CN115134078A - Secret sharing-based statistical method and device and storage medium - Google Patents
Secret sharing-based statistical method and device and storage medium Download PDFInfo
- Publication number
- CN115134078A CN115134078A CN202210796852.0A CN202210796852A CN115134078A CN 115134078 A CN115134078 A CN 115134078A CN 202210796852 A CN202210796852 A CN 202210796852A CN 115134078 A CN115134078 A CN 115134078A
- Authority
- CN
- China
- Prior art keywords
- data
- target
- subinterval
- secret
- party
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007619 statistical method Methods 0.000 title claims abstract description 19
- 239000003999 initiator Substances 0.000 claims abstract description 67
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 46
- 238000000034 method Methods 0.000 claims description 20
- 239000012634 fragment Substances 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 9
- 230000008569 process Effects 0.000 claims description 7
- 239000000126 substance Substances 0.000 claims description 3
- 230000014509 gene expression Effects 0.000 description 19
- 238000004364 calculation method Methods 0.000 description 16
- 101150040844 Bin1 gene Proteins 0.000 description 15
- 238000010586 diagram Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 10
- 230000005540 biological transmission Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 239000000835 fiber Substances 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001902 propagating effect Effects 0.000 description 2
- 238000011410 subtraction method Methods 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 238000013467 fragmentation Methods 0.000 description 1
- 238000006062 fragmentation reaction Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Complex Calculations (AREA)
Abstract
The embodiment of the application discloses a statistical method, a device and a storage medium based on secret sharing, wherein the statistical method based on secret sharing comprises the following steps: s1, the initiator and the participant solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret manner, and the initiator determines the index value of the target data to be searched after the multi-party data is sequenced; s2, determining the upper bound and the lower bound of a multi-party data interval, dividing the multi-party data interval into n sub-intervals, and locally counting the sets of the corresponding party data in the corresponding sub-intervals by each party; s3, calculating a target subinterval where the target data corresponding to the index value falls, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval; s4, if yes, solving the maximum value or the minimum value of the multi-party data in the target subinterval to obtain target data; s5, if not, the target sub-interval is regarded as a new multi-party data interval and steps S2 to S5 are re-executed.
Description
Technical Field
The application relates to the technical field of multiparty security computing, in particular to a statistical method and device based on secret sharing and a storage medium.
Background
With the advent of the information-oriented era, digital economy is rapidly developing, and how to deal with the relationship between protecting personal information and the development of digital economy, namely information resources, is a problem which needs to be solved urgently at present. Therefore, the data can be achieved and the available invisible privacy computing technology is developed vigorously. In real life, the privacy computing technology gradually helps the vigorous development of more and more related enterprises, and the operations of statistics, comparison, analysis and the like on certain data are often required to be carried out by using the privacy computing technology. Such as: the vendor wishes to assess the overall purchasing power of young people in a plurality of nearby companies, facilitating the promotion of the corresponding goods. Based on privacy protection, each company cannot publish the monthly income of each young individual in the respective company. The median of the whole income of the young of a plurality of companies can be obtained by the privacy computing technology on the premise of not exposing the monthly income of employees of each company so as to reflect the whole purchasing power. In a related algorithm for solving the kth big data through multi-party data dense state statistics, generally, data of multiple parties need to be sequenced in a dense state, and then a dense state value of the kth big data is found out and then a plaintext is recovered. Therefore, how to efficiently solve the kth large data (i.e. the target data) in the multi-party data without exposing all the plaintext data of the multiple parties is an urgent problem to be solved.
Disclosure of Invention
An object of the embodiments of the present application is to provide a secret sharing-based statistical method, device and storage medium, so as to solve the problems of high computation cost and low efficiency in the related algorithm for solving the kth big data, i.e., the target data, by means of secret statistics of multi-party data in the prior art.
In order to achieve the above object, an embodiment of the present application provides a statistical method based on secret sharing, including the steps of: s1, the initiator and the participant solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret manner, and the initiator determines the index value of the target data to be searched after the multi-party data is sequenced; s2, determining the upper bound and the lower bound of the multi-party data interval, dividing the multi-party data interval into n sub-intervals, and locally counting the corresponding party data of the initiator and the participants in the corresponding set of sub-intervals; s3, calculating a target subinterval where target data corresponding to the index value falls by using a secret sharing algorithm, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval; s4, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, solving the maximum value or the minimum value of the multi-party data in the target subinterval by using a secret sharing algorithm to obtain the target data; s5, if the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval is used as a new multi-party data interval, and the steps S2 to S5 are executed again until the target data is obtained.
Optionally, the initiator and the participant locally count the data volume of the local data to obtain a corresponding numerical value, and perform secret solution at the initiator according to the numerical value by using a secret sharing algorithm to obtain a data volume sum of the multi-party data, where the initiator determines the index value of the target data to be searched after the multi-party data is sorted.
Optionally, the initiating party and the participating party uniformly determine an upper bound and a lower bound of the multiparty data interval, divide the multiparty data interval into n subintervals according to the determined upper bound and lower bound, and locally calculate a set of the party data corresponding to the initiating party and the participating party in the corresponding subintervals.
Optionally, the initiator performs secret sharing on the index value and the data amount of the local data corresponding to each of the subintervals, the participant performs secret sharing on the data amount of the local data corresponding to each of the subintervals, determines the target subinterval where the target data corresponding to the index value is located by using an addition subtraction method and a secret comparison operation in a secret sharing algorithm, and determines whether the target data is a maximum value or a minimum value in the multi-party data corresponding to the target subinterval.
Optionally, if it is determined according to the result of the dense state comparison operation that the target data to be found is the maximum value located in the target subinterval, solving the maximum value for the dense state of the set of the multi-party data in the target subinterval; and if the target data to be found is the minimum value in the target subinterval according to the result of the dense state comparison operation, solving the minimum value of the set of the multi-party data in the target subinterval in a dense state mode.
Optionally, if the secret state comparison result determines that the target data is not the maximum value or the minimum value in the multiparty data corresponding to the target subinterval, the target subinterval where the target data is located is continuously divided, and whether to update the current secret fragment is selected according to the secret state comparison result.
Optionally, in the process of computing the corresponding secret sharding by using the secret sharing algorithm, the used computing formula includes:
<Index new > = sub(<Index old >, add(<N A1 >,<N B1 >,<N C1 >))、
<Result1> = eqz(<Index new >)、<Result2> = gt(<Index new >)、
<Result3> = eqz(sub(<Index new >,<1>)) ,
wherein the content of the first and second substances,<Index old >is a third secret piece that is to be included,<N A1 >is a first secret piece to be included in the first secret piece,<N B1 >、<N C1 >is the second secret slice.
In order to achieve the above object, the present application further provides a statistic device based on secret sharing, including: a memory; and
a processor coupled to the memory, the processor configured to:
s1, the initiator and the participants solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret way, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted; s2, determining the upper bound and the lower bound of the multi-party data interval, dividing the multi-party data interval into n subintervals, and locally counting the corresponding party data of the initiator and the participant in the corresponding subinterval sets; s3, calculating a target subinterval where target data corresponding to the index value falls by using a secret sharing algorithm, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval; s4, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, solving the maximum value or the minimum value of the multi-party data in the target subinterval by using a secret sharing algorithm to obtain the target data; s5, if the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval is used as a new multi-party data interval, and the steps S2 to S5 are executed again until the target data is obtained.
To achieve the above object, the present application also provides a computer storage medium having a computer program stored thereon, wherein the computer program, when executed by a machine, implements the steps of the method as described above.
The embodiment of the application has the following advantages:
1. the embodiment of the application provides a statistical method based on secret sharing, which comprises the following steps: s1, the initiator and the participants solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret way, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted; s2, determining the upper bound and the lower bound of the multi-party data interval, dividing the multi-party data interval into n sub-intervals, and locally counting the corresponding party data of the initiator and the participants in the corresponding set of sub-intervals; s3, calculating a target subinterval where target data corresponding to the index value falls by using a secret sharing algorithm, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval; s4, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, solving the maximum value or the minimum value of the multi-party data in the target subinterval by using a secret sharing algorithm to obtain the target data; s5, if the target data is not the maximum value or the minimum value of the multi-party data corresponding to the target subinterval, the target subinterval is used as a new multi-party data interval, and the steps S2 to S5 are executed again until the target data is obtained.
By the method, the kth big data, namely the target data, can be solved efficiently on the basis that the plaintext of each party of data is not exposed, and the number of the data of each party in different subintervals is not exposed, so that the plaintext information of each party of data is protected to the great extent. Compared with a common cipher text sorting scheme, the scheme effectively reduces the times of cipher text comparison with high calculation overhead, and meanwhile, the applicability of the scheme is kept under the condition of the unbalanced data volume of multiple parties, so that the calculation cost and the complexity in the actual use process are reduced, and the calculation efficiency is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary and that other implementation drawings may be derived from the provided drawings by those of ordinary skill in the art without inventive effort.
Fig. 1 is a flowchart of a statistical method based on secret sharing according to an embodiment of the present disclosure;
fig. 2 is a schematic diagram illustrating exemplary steps of a statistical method based on secret sharing according to an embodiment of the present disclosure;
fig. 3 is a block diagram of a statistic device based on secret sharing according to an embodiment of the present disclosure.
Detailed Description
The present disclosure is not intended to be limited to the particular embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In addition, the technical features mentioned in the different embodiments of the present application described below may be combined with each other as long as they do not conflict with each other.
An embodiment of the present application provides a statistical method based on secret sharing, and referring to fig. 1, fig. 1 is a flowchart of a statistical method based on secret sharing provided in an embodiment of the present application, it should be understood that the method may further include additional blocks not shown and/or may omit the blocks shown, and the scope of the present application is not limited in this respect.
The related calculation related to secret sharing comprises the following steps:
add (·): given secret shared value<x 1 >And>x 2 >add (-) to output a shared value of the secret value
. Assuming that the result of the final summation is a shared value<x s >=(x s,1 ,x s,2 ,...,x s,n ) Then for x s,i The calculation process of (2) is as follows:
sub (·): and (3) corresponding to the addition operation among the ciphertexts, changing the + into the-to realize the cipher text subtraction calculation.
ltz (·): given a secret shared value<x i >Ltz (-) whether the shared value of the output secret value is less than zero
. The function only needs to extract the sign bit of the first bit (referring to the data representation method of fixed point number, the first bit is just the sign bit, and the sign bit is 1 to represent less than zero).
gtz (·): given a secret shared value<x i >Whether the shared value of the gtz (-) output secret value is greater than zero
. The function only needs to extract the sign bit of the first bit (referring to the data representation method of fixed point number, the first bit is just the sign bit, and the sign bit 01 represents more than zero).
eqz(·) Given a secret shared value<x i >Whether the shared value of the output secret value is zero or not
. The function is calculated based on the principle that a Boolean value of a number is givenαLet its k-th bit have a Boolean value ofα[k]Then the number is equal to 0, and must satisfy:
wherein, the first and the second end of the pipe are connected with each other,lis the length of the data. Therefore, the operation of or in the formula is completed by using the calculation of ciphertext or.
The dense state solution data xa is smaller than the xb operation, i.e., lt (< xa >, < xb >):
the core idea of dense solution xa smaller than xb: solving xa minus xb by using a secret sharing algorithm, converting the obtained secret fragment under the arithmetic circuit into a secret fragment < bxc > under the bool circuit, and solving whether the plaintext corresponding to the secret fragment < bxc > is smaller than zero or not in a secret state
<xc> = sub(<xa> , <xb>);
<bxc> = atob(<xc>);
<xr> = ltz(<bxc>);
The dense state solution data xa is larger than the xb operation, i.e. gt (< xa >, < xb >):
the core idea of dense state solution xa greater than xb: solving xa minus xb by using a secret sharing algorithm, converting the obtained secret fragment under the arithmetic circuit into a secret fragment < bxc > under the bool circuit, and solving whether a plaintext corresponding to the secret fragment < bxc > is larger than zero or not in a secret state
<xc> = sub(<xa> , <xb>);
<bxc> = atob(<xc>);
<xr> = gtz(<bxc>);
The dense state solution data xa and the data xb are dense state solution equal to the operation, eq (< xa >, < xb >):
dense state solution xa equals xb core idea: and solving xa minus xb by using a secret sharing algorithm, converting the obtained secret shard under the arithmetic circuit into a secret shard < bxc > under the boost circuit, and then, solving whether the plaintext corresponding to the secret shard < bxc > is equal to zero in a secret state.
<xc> = sub(<xa> , <xb>);
<bxc> = atob(<xc>);
<xr> = eqz(<bxc>);
And (3) solving the maximum value in the xa xb xc three-party data in a dense state:
<c1> = lt(<xa> , <xb>)
<xd> = mux(<xa>, <xb>, <c1>)
<c2> = lt(<xd> , <xc>)
<xmax> = mux(<xd>, <xc>, <c2>)
and solving the minimum value in the xa xb xc three-party data in a dense state:
<c1> = lt(<xa> , <xb>)
<xd> = mux(<xb>, <xa> , <c1>)
<c2> = lt(<xd> , <xc>)
<xmin> = mux( <xc>, <xd>, <c2>)
the plaintext value corresponding to the obtained dense state value of lt (< xa >, < xb >) is 0 or 1, 1 represents that xa < xb is established, 0 represents that xa < xb is not established, mux is a selection circuit, the selected object is determined according to the input third parameter, the first value of the input parameter is selected when the plaintext corresponding to the third parameter is 0, and the second value of the input parameter is selected when the plaintext corresponding to the third parameter is 1.
And step 1 is executed, the initiator and the participant solve the sum of the data amount of the multi-party data in a secret sharing algorithm, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted.
In some embodiments, the initiator and the participant locally count the data volume of the local data to obtain a corresponding numerical value, and perform secret solution at the initiator according to the numerical value by using a secret sharing algorithm to obtain a data volume sum of the multi-party data, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted.
Step S2 is executed to determine the upper and lower bounds of the multiparty data interval, and divide the multiparty data interval into n subintervals, where the local statistics of the initiator and the participant are located in the corresponding set of subintervals.
In some embodiments, the initiator and the participant uniformly determine an upper bound and a lower bound of the multiparty data interval, divide the multiparty data interval into n subintervals according to the determined upper bound and lower bound, and locally calculate a set of the local data corresponding to the initiator and the participant, where the set of the local data falls within the corresponding subintervals.
In particular, the instant foodIn the embodiment, taking three-party data as an example, the initiator a and the participant B, C count the data amount N of the initiator a and the participant B, C A ,N B ,N C Cooperative computing using secret sharing algorithm<N>= sub(<N A > ,<N B >,<N C >) Wherein<N A > ,<N B >,<N C >Each represents N A ,N B ,N C The corresponding one of the secret slices is,<N>representing the corresponding secret fragmentation after the encryption is added, and recovering a plaintext value N of the total data volume at the initiator A. The initiator a locally calculates an Index value of the target data after the multi-party data is sorted according to the obtained N, and in the following embodiment, the solved target data is taken as a median as an example, and the Index value Index of the median = ceil (N/2) (rounding up). The initiator and the participant determine the upper limit Vmax and the lower limit Vmin of the multi-party data initial interval together, and ensure that the data of the initiator and the data of the participant can fall into [ Vmin, Vmax]Within the interval. The initiator and the participant uniformly determine the number n =2 of subintervals, and simultaneously locally calculate the subinterval division position Vd = (Vmax + Vmin)/2, and then [ Vmin, Vmax]The interval is divided into two intervals Bin1 = [ Vmin, Vd =]And Bin2 = (Vd, Vmax)]Bin1 is the first subinterval, and Bin2 is the second subinterval. The initiator and the participator locally calculate the number N of data with own data (namely the party data of the parties) falling in the Bin1 subinterval X1 And dividing the data into two sets P1 and P2 according to the intervals of Bin1 and Bin2, wherein the data in P1 is the first subinterval data, the data in P2 is the second subinterval data, the data stored in the set P1 is in the interval of Bin1, the data stored in the set P2 is in the subinterval range of Bin2, and it should be noted that the P1 and P2 are possible to be empty sets after multiple cycles. The initiator and the participant will be in their hands N X1 (the A side is N A1 And the B side is N B1 And the C side is N C1 ) Performing secret sharing to obtain<N A1 >, <N B1 >, <N C1 >。<N A1 >, <N B1 >, <N C1 >Respectively correspond to N A1 , N B1 , N C1 The secret piece of (a) is divided into,<N A1 >for the first secret slice to be used,<N B1 >、<N C1 >is the second secret slice.
Step S3 is executed, a secret sharing algorithm is used to calculate a target subinterval where the target data corresponding to the index value falls, and determine whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval.
In some embodiments, the initiator performs secret sharing on the index value and the data amount of the corresponding local data in each sub-interval, the participant performs secret sharing on the data amount of the corresponding local data in each sub-interval, determines the target sub-interval in which the target data corresponding to the index value is located by using an addition subtraction method and a secret comparison operation in a secret sharing algorithm, and determines whether the target data is a maximum value or a minimum value in the multi-party data corresponding to the target sub-interval.
Specifically, formula (1) is calculated by means of secret sharing, wherein<N A1 >, <N B1 >, <N C1 >Respectively correspond to N A1 , N B1 , N C1 In a first cycle<Index old >And the secret piece corresponding to the Index of the median position, namely the third secret piece, is updated later according to the calculation result.
<Index new > = sub(<Index old >, add(<N A1 >,<N B1 >,<N C1 >)) (1)
<Result1> = eqz(<Index new >) (2)
<Result2> = gt(<Index new >) (3)
<Result3> = eqz(sub(<Index new >,<1>)) (4)
And (4) calculating expressions (2), (3) and (4), and acquiring a plaintext result corresponding to the calculation result.
And determining target privacy results of the initiator and the participator through a secret state solving algorithm based on the plaintext result and in combination with the first subinterval data and the second subinterval data, wherein the target privacy results are used for indicating the target data.
And step S4 is executed, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the maximum value or the minimum value of the multi-party data in the target subinterval is solved by using a secret sharing algorithm, and then the target data is obtained.
In some embodiments, if it is determined from the result of the dense state comparison operation that the target data to be found is the maximum value located in the target subinterval, the dense state of the set of multi-party data in the target subinterval is solved to the maximum value; and if the target data to be found is the minimum value positioned in the target subinterval according to the result of the dense state comparison operation, solving the minimum value of the set of the multi-party data in the target subinterval in a dense state mode.
In some embodiments, determining the target privacy results for the initiator and the participant by a secret solving algorithm based on the plaintext results in combination with the first subinterval data and the second subinterval data comprises: when the plaintext result is a first plaintext result, it is indicated that the target data is the first subinterval data and is the maximum value of all the first subinterval data of each party, the maximum value of the first subinterval data of each party of the initiator and the participator determined by a secret state solving algorithm is the target privacy result, the target privacy result is restored to the plaintext to obtain the target data, and the first subinterval is the target subinterval.
Specifically, expression (2) holds if the plaintext result is the first plaintext result. First, the expression (2) is calculated and the result plaintext result1 of the expression (2) is recovered, if the plaintext result of the result1 indicates that the expression (2) is true, it indicates that the median of the overall data is within the subinterval Bin1 and is the maximum value of the multiparty data in the subinterval Bin 1. At this point the maximum in the multi-party data needs to be solved. Each participant locally calculates the maximum value P1_ max _ x in the corresponding set P1 of Bin1 subintervals, if P1 is empty, the value of P1_ max _ x is taken as the lower boundary B1min of the Bin1 subinterval range, and the maximum value of P1_ max _ x in each participant, namely the dense solution max (P1_ max _ A, P1_ max _ B, P1_ max _ C) is solved. And recovering the obtained result into a plaintext to obtain a value which is a final result, namely target data, and finishing the calculation.
In some embodiments, determining the target privacy results for the initiator and the participant by a secret solving algorithm based on the plaintext results in combination with the first subinterval data and the second subinterval data comprises: when the plaintext result is a second plaintext result, it is indicated that the target data is the second subinterval data and is the minimum value of all the second subinterval data of each party, the minimum value of the second subinterval data of each party of the initiator and the participator determined by a secret state solving algorithm is the target privacy result, the target privacy result is restored to the plaintext to obtain the target data, and the second subinterval is the target subinterval.
Specifically, if the plaintext result is the second plaintext result, that is, expression (2) is not established, expression (3) is established, and expression (4) is established. First, computing expression (3) in dense state, recovering the result plaintext result2 of expression (3), if result2 indicates that expression (3) is true, computing expression (4) in dense state, wherein <1> represents the secret slice of 1, recovering the result plaintext result3 of expression (4), and if result3 indicates that expression (4) is true, indicating that the median of the whole data is within the subinterval Bin2 and is the minimum value of the multiparty data in the Bin2 subinterval. At this point the minimum in the multi-party data needs to be solved. And each participant locally calculates the minimum value P2_ min _ x in the corresponding set P2 of the Bin2 subintervals, if P2 is empty, the value of P2_ min _ x is taken as the upper bound B2max of the Bin2 subintervals, and the minimum value of P2_ min _ x in each participant is subjected to dense solution, namely the dense solution min (P2_ min _ A, P2_ min _ B and P2_ min _ C). And recovering the obtained result into a plaintext to obtain a final result, and finishing the calculation.
Executing step S5, if the target data is not the maximum value or the minimum value of the multi-party data corresponding to the target subinterval, regarding the target subinterval as a new multi-party data interval, and executing steps S2 to S5 again until the target data is obtained.
In some embodiments, if the secret state comparison result determines that the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval where the target data is located is divided continuously, and whether to update the current secret fragment is selected according to the secret state comparison result.
In some embodiments, determining the target privacy results for the initiator and the participant by a secret solving algorithm based on the plaintext results in combination with the first subinterval data and the second subinterval data comprises: and when the plaintext result is a third plaintext result, the target data is the first subinterval data and is smaller than the maximum value of all the first subinterval data of each party, the first subinterval is redetermined as the data interval, interval division is carried out, the first subinterval data and the second subinterval data of each party of the initiator and the participator are redetermined, and the steps from S2 to S5 are re-executed until the target data is obtained.
Specifically, if the plaintext result is the third plaintext result, the expression (2) is not satisfied, and the expression (3) is not satisfied. It indicates that the median of the overall data is within the subinterval Bin1 and is not the maximum in the Bin1 subinterval. Resetting the upper bound B1max and the lower bound B1min of Bin1 as the upper bound and the lower bound of the search space, determining the number of subintervals n =2, resetting the subinterval division position Vd = (B1max + B1min)/2, resetting the search space into two intervals Bin1 = [ B1min, Vd]And Bin2 = (Vd, B1 max)]And counting the information of the set P1 in the intervals Bin1 and Bin2 to update N x1 P1, P2. The initiator A and the participants B and C respectively pair N A1 , N B1 , N C1 Secret sharing is carried out, and each party obtains corresponding secret fragments<N A1 >, <N B1 >, <N C1 >Secret calculation formula (1) to obtain new<Index new >. Then re-executing the stepsS2 to S5 until the target data is obtained.
In some embodiments, determining the target privacy results of the initiator and the participant by a secret solution algorithm based on the plaintext results in combination with the first subinterval data and the second subinterval data comprises: and when the plaintext result is a fourth plaintext result, the target data is the second subinterval data and is larger than the minimum value of all the second subinterval data of each party, the second subinterval is re-determined as the data interval, interval division is performed, the first subinterval data and the second subinterval data of each party of the initiator and the participant are re-determined, the first secret piece and the second secret piece are re-obtained, the third secret piece is re-assigned, and steps S2 to S5 are re-executed to obtain the target data.
Specifically, if the plaintext result is the fourth plaintext result, that is, expression (2) is not established, expression (3) is established, and expression (4) is not established. It indicates that the median of the overall data is within the subinterval Bin2 and is not the minimum in the Bin2 subinterval. Resetting the upper bound B2max and the lower bound B2min of Bin2 as the upper bound and the lower bound of the search space, determining the number of subintervals n =2, resetting the subinterval division position Vd = (B2max + B2min)/2, resetting the search space into two intervals Bin1 = (B2min, Vd)]And Bin2 = (Vd, B2 max)]And counting the information of the set P2 in the intervals Bin1 and Bin2 to update N x1 P1, P2. The initiator A and the participants B and C respectively pair N A1 , N B1 , N C1 Secret sharing is carried out, and each party obtains corresponding secret fragments<N A1 >, <N B1 >, <N C1 >Will be<Index new >Is assigned to<Index old >And calculating the formula (1) in a post-dense state. And re-executing the steps S3 to S4 to obtain the target data.
Referring specifically to fig. 2, fig. 2 illustrates the method steps of the present application, wherein:
suppose that the data of three parties A, B and C are respectively
A = [76, 27, 93, 67, 96, 57, 83, 42, 56, 35, 93, 88, 46, 90, 78, 59] (16)
B = [65, 77, 12, 94, 49, 76, 94, 57, 71, 58, 17, 62, 95, 37, 44, 86, 50, 13] (18)
C = [79, 74, 85, 44, 68, 20, 32, 87, 28, 25, 37, 40, 66, 80, 36, 90, 16] (17)
The overall median result of the three parties A, B and C is 62, which is calculated from the plaintext, assuming that A is the initiator and B and C are the participants.
By the method, the kth big data, namely the target data, can be solved efficiently on the basis that the plaintext of each party of data is not exposed, and the number of the data of each party in different subintervals is not exposed, so that the plaintext information of each party of data is protected to the great extent. Compared with a common cipher text sorting scheme, the scheme effectively reduces the times of cipher text comparison with high calculation overhead, and meanwhile, the applicability of the scheme is kept under the condition of the unbalanced data volume of multiple parties, so that the calculation cost and the complexity in the actual use process are reduced, and the calculation efficiency is improved.
Fig. 3 is a block diagram of a statistic device based on secret sharing according to an embodiment of the present disclosure. The device includes:
a memory 201; and a processor 202 coupled to the memory 201, the processor 202 configured to: s1, the initiator and the participants solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret way, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted; s2, determining the upper bound and the lower bound of the multi-party data interval, dividing the multi-party data interval into n sub-intervals, and locally counting the corresponding party data of the initiator and the participants in the corresponding set of sub-intervals; s3, calculating a target subinterval where target data corresponding to the index value falls by using a secret sharing algorithm, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval; s4, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, solving the maximum value or the minimum value of the multi-party data in the target subinterval by using a secret sharing algorithm to obtain the target data; s5, if the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval is used as a new multi-party data interval, and the steps S2 to S5 are executed again until the target data is obtained.
In some embodiments, the processor 202 is further configured to: the initiator and the participants locally count the data volume of the data to obtain corresponding numerical values, and the initiator performs secret solution on the data volume of the data to obtain the sum of the data volume of the data to be searched through a secret sharing algorithm, and the initiator determines the index value of the target data to be searched after the data to be searched is sorted.
In some embodiments, the processor 202 is further configured to: the initiator and the participants uniformly determine the upper bound and the lower bound of the multi-party data interval, the multi-party data interval is divided into n sub-intervals according to the determined upper bound and the determined lower bound, and the initiator and the participants locally calculate the set of the corresponding party data in the corresponding sub-intervals.
In some embodiments, the processor 202 is further configured to: the initiator performs secret sharing on the index value and the data amount of the corresponding local data in each subinterval, the participant performs secret sharing on the data amount of the corresponding local data in each subinterval, the target subinterval where the target data corresponding to the index value is located is determined by using addition subtraction and secret comparison operation in a secret sharing algorithm, and whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval is judged.
In some embodiments, the processor 202 is further configured to: if the target data to be found is the maximum value positioned in the target subinterval according to the result of the dense state comparison operation, solving the maximum value of the set of the multi-party data in the target subinterval in a dense state mode; and if the target data to be found is the minimum value positioned in the target subinterval according to the result of the dense state comparison operation, solving the minimum value of the set of the multi-party data in the target subinterval in a dense state mode.
In some embodiments, the processor 202 is further configured to: if the secret state comparison result determines that the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval where the target data is located is continuously divided, and whether the current secret fragment is updated or not is selected according to the secret state comparison result.
In some embodiments, the processor 202 is further configured to: in the process of calculating the corresponding secret sharding by using the secret sharing algorithm, the used calculation formula comprises the following steps:
<Index new > = sub(<Index old >, add(<N A1 >,<N B1 >,<N C1 >))、
<Result1> = eqz(<Index new >)、<Result2> = gt(<Index new >)、
<Result3> = eqz(sub(<Index new >,<1>)) ,
wherein the content of the first and second substances,<Index old >is a third secret piece that is to be included,<N A1 >is a first secret piece to be included in the first secret piece,<N B1 >、<N C1 >is the second secret slice.
For the specific implementation method, reference is made to the foregoing method embodiments, which are not described herein again.
The present application may be methods, apparatus, systems, and/or computer program products. The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied thereon for carrying out various aspects of the present application.
The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
The computer program instructions for carrying out operations of the present application may be assembler instructions, Instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry can execute computer-readable program instructions to implement aspects of the present application by utilizing state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
Various aspects of the present application are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer-readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processing unit of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
It is noted that, unless expressly stated otherwise, all features disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose. Thus, unless expressly stated otherwise, each feature disclosed is one example only of a generic series of equivalent or similar features. Where used, it is further preferred, even further and more preferred that the brief introduction of the further embodiment is made on the basis of the preceding embodiment, the contents of which further, preferably, even further or more preferred the rear band is combined with the preceding embodiment as a complete constituent of the further embodiment. Several further, preferred, still further or more preferred arrangements of the belt after the same embodiment may be combined in any combination to form a further embodiment.
Although the present application has been described in detail with respect to the general description and the specific embodiments, it will be apparent to those skilled in the art that some modifications or improvements may be made based on the present application. Accordingly, such modifications and improvements are intended to be within the scope of this invention as claimed.
Claims (9)
1. A statistical method based on secret sharing, applied to an initiator and a plurality of participants, comprising the following steps:
s1, the initiator and the participants solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret way, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted;
s2, determining the upper bound and the lower bound of the multi-party data interval, dividing the multi-party data interval into n sub-intervals, and locally counting the corresponding party data of the initiator and the participants in the corresponding set of sub-intervals;
s3, calculating a target subinterval where target data corresponding to the index value falls by using a secret sharing algorithm, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval;
s4, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, solving the maximum value or the minimum value of the multi-party data in the target subinterval by using a secret sharing algorithm to obtain the target data;
s5, if the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval is used as a new multi-party data interval, and the steps S2 to S5 are executed again until the target data is obtained.
2. The secret sharing based statistical method according to claim 1, comprising:
the initiator and the participants locally count the data volume of the data to obtain corresponding numerical values, and the initiator performs secret solution on the data volume of the data to obtain the sum of the data volume of the data to be searched through a secret sharing algorithm, and the initiator determines the index value of the target data to be searched after the data to be searched is sorted.
3. The secret sharing based statistical method according to claim 1, comprising:
the initiator and the participants uniformly determine the upper bound and the lower bound of the multi-party data interval, the multi-party data interval is divided into n subintervals according to the determined upper bound and the determined lower bound, and the initiator and the participants locally calculate the set of the corresponding party data in the corresponding subintervals.
4. The secret sharing based statistical method according to claim 1, comprising:
the initiator carries out secret sharing on the index value and the data volume of the corresponding local data in each subinterval, the participants carry out secret sharing on the data volume of the corresponding local data in each subinterval, the target subinterval where the target data corresponding to the index value is located is determined by means of addition and subtraction and secret comparison operation in a secret sharing algorithm, and whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval is judged.
5. The secret sharing based statistical method according to claim 4, comprising:
if the target data to be found is the maximum value in the target subinterval according to the result of the dense state comparison operation, performing dense state solution on the set of the multi-party data in the target subinterval to obtain the maximum value; and if the target data to be found is the minimum value positioned in the target subinterval according to the result of the dense state comparison operation, solving the minimum value of the set of the multi-party data in the target subinterval in a dense state mode.
6. The secret sharing based statistical method according to claim 5, comprising:
if the secret state comparison result determines that the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval where the target data is located is continuously divided, and whether the current secret fragment is updated or not is selected according to the secret state comparison result.
7. The secret sharing based statistical method according to claim 1, wherein in the process of computing the corresponding secret shards by using the secret sharing algorithm, a computing formula is used, which comprises:
<Index new > = sub(<Index old >, add(<N A1 >,<N B1 >,<N C1 >))、
<Result1> = eqz(<Index new >)、<Result2> = gt(<Index new >)、
<Result3> = eqz(sub(<Index new >,<1>)) ,
wherein the content of the first and second substances,<Index old >is a third secret piece that is to be included,<N A1 >is a first secret piece to be included in the first secret piece,<N B1 >、<N C1 >is the second secret slice.
8. A secret sharing based statistical apparatus, comprising:
a memory; and
a processor coupled to the memory, the processor configured to:
s1, the initiator and the participants solve the sum of the data volume of the multi-party data through a secret sharing algorithm in a secret way, and the initiator determines the index value of the target data to be searched after the multi-party data is sorted;
s2, determining the upper bound and the lower bound of the multi-party data interval, dividing the multi-party data interval into n sub-intervals, and locally counting the corresponding party data of the initiator and the participants in the corresponding set of sub-intervals;
s3, calculating a target subinterval where target data corresponding to the index value falls by using a secret sharing algorithm, and judging whether the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval;
s4, if the target data is the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, solving the maximum value or the minimum value of the multi-party data in the target subinterval by using a secret sharing algorithm to obtain the target data;
s5, if the target data is not the maximum value or the minimum value in the multi-party data corresponding to the target subinterval, the target subinterval is used as a new multi-party data interval, and the steps S2 to S5 are executed again until the target data is obtained.
9. A computer storage medium on which a computer program is stored, the computer program, when executed by a machine, implementing the steps of a method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210796852.0A CN115134078B (en) | 2022-07-08 | 2022-07-08 | Secret sharing-based statistical method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210796852.0A CN115134078B (en) | 2022-07-08 | 2022-07-08 | Secret sharing-based statistical method, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115134078A true CN115134078A (en) | 2022-09-30 |
| CN115134078B CN115134078B (en) | 2024-02-06 |
Family
ID=83381168
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210796852.0A Active CN115134078B (en) | 2022-07-08 | 2022-07-08 | Secret sharing-based statistical method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115134078B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116579021A (en) * | 2023-07-12 | 2023-08-11 | 蓝象智联(杭州)科技有限公司 | Multiparty joint data retrieval method based on secret sharing |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114595479A (en) * | 2022-05-10 | 2022-06-07 | 富算科技(上海)有限公司 | Data median determination method and device |
| CN114662148A (en) * | 2022-03-25 | 2022-06-24 | 支付宝(杭州)信息技术有限公司 | Multi-party combined training method and device for protecting privacy |
-
2022
- 2022-07-08 CN CN202210796852.0A patent/CN115134078B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114662148A (en) * | 2022-03-25 | 2022-06-24 | 支付宝(杭州)信息技术有限公司 | Multi-party combined training method and device for protecting privacy |
| CN114595479A (en) * | 2022-05-10 | 2022-06-07 | 富算科技(上海)有限公司 | Data median determination method and device |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116579021A (en) * | 2023-07-12 | 2023-08-11 | 蓝象智联(杭州)科技有限公司 | Multiparty joint data retrieval method based on secret sharing |
| CN116579021B (en) * | 2023-07-12 | 2024-04-05 | 蓝象智联(杭州)科技有限公司 | Multiparty joint data retrieval method based on secret sharing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115134078B (en) | 2024-02-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110457912B (en) | Data processing method and device and electronic equipment | |
| CN111783130A (en) | Data processing method and device for privacy protection and server | |
| CN111144576A (en) | Model training method and device and electronic equipment | |
| CN111125727A (en) | Confusion circuit generation method, prediction result determination method, device and electronic equipment | |
| CN113489584B (en) | Method and device for processing random numbers in block chain and electronic equipment | |
| CN111143862B (en) | Data processing method, query method, device, electronic equipment and system | |
| US20080307030A1 (en) | Generation of test cases with range constraints for floating point add and subtract instructions | |
| CN110457936B (en) | Data interaction method and device and electronic equipment | |
| Krips et al. | Hybrid model of fixed and floating point numbers in secure multiparty computations | |
| Riazi et al. | MPCircuits: Optimized circuit generation for secure multi-party computation | |
| CN112200713A (en) | Business data processing method, device and equipment in federated learning | |
| Rashidi | High‐throughput and flexible ASIC implementations of SIMON and SPECK lightweight block ciphers | |
| US20230076260A1 (en) | Systems and methods for converting data from int-64 to boolean for computations | |
| US20230336344A1 (en) | Data processing methods, apparatuses, and computer devices for privacy protection | |
| CN113722755A (en) | Data processing system, method, device and equipment for realizing privacy protection | |
| CN115134078A (en) | Secret sharing-based statistical method and device and storage medium | |
| CN111159730B (en) | Data processing method, query method, device, electronic equipment and system | |
| CN111046431A (en) | Data processing method, query method, device, electronic equipment and system | |
| US11531782B1 (en) | Systems and methods for finding a value in a combined list of private values | |
| US11290456B2 (en) | Secret equality determination system, secret equality determination method and secret equality determination program recording medium | |
| Pirpilidis et al. | 8‐bit serialised architecture of SEED block cipher for constrained devices | |
| Kodali et al. | FPGA implementation of IEEE-754 floating point Karatsuba multiplier | |
| CN114584284A (en) | Homomorphic encryption operation method and device and electronic equipment | |
| CN114880693A (en) | Method and device for generating activation function, electronic equipment and readable medium | |
| CN110162337B (en) | Operation method, device and related product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |