CN115567188A - Multi-key value hiding intersection solving method and device and storage medium - Google Patents
Multi-key value hiding intersection solving method and device and storage medium Download PDFInfo
- Publication number
- CN115567188A CN115567188A CN202211409667.8A CN202211409667A CN115567188A CN 115567188 A CN115567188 A CN 115567188A CN 202211409667 A CN202211409667 A CN 202211409667A CN 115567188 A CN115567188 A CN 115567188A
- Authority
- CN
- China
- Prior art keywords
- data
- result
- initiator
- hash
- intersection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
Abstract
The embodiment of the application discloses a multi-key-value hiding intersection solving method, a device and a storage medium, wherein the multi-key-value hiding intersection solving method comprises the following steps: replacing missing key values in the obtained initiator data to be processed, and performing first hash processing on the initiator data after the replacement to obtain a first hash result; generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data; sending the public key to the data side so that the data side encrypts the second hash result by using the public key to obtain second encrypted data; and sending the first encrypted data to a data party to obtain an intersection result vector sent by the data party, decrypting the intersection result vector by using a private key to obtain a decryption result, and judging whether each key value in the data of the initiator is intersected from the decryption result.
Description
Technical Field
The application relates to the technical field of network security, in particular to a multi-key value hiding intersection solving method and device and a storage medium.
Background
The privacy intersection, namely privacy intersection, is to solve the intersection of data sets held by multiple parties on the premise of protecting the privacy of multiple parties, and the privacy intersection needs to be solved without revealing the content and information outside the intersection of any party. Namely privacy intersection, which is the intersection of data sets held by multiple parties under the premise of protecting the privacy of multiple parties. Privacy intersection is required to solve intersection and not reveal content and information outside any party intersection. There are many application scenarios, such as: when various manufacturers detect malicious software, the server maintains a malicious software list, and hopefully, the installation condition of the malicious software of a user can be detected on the premise of not revealing the privacy (general software installation condition) of the user. In the social contact software, a user wants to know which address list friends register the software on the premise of not uploading the address list of the user, and the user also needs to hide an application for handing over.
Data collection is often accompanied by errors and deletions, and it is often difficult to completely and correctly store all collected data, for example, in the process of inputting information into a database from a user filling table, a user often encounters filling errors, missing information or inputting errors by an input person. Erroneous or missing data generally cannot guarantee that the goal of secure interleaving can be successfully achieved.
In the related art, in order to ensure the success of the secret intersection, on one hand, the plaintext is usually used to query the most approximate data, and the plaintext query usually causes the acquisition of data of both parties, so that the privacy of the data of both parties cannot be ensured. Or, in the case of not processing the error or missing data, the original secret matching technology cannot be used for matching, because the classic secret matching technology is based on equality comparison, and for the data set with error or missing data, even if two pieces of personal information data are equal in actual conditions, the type of equality cannot be identified due to the missing of the data entry, so a new method is needed for secret matching.
Disclosure of Invention
An object of the embodiments of the present application is to provide a method, an apparatus, and a storage medium for multiple-key value hiding and intersection solving, so as to solve a problem that, in a hiding and intersection solving scheme in the prior art, once a certain key value is wrong or missing, a correct result cannot be queried after intersection is solved.
In order to achieve the above object, an embodiment of the present application provides a multi-key value hiding intersection solving method, including the steps of: replacing missing key values in the obtained initiator data to be processed, and performing first hash processing on the initiator data after the replacement to obtain a first hash result;
generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data;
sending the public key to a data side so that the data side can encrypt a second hash result by using the public key to obtain second encrypted data, wherein the generation method of the second hash result comprises the following steps: the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs second hash processing on the data side data after replacement to obtain a second hash result;
and sending the first encrypted data to the data side to obtain an intersection result vector sent by the data side, decrypting the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
Optionally, the method for generating the intersection result vector includes: and the data side performs subtraction and multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain the intersection result vector.
Optionally, the method further comprises:
obtaining an evaluation parameter vector based on the error probability, the missing probability and/or the repetition probability of the historical data of the initiator and/or the data side, wherein data in the evaluation parameter vector is an evaluation parameter of a corresponding key value in the historical data and is used for describing the reliability of the key value under the condition of crossing, and the calculation formula of the evaluation parameter is as follows: the evaluation parameter = (1-error probability) × (1-duplication probability) × (1-deletion probability).
Optionally, after obtaining the decryption result, the method further includes:
replacing the value in the decryption result representing intersection with 1, and replacing other values with 0 to obtain a result matrix;
and calculating the score S of the data in the decryption result through the formula S = A P-0.5, and if the score S is greater than 0, indicating that the data is in intersection, wherein A is the result matrix and P is the evaluation parameter vector.
Optionally, the missing key value in the initiator data is replaced with-1, and the missing key value in the data side data is replaced with-2.
Optionally, the first hash process is a cuckoo hash process, the second hash process is a simple hash process, the first hash process and the second hash process both use multiple different hash functions to process, the first hash result is a one-dimensional vector, and the second hash result is a two-dimensional vector.
In order to achieve the above object, the present application further provides another hidden intersection solution method with multiple key values, including the steps of: the method for generating the first encrypted data comprises the following steps of obtaining a public key and the first encrypted data sent by an initiator: the initiator replaces missing key values in the acquired initiator data to be processed, first hash processing is carried out on the initiator data after replacement to obtain a first hash result, a private key and the corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used for encrypting the first hash result to obtain first encrypted data;
replacing the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performing second hash processing on the data side data after the replacement to obtain a second hash result;
encrypting a second hash result by using the public key to obtain second encrypted data, and performing subtraction and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain an intersection result vector;
and sending the intersection result vector to the initiator so that the initiator decrypts the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
In order to achieve the above object, the present application further provides a multiple-key value hiding and intersection device, including: a memory; and
a processor coupled to the memory, the processor configured to:
replacing missing key values in initiator data to be processed acquired by an initiator, and performing first hash processing on the initiator data after the replacement to obtain a first hash result;
generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data;
sending the public key to a data side so that the data side can encrypt a second hash result by using the public key to obtain second encrypted data, wherein the generation method of the second hash result comprises the following steps: the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs second hash processing on the data side data after replacement to obtain a second hash result;
and sending the first encrypted data to the data side to obtain an intersection result vector sent by the data side, decrypting the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
To achieve the above object, the present application further provides another multi-key-value hiding intersection device, including: a memory; and
a processor coupled to the memory, the processor configured to:
the method for generating the first encrypted data comprises the following steps of obtaining a public key and the first encrypted data sent by an initiator: the initiator replaces missing key values in the acquired initiator data to be processed, first hash processing is carried out on the initiator data after replacement to obtain a first hash result, a private key and the corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used for encrypting the first hash result to obtain first encrypted data;
replacing the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performing second hash processing on the data side data after the replacement to obtain a second hash result;
encrypting a second hash result by using the public key to obtain second encrypted data, and performing subtraction and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain an intersection result vector;
and sending the intersection result vector to the initiator so that the initiator decrypts the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
To achieve the above object, the present application also provides a computer storage medium having a computer program stored thereon, wherein the computer program, when executed by a machine, implements the steps of the method as described above.
The embodiment of the application has the following advantages:
1. the embodiment of the application provides a multi-key value hiding intersection solving method, which comprises the following steps: replacing missing key values in initiator data to be processed acquired by an initiator, and performing first hash processing on the initiator data after the replacement to obtain a first hash result; generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data; sending the public key to a data side so that the data side can encrypt a second hash result by using the public key to obtain second encrypted data, wherein the generation method of the second hash result comprises the following steps: the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs second hash processing on the data side data after replacement to obtain a second hash result; and sending the first encrypted data to the data side to obtain an intersection result vector sent by the data side, decrypting the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result. The embodiment of the application also provides another multiple key value hiding intersection solving method, which comprises the following steps: the method for generating the first encrypted data comprises the following steps of obtaining a public key and the first encrypted data sent by an initiator: the initiator replaces missing key values in the acquired initiator data to be processed, first Hash processing is carried out on the initiator data after replacement to obtain a first Hash result, a private key and a corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used for encrypting the first Hash result to obtain first encrypted data; replacing the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performing second hash processing on the data side data after the replacement to obtain a second hash result; encrypting a second hash result by using the public key to obtain second encrypted data, and performing subtraction and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain an intersection result vector; and sending the intersection result vector to the initiator so that the initiator decrypts the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
By the method, the hidden intersection with fault-tolerant processing can be performed through various different key values, whether each key value in the initiator data is intersected or not is judged, and even if a certain key value is wrong or missing, normal hidden intersection can be performed, so that a correct result is inquired. Meanwhile, the data of the two parties is protected from being acquired by the plaintext.
2. Further, based on the error probability, the missing probability and/or the repetition probability of the historical data of the initiator and/or the data side, an evaluation parameter vector is obtained, data in the evaluation parameter vector is an evaluation parameter of a corresponding key value in the historical data and is used for describing the reliability of the key value under the condition of crossing, and a calculation formula of the evaluation parameter is as follows: the evaluation parameter = (1-error probability) × (1-duplication probability) × (1-deletion probability). After obtaining the decryption result, the method further comprises: replacing the value in the decryption result representing intersection with 1, and replacing other values with 0 to obtain a result matrix; and calculating the score S of the data in the decryption result through the formula S = A P-0.5, and if the score S is greater than 0, indicating that the data is intersected, wherein A is the result matrix, and P is the evaluation parameter vector.
By the method, the intersection result in the obtained decryption result is further judged, the possibility of error data is eliminated, the existence of the error data is ensured not to influence the reliability of the intersection result, the accuracy of user identity determination is further improved, and normal hidden intersection can be carried out under the condition that the initiator data collected by the initiator in a real scene has errors.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary, and that other embodiments can be derived from the drawings provided by those of ordinary skill in the art without inventive effort.
FIG. 1 is a flowchart illustrating a method for multiple-key hiding and intersection according to an embodiment of the present disclosure;
FIG. 2 is a flowchart illustrating a result matrix of a multi-key hiding and intersection method according to an embodiment of the present disclosure;
fig. 3 is a flowchart of another hidden intersection solution with multiple key values according to an embodiment of the present disclosure;
fig. 4 is a block diagram of a multi-key value hiding and intersecting apparatus according to an embodiment of the present disclosure.
Detailed Description
The present disclosure is not intended to be limited to the particular embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In addition, the technical features mentioned in the different embodiments of the present application described below may be combined with each other as long as they do not conflict with each other.
An embodiment of the present application provides a multi-key value hiding and intersection method, which can be widely used in a real scene when data is manually collected from a text, where typical manually collected information is stored in a security room, a visitor book written and filled by a visitor is needed, and such a scene needs to be manually identified and entered, and data is not completely reliable. The method and the device provided by the embodiment of the present specification are not limited to the above implementation scenarios, but can be generalized to more service scenarios. Referring to fig. 1, fig. 1 is a flowchart of a multi-key value hiding intersection method provided in an embodiment of the present application, and it should be understood that the method may further include additional blocks not shown and/or may omit the blocks shown, and the scope of the present application is not limited in this respect.
In step 101, a missing key value in initiator data to be processed, which is obtained by an initiator, is replaced, and after the replacement, a first hash process is performed on the initiator data to obtain a first hash result.
In a specific implementation scenario, if the initiator collects the name, the identity card number and the handwritten information of the user, some errors and defects often exist in the database of the handwritten information input, and the initiator needs to go to the database of the database for query. At this time, the database of the data side is complete and correct information, but the initiator and the data side cannot determine to use a uniform key value for matching, because sometimes the user identity card number is correctly filled, but the name is not correct, sometimes the name is correct, the mobile phone number is correct, but the identity card number is wrong. Because the situations are various, and common hidden intersection is that one type of key value is fixed and unchanged, once the key value is wrong or missing, the correct result cannot be queried.
In this way, the initiator data to be processed acquired by the initiator in this embodiment may be data entered by the user during form filling, or data acquired by the initiator and handwritten by the user, such as a name, an identity card number, a mobile phone number, and the like, where some errors and defects often exist.
Specifically, in the present embodiment, the acquired data is preprocessed in a preprocessing stage. First, a missing key value in initiator data to be processed acquired by an initiator is replaced, in some embodiments, the missing key value of the initiator is replaced by-1, and all other key values are hashed using a sha256 hash function. In some embodiments, cuckoo hash (cuckoo hash) processing (i.e., first hash processing) is performed on each type of key-value data of the initiator data separately, so as to obtain a first hash result.
The specific method for cuckoo hash processing comprises the following steps: using n (n =3 is selected in the scheme) different hash functions, firstly using the first hash function for all data, hashing all data, and then performing modulo operation on all hash results, wherein the modulo base number = 1.3, which is the original length of the data, and simultaneously opening up a vector with the length being the modulo base number. And sequentially carrying out primary hash on all the numbers, taking a modulus result of the primary hash as an index of a vector position, and plugging the index into the corresponding position. If there is already a number in the location where the new number will be inserted, the data is hashed again using the second hash and then attempted to be inserted into the new location corresponding to the second hash. The second hash uses a hash function different from the first hash function, and the same modulo operation is carried out, and the modulo result is used as a new position. If other numbers still exist at the position after the second hash, the third hash is used, and the like, until the n hashes are used up.
In this embodiment, the data side also replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs a second hash process on the data side data after the replacement to obtain the second hash result.
Specifically, in some embodiments, the missing value on the data side is replaced with-2, and all other key values are hashed using a sha256 hash function. In some embodiments, all key values of the data side data need to be subjected to simple hash (i.e. second hash) processing to obtain the second hash result.
The reason why the missing key value in the initiator data is replaced by-1 based on the agreement between both parties and the missing key value in the data is replaced by-2 based on the agreement between both parties is that the replaced data is not a meaningful value, and it should be understood that the missing key value in the initiator data may be replaced by other different values. The "missing value" here refers to a null value in which missing data is collected in the original database, or no data is collected. Such as the name being unrecognizable at the time of collection, or missing padding.
The concrete method for processing the simple hash comprises the following steps: the same n (n =3 in this case) hashes are used for the simple hash and cuckoo hash, except that the output of the cuckoo hash is a one-dimensional vector, and the output of the simple hash is a two-dimensional vector.
The simple hash is used for processing all the n kinds of hashes of all the data, then all the hashed data are subjected to modulus operation, after modulus operation is finished, all the data are sequentially stuffed into corresponding positions of output vectors, and when the two data need to be inserted into the same position, the two data are arranged at the position.
cuckoo hash, simple hash, is a special data structure often used in covert queries or covert intersections, it being understood that other hash algorithms that can perform the same function are equally applicable.
In some embodiments, before performing step 101, further comprising: and acquiring an evaluation parameter vector based on the error probability, the missing probability and/or the repetition probability of the historical data of the initiator and/or the data side, wherein the data in the evaluation parameter vector is an evaluation parameter of a corresponding key value in the historical data and is used for describing the reliability of the key value under the condition of crossing.
In some embodiments, the evaluation parameter is calculated by the formula: the evaluation parameter = (1-error probability) × (1-duplication probability) × (1-deletion probability).
Specifically, before performing the preprocessing step of the secret intersection described below, both parties (initiator and data party) of the secret intersection need to know the mutual data to a certain extent, and it is necessary to synchronize the key value types included in the data sets, the sizes of the data sets, the error probabilities of the key values, the missing probability information, and the like. This information is used in subsequent processing. Wherein, the error probability, the missing probability and the repetition probability are estimated, and the calculation method comprises the following steps: error probability = number of past error data/total number of acquisitions, miss probability = number of missing past data/total number of acquisitions, repetition probability = number of past repeated data/total number of acquisitions.
Both parties need to synchronize an evaluation parameter vector, which is a vector of 1 row and K columns, where K is the number of key values. This parameter is used to describe the reliability of the key value in the crossing. Further explanation, for example, name features are easy to repeat, and the reliability of the key value is not high, while for example, an identity card, if the key value is crossed, the key value is definitely the same feature, and the reliability of the key value is higher.
Each datum in the evaluation parameter vector P is an evaluation parameter P corresponding to a key value, and is calculated in a manner of P = (1-error probability) × (1-repetition probability) × (1-missing probability). For example, for data written by a user, the evaluation parameter of the name is usually set to 0.3.
At step 102, a private key and a corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used to encrypt the first hash result, so as to obtain first encrypted data.
Specifically, in some embodiments, in the secrecy matching stage, the initiator generates its own CKKS key (private key, public key), and then performs public key encryption on each key value according to the result of cuckoo hash, where the encrypted first encrypted data is marked as enc (a). It should be understood that other homomorphic encryption algorithms are equally applicable, as long as the addition and multiplication calculations in the secret state can be implemented.
At step 103, sending the public key to a data party, so that the data party encrypts a second hash result using the public key to obtain second encrypted data, where the method for generating the second hash result includes: and the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the data of the initiator side, and performs second hash processing on the data side data after the replacement to obtain a second hash result.
Specifically, the data side receives a CKKS public key of the initiator, CKKS encryption is carried out according to the result of the simple hash, and the encrypted second encrypted data is marked as enc (B).
In step 104, the first encrypted data is sent to the data party to obtain an intersection result vector sent by the data party, the intersection result vector is decrypted by using the private key to obtain a decryption result, and whether each key value in the initiator data is intersected is determined from the decryption result.
In some embodiments, the method for generating the intersection result vector includes: and the data side performs subtraction and multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain the intersection result vector.
Specifically, the data side calculates for each number in each location based on each location in the simple hash vector
Where i represents the ith position in the simple hash vector and j represents the jth data in the ith position. Then calculate
All data in the same position of the simple hash are multiplied under the ciphertext, and the obtained result is stored in a corresponding position of a new equal-length vector (namely, the intersection result vector). And after the data side calculates the position in each simple hash, the data side sends the returned intersection result vector to the initiator, the initiator decrypts the intersection result vector, and if the position with 0 represents that the value of the position is the data in intersection in the decrypted intersection result vector.
The CKKS key is generated, and the encryption and decryption processes are as follows:
and (3) key generation:
randomly selecting a number
Where e is a random noise. And a large prime number Q, calculating
Where a is a randomly generated cyclic polynomial modulo Q, will
Set to be a public key and,
set as the private key.
Encryption:
a randomly selected number r, and random noise
,
Calculating
And (3) decryption:
computing
And (3) verification:
here, since the noise is a negligibly small value, the decryption result is approximately m, CKKS is not an exact encryption/decryption, but an addition/multiplication calculation in a secret state can be realized, so this embodiment uses this encryption here.
In some embodiments, after obtaining the decryption result, the method further includes: replacing the value in the decryption result representing intersection with 1, and replacing other values with 0 to obtain a result matrix; and calculating the score S of the data in the decryption result through the formula S = A P-0.5, and if the score S is greater than 0, indicating that the data is in intersection, wherein A is the result matrix and P is the evaluation parameter vector.
Specifically, the decryption result may have 0 or other number, and the decryption result is further processed: all positions where 0 appears are replaced by 1, and all other values are replaced by 0, so that a result matrix of 0,1 can be obtained. After all the key values have been subjected to the above operations, the initiator has a result matrix indicating whether each key value is intersected, referring to fig. 2.
The 0,1 matrix of the result obtained by the initiator is marked as A, the number of query data is L, the number of key values is K, and the matrix is a (L × K) matrix.
In the return phase, the initiator calculates a final score S = a × P-0.5, and if the score is greater than 0, it indicates a final intersection, and if less than or equal to 0, it indicates no intersection. This result is returned as the result of the final intersection.
The result of the independent intersection of the features becomes a 0,1 matrix, the matrix is multiplied by an evaluation parameter vector to judge whether intersection is in progress, the common secret intersection is ended when a 0,1 result is obtained through decryption, and the scheme still needs to further judge the possibility of eliminating error data after the 0,1 result is obtained. By the method, the intersection result in the obtained decryption result is further judged, the possibility of error data is eliminated, the existence of the error data is ensured not to influence the reliability of the intersection result, the accuracy of user identity determination is further improved, and normal hidden intersection can be carried out under the condition that the initiator data collected by the initiator in a real scene has errors.
An embodiment of the present application provides another multi-key value hiding intersection method, and referring to fig. 3, fig. 3 is a flowchart of another multi-key value hiding intersection method provided by an embodiment of the present application, it should be understood that the method may further include additional blocks not shown and/or may omit the blocks shown, and the scope of the present application is not limited in this respect. The method comprises the following steps:
at step 201, a public key and first encrypted data sent by an initiator are obtained, and a method for generating the first encrypted data includes: the method comprises the steps that an initiator replaces missing key values in initiator data to be processed, first Hash processing is carried out on the initiator data after replacement to obtain a first Hash result, a private key and the corresponding public key are generated through a homomorphic encryption algorithm, and the public key is used for encrypting the first Hash result to obtain first encrypted data.
In step 202, the missing key value in the corresponding data side data is replaced with a value different from the replaced missing key value in the initiator data, and after the replacement, second hash processing is performed on the data side data to obtain the second hash result.
In step 203, the public key is used to encrypt the second hash result to obtain second encrypted data, and the differences between the data at corresponding positions in the first encrypted data and the second encrypted data are respectively multiplied to obtain an intersection result vector.
In step 204, the rendezvous result vector is sent to the initiator, so that the initiator decrypts the rendezvous result vector by using the private key to obtain a decryption result, and whether each key value in the initiator data is rendezvoused is determined from the decryption result.
For the specific implementation, reference is made to the foregoing embodiments, which are not described herein again.
By the method, the hidden intersection with fault-tolerant processing can be performed through various different key values, whether each key value in the initiator data is intersected or not is judged, and even if a certain key value is wrong or missing, normal hidden intersection can be performed, so that a correct result is inquired. Meanwhile, the data of the two parties is protected from being acquired by the plaintext.
Fig. 4 is a block diagram of a multi-key value hiding and intersection apparatus according to an embodiment of the present disclosure. The device includes:
a memory 301; and a processor 302 coupled to the memory 301, the processor 302 configured to: replacing missing key values in initiator data to be processed acquired by an initiator, and performing first hash processing on the initiator data after the replacement to obtain a first hash result;
generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data;
sending the public key to a data side so that the data side uses the public key to encrypt a second hash result to obtain second encrypted data, wherein the generation method of the second hash result comprises the following steps: the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs second hash processing on the data side data after replacement to obtain a second hash result;
and sending the first encrypted data to the data side to obtain an intersection result vector sent by the data side, decrypting the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
In some embodiments, the processor 302 is further configured to: the method for generating the intersection result vector comprises the following steps: and the data party performs difference and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain the intersection result vector.
In some embodiments, the processor 302 is further configured to: obtaining an evaluation parameter vector based on the error probability, the missing probability and/or the repetition probability of the historical data of the initiator and/or the data side, wherein data in the evaluation parameter vector is an evaluation parameter of a corresponding key value in the historical data and is used for describing the reliability of the key value under the condition of crossing, and the calculation formula of the evaluation parameter is as follows: the evaluation parameter = (1-error probability) × (1-duplication probability) × (1-deletion probability).
In some embodiments, the processor 302 is further configured to: after obtaining the decryption result, the method further comprises:
replacing the value in the decryption result representing intersection with 1, and replacing other values with 0 to obtain a result matrix;
and calculating the score S of the data in the decryption result through the formula S = A P-0.5, and if the score S is greater than 0, indicating that the data is in intersection, wherein A is the result matrix and P is the evaluation parameter vector.
In some embodiments, the processor 302 is further configured to: and replacing the missing key value in the initiator data with-1, and replacing the missing key value in the data side data with-2.
In some embodiments, the processor 302 is further configured to: the first hash processing is cuckoo hash processing, the second hash processing is simple hash processing, the first hash processing and the second hash processing all use multiple different hash functions to process, the first hash result is a one-dimensional vector, and the second hash result is a two-dimensional vector.
In some embodiments, the processor 302 is further configured to: the method for generating the first encrypted data comprises the following steps of obtaining a public key and the first encrypted data sent by an initiator: the initiator replaces missing key values in the acquired initiator data to be processed, first Hash processing is carried out on the initiator data after replacement to obtain a first Hash result, a private key and a corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used for encrypting the first Hash result to obtain first encrypted data;
replacing the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performing second hash processing on the data side data after the replacement to obtain a second hash result;
encrypting a second hash result by using the public key to obtain second encrypted data, and performing subtraction and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain an intersection result vector;
and sending the intersection result vector to the initiator so that the initiator decrypts the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
For a specific implementation method, reference is made to the foregoing method embodiments, which are not described herein again.
The present application may be methods, apparatus, systems, and/or computer program products. The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied thereon for carrying out various aspects of the present application.
The computer-readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as a punch card or an in-groove protruding structure with instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device via a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
Computer program instructions for carrying out operations of the present application may be assembler instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry can execute computer-readable program instructions to implement aspects of the present application by utilizing state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
Various aspects of the present application are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer-readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processing unit of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
It is noted that, unless expressly stated otherwise, all features disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose. Thus, unless expressly stated otherwise, each feature disclosed is one example only of a generic series of equivalent or similar features. Where used, further, preferably, still further and more preferably is a brief introduction to the description of the other embodiment based on the foregoing embodiment, the combination of the contents of the further, preferably, still further or more preferably back strap with the foregoing embodiment being a complete construction of the other embodiment. Several further, preferred, still further or more preferred arrangements of the back tape of the same embodiment may be combined in any combination to form a further embodiment.
Although the present application has been described in detail with respect to the general description and the specific embodiments, it will be apparent to those skilled in the art that some modifications or improvements may be made based on the present application. Accordingly, such modifications and improvements are intended to be within the scope of this invention as claimed.
Claims (10)
1. A multi-key value hiding intersection method is characterized by comprising the following steps:
replacing missing key values in the obtained initiator data to be processed, and performing first hash processing on the initiator data after the replacement to obtain a first hash result;
generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data;
sending the public key to a data side so that the data side can encrypt a second hash result by using the public key to obtain second encrypted data, wherein the generation method of the second hash result comprises the following steps: the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs second hash processing on the data side data after replacement to obtain a second hash result;
and sending the first encrypted data to the data side to obtain an intersection result vector sent by the data side, decrypting the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
2. The multiple-key value hiding intersection method as claimed in claim 1,
the method for generating the intersection result vector comprises the following steps: and the data side performs subtraction and multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain the intersection result vector.
3. The multiple-key value hiding intersection method according to claim 1, further comprising:
obtaining an evaluation parameter vector based on the error probability, the missing probability and/or the repetition probability of the historical data of the initiator and/or the data side, wherein data in the evaluation parameter vector is an evaluation parameter of a corresponding key value in the historical data and is used for describing the reliability of the key value under the condition of crossing, and the calculation formula of the evaluation parameter is as follows: the evaluation parameter = (1-error probability) × (1-duplication probability) × (1-deletion probability).
4. The multiple-key value hiding and intersecting method as claimed in claim 3, further comprising, after obtaining said decryption result:
replacing the value in the decryption result representing intersection with 1, and replacing other values with 0 to obtain a result matrix;
and calculating the score S of the data in the decryption result through the formula S = A P-0.5, and if the score S is greater than 0, indicating that the data is in intersection, wherein A is the result matrix and P is the evaluation parameter vector.
5. The multiple-key value hiding intersection method as claimed in claim 1,
and replacing the missing key value in the initiator data with-1, and replacing the missing key value in the data side data with-2.
6. The multiple-key value hiding intersection method as claimed in claim 1,
the first hash processing is cuckoo hash processing, the second hash processing is simple hash processing, the first hash processing and the second hash processing both use various different hash functions for processing, the first hash result is a one-dimensional vector, and the second hash result is a two-dimensional vector.
7. A multi-key value hiding intersection method is characterized by comprising the following steps:
the method for generating the first encrypted data comprises the following steps of obtaining a public key and the first encrypted data sent by an initiator: the initiator replaces missing key values in the acquired initiator data to be processed, first Hash processing is carried out on the initiator data after replacement to obtain a first Hash result, a private key and a corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used for encrypting the first Hash result to obtain first encrypted data;
replacing the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performing second hash processing on the data side data after the replacement to obtain a second hash result;
encrypting a second hash result by using the public key to obtain second encrypted data, and performing subtraction and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain an intersection result vector;
and sending the intersection result vector to the initiator so that the initiator decrypts the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
8. A multiple key value hiding intersection apparatus, comprising:
a memory; and
a processor coupled to the memory, the processor configured to:
replacing missing key values in initiator data to be processed, which is acquired by an initiator, and performing first hash processing on the initiator data after the replacement to obtain a first hash result;
generating a private key and a corresponding public key by using a homomorphic encryption algorithm, and encrypting the first hash result by using the public key to obtain first encrypted data;
sending the public key to a data side so that the data side can encrypt a second hash result by using the public key to obtain second encrypted data, wherein the generation method of the second hash result comprises the following steps: the data side replaces the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performs second hash processing on the data side data after replacement to obtain a second hash result;
and sending the first encrypted data to the data side to obtain an intersection result vector sent by the data side, decrypting the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
9. A multi-key value hiding intersection device, comprising:
a memory; and
a processor coupled to the memory, the processor configured to:
the method for generating the first encrypted data comprises the following steps of obtaining a public key and the first encrypted data sent by an initiator: the initiator replaces missing key values in the acquired initiator data to be processed, first Hash processing is carried out on the initiator data after replacement to obtain a first Hash result, a private key and a corresponding public key are generated by using a homomorphic encryption algorithm, and the public key is used for encrypting the first Hash result to obtain first encrypted data;
replacing the missing key value in the corresponding data side data with a value different from the replaced missing key value in the initiator data, and performing second hash processing on the data side data after the replacement to obtain a second hash result;
encrypting a second hash result by using the public key to obtain second encrypted data, and performing subtraction and successive multiplication on data at corresponding positions in the first encrypted data and the second encrypted data respectively to obtain an intersection result vector;
and sending the intersection result vector to the initiator so that the initiator decrypts the intersection result vector by using the private key to obtain a decryption result, and judging whether each key value in the initiator data is intersected from the decryption result.
10. A computer storage medium having a computer program stored thereon, wherein the computer program, when executed by a machine, implements the steps of the method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211409667.8A CN115567188B (en) | 2022-11-11 | 2022-11-11 | Multi-key value hiding intersection solving method and device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211409667.8A CN115567188B (en) | 2022-11-11 | 2022-11-11 | Multi-key value hiding intersection solving method and device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115567188A true CN115567188A (en) | 2023-01-03 |
| CN115567188B CN115567188B (en) | 2023-03-14 |
Family
ID=84770202
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211409667.8A Active CN115567188B (en) | 2022-11-11 | 2022-11-11 | Multi-key value hiding intersection solving method and device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115567188B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115765969A (en) * | 2023-01-10 | 2023-03-07 | 蓝象智联(杭州)科技有限公司 | Hidden set intersection method and device based on homomorphic encryption and storage medium |
| CN115935438A (en) * | 2023-02-03 | 2023-04-07 | 杭州金智塔科技有限公司 | Data privacy intersection system and method |
| CN115935439A (en) * | 2023-02-27 | 2023-04-07 | 蓝象智联(杭州)科技有限公司 | Geographic position verification method and device based on hiding intersection and storage medium |
| CN116502276A (en) * | 2023-06-29 | 2023-07-28 | 极术(杭州)科技有限公司 | Method and device for inquiring trace |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220078023A1 (en) * | 2020-09-08 | 2022-03-10 | Qed-It Systems Ltd. | Private set calculation using private intersection and calculation, and applications thereof |
| CN114239074A (en) * | 2022-02-25 | 2022-03-25 | 蓝象智联(杭州)科技有限公司 | Private data hiding intersection method without exposing intermediate result |
| CN114386089A (en) * | 2021-12-07 | 2022-04-22 | 北京数牍科技有限公司 | Privacy set intersection method based on multi-condition retrieval |
| CN114661680A (en) * | 2022-05-25 | 2022-06-24 | 蓝象智联(杭州)科技有限公司 | Private data hiding and sharing method |
| CN114978512A (en) * | 2022-07-18 | 2022-08-30 | 华控清交信息科技(北京)有限公司 | Privacy intersection method and device and readable storage medium |
| CN115065459A (en) * | 2022-06-13 | 2022-09-16 | 青岛大学 | Multi-party privacy set intersection method, device, equipment and storage medium |
-
2022
- 2022-11-11 CN CN202211409667.8A patent/CN115567188B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220078023A1 (en) * | 2020-09-08 | 2022-03-10 | Qed-It Systems Ltd. | Private set calculation using private intersection and calculation, and applications thereof |
| CN114386089A (en) * | 2021-12-07 | 2022-04-22 | 北京数牍科技有限公司 | Privacy set intersection method based on multi-condition retrieval |
| CN114239074A (en) * | 2022-02-25 | 2022-03-25 | 蓝象智联(杭州)科技有限公司 | Private data hiding intersection method without exposing intermediate result |
| CN114661680A (en) * | 2022-05-25 | 2022-06-24 | 蓝象智联(杭州)科技有限公司 | Private data hiding and sharing method |
| CN115065459A (en) * | 2022-06-13 | 2022-09-16 | 青岛大学 | Multi-party privacy set intersection method, device, equipment and storage medium |
| CN114978512A (en) * | 2022-07-18 | 2022-08-30 | 华控清交信息科技(北京)有限公司 | Privacy intersection method and device and readable storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 邵航: "同态加密在隐私计算中的应用综述", 《信息通信技术与政策》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115765969A (en) * | 2023-01-10 | 2023-03-07 | 蓝象智联(杭州)科技有限公司 | Hidden set intersection method and device based on homomorphic encryption and storage medium |
| CN115765969B (en) * | 2023-01-10 | 2023-06-09 | 蓝象智联(杭州)科技有限公司 | Method, device and storage medium for solving interaction of hidden set based on homomorphic encryption |
| CN115935438A (en) * | 2023-02-03 | 2023-04-07 | 杭州金智塔科技有限公司 | Data privacy intersection system and method |
| CN115935439A (en) * | 2023-02-27 | 2023-04-07 | 蓝象智联(杭州)科技有限公司 | Geographic position verification method and device based on hiding intersection and storage medium |
| CN116502276A (en) * | 2023-06-29 | 2023-07-28 | 极术(杭州)科技有限公司 | Method and device for inquiring trace |
| CN116502276B (en) * | 2023-06-29 | 2023-09-12 | 极术(杭州)科技有限公司 | Method and device for inquiring trace |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115567188B (en) | 2023-03-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115567188B (en) | Multi-key value hiding intersection solving method and device and storage medium | |
| KR102570801B1 (en) | Generation of cryptographic function parameters from compact source code | |
| JP5412414B2 (en) | Searchable cryptographic processing system | |
| US8429421B2 (en) | Server-side encrypted pattern matching | |
| US8442218B2 (en) | Method and apparatus for compound hashing via iteration | |
| US20160094347A1 (en) | Method and system for secure management of computer applications | |
| US11251949B2 (en) | Biometric security for cryptographic system | |
| EP3637674A1 (en) | Computer system, secret information verification method, and computer | |
| CN112469036B (en) | Message encryption and decryption method and device, mobile terminal and storage medium | |
| US10263785B1 (en) | Cryptography method and system for securing data via electronic transmission | |
| JP6738062B2 (en) | Ciphertext verification system, method, and recording medium | |
| CN111033506A (en) | Edit script verification with match and difference operations | |
| CN113691502A (en) | Communication method, communication device, gateway server, client and storage medium | |
| CN114175572A (en) | System and method for performing equality and subordination operations on encrypted data using quasigroup operations | |
| US20200076594A1 (en) | Key update for masked keys | |
| JP6738061B2 (en) | Ciphertext verification system, method, and recording medium | |
| CN115473703A (en) | Identity-based ciphertext equivalence testing method, device, system and medium for authentication | |
| CN114039785B (en) | Data encryption, decryption and processing methods, devices, equipment and storage medium | |
| EP2991265B1 (en) | Encrypted text matching system, method and program | |
| CN113434555B (en) | Data query method and device based on searchable encryption technology | |
| CN114741704A (en) | Privacy protection method, device, equipment and medium based on marriage and love dating | |
| CN117220865A (en) | Longitude and latitude encryption method, longitude and latitude verification device and readable storage medium | |
| EP2991266B1 (en) | Encrypted text matching system, method, and computer readable medium | |
| CN111475690B (en) | Character string matching method and device, data detection method and server | |
| CN114117388A (en) | Device registration method, device registration apparatus, electronic device, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |