CN115037434A - Multi-party data security calculation method and system based on privacy calculation - Google Patents

Multi-party data security calculation method and system based on privacy calculation Download PDF

Info

Publication number
CN115037434A
CN115037434A CN202210467190.2A CN202210467190A CN115037434A CN 115037434 A CN115037434 A CN 115037434A CN 202210467190 A CN202210467190 A CN 202210467190A CN 115037434 A CN115037434 A CN 115037434A
Authority
CN
China
Prior art keywords
data
participants
participant
party
calculation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210467190.2A
Other languages
Chinese (zh)
Other versions
CN115037434B (en
Inventor
廖方平
郑伟海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Longtel Inc
Original Assignee
Longtel Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Longtel Inc filed Critical Longtel Inc
Priority to CN202210467190.2A priority Critical patent/CN115037434B/en
Publication of CN115037434A publication Critical patent/CN115037434A/en
Application granted granted Critical
Publication of CN115037434B publication Critical patent/CN115037434B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application provides a multi-party data security calculation method and system based on privacy calculation, belongs to the technical field of security multi-party calculation, and is used for solving the problem that the effect of realizing multi-party security calculation variance in the related technology is poor. In the method and the system, a plurality of participants realize the calculation of the data mean value under the condition of not revealing own data outwards, if n participants participate in the calculation, each participant divides own data into n parts and sends one part outwards to other n-1 participants respectively, n-1 parts of data are sent out together, the data sent by the other n-1 participants are received, so that a group of data is obtained, then the group of data obtained by each participant is gathered to one party and summed, namely the sum of all data of all participants can be calculated, the mean value of all the participant data can be obtained according to the sum except n, each participant calculates partial variance according to the mean value, and the sum of all partial variances is the total variance. The method and the system realize the privacy calculation.

Description

Multi-party data security calculation method and system based on privacy calculation
Technical Field
The application relates to the technical field of secure multi-party computation, in particular to a method and a system for secure computation of multi-party data based on privacy computation.
Background
The secure multiparty computing (SNC) is a collaborative computing problem for protecting privacy among a group of mutually untrusted participants, ensures the independence of input and the correctness of computing, does not reveal an input value to other members participating in computing, and mainly aims at solving the problem of how to securely compute an appointed function under the condition of no trusted third party, and plays an important role in scenes such as electronic election, electronic voting, electronic auction, secret sharing, threshold signature and the like.
Disclosure of Invention
The application provides a multi-party data security calculation method and system based on privacy calculation, which can solve the problem of multi-party data security calculation variance based on privacy calculation.
In a first aspect, the application provides a multi-party data security calculation method based on privacy calculation.
In the method, n participants are provided, n is more than or equal to 2, and A is used as the participant i Data representing, participating in, with B i Denotes that I ∈ I, I ∈ { I | I ∈ N * And i is less than or equal to n }, A 1 Obtaining self data B for application 1 The size sequence of (a); the method comprises the following steps:
party A i Dividing the data into n parts, B i =B i1 +B i2 +…+B in
Each participant a i One copy of data A with the same number as the data A is reserved ii And respectively sending the rest n-1 data to the participants A with corresponding numbers i To make party A participate in i Obtain data B 1i ,B 2i ,...,B ni
All participants A i The resulting data is summarized to one party to calculate n participants A i Average value of (d);
each participant a i To calculate self data B i The square of the result is subtracted from the mean E and is the partial variance S i =(B i -E) 2
All partial variances S i Summarizing to one side, and calculating the total variance
Figure BDA0003624823520000021
By adopting the technical scheme, the calculation process is carried outThe method can realize the calculation of the variance of a plurality of participants without revealing the data of any participant, thereby solving the problem of multi-party data security calculation based on privacy calculation.
Further, the method comprises the step of enabling all the participants A i The obtained data are summarized to one party to calculate n each participating party A i The average values of (a) include:
each participant a i First result C of all calculated data i =B 1i +B 2i +...+B ni
Calculating all the first results C i Is the second result D ═ C 1 +C 2 +...+C n
Determining n participants A according to the second result D i The average value of (a) is D/n.
Further, party A i Is B' i ,B′ i B is obtained by encrypting through a homomorphic encryption algorithm based on a preset secret key i
Further, B' i Enlargement of a m Multiple, a is constant and a ≠ 0, gives B i
Further, at party A a B is to be ab Sent to participant a b When a, B ∈ I and a ≠ B, according to B ab Generating a first application verification code F ab1 And sends the first application verification code to the participant A b Participant A b According to received B ab Generating a second application verification code F ab2 Participant A b Judging the received first application authentication code F ab1 And the second application verification code F obtained by calculation ab2 Whether the relation of (A) is the same as the preset relation or not, if so, B is represented ab Has not been tampered during transmission.
Further, the
Figure BDA0003624823520000023
,F ab2 According to received B ab Calculating;
wherein p and q are both prime numbers and q divides p-1, g exactlyIs an integer and g is
Figure BDA0003624823520000022
The preset relationship is F ab1 =F ab2
Further, the average value is the average value after the extreme value is removed, the total variance is the total variance after the extreme value is removed, and the specific calculation method comprises the following steps
The participant ordering method comprises the following steps: the data of the applicant is divided into two parts by each of the other participants; the applicant selects a part of data, the part of data is respectively sent to the rest of participants, and the rest of participants select a part of data to send to the applicant; the method comprises the steps that an applicant calculates the difference between data retained by the applicant and received data of each participant to obtain a plurality of first difference values corresponding to the rest participants one by one; each of the other participants subtracts the data retained by the participant from the received data of the applicant, namely each of the other participants obtains a second difference value; summarizing first difference values sent by an applicant and other participants, and adding second difference values corresponding to the same participant to obtain a third difference value relative to each of the other participants; determining data size sequences of other participants according to the size sequence of the third difference value, and determining the data size relationship between the applicant and the other participants according to the size relationship between the third difference value and zero, thereby determining the data size sequences of all the participants;
the method for calculating the variance after the depolarization value comprises the following steps: determining the number of the maximum value and the minimum value to be removed based on a pre-obtained extreme value removing rule; determining the participants needing to be removed, subtracting a new participant range of the range obtained by subtracting the range of the participants needing to be removed from the original participant range, and calculating the mean value and the total variance of the non-extremum of the new participant range, wherein the mean value and the total variance of the non-extremum of the original participant range are calculated.
Further, all the first results C i And partial variance S i Are all sent to the applicant A 1 Application side A 1 Perform a second result D, flatAnd calculating the mean E and the total variance S.
Further, with either party A i As a referee, the referee is configured to generate and distribute the secret key.
In a second aspect, the application provides a multi-party data security computing system based on privacy computation. The system comprising a plurality of user terminals in one-to-one correspondence with the participants according to any of the above first aspects, the system being adapted to perform the method according to any of the above first aspects.
In summary, the present application at least includes the following beneficial effects:
1. the method for safely calculating the multi-party data based on the privacy calculation can realize the calculation of the mean value of the participants under the condition that the participants do not reveal own data;
2. the specific algorithm is simple and efficient, the practicability is high, the interactive data is in an encapsulated arrow format, serialization and deserialization are not needed, and the transmission efficiency and the calculation efficiency are further improved;
3. the data sending and the data receiving are verified through the verification code, so that the data transmission process is prevented from being tampered, and the reliability of the sequencing result is guaranteed.
It should be understood that what is described in this summary section is not intended to limit key or critical features of the embodiments of the application, nor is it intended to limit the scope of the application. Other features of the present application will become readily apparent from the following description.
Drawings
The above and other features, advantages and aspects of various embodiments of the present application will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, like or similar reference characters denote like or similar elements, and wherein:
FIG. 1 illustrates an exemplary operating environment in which embodiments of the present application can operate;
FIG. 2 is a flow chart illustrating a method for secure computation of multi-party data based on privacy computation in an embodiment of the present application;
FIG. 3 is a block diagram illustrating a multi-party data security computing system based on privacy computation in an embodiment of the present application;
fig. 4 shows a block diagram of the user terminal of fig. 3.
Fig. 5 shows a schematic structural diagram of a computer device in an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all embodiments of the present application. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments in the present application, are within the scope of protection of the present application.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
The application provides a multi-party data safety calculation method and system based on privacy calculation, which can determine data variances of all participants under the condition of ensuring that original data of the participants are not leaked, and the calculation method is simple, efficient, practical and reliable.
FIG. 1 illustrates a schematic diagram of an exemplary operating environment 100 in which embodiments of the present application can operate. The operating environment 100 includes a plurality of terminals 110, the plurality of terminals 110 are communicatively connected with each other, each terminal 110 is capable of performing data interaction with any other terminal 110, the communication connection between the terminals 110 may be through a local area network, an internet connection, or through a mobile communication network, a satellite communication network, or a communication means such as a WiFi module, a lora module, and the like, and the specific communication manner is not limited. The terminals 110 have terminal identifications so that the data transmitted from each terminal 110 can determine the origin.
FIG. 2 is a flowchart illustrating a multi-party data security computation method 200 based on privacy computation in an embodiment of the present application. The method 200 may operate in the operating environment of fig. 1.
Each terminal 110 contains a piece of privacy data, and when a terminal 110 needs to determine the average value of the privacy data, the range of participants of the average value of the data needs to be selected first, that is, which terminals 110 participate in the calculation, and then the method 200 can be executed.
In the method 200, n participants are provided, n is more than or equal to 2, and A is used as the participant i Data representing, participating in, is represented by B i Denotes that I belongs to I, and I is { I | I belongs to N * And i is less than or equal to N }, N * Is a positive integer set, A 1 Obtaining all participants A for application i The application party of the data mean value of (1) is A 1 The data is B 1 The rest of the participants are A j Data is B j J ∈ I and j ≠ 1.
The method 200 specifically comprises the following steps:
s210: the participants divide their own data into n shares, where n equals the number of participants.
In this embodiment, each participant a i All randomly divide the data into n parts, B i =B i1 + B i2 +…+B in Therefore, the original data cannot be deduced through any distribution result data, and the safety of the original data is guaranteed.
To further improve the security of the data, party a i Data B of i The original data which is ordered is not required, but the original data is homomorphic encrypted to obtain the data. Specifically, let Party A i Is B' i ,B′ i Based on a preset secret key, obtaining B after being encrypted by a homomorphic encryption algorithm i
In the embodiment of the application, the B' i Enlargement of a m Multiple, a is constant and a ≠ 0, yielding said B i (ii) a a is 10, and m is determined according to requirements. Original data B' i Homomorphic ciphertext B obtained through homomorphic encryption i And original data B' i Has the same arithmetic property, and can be used for calculating and determining original data B' i Relation between, and homomorphic ciphertext B i Will not directly reflect original data B' i Thereby further improving the security of the original data while preserving the calculation results. Or adopting irreversible homomorphic encryption algorithm to make homomorphic cipher text B i Original data B 'cannot be obtained through decoding' i Further improving original data B' i The safety of (2).
Of course, the homomorphic encryption may also adopt other homomorphic encryption methods, for example, if the multiplication expansion and multiplication calculation are not involved, the homomorphic encryption method may be adopted instead of the fully homomorphic encryption method. Further, the homomorphic encryption is to further reduce the original data B' i Possibility of leakage, i.e. dividing the original data by B' i In addition to the method performed before the division into n parts, the original data B 'may be used' i After the n shares are divided, homomorphic encryption is carried out before the outward transmission.
In order to ensure the security of the homomorphic encryption result, it is necessary to avoid the key from being fixed, so the key can be triggered and generated when the homomorphic encryption is required 1 Apply for all participants A i Can be at all participants A i One party is randomly selected as a judge, the judge generates a homomorphic encryption public key and a homomorphic encryption private key immediately and sends the generated homomorphic encryption public key and the homomorphic encryption private key to all participants A i And sending the homomorphic encryption public and private keys, wherein the dynamic private key can further improve the security of the encryption result. Of course, the referee may also be a third party.
In one specific example, the referee is the remaining participant a j Of which is then selected.
S220: and each participant reserves one piece of data and sends the rest n-1 pieces of data to the rest n-1 participants respectively.
In the method of this step, each participant A i Is divided into n parts, so that each participant A i After sending n-1 parts of data to the rest n-1 participants, each participant A i All can send n-1 parts of data and receive n-1 parts of data which are respectively sent by the rest n-1 participants, namely each participant A after the step i The data of (2) is still n, but the content is changed.
In one example, to facilitate computer allocation, this may be based on the assignment to party A i Numbering of the divided data, B i1 、B i2 、...B in Let each party A i One part of data of the second lower corner mark which is the same as the lower corner mark of the user is reserved, and the rest data are respectively sent to a reference party A of which the lower corner mark is the same as the second lower corner mark of the data i I.e. each party A i The final data obtained is B 1i ,B 2i ,...,B ni
S230: and summarizing the data obtained by all the participants to one party to calculate the average value of n participants.
The method of this step comprises:
each participant a i First result C of all calculated data i =B 1i +B 2i +...+B ni
Calculating all the first results C i Is the second result D ═ C 1 +C 2 +...+C n
Determining n participants A according to the second result D i The average value of (a) is D/n.
In the method of this step, all the first results C i Are all sent to the applicant A 1 Application side A 1 The calculation steps of the second result D and the mean value E are performed.
After the mean value is calculated, the applicant A 1 Decoding the average value E based on the secret key to obtain original data B' i Original mean value E' of.
S240: each participant calculates the square of the result of subtracting the average value from its own data as the partial variance.
Specifically, each participant a i To calculate self data B i The square of the result obtained by subtracting the mean E is the partial variance S i =(B i -E) 2
S250: all partial variances S i Summarizing to one side, and calculating the total variance S.
All partial variances S i Summarizing to one side, and calculating the total variance
Figure BDA0003624823520000081
In the present embodiment, all the partial variances S i Summarized to applicant A 1 From the claimant A 1 The method of this step is performed.
Further, calculating the mean divide may calculate all participants A i In addition to the data mean value, under some circumstances, the average value may also be calculated after removing one or more maximum values and removing one or more minimum values, and in the case that the average value needs to be calculated after removing one or more maximum values and removing one or more minimum values, the method 200 further includes calculating the average value of all participants a i The method of sorting data of (1).
The sorting method has the specific principle that: the data of the applicant is divided into two parts by each of the other participants;
the method comprises the following steps that an applicant selects a part of data, the part of data is sent to the rest of participants, and the rest of participants select a part of data to send to the applicant;
the method comprises the steps that an applicant calculates the difference between data retained by the applicant and received data of each participant to obtain a plurality of first difference values corresponding to the rest participants one to one; each of the other participants subtracts the data retained by the participant from the received data of the applicant, namely each of the other participants obtains a second difference value; if the total number of the participants is n, the applicant obtains n-1 first difference values which are in one-to-one correspondence with the rest of the participants, and n-1 rest of the participants respectively obtain a second difference value, namely n-1 difference values are obtained by the rest of the participants in total, wherein the first difference values are in one-to-one correspondence with the rest of the participants, and the second difference values are in one-to-one correspondence with the rest of the participants.
The first difference values sent by the applicant and the other participants are summarized, and the second difference values corresponding to the same participant are added, so that a third difference value can be obtained relative to each of the other participants, and the third difference value is related to the result of subtracting the data of the participant from the data of the applicant. The summarized actions may be specifically executed by the referee.
The judging party can determine the data size sequences of the rest participants according to the size sequence of the third difference value, and can determine the data size relationship between the applying party and the rest participants according to the size relationship between the third difference value and zero, thereby determining the data size sequences of all the participants.
The referee may choose to remove several maximum values and several minimum values based on a depole rule sent by the applicant, and the depole rule may be fixed, for example, to remove one/three/five maximum values and one/three/five minimum values and then average them no matter how many participants are present, or may be determined according to the number of all applicants, for example, to remove the maximum value of the results of one percent/three/five of the number of participants and the minimum value of one percent/three/five of the results.
After determining the number of the maximum value and the minimum value to be removed, that is, determining which participating parties need to remove data, the average value after removing the extreme value can be determined.
One specific method is as follows: the referee determines the participants to be eliminated, eliminates the participants in the name list of all the participants, re-determines the range of the participants needing to calculate the mean value, the applicant can determine a mean value according to the re-determined range of the participants and a mean value calculation method without extreme value elimination, the mean value is the mean value of the extreme value elimination of the original range of the participants, and similarly, the total variance of the re-determined range of the participants without extreme value elimination, namely the total variance of the extreme value elimination of the original range of the participants, can be calculated.
Further, to avoid being tampered during data transmission, the method 200 further includes a data verification method.
Specifically, at party A a B is to be ab Sent to the participantSquare A b When a, B ∈ I and a ≠ B, according to B ab Generating a first application verification code F ab1 And sends the first application verification code to the participant A b Participant A b According to received B ab Generating a second application verification code F ab2 Participant A b Judging the received first application authentication code F ab1 And the calculated second application verification code F ab2 Whether the relation of (A) is the same as the preset relation or not, if so, B is represented ab Has not been tampered during transmission.
In one example, the
Figure BDA0003624823520000101
Namely, it is
Figure BDA0003624823520000102
Remainder of the result of dividing by q, F ab2 According to received B ab Calculating; wherein p and q are both prime numbers and q divides p-1 evenly, p and q can be empirically larger prime numbers, g is an integer and g is
Figure BDA0003624823520000103
The preset relationship is F ab1 =F ab2
Of course, except for B ab In addition, other arbitrary data related to transmission between different parties may also be verified by using the above verification method, and in addition to the above autonomous verification algorithm, other arbitrary verification algorithms that ensure that the verification code is related to the transmission content and that the transmission content cannot be obtained by reverse deduction through the verification code may also be used, which are not described here.
In addition, in order to facilitate the transmission of data among multiple parties, before the data is sent out, the data needs to be packaged into an arrow format without serialization and deserialization, so that the processing pressure is reduced, and the transmission efficiency is improved.
It should be noted that for simplicity of description, the above-mentioned embodiments of the method are described as a series of combinations of acts, but those skilled in the art should understand that the present application is not limited by the described order of acts, as some steps can be performed in other orders or simultaneously according to the present application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are exemplary and alternative embodiments and that the acts and modules referred to are not necessarily required in this application.
The foregoing is a description of method embodiments, and the following is a further description of the embodiments of the present application with reference to system embodiments.
FIG. 3 is a block diagram illustrating a multi-party data security computing system 300 based on privacy computing in an embodiment of the present application. Referring to fig. 3, a system 300 includes: comprising a plurality of user terminals 310, one of said user terminals 310 being a party A as described above i
Fig. 4 shows a block diagram of the user terminal of fig. 3. Referring to fig. 4, the user terminal 310 includes:
a data dividing module 310 for dividing the self data B i Is divided into n parts, B i =B i1 +B i2 +…+B in
A data transmission module 320, configured to perform data transmission with other user terminals 310;
mean calculation module 330, aggregating all participants A i After the data obtained, n participants A are calculated i Average value of (a);
a distribution calculation module 340 for calculating self data B i The square of the result obtained by subtracting the mean E is the partial variance S i =(B i -E) 2 (ii) a And
a variance calculation module 350 for calculating all partial variances S i Summarizing and calculating the total variance
Figure BDA0003624823520000111
The system 300 can perform the method 200, and each user terminal 310 in the system 300 can be the claimant A i Participant A j Or a referee.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the described module may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
For specific limitations of the user terminal 310, reference may be made to the above limitations of the method 200, which are not described herein again. The various modules in the user terminal 310 described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 5. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through network connection. Which computer program is executed by a processor to implement the method as described above.
In one embodiment, there is provided a computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program:
if the number of the participators is n, n is more than or equal to 2, the participators are A i Data representing, participating in, with B i Denotes that I belongs to I, and I is { I | I belongs to N * And i is less than or equal to n }, A 1 Obtaining self data B for application 1 The applicant of the size sequence of (1);
party A i Dividing self data into n parts, B i =B i1 +B i2 +…+B in
Each participant a i One part of data is reserved, and the rest n-1 parts of data are respectively sent to the rest n-1 participants;
all participants A i The resulting data is summarized to one party to calculate n participants A i Average value of (d);
each participant a i To calculate self data B i The square of the result obtained by subtracting the mean E is the partial variance S i =(B i -E) 2
All partial variances S i Summarizing to one side, and calculating the total variance
Figure BDA0003624823520000121
It should be understood that the above is generally performed in one process in different subjects, but that a computer device may play different roles in different processes.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by the relevant hardware instructed by a computer program stored in a non-volatile computer-readable storage medium, and the computer program can include the processes of the embodiments of the methods described above when executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and simplicity of description, the foregoing functional units and modules are merely illustrated in terms of division, and in practical applications, the foregoing functional allocation may be performed by different functional units and modules as needed, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above described functions.
The foregoing description is only exemplary of the preferred embodiments of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the disclosure. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (10)

1. A multi-party data security calculation method based on privacy calculation is characterized in that n participants are set, n is larger than or equal to 2, and A is used as the participant i Data representing, participating in, with B i Denotes that I ∈ I, and I ∈ { I-I ∈ N * And i is less than or equal to n }, A 1 Obtaining self data B for application 1 The size sequence of (1); the method comprises the following steps:
party A i Dividing the data into n parts, B i =B i1 +B i2 +…+B in
Each participant a i One part of data is reserved, and the rest n-1 parts of data are respectively sent to the rest n-1 participants;
all participants A i The resulting data is summarized to one party to calculate n participants A i Average value of (d);
each participant a i To calculate self data B i The square of the result obtained by subtracting the mean E is the partial variance S i =(B i -E) 2
All partial variances S i Summarizing to one side, and calculating the total variance
Figure FDA0003624823510000011
2. The multi-party data security ordering method according to claim 1,
each participant A i The steps of reserving one part of data and sending the rest n-1 parts of data to the rest n-1 participants respectively comprise:
each participant a i One copy of data A with the same number as the data A is reserved ii And respectively sending the rest n-1 data to the participants A with corresponding numbers i To enable party A to i Obtain data B 1i ,B 2i ,...,B ni
The all participants A i The resulting data is summarized to one party to calculate n participants A i The average values of (a) include:
each participant a i First result C of all calculated data i =B 1i +B 2i +…+B ni
Calculating all the first results C i Is the second result D ═ C 1 +C 2 +…+C n
Determining n participants A according to the second result D i Average value of (a).
3. The multi-party data security computing method based on privacy computation of claim 2, wherein the party A is a party A i Is B 'as raw data' i ,B′ i Based on a preset secret key, obtaining B after being encrypted by a homomorphic encryption algorithm i
4. The method of claim 3, wherein B 'is used for secure computation of multi-party data based on privacy computation' i Enlargementa m Multiple, a is constant and a ≠ 0, yielding said B i
5. The multi-party data security computing method based on privacy computation of any one of claims 1-4, wherein, at party A, the security computing method is a B is to be ab Sent to participant a b When a, B ∈ I and a ≠ B, according to B ab Generating a first application verification code F ab1 And sends the first application verification code to the participant A b Participant A b According to received B ab Generating a second application verification code F ab2 Participant A b Judging the received first application verification code F ab1 And the second application verification code F obtained by calculation ab2 Whether the relationship (D) is the same as the preset relationship or not, if so, B is represented ab Has not been tampered during transmission.
6. The multi-party data security computing method based on privacy computation of claim 5, wherein the multi-party data security computing method is characterized in that
Figure FDA0003624823510000021
F ab2 According to received B ab Calculating;
wherein p and q are both prime numbers and q divides p-1 evenly, g is an integer and g is
Figure FDA0003624823510000022
The preset relationship is F ab1 =F ab2
7. The multi-party data security computation method based on privacy computation of claim 1,
the average value is the average value after removing extreme value, the total variance is the total variance after removing extreme value, and the specific calculation method comprises the following steps
The participant ordering method comprises the following steps: the data of the applicant is divided into two parts by each of the other participants; the method comprises the following steps that an applicant selects a part of data, the part of data is sent to each of the rest participants, and each of the rest participants selects a part of data to send to the applicant; the method comprises the steps that an applicant calculates the difference between data retained by the applicant and received data of each participant to obtain a plurality of first difference values corresponding to the rest participants one to one; each of the other participants subtracts the data retained by the participant from the received data of the applicant, namely each of the other participants obtains a second difference value; summarizing first difference values sent by an applicant and other participants, and adding second difference values corresponding to the same participant, so that a third difference value can be obtained relative to each of the other participants; determining data size sequences of the rest participants according to the size sequence of the third difference, and determining the data size relationship between the application party and the rest participants according to the size relationship between the third difference and zero, thereby determining the data size sequences of all the participants;
the method for calculating the variance after the depolarization value comprises the following steps: determining the number of the maximum value and the minimum value to be removed based on a pre-obtained extreme value removing rule; determining the participants needing to be removed, subtracting a new participant range of the range obtained by subtracting the range of the participants needing to be removed from the original participant range, and calculating the mean value and the total variance of the non-extremum of the new participant range, wherein the mean value and the total variance of the non-extremum of the original participant range are the mean value and the total variance of the extremum removal of the original participant range.
8. The method of claim 2, wherein all of the first results C are the same as the first results C i And partial variance S i Are all sent to the applicant A 1 Application side A 1 The calculation steps of the second result D, the average E and the total variance S are performed.
9. The multi-party data security calculation method based on privacy calculation of claim 3, wherein any party A is used i As the referee, the referee is used for generating and distributing the secret key.
10. A multi-party data security computing system based on privacy computing, comprising a plurality of user terminals in one-to-one correspondence with the participants of any of claims 1-9, the system being configured to perform the method of any of claims 1-9.
CN202210467190.2A 2022-04-29 2022-04-29 Multiparty data security calculation method and system based on privacy calculation Active CN115037434B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210467190.2A CN115037434B (en) 2022-04-29 2022-04-29 Multiparty data security calculation method and system based on privacy calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210467190.2A CN115037434B (en) 2022-04-29 2022-04-29 Multiparty data security calculation method and system based on privacy calculation

Publications (2)

Publication Number Publication Date
CN115037434A true CN115037434A (en) 2022-09-09
CN115037434B CN115037434B (en) 2023-04-21

Family

ID=83119873

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210467190.2A Active CN115037434B (en) 2022-04-29 2022-04-29 Multiparty data security calculation method and system based on privacy calculation

Country Status (1)

Country Link
CN (1) CN115037434B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150288662A1 (en) * 2014-04-03 2015-10-08 Palo Alto Research Center Incorporated Computer-Implemented System And Method For Establishing Distributed Secret Shares In A Private Data Aggregation Scheme
CN111049825A (en) * 2019-12-12 2020-04-21 支付宝(杭州)信息技术有限公司 Secure multi-party computing method and system based on trusted execution environment
CN111563261A (en) * 2020-05-15 2020-08-21 支付宝(杭州)信息技术有限公司 Privacy protection multi-party computing method and system based on trusted execution environment
CN113312641A (en) * 2021-06-02 2021-08-27 杭州趣链科技有限公司 Multipoint and multiparty data interaction method, system, electronic device and storage medium
CN114022093A (en) * 2021-09-22 2022-02-08 医渡云(北京)技术有限公司 Data collaborative computing method, device and equipment based on multi-party security
CN114386089A (en) * 2021-12-07 2022-04-22 北京数牍科技有限公司 Privacy set intersection method based on multi-condition retrieval

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150288662A1 (en) * 2014-04-03 2015-10-08 Palo Alto Research Center Incorporated Computer-Implemented System And Method For Establishing Distributed Secret Shares In A Private Data Aggregation Scheme
CN111049825A (en) * 2019-12-12 2020-04-21 支付宝(杭州)信息技术有限公司 Secure multi-party computing method and system based on trusted execution environment
CN111563261A (en) * 2020-05-15 2020-08-21 支付宝(杭州)信息技术有限公司 Privacy protection multi-party computing method and system based on trusted execution environment
CN113312641A (en) * 2021-06-02 2021-08-27 杭州趣链科技有限公司 Multipoint and multiparty data interaction method, system, electronic device and storage medium
CN114022093A (en) * 2021-09-22 2022-02-08 医渡云(北京)技术有限公司 Data collaborative computing method, device and equipment based on multi-party security
CN114386089A (en) * 2021-12-07 2022-04-22 北京数牍科技有限公司 Privacy set intersection method based on multi-condition retrieval

Also Published As

Publication number Publication date
CN115037434B (en) 2023-04-21

Similar Documents

Publication Publication Date Title
CN107634836B (en) SM2 digital signature generation method and system
US20180373882A1 (en) Privacy preserving computation protocol for data analytics
EP3850786B1 (en) System and method for secure multi-party computation based blockchain transactions
CN107872322B (en) Homomorphic encryption-based digital signature collaborative generation method and system
US8170216B2 (en) Techniques for validating and sharing secrets
CN111563261A (en) Privacy protection multi-party computing method and system based on trusted execution environment
CN108055128B (en) RSA key generation method, RSA key generation device, storage medium and computer equipment
CN114157427A (en) Threshold signature method based on SM2 digital signature
CN108989339B (en) Ciphertext encryption method, system and storage medium with strategy hiding function
CN109981269B (en) Secure and efficient SM9 multi-party key distribution method and device
CN112417489B (en) Digital signature generation method and device and server
CN112597542B (en) Aggregation method and device of target asset data, storage medium and electronic device
CN107888385B (en) RSA modulus generation method, RSA key generation method, computer device, and medium
CN112231769A (en) Block chain-based numerical verification method and device, computer equipment and medium
KR20210054422A (en) Method for Shamir Secret Share Recovery
Kaaniche et al. A novel zero-knowledge scheme for proof of data possession in cloud storage applications
CN113779606A (en) Information verification method and system for reducing privacy disclosure risk
CN118160275A (en) Threshold signature scheme
Mashhadi Computationally Secure Multiple Secret Sharing: Models, Schemes, and Formal Security Analysis.
CN110071796A (en) A kind of calculation method based on shared secret
CN115037434A (en) Multi-party data security calculation method and system based on privacy calculation
CN111460463A (en) Electronic deposit certificate storage and notarization method, device, equipment and storage medium
CN115037436B (en) Method and system for calculating data mean value by using safe multiple parties
CN113094735B (en) Privacy model training method
CN114239004A (en) Electronic signature generation method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant