CN115174171A - Method for comparing data size of self-balancing search tree in privacy state - Google Patents

Method for comparing data size of self-balancing search tree in privacy state Download PDF

Info

Publication number
CN115174171A
CN115174171A CN202210719409.3A CN202210719409A CN115174171A CN 115174171 A CN115174171 A CN 115174171A CN 202210719409 A CN202210719409 A CN 202210719409A CN 115174171 A CN115174171 A CN 115174171A
Authority
CN
China
Prior art keywords
data
server
database server
ciphertext
private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210719409.3A
Other languages
Chinese (zh)
Inventor
王靖午
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fangying Jintai Technology Beijing Co ltd
Original Assignee
Fangying Jintai Technology Beijing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fangying Jintai Technology Beijing Co ltd filed Critical Fangying Jintai Technology Beijing Co ltd
Priority to CN202210719409.3A priority Critical patent/CN115174171A/en
Publication of CN115174171A publication Critical patent/CN115174171A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0414Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

A method for comparing data size of a self-balancing search tree in a privacy state comprises the following steps: the database server sends a request for comparing the sizes of the private data ciphertext x and the private data ciphertext y to the auxiliary server; wherein, x = x 1 +x 2 ;y=y 1 +y 2 (ii) a The database server and the auxiliary server are servers with self-balancing search trees; step two: database server computation p 1 =x 1 ‑y 1 Assisting the Server in computing p 2 =y 2 ‑x 2 (ii) a Step three: database server and secondary auxiliary server comparison p 1 And p 2 If p is 1 >p 2 Then x>y, otherwise, x<y. Reddish-black trees, B-trees and B + trees are often used in the database to optimize the searching efficiency, the comparison size is necessary for the operations of inserting, searching and deleting, but when the value of the node is the privacy data, the privacy dataThe method for comparing the data size of the self-balancing search tree in the privacy state provided by the method realizes the comparison of the data size of the self-balancing search tree in the privacy state so as to improve the security of the privacy data.

Description

Method for comparing data size of self-balancing search tree in privacy state
The technical field is as follows:
the invention relates to the technical field of information security, in particular to a method for comparing data size of a self-balancing search tree in a privacy state.
Background art:
with the continuous development and the landing application of big data technology, the data value is continuously reflected and improved, so that a huge value space is probably constructed by big data in the future, and an important value carrier of the value space is the data. Therefore, the value of future data will be higher and higher, and the data will become an important resource, but the transmission of personal data to the database server will bring privacy disclosure risks.
In the prior art, values in node key value pairs of a self-balancing search tree are plaintext, and when the plaintext is private data to be protected, the current self-balancing search tree cannot compare the size of the data in a private state, so that data leakage is caused, and the privacy safety of a user is threatened.
The invention content is as follows:
aiming at the problems, the invention uses the cryptography technology to ensure that the data sent to the database server by the user is the ciphertext, and simultaneously, the database server can compare the sizes of the ciphertexts and use the self-balancing search tree technology to order the data, thereby improving the efficiency of database operation.
A method of comparing data sizes in a private state from a balanced lookup tree, the method comprising the steps of:
if the auxiliary server is credible:
step 1: the data holder shares the private data ciphertext x and the private data ciphertext y as a private data ciphertext sharing value x 1 ,x 2 ,y 1 And y 2 And sharing the private data cipher text with the value x 1 And y 1 Sending the private data to a database server to share the value x with the private data ciphertext 2 And y 2 Sending to the auxiliary server, wherein x = x 1 +x 2 ;y=y 1 +y 2
Step 2: the database server sends a request for comparing the sizes of x and y to the auxiliary server;
and step 3: database server calculates privacy data ciphertext sharing value p 1 =x 1 -y 1 The auxiliary server calculates the private data ciphertext sharing value p 2 =y 2 -x 2
And 4, step 4: database server and auxiliary server comparison p 1 And p 2 If p is the size of 1 >p 2 Then x>y, otherwise, x<y;
If the auxiliary server is not trusted:
step 11: the data holder shares x and y as a private data ciphertext sharing value x 1 、x 2 And y 1 、y 2 Then sharing the private data ciphertext with the value x 1 And y 1 Sending to the database server, the data holder will x 2 After encryption, x is obtained 21 Will y is 2 After encryption, y is obtained 21 And x is 21 And y 21 Sending to the auxiliary server;
step 12: the database server randomly extracts t data holders and sends requests for comparing the sizes of x and y to the auxiliary server and the t data holders;
step 13: the database server sends the identity information of t data holders to the auxiliary server, and the auxiliary server sends x 2 And y 2 Is given by the ciphertext value x 21 And y 21 Sending the data to t data holders;
step 14: t data holders decrypt x 21 And y 21 To obtain x 2 And y 2
Step 15: database server computation p 1 =x 1 -y 1 T data holders calculate p 2 =y 2 -x 2
Step 16: database server and data holder comparison p 1 And p 2 If p is 1 >p 2 Then x>y, otherwise, x<y。
Preferably, if the secondary server is not trusted:
the database server randomly extracts t data holders and sends requests for comparing the sizes of x and y to the auxiliary server and the t data holders;
the database server sends the identity information of t data holders to the auxiliary server, and the auxiliary server sends x 2 And y 2 The ciphertext value of (1) is sent to t data holders;
t data holders decrypt x 2 And y 2 The ciphertext value of (a) yields x 2 And y 2 Of the plaintext value x 21 And y 21
Database server computation p 1 =x 1 -y 1 T data holders calculate p 2 =y 21 -x 21
Database server and data holder comparison p 1 And p 2 If p is the size of 1 >p 2 Then x>y, otherwise, x<y; if the database server and the auxiliary server belong to the same company, the auxiliary server is not credible, and if the database server is in company A and the auxiliary server is in the department of public security, the auxiliary server is credible.
Preferably, the data holder sends the privacy data ciphertext sharing value to the database server and the auxiliary server through a secure channel.
Preferably, the data holder shares the private data ciphertext x as x using additive secret sharing 1 And x 2 Sharing the private data ciphertext y as y 1 And y 2
Preferably, the data holder encrypts x using a threshold encryption algorithm 2 And y 2
Preferably, the database server and the auxiliary server compare the sizes of x and y by running a million-radix protocol.
Preferably, the database server and the t data holders compare the size of x and y by running a million-Fang protocol.
Preferably, the self-balancing search tree includes: redwood, B + tree, B tree.
The data base is usually provided with a red-black tree, a B tree and a B + tree to optimize the searching efficiency, the comparison size is necessary for the operations of inserting, searching and deleting, but when the value of the node is the privacy data, the privacy data is in a ciphertext state.
Description of the drawings:
fig. 1 is a flow chart of a method provided by the present invention when an auxiliary server is trusted.
Fig. 2 is a flow chart of a method provided by the present invention when the secondary server is not trusted.
The specific implementation mode is as follows:
in order to make the technical scheme of the invention easier to understand, the method for comparing the data size of the self-balancing search tree in the privacy state, which is designed by the invention, is clearly and completely described by taking the database server and the auxiliary server as an example, and if the data needs to be searched or deleted, the method for comparing the data size of the self-balancing search tree in the privacy state, which is designed by the method, is called when the data needs to be searched or deleted is larger, the method for comparing the self-balancing search tree in the privacy state is smaller.
When the auxiliary server is trusted, the method provided by the invention is specifically described by referring to the attached figure 1 of the specification, and the method comprises the following steps:
step 100: the data holder shares the private data x and the private data y into a ciphertext sharing value x through additive secret sharing 1 、x 2 And y 1 、y 2
Step 110: the data holder shares the private data cipher text with the value x 1 And y 1 Sending the private data cipher text to a database server through a secure channel to share the value x with the private data cipher text 2 And y 2 Sending the data to an auxiliary server through a secure channel;
step 120: the database server sends a request for comparing the sizes of the private data ciphertext x and the private data ciphertext y to the auxiliary server;
step 130: database server computation p 1 =x 1 -y 1 Assisting the Server in computing p 2 =y 2 -x 2
Step 140: the database server and the auxiliary server compare p by running the million Fuzz protocol 1 And p 2 If p is the size of 1 >p 2 Then x>y, otherwise, x<y。
When the auxiliary server is not trusted, the method provided by the invention is specifically described by combining the specification and the attached figure 2, and the method comprises the following steps:
step 200: data holder shares private data x and private data y as ciphertext sharing value x through additive secret sharing 1 ,x 2 ,y 1 And y 2
Step 210: the data holder shares the value x with the private data ciphertext 1 And y 1 Sending the private data to a database server through a secure channel, and enabling a data holder to share the value x with the private data ciphertext by adopting a threshold encryption algorithm 2 And y 2 After being encrypted, the encrypted data is sent to an auxiliary server through a secure channel;
step 220: the database server randomly extracts t data holders and sends requests for comparing the sizes of x and y to the auxiliary server and the t data holders;
step 230: the database server sends the identity information of the t data holders to the auxiliary server;
step 240: the auxiliary server will x 2 And y 2 Sending the ciphertext value to t data holders;
step 250: t data holders decrypt x 2 And y 2 The ciphertext value of (a) yields x 2 And y 2 Of the plaintext value x 21 And y 21
Step 260: database server computation p 1 =x 1 -y 1 T data holders calculate p 2 =y 21 -x 21
Step 270: database server and data holder running million-Fuzz protocol comparison p 1 And p 2 If p is the size of 1 >p 2 Then x>y, otherwise, x<y。
It should be noted that: it will be apparent to those skilled in the art that various modifications, substitutions, variations and enhancements can be made without departing from the spirit and scope of the invention, which should be considered as within the scope of the invention.

Claims (7)

1. A method for comparing data size in a private state from a self-balancing lookup tree, the method comprising the steps of:
if the auxiliary server is credible:
step 1: the data holder shares the private data ciphertext x and the private data ciphertext y as a private data ciphertext sharing value x 1 ,x 2 ,y 1 And y 2 And sharing the private data cipher text with the value x 1 And y 1 Sending the private data to a database server to share the value x with the private data ciphertext 2 And y 2 Sending to the auxiliary server, wherein x = x 1 +x 2 ;y=y 1 +y 2
And 2, step: the database server sends a request for comparing the sizes of x and y to the auxiliary server;
and step 3: database server calculates privacy data ciphertext sharing value p 1 =x 1 -y 1 The auxiliary server calculates the private data ciphertext sharing value p 2 =y 2 -x 2
And 4, step 4: database server and auxiliary server comparison p 1 And p 2 If p is 1 >p 2 Then x>y, otherwise, x<y;
If the auxiliary server is not trusted:
step 11: the data holder shares x and y as a private data ciphertext sharing value x 1 、x 2 And y 1 、y 2 Then, the private data ciphertext is shared with the value x 1 And y 1 Sending to the database server, the data holder will x 2 After encryption, x is obtained 21 Will y is 2 After encryption, y is obtained 21 And x is 21 And y 21 Sending to the auxiliary server;
step 12: the database server randomly extracts t data holders and sends requests for comparing the sizes of x and y to the auxiliary server and the t data holders;
step 13: the database server sends the identity information of t data holders to the auxiliary server, and the auxiliary server sends x 2 And y 2 Is given by the ciphertext value x 21 And y 21 Is sent to tA data holder;
step 14: t data holders decrypt x 21 And y 21 To obtain x 2 And y 2
Step 15: database server computation p 1 =x 1 -y 1 T data holders calculate p 2 =y 2 -x 2
Step 16: database server and data holder comparison p 1 And p 2 If p is 1 >p 2 Then x>y, otherwise, x<y。
2. The method as claimed in claim 1, wherein the data holder sends the private data cipher text sharing value to the database server and the auxiliary server through a secure channel.
3. The method for comparing data sizes in the privacy state of the self-balancing lookup tree as claimed in claim 1, wherein the data holder shares the privacy data ciphertext x as x using additive secret sharing 1 And x 2 Sharing the private data ciphertext y as y 1 And y 2
4. The method for comparing data sizes in private states using self-balancing trie as claimed in claim 1, wherein the data holder encrypts x using a threshold encryption algorithm 2 And y 2
5. The method of claim 1, wherein the database server and the auxiliary server compare the size of x and y by running a million-Fuzz protocol.
6. The method of claim 1, wherein the database server and the t data holders compare the size of x and y by running a million-Richards protocol.
7. The method of claim 1, wherein the self-balancing search tree comprises: redwood, B + tree, B tree.
CN202210719409.3A 2022-06-23 2022-06-23 Method for comparing data size of self-balancing search tree in privacy state Pending CN115174171A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210719409.3A CN115174171A (en) 2022-06-23 2022-06-23 Method for comparing data size of self-balancing search tree in privacy state

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210719409.3A CN115174171A (en) 2022-06-23 2022-06-23 Method for comparing data size of self-balancing search tree in privacy state

Publications (1)

Publication Number Publication Date
CN115174171A true CN115174171A (en) 2022-10-11

Family

ID=83486566

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210719409.3A Pending CN115174171A (en) 2022-06-23 2022-06-23 Method for comparing data size of self-balancing search tree in privacy state

Country Status (1)

Country Link
CN (1) CN115174171A (en)

Similar Documents

Publication Publication Date Title
US11381398B2 (en) Method for re-keying an encrypted data file
US9379891B2 (en) Method and system for ID-based encryption and decryption
US9485096B2 (en) Encryption / decryption of data with non-persistent, non-shared passkey
US20150143112A1 (en) System and method for dynamic, non-interactive, and parallelizable searchable symmetric encryption
US11316671B2 (en) Accelerated encryption and decryption of files with shared secret and method therefor
WO2023010727A1 (en) Key updating method and apparatus, file sharing method and apparatus, device, and computer storage medium
EP3598714A1 (en) Method, device, and system for encrypting secret key
US11765137B2 (en) Message transmission system, communication terminal, server apparatus, message transmission method, and program
CN108632237A (en) A kind of position service method based on the anonymity of more Anonymizers
CN104967693A (en) Document similarity calculation method facing cloud storage based on fully homomorphic password technology
Meye et al. A secure two-phase data deduplication scheme
CN103607278A (en) Safe data cloud storage method
Ma et al. Nearby friend discovery with geo-indistinguishability to stalkers
CN115580402A (en) Data hiding query method for secure multi-party computation
CN107181596B (en) Searchable encryption method based on bilinear pairings
CN117595991A (en) Privacy information retrieval method combined with key negotiation
Li et al. A Proxy Re-Encryption Scheme Based on Elliptic Curve Group.
CN116545741A (en) Agent re-encryption reverse firewall method based on blockchain
Kamel et al. A decentralized resource discovery using attribute based encryption for internet of things
CN115174171A (en) Method for comparing data size of self-balancing search tree in privacy state
US20210126906A1 (en) Communication device, server device, concealed communication system, methods for the same, and program
Lee et al. A study of practical proxy reencryption with a keyword search scheme considering cloud storage structure
US11831756B2 (en) Sharing access to data externally
CN115361218B (en) Cloud data existence verification method with query hiding characteristic
Saravanan et al. Implementation of deduplication on encrypted big-data using signcryption for cloud storage applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination