CN115603905A - Data sharing method, device, equipment and storage medium - Google Patents
Data sharing method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN115603905A CN115603905A CN202211219631.3A CN202211219631A CN115603905A CN 115603905 A CN115603905 A CN 115603905A CN 202211219631 A CN202211219631 A CN 202211219631A CN 115603905 A CN115603905 A CN 115603905A
- Authority
- CN
- China
- Prior art keywords
- shard
- secret
- data
- screening
- kth
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The disclosure provides a data sharing method, a data sharing device, data sharing equipment and a storage medium, which can be applied to the technical field of big data and the technical field of encryption. The method comprises the following steps: interacting with a data providing end based on an oblivious pseudorandom function calculation protocol to determine a first sample mask set of a first sample set to be matched; respectively generating a first multiplication secret fragment and a second multiplication secret fragment by utilizing an addition secret sharing method and a multiplication secret re-sharing method; processing the random number set by using the symbol value of each first fragment element in the first multiplication secret fragment and the symbol value of each second fragment element in the second multiplication secret fragment based on an oblivious transmission protocol to obtain a first screening mask set; and performing intersection calculation based on the first sample mask set, the first screening mask set and the first dual mask set to determine data intersection from at least one first sample to be matched.
Description
Technical Field
The present disclosure relates to the field of information security technologies, and in particular, to a data sharing method, apparatus, device, medium, and program product.
Background
The data sharing interactive cooperation is beneficial to better exerting data value, enables related scenes and mechanisms, and avoids potential safety hazards such as data leakage and the like in the process of carrying out data sharing cooperation among the mechanisms along with the continuous improvement of the requirements of data safety and privacy protection.
In the related technology, methods such as privacy set intersection and the like are usually adopted to realize extraction and screening of common samples of a data provider and a data demander, and data outside sample intersection is protected from being leaked. However, the privacy set intersection method in the related art can only perform intersection screening in the dimension of the sample set, and cannot use other features and their determination conditions contained in the sample as screening bases. Therefore, the related art has at least the technical problems of poor accuracy and low data security when data sharing interactive cooperation is performed.
Disclosure of Invention
In view of the foregoing, the present disclosure provides data sharing methods, apparatuses, devices, media, and program products.
One aspect of the present disclosure provides a data sharing method, applied to a data demand side, where the method includes: interacting with a data providing terminal based on an oblivious pseudorandom function calculation protocol to determine a first sample mask set of a first sample set to be matched, wherein the first sample set to be matched comprises at least one first sample to be matched; respectively generating a first multiplicative secret shard and a second multiplicative secret shard by utilizing an addition secret sharing method and a multiplicative secret re-sharing method based on a preset screening threshold, wherein the first multiplicative secret shard comprises n first shard elements, the second multiplicative secret shard comprises n second shard elements, and n is a positive integer; in response to receiving the random number set sent by the data providing terminal, processing the random number set by using the symbol value of each first fragmentation element in the first multiplication secret fragmentation and the symbol value of each second fragmentation element in the second multiplication secret fragmentation based on an inadvertent transmission protocol to obtain a first screening mask set; and in response to receiving a first set of double masks sent by the data provider, performing intersection calculation based on the first set of sample masks, the first set of screening masks, and the first set of double masks to determine data intersection from at least one first sample to be matched.
Another aspect of the present disclosure provides a data sharing method applied to a data providing end, where the method includes: interacting with a data demand end based on an oblivious pseudorandom function calculation protocol to determine a second sample mask set of a second sample set to be matched; respectively generating a third multiplicative secret shard and a fourth multiplicative secret shard by utilizing an addition secret sharing method and a multiplicative secret re-sharing method, wherein the third multiplicative secret shard comprises n fifth shard elements, the fourth multiplicative secret shard comprises n sixth shard elements, and n is a positive integer; processing an initial random number set by using the symbol value of each fifth shard element in the third multiplicative secret shard and the symbol value of each sixth shard element in the fourth multiplicative secret shard based on an inadvertent transmission protocol to obtain a random number set, and sending the random number set to the data demand side, wherein the initial random number set comprises a plurality of third random number elements, and the third random number elements comprise three unequal random numbers; embedding calculation is carried out on the second sample mask set by utilizing the initial random number set to obtain a first dual mask set; and sending the first set of double masks to the data demander, wherein the data demander is configured to perform intersection calculation based on the first set of double masks to determine a data intersection.
Another aspect of the present disclosure provides a data sharing apparatus configured at a data demand end, the apparatus including: the device comprises a first determining module, a second determining module and a third determining module, wherein the first determining module is used for interacting with a data providing end based on an oblivious pseudo-random function computing protocol to determine a first sample mask set of a first sample set to be matched, and the first sample set to be matched comprises at least one first sample to be matched; a first generation module, configured to generate a first multiplicative secret shard and a second multiplicative secret shard respectively by using an addition secret sharing method and a multiplicative secret re-sharing method based on a preset screening threshold, where the first multiplicative secret shard includes n first shard elements, the second multiplicative secret shard includes n second shard elements, and n is a positive integer; a first processing module, configured to, in response to receiving a random number set sent by the data provider, based on an oblivious transmission protocol, process the random number set by using a symbol value of each first shard element in the first multiplicative secret shard and a symbol value of each second shard element in the second multiplicative secret shard, to obtain a first screening mask set; and a first calculating module, configured to perform, in response to receiving a first double mask set sent by the data provider, an intersection calculation based on the first sample mask set, the first filtering mask set, and the first double mask set, so as to determine a data intersection from at least one first to-be-matched sample.
Another aspect of the present disclosure provides a data sharing apparatus configured at a data providing end, the apparatus including: the second determining module is used for interacting with the data demand end based on the oblivious pseudorandom function calculation protocol so as to determine a second sample mask set of a second sample set to be matched; a second generating module, configured to generate a third multiplicative secret shard and a fourth multiplicative secret shard by using an addition secret sharing method and a multiplicative secret re-sharing method, where the third multiplicative secret shard includes n fifth shard elements, the fourth multiplicative secret shard includes n sixth shard elements, and n is a positive integer; a second processing module, configured to process an initial random number set by using a symbol value of each fifth shard element in the third multiplicative secret shard and a symbol value of each sixth shard element in the fourth multiplicative secret shard to obtain a random number set, and send the random number set to the data requirement end, based on an oblivious transmission protocol, where the initial random number set includes a plurality of third random number elements, and the third random number elements include three unequal random numbers; a second calculation module, configured to perform embedding calculation on the second sample mask set by using the initial random number set to obtain a first dual mask set; and a sending module, configured to send the first double mask set to the data demander, where the data demander is configured to perform intersection calculation based on the first double mask set to determine a data intersection.
Another aspect of the present disclosure provides an electronic device including: one or more processors; memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the above-described method.
Another aspect of the present disclosure also provides a computer-readable storage medium having stored thereon executable instructions that, when executed by a processor, cause the processor to perform the above-described method.
Another aspect of the disclosure also provides a computer program product comprising a computer program which, when executed by a processor, implements the above method.
According to the data sharing method, the data sharing device, the data sharing equipment, the data sharing medium and the program product, for a first sample set to be matched determined by a data demand side, an inadvertent pseudorandom function calculation protocol is utilized to interact with a data providing side to determine a first sample mask set, then multiplication secret re-sharing is carried out based on a preset screening threshold value, the obtained multiplication secret fragment is utilized to carry out inadvertent transmission to obtain a first screening mask set, and then privacy intersection is carried out based on the received first double mask set and the first sample mask set and the first screening mask set, so that the data intersection of the first sample set to be matched and a second sample set to be matched of the data providing side can be determined under the conditions that the preset screening threshold value is not leaked out and the samples are safe. Therefore, the technical problems of poor accuracy and low data security existing in the data sharing interactive cooperation in the related technology are at least partially solved, the privacy security in the data sharing process is effectively ensured, and the accuracy of the data sharing is improved.
Drawings
The foregoing and other objects, features and advantages of the disclosure will be apparent from the following description of embodiments of the disclosure, which proceeds with reference to the accompanying drawings, in which:
fig. 1 schematically shows an application scenario diagram of a data sharing method and apparatus according to an embodiment of the present disclosure.
Fig. 2 schematically shows a flowchart of a data sharing method applied to a data demand side according to an embodiment of the present disclosure.
Fig. 3 schematically shows a flow chart of a method of generation of a first multiplicative secret slice and a second multiplicative secret slice according to an embodiment of the disclosure.
Fig. 4 schematically shows a flowchart of an inadvertent transmission by a data demand side according to an embodiment of the present disclosure.
Fig. 5 schematically shows a flow chart of an intersection calculation method according to an embodiment of the present disclosure.
Fig. 6 schematically shows a flowchart of a data sharing method applied to a data provider according to an embodiment of the present disclosure.
Fig. 7 is a block diagram schematically illustrating a data sharing apparatus configured at a data demand side according to an embodiment of the present disclosure.
Fig. 8 schematically shows a block diagram of a data sharing apparatus configured at a data providing end according to an embodiment of the present disclosure.
Fig. 9 schematically shows a block diagram of an electronic device adapted to implement the data sharing method according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction should be interpreted in the sense one having ordinary skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B, a and C, B and C, and/or A, B, C, etc.).
In the technical scheme of the disclosure, the collection, storage, use, processing, transmission, provision, disclosure, application and other processing of the related data (such as but not limited to identity identification and service identification) all meet the regulations of related laws and regulations, necessary security measures are taken, and the official customs is not violated.
The data sharing interactive cooperation is beneficial to better exerting data value, enables related scenes and mechanisms, and avoids potential safety hazards such as data leakage and the like in the process of carrying out data sharing cooperation among the mechanisms along with the continuous improvement of the requirements of data safety and privacy protection. In the related technology, methods such as privacy set intersection and the like are usually adopted to realize the extraction and screening of common samples of two parties, and data outside the sample intersection is protected from leaking, so that the method is widely applied to the scenes such as joint marketing, federal learning, advertisement delivery, customer salvage and the like.
However, the privacy set intersection method in the related art can only perform intersection screening in the dimension of the sample set, and cannot use other features and judgment conditions thereof contained in the sample as screening bases. Taking a sample screening scenario between a data demander and a data provider as an example, when the data demander desires that a sample which is not equal to a judgment condition in a local sample set and an opposite sample set satisfies a screening condition, for example, "registration time ≠ 2021", to perform conditional privacy deal, only the additional screening condition "registration time ≠ 2021" can be sent to the data provider, and this way may cause leakage of the screening condition, which is not favorable for privacy protection of the data demander.
In view of this, embodiments of the present disclosure provide a data sharing method, apparatus, device, medium, and program product, which may implement supporting a privacy set intersection that is not equal to a policy when data sharing is performed between a data requiring end and a data providing end, so as to effectively protect a sample set and screening added privacy of the data requiring end, and the data providing end cannot identify any effective information about a screening condition, thereby implementing a higher-level privacy protection effect, and implementing safer, more accurate, and more effective sample intersection and data sharing.
Specifically, the data sharing method may be applied to a data demand side, and the method includes: interacting with a data providing terminal based on an oblivious pseudorandom function calculation protocol to determine a first sample mask set of a first sample set to be matched, wherein the first sample set to be matched comprises at least one first sample to be matched; respectively generating a first multiplication secret fragment and a second multiplication secret fragment by utilizing an addition secret sharing method and a multiplication secret re-sharing method based on a preset screening threshold, wherein the first multiplication secret fragment comprises n first fragment elements, the second multiplication secret fragment comprises n second fragment elements, and n is a positive integer; responding to the received random number set sent by the data providing end, and processing the random number set by using the symbol value of each first fragment element in the first multiplication secret fragment and the symbol value of each second fragment element in the second multiplication secret fragment based on an inadvertent transmission protocol to obtain a first screening mask set; and in response to receiving the first set of double masks sent by the data provider, performing intersection calculation based on the first set of sample masks, the first set of screening masks, and the first set of double masks to determine data intersection from at least one first sample to be matched.
Fig. 1 schematically shows an application scenario diagram of a data sharing method and apparatus according to an embodiment of the present disclosure.
As shown in fig. 1, the application scenario 100 according to this embodiment may include a first terminal device 101, a second terminal device 102, a third terminal device 103, and a network 104.
The first terminal device 101, the second terminal device 102, the third terminal device 103 may be any type of electronic device including, but not limited to, a smart phone, a tablet computer, a laptop portable computer, a desktop computer, and the like. In some application scenarios, the first terminal device 101, the second terminal device 102, and the third terminal device 103 may also be replaced by a server or a server cluster.
The network 104 is used to provide a medium of communication links between the first terminal device 101, the second terminal device 102 and the third terminal device 103. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
Any one terminal device (for example, the first terminal device 101) among the first terminal device 101, the second terminal device 102, and the third terminal device 103 may be a data demand side, and another terminal device (for example, the second terminal device 102) except the terminal device may be a data supply side. That is, the data sharing method applied to the data demand side provided by the embodiment of the present disclosure may be executed by the first terminal device 101, and the data sharing method applied to the data providing side may be executed by the second terminal device 102. Accordingly, the data sharing apparatus configured at the data demand side according to the embodiment of the present disclosure may be disposed in the first terminal device 101, and the data sharing apparatus configured at the data providing side may be disposed in the second terminal device 102, so as to implement data sharing between the first terminal device 101 and the second terminal device 102.
It should be understood that the number of terminal devices and networks in fig. 1 is merely illustrative. There may be any number of terminal devices and networks, as desired for implementation.
The data sharing method of the disclosed embodiment will be described in detail through fig. 2 to 6 based on the scenario described in fig. 1.
Fig. 2 schematically shows a flowchart of a data sharing method applied to a data demand side according to an embodiment of the present disclosure.
As shown in fig. 2, the data sharing method of this embodiment includes operations S210 to S240.
In operation S210, a data providing end is interacted with based on an oblivious pseudo-random function calculation protocol to determine a first sample mask set of a first set of samples to be matched, where the first set of samples to be matched includes at least one first sample to be matched.
In operation S220, based on a preset screening threshold, a first multiplicative secret shard and a second multiplicative secret shard are respectively generated by using an additive secret sharing method and a multiplicative secret re-sharing method, where the first multiplicative secret shard includes n first shard elements, the second multiplicative secret shard includes n second shard elements, and n is a positive integer.
In operation S230, in response to receiving the set of random numbers sent by the data provider, the set of random numbers is processed by using the symbol value of each first shard element in the first multiplicative secret shard and the symbol value of each second shard element in the second multiplicative secret shard based on the oblivious transmission protocol, resulting in a first set of screening masks.
In operation S240, in response to receiving the first set of double masks sent by the data provider, an intersection calculation is performed based on the first set of sample masks, the first set of screening masks, and the first set of double masks to determine a data intersection from at least one first sample to be matched.
According to an embodiment of the present disclosure, the first set of samples to be matched may be represented as a = { ID, for example 1 ,…,ID m Where, ID k The kth first sample to be matched may be represented. The first sample to be matched can be an identity mark, a service mark and the like which can be bound with the identified object one by oneAnd (4) determining the identification code.
According to the embodiment of the disclosure, an Oblivious Pseudo-random Function (OPRF) calculation protocol may be a type of Pseudo-random Function calculation protocol, in which a Function value receiver may randomly generate a random number r, a sender may generate a random number s, and the receiver and the sender may obtain a value of a random Function F (r, s) on the premise that the receiver does not master s through an interactive calculation protocol. The random function F (-) used in the accidental pseudo-random function calculation protocol may be predetermined between the data demand side and the data providing side, and the specific representation manner of the random function is not limited herein.
According to the embodiment of the disclosure, when the oblivious pseudo-random function calculation protocol is implemented, the data providing terminal can generate the random number s, and through double-end interaction, the data providing terminal can obtain the value of the random function, namely the first sample mask set, on the premise of not mastering the random number s. Because the change of the random number s can cause the change of the value of the random function, the first sample mask set generated in each data sharing process has difference in the mode, and therefore the forward security of the data sharing is effectively guaranteed.
According to an embodiment of the present disclosure, the generated first set of sample masks may be denoted as S = { F (ID) 1 ,s),…,F(ID m ,s)}={s 1 ,…,s m }。
According to the embodiment of the disclosure, after the first sample mask set is obtained, the first sample mask set can be processed by using a cuckoo hash filter or the like, so as to improve the retrieval and matching performance.
According to an embodiment of the present disclosure, the preset filtering threshold may be a value related to a filtering condition when data is shared, and the preset filtering threshold may be a real number determined by the data demand side according to a specific application scenario. For example, based on the non-policy-equal filtering condition being "registration time ≠ 2022", then correspondingly, the preset filtering threshold value can be set to 2022.
Additive secret sharing may also be possible according to embodiments of the present disclosureCalled Secret Sharing (SS). When the additive secret sharing is carried out, the two parties can respectively master a random value x for the private data a 0 ,x 1 Satisfies a = x 0 +x 1 ,x 0 ,x 1 An additive secret shard, also denoted as (x) 0 ,x 1 )=[a]. By means of the secret sharing mechanism, multi-party privacy calculation such as addition, subtraction, multiplication and the like can be achieved.
According to an embodiment of the disclosure, multiplicative Re-sharing (Multiplicative Re-sharing) may be that for private data a, both parties respectively master and grasp a random value u 0 ,u 1 Satisfy a = u 0 ·u 1 Can also be written as (u) 0 ,u 1 )=<a>. In the initial state, the two parties can respectively master the addition secret slice [ a ] of a]And under the condition of not opening the private data a, each party respectively obtains the multiplication fragment of a through a private algorithm<a>。
According to an embodiment of the present disclosure, an Oblivious Transfer (OT) protocol may be a type of cryptography protocol, which enables a data sender to send two pieces of data to a data receiver, for example, x0 and x1, respectively, but the data receiver can only receive one piece of data according to its own needs, for example, the data receiver may select one piece of data from x0 and x1 according to a value of a judgment identifier. By the method, the data sender can be ensured not to know the data specifically received by the data receiver. Specifically, with an inadvertent transmission mode, for the random number set, the data demand side may selectively receive data from the random number set according to a symbol value of each first shard element in the first multiplicative secret shard and a symbol value of each second shard element in the second multiplicative secret shard, and the obtained first screening mask set is unknown to the data supply side, so that data security may be guaranteed in the data transmission process.
According to the data sharing method provided by the disclosure, for a first sample set to be matched determined by a data demand end, interaction is performed with a data providing end by using an oblivious pseudorandom function calculation protocol to determine a first sample mask set, then multiplication secret re-sharing is performed based on a preset screening threshold, and the obtained multiplication secret fragment is oblivious transmitted to obtain a first screening mask set, and then privacy intersection is performed based on the received first double mask set and the first sample mask set and the first screening mask set, so that the data intersection of the first sample set to be matched and a second sample set to be matched of the data providing end can be determined under the condition that the preset screening threshold is not leaked and the sample is ensured to be safe. Therefore, the technical problems of poor accuracy and low data security existing in the data sharing interactive cooperation in the related technology are at least partially solved, the privacy security in the data sharing process is effectively ensured, and the accuracy of the data sharing is improved.
According to the embodiment of the disclosure, the data providing end may be configured with a second sample set to be matched, the second sample set to be matched includes n sample elements, and the sample elements include a second sample to be matched and sample features. The second sample set to be matched may be a full sample set of the data providing end, or a sample set obtained by the data providing end through screening according to a certain rule.
The first set of samples to be matched is denoted as a = { ID below 1 ,…,ID m Denoted as second set of samples to be matched
For example, the data sharing process between the data demand side and the data providing side is further described. In the above formula, ID k The kth first sample to be matched may be represented,
may represent the kth second sample to be matched, x k And representing the characteristics of the kth sample, wherein m, n and k are positive integers, n is larger than or equal to m, and n is larger than or equal to k.
Fig. 3 schematically shows a flow chart of a method of generation of a first multiplicative secret slice and a second multiplicative secret slice according to an embodiment of the disclosure.
As shown in fig. 3, the generation method of the first multiplicative secret slice and the second multiplicative secret slice may include operations S301-S305, and the methods of operations S301-S305 may be used to implement operation S220.
In operation S301, a first screening condition and a second screening condition are determined based on a preset screening threshold using an unequal screening policy.
In operation S302, a data provider interacts with the data provider based on a preset filtering threshold to generate a first additive secret slice related to a first filtering condition by using an additive secret sharing method, and the data provider is configured to generate a second additive secret slice related to the first filtering condition.
In operation S303, the data provider interacts with the data provider based on the first addition secret shard to generate a first multiplication secret shard with respect to a first filtering condition using a multiplicative secret re-sharing method, the data provider being configured to generate a third multiplication secret shard with respect to the first filtering condition.
In operation S304, a data provider is interacted with based on a preset screening threshold value by using an addition secret sharing method to generate a third addition secret shard related to a second screening condition, and the data provider is configured to generate a fourth addition secret shard related to the second screening condition.
In operation S305, the data provider interacts with the data provider based on the third additive secret shard to generate a second multiplicative secret shard for the second screening condition using the multiplicative secret re-sharing method, the data provider being configured to generate a fourth multiplicative secret shard for the second screening condition.
According to the embodiment of the disclosure, taking a preset screening threshold as a as an example, a first screening condition that can be determined by using a policy that is not equal to screening may be denoted as x-a, and a second screening condition may be denoted as a-x.
According to an embodiment of the present disclosure, operation S302 may specifically include the following operations:
randomly generating a first secret fragment and a second secret fragment based on a preset screening threshold, wherein the sum of the first secret fragment and the second secret fragment is the preset screening threshold; sending a second secret fragment to a data providing end, wherein the data providing end is configured to randomly generate a kth first feature fragment and a kth second feature fragment for a kth sample feature, generate a kth third fragment element based on the kth second feature fragment and the second secret fragment, generate a second addition secret fragment based on the n third fragment elements, and send the n first feature fragments to a data requiring end; and in response to receiving the n first feature slices, for a kth first feature slice, generating a kth fourth slice element based on the kth first feature slice and the first secret slice, and generating a first addition secret slice based on the n fourth slice elements.
According to the embodiment of the disclosure, taking a preset screening threshold a as an example, the data demand side can randomly generate the first secret piece a based on the preset screening threshold a 1 And a second secret slice a 2 And satisfy a 1 +a 2 = a. The first secret piece a 1 The first addition secret slice generation method can be used for the data demand end, and the second secret slice a 2 May be sent to the data provider for generation of the second additive secret shard by the data provider.
According to the embodiment of the disclosure, the data providing terminal may perform the feature x on n samples in the second sample set to be matched 1 ,…,x n Performing additive secret fragmentation, i.e. for arbitrary sample features x k Randomly generating a first feature patch y k And a second feature patch z k The slicing result can be represented as [ x ] 1 ],…,[x n ]Wherein [ x ] k ]=(y k ,z k ) Satisfy x k =y k +z k . n first feature patches y 1 ,…,y n The n second characteristic fragments z can be used for being sent to a data demand end and used as a basis for the data demand end to generate a first addition secret fragment 1 ,…,z n May be used as a basis for the data provider to generate the second addition secret slice.
According to the embodiment of the disclosure, the data providing end receives the second secret piece a 2 Then, slicing z for the second feature k Z 'can be calculated' k =z k -a 2 As a kth third tile element, the second additive secret tile for the first screening condition x-a may be denoted as z' 1 ,…,z′ n 。
According to the embodiment of the disclosure, the data demand side receives n first feature fragments y 1 ,…,y n Then, slicing y for the first feature k Y 'can be calculated' k =y k -a 1 As a kth sub-tile element, the first additive secret tile for the first screening condition x-a may be denoted as y' 1 ,…,y′ n 。
According to an embodiment of the present disclosure, a slicing result of the first-addition secret sharing method may be represented as [ x [ ] k -a]=(y′ k ,z′ k ),k=1,…,n。
According to an embodiment of the present disclosure, operation S303 may specifically include the following operations:
acquiring a kth first preset parameter and a kth second preset parameter from a preset parameter group, wherein the data providing end is configured to acquire a kth third preset parameter and a kth fourth preset parameter from the preset parameter group, and the kth first preset parameter, the kth second preset parameter, the kth third preset parameter and the kth fourth preset parameter meet preset conditions; calculating to obtain a kth first characteristic element based on the kth fourth fragmentation element, the kth first preset parameter and the kth second preset parameter; sending a kth first characteristic element to a data providing end, wherein the data providing end is configured to obtain a kth fifth fragment element through calculation based on the kth first characteristic element and a kth third preset parameter, obtain a kth second characteristic element through calculation based on the kth third fragment element, a kth fourth preset parameter and the kth fifth fragment element, and send the kth second characteristic element to a data requiring end; calculating to obtain a kth first fragment element based on the kth first preset parameter and the kth second characteristic element; and generating a first multiplicative secret shard based on the n first shard elements, wherein the data provider is configured to generate a third multiplicative secret shard based on the n fifth shard elements.
According to an embodiment of the present disclosure, the preset parameter group may be n sets of multiplication triples, wherein the kth set of multiplication triples may be represented as (e) k ,f k ,[g k ]) The multiplication triplet satisfies g k =e k ·f k 。
According to the embodiment of the disclosure, the preset parameter group can be generated by the data demand side and the data providing side according to a convention, or can be generated by the trusted third side and is distributed in the data sharing process.
According to an embodiment of the present disclosure, the kth first preset parameter may be e k The kth third preset parameter may be f k . K-th second preset parameter g' k And a kth fourth predetermined parameter g ″ k May be for g in a multiplication triplet k Is obtained by adding and slicing treatment, namely satisfies (g' k ,g″ k )=[g k ]I.e. g' k +g″ k =g k 。
According to an embodiment of the present disclosure, the preset condition may be, for example, the following constraint condition: g' k +g″ k =e k ·f k 。
According to an embodiment of the present disclosure, the data demand side may be based on the kth fourth slice element y' k The kth first preset parameter e k And a kth second preset parameter g' k Calculating to obtain the kth first characteristic element p k As shown in equation (1):
according to the embodiment of the disclosure, the n first characteristic elements calculated by the data demand side can be sent to the data providing side. The data provider, after receiving the n first feature elements, may base the kth first feature element p k And a kth third preset parameter f k And calculating to obtain the kth fifth fragment element v k As shown in equation (2):
v k =f k +p k (2)
according to an embodiment of the present disclosure, the third multiplicative secret shard generated by the data demand side may be represented as v based on the n fifth shard elements 1 ,…,v n 。
According to embodiments of the present disclosure, the data demand side may also be based on a kth third tile element z' k The kth fourth preset parameter g ″ k And the kth fifth slice element v k Calculating to obtain the kth second characteristic element q k As shown in equation (3):
according to the embodiment of the disclosure, the n second characteristic elements calculated by the data providing terminal can be sent to the data demanding terminal. After receiving the n second characteristic elements, the data consumer may base on the kth first preset parameter e k And a kth second characteristic element q k And calculating to obtain the kth first fragment element u k As shown in equation (4):
u k =e k +q k (4)
according to an embodiment of the disclosure, the first multiplicative secret shard generated by the data consumer may be represented as u based on n first shard elements 1 ,…,u n 。
According to an embodiment of the present disclosure, the slicing result of the first-time multiplicative secret re-sharing may be represented as (u) k ,v k )=<x k -a>Satisfy u k ·v k =x k -a。
According to the embodiment of the disclosure, in the slicing result of the first-time multiplication secret re-sharing, v is k Is not equal to zero, i.e. when u k ·v k =x k -a =0, then u k =0,v k Not equal to 0. At this time, the data demander can pass u k =0 to determine x k =a,The data provider can not pass v k To determine x k And whether the value is equal to a or not is judged, so that the preset screening threshold set by the data demander is ensured not to leak in the data sharing process.
According to the embodiment of the present disclosure, the addition secret sharing method implemented in operation S304, that is, the second addition secret sharing, may be implemented by a method similar to that in operation S302, and the first screening condition in the method in operation S302 may be replaced by the second screening condition, which is not described herein again.
According to an embodiment of the present disclosure, the sharding result of the second addition secret sharing method may be represented as
Wherein the content of the first and second substances,
may be represented as the kth element of the third additive secret slice,
may be represented as the kth element of the fourth additive secret slice.
According to the embodiment of the present disclosure, the method for re-sharing the multiplicative secret implemented in operation S305, that is, the method for re-sharing the multiplicative secret for the second time may be implemented by a method similar to that in operation S303, and the first screening condition in the method in operation S303 may be replaced by the second screening condition, which is not described herein again.
According to the embodiment of the disclosure, the slicing result of the second-time multiplicative secret re-sharing method can be expressed as
Satisfy the requirements of
Wherein, the first and the second end of the pipe are connected with each other,
may be represented as the kth element of the second multiplicative secret slice,
may be represented as the kth element of the fourth multiplicative secret slice.
According to the embodiment of the disclosure, by combining the application of the addition secret sharing method and the multiplication secret re-sharing method, the sample characteristics in the second sample set to be matched of the data providing terminal can be shared to the data requiring terminal under the condition of no leakage, so as to provide a basis for the sample matching of the data requiring terminal, and the data security can be effectively improved.
Fig. 4 schematically shows a flowchart of an inadvertent transmission by a data demand side according to an embodiment of the present disclosure.
As shown in fig. 4, the data requiring end performing the unintentional transmission may include operations S401 to S403, and the method of operations S401 to S403 may be used to implement operation S230.
According to an embodiment of the present disclosure, the set of random numbers may include a first set of random numbers and a second set of random numbers.
In operation S401, in response to receiving the first set of random numbers, the first set of random numbers is processed with a symbol value of each first shard element in the first multiplicative secret shard, based on an oblivious transmission protocol, resulting in a first set of screening masks.
In operation S402, in response to receiving the second set of random numbers, the second set of random numbers is processed with the symbol value of each second shard element in the second multiplicative secret shard, resulting in a second set of screening masks, based on the oblivious transmission protocol.
In operation S403, the first screening mask subset and the second screening mask subset are spliced to obtain a first screening mask set.
According to the embodiment of the present disclosure, the data request side may perform two times of unintentional transfer, and accordingly, the method of operation S401 may complete the first time of unintentional transfer, and the method of operation S402 may complete the second time of unintentional transfer.
According to an embodiment of the present disclosure, the first set of random numbers may include n first random number elements, the first random number elements including two unequal random numbers.
According to an embodiment of the present disclosure, operation S401 may specifically include the following operations:
in response to receiving the first random number set, for a kth first random number element, selecting two random numbers of the kth first random number element based on a symbol value of the kth first sharding element to obtain a first target random number, wherein k is a positive integer less than or equal to n; and generating a first screening mask subset based on n first target random numbers which respectively correspond to the n first random number elements one to one.
Specifically, during the first oblivious transmission, for the kth first random number element, the symbol value u 'of the kth first slice element may be calculated first' k =sig(u k ). In the selection process, if u' k =1, the random number on the left side in the k-th first random number element may be selected as the first target random number θ k (ii) a If u' k = -1, the random number on the right in the k-th first random number element may be selected as the first target random number θ k (ii) a If u' k =0, one of two random numbers of the kth first random number element may be randomly selected as the first target random number θ k 。
According to an embodiment of the present disclosure, the second set of random numbers may include n second random number elements, the second random number elements including two unequal random numbers.
According to an embodiment of the present disclosure, operation S402 may specifically include the following operations:
in response to receiving the second random number set, for a kth second random number element, selecting two random numbers of the kth second random number element based on a symbol value of the kth second fragmentation element to obtain a second target random number, wherein k is a positive integer less than or equal to n; and generating a second screening mask subset based on n second target random numbers respectively corresponding to the n second random number elements one to one.
In particular, during the second inadvertent transmission, for the second timek second random number elements, the symbol value of the k second slice element may be calculated first
In the selection process, if
The random number on the left side of the kth second random number element may be selected as the second target random number θ' k (ii) a If it is
The random number to the right in the kth second random number element may be selected as the second target random number θ' k (ii) a If it is
One may be randomly selected from two random numbers of the kth second random number element as the second target random number theta' k 。
According to an embodiment of the present disclosure, the first screening mask set obtained by stitching may be represented as (θ) 1 ,…,θ n ;θ′ 1 ,…,θ′ n ) I.e. its dimension should be 2n.
According to the embodiment of the disclosure, with an inadvertent transmission mode, for the random number set, the data demand side may selectively receive data from the random number set according to the symbol value of each first shard element in the first multiplication secret shard and the symbol value of each second shard element in the second multiplication secret shard, and the obtained first screening mask set is unknown to the data providing side, so that data security may be guaranteed in the data transmission process.
Fig. 5 schematically shows a flow chart of an intersection calculation method according to an embodiment of the present disclosure.
As shown in fig. 5, the intersection calculation method may include operations S501 to S503, and the methods of operations S501 to S503 may be used to implement operation S240.
In operation S501, in response to receiving the first dual mask set, the first screening mask set is used to perform an embedding calculation on the first dual mask set, so as to obtain a second dual mask set.
In operation S502, an intersection calculation is performed on the second dual mask set and the first sample mask set to obtain an intersection set, where the intersection set includes intersection elements.
In operation S503, a sample matching the intersection element is determined from at least one first sample to be matched to obtain a data intersection.
According to an embodiment of the present disclosure, the embedding calculation may be to obtain one vector or set based on two vectors or sets of the same length by means of vector addition, vector multiplication, or the like.
According to an embodiment of the present disclosure, operation S501 may specifically include the following operations:
performing dimensionality reduction on the first screening mask set to obtain a second screening mask set, wherein the second screening mask set comprises n first screening mask elements; calculating each first screening mask element in the second screening mask set by using a hash function to obtain a first hash mask set; and in response to receiving the first double mask set, performing embedded calculation on the first double mask set by using the first hash mask set to obtain a second double mask set.
According to the embodiment of the present disclosure, since the dimension of the first screening mask set is 2n, the dimension reduction processing needs to be performed on the first screening mask set, and the dimension reduction processing mode is not limited. The second set of screening masks obtained after the dimension reduction process may be represented as (θ), for example 1 +θ′ 1 ,…,θ n +θ′ n ) Accordingly, the kth first filtering mask element may be represented as θ k +θ′ k 。
According to an embodiment of the present disclosure, each first filtering mask element in the second filtering mask set is calculated using a hash function, and the resulting first filtering mask set may be denoted as H (θ [ ]) and 1 +θ′ 1 ),…,H(θ n +θ′ n )。
according to an embodiment of the present disclosure, the first set of double masks may be as shown in equation (5):
in the formula (5), the first and second groups,
may be represented as a second set of sample masks determined by the data provider based on the second set of samples to be matched B.
According to the embodiment of the disclosure, the first double-mask set is subjected to embedding calculation by utilizing the first hash mask set to obtain a second double-mask set T 2 Can be shown as equation (6):
according to the embodiment of the present disclosure, the intersection calculation between sets may be to compare two set elements at the same position in the two sets, and if the two set elements are consistent, it may be determined that a value of a corresponding intersection element in the output intersection is not zero; if the two set elements are not consistent, the value of the corresponding intersection element may be determined to be zero. In particular, for the second set of dual masks T 2 Performing intersection calculation with the first sample mask set S to obtain an intersection set I, which may be shown in formula (7):
I=S 2 ∩T 2 ={I 1 ,…,I l } (7)
in the formula I 1 ,…,I l Intersection elements may be represented.
According to the embodiment of the disclosure, when determining the data intersection, position information of an intersection element that is not zero may be determined first, a first sample to be matched in a first sample set to be matched corresponding to the position information is a target sample, and a combination of the target samples is the data intersection. In particular, the data intersection C may be represented as
Fig. 6 schematically shows a flowchart of a data sharing method applied to a data provider according to an embodiment of the present disclosure.
As illustrated in fig. 6, the data sharing method applied to the data provider may include operations S610 to S650.
In operation S610, a second sample mask set of a second sample set to be matched is determined based on an oblivious pseudorandom function calculation protocol interacting with the data demand side.
In operation S620, a third multiplicative secret shard and a fourth multiplicative secret shard are respectively generated by using an additive secret sharing method and a multiplicative secret re-sharing method, where the third multiplicative secret shard includes n fifth shard elements, the fourth multiplicative secret shard includes n sixth shard elements, and n is a positive integer.
In operation S630, based on the oblivious transmission protocol, the initial set of random numbers is processed using the symbol value of each fifth shard element in the third multiplicative secret shard and the symbol value of each sixth shard element in the fourth multiplicative secret shard, and obtaining a random number set, and sending the random number set to a data demand end, wherein the initial random number set comprises a plurality of third random number elements, and the third random number elements comprise three unequal random numbers.
In operation S640, the second sample mask set is subjected to an embedding calculation using the initial random number set, so as to obtain a first dual mask set.
In operation S650, a first set of double masks is sent to the data demander, where the data demander is configured to perform an intersection calculation based on the first set of double masks to determine a data intersection.
According to the embodiment of the disclosure, a cryptography technical route combining the inadvertent transmission, the extended inadvertent transmission, the inadvertent pseudorandom function, the secret sharing, the multiplication secret re-sharing and the privacy set intersection is used, the multiplication secret re-sharing is performed between the sample characteristics and the comparison screening conditions, further the symbol values of the multiplication secret fragments are subjected to the inadvertent transmission, the performance optimization is realized by using the extended inadvertent transmission technology, and finally the samples and the screening condition judgment are combined based on the inadvertent pseudorandom function, so that the screening condition is protected from being leaked, the sample safety outside the intersection is protected, the scheme is not equal to the policy privacy set intersection scheme, and the privacy, effectiveness and high efficiency of the scheme are realized.
According to embodiments of the present disclosure, the initial set of random numbers may be n random number elements (α) generated by the data provider k ,β k ,γ k ) And satisfy α k ≠β k ≠γ k 。
According to an embodiment of the present disclosure, operation S630 may specifically include the following operations:
processing the initial random number set by using the symbol value of each fifth fragment element in the third-multiplication secret fragment based on the careless transmission protocol to obtain a first random number set; processing the initial random number set by using the symbol value of each sixth fragmentation element in the fourth multiplication secret fragmentation to obtain a second random number set based on an accidental transmission protocol; splicing the first random number set and the second random number set to obtain a random number set; and sending the random number set to the data demand end.
According to the embodiment of the present disclosure, similar to the data demanding side, the data providing side may also perform two times of inadvertent transmission, and have generated and transmitted the first random number set and the second random number set, respectively.
According to an embodiment of the present disclosure, based on an oblivious transmission protocol, processing an initial set of random numbers with a symbol value of each fifth shard element in a third multiplicative secret shard, obtaining a first set of random numbers may include the following operations:
based on a first preset rule, according to the symbol value of the kth fragment element, selecting two random numbers from three random numbers of the kth third random number element to obtain a first random number element; and generating the first random number set based on n first random number elements respectively corresponding to the n third random number elements one to one.
Specifically, during the first oblivious transmission, for the kth third random number element, the symbol value v 'of the kth third slice element may be calculated first' k =sig(v k ). The selection based on the first preset rule may be, for example: if v' k =1, then the first random number element may be configured
V 'if' k = -1, then the first random number element may be configured
According to an embodiment of the present disclosure, based on the oblivious transmission protocol, processing the initial set of random numbers with the symbol value of each sixth shard element in the fourth multiplicative secret shard, and obtaining the second set of random numbers may specifically include the following operations:
based on a second preset rule, according to the symbol value of the kth sixth fragment element, selecting two random numbers from three random numbers of the kth third random number element to obtain a second random number element; and generating a second random number set based on n second random number elements respectively corresponding to the n third random number elements one to one.
Specifically, in the second accidental transmission process, for the kth second random number element, the symbol value of the kth sixth slice element may be calculated first
The selection based on the second preset rule may be, for example: if it is
A second random number element may be configured
If it is
Can be matched withPlacing a second random number element
According to the embodiment of the disclosure, after the data demand side completes two times of inadvertent transmission, the obtained first screening mask set (theta) 1 +θ′ 1 ,…,θ n +θ′ n ) The following rules may be followed: u 'is satisfied' k =v′ k When theta is greater than theta k =α k ;u′ k ≠v′ k When theta is greater than theta k =β k ;u′ k When =0, θ k =α k or β k 1/2 probability each;
of is theta' k =α k ;
When theta is greater than theta k =γ k ;u′ k When =0, θ k =α k or γ k 1/2 probability each.
According to an embodiment of the present disclosure, operation S640 may specifically include the following operations:
determining a third screening mask set from the initial random number set, wherein the third screening mask set comprises n second screening mask elements, and the second screening mask elements comprise a first screening mask feature and a second screening mask feature; respectively calculating a first screening mask feature and a second screening mask feature of each second screening mask element in the third screening mask set by using a hash function to obtain a second hash mask set; and performing embedding calculation on the second sample mask set by using the second Hash mask set to obtain a first double mask set.
In accordance with embodiments of the present disclosure, determining a third set of screening masks from the initial set of random numbers may, for example, be { (α) 1 +β 1 ,α 1 +γ 1 ),…,(α n +β n ,α n +γ k ) As a third screening maskThe code set, accordingly, the first filtering mask feature may be denoted as alpha k +β k The second filtering mask feature may be denoted as α k +γ k 。
According to an embodiment of the present disclosure, the first filtering mask feature and the second filtering mask feature of each second filtering mask element in the third filtering mask set are respectively calculated by using a hash function, and the obtained second filtering mask set may be represented as { (H (α { (α) } in some embodiments 1 +β 1 ),H(α 1 +γ 1 )),…,(H(α n +β n ),H(α n +γ n ))}。
According to the embodiment of the present disclosure, the second sample mask set is subjected to the embedding calculation by using the second hash mask set, and the obtained first double mask set may be as shown in the foregoing formula (5), which is not described herein again.
In some embodiments, after obtaining the first set of double masks, a plurality of double mask elements in the first set of double masks may also be subjected to
And carrying out random disorder to obtain a third dual mask set. In these embodiments, operation S650 may include the following operations:
sending a third dual mask set to the data demand side, wherein the data demand side is configured to perform intersection calculation based on the third dual mask set to determine data intersection.
Based on the data sharing method, the disclosure also provides a data sharing device. The apparatus will be described in detail below with reference to fig. 7 to 8.
Fig. 7 is a block diagram schematically illustrating a data sharing apparatus configured at a data demand side according to an embodiment of the present disclosure.
As shown in fig. 7, the data sharing apparatus 700 disposed at the data demand side may include a first determining module 710, a first generating module 720, a first processing module 730, and a first calculating module 740.
The first determining module 710 is configured to interact with a data providing end based on an oblivious pseudorandom function calculation protocol to determine a first sample mask set of a first set of samples to be matched, where the first set of samples to be matched includes at least one first sample to be matched.
A first generating module 720, configured to generate a first multiplicative secret shard and a second multiplicative secret shard respectively by using an additive secret sharing method and a multiplicative secret re-sharing method based on a preset screening threshold, where the first multiplicative secret shard includes n first shard elements, the second multiplicative secret shard includes n second shard elements, and n is a positive integer.
A first processing module 730, configured to, in response to receiving the random number set sent by the data provider, process the random number set by using the symbol value of each first fragmentation element in the first multiplicative secret fragmentation and the symbol value of each second fragmentation element in the second multiplicative secret fragmentation based on the oblivious transmission protocol, so as to obtain a first screening mask set.
The first calculation module 740 is configured to, in response to receiving the first set of double masks sent by the data provider, perform intersection calculation based on the first set of sample masks, the first set of screening masks, and the first set of double masks to determine data intersection from at least one first sample to be matched.
According to the data sharing method, the data sharing device, the data sharing equipment, the data sharing medium and the program product, for a first sample set to be matched determined by a data demand side, an inadvertent pseudorandom function calculation protocol is utilized to interact with a data providing side to determine a first sample mask set, then multiplication secret re-sharing is carried out based on a preset screening threshold value, the obtained multiplication secret fragment is utilized to carry out inadvertent transmission to obtain a first screening mask set, and then privacy intersection is carried out based on the received first double mask set and the first sample mask set and the first screening mask set, so that the data intersection of the first sample set to be matched and a second sample set to be matched of the data providing side can be determined under the conditions that the preset screening threshold value is not leaked out and the samples are safe. Therefore, the technical problems of poor accuracy and low data security existing in the data sharing interactive cooperation in the related technology are at least partially solved, the privacy security in the data sharing process is effectively ensured, and the accuracy of the data sharing is improved.
According to an embodiment of the present disclosure, the set of random numbers includes a first set of random numbers and a second set of random numbers.
According to an embodiment of the present disclosure, the first processing module 730 includes a first processing unit, a second processing unit, and a third processing unit.
A first processing unit, configured to, in response to receiving the first set of random numbers, process the first set of random numbers with a symbol value of each first shard element in the first multiplicative secret shard based on an oblivious transmission protocol, resulting in a first screening mask subset.
And the second processing unit is used for responding to the received second random number set, and processing the second random number set by using the symbol value of each second fragment element in the second multiplication secret fragment based on the careless transmission protocol to obtain a second screening mask subset.
And the third processing unit is used for splicing the first screening mask subset and the second screening mask subset to obtain a first screening mask set.
According to an embodiment of the present disclosure, the first set of random numbers includes n first random number elements, the first random number elements including two unequal random numbers.
According to an embodiment of the present disclosure, the first processing unit includes a first processing subunit and a second processing subunit.
The first processing subunit is configured to, in response to receiving the first random number set, select, for a kth first random number element, two random numbers of the kth first random number element based on a symbol value of the kth first slice element, to obtain a first target random number, where k is a positive integer less than or equal to n.
And the second processing subunit is used for generating a first screening mask subset based on n first target random numbers which are respectively in one-to-one correspondence with the n first random number elements.
According to an embodiment of the present disclosure, the second set of random numbers includes n second random number elements, the second random number elements including two unequal random numbers.
According to an embodiment of the present disclosure, the second processing unit includes a third processing subunit and a fourth processing subunit.
And the third processing subunit is configured to, in response to receiving the second random number set, select, for a kth second random number element, two random numbers of the kth second random number element based on a symbol value of the kth second slice element, so as to obtain a second target random number, where k is a positive integer less than or equal to n.
And a fourth processing subunit, configured to generate a second screening mask subset based on n second target random numbers that are in one-to-one correspondence with the n second random number elements, respectively.
According to an embodiment of the present disclosure, the first calculation module 740 includes a first calculation unit, a second calculation unit, and a third calculation unit.
And the first computing unit is used for responding to the received first double-mask set, and performing embedded computation on the first double-mask set by using the first screening mask set to obtain a second double-mask set.
And the second calculation unit is used for performing intersection calculation on the second dual mask set and the first sample mask set to obtain an intersection set, wherein the intersection set comprises intersection elements.
And the third calculation unit is used for determining a sample matched with the intersection element from at least one first sample to be matched so as to obtain data intersection.
According to an embodiment of the present disclosure, the first calculation unit includes a first calculation subunit, a second calculation subunit, and a third calculation subunit.
And the first calculation subunit is configured to perform dimension reduction processing on the first screening mask set to obtain a second screening mask set, where the second screening mask set includes n first screening mask elements.
And the second calculating subunit is configured to calculate each first screening mask element in the second screening mask set by using a hash function, so as to obtain the first hash mask set.
And the third computing subunit is used for responding to the received first double-mask set, and performing embedding computation on the first double-mask set by using the first hash mask set to obtain a second double-mask set.
According to an embodiment of the present disclosure, the first generating module 720 includes a first generating unit, a second generating unit, a third generating unit, a fourth generating unit, and a fifth generating unit.
The first generation unit is used for determining a first screening condition and a second screening condition based on a preset screening threshold value by using the unequal screening strategy.
And the second generating unit is used for interacting with the data providing terminal based on a preset screening threshold value by utilizing an addition secret sharing method to generate a first addition secret fragment related to the first screening condition, wherein the data providing terminal is configured to generate a second addition secret fragment related to the first screening condition.
A third generating unit, configured to interact with the data provider based on the first addition secret shard to generate a first multiplication secret shard regarding the first filtering condition by using a multiplication secret re-sharing method, wherein the data provider is configured to generate a third multiplication secret shard regarding the first filtering condition.
And the fourth generating unit is used for interacting with the data providing terminal based on a preset screening threshold value by using an addition secret sharing method to generate a third addition secret fragment related to the second screening condition, wherein the data providing terminal is configured to generate a fourth addition secret fragment related to the second screening condition.
And a fifth generating unit, configured to interact with the data provider based on the third addition secret shard to generate a second multiplication secret shard related to the second screening condition by using the multiplication secret re-sharing method, wherein the data provider is configured to generate a fourth multiplication secret shard related to the second screening condition.
According to the embodiment of the disclosure, the data providing end is configured with a second sample set to be matched, the second sample set to be matched comprises n sample elements, and the sample elements comprise a second sample to be matched and sample characteristics.
According to an embodiment of the present disclosure, the second generation unit includes a first generation subunit, a second generation subunit, and a third generation subunit.
And the first generation subunit is used for randomly generating a first secret fragment and a second secret fragment based on a preset screening threshold, wherein the sum of the first secret fragment and the second secret fragment is the preset screening threshold.
And a second generating subunit, configured to send the second secret shard to the data providing end, where the data providing end is configured to randomly generate a kth first feature shard and a kth second feature shard for a kth sample feature, generate a kth third shard element based on the kth second feature shard and the second secret shard, generate a second addition secret shard based on n third shard elements, and send n first feature shards to the data requiring end, where k is a positive integer less than or equal to n.
A third generating subunit, configured to, in response to receiving the n first feature slices, for a kth first feature slice, generate a kth fourth slice element based on the kth first feature slice and the first secret slice, and generate a first addition secret slice based on the n fourth slice elements.
According to an embodiment of the present disclosure, the third generation unit includes a fourth generation sub-unit, a fifth generation sub-unit, a sixth generation sub-unit, a seventh generation sub-unit, and an eighth generation sub-unit.
The data providing end is configured to obtain a kth third preset parameter and a kth fourth preset parameter from the preset parameter group, wherein the kth first preset parameter, the kth second preset parameter, the kth third preset parameter and the kth fourth preset parameter meet preset conditions.
And the fifth generating subunit is configured to calculate a kth first feature element based on the kth fourth tile element, the kth first preset parameter, and the kth second preset parameter.
And the sixth generating subunit is configured to send the kth first feature element to the data providing end, where the data providing end is configured to obtain a kth fifth sliced element by calculation based on the kth first feature element and the kth third preset parameter, obtain a kth second feature element by calculation based on the kth third sliced element, the kth fourth preset parameter, and the kth fifth sliced element, and send the kth second feature element to the data requiring end.
And the seventh generating subunit is configured to calculate a kth first tile element based on the kth first preset parameter and the kth second feature element.
An eighth generating subunit, configured to generate the first multiplicative secret shard based on the n first shard elements, wherein the data providing end is configured to generate a third multiplicative secret shard based on the n fifth shard elements.
Fig. 8 schematically shows a block diagram of a data sharing apparatus configured at a data provider according to an embodiment of the present disclosure.
As shown in fig. 8, the data sharing apparatus 800 configured at the data providing end may include a second determining module 810, a second generating module 820, a second processing module 830, a second calculating module 840, and a sending module 850.
The second determining module 810 is configured to interact with the data demand side based on the oblivious pseudorandom function calculation protocol to determine a second sample mask set of a second sample set to be matched.
A second generating module 820, configured to generate a third multiplicative secret shard and a fourth multiplicative secret shard respectively by using an addition secret sharing method and a multiplicative secret re-sharing method, where the third multiplicative secret shard includes n fifth shard elements, the fourth multiplicative secret shard includes n sixth shard elements, and n is a positive integer.
A second processing module 830, configured to process the initial random number set by using a symbol value of each fifth shard element in the third multiplicative secret shard and a symbol value of each sixth shard element in the fourth multiplicative secret shard based on the oblivious transmission protocol to obtain a random number set, and send the random number set to the data demand side, where the initial random number set includes multiple third random number elements, and the third random number elements include three unequal random numbers.
The second calculating module 840 is configured to perform embedding calculation on the second sample mask set by using the initial random number set to obtain a first dual mask set.
A sending module 850, configured to send the first set of double masks to the data demander, where the data demander is configured to perform intersection calculation based on the first set of double masks to determine a data intersection.
The second processing module 830 includes a fourth processing unit, a fifth processing unit, a sixth processing unit, and a seventh processing unit according to an embodiment of the present disclosure.
And the fourth processing unit is used for processing the initial random number set by using the symbol value of each fifth fragment element in the third multiplicative secret fragment based on the careless transmission protocol to obtain the first random number set.
And the fifth processing unit is used for processing the initial random number set by using the symbol value of each sixth fragmentation element in the fourth multiplication secret fragmentation to obtain a second random number set based on the careless transmission protocol.
And the sixth processing unit is used for splicing the first random number set and the second random number set to obtain a random number set.
And the seventh processing unit is used for sending the random number set to the data demand side.
According to an embodiment of the present disclosure, the fourth processing unit includes a fifth processing subunit and a sixth processing subunit.
And the fifth processing subunit is configured to select two random numbers from the three random numbers of the kth third random number element according to the symbol value of the kth fifth slice element based on the first preset rule, so as to obtain the first random number element.
A sixth processing subunit, configured to generate the first random number set based on n first random number elements that respectively correspond to the n third random number elements one to one.
According to an embodiment of the present disclosure, the fifth processing unit includes a seventh processing subunit and an eighth processing subunit.
And the seventh processing subunit is configured to select, based on a second preset rule, two random numbers from the three random numbers of the kth third random number element according to the symbol value of the kth sixth tile element, so as to obtain a second random number element.
And an eighth processing subunit, configured to generate the second random number set based on n second random number elements that respectively correspond to the n third random number elements one to one.
According to an embodiment of the present disclosure, the second calculation module 840 includes a fourth calculation unit, a fifth calculation unit, and a sixth calculation unit.
A fourth calculating unit, configured to determine a third filtering mask set from the initial random number set, where the third filtering mask set includes n second filtering mask elements, and the second filtering mask elements include the first filtering mask feature and the second filtering mask feature.
And a fifth calculating unit, configured to calculate, by using a hash function, the first filtering mask feature and the second filtering mask feature of each second filtering mask element in the third filtering mask set, so as to obtain a second hash mask set.
And the sixth calculating unit is used for performing embedding calculation on the second sample mask set by using the second hash mask set to obtain a first double mask set.
According to an embodiment of the present disclosure, the data sharing device 800 may further include a third processing module.
And the third processing module is used for randomly disordering the multiple dual mask elements in the first dual mask set to obtain a third dual mask set.
According to an embodiment of the present disclosure, a transmitting module includes a transmitting unit.
And a sending unit, configured to send the third dual mask set to the data demand side, where the data demand side is configured to perform intersection calculation based on the third dual mask set to determine data intersection.
According to the embodiment of the present disclosure, any of the first determining module 710, the first generating module 720, the first processing module 730, and the first calculating module 740, or any of the second determining module 810, the second generating module 820, the second processing module 830, the second calculating module 840, and the sending module 850 may be combined and implemented in one module, or any one of them may be split into a plurality of modules. Alternatively, at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of the other modules and implemented in one module. According to an embodiment of the present disclosure, at least one of the first determining module 710, the first generating module 720, the first processing module 730, and the first calculating module 740, or the second determining module 810, the second generating module 820, the second processing module 830, the second calculating module 840, and the sending module 850 may be at least partially implemented as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or implemented by any one of three manners of software, hardware, and firmware, or by a suitable combination of any of them. Alternatively, at least one of the first determining module 710, the first generating module 720, the first processing module 730 and the first calculating module 740, or the second determining module 810, the second generating module 820, the second processing module 830, the second calculating module 840 and the sending module 850 may be at least partially implemented as a computer program module which, when executed, may perform a corresponding function.
Fig. 9 schematically shows a block diagram of an electronic device adapted to implement a data sharing method according to an embodiment of the present disclosure.
As shown in fig. 9, an electronic apparatus 900 according to an embodiment of the present disclosure includes a processor 901 which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM) 902 or a program loaded from a storage portion 908 into a Random Access Memory (RAM) 903. Processor 901 may comprise, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. The processor 901 may also include on-board memory for caching purposes. The processor 901 may comprise a single processing unit or a plurality of processing units for performing the different actions of the method flows according to embodiments of the present disclosure.
In the RAM 903, various programs and data necessary for the operation of the electronic apparatus 900 are stored. The processor 901, ROM 902, and RAM 903 are connected to each other by a bus 904. The processor 901 performs various operations of the method flows according to the embodiments of the present disclosure by executing programs in the ROM 902 and/or the RAM 903. Note that the programs may also be stored in one or more memories other than the ROM 902 and the RAM 903. The processor 901 may also perform various operations of the method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM 902 and/or the RAM 903 described above and/or one or more memories other than the ROM 902 and the RAM 903.
Embodiments of the present disclosure also include a computer program product comprising a computer program containing program code for performing the method illustrated in the flow chart. When the computer program product runs in a computer system, the program code is used for causing the computer system to realize the data sharing method provided by the embodiment of the disclosure.
The computer program performs the above-described functions defined in the system/apparatus of the embodiments of the present disclosure when executed by the processor 901. The systems, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
In one embodiment, the computer program may be hosted on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted, distributed in the form of a signal on a network medium, and downloaded and installed through the communication section 909 and/or installed from the removable medium 911. The computer program containing program code may be transmitted using any suitable network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 909, and/or installed from the removable medium 911. The computer program, when executed by the processor 901, performs the above-described functions defined in the system of the embodiment of the present disclosure. The above described systems, devices, apparatuses, modules, units, etc. may be implemented by computer program modules according to embodiments of the present disclosure.
In accordance with embodiments of the present disclosure, program code for executing computer programs provided by embodiments of the present disclosure may be written in any combination of one or more programming languages, and in particular, these computer programs may be implemented using high level procedural and/or object oriented programming languages, and/or assembly/machine languages. The programming language includes, but is not limited to, programming languages such as Java, C + +, python, the "C" language, or the like. The program code may execute entirely on the user computing device, partly on the user device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.
Claims (20)
1. A data sharing method is applied to a data demand end, and comprises the following steps:
interacting with a data providing terminal based on an oblivious pseudorandom function calculation protocol to determine a first sample mask set of a first sample set to be matched, wherein the first sample set to be matched comprises at least one first sample to be matched;
respectively generating a first multiplication secret fragment and a second multiplication secret fragment by utilizing an addition secret sharing method and a multiplication secret re-sharing method based on a preset screening threshold, wherein the first multiplication secret fragment comprises n first fragment elements, the second multiplication secret fragment comprises n second fragment elements, and n is a positive integer;
in response to receiving a set of random numbers sent by the data provider, processing the set of random numbers with a symbol value of each first shard element in the first multiplicative secret shard and a symbol value of each second shard element in the second multiplicative secret shard based on an oblivious transmission protocol, resulting in a first set of screening masks; and
in response to receiving a first set of double masks sent by the data provider, performing intersection calculation based on the first set of sample masks, the first set of screening masks, and the first set of double masks to determine data intersection from at least one of the first to-be-matched samples.
2. The method of claim 1, wherein the set of random numbers comprises a first set of random numbers and a second set of random numbers;
wherein, in response to receiving the set of random numbers sent by the data provider, processing the set of random numbers with the symbol value of each of the first shard elements in the first multiplicative secret shard and the symbol value of each of the second shard elements in the second multiplicative secret shard based on an oblivious transmission protocol to obtain a first set of screening masks comprises:
in response to receiving the first set of random numbers, processing the first set of random numbers with a symbol value of each of the first shard elements in the first multiplicative secret shard, based on the oblivious transmission protocol, resulting in a first subset of screening masks;
in response to receiving the second set of random numbers, processing the second set of random numbers with the symbol value of each of the second shard elements in the second multiplicative secret shard, resulting in a second set of screening masks, based on the oblivious transmission protocol; and
and splicing the first screening mask subset and the second screening mask subset to obtain the first screening mask set.
3. The method of claim 2, wherein the first set of random numbers includes n first random number elements, the first random number elements including two unequal random numbers;
wherein said processing said first set of random numbers with the symbol value of each of said first shard elements in said first multiplicative secret shard, based on said oblivious transmission protocol, resulting in a first subset of screening masks, in response to receiving said first set of random numbers, comprises:
in response to receiving the first random number set, for a kth first random number element, selecting two random numbers of the kth first random number element based on a symbol value of the kth first slicing element, resulting in a first target random number, where k is a positive integer less than or equal to n; and
generating the first filtering mask subset based on the n first target random numbers which respectively correspond to the n first random number elements one to one.
4. The method of claim 2, wherein the second set of random numbers includes n second random number elements, the second random number elements including two unequal random numbers;
wherein said processing said second set of random numbers with the symbol value of each said second shard element in said second multiplicative secret shard, based on said oblivious transmission protocol, resulting in a second subset of screening masks, in response to receiving said second set of random numbers, comprises:
in response to receiving the second random number set, for a kth second random number element, selecting two random numbers of the kth second random number element based on a symbol value of the kth second slice element, so as to obtain a second target random number, where k is a positive integer less than or equal to n; and
generating the second filtering mask subset based on the n second target random numbers which respectively correspond to the n second random number elements one to one.
5. The method of claim 1, wherein the performing, in response to receiving a first set of double masks sent by the data provider, an intersection calculation based on the first set of sample masks, the first set of screening masks, and the first set of double masks to determine a data intersection from at least one of the first to-be-matched samples comprises:
in response to receiving the first double mask set, performing embedded calculation on the first double mask set by using the first screening mask set to obtain a second double mask set;
performing intersection calculation on the second dual mask set and the first sample mask set to obtain an intersection set, wherein the intersection set comprises intersection elements; and
and determining samples matched with the intersection element from at least one first sample to be matched so as to obtain data intersection.
6. The method of claim 5, wherein the performing, in response to receiving the first set of double masks, an embedding calculation on the first set of double masks using the first set of screening masks to obtain a second set of double masks comprises:
performing dimension reduction processing on the first screening mask set to obtain a second screening mask set, wherein the second screening mask set comprises n first screening mask elements;
calculating each first screening mask element in the second screening mask set by using a hash function to obtain a first hash mask set; and
in response to receiving the first set of double masks, performing an embedding calculation on the first set of double masks using the first set of hash masks to obtain the second set of double masks.
7. The method of claim 1, wherein the generating a first multiplicative secret slice and a second multiplicative secret slice using an additive secret sharing method and a multiplicative secret re-sharing method, respectively, based on a preset screening threshold, comprises:
determining a first screening condition and a second screening condition based on the preset screening threshold value by using a strategy not equal to screening;
interacting with the data provider based on the preset screening threshold by using the addition secret sharing method to generate a first addition secret fragment related to the first screening condition, wherein the data provider is configured to generate a second addition secret fragment related to the first screening condition;
interacting with the data provider based on the first additive secret shard to generate the first multiplicative secret shard for the first screening condition using the multiplicative secret re-sharing method, wherein the data provider is configured to generate a third multiplicative secret shard for the first screening condition;
interacting with the data provider based on the preset screening threshold value by using the addition secret sharing method to generate a third addition secret fragment related to the second screening condition, wherein the data provider is configured to generate a fourth addition secret fragment related to the second screening condition; and
interacting with the data provider based on the third additive secret shard to generate the second multiplicative secret shard for the second screening condition using the multiplicative secret re-sharing method, wherein the data provider is configured to generate a fourth multiplicative secret shard for the second screening condition.
8. The method according to claim 7, wherein the data providing end is configured with a second set of samples to be matched, the second set of samples to be matched comprising n sample elements, the sample elements comprising a second sample to be matched and sample features;
wherein the interacting with the data provider based on the preset screening threshold by using the addition secret sharing method to generate a first addition secret fragment related to the first screening condition, wherein the data provider is configured to generate a second addition secret fragment related to the first screening condition, and the method includes:
randomly generating a first secret fragment and a second secret fragment based on the preset screening threshold, wherein the sum of the first secret fragment and the second secret fragment is the preset screening threshold;
transmitting the second secret shard to the data provider, wherein the data provider is configured to randomly generate a kth first feature shard and a kth second feature shard for a kth sample feature, generate a kth third shard element based on the kth second feature shard and the second secret shard, generate the second addition secret shard based on n third shard elements, and transmit n first feature shards to the data consumer, where k is a positive integer less than or equal to n; and
in response to receiving n of the first feature slices, for a kth of the first feature slices, generating a kth fourth slice element based on the kth of the first feature slice and the first secret slice, and generating the first addition secret slice based on the n fourth slice elements.
9. The method of claim 8, wherein the re-sharing method with the multiplicative secret interacts with the data provider based on the first additive secret shard to generate the first multiplicative secret shard for the first screening condition, wherein the data provider is configured to generate a third multiplicative secret shard for the first screening condition, comprising:
acquiring a kth first preset parameter and a kth second preset parameter from a preset parameter group, wherein the data providing end is configured to acquire a kth third preset parameter and a kth fourth preset parameter from the preset parameter group, and the kth first preset parameter, the kth second preset parameter, the kth third preset parameter and the kth fourth preset parameter meet preset conditions;
calculating to obtain a kth first characteristic element based on the kth fourth fragmentation element, the kth first preset parameter and the kth second preset parameter;
sending the kth first feature element to the data provider, wherein the data provider is configured to calculate a kth fifth patch element based on the kth first feature element and the kth third preset parameter, calculate a kth second feature element based on the kth third patch element, the kth fourth preset parameter, and the kth fifth patch element, and send the kth second feature element to the data consumer;
calculating to obtain a kth first fragment element based on the kth first preset parameter and the kth second feature element; and
generating the first multiplicative secret shard based on the n first sharding elements, wherein the data provider is configured to generate the third multiplicative secret shard based on the n fifth sharding elements.
10. A data sharing method is applied to a data providing end, and comprises the following steps:
interacting with a data demand end based on an oblivious pseudorandom function calculation protocol to determine a second sample mask set of a second sample set to be matched;
generating a third multiplicative secret shard and a fourth multiplicative secret shard respectively by using an additive secret sharing method and a multiplicative secret re-sharing method, wherein the third multiplicative secret shard comprises n fifth shard elements, the fourth multiplicative secret shard comprises n sixth shard elements, and n is a positive integer;
processing an initial random number set by using the symbol value of each fifth shard element in the third multiplicative secret shard and the symbol value of each sixth shard element in the fourth multiplicative secret shard based on an inadvertent transmission protocol to obtain a random number set, and sending the random number set to the data demand side, wherein the initial random number set comprises a plurality of third random number elements, and the third random number elements comprise three unequal random numbers;
embedding calculation is carried out on the second sample mask set by utilizing the initial random number set to obtain a first dual mask set; and
sending the first set of double masks to the data demander, wherein the data demander is configured to perform an intersection calculation based on the first set of double masks to determine a data intersection.
11. The method of claim 10, wherein the processing an initial set of random numbers using the symbol value of each of the fifth shard elements in the third multiplicative secret shard and the symbol value of each of the sixth shard elements in the fourth multiplicative secret shard based on an oblivious transmission protocol to obtain a set of random numbers and sending the set of random numbers to the data consumer comprises:
processing the initial set of random numbers with the symbol value of each fifth shard element in the third multiplicative secret shard based on the oblivious transmission protocol to obtain a first set of random numbers;
processing the initial set of random numbers with the symbol value of each of the sixth shard elements in the fourth multiplicative secret shard, resulting in a second set of random numbers, based on the oblivious transmission protocol;
splicing the first random number set and the second random number set to obtain a random number set; and
and sending the random number set to the data demand end.
12. The method of claim 11, wherein said processing the initial set of random numbers with the symbol value of each of the fifth shard elements in the third multiplicative secret shard, based on the inadvertent transmission protocol, resulting in a first set of random numbers comprises:
based on a first preset rule, according to the symbol value of the kth fragment element, selecting two random numbers from three random numbers of the kth third random number element to obtain a first random number element; and
generating the first random number set based on the n first random number elements respectively corresponding to the n third random number elements one to one.
13. The method of claim 11, wherein the processing the initial set of random numbers with a symbol value of each of the sixth shard elements in the fourth multiplicative secret shard, based on the oblivious transmission protocol, resulting in a second set of random numbers, comprises:
based on a second preset rule, according to the symbol value of the kth fragment element, selecting two random numbers from three random numbers of the kth third random number element to obtain a second random number element; and
generating the second random number set based on the n second random number elements that respectively correspond to the n third random number elements one-to-one.
14. The method of claim 10, wherein the performing an embedding calculation on the second set of sample masks using the initial set of random numbers to obtain a first set of dual masks comprises:
determining a third set of screening masks from the initial set of random numbers, wherein the third set of screening masks includes n second screening mask elements, and the second screening mask elements include first screening mask features and second screening mask features;
respectively calculating the first screening mask features and the second screening mask features of each second screening mask element in the third screening mask set by using a hash function to obtain a second hash mask set; and
and performing embedding calculation on the second sample mask set by using the second hash mask set to obtain the first double mask set.
15. The method of claim 10, further comprising:
randomly disordering a plurality of double mask elements in the first double mask set to obtain a third double mask set;
wherein the sending the first set of double masks to the data demander, wherein the data demander is configured to perform an intersection calculation based on the first set of double masks to determine a data intersection, comprises:
sending the third dual mask set to the data demand side, wherein the data demand side is configured to perform intersection calculation based on the third dual mask set to determine a data intersection.
16. A data sharing apparatus configured at a data requesting end, the apparatus comprising:
the device comprises a first determining module, a second determining module and a third determining module, wherein the first determining module is used for interacting with a data providing terminal based on an oblivious pseudorandom function calculation protocol to determine a first sample mask set of a first sample set to be matched, and the first sample set to be matched comprises at least one first sample to be matched;
a first generation module, configured to generate a first multiplicative secret shard and a second multiplicative secret shard respectively by using an addition secret sharing method and a multiplicative secret re-sharing method based on a preset screening threshold, where the first multiplicative secret shard includes n first shard elements, the second multiplicative secret shard includes n second shard elements, and n is a positive integer;
a first processing module, configured to, in response to receiving a set of random numbers sent by the data provider, based on an oblivious transmission protocol, process the set of random numbers by using a symbol value of each first shard element in the first multiplicative secret shard and a symbol value of each second shard element in the second multiplicative secret shard, to obtain a first set of screening masks; and
a first calculation module, configured to, in response to receiving a first double mask set sent by the data provider, perform intersection calculation based on the first sample mask set, the first screening mask set, and the first double mask set to determine a data intersection from at least one first to-be-matched sample.
17. A data sharing apparatus configured at a data providing end, the apparatus comprising:
the second determining module is used for interacting with the data demand end based on the oblivious pseudorandom function calculation protocol so as to determine a second sample mask set of a second sample set to be matched;
a second generation module, configured to generate a third multiplicative secret shard and a fourth multiplicative secret shard respectively by using an addition secret sharing method and a multiplicative secret re-sharing method, where the third multiplicative secret shard includes n fifth shard elements, the fourth multiplicative secret shard includes n sixth shard elements, and n is a positive integer;
a second processing module, configured to process an initial random number set by using a symbol value of each fifth shard element in the third multiplicative secret shard and a symbol value of each sixth shard element in the fourth multiplicative secret shard to obtain a random number set, and send the random number set to the data demand side, where the initial random number set includes a plurality of third random number elements, and the third random number elements include three unequal random numbers, based on an oblivious transmission protocol;
the second calculation module is used for performing embedding calculation on the second sample mask set by using the initial random number set to obtain a first dual mask set; and
a sending module, configured to send the first set of double masks to the data demand side, where the data demand side is configured to perform intersection calculation based on the first set of double masks to determine a data intersection.
18. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-9 or the method of any of claims 10-15.
19. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method according to any one of claims 1 to 9 or the method according to any one of claims 10 to 15.
20. A computer program product comprising a computer program which, when executed by a processor, implements the method of any one of claims 1 to 9 or the method of any one of claims 10 to 15.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211219631.3A CN115603905A (en) | 2022-09-30 | 2022-09-30 | Data sharing method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211219631.3A CN115603905A (en) | 2022-09-30 | 2022-09-30 | Data sharing method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115603905A true CN115603905A (en) | 2023-01-13 |
Family
ID=84844829
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211219631.3A Pending CN115603905A (en) | 2022-09-30 | 2022-09-30 | Data sharing method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115603905A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117520970A (en) * | 2024-01-05 | 2024-02-06 | 同盾科技有限公司 | Symbol position determining method, device and system based on multiparty security calculation |
-
2022
- 2022-09-30 CN CN202211219631.3A patent/CN115603905A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117520970A (en) * | 2024-01-05 | 2024-02-06 | 同盾科技有限公司 | Symbol position determining method, device and system based on multiparty security calculation |
| CN117520970B (en) * | 2024-01-05 | 2024-03-29 | 同盾科技有限公司 | Symbol position determining method, device and system based on multiparty security calculation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20180212763A1 (en) | Refresh of shared cryptographic keys | |
| US10818202B2 (en) | Method and apparatus for encrypting data, method and apparatus for decrypting data | |
| CN108520181A (en) | data model training method and device | |
| CN115618380A (en) | Data processing method, device, equipment and medium | |
| CN115603905A (en) | Data sharing method, device, equipment and storage medium | |
| CN111586142A (en) | Safe multi-party computing method and system | |
| CN115049070A (en) | Screening method and device of federal characteristic engineering data, equipment and storage medium | |
| de Fuentes et al. | Applying information hiding in VANETs to covertly report misbehaving vehicles | |
| CN117478303B (en) | Block chain hidden communication method, system and computer equipment | |
| CN117408646B (en) | Electronic signature signing method, electronic signature signing device, electronic equipment and computer readable medium | |
| CN115412243A (en) | Data processing method, device, equipment and storage medium | |
| CN108920973B (en) | Method and apparatus for querying information in location-based service | |
| CN115618381A (en) | Data processing method, device, equipment and storage medium | |
| WO2021134876A1 (en) | Blockchain-based transaction data obfuscation method, and related device | |
| CN113067822A (en) | Block chain-based information processing method, apparatus, device, medium, and product | |
| CN115438381A (en) | Privacy set intersection method, device, equipment and medium based on equal strategies | |
| CN115326079B (en) | Vehicle lane level positioning method, device, equipment and computer readable medium | |
| US20200028670A1 (en) | Method for efficient and practical key distribution in network coding systems | |
| WO2023196016A1 (en) | Secure computation using multi-party computation and a trusted execution environment | |
| CN115481440A (en) | Data processing method, device, electronic equipment and medium | |
| Cianciullo et al. | Unconditionally secure distributed oblivious polynomial evaluation | |
| US20180248684A1 (en) | Method and system for database queries | |
| CN115879135B (en) | Bid data processing method, device, equipment and storage medium | |
| CN116506112B (en) | Data processing method and device based on privacy calculation and electronic equipment | |
| CN117633848B (en) | User information joint processing method, device, equipment and computer readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |