CN116071137A

CN116071137A - Guarantee evaluation method and device, storage medium and electronic equipment

Info

Publication number: CN116071137A
Application number: CN202310042476.0A
Authority: CN
Inventors: 王延昭; 唐华云; 李�荣; 商丽丽; 华娇娇; 孙爽
Original assignee: China Bond Jinke Information Technology Co ltd
Current assignee: China Bond Jinke Information Technology Co ltd
Priority date: 2023-01-28
Filing date: 2023-01-28
Publication date: 2023-05-05
Anticipated expiration: 2043-01-28
Also published as: CN116071137B

Abstract

The invention provides a guarantee assessment method and device, a storage medium and electronic equipment, wherein the method comprises the following steps: determining a guarantee amount and a computing node of each cooperative mechanism; generating a key pair based on the hierarchical homomorphic encryption policy; encrypting the guarantee amount to obtain a secret state guarantee amount; triggering each computing node in turn to perform data calculation based on the secret state computing input data and the secret state asset amount of the computing node to obtain secret state computing output data; the secret state calculation input data of the first calculation node is secret state guarantee limit, and the secret state calculation input data of the other calculation nodes is secret state calculation output data of the last calculation node; and obtaining a secret state evaluation result corresponding to the final secret state calculation output data based on the careless transmission protocol, and decrypting the secret state evaluation result to obtain a guarantee evaluation result. By applying the method of the invention, a plurality of financial institutions can perform cooperative calculation, jointly prove the guarantee limit of the user, the processing process is short in time consumption and high in efficiency, and the customer service experience can be improved.

Description

Guarantee evaluation method and device, storage medium and electronic equipment

Technical Field

The present invention relates to the field of financial technologies, and in particular, to a guarantee assessment method and apparatus, a storage medium, and an electronic device.

Background

When a customer transacts a service requiring the provision of a guarantee, the customer needs to provide a guarantee that the asset meets the requirements of the guarantee. One of the common assets that customers use for vouching is the customer's assets at the financial institution. Currently, when a customer needs to provide a guarantee with an asset at a financial institution, a guarantee assessment mechanism performs a guarantee assessment with an asset proof of the financial institution, and gives a guarantee assessment result, that is, a guarantee proof.

In the existing guarantee assessment process, the asset certification of the financial institution is provided by a client, and the client needs to request the financial institution to issue the asset certification to the asset of the financial institution, and submit the asset certification to the guarantee assessment institution, so as to obtain the guarantee certification.

In practice, many customers' assets are not concentrated at a single financial institution, but rather are distributed across multiple financial institutions, with whom customers often need to provide vouching. Under the scene, based on the existing guarantee assessment method, the client needs to set up the asset certification of the client at each financial institution by itself, the process is very tedious, and a great deal of time and effort are required to be consumed by the client, so that the client experience is poor.

Disclosure of Invention

Therefore, the embodiment of the invention provides a guarantee evaluation method, which aims to solve the problems that in the existing guarantee evaluation process, clients need to apply for asset certification at each financial institution by themselves, the process is tedious, and time and labor are wasted.

The embodiment of the invention also provides a guarantee assessment device which is used for guaranteeing the actual implementation and application of the method.

In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:

a vouching evaluation method, comprising:

when a guarantee evaluation request sent by a user is received, determining a guarantee amount corresponding to the guarantee evaluation request and a plurality of cooperative mechanisms, and determining a computing node corresponding to each cooperative mechanism;

generating a public key and a private key according to a preset hierarchical homomorphic encryption strategy;

homomorphic encryption processing is carried out on the guarantee amount according to the public key, so that a secret state guarantee amount is obtained;

determining the corresponding sequence of each computing node;

according to the sequence corresponding to each computing node, each computing node is triggered in sequence to determine the amount of the secret state asset corresponding to the computing node according to the public key, the difference value between the secret state computing input data input into the computing node and the secret state asset amount is calculated, and the difference value is used as secret state computing output data of the computing node; the secret state calculation output data of each calculation node is secret state calculation input data of the next calculation node, and the secret state guarantee limit is secret state calculation input data of the first calculation node;

Determining a secret state evaluation result corresponding to the target secret state calculation output data based on a preset careless transmission protocol; the target secret state calculation output data is secret state calculation output data of target calculation nodes, and the target calculation nodes are the last calculation nodes in the calculation nodes;

homomorphic decryption processing is carried out on the secret state evaluation result according to the private key, and a guarantee evaluation result corresponding to the secret state evaluation result is obtained; the guarantee assessment results represent whether the assets of the user in the plurality of cooperative mechanisms meet the guarantee requirements of the guarantee amount or not;

and feeding back the guarantee evaluation result to the user, and ending the current guarantee evaluation process.

In the above method, optionally, the preset hierarchical homomorphic encryption policy is a hierarchical homomorphic encryption policy based on a trellis password.

In the above method, optionally, the process that the computing node determines the amount of the encrypted asset corresponding to the computing node according to the public key includes:

determining the asset amount corresponding to the assets of the user in the cooperative mechanism corresponding to the computing node;

and carrying out homomorphic encryption processing on the asset amount according to the public key, and taking an encryption result as a secret asset amount corresponding to the computing node.

In the above method, optionally, the determining, based on a preset careless transmission protocol, a secret state evaluation result corresponding to the target secret state calculation output data includes:

receiving a secret state data sequence sent by the target computing node by calling the preset careless transmission protocol; the secret data sequence comprises a plurality of secret data, and is a sequence generated by the target computing node based on the target secret computing output data;

performing homomorphic decryption processing on each piece of secret data in the secret data sequence according to the private key to obtain a plaintext data sequence corresponding to the secret data sequence; the plaintext data sequence comprises plaintext data corresponding to each piece of the encrypted data;

according to a preset Boolean variable conversion strategy, carrying out Boolean variable conversion on each plaintext data in the plaintext data sequence to obtain a Boolean variable sequence corresponding to the plaintext data sequence; the Boolean variable sequence comprises Boolean variables corresponding to each plaintext data;

carrying out homomorphic encryption processing on each Boolean variable in the Boolean variable sequence according to the public key to obtain a secret Boolean variable sequence corresponding to the Boolean variable sequence; the secret Boolean variable sequence comprises secret Boolean variables corresponding to each plaintext data;

The secret state Boolean variable sequence is sent to the target computing node, so that the target computing node determines a target secret state Boolean variable corresponding to the target secret state computing output data in the secret state Boolean variable sequence;

and receiving the target secret Boolean variable sent by the target computing node, and taking the target secret Boolean variable as the secret state evaluation result.

The method, optionally, the generating process of the secret data sequence includes:

generating a plurality of random numbers through a preset random number generator;

carrying out homomorphic encryption processing on each random number according to the public key to obtain a secret random number corresponding to each random number;

randomly sequencing each secret random number and the target secret calculation output data to obtain an arrangement sequence corresponding to each secret random number and an arrangement sequence corresponding to the target secret calculation output data;

and forming a data sequence by the secret random numbers and the target secret calculation output data according to the arrangement sequence corresponding to the secret random numbers and the arrangement sequence corresponding to the target secret calculation output data, and taking the data sequence as the secret data sequence.

In the above method, optionally, the process of determining, by the target computing node, a target secret boolean variable corresponding to the target secret calculation output data in the secret boolean variable sequence includes:

taking the arrangement sequence corresponding to the target secret state calculation output data as a data selection position;

determining a dense Boolean variable corresponding to the data selection position in the dense Boolean variable sequence;

and taking the dense state Boolean variable corresponding to the data selection position as the target dense state Boolean variable.

According to the above method, optionally, the performing boolean variable conversion on each plaintext data in the plaintext data sequence according to a preset boolean variable conversion policy to obtain a boolean variable sequence corresponding to the plaintext data sequence includes:

judging whether the plaintext data is smaller than or equal to zero for each piece of plaintext data, if the plaintext data is smaller than or equal to zero, taking a numerical value I as a Boolean variable corresponding to the plaintext data, and if the plaintext data is larger than zero, taking the numerical value zero as the Boolean variable corresponding to the plaintext data;

according to the arrangement sequence of the plaintext data in the plaintext data sequence, sequencing the Boolean variables corresponding to the plaintext data, and forming the Boolean variable sequence by the Boolean variables corresponding to the sequenced plaintext data.

A vouching evaluation device, comprising:

the first determining unit is used for determining a guarantee amount corresponding to a guarantee evaluation request and a plurality of cooperative mechanisms when the guarantee evaluation request sent by a user is received, and determining a computing node corresponding to each cooperative mechanism;

the key generation unit is used for generating a public key and a private key according to a preset hierarchical homomorphic encryption strategy;

the encryption unit is used for carrying out homomorphic encryption processing on the guarantee line according to the public key to obtain a secret state guarantee line;

a second determining unit, configured to determine an order corresponding to each computing node;

the computing unit is used for triggering each computing node in turn according to the sequence corresponding to each computing node, determining the amount of the secret state asset corresponding to the computing node according to the public key, calculating the difference value between the secret state computing input data input into the computing node and the amount of the secret state asset, and taking the difference value as the secret state computing output data of the computing node; the secret state calculation output data of each calculation node is secret state calculation input data of the next calculation node, and the secret state guarantee limit is secret state calculation input data of the first calculation node;

The third determining unit is used for determining a secret state evaluation result corresponding to the target secret state calculation output data based on a preset careless transmission protocol; the target secret state calculation output data is secret state calculation output data of target calculation nodes, and the target calculation nodes are the last calculation nodes in the calculation nodes;

the decryption unit is used for carrying out homomorphic decryption processing on the secret state evaluation result according to the private key to obtain a guarantee evaluation result corresponding to the secret state evaluation result; the guarantee assessment results represent whether the assets of the user in the plurality of cooperative mechanisms meet the guarantee requirements of the guarantee amount or not;

and the feedback unit is used for feeding back the guarantee evaluation result to the user and ending the current guarantee evaluation process.

A storage medium comprising stored instructions that, when executed, control a device on which the storage medium resides to perform a vouching assessment method as described above.

An electronic device comprising a memory, and one or more instructions, wherein the one or more instructions are stored in the memory and configured to perform a vouching evaluation method as described above by one or more processors.

Based on the above-mentioned method for evaluating the warranty provided by the embodiment of the invention, the method comprises the following steps: when a guarantee evaluation request sent by a user is received, determining a guarantee amount and a plurality of cooperative mechanisms, and determining a computing node corresponding to each cooperative mechanism; generating a public key and a private key according to a preset hierarchical homomorphic encryption strategy; homomorphic encryption processing is carried out on the guarantee line according to the public key, so that a secret state guarantee line is obtained; determining the corresponding sequence of each computing node, sequentially triggering each computing node according to the sequence to determine the corresponding secret state asset amount of the computing node according to the public key, calculating the difference value between the secret state computing input data input into the computing node and the secret state asset amount, and taking the difference value as the secret state computing output data of the computing node; the secret state calculation output data of each calculation node is secret state calculation input data of the next calculation node, and the secret state guarantee limit is secret state calculation input data of the first calculation node; based on a preset careless transmission protocol, determining a secret state evaluation result corresponding to the secret state calculation output data of the last calculation node; homomorphic decryption processing is carried out on the secret state evaluation result according to the private key, and a guarantee evaluation result corresponding to the secret state evaluation result is obtained; the guarantee evaluation result characterizes whether the assets of the user in the plurality of cooperative institutions meet the guarantee requirement of the guarantee amount; and feeding back the guarantee evaluation result to the user, and ending the current guarantee evaluation process. By applying the method provided by the embodiment of the invention, when the user needs to carry out the guarantee assessment on the assets of a plurality of financial institutions, the user can obtain the guarantee assessment result by sending the guarantee assessment request. Each financial institution may perform collaborative calculations with the data density to prove the user's desired amount of vouch for at each financial institution's portfolio of assets. In the collaborative computing process, the homomorphic encryption technology is used for data computing, the computing result is fed back based on the careless transmission technology, the fact that the asset privacy data of the user in each financial institution is not revealed can be guaranteed, the guarantee evaluation service is provided for the user under the condition that the privacy protection requirement is met, the user does not need to open asset evidence at each financial institution by himself, a large amount of time and energy can be saved for the user, the whole processing time consumption can be shortened, the processing efficiency is improved, and the customer service experience is improved.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.

FIG. 1 is a method flow chart of a warranty assessment method provided in an embodiment of the present invention;

FIG. 2 is a flowchart of a method for performing a warranty assessment according to an embodiment of the present invention;

FIG. 3 is a flowchart of another method of a warranty assessment method according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a warranty assessment device according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The embodiment of the invention provides a guarantee evaluation method, which can be applied to a collaborative guarantee service system, wherein the system is composed of a system main node of a service provider and computing nodes deployed in various financial institutions, an execution subject of the system main node can be a server of the system main node, and a flow chart of the method is shown in fig. 1, and the method comprises the following steps:

s101: when a guarantee evaluation request sent by a user is received, determining a guarantee amount corresponding to the guarantee evaluation request and a plurality of cooperative mechanisms, and determining a computing node corresponding to each cooperative mechanism;

In the method provided by the embodiment of the invention, the service provider performs the guarantee evaluation service in combination with a plurality of financial institutions, the service provider deploys the system master node, the financial institutions participate in the collaborative service through deploying the computing nodes, and the system master node can communicate with each computing node. The system master node stores therein institution information of all financial institutions participating in the collaborative service, such as identification of the financial institutions, addresses of computing nodes of the financial institutions, and the like. When a user needs to provide a guarantee with his/her assets at a plurality of financial institutions, personal information and a guarantee amount to be proved can be input at the front end of the system, and the financial institution where the asset for guarantee is located is selected, and the information is submitted to the system by clicking a submit control to send a guarantee evaluation request. The system front end may send a vouch for assessment request to the system host node in response to a user operation. When the system master node receives the vouching evaluation request, the request content can be analyzed to obtain the vouching amount input by the user and the selected financial institution. And taking the vouching amount input by the user as the vouching amount corresponding to the vouching evaluation request, and taking the financial institution selected by the user as the cooperative institution corresponding to the vouching evaluation request. Based on the pre-stored organization information, a computing node corresponding to each co-organization may be determined.

S102: generating a public key and a private key according to a preset hierarchical homomorphic encryption strategy;

in the method provided by the embodiment of the invention, the system main node is preset with a hierarchical homomorphic encryption strategy. Homomorphic encryption is a cryptography technique, and based on the technology, operations can be performed on encrypted data, so that various calculation tasks can be completed on the premise of ensuring the safety of user data. The homomorphic encryption scheme is characterized in that the encrypted data ciphertext can be directly processed by using functions or ciphertext state mapping, and the result is the same as the result obtained by directly running the functions on the original data plaintext after decryption, so that the privacy of a user is ensured. The hierarchical homomorphic encryption policy preset in the system main node can be set based on the existing homomorphic encryption technology.

In the method provided by the embodiment of the invention, a pair of public and private keys can be generated based on a key generation strategy in a preset hierarchical homomorphic encryption strategy, so as to obtain the public key and the private key used in the current guarantee evaluation process.

S103: homomorphic encryption processing is carried out on the guarantee amount according to the public key, so that a secret state guarantee amount is obtained;

in the method provided by the embodiment of the invention, the public key is utilized to carry out homomorphic encryption processing on the vouching line expected to be proved by the user based on the data encryption strategy in the preset hierarchical homomorphic encryption strategy, and the vouching line subjected to homomorphic encryption processing is the secret vouching line.

S104: determining the corresponding sequence of each computing node;

in the method provided by the embodiment of the invention, the ordering strategy of the computing nodes can be preset, and the sequence corresponding to the computing nodes of each cooperative mechanism currently is determined according to the ordering strategy of the computing nodes, wherein the sequence corresponding to the computing nodes refers to the sequence of the computing nodes participating in the computation in the current guarantee evaluation process. For example, the priority level of the computing node corresponding to each financial institution may be preset, and the sequence corresponding to the computing node of each cooperative institution is determined according to the sequence of the priority levels of the computing nodes of the current cooperative institution. The computing nodes of each cooperative mechanism can be sequenced in a random sequencing mode, so that the sequence corresponding to the computing nodes of each cooperative mechanism can be determined.

It should be noted that, in a specific implementation process, the ordering mode of the computing nodes can be set based on actual requirements, so that the implementation function of the method provided by the embodiment of the invention is not affected.

S105: according to the sequence corresponding to each computing node, each computing node is triggered in sequence to determine the amount of the secret state asset corresponding to the computing node according to the public key, the difference value between the secret state computing input data input into the computing node and the secret state asset amount is calculated, and the difference value is used as secret state computing output data of the computing node; the secret state calculation output data of each calculation node is secret state calculation input data of the next calculation node, and the secret state guarantee limit is secret state calculation input data of the first calculation node;

In the method provided by the embodiment of the invention, the guarantee evaluation is carried out in a mode that whether the total amount of the assets of the user in each cooperative mechanism exceeds the guarantee amount or not, if the total amount of the assets of the user in each cooperative mechanism is smaller than the guarantee amount, the guarantee requirement is not met, and if the total amount of the assets is equal to or larger than the guarantee amount, the guarantee requirement is met.

In the method provided by the embodiment of the invention, a data calculation strategy is deployed in each calculation node, when the calculation node receives the secret state calculation input data, the data calculation flow of the calculation node is triggered, at the moment, the secret state asset amount corresponding to the calculation node can be determined, the secret state calculation input data is subtracted by the secret state asset amount of the calculation node, and the calculation result is the secret state calculation output data of the calculation node. The secret state asset amount corresponding to the computing node is secret state data obtained by encrypting the asset amount of the user in the cooperative mechanism corresponding to the computing node.

According to the method provided by the embodiment of the invention, the computing nodes of each cooperative mechanism are triggered to perform data computation in sequence according to the sequence corresponding to the computing nodes of each cooperative mechanism. The first computing node may trigger the data computation process by the system master node, while the other computing nodes may trigger the data computation process by the last computing node of the computing node. It will be appreciated that the last computing node has no corresponding next computing node, and its computing output is the final output.

Specifically, the system master node may send the secret state guarantee amount as secret state calculation input data to the first computing node, and simultaneously send the public key, the sequence and address of each computing node, and other data to the first computing node. When the first computing node receives the data sent by the system main node, a data computing process can be executed to obtain the secret state computing output data corresponding to the computing node, then the secret state computing output data is used as the secret state computing input data of the second computing node and is sent to the second computing node, and meanwhile, the public key and the data such as the sequence, the address and the like of each computing node except the first computing node are sent to the second computing node. After receiving the data sent by the first computing node, the second computing node can execute the corresponding data computing process to obtain the secret state computing output data, and then sends the corresponding data information to the third computing node. And by analogy, triggering each computing node to execute the data computing process until the last computing node computes to obtain the secret state computing output data. The whole calculation process can be understood that under the background of the secret state processing, the vouching amount is taken as the total amount, the asset amount of the user in each cooperative mechanism is subtracted in the total amount in sequence, the difference value between the vouching amount and the user asset amount is obtained, and the size relation between the user asset amount and the vouching amount is represented by the positive and negative of the difference value data.

S106: determining a secret state evaluation result corresponding to the target secret state calculation output data based on a preset careless transmission protocol; the target secret state calculation output data is secret state calculation output data of target calculation nodes, and the target calculation nodes are the last calculation nodes in the calculation nodes;

in the method provided by the embodiment of the invention, the system is preset with the careless transmission protocol so as to provide the careless transmission service. The careless transmission protocol is a communication protocol of two parties capable of protecting privacy, is a multiparty secure computing technology, and can enable the two parties to transmit messages in a mode of blurring selection. The careless transmission protocol is a basic protocol of cryptography, which allows a receiver of a service to obtain certain messages input by a sender of the service in an careless manner, the receiver being able to obtain only the data it needs, without knowing the plaintext of other information of the sender.

In the method provided by the embodiment of the invention, after the target computing node (i.e. the last computing node) calculates the corresponding secret state computing output data, the inadvertent transmission service of the main system node can be invoked, and the secret state data of the evaluation result represented by the target secret state computing output data (i.e. the secret state computing output data of the last computing node) is fed back to the main system node in an inadvertent transmission mode. And the main system node obtains a secret state evaluation result corresponding to the target secret state calculation output data.

S107: homomorphic decryption processing is carried out on the secret state evaluation result according to the private key, and a guarantee evaluation result corresponding to the secret state evaluation result is obtained; the guarantee assessment results represent whether the assets of the user in the plurality of cooperative mechanisms meet the guarantee requirements of the guarantee amount or not;

in the method provided by the embodiment of the invention, after receiving the secret state evaluation result fed back by the last computing node, the main system node carries out homomorphic decryption processing on the secret state evaluation result through the private key, and the decryption result is a guarantee evaluation result for representing whether the assets of the user in each cooperative mechanism meet the guarantee requirement.

S108: and feeding back the guarantee evaluation result to the user, and ending the current guarantee evaluation process.

In the method provided by the embodiment of the invention, the guarantee evaluation result can be fed back to the user in a preset feedback form through a preset feedback channel, wherein the preset feedback channel can be a channel such as a system front end, an email and the like. And the feedback form refers to a form of displaying the vouching evaluation result to the user, for example, if the vouching evaluation result characterizes that the user meets the vouching requirement of the vouching amount at the asset of each cooperative mechanism, a corresponding vouching proof is generated based on a preset proof template. And meanwhile, generating notification information of the assets meeting the guarantee requirements, and sending the notification information and the guarantee certification to the user. If the guarantee evaluation result characterizes that the assets of the user in each cooperative mechanism do not meet the guarantee requirement of the guarantee amount, generating notification information that the assets do not meet the guarantee requirement, and sending the notification information to the user.

Based on the method provided by the embodiment of the invention, when a guarantee evaluation request sent by a user is received, corresponding guarantee amount and a plurality of cooperative mechanisms are determined, and a computing node corresponding to each cooperative mechanism is determined; generating a public key and a private key according to a preset hierarchical homomorphic encryption strategy; homomorphic encryption processing is carried out on the guarantee line according to the public key, so that a secret state guarantee line is obtained; determining the corresponding sequence of each computing node; according to the sequence corresponding to each computing node, each computing node is triggered in sequence to determine the amount of the secret state asset corresponding to the computing node according to the public key, the difference value between the secret state computing input data input into the computing node and the amount of the secret state asset is calculated, and the difference value is used as the secret state computing output data of the computing node; the secret state calculation output data of each calculation node is secret state calculation input data of the next calculation node, and the secret state guarantee limit is secret state calculation input data of the first calculation node; based on a preset careless transmission protocol, determining a secret state evaluation result corresponding to the secret state calculation output data of the last calculation node; homomorphic decryption processing is carried out on the secret state evaluation result according to the private key, so that a guarantee evaluation result is obtained; the guarantee evaluation result characterizes whether the assets of the user in the plurality of cooperative institutions meet the guarantee requirement of the guarantee amount; and feeding back the guarantee evaluation result to the user, and ending the current guarantee evaluation process. By applying the method provided by the embodiment of the invention, each financial institution can perform cooperative calculation under the condition of data confidentiality, so that the user can jointly prove the vouch-for amount expected to be proved by the user in the assets of each financial institution. In the collaborative computing process, data computation is performed based on homomorphic encryption technology, computing results are fed back based on careless transmission technology, so that the fact that the asset privacy data of users in all financial institutions are not revealed can be guaranteed, guarantee evaluation service is provided for the users under the condition that privacy protection requirements are met, the users do not need to make asset evidence at each financial institution by themselves, and the users can obtain the guarantee evaluation results by sending the guarantee evaluation requests. A great deal of time and energy can be saved for the user, the whole processing time consumption can be shortened, the processing efficiency can be improved, and the customer service experience can be improved.

Based on the method shown in fig. 1, in the method provided by the embodiment of the present invention, the preset hierarchical homomorphic encryption policy mentioned in step S102 is a hierarchical homomorphic encryption policy based on a trellis code.

In the method provided by the embodiment of the invention, the processing procedures of key generation, data encryption, data decryption and the like are realized by adopting the hierarchical homomorphic encryption strategy based on the lattice password. In particular, hierarchical homomorphic encryption policies may be set using a lattice password based on-loop fault-tolerant learning problem (Ring Learning with Errors, RLWE). The homomorphic encryption scheme based on RLWE in trellis codes is a prior art and will not be described in detail herein.

According to the method provided by the embodiment of the invention, the grid password is adopted to realize the hierarchical homomorphic encryption processing, quantum attack can be resisted under the condition of supporting homomorphic operation and data operation, the safety and usability of the system are improved, and the secret key based on the RLWE problem is smaller, so that the operation speed can be improved.

Based on the method shown in fig. 1, in the method provided by the embodiment of the present invention, the process of determining, by the computing node mentioned in step S105, the amount of the secret asset corresponding to the computing node according to the public key includes:

In the method provided by the embodiment of the invention, each computing node receives the personal information of the user and the public key generated by the main system node when receiving the secret state computing input data input into the computing node. The asset amount of the user can be queried in the information platform of the coordination mechanism corresponding to the computing node based on the personal information of the user.

In the method provided by the embodiment of the invention, the data encryption service based on the hierarchical homomorphic encryption strategy is also deployed in the computing node, the inquired asset amount can be encrypted through the received public key, and the encrypted asset amount is the secret state asset amount corresponding to the computing node.

On the basis of the method shown in fig. 1, the embodiment of the present invention provides a further guarantee evaluation method, as shown in fig. 2, in the method provided in the embodiment of the present invention, a process for determining a secret state evaluation result corresponding to target secret state calculation output data based on a preset careless transmission protocol mentioned in step S106 includes:

s201: receiving a secret state data sequence sent by the target computing node by calling the preset careless transmission protocol; the secret data sequence comprises a plurality of secret data, and is a sequence generated by the target computing node based on the target secret computing output data;

In the method provided by the embodiment of the invention, after the target computing node obtains the corresponding secret computing output data (namely, the target secret computing output data), a secret data sequence can be generated based on the target secret computing output data, wherein the secret data sequence comprises a plurality of secret data, and one secret data is the target secret computing output data. After the target computing node generates the secret data sequence, an inadvertent transmission protocol can be called to send the secret data sequence to the system master node. And the system master node receives the secret state data sequence sent by the target computing node.

S202: performing homomorphic decryption processing on each piece of secret data in the secret data sequence according to the private key to obtain a plaintext data sequence corresponding to the secret data sequence; the plaintext data sequence comprises plaintext data corresponding to each piece of the encrypted data;

in the method provided by the embodiment of the invention, after the system main node receives the secret data sequence, each secret data in the secret data sequence can be decrypted through the private key to obtain the plaintext data corresponding to each secret data, the plaintext data corresponding to each secret data is arranged according to the arrangement sequence of each secret data in the secret data sequence, each arranged plaintext data is formed into a sequence, and the sequence is used as the plaintext data sequence corresponding to the secret data sequence.

S203: according to a preset Boolean variable conversion strategy, carrying out Boolean variable conversion on each plaintext data in the plaintext data sequence to obtain a Boolean variable sequence corresponding to the plaintext data sequence; the Boolean variable sequence comprises Boolean variables corresponding to each plaintext data;

in the method provided by the embodiment of the invention, a Boolean variable conversion strategy is preset in the system main node and is used for converting data into Boolean variables. According to a preset Boolean variable conversion strategy, converting each plaintext data in the plaintext data sequence into a Boolean variable to obtain a Boolean variable corresponding to each plaintext data. According to the arrangement sequence of each plaintext data in the plaintext data sequence, the Boolean variables corresponding to each plaintext data are arranged, each Boolean variable after arrangement is formed into a sequence, and the sequence is used as the Boolean variable sequence corresponding to the plaintext data sequence.

S204: carrying out homomorphic encryption processing on each Boolean variable in the Boolean variable sequence according to the public key to obtain a secret Boolean variable sequence corresponding to the Boolean variable sequence; the secret Boolean variable sequence comprises secret Boolean variables corresponding to each plaintext data;

In the method provided by the embodiment of the invention, each Boolean variable in the Boolean variable sequence is encrypted through the public key, and the encrypted Boolean variable is used as the secret Boolean variable corresponding to the plaintext data corresponding to the Boolean variable.

S205: the secret state Boolean variable sequence is sent to the target computing node, so that the target computing node determines a target secret state Boolean variable corresponding to the target secret state computing output data in the secret state Boolean variable sequence;

in the method provided by the embodiment of the invention, the system main node can send the secret state Boolean variable sequence to the target computing node, when the target computing node receives the secret state Boolean variable sequence, the position of output data can be calculated according to the target secret state in the pre-recorded secret state data sequence, the secret state Boolean variable at the corresponding position is found in the secret state Boolean variable sequence, and the secret state Boolean variable is used as the target secret state Boolean variable. And after the target computing node finds the target secret Boolean variable, the target secret Boolean variable can be returned to the system main node.

S206: and receiving the target secret Boolean variable sent by the target computing node, and taking the target secret Boolean variable as the secret state evaluation result.

In the method provided by the embodiment of the invention, after the system main node receives the target secret state Boolean variable, the target secret state Boolean variable is used as a secret state evaluation result.

On the basis of the method shown in fig. 2, the embodiment of the present invention provides a further method for evaluating a guarantee, as shown in fig. 3, in the method provided by the embodiment of the present invention, a generation process of a secret data sequence mentioned in step S201 includes:

s301: generating a plurality of random numbers through a preset random number generator;

in the method provided by the embodiment of the invention, after the target computing node determines the corresponding secret state computing output data, a preset random number generator can be called to generate a plurality of random numbers, and the number of the random numbers to be generated can be preset.

S302: carrying out homomorphic encryption processing on each random number according to the public key to obtain a secret random number corresponding to each random number;

in the method provided by the embodiment of the invention, each random number is encrypted by a public key and a hierarchical homomorphic encryption strategy, and the encryption result is used as a secret random number corresponding to the random number.

S303: randomly sequencing each secret random number and the target secret calculation output data to obtain an arrangement sequence corresponding to each secret random number and an arrangement sequence corresponding to the target secret calculation output data;

In the method provided by the embodiment of the invention, all the secret random numbers and the target secret calculation output data are used as a secret data set, all the data in the set are randomly arranged, and the arrangement sequence of each data in the set can be obtained, namely, the arrangement sequence corresponding to each secret random number and the arrangement sequence corresponding to the target secret calculation output data are obtained.

S304: and forming a data sequence by the secret random numbers and the target secret calculation output data according to the arrangement sequence corresponding to the secret random numbers and the arrangement sequence corresponding to the target secret calculation output data, and taking the data sequence as the secret data sequence.

In the method provided by the embodiment of the invention, each secret random number and target secret calculation output data are sequentially arranged to generate a data sequence, and the data sequence is the secret data sequence.

On the basis of the method provided by the above embodiment, in the method provided by the embodiment of the present invention, the process of determining, in the secret boolean variable sequence, the target secret boolean variable corresponding to the target secret calculation output data by the target calculation node mentioned in step S205 includes:

In the method provided by the embodiment of the invention, after the target computing node generates the secret state data sequence, the position of the target secret state computing output data in the secret state data sequence can be recorded as the data selection position. And after receiving the secret Boolean variable sequence sent by the system main node, taking the secret Boolean variable corresponding to the data selection position in the secret Boolean variable sequence as a target secret Boolean variable. For example, the order corresponding to the target secret calculation output data is the second, that is, the data selection position is the second, and the second secret boolean variable in the secret boolean variable sequence is taken as the target secret boolean variable.

Based on the method provided by the above embodiment, in the method provided by the embodiment of the present invention, the process of performing boolean variable conversion on each plaintext data in the plaintext data sequence according to a preset boolean variable conversion policy mentioned in step S203 to obtain a boolean variable sequence corresponding to the plaintext data sequence includes:

in the method provided by the embodiment of the invention, two logic states of the Boolean variable are represented by a numerical value of '1' and a numerical value of '0', and the Boolean variable conversion strategy is to convert data smaller than or equal to zero into the Boolean variable of '1' and convert data larger than zero into the Boolean variable of '0'. When the system main node performs Boolean variable conversion processing on the plaintext data sequence, comparing the size of each plaintext data in the plaintext data sequence with the value zero, if the plaintext data is smaller than or equal to zero, the corresponding Boolean variable is "1", and if the plaintext data is larger than zero, the corresponding Boolean variable is "0".

In the method provided by the embodiment of the invention, the arrangement sequence of the plaintext data in the plaintext data sequence is used as the arrangement sequence of the Boolean variable corresponding to each plaintext data. And according to the arrangement sequence of the Boolean variables corresponding to each plaintext data, arranging each Boolean variable to generate a data sequence, wherein the data sequence is the Boolean variable sequence corresponding to the plaintext data sequence.

In order to better explain the method provided by the embodiment of the invention, the embodiment of the invention provides another guarantee assessment method in combination with the actual application scene, and the method provided by the embodiment of the invention can be applied to the scene that the bond market multiple institutions jointly develop the cooperative guarantee calculation service.

According to the method provided by the embodiment of the invention, based on the hierarchical homomorphic encryption technology of privacy calculation, the joint guarantee financial service requiring multi-mechanism cooperation is performed in a secret state, and the joint calculation can be completed by a plurality of financial institutions on the premise that the private data of the customers are not exposed by carelessly transmitting the total amount of the protection data, so that the asset joint guarantee certification of the customers in the institutions is provided. The privacy calculation is a research field integrating cryptography, statistics, artificial intelligence, big data, computer systems and other core technologies, aims to effectively mine the value in the data on the premise of not invading the safety and privacy of the data, supports the trusted sharing and safe circulation of the data, and realizes the 'data availability is invisible'.

In the method provided by the embodiment of the invention, a provider (service provider) of the multiparty collaborative vouch-for computing service constructs an instance of the fault-tolerant learning problem RLWE on the ring based on the hierarchical homomorphic encryption of the lattice password, and a public key generation service, a transmission service, a decryption service and an careless transmission service based on the method are deployed at a main computing node.

The public key generation process and the encryption and decryption process based on the fault-tolerant learning problem RLWE on the ring of the lattice password are based on the following processing principles:

public key generation process:

initializing a ring needing confidentiality and a uniform random ring element;

given the security parameters, public and private keys are generated using randomly extracted elements on the polynomial ring.

Encryption and decryption processes:

when encryption is needed, the message code to be encrypted is mapped into a polynomial in a ring with small coefficients, and then encrypted by using a public key and output.

When decryption is needed, the ciphertext is decrypted by using a private key;

and reversely mapping the decryption output from the polynomial ring to the original message vector space to obtain a decryption result.

The guarantee evaluation process in the embodiment of the invention mainly comprises the following steps:

(1) and the client initiates a multiparty cooperative vouch-for computing service request, generates a complete flow of the service according to the selected mechanism to be queried list, and participates in cooperative service and comprises a master computing node and slave computing nodes of all mechanisms to be queried. The master computing node generates a public and private key pair based on hierarchical homomorphic encryption of a lattice password according to preset security parameters, encrypts the query limit (guarantee limit) by using the public key, and sends the query limit and the public key to the slave computing node of the first mechanism to be queried;

In the method provided by the embodiment of the invention, the client selects the mechanism to be queried, inputs the vouching credit of expected evidence, and initiates the collaborative vouching calculation service request. After receiving the request, the master computing node of the service provider generates a participating mechanism list according to the number of the mechanism to be queried selected by the client, confirms the computing sequence of the mechanism to be queried, and determines the slave computing node of the mechanism to be queried.

The master computing node takes the service request time, the participation mechanism and the client name information as service keywords, generates a hierarchical homomorphic encryption public and private key pair based on a grid password according to preset security parameters, and the security parameters comprise decimal numbers, maximum ciphertext modulus and ciphertext dimension corresponding to the computing precision.

The master computing node encrypts the query limit and the service key by using the generated public key, and sends the query limit and the service key, the public key, all the sequence and the addresses of the slave computing nodes to the slave computing node of the first mechanism to be queried.

(2) After receiving the information of the master computing node from the slave computing node of the first mechanism to be queried, encrypting the asset data which can be used for guarantee of the client in the mechanism by using a public key, subtracting the encrypted asset data from the encrypted query limit, and sending the result to the slave computing node of the next mechanism to be queried. The next slave computing node repeats the operation until the last slave computing node completes the computation to obtain a secret state computation result;

In the method provided by the embodiment of the invention, after the slave computing node of the first mechanism to be queried receives the information of the master computing node, the difference between the query limit and the client asset data in the mechanism is calculated in a secret state scene. Specifically, the computing node encrypts the asset data available for guarantee of the client in the mechanism by using a public key, subtracts the encrypted asset data from the encrypted query limit, and the result is a decryptable ciphertext under the hierarchical homomorphic encryption, wherein the numerical value is the same as that of the plaintext calculation. And sending the public key, the secret state calculation result, the sequence and the address of the rest slave calculation nodes to the slave calculation node of the next mechanism to be queried.

(3) The last slave computing node calls the careless transmission service of the master computing node, a random number generator is used for generating a plurality of random numbers, the random numbers are encrypted by using a public key, the random numbers and the secret state computing results of the last slave computing node are disordered, the position of the secret state computing result is marked as a data selection bit, and the secret state results of the random numbers and the secret state computing results are sequentially sent to the master computing node;

in the method provided by the embodiment of the invention, the last slave computing node sends the secret state computing result to the master computing node to apply for decryption. Specifically, the last slave computing node generates a plurality of random numbers by using a random number generator, and encrypts each random number by using a public key to obtain a plurality of secret random numbers. And (3) the secret random number and the secret calculation result are arranged in a disordered order, and the position of the secret calculation result is marked as a data selection bit. And calling an careless transmission service of the main computing node, and sequentially transmitting a plurality of secret state results (namely, each secret state random number and the secret state computing result) to the main computing node.

(4) After decrypting the received secret state result by the master computing node by using the private key, sequentially converting all plaintext results obtained by decryption into Boolean variables, encrypting by using the public key, and sending back to the last slave computing node. And finally, the slave computing node takes out the secret state result corresponding to the data selection bit, returns the secret state result to the master computing node, decrypts the secret state result by the master computing node, and returns the secret state result to the client to finish the service.

In the method provided by the embodiment of the invention, the master computing node returns the last slave computing node after processing the decryption result, and the slave computing node takes out the result whether meeting the guarantee limit or not and returns the result to the master computing node, so that the client is finally informed. Specifically, the master computing node decrypts all the received secret state results by using the private key, sequentially converts all the plaintext data obtained by decryption into Boolean variables, converts data smaller than or equal to 0 into Boolean variable '1', represents that the assets of the user in a plurality of institutions meet the query limit, and converts data larger than 0 into Boolean variable '0', and represents that the assets of the user in the plurality of institutions do not meet the query limit. The master computing node encrypts all the Boolean variables by using the public key and sends the encrypted variables to the last slave computing node. And finally, the slave computing node takes out the secret state result corresponding to the data selection bit in the received encrypted Boolean variable and sends the secret state result to the master computing node. And the main computing node decrypts the received secret state result and returns the decrypted secret state result to the client to finish the service.

According to the method provided by the embodiment of the invention, the asset data of the clients in different institutions are protected by using the hierarchical homomorphic encryption technology, and the difference between the query limit and the asset data is calculated only in the computing node in a secret state, so that the participating institutions do not need to worry about the exposure of the client asset data, and the multiparty institutions can conveniently develop the joint guarantee service.

The client asset data total amount is protected by using an careless transmission technology, and finally the slave computing node only has a secret state result and has no private key, the master computing node cannot distinguish the client asset information from a plurality of results under the careless transmission technology, and the client does not need to worry about the accurate asset data leakage of the client.

The homomorphic encryption is realized by adopting the lattice password, the characteristics of quantum attack resistance, homomorphic operation support, numerical operation support and the like of the lattice password are realized, the safety and usability of the system can be improved, and the key based on the on-loop fault-tolerant learning problem RLWE is used, so that the key is smaller and the operation speed is faster.

The whole cooperative guarantee computing service flow meets the data privacy protection requirement and the requirement of the joint development business of multiple institutions in the bond market, and lays a foundation for providing novel data service for the financial infrastructure of the bond market with breakthrough in the technical aspect.

Corresponding to a warranty assessment method shown in fig. 1, an embodiment of the present invention further provides a warranty assessment device, which is used for implementing the method shown in fig. 1, and a schematic structural diagram of the warranty assessment device is shown in fig. 4, including:

a first determining unit 401, configured to determine, when a guarantee evaluation request sent by a user is received, a guarantee amount corresponding to the guarantee evaluation request and a plurality of coordination mechanisms, and determine a computing node corresponding to each coordination mechanism;

a key generation unit 402, configured to generate a public key and a private key according to a preset hierarchical homomorphic encryption policy;

an encryption unit 403, configured to perform homomorphic encryption processing on the guarantee amount according to the public key, to obtain a secret state guarantee amount;

a second determining unit 404, configured to determine an order corresponding to each of the computing nodes;

the calculating unit 405 is configured to trigger each of the calculating nodes in turn according to the order corresponding to each of the calculating nodes, determine a secret state asset amount corresponding to the calculating node according to the public key, calculate a difference value between the secret state calculation input data input into the calculating node and the secret state asset amount, and use the difference value as secret state calculation output data of the calculating node; the secret state calculation output data of each calculation node is secret state calculation input data of the next calculation node, and the secret state guarantee limit is secret state calculation input data of the first calculation node;

A third determining unit 406, configured to determine, based on a preset careless transmission protocol, a secret state evaluation result corresponding to the target secret state calculation output data; the target secret state calculation output data is secret state calculation output data of target calculation nodes, and the target calculation nodes are the last calculation nodes in the calculation nodes;

a decryption unit 407, configured to perform homomorphic decryption processing on the secret state evaluation result according to the private key, so as to obtain a guarantee evaluation result corresponding to the secret state evaluation result; the guarantee assessment results represent whether the assets of the user in the plurality of cooperative mechanisms meet the guarantee requirements of the guarantee amount or not;

and a feedback unit 408, configured to feed back the warranty assessment result to the user, and end the current warranty assessment process.

By applying the device provided by the embodiment of the invention, each financial institution can perform cooperative calculation under the condition of data confidentiality, so that the user can jointly prove the vouch-for amount expected to be proved by the user in the assets of each financial institution. In the collaborative computing process, data computation is performed based on homomorphic encryption technology, computing results are fed back based on careless transmission technology, so that the fact that the asset privacy data of users in all financial institutions are not revealed can be guaranteed, guarantee evaluation service is provided for the users under the condition that privacy protection requirements are met, the users do not need to make asset evidence at each financial institution by themselves, and the users can obtain the guarantee evaluation results by sending the guarantee evaluation requests. A great deal of time and energy can be saved for the user, the whole processing time consumption can be shortened, the processing efficiency can be improved, and the customer service experience can be improved.

The apparatus provided in the embodiment of the present invention may further extend the plurality of units on the basis of the apparatus shown in fig. 4, and the functions of each unit may be referred to in the foregoing description of each embodiment provided by the warranty assessment method, which is not further illustrated herein.

The embodiment of the invention also provides a storage medium, which comprises stored instructions, wherein the equipment where the storage medium is located is controlled to execute the guarantee assessment method when the instructions run.

The embodiment of the present invention further provides an electronic device, whose structural schematic diagram is shown in fig. 5, specifically including a memory 501, and one or more instructions 502, where the one or more instructions 502 are stored in the memory 501, and configured to be executed by the one or more processors 503, where the one or more instructions 502 perform the following operations:

determining the corresponding sequence of each computing node;

In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for a system or system embodiment, since it is substantially similar to a method embodiment, the description is relatively simple, with reference to the description of the method embodiment being made in part. The systems and system embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A warranty assessment method, comprising:

determining the corresponding sequence of each computing node;

2. The method of claim 1, wherein the predetermined hierarchical homomorphic encryption policy is a trellis-based hierarchical homomorphic encryption policy.

3. The method of claim 1, wherein the process of determining, by the computing node, the amount of the encrypted asset corresponding to the computing node according to the public key comprises:

4. The method according to claim 1, wherein determining the secret evaluation result corresponding to the target secret calculation output data based on the preset careless transmission protocol includes:

5. The method of claim 4, wherein the generating of the sequence of secret data comprises:

6. The method of claim 5, wherein the determining, by the target computing node, the target secret boolean variable corresponding to the target secret calculation output data in the secret boolean variable sequence comprises:

7. The method of claim 4, wherein performing boolean variable conversion on each plaintext data in the plaintext data sequence according to a preset boolean variable conversion policy to obtain a boolean variable sequence corresponding to the plaintext data sequence, comprises:

8. A warranty assessment device, comprising:

9. A storage medium comprising stored instructions, wherein the instructions, when executed, control a device in which the storage medium is located to perform the vouching assessment method according to any one of claims 1 to 7.

10. An electronic device comprising a memory and one or more instructions, wherein the one or more instructions are stored in the memory and configured to perform the vouching assessment method of any of claims 1-7 by one or more processors.