation, the queried party can determine the number of the buckets according to the service requirement, so as to achieve dynamic balance between the privacy protection strength and the query performance.
Specifically, the inquired party can determine the target sub-buckets to which the data to be checked of the inquirer belongs, so that under the condition that the total amount is fixed, the smaller the number of the sub-buckets is, the more the data volume contained in each sub-bucket is, the less the inquired party can guess the data to be checked, the better the privacy protection of the inquirer is, but the more the data volume to be traversed in each inquiry is, and certain negative influence can be generated on the inquiry performance.
Conversely, the larger the number of the sub-buckets, the smaller the data volume contained in each sub-bucket, so that the inquired party can guess the data to be checked more easily, the privacy of the inquired party is not protected, but the data volume required to be traversed in each inquiry is also smaller, and the inquiry performance is improved.
Therefore, in the embodiment of the application, a bucket dividing strategy based on integer mode operation is introduced, the data of the inquired party is divided into buckets during data preprocessing, the inquired party and the inquired party share the same bucket dividing rule, and the inquiry performance and the privacy protection intensity can be balanced by adjusting the bucket dividing strategy, so that the support of data verification requirements under different scenes is realized.
S102: the inquiring party segments the target characteristic value based on the preselected coding length and copies the segmentation result based on the first number to obtain an inquiring vector.
Specifically, if the coding length is k, the target characteristic value is segmented, that is, the target characteristic value is segmented into k parts, so that k elements are obtained.
Then, in order to keep consistent with the data amount in the target sub-bucket of the inquired party, the partition result can be copied according to the first number to obtain the inquiry vector.
As one example, if the first number of data eigenvalues that the target bucket contains is m, then the target eigenvalue is copied into m shares, resulting in a query vector. Since the target feature value has been split into k elements, the query vector contains k × m elements in total.
S103: the inquiring party encrypts the inquiry vector in a homomorphic way to obtain an encrypted inquiry vector, and sends the homomorphic encrypted public key, the bucket number, the coding length and the encrypted inquiry vector to the inquired party.
In the embodiment of the application, the inquiring party can encrypt the inquiring vector according to a preset homomorphic encryption algorithm.
As an example, the homomorphic encryption process may be represented by the following formula:
Figure 130465DEST_PATH_IMAGE006
wherein, the first and the second end of the pipe are connected with each other,
Figure 83378DEST_PATH_IMAGE007
representing the encrypted query vector(s) and,
Figure 208329DEST_PATH_IMAGE008
represent
Figure 879481DEST_PATH_IMAGE009
A homomorphic encryption algorithm is used for encrypting,
Figure 318553DEST_PATH_IMAGE010
a representation of the query vector is provided,
Figure 394481DEST_PATH_IMAGE011
representing a homomorphic encrypted public key.
After homomorphic encryption is performed on the query vector to obtain an encrypted query vector, the inquiring party can send the homomorphic encrypted public key, the bucket number, the coding length and the encrypted query vector to the inquired party.
S104: the inquired party determines a sub-bucket characteristic value corresponding to the bucket number, wherein the sub-bucket characteristic value is composed of a first number of data characteristic values.
As described above, the inquired party performs the eigenvalue operation and the bucket division operation on the data in advance. Therefore, the inquired party determines the target sub-bucket according to the bucket number, namely determining the sub-bucket characteristic value corresponding to the target sub-bucket, wherein the sub-bucket characteristic value is composed of a first number of data characteristic values, and each data characteristic value corresponds to one original data. For example, each data feature value corresponds to an original piece of three-factor data.
S105: and the inquired party divides each data characteristic value in the partition characteristic values according to the coding length to obtain a plaintext vector.
Bearing the above example, if the code length is k and the first number is m, the inquired party divides each data feature value in the partition bucket feature values according to the code length k to obtain k × m elements in the same way, and these elements form a plaintext vector which can be marked as a vector
Figure 690333DEST_PATH_IMAGE012
It can be seen that the number of elements in the encrypted query vector is the same as the number of elements in the plaintext vector.
S106: and the inquired party calculates the difference value between the encrypted inquiry vector and the plaintext vector under homomorphic encryption according to the public key, multiplies the difference value by a random mask under homomorphic encryption to obtain a ciphertext inquiry result vector, and sends the ciphertext inquiry result vector to the inquired party.
In the embodiment of the application, the constructed query function in the traditional data verification method is improved.
For ease of understanding, a conventional functional construct is illustrated, which can be expressed as follows:
Figure 848782DEST_PATH_IMAGE013
wherein, the first and the second end of the pipe are connected with each other,
Figure 622703DEST_PATH_IMAGE014
in order to characterize the function values of the query results,
Figure 878104DEST_PATH_IMAGE015
is the three-element data of the inquired party,
Figure 79278DEST_PATH_IMAGE016
providing the inquirer with the data to be inquired if
Figure 725023DEST_PATH_IMAGE017
If existing in the database to be checked, then there are
Figure 305564DEST_PATH_IMAGE018
It means that the verification of the three elements is successful, otherwise, the verification must be carried out
Figure 556417DEST_PATH_IMAGE019
Indicating that the verification failed.
There are problems in that: since the function needs to be solved in a homomorphic encryption state, data overflow caused by overlarge intermediate results may occur in the process of multiplication, but the function is in a ciphertext state and cannot be judged in real time. In addition, the multiplication operation under homomorphic encryption consumes a large amount of calculation time, resulting in a decrease in query speed.
In the embodiment of the present application, each item of the above function is split to obtain a vector:
Figure 928493DEST_PATH_IMAGE020
wherein, the first and the second end of the pipe are connected with each other,
Figure 61534DEST_PATH_IMAGE021
to characterize the vector of the query result, if
Figure 442837DEST_PATH_IMAGE022
Exists in the database to be checked, then
Figure 672830DEST_PATH_IMAGE023
Certain of the elements in (1) must be 0. But vector
Figure 215806DEST_PATH_IMAGE021
The data content of the inquired party can be leaked, so that the inquired party needs to generate a random mask
Figure 827354DEST_PATH_IMAGE024
To a
Figure 746769DEST_PATH_IMAGE021
For each element, calculate:
Figure 706635DEST_PATH_IMAGE025
if it is not
Figure 420513DEST_PATH_IMAGE022
Exists in the database to be searched and is bound to
Figure 793725DEST_PATH_IMAGE026
Certain of the elements in (1) must be 0, otherwise,
Figure 251251DEST_PATH_IMAGE027
the elements in the method are random numbers, and the privacy of the inquired party is protected by adding a mask.
Based on the construction principle of the query function, in the embodiment of the present application, the data verification calculation process of the queried party is specifically as follows:
firstly, the inquired party calculates the difference value between the encrypted inquiry vector and the plaintext vector under homomorphic encryption according to the public key.
Specifically, the numbers of elements in the ciphertext query vector and the plaintext vector are the same, and the elements in corresponding positions are used for subtraction when calculating the difference.
Can be expressed by the following formula:
Figure 862361DEST_PATH_IMAGE028
wherein, the first and the second end of the pipe are connected with each other,
Figure 343546DEST_PATH_IMAGE029
representing the difference between the ciphertext query vector and the plaintext vector computed under homomorphic encryption,
Figure 672896DEST_PATH_IMAGE030
representing the encrypted query vector(s) and,
Figure 934113DEST_PATH_IMAGE031
representing a plaintext vector.
In the embodiment of the application, in order to protect the privacy of the inquired party, the inquired party may generate a random mask, and multiply the difference by the random mask under homomorphic encryption to obtain a ciphertext inquiry result vector, which is fed back to the inquirer.
The random mask can be expressed as
Figure 665309DEST_PATH_IMAGE032
I.e. k x m masks, each mask being associated with a homomorphic encryption
Figure 189831DEST_PATH_IMAGE029
The corresponding elements in the data are multiplied to obtain a ciphertext query result vector, which can be expressed by the following formula:
Figure 6477DEST_PATH_IMAGE033
wherein, the first and the second end of the pipe are connected with each other,
Figure 805806DEST_PATH_IMAGE034
representing a ciphertext query result vector.
Therefore, in the embodiment of the application, the difference value between the encrypted query vector and the plaintext vector is calculated under homomorphic encryption, and the random mask is multiplied by the difference value under homomorphic encryption, so that the ciphertext query result vector is obtained.
S107: and the inquiring party decrypts the ciphertext inquiry result vector according to the homomorphic encrypted private key to obtain a plaintext inquiry result vector, and judges whether the data to be checked is correct or not according to the plaintext inquiry result vector.
After receiving the ciphertext query result vector, the query party can decrypt the ciphertext query result vector according to the homomorphic encrypted private key to obtain a plaintext query result vector.
It is easy to understand that the plaintext query result vector also contains m × k elements, and the value of each element is: the difference between the corresponding elements of the query vector and the plaintext vector is multiplied by the corresponding random mask.
If the data to be checked is correct, the continuous k elements in the query vector corresponding to the data to be checked and the continuous k elements in the plaintext vector of the inquired party are necessarily the same, after subtraction, the result is zero, and then the result is multiplied by the corresponding random mask, so that the result is still zero.
Therefore, in one embodiment of the present disclosure, the querying party traverses elements in the plaintext query result vector by taking the encoding length k as a unit, and if there are consecutive k elements that are all zero, it indicates that the data to be verified exists in the queried party, that is, the data to be verified is correct.
Therefore, the queried party protects the privacy of the queried party by adding the random mask, the querying party cannot know the random mask, and the judgment of the result by the querying party is not influenced by the random mask added by the queried party.
By applying the secret trail data verification method based on homomorphic encryption, a homomorphic encryption technology is introduced, data to be verified are coded into a computable integer value after characteristic value operation, encryption calculation is carried out through the homomorphic encryption technology, a query function in a ciphertext state is constructed to calculate a data verification result, the data privacy of a query party is not exposed in the whole query process, and secret trail data verification can be achieved. Meanwhile, the inquiring party can only obtain the final verification result of the data to be verified, and cannot obtain other additional information of the inquired party, so that the data privacy of the two parties is protected.
And when the inquired party checks the data under homomorphic encryption, only addition and multiplication operations at corresponding positions are needed to be carried out on the elements in the vector, a large amount of multiplication and concatenation operations are cancelled, and finally the inquired party determines a three-element checking result by judging whether zero elements exist in the vector, so that the inquiry efficiency is greatly improved.
In addition, in the whole data verification process, the number of communication rounds between the inquiring party and the inquired party is small, compared with the verification process based on an accidental transmission protocol, the communication overhead is greatly reduced, and better query performance can be ensured in the scene of mass data.
In an embodiment of the present application, the step of homomorphically encrypting the query vector to obtain an encrypted query vector may specifically include:
and performing homomorphic encryption calculation of a preset type on the query vector by adopting a single instruction multiple data technology to obtain an encrypted query vector.
Specifically, a Single Instruction Multiple Data (SIMD) technology is adopted, the SIMD encoding can be carried out on the query vector, Multiple copies of numerical value information to be calculated are packaged in the same homomorphic encryption text, and parallel dense-state calculation is realized.
Therefore, in the embodiment of the application, a single instruction multiple data-based coding technology is introduced, packing and batch calculation of elements in the query vector are realized, the calculation performance is greatly improved, and meanwhile, the communication overhead is greatly reduced.
In an embodiment of the present application, after the inquired party determines the sub-bucket feature value corresponding to the bucket number, the method further includes: and randomly reordering the data characteristic values contained in the sub-bucket characteristic values corresponding to the bucket numbers.
Specifically, after the inquired party determines the target sub-bucket, the sub-bucket characteristic values in the target sub-bucket are randomly reordered to obtain a new characteristic value sequence, so that the privacy of the inquired party is further protected.
For the convenience of understanding, the confidential trace data verification method based on homomorphic encryption provided by the embodiment of the present application is further described below with reference to the accompanying drawings.
Referring to fig. 2, fig. 2 is a schematic diagram of a traceback data verification method based on homomorphic encryption according to an embodiment of the present application.
As shown in fig. 2, the data verification process may be an initialization phase and a verification phase, respectively. The initialization phase is executed once when the service is started, and does not occupy the calculation and communication resources of the data verification process.
In the initialization stage, an inquiring party generates a homomorphic encrypted public key and a homomorphic encrypted private key and sends the public key to an inquired party; and the inquired party performs hash operation on the data to obtain a hash value, performs data bucket division according to the hash value, and sends the bucket division rule and the data scale of each bucket to the inquired party.
In the checking stage, the inquiring party calculates the hash value of the three-element data to be checked, calculates the target sub-barrel according to the hash value, divides the hash value according to the coding length, copies the data scale of the target sub-barrel to obtain the inquiry vector and homomorphically encrypts the inquiry vector.
And the inquiring party sends the bucket number, the coding length and the encrypted inquiry vector of the target sub-bucket to the inquired party.
And the inquired party divides the hash value in the target sub-bucket according to the coding length to obtain a plaintext vector. And according to the public key, calculating the difference value between the encrypted query vector and the plaintext vector under homomorphic encryption, multiplying the difference value by a random mask code to obtain a ciphertext query result vector, and sending the ciphertext query result vector to the query party.
And the inquiring party decrypts the ciphertext inquiry result vector according to the homomorphic encrypted private key to obtain a plaintext inquiry result vector, traverses elements in the plaintext inquiry vector by taking the coding length as a unit, and indicates that the data is correct if continuous k elements are zero.
A homomorphic encryption technology is introduced, data to be checked are coded into a computable integer value after characteristic value operation, encryption calculation is carried out through the homomorphic encryption technology, a query function in a ciphertext state is constructed to calculate a data checking result, the data privacy of a query party is not exposed in the whole query process, meanwhile, the query party can only obtain the final checking result of the data to be checked, and other additional information of the queried party cannot be obtained, so that the data privacy of both parties is protected.
And when the inquired party checks the data under homomorphic encryption, only addition and multiplication operations at corresponding positions are needed to be carried out on the elements in the vector, a large amount of multiplication and concatenation operations are cancelled, and finally the inquired party determines a three-element checking result by judging whether zero elements exist in the vector, so that the inquiry efficiency is greatly improved.
In addition, in the whole data verification process, the number of communication rounds between the inquiring party and the inquired party is small, compared with the verification process based on an accidental transmission protocol, the communication overhead is greatly reduced, and better query performance can be ensured in the scene of mass data.
The embodiment of the present application further provides a traceback data verification system based on homomorphic encryption, and the system includes: an inquirer and an inquired party.
The inquiring party is used for calculating a target characteristic value of the data to be checked, calculating a barrel number of a target barrel to which the target characteristic value belongs according to a barrel dividing rule of the inquired party on the data characteristic value, and determining a first number of the data characteristic value contained in the target barrel;
the inquiring party is also used for segmenting the target characteristic value based on the preselected coding length and copying a segmentation result based on the first number to obtain an inquiring vector;
the inquiring party is also used for carrying out homomorphic encryption on the inquiring vector to obtain an encrypted inquiring vector and sending a homomorphic encrypted public key, the barrel number, the coding length and the encrypted inquiring vector to the inquired party;
the inquired party is used for determining a sub-bucket characteristic value corresponding to the bucket number, wherein the sub-bucket characteristic value consists of the data characteristic values of the first number;
The inquired party is also used for segmenting each data characteristic value in the barreled characteristic values according to the coding length to obtain a plaintext vector;
the inquired party is also used for calculating a difference value between the encrypted query vector and the plaintext vector under homomorphic encryption according to the public key, multiplying the difference value by a random mask under homomorphic encryption to obtain a ciphertext query result vector, and sending the ciphertext query result vector to the inquiring party;
the inquiring party is also used for decrypting the ciphertext inquiry result vector according to the homomorphic encrypted private key to obtain a plaintext inquiry result vector, and judging whether the data to be checked is correct or not according to the plaintext inquiry result vector.
By applying the covert trail data verification system based on homomorphic encryption, the homomorphic encryption technology is introduced, data to be verified are coded into a computable integer value after characteristic value operation, encryption calculation is carried out through the homomorphic encryption technology, a query function in a ciphertext state is constructed to calculate a data verification result, the data privacy of a query party is not exposed in the whole query process, and covert trail data verification can be achieved. Meanwhile, the inquiring party can only obtain the final verification result of the data to be verified, and cannot obtain other additional information of the inquired party, so that the data privacy of the two parties is protected.
And when the inquired party checks the data under homomorphic encryption, only addition and multiplication operations at corresponding positions are needed to be carried out on the elements in the vector, a large amount of multiplication and concatenation operations are cancelled, and finally the inquired party determines a three-element checking result by judging whether zero elements exist in the vector, so that the inquiry efficiency is greatly improved.
In addition, in the whole data verification process, the number of communication rounds between the inquiring party and the inquired party is small, compared with the verification process based on an accidental transmission protocol, the communication overhead is greatly reduced, and better query performance can be ensured in the scene of mass data.
It should be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on differences from other embodiments. In particular, for the embodiment of the covert trail data verification system based on homomorphic encryption, since the embodiment is basically similar to the embodiment of the covert trail data verification method based on homomorphic encryption, the description is relatively simple, and relevant parts can be referred to partial description of the embodiment of the covert trail data verification method based on homomorphic encryption.
The above description is only for the preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application are included in the scope of protection of the present application.

Claims (8)

1. A traceback data verification method based on homomorphic encryption, the method comprising:
the method comprises the steps that an inquirer calculates a target characteristic value of data to be checked, the barrel number of a target barrel to which the target characteristic value belongs is calculated according to a barrel dividing rule of the inquired party on the data characteristic value, and the first number of the data characteristic value contained in the target barrel is determined;
The inquiring party segments the target characteristic value based on a preselected coding length and copies a segmentation result based on the first number to obtain an inquiry vector;
the inquiring party encrypts the inquiry vector in a homomorphic way to obtain an encrypted inquiry vector, and sends a public key, the barrel number, the coding length and the encrypted inquiry vector which are encrypted in the homomorphic way to the inquired party;
the inquired party determines a sub-bucket characteristic value corresponding to the bucket number, wherein the sub-bucket characteristic value consists of the data characteristic values of the first number;
the inquired party divides each data characteristic value in the sub-bucket characteristic values according to the coding length to obtain a plaintext vector;
the inquired party calculates the difference value between the encrypted query vector and the plaintext vector under homomorphic encryption according to the public key, multiplies the difference value by a random mask under homomorphic encryption to obtain a ciphertext query result vector, and sends the ciphertext query result vector to the inquired party;
and the inquiring party decrypts the ciphertext inquiry result vector according to the homomorphic encrypted private key to obtain a plaintext inquiry result vector, and judges whether the data to be verified is correct or not according to the plaintext inquiry result vector.
2. The method of claim 1, wherein the step of homomorphically encrypting the query vector to obtain an encrypted query vector comprises:
and performing homomorphic encryption calculation of a preset type on the query vector by adopting a single instruction multiple data technology to obtain an encrypted query vector.
3. The method according to claim 1, wherein the step of determining whether the data to be verified is correct according to the plaintext query result vector comprises:
and traversing elements in the plaintext inquiry result vector by taking the encoding length as a unit, and if the elements with continuous encoding lengths are zero, determining that the data to be checked is correct.
4. The method of claim 1, further comprising:
the inquired party converts the stored data into data characteristic values in advance, carries out barrel division on the data characteristic values according to a preset barrel division rule to obtain a plurality of barrel division characteristic values, and sends the number of the data characteristic values contained in each barrel division characteristic value to the inquired party.
5. The method of claim 1, wherein after the inquirer determines the sub-bucket feature value corresponding to the bucket number, the method further comprises:
And carrying out random reordering on the data characteristic values contained in the sub-bucket characteristic values corresponding to the bucket numbers.
6. The method according to any one of claims 1 to 5, wherein the data characteristic value is a hash value obtained by hashing data.
7. The method according to any one of claims 1 to 5, wherein the data to be verified is three-factor data including a name, an identification number and a mobile phone number.
8. An insidious trail data verification system based on homomorphic encryption, the system comprising: an inquirer and an inquired party;
the inquiring party is used for calculating a target characteristic value of the data to be checked, calculating a barrel number of a target barrel to which the target characteristic value belongs according to a barrel dividing rule of the inquired party on the data characteristic value, and determining a first number of the data characteristic value contained in the target barrel;
the inquiring party is also used for segmenting the target characteristic value based on the preselected coding length and copying a segmentation result based on the first number to obtain an inquiring vector;
the inquiring party is also used for carrying out homomorphic encryption on the inquiry vector to obtain an encrypted inquiry vector and sending a homomorphic encrypted public key, the barrel number, the coding length and the encrypted inquiry vector to the inquired party;
The inquired party is used for determining a sub-bucket characteristic value corresponding to the bucket number, wherein the sub-bucket characteristic value consists of the data characteristic values of the first number;
the inquired party is also used for segmenting each data characteristic value in the barreled characteristic values according to the coding length to obtain a plaintext vector;
the inquired party is also used for calculating a difference value between the encrypted query vector and the plaintext vector under homomorphic encryption according to the public key, multiplying the difference value by a random mask under homomorphic encryption to obtain a ciphertext query result vector, and sending the ciphertext query result vector to the inquiring party;
and the inquiring party is also used for decrypting the ciphertext query result vector according to the homomorphic encrypted private key to obtain a plaintext query result vector, and judging whether the data to be verified is correct or not according to the plaintext query result vector.
CN202210676985.4A 2022-06-16 2022-06-16 Hidden trace data verification method and system based on homomorphic encryption Active CN114756895B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210676985.4A CN114756895B (en) 2022-06-16 2022-06-16 Hidden trace data verification method and system based on homomorphic encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210676985.4A CN114756895B (en) 2022-06-16 2022-06-16 Hidden trace data verification method and system based on homomorphic encryption

Publications (2)

Publication Number Publication Date
CN114756895A true CN114756895A (en) 2022-07-15
CN114756895B CN114756895B (en) 2022-08-26

Family

ID=82336588

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210676985.4A Active CN114756895B (en) 2022-06-16 2022-06-16 Hidden trace data verification method and system based on homomorphic encryption

Country Status (1)

Country Link
CN (1) CN114756895B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115269938A (en) * 2022-09-22 2022-11-01 深圳市洞见智慧科技有限公司 Keyword track hiding query method and system based on homomorphic encryption and related device
CN116541582A (en) * 2023-07-06 2023-08-04 隐数科技(杭州)有限责任公司 Method and device for quickly inquiring safety data based on homomorphic encryption
CN116956354A (en) * 2023-09-21 2023-10-27 恒生电子股份有限公司 Data query method, device, data source equipment, query party equipment and system
WO2024078347A1 (en) * 2022-10-11 2024-04-18 杭州阿里云飞天信息技术有限公司 Acceleration device, computing system and acceleration method

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104408070A (en) * 2014-10-31 2015-03-11 北京邮电大学 Similar sub-image inquiring method and system for protecting privacy under cloud computing environment
US20190190714A1 (en) * 2017-12-20 2019-06-20 Nxp B.V. Privacy-preserving evaluation of decision trees
CN111190925A (en) * 2019-10-30 2020-05-22 重庆邮电大学 Multi-dimensional query method, system and storage medium for edge calculation
CN111914279A (en) * 2020-08-13 2020-11-10 深圳市洞见智慧科技有限公司 Efficient and accurate privacy intersection system, method and device
CN112115516A (en) * 2020-11-13 2020-12-22 支付宝(杭州)信息技术有限公司 Data query method and device for protecting privacy
CN112132293A (en) * 2020-09-30 2020-12-25 腾讯科技(深圳)有限公司 Calculation method, device, equipment and medium in longitudinal federal learning
CN112910624A (en) * 2021-01-14 2021-06-04 东北大学 Ciphertext prediction method based on homomorphic encryption
CN112989399A (en) * 2021-05-18 2021-06-18 杭州金智塔科技有限公司 Data processing system and method
CN113377625A (en) * 2021-07-22 2021-09-10 支付宝(杭州)信息技术有限公司 Method and device for data monitoring aiming at multi-party combined service prediction
CN114266645A (en) * 2021-12-22 2022-04-01 广州广电运通金融电子股份有限公司 Financial loan risk assessment method, device, storage medium and equipment

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104408070A (en) * 2014-10-31 2015-03-11 北京邮电大学 Similar sub-image inquiring method and system for protecting privacy under cloud computing environment
US20190190714A1 (en) * 2017-12-20 2019-06-20 Nxp B.V. Privacy-preserving evaluation of decision trees
CN111190925A (en) * 2019-10-30 2020-05-22 重庆邮电大学 Multi-dimensional query method, system and storage medium for edge calculation
CN111914279A (en) * 2020-08-13 2020-11-10 深圳市洞见智慧科技有限公司 Efficient and accurate privacy intersection system, method and device
CN112132293A (en) * 2020-09-30 2020-12-25 腾讯科技(深圳)有限公司 Calculation method, device, equipment and medium in longitudinal federal learning
CN112115516A (en) * 2020-11-13 2020-12-22 支付宝(杭州)信息技术有限公司 Data query method and device for protecting privacy
CN112910624A (en) * 2021-01-14 2021-06-04 东北大学 Ciphertext prediction method based on homomorphic encryption
CN112989399A (en) * 2021-05-18 2021-06-18 杭州金智塔科技有限公司 Data processing system and method
CN113377625A (en) * 2021-07-22 2021-09-10 支付宝(杭州)信息技术有限公司 Method and device for data monitoring aiming at multi-party combined service prediction
CN114266645A (en) * 2021-12-22 2022-04-01 广州广电运通金融电子股份有限公司 Financial loan risk assessment method, device, storage medium and equipment

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
ASMA ALOUFI等: "Blindfolded Evaluation of Random Forests with Multi-Key Homomorphic Encryption", 《网页在线公开:HTTPS://IEEEXPLORE.IEEE.ORG/STAMP/STAMP.JSP?TP=&ARNUMBER=8827928》 *
汪飞: "基于双向防御的网络大数据无损加密算法仿真", 《计算机仿真》 *
罗玙榕等: "基于SM2联合签名的电子发票公开验证方案", 《网络与信息安全学报》 *
董小雨等: "基于动态密钥的彩色图像扩散加密算法", 《计算机工程与设计》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115269938A (en) * 2022-09-22 2022-11-01 深圳市洞见智慧科技有限公司 Keyword track hiding query method and system based on homomorphic encryption and related device
CN115269938B (en) * 2022-09-22 2023-02-14 深圳市洞见智慧科技有限公司 Homomorphic encryption-based keyword track hiding query method, system and related device
WO2024078347A1 (en) * 2022-10-11 2024-04-18 杭州阿里云飞天信息技术有限公司 Acceleration device, computing system and acceleration method
CN116541582A (en) * 2023-07-06 2023-08-04 隐数科技(杭州)有限责任公司 Method and device for quickly inquiring safety data based on homomorphic encryption
CN116541582B (en) * 2023-07-06 2023-09-01 隐数科技(杭州)有限责任公司 Method and device for quickly inquiring safety data based on homomorphic encryption
CN116956354A (en) * 2023-09-21 2023-10-27 恒生电子股份有限公司 Data query method, device, data source equipment, query party equipment and system
CN116956354B (en) * 2023-09-21 2024-01-19 恒生电子股份有限公司 Data query method, device, data source equipment, query party equipment and system

Also Published As

Publication number Publication date
CN114756895B (en) 2022-08-26

Similar Documents

Publication Publication Date Title
CN114756895B (en) Hidden trace data verification method and system based on homomorphic encryption
Wang et al. Privacy-preserving public auditing for data storage security in cloud computing
Gutoski et al. Hierarchical deterministic bitcoin wallets that tolerate key leakage
Barker et al. Recommendation for random number generation using deterministic random bit generators (revised)
CN101443774A (en) Optimized integrity verification procedures
CN111523891A (en) Block chain based information encryption method, device, equipment and storage medium
Megias et al. Privacy-aware peer-to-peer content distribution using automatically recombined fingerprints
CN113255007B (en) Safe hidden three-factor query method
Anbuchelian et al. Efficient and secure auditing scheme for privacy preserving data storage in cloud
CN114840867B (en) Data query method, device and system based on exchangeable encrypted data confusion
US20180239910A1 (en) Encrypted text verification system, method and recording medium
Zhang et al. Towards thwarting template side-channel attacks in secure cloud deduplications
Lee et al. CCA2 attack and modification of Huang et al.’s public key encryption with authorized equality test
CN111314059B (en) Processing method, device and equipment for account authority proxy and readable storage medium
CN114760072B (en) Signature and signature verification method, device and storage medium
Eldridge et al. One-time programs from commodity hardware
KR20110073227A (en) Method, apparatus, server and recordable medium for encrypting and combining order info and contents info separated from personal info
Huang et al. Achieving data privacy on hybrid cloud
JPWO2014175320A1 (en) Ciphertext verification system, method and program
Vijayakumaran An introduction to bitcoin
Barsoum Provable data possession in single cloud server: A survey, classification and comparative study
Xue et al. Enabling hidden frequency keyword-based auditing on distributed architectures for a smart government
Roh et al. Winternitz signature scheme using nonadjacent forms
Abouhogail et al. Design and development of an advanced authentication protocol for mobile applications using NFC technology
CN117574408B (en) Production data management method and device based on block chain and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant