CN116305278A

CN116305278A - Data encryption query method, device, equipment and storage medium

Info

Publication number: CN116305278A
Application number: CN202310280819.7A
Authority: CN
Inventors: 吴昊; 杨振燕; 王志辉; 周才军; 曾依峰; 罗燕武
Original assignee: Shenzhen Digital Certificate Authority Center Co ltd
Current assignee: Shenzhen Digital Certificate Authority Center Co ltd
Priority date: 2023-03-16
Filing date: 2023-03-16
Publication date: 2023-06-23

Abstract

The invention relates to a data processing technology, which can be used for a data encryption query method of a financial insurance service, comprising the following steps: carrying out homomorphic encryption conversion on each field of a column to be encrypted in a source data table to obtain an initial encryption data table; extracting characters with preset sequences in each field of the column to be encrypted to carry out symmetric encryption, so as to obtain symmetric encryption fields; constructing a symmetric encryption column by using the symmetric encryption field, and adding the symmetric encryption column into the initial encryption data table to obtain a target encryption data table; when receiving the SQL query statement, extracting a conditional column name and a conditional field of the SQL query statement; symmetrically encrypting the preset sequence characters in the condition field, and updating the SQL query statement by using the encryption result to query the target encryption data table to obtain an initial query result; and performing field comparison screening on the initial query result by using the condition field to obtain a target query result. The invention also provides a data encryption query device, equipment and a medium. The invention can encrypt and inquire the security of the data.

Description

Data encryption query method, device, equipment and storage medium

Technical Field

The present invention relates to data processing technologies, and in particular, to a data encryption query method, a device, an electronic apparatus, and a storage medium.

Background

The data encryption storage is an extremely important link in the field of financial insurance for ensuring data security. Particularly, the storage of sensitive private data not only relates to the security problem of a business layer, but also relates to the problem of laws and regulations.

But data encryption storage has also presented challenges to business systems and applications. In particular, the implementation of a query under ciphertext data. For example, the search of the mobile phone number is performed in the user table, and the query can be completed by writing the SQL script "select from tb_user phone=1xx 12341234" before encryption. However, after the ciphertext is reformed, the database stores ciphertext data, and if the ciphertext data is encrypted by a symmetric encryption algorithm such as an SM4-ECB algorithm or an AES-ECB algorithm, the ciphertext after each encryption of the 1xx12341234 is the same, and the same query effect as that before the encryption can be realized. However, under the condition that the data volume has a limited range, especially special data such as a mobile phone number, the encryption algorithm can guess the original text data through reverse encryption and collision, so that the encryption inquiry method of the data is unsafe.

Disclosure of Invention

The invention provides a data encryption query method, a data encryption query device, electronic equipment and a storage medium, and mainly aims to improve the security of data encryption query.

Receiving a source data table and a column name to be encrypted, and performing homomorphic encryption conversion on each field of the column to be encrypted in the source data table based on the column name to be encrypted to obtain an initial encryption data table;

extracting characters with preset character sequence ranges from each field of the column to be encrypted to carry out symmetric encryption, so as to obtain corresponding symmetric encryption fields;

constructing a symmetric encryption column by utilizing the symmetric encryption field and a preset blank data column, and adding the symmetric encryption column into the initial encryption data table to obtain a target encryption data table;

when receiving an SQL query statement, extracting a conditional column name and a conditional field in the SQL query statement;

symmetrically encrypting and converting characters in a preset character sequence range in the condition field to obtain a first encryption condition field;

the condition field of the SQL query statement is updated by using the first encryption condition field, and the target encryption data table is queried by using the updated SQL query statement to obtain an initial query data table;

and carrying out field polling comparison based on homomorphic encryption on the initial query data table by utilizing the condition field and the condition column name to obtain a target query result.

Optionally, the performing homomorphic encryption conversion on each field of the column to be encrypted in the source data table based on the column name to be encrypted to obtain an initial encrypted data table, including:

determining a column with a column name of the column name to be encrypted in the source data table as a column to be encrypted;

homomorphic encryption is carried out on each field of the column to be encrypted, and a corresponding homomorphic encryption field is obtained;

and replacing each field of the column to be encrypted in the source data table with a homomorphic encryption field corresponding to the field to obtain the initial encryption data table.

Optionally, the extracting the characters in the preset endian range in each field of the column to be encrypted to perform symmetric encryption to obtain a corresponding symmetric encrypted field includes:

extracting characters of a preset character sequence range in each field of the column to be encrypted to obtain corresponding extracted character segments;

and symmetrically encrypting each extracted character segment to obtain the symmetrical encryption field.

Optionally, the constructing a symmetric encryption column by using the symmetric encryption field and a preset blank data column includes:

filling all field corresponding extraction character segments in each column to be encrypted into a preset blank data column to obtain a transition data column corresponding to each column to be encrypted;

and replacing each extracted character segment in the transition data column with a corresponding symmetric encryption field to obtain the symmetric encryption column.

Optionally, the updating the condition field of the SQL query statement by using the first encryption condition field, and querying the target encryption data table by using the updated SQL query statement, to obtain an initial query data table, including:

replacing the condition field in the SQL query statement with the first encryption condition field to obtain an encryption query statement;

and executing the encryption query statement to query the target encryption data table to obtain the initial query data table.

Optionally, the performing field polling comparison based on homomorphic encryption on the initial query data table by using the condition field and the condition column name to obtain a target query result includes:

homomorphic encryption is carried out on the condition field to obtain a second encryption condition field;

determining a column with a column name of the conditional column name in the initial query data table as a target column;

performing homomorphic subtraction calculation by using the second encryption field and each homomorphic encryption field in the target column to obtain a corresponding field comparison difference value;

screening all homomorphic encryption fields in the target column by using a preset comparison threshold value and the field comparison difference value to obtain a target homomorphic encryption field;

and determining the row of the initial query data table, in which the target homomorphic encryption field is located, as a target query result.

In order to solve the above problems, the present invention further provides a data encryption inquiry apparatus, including:

the data encryption module is used for receiving a source data table and a column name to be encrypted, and carrying out homomorphic encryption conversion on each field of the column to be encrypted in the source data table based on the column name to be encrypted to obtain an initial encryption data table; extracting characters with preset character sequence ranges from each field of the column to be encrypted to carry out symmetric encryption, so as to obtain corresponding symmetric encryption fields; constructing a symmetric encryption column by utilizing the symmetric encryption field and a preset blank data column, and adding the symmetric encryption column into the initial encryption data table to obtain a target encryption data table;

the query sentence conversion module is used for extracting a conditional column name and a conditional field in the SQL query sentence when receiving the SQL query sentence; symmetrically encrypting and converting characters in a preset character sequence range in the condition field to obtain a first encryption condition field; the condition field of the SQL query statement is updated by using the first encryption condition field, and the target encryption data table is queried by using the updated SQL query statement to obtain an initial query data table;

and the encryption query module is used for carrying out field polling comparison based on homomorphic encryption on the initial query data table by utilizing the condition field and the condition column name to obtain a target query result.

In order to solve the above-mentioned problems, the present invention also provides an electronic apparatus including:

a memory storing at least one computer program; and

And the processor executes the computer program stored in the memory to realize the data encryption query method.

In order to solve the above-mentioned problems, the present invention also provides a computer-readable storage medium having stored therein at least one computer program that is executed by a processor in an electronic device to implement the above-mentioned data encryption inquiry method.

According to the embodiment of the invention, each field of the column to be encrypted in the source data table is subjected to homomorphic encryption conversion based on the name of the column to be encrypted, so as to obtain an initial encryption data table; extracting characters with preset character sequence ranges from each field of the column to be encrypted to carry out symmetric encryption, so as to obtain corresponding symmetric encryption fields; constructing a symmetric encryption column by utilizing the symmetric encryption field and a preset blank data column, and adding the symmetric encryption column into the initial encryption data table to obtain a target encryption data table; when receiving an SQL query statement, extracting a conditional column name and a conditional field in the SQL query statement; symmetrically encrypting and converting characters in a preset character sequence range in the condition field to obtain a first encryption condition field; the condition field of the SQL query statement is updated by using the first encryption condition field, and the target encryption data table is queried by using the updated SQL query statement to obtain an initial query data table; the homomorphic encryption is carried out on the data, and meanwhile, the symmetrical encryption columns of the symmetrical encryption of part of characters are constructed, so that after the first inquiry is carried out by utilizing the symmetrical encryption columns in inquiry, the second inquiry is carried out by utilizing the homomorphic encryption, and compared with the method which simply utilizes the symmetrical encryption, the homomorphic encryption is higher in security and the encryption inquiry is higher in security, therefore, the data encryption inquiry method, the data encryption inquiry device, the electronic equipment and the readable storage medium provided by the embodiment of the invention improve the security of the data encryption inquiry.

Drawings

FIG. 1 is a flow chart of a data encryption query method according to an embodiment of the present invention;

fig. 2 is a schematic block diagram of a data encryption query device according to an embodiment of the present invention;

fig. 3 is a schematic diagram of an internal structure of an electronic device for implementing a data encryption query method according to an embodiment of the present invention;

the achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.

Detailed Description

It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.

The embodiment of the invention provides a data encryption query method. The execution body of the data encryption query method includes, but is not limited to, at least one of a server, a terminal, and the like, which can be configured to execute the method provided by the embodiment of the application. In other words, the data encryption query method may be performed by software or hardware installed in a terminal device or a server device, and the software may be a blockchain platform. The service end includes but is not limited to: the server can be an independent server, or can be a cloud server for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (Content Delivery Network, CDNs), basic cloud computing services such as big data and artificial intelligent platforms, and the like.

Referring to fig. 1, which is a schematic flow chart of a data encryption query method according to an embodiment of the present invention, in an embodiment of the present invention, the data encryption query method includes the following steps:

s1, receiving a source data table and a column name to be encrypted, and carrying out homomorphic encryption conversion on each field of the column to be encrypted in the source data table based on the column name to be encrypted to obtain an initial encryption data table;

in the embodiment of the invention, the source data table is a financial insurance service user information data table, the source data table is a data table in which part of data columns or data fields in all data columns are required to be stored in an encrypted mode, the column names to be encrypted are names of columns required to be encrypted in the source data table, and the fields in the columns to be encrypted in the source data table are fields of a numerical value type.

Further, in order to ensure encryption security in the embodiment of the present invention, each field of the column to be encrypted in the source data table is subjected to homomorphic encryption conversion to obtain an initial encrypted data table.

Specifically, in the embodiment of the present invention, each field of a column to be encrypted in the source data table is subjected to homomorphic encryption conversion based on the column name to be encrypted, so as to obtain an initial encrypted data table, which includes:

Optionally, the homomorphic encryption algorithm in the embodiment of the present invention is an homomorphic encryption algorithm, an addition homomorphic encryption algorithm, or a multiplication homomorphic encryption algorithm, and preferably, the homomorphic encryption algorithm in the embodiment of the present invention is an homomorphic encryption algorithm.

For example: the method comprises the steps of adding A, B, C fields in a column to be encrypted in a source data table, homomorphic encrypting an A field to obtain a corresponding homomorphic encryption field a, homomorphic encrypting a B field to obtain a corresponding homomorphic encryption field B, homomorphic encrypting a C field to obtain a corresponding homomorphic encryption field C, replacing the A field in the column to be encrypted in the source data table with the homomorphic encryption field a, replacing the B field with the homomorphic encryption field B, and replacing the C field with the homomorphic encryption field C to obtain an initial encryption data table.

S2, extracting characters with preset character sequence ranges from each field of the column to be encrypted to carry out symmetric encryption, so as to obtain corresponding symmetric encryption fields;

in the embodiment of the invention, in order to conveniently inquire the encrypted data, the characters with the preset character sequence range in each field of the column to be encrypted are extracted for symmetric encryption to obtain the corresponding symmetric encryption field, and the part of the field to be encrypted is symmetrically encrypted to serve as the inquiring identification, so that the encrypted homomorphic encryption field can be quickly inquired, and the unencrypted field corresponding to the homomorphic encryption field can not be leaked, thereby realizing the subsequent encrypted inquiry of the data.

In detail, the method for extracting characters with a preset character sequence range from each field of the column to be encrypted to perform symmetric encryption to obtain corresponding symmetric encrypted fields according to the embodiment of the invention includes:

Specifically, the symmetric encryption algorithm in the embodiment of the invention is an SM4-ECB algorithm.

S3, constructing a symmetrical encryption column by utilizing the symmetrical encryption field and a preset blank data column, and adding the symmetrical encryption column into the initial encryption data table to obtain a target encryption data table;

in the embodiment of the invention, the preset blank data column is the blank data column with the same dimension as the column to be encrypted.

Further, in the embodiment of the present invention, the construction of the symmetric encryption column by using the symmetric encryption field and the preset blank data column includes:

In the embodiment of the present invention, the column name of each transition data column corresponds to the column name corresponding to the transition data column one by one.

In the embodiment of the invention, in order to facilitate the subsequent query of the homomorphic encryption field by the symmetric encryption field, the symmetric encryption column is added into the initial encryption data table to obtain the target encryption data table.

S4, when receiving the SQL query statement, extracting a conditional column name and a conditional field in the SQL query statement;

in the embodiment of the invention, the SQL query statement is a plaintext query statement taking the field in the column to be encrypted in the source data table as a condition, and because the field in the corresponding column to be encrypted in the target encrypted data table is encrypted, in order to directly query the relevant field in the target encrypted data table by using the SQL query statement, the condition field of the SQL query statement needs to be extracted, wherein the condition field is the field with the same type as the field in the column to be encrypted.

For example: the query statement is "select tb_user phone=1xx 12341234", the column to be encrypted is a phone field, and therefore, the conditional column name of the SQL query statement is extracted as "phone", and the conditional field is "1xx12341234".

S5, carrying out symmetrical encryption conversion on characters in a preset character sequence range in the condition field to obtain a first encryption condition field;

in the embodiment of the invention, symmetric encryption conversion is performed on characters in a preset character sequence range in the condition field to obtain a first encryption condition field, which comprises the following steps:

extracting characters of a preset character sequence range in the condition field to obtain a query character segment;

and symmetrically encrypting the query character segment to obtain the first encryption condition field.

Specifically, the algorithm for symmetrically encrypting the query character segment in the embodiment of the invention is consistent with the encryption algorithm for symmetrically encrypting the extracted character segment.

S6, updating the condition field of the SQL query statement by using the first encryption condition field, and querying the target encryption data table by using the updated SQL query statement to obtain an initial query data table;

in the embodiment of the present invention, the updating of the condition field by using the first encryption condition field and the querying of the target encryption data table by using the updated SQL query statement are performed to obtain an initial query data table, and the method includes:

In the embodiment of the invention, because the field type in the column to be encrypted is used as the condition for the non-updated SQL query statement, in order to make the updated SQL query statement use the field type in the symmetric encryption column as the condition, the condition field in the SQL query statement is replaced by the first encryption condition field to obtain the initial encryption query statement; further, the symmetrical encryption column names corresponding to the column names to be encrypted in the initial encryption query statement are obtained, and the column names to be encrypted in the initial encryption query statement are replaced by the corresponding symmetrical encryption column names, so that the encryption query statement is obtained.

And S7, carrying out field polling comparison based on homomorphic encryption on the initial query data table by utilizing the condition field and the condition column name to obtain a target query result.

Specifically, in the embodiment of the present invention, performing field polling comparison based on homomorphic encryption on the initial query data table by using the condition field and the condition column name to obtain a target query result includes:

In the embodiment of the invention, the initial query data table only queries the query result corresponding to the field of the column to be encrypted, which is identical to the characters of the preset character sequence range of the condition field, so that in order to further search the query result corresponding to the field in the column to be encrypted, which is identical to the condition field, the difference value between the second encryption field and each homomorphic encryption field in the target column is calculated, thereby judging whether the condition field is identical to the unencrypted field corresponding to the homomorphic encryption field, and realizing the encryption query of the data.

Specifically, in the embodiment of the present invention, the comparison threshold is 0, and the homomorphic encryption field corresponding to the field comparison difference value equal to the comparison threshold is determined as the target homomorphic encryption field.

Further, in the embodiment of the present invention, after the target query result is obtained, the target query result may also be sent to a preset terminal device of a data query person, where the preset terminal device includes but is not limited to: intelligent terminals such as mobile phones, computers, tablets and the like.

Fig. 2 is a functional block diagram of the data encryption inquiry apparatus according to the present invention.

The data encryption inquiry apparatus 100 of the present invention may be installed in an electronic device. Depending on the functions implemented, the data encryption query means may comprise a data encryption module 101, a query statement conversion module 102, and an encryption query module 103, which may also be referred to as a unit, refers to a series of computer program segments capable of being executed by a processor of an electronic device and of performing a fixed function, which are stored in a memory of the electronic device.

In the present embodiment, the functions concerning the respective modules/units are as follows:

the data encryption module 101 is configured to receive a source data table and a column name to be encrypted, and perform homomorphic encryption conversion on each field of a column to be encrypted in the source data table based on the column name to be encrypted, so as to obtain an initial encrypted data table; extracting characters with preset character sequence ranges from each field of the column to be encrypted to carry out symmetric encryption, so as to obtain corresponding symmetric encryption fields; constructing a symmetric encryption column by utilizing the symmetric encryption field and a preset blank data column, and adding the symmetric encryption column into the initial encryption data table to obtain a target encryption data table;

the query statement conversion module 102 is configured to extract a conditional column name and a conditional field in an SQL query statement when receiving the SQL query statement; symmetrically encrypting and converting characters in a preset character sequence range in the condition field to obtain a first encryption condition field; the condition field of the SQL query statement is updated by using the first encryption condition field, and the target encryption data table is queried by using the updated SQL query statement to obtain an initial query data table;

the encryption query module 103 is configured to perform field polling comparison based on homomorphic encryption on the initial query data table by using the condition field and the condition column name, so as to obtain a target query result.

In detail, each module in the data encryption query device 100 in the embodiment of the present invention adopts the same technical means as the data encryption query method described in fig. 1, and can produce the same technical effects, which are not described herein.

Fig. 3 is a schematic structural diagram of an electronic device for implementing the data encryption query method according to the present invention.

The electronic device may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as a data encryption inquiry program, stored in the memory 11 and executable on the processor 10.

The memory 11 includes at least one type of readable storage medium, including flash memory, a mobile hard disk, a multimedia card, a card memory (e.g., SD or DX memory, etc.), a magnetic memory, a magnetic disk, an optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device, such as a mobile hard disk of the electronic device. The memory 11 may in other embodiments also be an external storage device of the electronic device, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the electronic device. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device. The memory 11 may be used not only for storing application software installed in an electronic device and various types of data, such as codes of a data encryption inquiry program, but also for temporarily storing data that has been output or is to be output.

The processor 10 may be comprised of integrated circuits in some embodiments, for example, a single packaged integrated circuit, or may be comprised of multiple integrated circuits packaged with the same or different functions, including one or more central processing units (Central Processing Unit, CPU), microprocessors, digital processing chips, graphics processors, combinations of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the entire electronic device using various interfaces and lines, and executes various functions of the electronic device and processes data by running or executing programs or modules (e.g., a data encryption inquiry program, etc.) stored in the memory 11, and calling data stored in the memory 11.

The communication bus 12 may be a peripheral component interconnect standard (PerIPheral Component Interconnect, PCI) bus, or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, among others. The bus may be classified as an address bus, a data bus, a control bus, etc. The communication bus 12 is arranged to enable a connection communication between the memory 11 and at least one processor 10 etc. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.

Fig. 3 shows only an electronic device with components, and it will be understood by those skilled in the art that the structure shown in fig. 3 is not limiting of the electronic device and may include fewer or more components than shown, or may combine certain components, or a different arrangement of components.

For example, although not shown, the electronic device may further include a power source (such as a battery) for supplying power to the respective components, and preferably, the power source may be logically connected to the at least one processor 10 through a power management device, so that functions of charge management, discharge management, power consumption management, and the like are implemented through the power management device. The power supply may also include one or more of any of a direct current or alternating current power supply, recharging device, power failure classification circuit, power converter or inverter, power status indicator, etc. The electronic device may further include various sensors, bluetooth modules, wi-Fi modules, etc., which are not described herein.

Optionally, the communication interface 13 may comprise a wired interface and/or a wireless interface (e.g., WI-FI interface, bluetooth interface, etc.), typically used to establish a communication connection between the electronic device and other electronic devices.

Optionally, the communication interface 13 may further comprise a user interface, which may be a Display, an input unit, such as a Keyboard (Keyboard), or a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch, or the like. The display may also be referred to as a display screen or display unit, as appropriate, for displaying information processed in the electronic device and for displaying a visual user interface.

It should be understood that the embodiments described are for illustrative purposes only and are not limited to this configuration in the scope of the patent application.

The data encryption inquiry program stored in the memory 11 in the electronic device is a combination of a plurality of computer programs, which when run in the processor 10 can realize:

In particular, the specific implementation method of the processor 10 on the computer program may refer to the description of the relevant steps in the corresponding embodiment of fig. 1, which is not repeated herein.

Further, the electronic device integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. The computer readable medium may be non-volatile or volatile. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM).

Embodiments of the present invention may also provide a computer readable storage medium storing a computer program which, when executed by a processor of an electronic device, may implement:

Further, the computer-usable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created from the use of blockchain nodes, and the like.

In the several embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is merely a logical function division, and there may be other manners of division when actually implemented.

The modules described as separate components may or may not be physically separate, and components shown as modules may or may not be physical units, may be located in one place, or may be distributed over multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

The embodiment of the application can acquire and process the related data based on the artificial intelligence technology. Among these, artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use knowledge to obtain optimal results.

In addition, each functional module in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units can be realized in a form of hardware or a form of hardware and a form of software functional modules.

It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof.

The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.

The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like. The Blockchain (Blockchain), which is essentially a decentralised database, is a string of data blocks that are generated by cryptographic means in association, each data block containing a batch of information of network transactions for verifying the validity of the information (anti-counterfeiting) and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, an application services layer, and the like.

Furthermore, it is evident that the word "comprising" does not exclude other elements or steps, and that the singular does not exclude a plurality. A plurality of units or means recited in the system claims can also be implemented by means of software or hardware by means of one unit or means. The terms second, etc. are used to denote a name, but not any particular order.

Finally, it should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made to the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention.

Claims

1. A method for data encryption inquiry, the method comprising:

2. The method of claim 1, wherein the step of homomorphic encryption converting each field of the column to be encrypted in the source data table based on the column name to be encrypted to obtain an initial encrypted data table comprises:

3. The method for data encryption query according to claim 1, wherein said extracting characters of a preset endian range in each field of the column to be encrypted for symmetric encryption to obtain a corresponding symmetric encrypted field comprises:

4. The method for data encryption query as set forth in claim 1, wherein said constructing a symmetric encryption column using said symmetric encryption field and a predetermined blank data column comprises:

5. The method of claim 1, wherein the performing condition field update on the SQL query statement using the first encryption condition field, and performing query on the target encrypted data table using the updated SQL query statement, to obtain an initial query data table, comprises:

6. The data encryption query method according to any one of claims 1 to 5, wherein the performing field polling comparison based on homomorphic encryption on the initial query data table by using the condition field and the condition column name to obtain a target query result includes:

7. A data encryption inquiry apparatus, comprising:

8. The data encryption query device as claimed in claim 7, wherein said performing homomorphic encryption-based field polling comparison on said initial query data table using said condition field and said condition column name to obtain a target query result comprises:

9. An electronic device, the electronic device comprising:

at least one processor; the method comprises the steps of,

a memory communicatively coupled to the at least one processor;

wherein the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data encryption query method of any one of claims 1 to 6.

10. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the data encryption query method of any one of claims 1 to 6.