CN115982424A - Privacy keyword query method and device and electronic equipment - Google Patents
Privacy keyword query method and device and electronic equipment Download PDFInfo
- Publication number
- CN115982424A CN115982424A CN202310269239.8A CN202310269239A CN115982424A CN 115982424 A CN115982424 A CN 115982424A CN 202310269239 A CN202310269239 A CN 202310269239A CN 115982424 A CN115982424 A CN 115982424A
- Authority
- CN
- China
- Prior art keywords
- data
- keywords
- plaintext
- ciphertext
- query
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The application discloses a method, a device and electronic equipment for querying privacy keywords, and relates to the technical field of privacy calculation.
Description
Technical Field
The application relates to the technical field of privacy computing, in particular to a privacy keyword query method and device and electronic equipment.
Background
Privacy Key Search (PKS) is an important application scenario emerging in recent years in the field of privacy computing technology and in the field of multi-party security computing technology in cryptography. The method can efficiently realize the inquiry of the privacy keywords, can be widely applied to the inquiry of sensitive privacy data in financial, industrial and other scenes, and can protect the data privacy safety of the client and the server as far as possible, so that the data of the server only reveals the information of a single data inquiry result.
Existing privacy keyword query methods include a Homomorphic Encryption (HE) method and an Oblivious Transfer (OT) method, in which only two parties participate. Although the OT-based method has high computational efficiency, a large amount of data needs to be transmitted, the data of the database of the server needs to be encrypted and transmitted to the client as the query party once, a large amount of network resources are occupied, and the ciphertext result obtained by query can only be directly decrypted into a plaintext, and other operations on the query result in a ciphertext state cannot be performed like homomorphic encryption.
The method for realizing the PKS based on the Homomorphic Encryption has less communication volume and is more suitable in the actual scene of communication by using a wide area network, but the method based on the Full Homomorphic Encryption (FHE) has higher calculation overhead in Encryption and Homomorphic operation. The computing efficiency of encryption and homomorphic operation based on semi-homomorphic encryption (such as Paillier semi-homomorphic encryption algorithm) is relatively high, but only one keyword can be queried each time, and when the number of keywords to be queried is large, the query efficiency is low.
Disclosure of Invention
The embodiment of the application provides a method and a device for querying a privacy keyword, and an electronic device, which are used for solving the problems that in the prior art, the computation cost of querying the privacy keyword is high and the query efficiency is low.
The embodiment of the application provides a privacy keyword query method, which is applied to client equipment, and comprises the following steps:
grouping a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
aiming at each group of keywords, taking the prime numbers in the preset number as parameters of the Chinese remainder theorem, calculating the congruence data of the keywords in the preset number contained in the group of keywords by using the Chinese remainder theorem, and taking the congruence data as plaintext data for packaging and coding the group of keywords to obtain v plaintext data aiming at the v groups of keywords;
for each plaintext data, calculating ciphertext data of the plaintext data, which is subjected to power 1 to M and modulo M, by using a public key to obtain a total of v × M ciphertext data for the v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each piece of queried data comprises a keyword and corresponding data;
sending the vxm ciphertext data to a server device, so that the server device, for each plaintext data, takes M ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performs a semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and takes M ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performs a semi-homomorphic encryption calculation using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, where a is the number of pieces of data obtained by dividing n pieces of queried data according to M pieces of data included in each piece of data, and a first polynomial functions and a second polynomial functions are generated for each piece of data respectively, calculating a keyword in a piece of data as the input of a corresponding first polynomial function, wherein the result is 0, calculating the keyword in the piece of data as the input of a corresponding second polynomial function, and the result is data corresponding to the keyword in the piece of data, and further enabling the server device to calculate a product of a random number corresponding to the piece of data and the plaintext data by using a public key on a ciphertext by adopting homomorphic multiplication and homomorphic addition for each piece of data and each plaintext data, and a sum of the plaintext data and a second half homomorphic ciphertext data corresponding to the piece of data and a sum of the plaintext data and the second half homomorphic ciphertext data corresponding to the piece of data as query ciphertext data to obtain a × v query ciphertext data in total, wherein the random number is obtained by modulo M randomly, and the a × v query ciphertext data is sent to the client device;
decrypting the a x v query ciphertext data by using a private key to obtain a x v query decryption results;
for each query decryption result, decoding the plaintext data corresponding to the query decryption result by using the Chinese remainder theorem to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result;
and using the decoded data with the data bit number consistent with the data bit number of the inquired data as the inquiry result of the corresponding keyword from the decoded data.
Further, the length of the prime number of the preset number is greater than the specified number of bits of the data bit number of the queried data held by the server device.
The embodiment of the application provides a privacy keyword query method, which is applied to server-side equipment, and comprises the following steps:
receiving vxm ciphertext data sent by a client device, wherein the vxm ciphertext data is generated by the client device by adopting the following steps:
the client device groups a plurality of keywords to be queried according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and encoding the group of keywords to obtain v plaintext data aiming at the v groups of keywords;
the client device calculates ciphertext data of the plaintext data, which is modulo by power from 1 to M, by using a public key for each plaintext data to obtain a total of v × M ciphertext data for v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the server-side equipment uses m ciphertext data corresponding to each plaintext data as input of a first polynomial functions, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performs semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of parts of n pieces of queried data divided according to m pieces of data included in each part of data, a first polynomial functions and a second polynomial functions are generated respectively for each part of data, a keyword in one part of data is used as input of the corresponding first polynomial function to calculate, the result is 0, a keyword in one part of data is used as input of the corresponding second polynomial function to calculate, and the result is data corresponding to the keyword in the part of data;
the server-side equipment uses a public key to multiply and homomorphically add on a ciphertext by using homomorphic numbers aiming at each data and each plaintext data, calculates the product of the random number corresponding to the data and the plaintext data multiplied by the plaintext data and the first half homomorphic ciphertext data corresponding to the data, and the sum of the plaintext data and the second half homomorphic ciphertext data corresponding to the data as query ciphertext data to obtain a x v query ciphertext data in total, wherein the random number is obtained by taking a modulus M to obtain a random number;
sending the a × v pieces of query ciphertext data to the client device, so that the client device decrypts the a × v pieces of query ciphertext data by using a private key to obtain a × v query decryption results, and for each query decryption result, decoding by using the Chinese remainder theorem based on plaintext data corresponding to the query decryption result to obtain each piece of decoded data, wherein each piece of decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one, and decoding data with the data bit number consistent with that of the queried data in each piece of decoded data is used as a query result of the corresponding keyword.
Further, the length of the prime number of the preset number is greater than the specified number of bits of the data bit number of the queried data held by the server device.
Further, before the taking m ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performing a semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, and performing a semi-homomorphic encryption calculation by using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, for each piece of plaintext data, the method further includes:
and for each piece of data, performing interpolation calculation by taking M as a modulus to obtain coefficients of a first polynomial function and a second polynomial function corresponding to the piece of data.
The embodiment of the application provides a privacy keyword inquiry unit, is applied to client equipment, the device includes:
the keyword grouping module is used for grouping a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the keyword coding module is used for taking the prime numbers in the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculating the congruence data of the keywords in the preset number contained in the group of keywords by using the Chinese remainder theorem, and taking the congruence data as plaintext data for packaging and coding the group of keywords to obtain v plaintext data in total for the v groups of keywords;
a plaintext data encryption module, configured to calculate, for each piece of plaintext data, ciphertext data modulo M by using a public key to calculate a power of 1 to M of the plaintext data, so as to obtain a total of v × M pieces of ciphertext data for v pieces of plaintext data, where M is a product of prime numbers of the preset number, M is an integer whose square is closest to n, n is a number of pieces of queried data held by the server device, and each piece of queried data includes a keyword and corresponding data;
a ciphertext data sending module, configured to send the vxm ciphertext data to a server device, so that the server device uses, for each plaintext data, m ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performs a semi-homomorphic encryption calculation using a public key, to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performing semi-homomorphic encryption calculation by using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, the a is the number of the data divided by the n pieces of the inquired data according to m pieces of the data, the a first polynomial functions and the a second polynomial functions are respectively generated aiming at each piece of the data, the keywords in one piece of the data are used as the input of the corresponding first polynomial functions for calculation, the result is 0, the keywords in one piece of the data are used as the input of the corresponding second polynomial functions for calculation, the result is the data corresponding to the keywords in the piece of the data, the server-side equipment is also used for each piece of the data and each piece of the plaintext data, homomorphic multiplication and homomorphic addition are adopted on the ciphertext by using a public key, the product of the random number corresponding to the piece of the data and the plaintext data multiplied by the first half homomorphic ciphertext data corresponding to the piece of the data is calculated by the server-side equipment according to each piece of the data and each piece of the plaintext data, the sum of the second semi-homomorphic ciphertext data corresponding to the plaintext data and the portion of data is used as query ciphertext data to obtain a x v query ciphertext data in total, the random number is obtained by modulo M in a random manner, and the a x v query ciphertext data are sent to the client device;
the query ciphertext data decryption module is used for decrypting the a × v query ciphertext data by using a private key to obtain a × v query decryption results;
the data decoding module is used for decoding the query decryption result based on the plaintext data corresponding to the query decryption result by using the Chinese remainder theorem to obtain each piece of decoding data, wherein each piece of decoding data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result;
and the query result determining module is used for taking the decoded data with the data bit number consistent with that of the queried data from the decoded data as the query result of the corresponding keyword.
Further, the length of the prime number of the preset number is greater than the specified number of bits of the data bit number of the queried data held by the server device.
The embodiment of the application provides a privacy keyword inquiry unit, is applied to server equipment, the device includes:
a ciphertext data receiving module, configured to receive vxm ciphertext data sent by a client device, where the vxm ciphertext data is generated by the client device by using the following steps:
the client device groups a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and encoding the group of keywords to obtain v plaintext data aiming at the v groups of keywords;
the client device calculates ciphertext data of the plaintext data, which is modulo by power from 1 to M, by using a public key for each plaintext data to obtain a total of v × M ciphertext data for v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the ciphertext data calculation module is used for taking m ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performing semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performing semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of the data obtained by dividing n pieces of inquired data according to m pieces of data included in each piece of data, a first polynomial functions and a second polynomial functions are generated respectively aiming at each piece of data, a keyword in one piece of data is taken as input of the corresponding first polynomial functions to calculate, the result is 0, and a keyword in one piece of data is taken as input of the corresponding second polynomial functions to calculate, and the result is the data corresponding to the keyword in the piece of data;
a half homomorphic ciphertext data calculation module, configured to calculate, for each piece of data and each piece of plaintext data, a product of a random number corresponding to the piece of data and the piece of plaintext data multiplied by the plaintext data and a first half homomorphic ciphertext data corresponding to the piece of data by using a public key and a homomorphic addition on a ciphertext, and a sum of the plaintext data and a second half homomorphic ciphertext data corresponding to the piece of data, as query ciphertext data, to obtain, in total, a × v pieces of query ciphertext data, where the random number is obtained by modulo M randomly;
the query ciphertext data sending module is used for sending the a × v pieces of query ciphertext data to the client device, so that the client device decrypts the a × v pieces of query ciphertext data by using a private key to obtain a × v query decryption results, decodes the plaintext data corresponding to the query decryption results by using the Chinese remainder theorem according to the plaintext data corresponding to the query decryption results for each query decryption result to obtain each piece of decoded data, wherein each piece of decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption results one by one, and uses the decoded data with the data bit number consistent with that of the queried data in each piece of decoded data as the query results of the corresponding keyword.
An embodiment of the application provides an electronic device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: the method for inquiring the privacy keywords applied to the client device or the method for inquiring the privacy keywords applied to the server device is achieved.
An embodiment of the present application provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements any one of the above-mentioned privacy keyword query methods applied to a client device, or implements any one of the above-mentioned privacy keyword query methods applied to a server device.
Embodiments of the present application further provide a computer program product including instructions, which when run on a computer, cause the computer to execute any one of the above-mentioned privacy keyword query methods applied to a client device, or execute any one of the above-mentioned privacy keyword query methods applied to a server device.
The beneficial effect of this application includes:
in the method provided by the embodiment of the application, the client device groups a plurality of keywords to be queried, performs packaging coding by using the Chinese remainder theorem, performs privacy keyword query by using a semi-homomorphic encryption algorithm through message interaction with the server device to obtain query ciphertext data returned by the server device, and obtains query results of the plurality of keywords from the obtained decoding data after decryption and decoding, so that privacy query is performed on a plurality of keywords in batch at one time, the query efficiency is improved, and the privacy query is realized based on the semi-homomorphic encryption method, and the calculation and communication overhead is reduced.
Additional features and advantages of the present application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the present application. The objectives and other advantages of the application may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the principles of the application and not to limit the application. In the drawings:
fig. 1 is a flowchart of a privacy keyword query method applied to a client device according to an embodiment of the present application;
fig. 2 is a flowchart of a privacy keyword query method applied to a server device according to an embodiment of the present application;
fig. 3 is a flowchart of a privacy keyword query method provided in an embodiment of the present application;
FIG. 4 is a schematic structural diagram of a privacy keyword query apparatus applied to a client device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a privacy keyword query apparatus applied to a server device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to provide an implementation scheme for improving the query efficiency of the privacy keyword query and reducing the computational overhead, embodiments of the present application provide a privacy keyword query method, apparatus and electronic device, and the following description, with reference to the accompanying drawings, describes preferred embodiments of the present application, and it should be understood that the preferred embodiments described herein are only used for explaining and explaining the present application, and are not used to limit the present application. And the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
An embodiment of the present application provides a privacy keyword query method, which is applied to a client device, and as shown in fig. 1, the method includes:
step 14, sending vxm ciphertext data to the server device, so that the server device, for each plaintext data, takes M ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performs a semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and takes M ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performs a semi-homomorphic encryption calculation using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of pieces of the data obtained by dividing n pieces of the queried data according to the M pieces of data included in each piece of data, and a first polynomial functions and a second polynomial functions are generated for each piece of data respectively, calculating a keyword in a part of data as the input of a corresponding first polynomial function, wherein the result is 0, calculating the keyword in the part of data as the input of a corresponding second polynomial function, and the result is data corresponding to the keyword in the part of data, and enabling the server side equipment to calculate a random number corresponding to the part of data and the plaintext data by using a public key on a ciphertext through homomorphic number multiplication and homomorphic addition aiming at each part of data and each plaintext data, and calculating a product of the random number corresponding to the part of data and the plaintext data by multiplying the plaintext data by a first half homomorphic ciphertext data corresponding to the part of data, and a sum of the plaintext data and a second half homomorphic ciphertext data corresponding to the part of data as query ciphertext data to obtain a × v query ciphertext data in total, wherein the random number is obtained by modulo M randomly, and transmitting a × v query data to the client side equipment;
and step 17, using the decoded data with the data bit number consistent with the data bit number of the inquired data as the inquiry result of the corresponding keyword from the decoded data.
Correspondingly, an embodiment of the present application further provides a method for querying a privacy keyword, which is applied to a server device, and as shown in fig. 2, the method includes:
the method comprises the steps that the client device groups a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the client device uses a preset number of prime numbers as parameters of the Chinese remainder theorem aiming at each group of keywords, calculates the congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and coding the group of keywords to obtain v groups of plaintext data in total aiming at the v groups of keywords;
the client device calculates ciphertext data of the plaintext data, which is modulo by power from 1 to M, by using a public key for each plaintext data to obtain a total of v × M ciphertext data for the v plaintext data, wherein M is a product of prime numbers of a preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each piece of queried data comprises a keyword and corresponding data;
and step 22, the server-side equipment calculates first half homomorphic ciphertext data and second half homomorphic ciphertext data corresponding to each plaintext data based on the first polynomial function and the second polynomial function.
The server-side equipment uses m ciphertext data corresponding to each plaintext data as input of a first polynomial functions, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performs semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of parts of n inquired data divided according to m data included in each part of data, a first polynomial function and a second polynomial function are respectively generated according to each part of data, a keyword in one part of data is used as input of the corresponding first polynomial function to calculate, the result is 0, a keyword in one part of data is used as input of the corresponding second polynomial function to calculate, and the result is data corresponding to the keyword in the part of data;
By adopting the method provided by the embodiment of the application, the client device groups a plurality of keywords to be queried, performs packaging and coding by using the Chinese remainder theorem, performs privacy keyword query by adopting a semi-homomorphic encryption algorithm through message interaction with the server device to obtain query ciphertext data returned by the server device, and obtains query results of the plurality of keywords from the obtained decoding data after decryption and decoding, so that privacy query is performed on a plurality of keywords in batch at one time, the query efficiency is improved, and the privacy query is realized on the basis of the semi-homomorphic encryption method, so that the calculation and communication expenses are reduced.
The method and apparatus provided herein are described in detail below with reference to the accompanying drawings using specific embodiments.
An embodiment of the present application further provides a method for querying a privacy keyword, where a client device serves as a querying party, and a server device serves as a queried party, as shown in fig. 3, including:
step 301, the client device generates a private key sk and a public key pk of the semi-homomorphic encryption algorithm, and sends the public key pk to the server device.
Step 302, the client device and the server device negotiate to generate a preset number of prime numbers as parameters of the Chinese remainder theorem.
In this step, the client device may generate a preset number of prime numbers and send the generated prime numbers of the preset number to the server device;
or the server device may generate a preset number of prime numbers and send the generated preset number of prime numbers to the client device.
In the embodiment of the application, the prime numbers with the preset number are subsequently used for packing and encoding the keywords to be queried by the client device by using the Chinese Remainder Theorem (CRT), and the server device generates the polynomial function for the queried data.
Further, in order to improve the accuracy of calculation in subsequent query and data security, the length of the prime number of the preset number may be greater than a specified number of bits of the data bits of the queried data held by the server device, specifically, the specified number may be a statistical security parameter, for example, the statistical security parameter is 40 bits, and the data bits of the queried data is L, and the length of the prime number may be (L + 40) bits.
The larger the length of the prime number is, the higher the accuracy and safety of calculation are, but the larger the calculation amount is, and in practical application, flexible setting can be performed based on the requirements of practical application.
Step 303, grouping the multiple keywords to be queried according to each group including a preset number of keywords, to obtain v groups of keywords, where the number of keywords included in the v-th group of keywords is less than or equal to the preset number.
In an example, assuming that the number of the multiple keywords to be queried is u and the preset number is 8, grouping the multiple keywords according to 8 keywords included in each group to obtain v groups of keywords, where the number of the keywords included in the first v-1 group of keywords is 8, and the number of the keywords included in the v-th group of keywords may be less than 8, or may be equal to 8.
Step 304, the client device regards each group of keywords as parameters of a Chinese remainder theorem by using a preset number of prime numbers, calculates the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and encoding the group of keywords to obtain a total of v pieces of plaintext data for v groups of keywords.
For example, in the above example, the set of keywords includes keyword x 1 -x 8 A total of 8 keywords, 8 prime numbers including prime number p 1 -p 8 For the group of keywords, the congruence data of the preset number of keywords contained in the group of keywords are calculated by using the Chinese remainder theorem, and the result satisfies the following relational expression:
y=x 1 (mod p 1 )
y=x 2 (mod p 2 )
......
y=x 8 (mod p8)
wherein, y = x 1 (mod p 1 ) For example, it represents y and x 1 To p 1 And (4) keeping the balance.
In the embodiment of the application, v congruence data, namely v plaintext data, are obtained for v groups of keywords and are respectively marked as y 1 -y v May also be represented as y i And i is an integer from 1 to v.
Wherein, the v plaintext data are all a number in a range of modulo M, i.e. a number in a range of 0 to M-1, and the modulus M is a product of prime numbers of a preset number, i.e. M = p 1× p 2× ... × p 8 。
Step 305, the client device calculates, for each plaintext data, ciphertext data modulo M by a power of 1 to M of the plaintext data using a public key pk to obtain a total of v × M ciphertext data for v plaintext data, where M is a product of prime numbers of a preset number, M is an integer whose square is closest to n, n is a number of queried data held by the server device, and each piece of queried data includes a keyword and corresponding data.
The value of m or n may be obtained by the client device from the server device.
In this step, the plaintext data y corresponding to the i-th group of keywords i The plaintext data y i The 1 to m powers of (a) may be expressed as: y is i 1 -y i m I.e. y i 1 ,y i 2 ,...,y i m ;
The plaintext data y i The 1 to M power of (M) modulo M can be expressed as: y is i 1 mod M -y i m mod M, i.e. y i 1 mod M,y i 2 mod M,...,y i m mod M, for convenience of description, will be y i 1 mod M -y i m modM, i.e. y i 1 mod M,y i 2 mod M,...,y i m mod M, expressed as: y is i 1 -Y i m I.e. Y i 1 ,Y i 2 ,...,Y i m ;
The result of the modulus is encrypted by using the public key pk, and the obtained m ciphertext data can be represented as:
[Y i 1 ] –[Y i m ]i.e., [ Y ] i 1 ],[Y i 2 ],...,[Y i m ]And i is an integer from 1 to v.
In the embodiment of the present application, according to the above example, the group of keywords includes the keyword x 1 -x 8 A total of 8 keywords, 8 prime numbers including prime number p 1 -p 8 And if the calculated corresponding plaintext data is y, the i-th power of the y is modulo M, and the following relational expression is satisfied:
y i =x 1 i mod p 1
y i =x 2 i mod p 2
......
y i =x 8 i mod p 8
that is, y i mod M is actually x 1 i mod p 1 、x 2 i mod p 2 、...、x 8 i mod p 8 Therefore, in the embodiment of the present application, through this step, for each plaintext data, modulo M by powers of 1 to M of the plaintext data, and the modulo result is encrypted by using the public key pk, so as to obtain ciphertext data of the plaintext data whose powers of 1 to M are modulo M.
Step 306, the client device sends the v × m pieces of ciphertext data to the server device.
Step 307, the server device divides the held queried data into multiple data shares.
The server side equipment holds n pieces of inquired data, and each piece of inquired data comprises a keyword and corresponding data, namelyIs a key-value pair, which can be expressed as (x) 1 ,d 1 ),(x 2 ,d 2 ),…,(x n ,d n ) Wherein x is 1 -x n Representing n keywords, d 1 -d n Representing the corresponding data.
Dividing n pieces of queried data according to the fact that each piece of data comprises m pieces of queried data, wherein m is an integer with the square closest to n, n = (a-1) x m + b, wherein b is more than 0 and less than or equal to m, namely dividing the n pieces of queried data into a parts, wherein the first a-1 parts of data comprise m pieces of queried data, and the a-th part of data comprise b pieces of queried data, and the method is represented as follows:
1 st data D 1 :(x 1 ,d 1 ),(x 2 ,d 2 ),…,(x m ,d m );
2 nd data D 2 :(x m +1,d m +1),(x m +2,d m +2),…,(x 2m ,d 2m );
……
A-th data D a :
(x (a-1)×m+1 ,d (a-1)×m+1 ),(x (a-1)×m+2 ,d (a-1)×m+2) ,…,(x n ,d n )。
Step 308, the server device generates a first polynomial function and a second polynomial function for each piece of data, where a keyword in one piece of data is used as an input of the corresponding first polynomial function to perform calculation, and a result is 0, and a keyword in one piece of data is used as an input of the corresponding second polynomial function to perform calculation, and a result is data corresponding to the keyword in the piece of data.
In the above example, n pieces of queried data are divided into a parts of data, and for the j-th part of data, the first polynomial function generated is F j (x) The second polynomial function is G j (x) The highest power of the first polynomial function and the second polynomial function is not greater than the number of the queried data contained in the data, and the highest power may also be the number of the queried data contained in the data, for example, the number of the queried data contained is m,the highest powers of the first polynomial function and the second polynomial function are not greater than m, the highest power may also be m, the number of the query data included is d (e.g., the a-th data, d is less than or equal to m), the highest powers of the first polynomial function and the second polynomial function are not greater than d, the highest power may also be d, but some polynomial coefficients may be 0, wherein j takes an integer of 1-a, i.e., a first polynomial function and a second polynomial function are obtained in total;
first polynomial function F j (x) Satisfies the following relation:
F j (x k ) =0, where k = (j-1) × m +1, (j-1) × m +2, \ 8230;, i.e., x k Taking D j Keywords of all queried data;
polynomial function of the second kind G j (x) The following relation is satisfied:
G j (x k )=d k where k = (j-1) × m +1, (j-1) × m +2, \ 8230, i.e., x k Taking D j All the keywords of the queried data of d k Is a corresponding keyword x k The data of (a);
for x k Wherein the value of k is an integer from 1 to n.
In this embodiment of the present application, a first polynomial function and a second polynomial function are generated, which are mainly polynomial coefficients to be calculated, in this step, for each piece of data, M may be used as a modulus to perform interpolation calculation, so as to obtain coefficients of the first polynomial function and the second polynomial function corresponding to the piece of data, that is, interpolation calculation is performed in the meaning of the modulus M to obtain polynomial coefficients, and it can be understood that in the meaning of the modulus M, all operations will finally modulo M, and a result is located in a range from 0 to M-1.
Regarding the generation of the first polynomial function and the second polynomial function in this step 308, if a preset number of prime numbers are generated by the server device, the server device may generate the first polynomial function and the second polynomial function in advance, and the first polynomial function and the second polynomial function generated in advance may be used for requests of privacy keyword queries of different client devices.
There is no strict sequence between the above steps 307-308 and the above steps 303-306.
Step 309, after receiving v × m pieces of ciphertext data, the server device corresponds to v pieces of plaintext data, that is, each piece of plaintext data corresponds to m pieces of ciphertext data, for each piece of plaintext data, takes m pieces of ciphertext data corresponding to the piece of plaintext data as input of a first polynomial functions, performs semi-homomorphic encryption calculation using a public key, which may be homomorphic addition and homomorphic multiplication operations of a semi-homomorphic encryption algorithm, to obtain a pieces of first semi-homomorphic ciphertext data corresponding to the piece of plaintext data, and takes m pieces of ciphertext data corresponding to the piece of plaintext data as input of a second polynomial functions, and performs semi-homomorphic encryption calculation using a public key, which may be homomorphic addition and homomorphic multiplication operations of the semi-homomorphic encryption algorithm, to obtain a pieces of second semi-homomorphic ciphertext data corresponding to the piece of plaintext data.
For a polynomial function f (x) whose highest power does not exceed m, Y is known 2 ,…,Y m Ciphertext [ Y],[Y 2 ],…,[Y m ]The polynomial function f (x) = c can be calculated using the public key and using homomorphic addition and homomorphic multiplication of the semi-homomorphic encryption algorithm 0 +c 1 x+c 2 x 2 +…+c m x m Function value at x = Y, resulting in ciphertext [ f (Y)]Because the coefficients of the polynomials in f (x) are known multipliers, the result of the ciphertext can be obtained by multiplying and summing the numbers respectively.
In the embodiment of the application, the server device receives v × m pieces of ciphertext data, which may be regarded as v groups of ciphertext data, each group of ciphertext data includes m pieces of ciphertext data, and v groups of ciphertext data are in one-to-one correspondence with v pieces of plaintext data, that is, are also in one-to-one correspondence with v groups of keywords.
For the ith plaintext data, the corresponding ith group of ciphertext data is [ Y i 1 ],[Y i 2 ],...,[Y i m ]Using the set of ciphertext data as a first polynomial function F j (x) To obtain semi-homomorphic ciphertext data F j (Y i ) For convenience of descriptionIt is referred to as first semi-homomorphic ciphertext data F j (Y i ) J is an integer of 1-a, so that a first half homomorphic ciphertext data F are obtained in total j (Y i ) I.e., [ F ] 1 (Y i )] , [F 2 (Y i )], ...,[F a (Y i )]。
Using the group of ciphertext data as a second polynomial function G j (x) To obtain semi-homomorphic ciphertext data G j (Y i ) For the convenience of description, it will be referred to as second semi-homomorphic ciphertext data G j (Y i ) J is an integer of 1-a, so that a second semi-homomorphic ciphertext data G are obtained j (Y i ) I.e., [ G ] 1 (Y i )] , [G 2 (Y i )], ... , [G a (Y i )]。
Step 310, the server device uses a public key to multiply and homomorphically add each data and each plaintext data on the ciphertext, calculates the product of the plaintext data and the random number corresponding to the plaintext data multiplied by the plaintext data and the first half homomorphic ciphertext data corresponding to the data, and the sum of the plaintext data and the second half homomorphic ciphertext data corresponding to the data as the query ciphertext data, and obtains a × v query ciphertext data in total, wherein the random number is obtained by modulo M randomly.
The random number is obtained modulo M randomly, which is understood to be in the range of 0 to M-1, and the probability of each integer in the range of 0 to M-1 being the same.
In this step, for the ith plaintext data and the jth data, the public key pk is used to multiply the ciphertext by homomorphic numbers and add the ciphertext by homomorphic numbers, and the sum value as the query ciphertext data is calculated by the following formula:
r j,i× F j (x) + G j (x) And x is Y i ;
J is respectively taken as an integer of 1-a aiming at the ith plaintext data, and then [ r ] is obtained 1,i× F 1 (Y i ) + G 1 (Y i )],[r 2,i× F 2 (Y i ) + G 2 (Y i )],...,[r a,i× F a (Y i ) + G a (Y i )]A total of a query ciphertext data;
and i is respectively an integer of 1-v, and a x v query ciphertext data are obtained in total.
Step 311, the server device sends a × v pieces of query ciphertext data to the client device.
In step 312, the client device decrypts the a × v pieces of query ciphertext data by using the private key sk to obtain a × v query decryption results.
The a x v query decryption results may be represented as z j,i J is an integer from 1 to a, and i is an integer from 1 to v.
Step 313, the client device decodes, for each query decryption result, based on the plaintext data corresponding to the query decryption result using the chinese remainder theorem to obtain each decoded data, where each decoded data corresponds to each keyword included in a group of keywords corresponding to the plaintext data corresponding to the query decryption result.
In this step, each query decryption result corresponds to 1 plaintext data, that is, query decryption result z j,i And ith plaintext data y i Corresponding, based on the corresponding plaintext data y i Decrypting the ciphertext using the Chinese remainder theorem j,i Decoding is performed, and the number of each decoded data obtained is the same as the number of keywords included in the i-th group of keywords corresponding to the i-th plaintext data, so that each decoded data corresponds to each keyword included in the corresponding group of keywords one to one.
The number of ciphertext decryption results corresponding to 1 plaintext data is a in total, for each keyword to be queried included in a group of keywords corresponding to the plaintext data, 1 piece of decoding data corresponding to the keyword is contained in each piece of decoding data obtained by decoding each ciphertext decryption result, and the a piece of decoding data corresponds to the keyword in all pieces of decoding data obtained by decoding the a piece of ciphertext decryption result, and the u × a pieces of decoding data are obtained in total for the u pieces of keywords to be queried.
According to the above example, the preset numberFor 8, take 1 set of keywords corresponding to 1 plaintext datum comprising 8 keywords as an example, 8 prime numbers comprising prime number p 1 -p 8 If the ciphertext decryption result corresponding to the plaintext data is z, decoding the ciphertext decryption result z by using the chinese remainder theorem, which can be calculated by using the following formula:
z 1 =z mod p 1
z 2 =z mod p 2
......
z 8 =z mod p 8
obtained z 1 、z 2 、...、z 8 I.e. decoded data obtained by decoding, wherein z is 1 =z mod p 1 For example, z 1 Is z to p 1 And (5) taking a modulus result.
In step 314, the client device uses the decoded data with the data bit number consistent with the data bit number of the queried data from the decoded data as the query result of the corresponding keyword.
According to the step 313, a decoded data is obtained for each keyword to be queried, and accordingly, the decoded data whose data bit number is consistent with that of the queried data (i.e. data in a key value pair composed of the corresponding keyword and data) can be used as the query result of the keyword from the a decoded data, and if the decoded data whose data bit number is consistent does not exist, it indicates that the data corresponding to the keyword is not queried from the queried data held by the server device.
For example, if a decoded data corresponding to the keyword to be queried has a data bit number equal to the prime number p i If the number of bits is consistent, i.e., greater than the specified number of bits (40 bits in the above example), the data corresponding to the keyword is not queried.
In the embodiment of the application, for one keyword to be queried, if there is decoding data with the same data bit number, only one decoding data with the same data bit number exists, and there are not a plurality of decoding data, that is, only one data corresponding to the keyword to be queried can be queried.
Based on the same inventive concept, according to the privacy keyword query method applied to the client device provided in the foregoing embodiment of the present application, correspondingly, another embodiment of the present application further provides a privacy keyword query device applied to the client device, a schematic structural diagram of which is shown in fig. 4, and specifically includes:
a keyword grouping module 41, configured to group a plurality of keywords to be queried according to each group including a preset number of keywords, to obtain v groups of keywords, where the number of keywords included in the v-th group of keywords is less than or equal to the preset number;
the keyword encoding module 42 is configured to, for each group of keywords, use the predetermined number of prime numbers as parameters of the chinese remainder theorem, calculate, using the chinese remainder theorem, congruence data of the predetermined number of keywords included in the group of keywords, and use the congruence data as plaintext data for packaging and encoding the group of keywords, to obtain v plaintext data in total for the v groups of keywords;
a plaintext data encryption module 43, configured to calculate, for each piece of plaintext data, ciphertext data modulo M by a power of 1 to M of the plaintext data using a public key, so as to obtain a total of v × M pieces of ciphertext data for v pieces of plaintext data, where M is a product of prime numbers of the preset number, M is an integer whose square is closest to n, n is a number of queried data held by the server device, and each piece of queried data includes a keyword and corresponding data;
a ciphertext data sending module 44, configured to send the vxm ciphertext data to the server device, enabling the server-side equipment to take m ciphertext data corresponding to each plaintext data as input of a first polynomial functions, performing semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performing semi-homomorphic encryption calculation by using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, the a is the number of the data divided by the n pieces of the inquired data according to m pieces of the data, the a first polynomial functions and the a second polynomial functions are respectively generated aiming at each piece of the data, the keywords in one piece of the data are used as the input of the corresponding first polynomial functions for calculation, the result is 0, the keywords in one piece of the data are used as the input of the corresponding second polynomial functions for calculation, the result is the data corresponding to the keywords in the piece of the data, the server-side equipment is also used for each piece of the data and each piece of the plaintext data, homomorphic multiplication and homomorphic addition are adopted on the ciphertext by using a public key, the product of the random number corresponding to the piece of the data and the plaintext data multiplied by the first half homomorphic ciphertext data corresponding to the piece of the data is calculated by the server-side equipment according to each piece of the data and each piece of the plaintext data, the sum of the second semi-homomorphic ciphertext data corresponding to the plaintext data and the portion of data is used as query ciphertext data to obtain a × v query ciphertext data in total, the random number is obtained by taking a modulo M random mode, and the a x v pieces of query ciphertext data are sent to the client device;
the query ciphertext data decryption module 45 is configured to decrypt, using the private key, the a × v pieces of query ciphertext data to obtain a × v pieces of query decryption results;
a data decoding module 46, configured to, for each query decryption result, perform decoding using the chinese remainder theorem based on plaintext data corresponding to the query decryption result to obtain each piece of decoded data, where each piece of decoded data corresponds to each keyword included in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one;
and a query result determining module 47, configured to use, as a query result of the corresponding keyword, decoded data with a data bit number that is consistent with the data bit number of the queried data from the decoded data.
Further, the length of the prime number of the preset number is greater than the specified number of bits of the data bits of the queried data held by the server device.
Based on the same inventive concept, according to the privacy keyword query method applied to the client device provided in the foregoing embodiment of the present application, correspondingly, another embodiment of the present application further provides a privacy keyword query device applied to the server device, a schematic structural diagram of which is shown in fig. 5, and specifically includes:
a ciphertext data receiving module 51, configured to receive vxm pieces of ciphertext data sent by a client device, where the vxm pieces of ciphertext data are generated by the client device by using the following steps:
the client device groups a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and encoding the group of keywords to obtain v plaintext data aiming at the v groups of keywords;
the client device calculates ciphertext data of the plaintext data, which is modulo by power from 1 to M, by using a public key for each plaintext data to obtain a total of v × M ciphertext data for v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
a ciphertext data calculation module 52, configured to perform, for each piece of plaintext data, semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the piece of plaintext data, use m ciphertext data corresponding to the piece of plaintext data as input of a second polynomial functions, perform semi-homomorphic encryption calculation using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the piece of plaintext data, where a is a number of copies obtained by dividing n pieces of queried data by using m pieces of data per piece of data, a is generated for each copy of data, a is calculated by using a keyword in one piece of data as input of a corresponding first polynomial function, a result is 0, and a keyword in one piece of data is calculated as input of a corresponding second polynomial function, where a result is data corresponding to the keyword in the piece of data;
a half homomorphic ciphertext data calculation module 53, configured to calculate, for each piece of data and each piece of plaintext data, a product of a random number corresponding to the piece of data and the plaintext data multiplied by the plaintext data and a first half homomorphic ciphertext data corresponding to the piece of data, and a sum of a second half homomorphic ciphertext data corresponding to the plaintext data and the piece of data, as query ciphertext data, to obtain a × v pieces of query ciphertext data in total, where the random number is obtained by modulo M in a random manner, and the homomorphic number is obtained by adding a homomorphic number to a ciphertext;
a query ciphertext data sending module 54, configured to send the a × v pieces of query ciphertext data to the client device, so that the client device decrypts the a × v pieces of query ciphertext data by using the private key to obtain a × v query decryption results, and for each query decryption result, based on plaintext data corresponding to the query decryption result, decodes by using the chinese remainder theorem to obtain each decoded data, where each decoded data corresponds to each keyword included in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one to one, and from each decoded data, uses decoded data whose data bit number is consistent with that of the queried data as a query result of the corresponding keyword.
Further, the length of the prime number of the preset number is greater than the specified number of bits of the data bits of the queried data held by the server device.
Further, the ciphertext data calculating module 52 is further configured to perform interpolation calculation on each piece of data by using M as a modulus, so as to obtain coefficients of the first polynomial function and the second polynomial function corresponding to the piece of data.
The functions of the above modules may correspond to the corresponding processing steps in the flows shown in fig. 1 to fig. 3, and are not described herein again.
The privacy keyword query device provided by the embodiment of the application can be realized by a computer program. It should be understood by those skilled in the art that the above-mentioned division of the modules is only one of many divisions of the modules, and if the division into other modules or no division into modules is performed, it is within the scope of the present application as long as the privacy keyword query device has the above-mentioned functions.
An electronic device, as shown in fig. 6, includes a processor 61 and a machine-readable storage medium 62, where the machine-readable storage medium 62 stores machine-executable instructions that can be executed by the processor 61, and the processor 61 is caused by the machine-executable instructions to: the method for inquiring the privacy keywords applied to the client device is realized, or the method for inquiring the privacy keywords applied to the server device is realized.
An embodiment of the present application provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements any one of the above-mentioned privacy keyword query methods applied to a client device, or implements any one of the above-mentioned privacy keyword query methods applied to a server device.
Embodiments of the present application further provide a computer program product including instructions, which when run on a computer, cause the computer to execute any one of the above-mentioned privacy keyword query methods applied to a client device, or execute any one of the above-mentioned privacy keyword query methods applied to a server device.
The machine-readable storage medium in the electronic device may include a Random Access Memory (RAM) and a Non-Volatile Memory (NVM), such as at least one disk Memory. Alternatively, the memory may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on differences from other embodiments. In particular, for the apparatus, the electronic device, the computer-readable storage medium, and the computer program product embodiment, since they are substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "...," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A privacy keyword query method is applied to a client device, and comprises the following steps:
grouping a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
aiming at each group of keywords, taking the prime numbers of the preset number as parameters of the Chinese remainder theorem, calculating the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and taking the congruence data as the plaintext data of the keyword packing and coding aiming at the group of keywords to obtain v plaintext data aiming at the group of keywords;
for each plaintext data, calculating ciphertext data of the plaintext data, which is subjected to power 1 to M and modulo M, by using a public key to obtain a total of v × M ciphertext data for the v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each piece of queried data comprises a keyword and corresponding data;
sending the vxm ciphertext data to a server device, so that the server device, for each plaintext data, takes M ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performs a semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and takes M ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performs a semi-homomorphic encryption calculation using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, where a is the number of pieces of data obtained by dividing n pieces of queried data according to M pieces of data included in each piece of data, and a first polynomial functions and a second polynomial functions are generated for each piece of data respectively, calculating a keyword in a piece of data as the input of a corresponding first polynomial function, wherein the result is 0, calculating the keyword in the piece of data as the input of a corresponding second polynomial function, and the result is data corresponding to the keyword in the piece of data, and further enabling the server device to calculate a product of a random number corresponding to the piece of data and the plaintext data by using a public key on a ciphertext by adopting homomorphic multiplication and homomorphic addition for each piece of data and each plaintext data, and a sum of the plaintext data and a second half homomorphic ciphertext data corresponding to the piece of data and a sum of the plaintext data and the second half homomorphic ciphertext data corresponding to the piece of data as query ciphertext data to obtain a × v query ciphertext data in total, wherein the random number is obtained by modulo M randomly, and the a × v query ciphertext data is sent to the client device;
decrypting the a x v query ciphertext data by using a private key to obtain a x v query decryption results;
for each query decryption result, decoding the plaintext data corresponding to the query decryption result by using the Chinese remainder theorem to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result;
and using the decoded data with the data bit number consistent with the data bit number of the inquired data as the inquiry result of the corresponding keyword from the decoded data.
2. The method of claim 1, wherein the length of the predetermined number of prime numbers is greater than a specified number of bits of the number of data bits of the queried data held by the server device.
3. A method for inquiring privacy key words is applied to server-side equipment, and comprises the following steps:
receiving vxm ciphertext data sent by a client device, wherein the vxm ciphertext data is generated by the client device by adopting the following steps:
the client device groups a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and encoding the group of keywords to obtain v plaintext data aiming at the v groups of keywords;
the client device calculates ciphertext data of the plaintext data, which is modulo by power from 1 to M, by using a public key for each plaintext data to obtain a total of v × M ciphertext data for v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with a square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the server-side equipment uses m ciphertext data corresponding to each plaintext data as input of a first polynomial functions, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performs semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of the data obtained by dividing n inquired data according to the fact that each data comprises m data, a first polynomial functions and a second polynomial functions are generated respectively for each data, a keyword in one data is used as input of the corresponding first polynomial functions for calculation, the result is 0, a keyword in one data is used as input of the corresponding second polynomial functions for calculation, and the result is data corresponding to the keyword in the data;
the server-side equipment uses a public key to multiply and homomorphically add on a ciphertext by using homomorphic numbers aiming at each data and each plaintext data, calculates the product of the random number corresponding to the data and the plaintext data multiplied by the plaintext data and the first half homomorphic ciphertext data corresponding to the data, and the sum of the plaintext data and the second half homomorphic ciphertext data corresponding to the data as query ciphertext data to obtain a x v query ciphertext data in total, wherein the random number is obtained by taking a modulus M to obtain a random number;
sending the a × v pieces of query ciphertext data to the client device, so that the client device decrypts the a × v pieces of query ciphertext data by using a private key to obtain a × v query decryption results, and for each query decryption result, decoding by using the Chinese remainder theorem based on plaintext data corresponding to the query decryption result to obtain each piece of decoded data, wherein each piece of decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one, and decoding data with the data bit number consistent with that of the queried data in each piece of decoded data is used as a query result of the corresponding keyword.
4. The method of claim 3, wherein the length of the predetermined number of prime numbers is greater than a specified number of bits of the number of data bits of the queried data held by the server device.
5. The method as claimed in claim 3, wherein before said, for each plaintext data, taking m ciphertext data corresponding to the plaintext data as input of a first polynomial functions of a, performing a semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions of a, performing a semi-homomorphic encryption calculation using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, the method further comprises:
and for each piece of data, performing interpolation calculation by taking M as a modulus to obtain coefficients of a first polynomial function and a second polynomial function corresponding to the piece of data.
6. An apparatus for querying a privacy keyword, applied to a client device, the apparatus comprising:
the keyword grouping module is used for grouping a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, and the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the keyword coding module is used for taking the prime numbers in the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculating the congruence data of the keywords in the preset number contained in the group of keywords by using the Chinese remainder theorem, and taking the congruence data as plaintext data for packaging and coding the group of keywords to obtain v plaintext data in total for the v groups of keywords;
a plaintext data encryption module, configured to calculate ciphertext data modulo M by a power of 1 to M of the plaintext data using a public key for each piece of plaintext data, to obtain a total of v × M ciphertext data for v pieces of plaintext data, where M is a product of prime numbers of the preset number, M is an integer whose square is closest to n, n is a number of queried data held by the server device, and each piece of queried data includes a keyword and corresponding data;
a ciphertext data sending module, configured to send the vxm ciphertext data to a server device, so that the server device uses, for each plaintext data, m ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performs a semi-homomorphic encryption calculation using a public key, to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performing semi-homomorphic encryption calculation by using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, a is the number of the data to be inquired divided according to m data in each data, a first polynomial function and a second polynomial function are respectively generated aiming at each data, the key word in one data is used as the input of the corresponding first polynomial function to be calculated, the result is 0, the key word in one data is used as the input of the corresponding second polynomial function to be calculated, the result is the data corresponding to the key word in the data, the server-side equipment is also used for each data and each plaintext data, homomorphic multiplication and homomorphic addition are adopted on a ciphertext by using a public key, the product of the plaintext data and the random number corresponding to the plaintext data is multiplied by the first half homomorphic ciphertext data corresponding to the plaintext data, the sum of the second semi-homomorphic ciphertext data corresponding to the plaintext data and the portion of data is used as query ciphertext data to obtain a x v query ciphertext data in total, the random number is obtained by modulo M in a random manner, and the a x v query ciphertext data are sent to the client device;
the query ciphertext data decryption module is used for decrypting the a × v pieces of query ciphertext data by using a private key to obtain a × v query decryption results;
the data decoding module is used for decoding the query decryption result based on the plaintext data corresponding to the query decryption result by using the Chinese remainder theorem to obtain each piece of decoding data, wherein each piece of decoding data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result;
and the query result determining module is used for taking the decoded data with the data bit number consistent with that of the queried data from the decoded data as the query result of the corresponding keyword.
7. The apparatus of claim 6, wherein the length of the predetermined number of prime numbers is greater than a specified number of bits of the number of data bits of the queried data held by the server device.
8. The privacy keyword query device is applied to server equipment, and comprises:
a ciphertext data receiving module, configured to receive vxm ciphertext data sent by a client device, where the vxm ciphertext data is generated by the client device by using the following steps:
the client device groups a plurality of keywords to be inquired according to each group containing a preset number of keywords to obtain v groups of keywords, wherein the number of the keywords contained in the v group of keywords is less than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates the congruence data of the keywords of the preset number contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packaging and encoding the group of keywords to obtain v plaintext data aiming at the v groups of keywords;
the client device calculates ciphertext data of each plaintext data, wherein the 1-M power of the plaintext data is modulo by using a public key, so as to obtain v × M ciphertext data in total for v plaintext data, wherein M is a product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of inquired data held by the server device, and each piece of inquired data comprises a keyword and corresponding data;
the ciphertext data calculation module is used for taking m ciphertext data corresponding to the plaintext data as input of a first polynomial functions, performing semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, taking m ciphertext data corresponding to the plaintext data as input of a second polynomial functions, performing semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of the data obtained by dividing n pieces of inquired data according to m pieces of data included in each piece of data, a first polynomial functions and a second polynomial functions are generated respectively aiming at each piece of data, a keyword in one piece of data is taken as input of the corresponding first polynomial functions to calculate, the result is 0, and a keyword in one piece of data is taken as input of the corresponding second polynomial functions to calculate, and the result is the data corresponding to the keyword in the piece of data;
a half homomorphic ciphertext data calculation module, configured to calculate, for each piece of data and each piece of plaintext data, a product of a random number corresponding to the piece of data and the plaintext data multiplied by a first half homomorphic ciphertext data corresponding to the piece of data and the plaintext data, and a sum of a second half homomorphic ciphertext data corresponding to the plaintext data and the piece of data, as query ciphertext data, to obtain a × v pieces of query ciphertext data in total, where the random number is obtained by modulo M randomly;
a query ciphertext data sending module, configured to send the a × v pieces of query ciphertext data to the client device, so that the client device decrypts the a × v pieces of query ciphertext data by using a private key to obtain a × v query decryption results, and for each query decryption result, based on plaintext data corresponding to the query decryption result, decodes by using the chinese remainder theorem to obtain each piece of decoded data, where each piece of decoded data corresponds to each keyword included in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one to one, and from each piece of decoded data, uses decoded data whose data bit number is consistent with that of the queried data as a query result of the corresponding keyword.
9. An electronic device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: carrying out the method of any one of claims 1-2, or carrying out the method of any one of claims 3-5.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method of any one of claims 1-2 or carries out the method of any one of claims 3-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310269239.8A CN115982424B (en) | 2023-03-15 | 2023-03-15 | Privacy keyword query method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310269239.8A CN115982424B (en) | 2023-03-15 | 2023-03-15 | Privacy keyword query method and device and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115982424A true CN115982424A (en) | 2023-04-18 |
| CN115982424B CN115982424B (en) | 2023-05-12 |
Family
ID=85966877
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310269239.8A Active CN115982424B (en) | 2023-03-15 | 2023-03-15 | Privacy keyword query method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115982424B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116208316A (en) * | 2023-04-27 | 2023-06-02 | 蓝象智联(杭州)科技有限公司 | Semi-homomorphic encryption method and device for saving storage space and storage medium |
| CN116303551A (en) * | 2023-05-16 | 2023-06-23 | 北京信安世纪科技股份有限公司 | Hidden query method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080294909A1 (en) * | 2005-03-01 | 2008-11-27 | The Regents Of The University Of California | Method for Private Keyword Search on Streaming Data |
| CN112667674A (en) * | 2021-03-12 | 2021-04-16 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
| CN114124343A (en) * | 2020-11-16 | 2022-03-01 | 神州融安数字科技(北京)有限公司 | Privacy-protecting risk scoring information query method, device, system and equipment |
| CN114428972A (en) * | 2022-01-21 | 2022-05-03 | 深圳市洞见智慧科技有限公司 | Privacy protection query method and device supporting outsourcing calculation and related equipment |
| CN114756886A (en) * | 2022-06-13 | 2022-07-15 | 华控清交信息科技(北京)有限公司 | Method and device for hiding trace query |
| CN114943038A (en) * | 2022-07-26 | 2022-08-26 | 阿里健康科技(杭州)有限公司 | Query method, server, query system, computer device, and storage medium |
| CN115186145A (en) * | 2022-09-09 | 2022-10-14 | 华控清交信息科技(北京)有限公司 | Privacy keyword query method, device and system |
-
2023
- 2023-03-15 CN CN202310269239.8A patent/CN115982424B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080294909A1 (en) * | 2005-03-01 | 2008-11-27 | The Regents Of The University Of California | Method for Private Keyword Search on Streaming Data |
| CN114124343A (en) * | 2020-11-16 | 2022-03-01 | 神州融安数字科技(北京)有限公司 | Privacy-protecting risk scoring information query method, device, system and equipment |
| CN112667674A (en) * | 2021-03-12 | 2021-04-16 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
| CN114428972A (en) * | 2022-01-21 | 2022-05-03 | 深圳市洞见智慧科技有限公司 | Privacy protection query method and device supporting outsourcing calculation and related equipment |
| CN114756886A (en) * | 2022-06-13 | 2022-07-15 | 华控清交信息科技(北京)有限公司 | Method and device for hiding trace query |
| CN114943038A (en) * | 2022-07-26 | 2022-08-26 | 阿里健康科技(杭州)有限公司 | Query method, server, query system, computer device, and storage medium |
| CN115186145A (en) * | 2022-09-09 | 2022-10-14 | 华控清交信息科技(北京)有限公司 | Privacy keyword query method, device and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116208316A (en) * | 2023-04-27 | 2023-06-02 | 蓝象智联(杭州)科技有限公司 | Semi-homomorphic encryption method and device for saving storage space and storage medium |
| CN116303551A (en) * | 2023-05-16 | 2023-06-23 | 北京信安世纪科技股份有限公司 | Hidden query method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115982424B (en) | 2023-05-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2020253234A1 (en) | Data homomorphic encryption and decryption method and apparatus for implementing privacy protection | |
| US11159305B2 (en) | Homomorphic data decryption method and apparatus for implementing privacy protection | |
| Gaborit et al. | Identity-based encryption from codes with rank metric | |
| CN106953722B (en) | Ciphertext query method and system for full homomorphic encryption | |
| Wang et al. | Secure optimization computation outsourcing in cloud computing: A case study of linear programming | |
| CN115982424B (en) | Privacy keyword query method and device and electronic equipment | |
| Saarinen | HILA5: On reliability, reconciliation, and error correction for Ring-LWE encryption | |
| KR101861089B1 (en) | Homomorphic Encryption Method of a Plurality of Messages Supporting Approximate Arithmetic of Complex Numbers | |
| CN106850221B (en) | Information encryption and decryption method and device | |
| US20160020898A1 (en) | Privacy-preserving ridge regression | |
| CN1211363A (en) | Communication method using common cryptographic key | |
| CN115186145B (en) | Privacy keyword query method, device and system | |
| Zhang et al. | Efficient and privacy-preserving min and $ k $ th min computations in mobile sensing systems | |
| CN112131227A (en) | Data query method and device based on alliance chain | |
| CN110324321B (en) | Data processing method and device | |
| CN114696990B (en) | Multi-party computing method, system and related equipment based on fully homomorphic encryption | |
| CN114175569A (en) | System and method for adding and comparing integers encrypted with quasigroup operations in AES counter mode encryption | |
| CN115834200A (en) | Attribute-based searchable encryption data sharing method based on block chain | |
| Faragallah | An efficient block encryption cipher based on chaotic maps for secure multimedia applications | |
| Huang et al. | Block-Level Message-Locked Encryption with Polynomial Commitment for IoT Data. | |
| Feng et al. | Efficient and verifiable outsourcing scheme of sequence comparisons | |
| CN115865302A (en) | Multi-party matrix multiplication method with privacy protection attribute | |
| Babenko et al. | Euclidean division method for the homomorphic scheme ckks | |
| Kim et al. | Search condition-hiding query evaluation on encrypted databases | |
| CN113645022A (en) | Method and device for determining privacy set intersection, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |