CN116226216A - Data processing method and device - Google Patents

Data processing method and device Download PDF

Info

Publication number
CN116226216A
CN116226216A CN202310211740.9A CN202310211740A CN116226216A CN 116226216 A CN116226216 A CN 116226216A CN 202310211740 A CN202310211740 A CN 202310211740A CN 116226216 A CN116226216 A CN 116226216A
Authority
CN
China
Prior art keywords
pseudo
random number
data
service
queried
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310211740.9A
Other languages
Chinese (zh)
Inventor
殷奔鑫
屠家华
南文捷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jishu Hangzhou Technology Co ltd
Original Assignee
Jishu Hangzhou Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jishu Hangzhou Technology Co ltd filed Critical Jishu Hangzhou Technology Co ltd
Priority to CN202310211740.9A priority Critical patent/CN116226216A/en
Publication of CN116226216A publication Critical patent/CN116226216A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2457Query processing with adaptation to user needs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Medical Informatics (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application provides a data processing method and a device, wherein the data processing method is applied to a data inquiring party and comprises the following steps: acquiring at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number; receiving a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data; constructing a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and sending the pseudo-random number to be queried to the data provider; and receiving the encrypted service data returned by the data provider based on the pseudo-random number to be queried, and acquiring a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and a second service pseudo-random number. The hidden inquiry of a plurality of pieces of data is completed at one time.

Description

Data processing method and device
Technical Field
The present application relates to the field of computer technologies, and in particular, to a data processing method. The present application is also directed to a data processing apparatus, a computing device, and a computer readable storage medium.
Background
With the development of scientific technology, people's life is gradually intelligent, and gradually, people also begin to pay more and more attention to privacy life. In the current real life, the situation that a user needs to inquire data from a data provider often occurs, and when the user searches information in a database, the existing hidden inquiry technology adopts a certain method to prevent a database server from knowing relevant information of a user inquiry statement, so that the inquiry privacy of the user is protected. Such as medical databases, patent databases, etc., have high demands on searching privacy.
In the current practical application, it is not possible to query a plurality of data at a time, and if a plurality of data are to be queried, the same scheme needs to be used for querying a plurality of data multiple times, which results in a large amount of transmission overhead and calculation overhead. And the user needs to know the location of the data to be queried in the database when querying the data, i.e. the data provider needs to disclose the ID information in the database in advance, which makes the privacy protection of the data provider not high.
Disclosure of Invention
In view of this, embodiments of the present application provide a data processing method. The present application is also directed to a data processing apparatus, a computing device, and a computer readable storage medium, which address the above-mentioned problems of the prior art.
According to a first aspect of an embodiment of the present application, there is provided a data processing method, applied to a data querying party, including:
acquiring at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number;
receiving a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data;
constructing a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and sending the pseudo-random number to be queried to the data provider;
and receiving the encrypted service data returned by the data provider based on the pseudo-random number to be queried, and acquiring a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and a second service pseudo-random number.
According to a second aspect of embodiments of the present application, there is provided a data processing apparatus, for application to a data querying party, including:
the first acquisition module is configured to acquire at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number;
The first receiving module is configured to receive a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data;
the construction module is configured to construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider;
and the query module is configured to receive the encrypted service data returned by the data provider based on the pseudo random number to be queried and acquire a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo random number to be queried and a second service pseudo random number.
According to a third aspect of embodiments of the present application, there is provided a data processing method, applied to a data provider, including:
acquiring a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number;
the first service pseudo-random number corresponding to each service data is sent to a data inquiring party;
receiving a pseudo random number to be queried returned by the data querying party based on the first service pseudo random number, wherein the pseudo random number to be queried is determined based on the first pseudo random number and the first service pseudo random number;
Based on the pseudo-random number to be queried, determining target service data and a second service pseudo-random number corresponding to the target service data in the service data, and encrypting the target service data to obtain encrypted service data;
and sending the encrypted service data to the data inquirer.
According to a fourth aspect of embodiments of the present application, there is provided a data processing apparatus, for application to a data provider, comprising:
the second acquisition module is configured to acquire a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number;
the first sending module is configured to send the first service pseudo-random number corresponding to each service data to the data inquiring party;
the second receiving module is configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first service pseudo-random number;
the encryption module is configured to determine target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, encrypt the target service data and obtain encrypted service data;
And the second sending module is configured to send the encrypted service data to the data inquirer.
According to a fifth aspect of embodiments of the present application, there is provided a data processing system comprising: a data querying party and a data provider;
the data inquiring party is configured to acquire at least one piece of data to be inquired and a pseudo random number corresponding to each piece of data to be inquired, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number;
the data provider is configured to acquire a service pseudo-random number corresponding to each service data, and send a first service pseudo-random number corresponding to each service data to the data inquiring party, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number;
the data inquiring party is further configured to receive the first service pseudo-random number sent by the data provider, construct a pseudo-random number to be inquired based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be inquired to the data provider;
the data provider is further configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, determine target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, encrypt the target service data to obtain encrypted service data, and send the encrypted service data to the data querying party;
The data inquiring party is further configured to receive the encrypted service data returned by the data provider based on the pseudo random number to be inquired, and acquire an inquiring result based on the encrypted service data.
According to a sixth aspect of embodiments of the present application, there is provided a computing device comprising a memory, a processor and computer instructions stored on the memory and executable on the processor, the processor implementing the steps of the data processing method when executing the computer instructions.
According to a seventh aspect of embodiments of the present application, there is provided a computer readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the data processing method.
The data processing method provided by the application is applied to a data query party and comprises the following steps: acquiring at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number; receiving a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data; constructing a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and sending the pseudo-random number to be queried to the data provider; and receiving the encrypted service data returned by the data provider based on the pseudo-random number to be queried, and acquiring a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and a second service pseudo-random number.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data providing party according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data providing party cannot know the service data inquired by the data inquiring party.
Drawings
Fig. 1 is an application scenario schematic diagram of a data processing method according to an embodiment of the present application;
FIG. 2 is a flow chart of a data processing method according to an embodiment of the present application;
FIG. 3 is an interactive schematic diagram of a data processing method according to an embodiment of the present application;
FIG. 4 is a process flow diagram of a data processing method applied to a banking scenario according to an embodiment of the present application;
FIG. 5 is a schematic diagram of a data processing apparatus according to an embodiment of the present application;
FIG. 6 is a flow chart of another data processing method according to an embodiment of the present application;
FIG. 7 is a schematic diagram of another data processing apparatus according to an embodiment of the present application;
FIG. 8 is a block diagram of a data processing system according to one embodiment of the present application;
fig. 9 is a block diagram of a computing device according to an embodiment of the present application.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application. This application is, however, susceptible of embodiment in many other ways than those herein described and similar generalizations can be made by those skilled in the art without departing from the spirit of the application and the application is therefore not limited to the specific embodiments disclosed below.
The terminology used in one or more embodiments of the application is for the purpose of describing particular embodiments only and is not intended to be limiting of one or more embodiments of the application. As used in this application in one or more embodiments and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present application refers to and encompasses any or all possible combinations of one or more of the associated listed items.
It should be understood that, although the terms first, second, etc. may be used in one or more embodiments of the present application to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, a first may also be referred to as a second, and similarly, a second may also be referred to as a first, without departing from the scope of one or more embodiments of the present application. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.
First, terms related to one or more embodiments of the present application will be explained.
The hidden trace query (privateinformation retrieval-PIR): the term "privacy information retrieval" refers to that a query party hides the keyword or client id information of a queried object, and a data service party provides a matched query result but cannot know which query object is specifically corresponding to. Generally, a hidden query refers to a single data query, and a batch of hidden queries refers to a plurality of data queries at a time.
Pseudo random function (pseudo random function-PRF): the random number is generated based on the random seed and the data itself, and if the data and the random seed are identical, the same random number is generated.
An unintentional pseudo-random function (obliviouspseudo random function-OPRF): the cryptographic protocol executed by two parties, one party obtains a pseudo-random function value corresponding to own data through the protocol, and the other party obtains the seed of the pseudo-random function. The receiver only obtains the seed of the pseudo-random function except the pseudo-random function value corresponding to the data of the receiver, and does not know any other information, and the receiver is not known to the data of the receiver.
In the current real life, the situation that a user needs to inquire data from a data provider often occurs, and when the user searches information in a database, the existing hidden inquiry technology adopts a certain method to prevent a database server from knowing relevant information of a user inquiry statement, so that the inquiry privacy of the user is protected. Such as medical databases, patent databases, etc., have high demands on searching privacy.
In the current practical application, it is not possible to query a plurality of data at a time, and if a plurality of data are to be queried, the same scheme needs to be used for querying a plurality of data multiple times, which results in a large amount of transmission overhead and calculation overhead. And the user needs to know the location of the data to be queried in the database when querying the data, i.e. the data provider needs to disclose the ID information in the database in advance, which makes the privacy protection of the data provider not high.
In the present application, a data processing method is provided, and the present application relates to a data processing apparatus, a computing device, and a computer-readable storage medium, which are described in detail in the following embodiments one by one.
Fig. 1 shows an application scenario of a data processing method according to an embodiment of the present application. The data processing method provided by the embodiment of the application is applied to a terminal, and the terminal can be a notebook computer, a desktop computer, a tablet computer, intelligent equipment, a server, a cloud server, a distributed server and the like. In the embodiments provided in the present application, the specific form of the terminal is not limited. As shown in fig. 1, the data querying party splits the pseudo random number corresponding to the data to be queried into a first pseudo random number and a second pseudo random number, and the data provider splits the service pseudo random number corresponding to the service data into the first service pseudo random number and the second service pseudo random number. And the data inquiring party receives the first service pseudo-random number sent by the data provider, constructs a pseudo-random number to be inquired according to the first service pseudo-random number and the first pseudo-random number, and sends the constructed pseudo-random number to be inquired to the data provider.
The data provider receives the pseudo-random number to be queried returned by the data querying party, and obtains target service data corresponding to the pseudo-random number to be queried and second service pseudo-random number corresponding to the target service data based on the pseudo-random number to be queried in the service data. And the data provider encrypts the target service data according to the second service pseudo-random number corresponding to the target service data to obtain encrypted service data, and sends the encrypted service data to the data inquiring party.
After receiving the encrypted service data sent by the data provider, the data inquiring party decrypts the encrypted service data to obtain an inquiring result corresponding to the encrypted service data.
According to the data processing method, the query of a plurality of pieces of data can be completed at one time, the data querying party can query the corresponding data in the data provider according to the data to be queried, other data except the data corresponding to the data to be queried cannot be obtained, and the data provider cannot know the ID position queried by the data querying party.
The hidden inquiry of a plurality of pieces of data at one time is realized, and the data inquirer expands the inquiry range of the data to be inquired to a certain quantity, so that the transmission and the participation of the calculation of the whole business data are not needed, and the communication cost and the calculation cost are reduced.
Fig. 2 shows a flowchart of a data processing method according to an embodiment of the present application, where the data processing method is applied to a data querying party, and specifically includes the following steps:
step 202: at least one data to be queried and a pseudo random number corresponding to each data to be queried are obtained, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number.
The data to be queried specifically refers to data or data query identification used by a data query party for data query, the data is stored in the data query party, the data query party refers to a terminal needing data query, and the terminal can be intelligent equipment with query functions such as a mobile phone, a tablet personal computer, a desktop computer and the like. For example, zhang San needs to inquire whether own identity information is on the A list, and in the process of data inquiry, zhang San can inquire information such as sex, age, height, weight, identity card number and the like of the Zhang San through own name, and can inquire information such as name, sex, age, height, weight and the like of the Zhang San through own identity card number. Then, the terminal used for data query of Zhang III is the data query party, the name of Zhang III can be the data to be queried, and the corresponding identification card number of Zhang III can also be the data to be queried.
The pseudo-random number refers to that each data to be queried generates a random number sequence corresponding to the data to be queried through a pseudo-random function, and the pseudo-random number comprises a first pseudo-random number and a second pseudo-random number, namely, the pseudo-random number comprises two parts in total. For example, the pseudorandom number is a random number comprising a 32-bit integer, the 32-bit integer being divided into two 16-bit integers, then the first pseudorandom number is the first 16-bit integer and the second pseudorandom number is the second 16-bit integer. Correspondingly, each different data to be queried corresponds to a different pseudo-random number.
In one embodiment provided in the present application, obtaining a pseudo random number corresponding to each data to be queried includes:
and acquiring the pseudo random number corresponding to each piece of data to be queried based on a preset pseudo random function.
The preset pseudo-random function is a preset pseudo-random function and is used for generating pseudo-random numbers corresponding to each piece of data to be queried. Specifically, after at least one data to be queried is obtained, each data to be queried is calculated according to a preset pseudo random function, so that a pseudo random number corresponding to each data to be queried is obtained. In the present application, the preset pseudo-random function is preferably calculated by an unintentional pseudo-random function.
For example, one data to be queried is qi, and the data qi to be queried is calculated according to an unintentional pseudo random function to obtain a pseudo random number corresponding to the data qi to be queried as F (qi), wherein the first pseudo random number is F (qi) 0 The second pseudo-random number is F (qi) 1
Step 204: and receiving a first service pseudo-random number sent by the data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to the service data.
The first service pseudo-random number is that the data provider generates a part of a random number sequence corresponding to the service data stored in the data provider through a pseudo-random function. The service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number, i.e. similar to the above-mentioned pseudo-random number, the service pseudo-random number also comprises a total of two parts. The data provider refers to a terminal that provides data to a data inquirer.
The service data refers to data stored in the data provider for the data querying party to perform data querying service. Along with the above example, the user can inquire the information such as sex, age, height, weight, identity card number and the like by his name information. In the information, name information of the third sheet is data to be queried, and information such as name, gender, age, height, weight, identity card number and the like of the third sheet is business data.
Specifically, the data inquirer may receive a first service pseudo-random number sent by the data provider to the data inquirer. The data inquiring party receives the first service pseudo-random number sent by the data providing party, and can acquire service data corresponding to the data to be inquired from the service data corresponding to the data providing party based on the first service pseudo-random number in the follow-up process.
Step 206: and constructing a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and sending the pseudo-random number to be queried to the data provider.
The pseudo random number to be queried refers to a pseudo random number sequence constructed according to the first pseudo random number and the first service pseudo random number.
Specifically, after the first service pseudo-random number sent by the data provider is received, a corresponding pseudo-random number to be queried can be built according to the first pseudo-random number and the first service pseudo-random number, and then the built pseudo-random number to be queried is sent to the data provider.
Further, the specific implementation manner of constructing the pseudo random number to be queried according to the first pseudo random number and the first service pseudo random number is as follows:
in one embodiment provided in the present application, constructing a pseudo random number to be queried based on the first pseudo random number and the first service pseudo random number includes:
Determining a target first pseudo-random number in the first service pseudo-random number based on the first pseudo-random number;
and constructing the pseudo random number to be queried according to the target first pseudo random number and the first service pseudo random number.
The target first pseudo random number specifically refers to intersection data corresponding to the first pseudo random number, which is determined in the first service pseudo random number. For example, 5 pieces of data to be queried need to be queried in the data querying party, and 10 pieces of first service pseudorandom numbers are received and include first pseudorandom numbers corresponding to 3 pieces of data to be queried in the 5 pieces of data to be queried, and then the first pseudorandom numbers corresponding to the 3 pieces of data to be queried are all target first pseudorandom numbers.
Specifically, after receiving a first service pseudo-random number sent by a data provider, determining intersection data with the first pseudo-random number in the first service pseudo-random number according to the first pseudo-random number, determining the intersection data as a target first pseudo-random number, and further constructing a pseudo-random number to be queried corresponding to the target first pseudo-random number according to the target first pseudo-random number and the first service pseudo-random number.
Taking 5 pieces of to-be-queried data obtained by a data query party and identity information corresponding to 5 users of the 5 pieces of to-be-queried data respectively as an example for explanation, 10 pieces of first service pseudo-random numbers sent by a data provider are received, the first pseudo-random numbers corresponding to the to-be-queried data are 5 pieces of the to-be-queried data obtained by the data query party, because the 5 pieces of to-be-queried data are respectively the identity information corresponding to the 5 users, the 5 pieces of to-be-queried data are different to-be-queried data, and based on the principle that the pseudo-random numbers corresponding to the same data are the same, the 5 pieces of first pseudo-random numbers corresponding to the 5 pieces of to-be-queried data can be determined to be different from each other.
Further, based on the 5 first pseudorandom numbers, inquiring in the 10 received first service pseudorandom numbers, determining whether the 5 first pseudorandom numbers can be inquired in the first service pseudorandom numbers, determining the inquired first pseudorandom numbers as target first pseudorandom numbers, and constructing to-be-inquired pseudorandom numbers corresponding to the target first pseudorandom numbers according to the target first pseudorandom numbers and the first service pseudorandom numbers.
By determining intersection data corresponding to the first pseudo-random number in the first service pseudo-random number, whether the data to be queried is stored in the service data or not can be initially determined, and then the pseudo-random number to be queried is constructed according to the first service pseudo-random number and the target first pseudo-random number, so that a data provider cannot know specific data to be queried by a data querying party.
Further, in an embodiment provided in the present application, determining, based on the first pseudo random number, a target first pseudo random number in the first service pseudo random number includes:
comparing the first pseudo-random number with the first service pseudo-random number;
and determining the target first pseudo-random number based on the comparison result.
Specifically, each random number sequence in the first pseudo random number is compared with each random number sequence in the first service pseudo random number one by one, and if the comparison result of the random number sequence in the first pseudo random number and the random number sequence in the first service pseudo random number is identical, the random number sequence in the first service pseudo random number is determined to be the target first pseudo random number.
Further, taking name information of the user Zhang San as data to be queried, the first pseudo random number corresponding to Zhang San is shown as 'XXXXXXXXXXXXXX'. For example, the first pseudo random number and the first service pseudo random number are both split into 16-bit random integers, a random number sequence "YYYYYYYYYYYYYYYY" is obtained in the first service pseudo random number, the first pseudo random number sequence "xxxxxxxxxxxxx" is compared with "YYYYYYYYYYYYYYYY", and if the 16-bit integer of the first service pseudo random number is the same as the 16-bit integer of the first pseudo random number, that is, "YYYYYYYYYYYYYYYY" is the same as "xxxxxxxxxxxxx", the first service pseudo random number sequence is determined to be the target first pseudo random number. The first pseudo random number is the same as the 16-bit integer corresponding to the first service pseudo random number, which means that consecutive 16-bit integers are the same.
In one embodiment provided in the present application, the constructing the pseudo random number to be queried according to the target first pseudo random number and the first service pseudo random number includes:
acquiring a random service pseudo-random number from the first service pseudo-random number;
and constructing the pseudo random number to be queried according to the random service pseudo random number and the target first pseudo random number.
The random service pseudo random number specifically refers to a first service pseudo random number which is randomly acquired from the first service pseudo random number according to a preset number and is except for a target first pseudo random number. For example, the first service pseudorandom number includes 10000 service pseudorandom numbers, wherein 1000 service pseudorandom numbers are target first pseudorandom numbers, and the service pseudorandom number obtained randomly according to the preset number is a random service pseudorandom number in the remaining 9000 service pseudorandom numbers. For example, if the preset number is 500, 500 service pseudo-random numbers obtained randomly from the remaining 9000 service pseudo-random numbers are random service pseudo-random numbers. It should be noted that, the preset number for obtaining the random service pseudo random number is specifically set according to the actual application situation, and the application is not limited in any way.
Specifically, in order to protect the data query privacy of the data query party, that is, in order to make the data provider not know the data queried by the data query party, after determining the target first pseudo random number, other pseudo random numbers are randomly selected to form the pseudo random number to be queried together with the target first pseudo random number.
Therefore, a target first pseudo-random number is determined in the first service pseudo-random number, a random service pseudo-random number is obtained from the first service pseudo-random number according to the target first pseudo-random number, and then the target first pseudo-random number and the random service pseudo-random number are constructed into corresponding pseudo-random numbers to be queried. Therefore, the data providing is convenient, and the specific pieces of service data queried by the data querying party cannot be known, so that the privacy of the data querying party is protected.
Further, in an embodiment provided in the present application, obtaining a random service pseudo random number from the first service pseudo random number includes:
determining a reference first service pseudo-random number according to the first pseudo-random number and the first service pseudo-random number;
and selecting a corresponding random service pseudo-random number from the reference first service pseudo-random number based on the preset number.
The reference first service pseudorandom number is a service pseudorandom number except for the target first pseudorandom number in the first service pseudorandom number, and the above example is used, wherein the first service pseudorandom number comprises 10000 service pseudorandom numbers, 1000 service pseudorandom numbers are the target first pseudorandom numbers, and the remaining 9000 service pseudorandom numbers are the reference first service pseudorandom numbers.
The preset number is specifically the number preset by the data querying party and used for constructing the pseudo random number to be queried.
Specifically, after the target first pseudo-random number is determined in the first service pseudo-random number, the reference first service pseudo-random number can be further determined, and the corresponding service pseudo-random number is selected from the reference first service pseudo-random number according to the preset number to serve as the random service pseudo-random number.
Taking 200 to be an example of the number of the pseudo random numbers to be queried, which is preset by a data querying party, for explanation. Assuming that 100 pieces of data to be queried exist in the data querying party, the number of the first service pseudo random numbers sent by the data receiving party is 1000, the first pseudo random numbers corresponding to the 100 pieces of data to be queried are respectively compared with the 1000 pieces of first service pseudo random numbers, if 50 pieces of target first pseudo random numbers are acquired based on the comparison result, the number of the reference first service pseudo random numbers can be determined to be 950, and the number of the random service pseudo random numbers to be acquired is 150. Therefore, 150 service pseudo random numbers need to be randomly selected as random service pseudo random numbers from 950 reference first service pseudo random numbers.
Based on the above, the 50-item first pseudorandom number and 150 random service pseudorandom numbers can jointly form the pseudorandom number to be queried, and the number of the pseudorandom numbers to be queried is 200.
More specifically, for example, the first service pseudorandom number includes 123456, where the numbers 1, 2, 3, 4, 5, and 6 respectively represent a sequence identifier corresponding to each first service pseudorandom number sequence in the first service pseudorandom number, and each first service pseudorandom number sequence corresponds to a 16-bit random integer. The target first pseudorandom number includes a first pseudorandom number 2 and a first pseudorandom number 3, and then the reference first service pseudorandom number includes a first service pseudorandom number 1, a first service pseudorandom number 4, a first service pseudorandom number 5 and a first service pseudorandom number 6, if the preset number is 2, the random service pseudorandom number may be the first service pseudorandom number 1 and the first service pseudorandom number 4, may be the first service pseudorandom number 1 and the first service pseudorandom number 5, may be the first service pseudorandom number 1 and the first service pseudorandom number 6, and the like.
Step 208: and receiving the encrypted service data returned by the data provider based on the pseudo-random number to be queried, and acquiring a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and a second service pseudo-random number.
The encrypted service data is data obtained by encrypting the target service data based on a second service pseudo-random number corresponding to the pseudo-random number to be queried returned by the data querying party. The target service data is service data corresponding to the pseudo random number to be queried, which is determined in the service data by the data provider based on the pseudo random number to be queried.
In one embodiment provided in the present application, obtaining a query result based on the encrypted service data includes:
acquiring target encrypted data to be queried from the encrypted service data, wherein the target encrypted data to be queried is determined based on the service data corresponding to the target first pseudo-random number and the second service pseudo-random number;
and decrypting the target encrypted data to be queried based on the second pseudo random number to obtain a query result.
The target encrypted data to be queried can be understood as encrypted data obtained by encrypting the service data corresponding to the target first pseudo-random number based on the second service pseudo-random number by the data provider.
Specifically, after receiving service encrypted data returned by the data provider, the data querying party acquires target encrypted data to be queried from the service encrypted data, determines a second pseudo-random number corresponding to the target encrypted data to be queried, decrypts the target encrypted data to be queried according to the second pseudo-random number corresponding to the target encrypted data to be queried, and further obtains a query result. It should be noted that, the second pseudo random number corresponding to the target encrypted data to be queried and the second service pseudo random number corresponding to the target encrypted data to be queried are the same pseudo random number. Therefore, after the data querying party obtains the target encrypted data to be queried, the data querying party can decrypt the target encrypted data to be queried according to the second pseudo-random number corresponding to the target encrypted data to be queried.
Further, in an embodiment provided in the present application, obtaining the target encrypted data to be queried from the encrypted service data includes:
determining random encryption data in the encryption service data;
and deleting the random encryption data from the encryption service data to obtain the target encryption data to be queried.
Specifically, the data querying party determines random encrypted data in the received encrypted service data, and deletes the random encrypted data from the encrypted service data to obtain target encrypted data to be queried.
For example, 10 pieces of encrypted service data sent by a data provider are received, 5 th to 7 th pieces of encrypted service data are determined to be random encrypted data, and the determined random encrypted data are deleted from the 10 pieces of encrypted service data, so that 1 st to 4 th and 8 th to 10 th pieces of target encrypted data to be queried are obtained.
After obtaining the target encrypted data to be queried, obtaining a query result according to the target encrypted data to be queried. Still further, in the above example, the target encrypted data to be queried is the encrypted service data 1-4 and the encrypted service data 8-10, the second pseudo-random numbers corresponding to the encrypted service data 1-4 and the encrypted service data 8-10 are determined in the second pseudo-random numbers corresponding to each data to be queried, and the encrypted service data 1-4 and the encrypted service data 8-10 are decrypted based on the corresponding second pseudo-random numbers, so as to obtain the data query results corresponding to the encrypted service data 1-4 and the encrypted service data 8-10.
Optionally, in another embodiment provided in the present application, obtaining the query result based on the encrypted service data includes:
determining target data to be queried in the data to be queried and a target second pseudo-random number corresponding to the target data to be queried;
and decrypting the encrypted service data based on the target second pseudo-random number to obtain a query result corresponding to the target data to be queried.
The target data to be queried is service data which is selected from the data to be queried and needs to determine a query result, and the target second pseudo-random number is a second pseudo-random number corresponding to the target data to be queried.
For example, the data to be queried includes data to be queried 1, data to be queried 2, data to be queried 3 and data to be queried 4, query results corresponding to the data to be queried 1 and the data to be queried 3 need to be queried, the data to be queried 1 and the data to be queried 3 are target data to be queried, and correspondingly, second pseudo random numbers corresponding to the data to be queried 1 and the data to be queried 3 are target second pseudo random numbers.
Specifically, determining target data to be queried in the data to be queried, acquiring a target second pseudo-random number corresponding to the target data to be queried, further decrypting the encrypted service data according to the target second pseudo-random number, and acquiring a query result corresponding to the target data to be queried according to a decryption result.
Specifically, in one embodiment provided in the present application, decrypting the encrypted service data based on the target second pseudo random number to obtain a query result corresponding to the target data to be queried includes:
determining target data to be decrypted in the encrypted service data;
decrypting the target data to be decrypted based on the target second pseudo-random number;
under the condition that decryption is successful, determining a query result of the target data to be queried;
and in case of decryption failure, re-executing the step of determining target data to be decrypted in the encrypted service data.
The target data to be decrypted is encrypted data which is selected from the encrypted service data and needs to be determined to be decrypted, for example, the encrypted service data comprises data to be decrypted 1, data to be decrypted 2, data to be decrypted 3 and data to be decrypted 4, decryption is needed for the data to be decrypted 1, and the data to be decrypted 1 is the target data to be decrypted.
Specifically, target data to be decrypted which needs to be decrypted is determined in the encrypted service data, and decryption is performed on the target data to be decrypted according to the determined target second pseudo-random number. Since the target second pseudorandom number is a second pseudorandom number corresponding to the target data to be queried, but is not necessarily a second pseudorandom number corresponding to the target data to be decrypted, it cannot be determined whether the target data to be decrypted can be successfully decrypted based on the target second pseudorandom number.
Thus, the decryption result may be successful decryption or failure decryption. Under the condition of successful decryption, the target second pseudo-random number can be determined to be the second pseudo-random number corresponding to the target data to be decrypted, namely, the target data to be decrypted is stored in the data provider; under the condition of decryption failure, determining that the target second pseudo-random number is not the second pseudo-random number corresponding to the target data to be decrypted, namely, indicating that the target data to be decrypted is not stored in the data provider, determining the target data to be decrypted again, and executing the steps for the next target data to be decrypted until the decryption of the encrypted data in the encrypted service data is completed.
The data processing method provided by the application is applied to a data query party and comprises the following steps: acquiring at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number; receiving a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data; constructing a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and sending the pseudo-random number to be queried to the data provider; and receiving the encrypted service data returned by the data provider based on the pseudo-random number to be queried, and acquiring a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and a second service pseudo-random number.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data provider according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data provider cannot know the service data inquired by the data inquiring party.
Referring to fig. 3, fig. 3 is an interaction diagram of a data processing method according to an embodiment of the present application, including steps 302 to 322.
Step 302: the data inquiring party obtains at least one data to be inquired and a pseudo random number corresponding to each data to be inquired, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number.
Step 304: the data provider acquires a service pseudo-random number corresponding to each service data, wherein the pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number.
Step 306: the data inquiring party splits the pseudo random number corresponding to each piece of data to be inquired into a first pseudo random number and a second pseudo random number.
Step 308: the data provider splits the service pseudo-random number corresponding to each service data into a first service pseudo-random number and a second service pseudo-random number.
Step 310: the data provider sends the first service pseudo-random number corresponding to each service data to the data inquirer.
Step 312: the data inquirer determines a target first pseudo-random number in the first service pseudo-random number based on the first pseudo-random number.
Step 314: and the data inquiring party constructs the pseudo-random number to be inquired according to the target first pseudo-random number and the first service pseudo-random number.
Step 316: and the data inquiring party sends the pseudo-random number to be inquired to the data provider.
Step 318: and the data provider determines target service data in the service data based on the pseudo-random number to be queried, and a second service pseudo-random number corresponding to the target service data, encrypts the target service data based on the second service pseudo-random number, and obtains encrypted service data.
Step 320: and the data provider sends the encrypted service data to the data inquirer.
Step 322: and the data inquiring party decrypts the encrypted service data based on the second pseudo-random number to obtain an inquiring result.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data providing party according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data providing party cannot know the service data inquired by the data inquiring party.
The application of the data processing method provided in the present application in a banking scenario is taken as an example, and the data processing method is further described below with reference to fig. 4. Fig. 4 shows a process flow chart of a data processing method applied to a banking scene according to an embodiment of the present application, which specifically includes the following steps:
step 402: at least one identity card number to be queried and a pseudo random number corresponding to each identity card number to be queried are obtained, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number.
Step 404: splitting the pseudo random number corresponding to each identification card number to be queried into a first pseudo random number and a second pseudo random number.
Step 406: and receiving a first service pseudo-random number sent by the data provider, wherein the first service pseudo-random number is determined based on a first pseudo-random number corresponding to banking service data.
Step 408: a target first pseudorandom number is determined from the first service pseudorandom numbers based on the first pseudorandom number.
Step 410: and acquiring a random service pseudo-random number from the first service pseudo-random number, and constructing a pseudo-random number to be queried according to the random service pseudo-random number and the first pseudo-random number.
Step 412: and sending the pseudo-random number to be queried to the data provider.
Step 414: and receiving the encrypted service data returned by the data provider based on the pseudo random number to be queried.
Step 416: and decrypting the encrypted service data based on the second pseudo-random number to obtain the information such as the name, the gender, the age, the height, the weight and the like corresponding to each identification card number to be queried.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data providing party according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data providing party cannot know the service data inquired by the data inquiring party.
Corresponding to the method embodiment, the present application further provides an embodiment of a data processing device, and fig. 5 shows a schematic structural diagram of a data processing device according to an embodiment of the present application. As shown in fig. 5, the apparatus is applied to a data inquirer, and includes:
a first obtaining module 502, configured to obtain at least one data to be queried and a pseudo random number corresponding to each data to be queried, where the pseudo random number includes a first pseudo random number and a second pseudo random number;
a first receiving module 504, configured to receive a first service pseudo random number sent by a data provider, where the first service pseudo random number is a first pseudo random number corresponding to service data;
a construction module 506 configured to construct a pseudorandom number to be queried based on the first pseudorandom number and the first service pseudorandom number, and send the pseudorandom number to be queried to the data provider;
and the query module 508 is configured to receive the encrypted service data returned by the data provider based on the pseudo random number to be queried, and acquire a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo random number to be queried and a second service pseudo random number.
Optionally, the first obtaining module 502 is further configured to:
and acquiring the pseudo random number corresponding to each piece of data to be queried based on a preset pseudo random function.
Optionally, the building module 506 is further configured to:
determining a target first pseudo-random number in the first service pseudo-random number based on the first pseudo-random number;
and constructing the pseudo random number to be queried according to the target first pseudo random number and the first service pseudo random number.
Optionally, the building module 506 is further configured to:
comparing the first pseudo-random number with the first service pseudo-random number;
and determining the target first pseudo-random number based on the comparison result.
Optionally, the constructed module 506 is further configured to:
acquiring a random service pseudo-random number from the first service pseudo-random number;
and constructing the pseudo random number to be queried according to the random service pseudo random number and the target first pseudo random number.
Optionally, the building module 506 is further configured to:
determining a reference first service pseudo-random number according to the first pseudo-random number and the first service pseudo-random number;
and selecting a corresponding random service pseudo-random number from the reference first service pseudo-random number based on the preset number.
Optionally, the query module 508 is further configured to:
acquiring target encrypted data to be queried from the encrypted service data, wherein the target encrypted data to be queried is determined based on the service data corresponding to the target first pseudo-random number and the second service pseudo-random number;
and decrypting the target encrypted data to be queried based on the second pseudo random number to obtain a query result.
Optionally, the query module 508 is further configured to:
determining random encryption data in the encryption service data;
and deleting the random encryption data from the encryption service data to obtain the target encryption data to be queried.
Optionally, the query module 508 is further configured to:
determining target data to be queried in the data to be queried and a target second pseudo-random number corresponding to the target data to be queried;
and decrypting the encrypted service data based on the target second pseudo-random number to obtain a query result corresponding to the target data to be queried.
Optionally, the query module 508 is further configured to:
determining target data to be decrypted in the encrypted service data;
Decrypting the target data to be decrypted based on the target second pseudo-random number;
under the condition that decryption is successful, determining a query result of the target data to be queried;
and in case of decryption failure, re-executing the step of determining target data to be decrypted in the encrypted service data.
The data processing device provided by the application is applied to a data query party and comprises: the first acquisition module is configured to acquire at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number; the first receiving module is configured to receive a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data; the construction module is configured to construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider; and the query module is configured to receive the encrypted service data returned by the data provider based on the pseudo random number to be queried and acquire a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo random number to be queried and a second service pseudo random number.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data providing party according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data providing party cannot know the service data inquired by the data inquiring party.
The above is a schematic solution of a data processing apparatus of the present embodiment. It should be noted that, the technical solution of the data processing apparatus and the technical solution of the data processing method belong to the same conception, and details of the technical solution of the data processing apparatus, which are not described in detail, can be referred to the description of the technical solution of the data processing method.
Referring to fig. 6, fig. 6 shows a flowchart of another data processing method according to an embodiment of the present application, where the data processing method is applied to a data provider, and specifically includes the following steps:
step 602: and acquiring a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number.
Step 604: and sending the first service pseudo-random number corresponding to each service data to the data inquiring party.
Step 606: and receiving a pseudo random number to be queried returned by the data querying party based on the first service pseudo random number, wherein the pseudo random number to be queried is determined based on the first pseudo random number and the first service pseudo random number.
Step 608: and determining target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, and encrypting the target service data to obtain encrypted service data.
Step 610: and sending the encrypted service data to the data inquirer.
The other data processing method provided by the application is applied to a data provider and comprises the following steps: acquiring a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number; the first service pseudo-random number corresponding to each service data is sent to a data inquiring party; receiving a pseudo random number to be queried returned by the data querying party based on the first service pseudo random number, wherein the pseudo random number to be queried is determined based on the first pseudo random number and the first service pseudo random number; based on the pseudo-random number to be queried, determining target service data and a second service pseudo-random number corresponding to the target service data in the service data, and encrypting the target service data to obtain encrypted service data; and sending the encrypted service data to the data inquirer.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data providing party according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data providing party cannot know the service data inquired by the data inquiring party.
Corresponding to the method embodiment described above, the present application further provides an embodiment of a data processing apparatus, and fig. 7 shows a schematic structural diagram of another data processing apparatus according to an embodiment of the present application. As shown in fig. 7, the apparatus is applied to a data provider, and includes:
a second obtaining module 702, configured to obtain a service pseudo-random number corresponding to each service data, where the service pseudo-random number includes a first service pseudo-random number and a second service pseudo-random number;
a first transmitting module 704 configured to transmit a first service pseudo-random number corresponding to each service data to a data querying party;
A second receiving module 706, configured to receive a pseudo random number to be queried returned by the data querying party based on the first service pseudo random number, where the pseudo random number to be queried is determined based on a first pseudo random number and the first service pseudo random number;
an encryption module 708, configured to determine, based on the pseudo random number to be queried, target service data and a second service pseudo random number corresponding to the target service data in the service data, and encrypt the target service data to obtain encrypted service data;
and a second transmitting module 710 configured to transmit the encrypted service data to the data inquirer.
Another data processing apparatus provided in the present application is applied to a data provider, and includes: the second acquisition module is configured to acquire a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number; the first sending module is configured to send the first service pseudo-random number corresponding to each service data to the data inquiring party; the second receiving module is configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first service pseudo-random number; the encryption module is configured to determine target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, encrypt the target service data and obtain encrypted service data; and the second sending module is configured to send the encrypted service data to the data inquirer.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the whole business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data providing party according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data providing party cannot know the service data inquired by the data inquiring party.
The above is another exemplary embodiment of the data processing apparatus of the present embodiment. It should be noted that, the technical solution of the data processing apparatus and the technical solution of the data processing method belong to the same conception, and details of the technical solution of the data processing apparatus, which are not described in detail, can be referred to the description of the technical solution of the data processing method.
FIG. 8 illustrates a block diagram of a data processing system according to an embodiment of the present application, including: a data inquirer 802 and a data provider 804;
the data querying party 802 is configured to obtain at least one data to be queried and a pseudo random number corresponding to each data to be queried, where the pseudo random number includes a first pseudo random number and a second pseudo random number;
The data provider 804 is configured to obtain a service pseudo-random number corresponding to each service data, and send a first service pseudo-random number corresponding to each service data to the data querying party 802, where the service pseudo-random number includes a first service pseudo-random number and a second service pseudo-random number;
the data querying party 802 is further configured to receive the first service pseudo random number sent by the data provider 804, construct a pseudo random number to be queried based on the first pseudo random number and the first service pseudo random number, and send the pseudo random number to be queried to the data provider 804;
the data provider 804 is further configured to receive a pseudo-random number to be queried returned by the data querying party 802 based on the first service pseudo-random number, determine target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, encrypt the target service data to obtain encrypted service data, and send the encrypted service data to the data querying party 802;
the data querying party 802 is further configured to receive the encrypted service data returned by the data provider 804 based on the pseudo random number to be queried, and obtain a query result based on the encrypted service data.
According to the embodiment of the application, the hidden query of a plurality of pieces of data is completed at one time, and the query range of the data to be queried is expanded to a certain amount by the data querying party, so that the transmission and the participation of the total business data are not needed, and the communication cost and the calculation cost are reduced. The data inquiring party can inquire the corresponding data in the data provider according to the pseudo random number corresponding to the data to be inquired, the data inquiring party cannot obtain any information except the corresponding data, and the data provider cannot know the service data inquired by the data inquiring party.
Fig. 9 illustrates a block diagram of a computing device 900 provided in accordance with an embodiment of the present application. The components of computing device 900 include, but are not limited to, memory 910 and processor 920. Processor 920 is coupled to memory 910 via bus 930 with database 950 configured to hold data.
Computing device 900 also includes an access device 940, access device 940 enabling computing device 900 to communicate via one or more networks 960. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. Access device 940 may include one or more of any type of network interface, wired or wireless (e.g., a Network Interface Card (NIC)), such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.
In one embodiment of the present application, the above-described components of computing device 900 and other components not shown in FIG. 9 may also be connected to each other, for example, by a bus. It should be understood that the block diagram of the computing device illustrated in FIG. 9 is for exemplary purposes only and is not intended to limit the scope of the present application. Those skilled in the art may add or replace other components as desired.
Computing device 900 may be any type of stationary or mobile computing device including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smart phone), wearable computing device (e.g., smart watch, smart glasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 900 may also be a mobile or stationary server.
Wherein the processor 920 performs the steps of the data processing method when executing the computer instructions.
The foregoing is a schematic illustration of a computing device of this embodiment. It should be noted that, the technical solution of the computing device and the technical solution of the data processing method belong to the same concept, and details of the technical solution of the computing device, which are not described in detail, can be referred to the description of the technical solution of the data processing method.
An embodiment of the present application also provides a computer-readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the data processing method as described above.
The above is an exemplary version of a computer-readable storage medium of the present embodiment. It should be noted that, the technical solution of the storage medium and the technical solution of the data processing method belong to the same concept, and details of the technical solution of the storage medium which are not described in detail can be referred to the description of the technical solution of the data processing method.
The foregoing describes specific embodiments of the present application. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The computer instructions include computer program code that may be in source code form, object code form, executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a Read-only memory (ROM), a random access memory (RAM, randomAccessMemory), an electrical carrier signal, a telecommunication signal, a software distribution medium, and so forth. It should be noted that the computer readable medium contains content that can be appropriately scaled according to the requirements of jurisdictions in which such content is subject to legislation and patent practice, such as in certain jurisdictions in which such content is subject to legislation and patent practice, the computer readable medium does not include electrical carrier signals and telecommunication signals.
It should be noted that, for the sake of simplicity of description, the foregoing method embodiments are all expressed as a series of combinations of actions, but it should be understood by those skilled in the art that the present application is not limited by the order of actions described, as some steps may be performed in other order or simultaneously in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily all necessary for the present application.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
The above-disclosed preferred embodiments of the present application are provided only as an aid to the elucidation of the present application. Alternative embodiments are not intended to be exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the teaching of this application. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. This application is to be limited only by the claims and the full scope and equivalents thereof.

Claims (16)

1. A data processing method, applied to a data querying party, comprising:
acquiring at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number;
receiving a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data;
constructing a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and sending the pseudo-random number to be queried to the data provider;
and receiving the encrypted service data returned by the data provider based on the pseudo-random number to be queried, and acquiring a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and a second service pseudo-random number.
2. The method of claim 1, wherein obtaining a pseudo-random number corresponding to each data to be queried comprises:
and acquiring the pseudo random number corresponding to each piece of data to be queried based on a preset pseudo random function.
3. The method of claim 1, wherein constructing a pseudorandom number to be queried based on the first pseudorandom number and the first traffic pseudorandom number comprises:
Determining a target first pseudo-random number in the first service pseudo-random number based on the first pseudo-random number;
and constructing the pseudo random number to be queried according to the target first pseudo random number and the first service pseudo random number.
4. The method of claim 3, wherein determining a target first pseudorandom number in the first traffic pseudorandom number based on the first pseudorandom number comprises:
comparing the first pseudo-random number with the first service pseudo-random number;
and determining the target first pseudo-random number based on the comparison result.
5. The method of claim 3, wherein constructing the pseudorandom number to be queried from the target first pseudorandom number and the first service pseudorandom number comprises:
acquiring a random service pseudo-random number from the first service pseudo-random number;
and constructing the pseudo random number to be queried according to the random service pseudo random number and the target first pseudo random number.
6. The method of claim 5, wherein obtaining random service pseudorandom numbers in the first service pseudorandom numbers comprises:
determining a reference first service pseudo-random number according to the first pseudo-random number and the first service pseudo-random number;
And selecting a corresponding random service pseudo-random number from the reference first service pseudo-random number based on the preset number.
7. The method of claim 1, wherein obtaining the query result based on the encrypted traffic data comprises:
acquiring target encrypted data to be queried from the encrypted service data, wherein the target encrypted data to be queried is determined based on the service data corresponding to the target first pseudo-random number and the second service pseudo-random number;
and decrypting the target encrypted data to be queried based on the second pseudo random number to obtain a query result.
8. The method of claim 7, wherein obtaining the target encrypted data to be queried from the encrypted traffic data comprises:
determining random encryption data in the encryption service data;
and deleting the random encryption data from the encryption service data to obtain the target encryption data to be queried.
9. The method of claim 1, wherein obtaining the query result based on the encrypted traffic data comprises:
determining target data to be queried in the data to be queried and a target second pseudo-random number corresponding to the target data to be queried;
And decrypting the encrypted service data based on the target second pseudo-random number to obtain a query result corresponding to the target data to be queried.
10. The method of claim 9, wherein decrypting the encrypted service data based on the target second pseudo-random number to obtain a query result corresponding to the target data to be queried comprises:
determining target data to be decrypted in the encrypted service data;
decrypting the target data to be decrypted based on the target second pseudo-random number;
under the condition that decryption is successful, determining a query result of the target data to be queried;
and in case of decryption failure, re-executing the step of determining target data to be decrypted in the encrypted service data.
11. A data processing method, applied to a data provider, comprising:
acquiring a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number;
the first service pseudo-random number corresponding to each service data is sent to a data inquiring party;
receiving a pseudo random number to be queried returned by the data querying party based on the first service pseudo random number, wherein the pseudo random number to be queried is determined based on the first pseudo random number and the first service pseudo random number;
Based on the pseudo-random number to be queried, determining target service data and a second service pseudo-random number corresponding to the target service data in the service data, and encrypting the target service data to obtain encrypted service data;
and sending the encrypted service data to the data inquirer.
12. A data processing system, comprising: a data querying party and a data provider;
the data inquiring party is configured to acquire at least one piece of data to be inquired and a pseudo random number corresponding to each piece of data to be inquired, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number;
the data provider is configured to acquire a service pseudo-random number corresponding to each service data, and send a first service pseudo-random number corresponding to each service data to the data inquiring party, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number;
the data inquiring party is further configured to receive the first service pseudo-random number sent by the data provider, construct a pseudo-random number to be inquired based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be inquired to the data provider;
The data provider is further configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, determine target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, encrypt the target service data to obtain encrypted service data, and send the encrypted service data to the data querying party;
the data inquiring party is further configured to receive the encrypted service data returned by the data provider based on the pseudo random number to be inquired, and acquire an inquiring result based on the encrypted service data.
13. A data processing apparatus for use with a data querying party, comprising:
the first acquisition module is configured to acquire at least one datum to be queried and a pseudo random number corresponding to each datum to be queried, wherein the pseudo random number comprises a first pseudo random number and a second pseudo random number;
the first receiving module is configured to receive a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to service data;
The construction module is configured to construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider;
and the query module is configured to receive the encrypted service data returned by the data provider based on the pseudo random number to be queried and acquire a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo random number to be queried and a second service pseudo random number.
14. A data processing apparatus for use with a data provider, comprising:
the second acquisition module is configured to acquire a service pseudo-random number corresponding to each service data, wherein the service pseudo-random number comprises a first service pseudo-random number and a second service pseudo-random number;
the first sending module is configured to send the first service pseudo-random number corresponding to each service data to the data inquiring party;
the second receiving module is configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first service pseudo-random number;
The encryption module is configured to determine target service data and a second service pseudo-random number corresponding to the target service data in the service data based on the pseudo-random number to be queried, encrypt the target service data and obtain encrypted service data;
and the second sending module is configured to send the encrypted service data to the data inquirer.
15. A computing device comprising a memory, a processor, and computer instructions stored on the memory and executable on the processor, wherein the processor, when executing the computer instructions, performs the steps of the method of any one of claims 1-10 or 11.
16. A computer readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the method of any one of claims 1-10 or 11.
CN202310211740.9A 2023-02-28 2023-02-28 Data processing method and device Pending CN116226216A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310211740.9A CN116226216A (en) 2023-02-28 2023-02-28 Data processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310211740.9A CN116226216A (en) 2023-02-28 2023-02-28 Data processing method and device

Publications (1)

Publication Number Publication Date
CN116226216A true CN116226216A (en) 2023-06-06

Family

ID=86574768

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310211740.9A Pending CN116226216A (en) 2023-02-28 2023-02-28 Data processing method and device

Country Status (1)

Country Link
CN (1) CN116226216A (en)

Similar Documents

Publication Publication Date Title
CN109325870B (en) Method and system for sharing private data
CN116502276B (en) Method and device for inquiring trace
CN116502254B (en) Method and device for inquiring trace capable of searching statistics
CN111340247A (en) Longitudinal federated learning system optimization method, device and readable storage medium
CN115269938B (en) Homomorphic encryption-based keyword track hiding query method, system and related device
US11968300B2 (en) Data extraction system, data extraction method, registration apparatus, and program
CN110062941B (en) Message transmission system, message transmission method, communication terminal, server device, and recording medium
JP2009075688A (en) Program and method for managing information related with location of mobile device and cryptographic key for file
CN116112168A (en) Data processing method and system in multiparty privacy exchange
CN117077209B (en) Large-scale data hiding trace query method
CN112860790B (en) Data management method, system and device
CN116821461B (en) Resource query method and device
CN116226216A (en) Data processing method and device
Abbas et al. A step towards user privacy while using location-based services
CN106302451A (en) The method and device of resource acquisition
JP2016042632A (en) Information concealment device, information concealment method, and information concealment program
CN117421486B (en) Recommendation model updating system and method based on spherical tree algorithm and federal learning
CN114722417B (en) Method and system for protecting privacy of quotation file
RU2723667C1 (en) Method of transmitting personal information
CN114793156B (en) Data processing method, device, equipment and storage medium
CN116821944B (en) Data processing method and system based on data element
CN117574435B (en) Multi-keyword trace query method, device and system based on homomorphic encryption
KR101481906B1 (en) System and method for preserving location data privacy in outsource database
CN113449321B (en) Ciphertext retrieval method, device and system
CN117454434B (en) Database attribute statistics method and system based on secret sharing and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination