CN116305300B - Fair privacy set intersection method - Google Patents

Fair privacy set intersection method Download PDF

Info

Publication number
CN116305300B
CN116305300B CN202310596821.5A CN202310596821A CN116305300B CN 116305300 B CN116305300 B CN 116305300B CN 202310596821 A CN202310596821 A CN 202310596821A CN 116305300 B CN116305300 B CN 116305300B
Authority
CN
China
Prior art keywords
data set
data
provider
task initiator
encrypting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310596821.5A
Other languages
Chinese (zh)
Other versions
CN116305300A (en
Inventor
宋一民
蔡超超
单进勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Shudu Technology Co ltd
Original Assignee
Beijing Shudu Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Shudu Technology Co ltd filed Critical Beijing Shudu Technology Co ltd
Priority to CN202310596821.5A priority Critical patent/CN116305300B/en
Publication of CN116305300A publication Critical patent/CN116305300A/en
Application granted granted Critical
Publication of CN116305300B publication Critical patent/CN116305300B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a fair privacy set intersection method, which relates to the technical field of information security, wherein the method comprises the following steps: encrypting the pre-acquired first data set to be processed by adopting a first encryption mode to obtain a first data set, wherein the first data set to be processed comprises a plurality of data to be shared; transmitting the first data set to a data provider; receiving a second data set and a third data set sent by a data provider; encrypting the second data set by adopting a first encryption mode to obtain an intermediate data set; adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set; transmitting a fourth data set to the data provider; based on the intermediate data set and the third data set, a data intersection result between the task initiator and the data provider is obtained. By adopting the steps, the information in the information interaction can be prevented from being revealed, and the information security is improved.

Description

Fair privacy set intersection method
Technical Field
The application relates to the technical field of information security, in particular to a fair privacy set intersection method.
Background
Privacy set intersection (Private Set Intersection, PSI) refers to: the data set holder (which can be divided into a task initiator and a data provider) obtains the intersection data of the set through calculation, and does not reveal any data information beyond the intersection. PSI has wide application in blacklist matching, advertising marketing and other scenarios.
In a typical PSI scheme, the intersection result is often obtained by the task initiation Fang Xian and resynchronized (intersection result or number of intersections) to the data provider, which can compromise the benefits of the data provider, especially when charges are required based on the number of matches. In addition, if the intersection result is given directly to the data provider, it may be detrimental to the benefit of the task initiator, because the task initiator is typically the party paying, the task initiator may not want the data provider to know the intersection result, where the intersection result refers to the same set of data between the data set of the task initiator and the data set of the data provider. That is, the current PSI scheme does not guarantee that the task initiator can obtain the size of the intersection while not revealing the intersection result.
Disclosure of Invention
The fair privacy set intersection solving method can ensure that the data provider can obtain the size of an intersection while the task initiator does not reveal the intersection result.
In a first aspect, an embodiment of the present application provides a fair privacy set intersection method, applied to a task initiator, where the method includes:
encrypting a pre-acquired first data set to be processed by adopting a first encryption mode to obtain a first data set, wherein the first data set to be processed comprises a plurality of data to be shared;
Transmitting the first data set to a data provider;
receiving a second data set and a third data set sent by the data provider, wherein the second data set is obtained by encrypting a second data set to be processed by the data provider in a second encryption mode, and the third data set is obtained by encrypting the first data set by the data provider in a second encryption mode;
encrypting the second data set by adopting the first encryption mode to obtain an intermediate data set;
adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set;
transmitting the fourth data set to the data provider;
and obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set.
In a second aspect, an embodiment of the present application provides a fair privacy set intersection method, applied to a data provider, where the method includes:
encrypting the pre-acquired second data set to be processed by adopting a second encryption mode to obtain a second data set, wherein the second data set to be processed comprises a plurality of data to be shared;
transmitting the second data set to a task initiator;
Receiving a first data set and a fourth data set sent by the task initiator, wherein the first data set is obtained by encrypting a second data set to be processed by the task initiator in a first encryption mode, and the fourth data set is obtained by adjusting the arrangement sequence of data in the intermediate data set by the task initiator;
encrypting the first data set by adopting the second encryption mode to obtain a third data set;
transmitting the third data set to the task initiator;
based on the third data set and the fourth data set, a number of presence data intersections between the data provider and the task initiator is obtained.
In a third aspect, an embodiment of the present application provides a fair privacy set intersection device, where the device includes:
the first encryption module is used for encrypting the pre-acquired first data set to be processed by adopting a first encryption mode to obtain a first data set, wherein the first data set to be processed comprises a plurality of data to be shared;
a first sending module, configured to send the first data set to a data provider;
the first receiving module is used for receiving a second data set and a third data set sent by the data provider, the second data set is obtained by encrypting a second data set to be processed through a second encryption mode by the data provider, and the third data set is obtained by encrypting the first data set through a second encryption mode by the data provider;
The second encryption module is used for encrypting the second data set by adopting the first encryption mode to obtain an intermediate data set;
the adjusting module is used for adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set;
a second sending module, configured to send the fourth data set to the data provider;
and the first calculation module is used for obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set.
In a fourth aspect, an embodiment of the present application provides a fair privacy set intersection device, where the device includes:
the third encryption module is used for encrypting the pre-acquired second data set to be processed by adopting a second encryption mode to obtain a second data set, and the second data set to be processed comprises a plurality of data to be shared;
a third sending module, configured to send the second data set to a task initiator;
the second receiving module is used for receiving a first data set and a fourth data set which are sent by the task initiator, wherein the first data set is obtained by encrypting a second data set to be processed by the task initiator in a first encryption mode, and the fourth data set is obtained by adjusting the arrangement sequence of data in the intermediate data set by the task initiator;
The fourth encryption module is used for encrypting the first data set by adopting the second encryption mode to obtain a third data set;
a fourth sending module, configured to send the third data set to the task initiator;
a third calculation module for obtaining a number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set.
In a fifth aspect, embodiments of the present application provide an electronic device, including: a processor and a memory storing computer program instructions;
the processor when executing the computer program instructions implements a fair privacy set intersection method as in any one of the embodiments of the first aspect.
In a sixth aspect, embodiments of the present application provide a computer storage medium having stored thereon computer program instructions that, when executed by a processor, implement a fair privacy set intersection method as in any one of the embodiments of the first aspect.
In a seventh aspect, embodiments of the present application provide a computer program product, where instructions in the computer program product, when executed by a processor of an electronic device, cause the electronic device to perform a fair privacy set intersection method implemented as in any one of the embodiments of the first aspect.
The fair privacy set intersection method in the embodiment of the application, wherein the method comprises the following steps: encrypting a pre-acquired first data set to be processed by adopting a first encryption mode to obtain a first data set, wherein the first data set to be processed comprises a plurality of data to be shared; transmitting the first data set to a data provider; receiving a second data set and a third data set sent by the data provider, wherein the second data set is obtained by encrypting a second data set to be processed by the data provider in a second encryption mode, and the third data set is obtained by encrypting the first data set by the data provider in a second encryption mode; encrypting the second data set by adopting the first encryption mode to obtain an intermediate data set; adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set; transmitting the fourth data set to the data provider; and obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set. The task initiator and the data provider encrypt the respective data sets for the first time and encrypt the data sets of the other party for the second time respectively, so that the task initiator and the data provider can not obtain other data information of the other party except the intersection, the task initiator is not required to synchronize the data intersection result to the data provider, the data provider can be ensured to obtain the accurate data intersection size, and the fairness of the intersection scheme of the privacy sets of the two parties is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
Fig. 1 is a flow chart of a fair privacy set intersection method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a fair privacy set intersection device provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order that the above objects, features and advantages of the present disclosure may be more clearly understood, a further description of aspects of the present disclosure will be provided below. It should be noted that, without conflict, the embodiments of the present disclosure and features in the embodiments may be combined with each other.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure, but the present disclosure may be practiced otherwise than as described herein; it will be apparent that the embodiments in the specification are only some, but not all, embodiments of the disclosure.
It should be noted that in this document, relational terms such as "first" and "second" and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
In order to solve the problems in the prior art, the embodiment of the application provides a fair privacy set intersection method, a fair privacy set intersection device, a fair privacy set intersection medium and a fair privacy set intersection product. The following first describes a fair privacy set intersection method provided by the embodiment of the present application.
The method and the device can be applied to the fields of blacklist matching of loan scenes or advertising marketing and the like, which have data exchange requirements, for example, when the blacklists of the loan scenes are matched, a lending organization and a black-and-white list provider exist, wherein the blacklist provider has lending blacklist client data. When the lending institution needs to know a particular blacklist client in a batch of clients, the batch of clients may be sent to the blacklist provider, which in turn sends its own blacklist client data to the lending institution. In this data exchange process, on the one hand, the lending institution may determine a specific intersection of the batch of clients and the blacklist clients according to the blacklist client data provided by the blacklist provider, that is, determine a specific blacklist client in the batch of clients, and make the blacklist provider unaware of which specific blacklist users are. On the other hand, the blacklist provider can only enable the lending mechanism to know that the client list with the intersection exists between the client list and the blacklist provider, does not disclose all the blacklist client data of the client provider, can also know the number of specific blacklist clients, and further charges the inquiring fee to the lending mechanism according to the number of the blacklist clients. In the process, the confidentiality of data of both parties is realized, and the benefit of a blacklist provider is ensured.
For another example, in advertising, there is one automobile vendor and one operator, the automobile vendor having a data package with a large number of potentially customers' related data therein, the operator having a large number of customer data including related automobile information, e.g., automobile APP registration information, automobile browsing information, etc. If the automobile seller needs to know the specific people of potential clients in the data packet, the automobile seller needs to send the data packet to the operator and receive the client data sent by the operator. In this process, the automobile seller can determine data overlapping with the data of the customer data, that is, the customer having a purchase intention, based on the customer data transmitted from the operator. And the operator can be made unaware of who the customer who has a willingness to purchase is. And the operator can determine how much customer data the automobile seller specifically uses on the premise of not revealing all the customer data, so as to charge the automobile seller.
Fig. 1 is a schematic flow chart of a fair privacy set intersection method according to an embodiment of the present application. As shown in fig. 1, the method specifically may include the following steps:
Step 101, a task initiator encrypts a first pre-acquired data set to be processed by adopting a first encryption mode to obtain a first data set, wherein the first data set to be processed comprises a plurality of data to be shared;
step 102, a task initiating sends the first data set to a data provider;
correspondingly, the data provider receives a first data set sent by the task initiator;
in this embodiment, the first data set to be processed is a data set that the task initiator needs to perform data query, and may be obtained by mapping the first initial data set that needs to perform data query onto a cluster, where the cluster may be an elliptic curve. The first initial data set may include identity information of a plurality of clients, for example, identity information of client 1, identity information of client 2, and identity information of client 3. The first set of data to be processed may comprise identity data of a plurality of clients, for example, identity data of client 1, identity data of client 2 and identity data of client 3.
It should be noted that, since the identity information is represented in the form of a character string and cannot be applied to the calculation, the first initial data set that cannot be applied to the calculation can be converted into the first data set to be processed that can be applied to the calculation through the mapping process described above.
The expression of the first set of data to be processed is as follows,
wherein X is i Representing a first set of data to be processed, x i A first initial data set is represented and,representing the first initial dataset at +.>Mapping on->Representing an elliptic curve and n representing the number of first data to be processed.
The first encryption mode refers to generating a random number a, and encrypting the first data set to be processed through the random number a to obtain a first data set. The expression for the first data set is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,a first set of data is represented and, a is a random number, & lt, & gt>Representing a first set of data to be processed, n representing the number of data to be processed.
Step 103, the data provider encrypts the pre-acquired second data set to be processed by adopting a second encryption mode to obtain a second data set, wherein the second data set to be processed comprises a plurality of data to be shared;
step 104, the data providing sends the second data set to the task initiator;
correspondingly, the task initiator receives second data sent by the data provider;
in this embodiment, the second data set is provided to the task initiator by the data provider to enable the task initiator to perform the data query. May be obtained by mapping a second initial data set that is needed to provide the query onto a cluster, where the cluster may be an elliptic curve. The second initial data set may include identity information of a plurality of clients, for example, identity information of client 2, identity information of client 3, and identity information of client 4. The second data to be processed may comprise identity data of a plurality of clients, such as identity data of client 2, identity data of client 3, identity data of client 4, etc.
It should be noted that, since the identity information is represented in the form of a character string and cannot be applied to the calculation, the second initial data set that cannot be applied to the calculation can be converted into the second to-be-processed data set that can be applied to the calculation through the mapping process described above.
The expression for the second set of data to be processed is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing a second set of data to be processed, +.>Representing a second initial data set,/->Representing the mapping of the second initial dataset on an ellipse,/->Representing an elliptic curve and n representing the amount of the second data to be processed.
The second encryption mode comprises a first confusion encryption mode and a second confusion encryption mode, wherein the first confusion encryption mode refers to selecting a random number b, and encrypting the second data set to be processed through the random number b to obtain a confusion data set. The expression of the obfuscated dataset is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing a mixed dataset, b being a random number, < >>Representing a second set of data to be processed, m representing the amount of data to be processed.
The second time of confusion encryption refers to the generation of a random numberAnd a pair of public and private keys, and employing a third public key of the public and private key pair and a random number +.>The components of each data in the aliased data set are encrypted to obtain a second data set. The expression for the second data set is as follows,
Wherein, the liquid crystal display device comprises a liquid crystal display device,representing a second data set,/->Representing random number +.>Representing the confusion data set, G representing the curve parameter of the elliptic curve, being a constant, P representing the third public key of the public-private key pair, and m representing the amount of the second data to be processed.
It should be noted that, the expression of the public and private keys is as follows,
where sk represents the private key, G represents the curve parameter of the elliptic curve, and P represents the third public key.
Step 105, the task initiator encrypts the second data set by adopting the first encryption mode to obtain an intermediate data set;
step 106, adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set;
intermediate obtained by encrypting second data set by adopting first encryption modeEach data in the data set is arranged according to the original sequence in the second data set to be processed of the data provider, so that the data provider knows the original sequence in the second data set to be processed, and in order to prevent the data provider from deducing the specific data finally obtained through the original sequence, the arrangement sequence of the data in the intermediate data set is required to be disordered, and a fourth data set obtained after the scrambling is adopted Make a representation of->The expression of (c) is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,a represents a fourth data set, a is a random number in the first encryption mode, G represents a curve parameter of an elliptic curve, and is a constant,/v>Representing a mixed data set, P representing a third public key,/->Is a random number in the second mixed encryption mode. It should be noted that, for ease of understanding, the fourth data set obtained after the order of the data in the intermediate data set is disturbed employs +.>To indicate, correspondingly, use +.>Representing confusing data sets, employingRepresenting random numbers in the second mixed encryption mode, i.e. +.>And->All represent confusing data sets, ">Andeach representing a random number in the second mixed encryption scheme.
Step 107, a task initiation transmits the fourth data set to the data provider;
accordingly, the data provider receives a fourth data set sent by the task initiator;
the expression of the intermediate data set is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing the intermediate data set, a being the random number in the first encryption mode, G representing the curve parameters of the elliptic curve, being a constant, (-)>Representing a mixed data set, P representing a third public key,/->Is a random number.
Step 108, the data provider encrypts the first data set by adopting the second encryption mode to obtain a third data set;
Step 109, data providing sends the third data set to the task initiator;
correspondingly, the task initiator receives the third data set sent by the data provider;
the expression for the third data set is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing a third data set, b representing a random number in the first mixed encryption mode, +.>Representing a first data set, a representing a random number in a first encryption scheme, and n representing the number of first data to be processed.
Step 110, a data provider obtains the number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set;
the number of existing data intersections between the data provider and the task initiator refers to the number of data for which there is a coincidence between the first initial data set and the second initial data set. For example, the first initial data set comprises the identity information of client 1, the identity information of client 2 and the identity information of client 3, and the second initial data set comprises the identity information of client 2, the identity information of client 3 and the identity information of client 4, then there is a number of data intersections of 2, i.e. the identity information of client 2 and the identity information of client 3.
The fourth data set is obtained by encrypting the second data set by the task initiator and then changing the arrangement sequence of the data, and the second data set is encrypted by the data provider in a second confusion encryption mode. Therefore, in calculating the number of data intersections, it is also necessary to decrypt the fourth data set first. Specifically, because the data provider generates a pair of public and private key pairs when adopting the second confusion encryption, the fourth data set can be decrypted by adopting the private key to obtain the fifth data set, the expression of the decryption process is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing a fifth data set, a representing a random number in the first encryption mode,/for>Represents a mixed data set, P represents a third public key, sk represents a private key, G represents a curve parameter of an elliptic curve, which is a constant,/for example>Representing the random number in the second mixed encryption scheme.
After obtaining the decrypted fifth data set, since the fifth data set is derived from the fourth data set, which is already the data set after the data arrangement order has been disturbed by the task originator, the data provider does not know the specific data in the fifth data set when calculating the number of data intersections between the fifth data set and the third data set, which is calculated by the following expression,
Wherein, the liquid crystal display device comprises a liquid crystal display device,representing the number of data intersections present, +.>Representing a fifth dataset,/->Representing a third data set.
Step 111, the task initiator obtains a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set.
In one embodiment, the step 111 includes:
the task initiator acquires an intersection of the intermediate data set and the third data set, and an intermediate intersection result is constructed;
and the task initiator acquires initial data corresponding to each data in the intermediate intersection result and constructs a data intersection result.
The data intersection result between the task initiator and the data provider refers to the existence of coincident initial data in the first initial data set and the second initial data set.
Because the task initiator is the first initial dataIn the first encryption mode, and in the first mixed encryption mode in the second encryption mode, the order of the data in the data set does not change, so that the task originator knows the third data set +.>First initial data +.>And then directly calculating the intersection of the intermediate data set and the third data set, and deducing a data intersection result according to the intersection of the intermediate data set and the third data set. The expression of the intersection of the intermediate data set and the third data set is as follows,
Wherein, the liquid crystal display device comprises a liquid crystal display device,representing intermediate data set->Representing a third data set.
The following is exemplified by blacklist matching as an example.
The task originator is a lending institution having a list of customers to be loaned, such as the identity information of customer 1, the identity information of customer 2, and the identity information of customer 3. The data provider is a blacklist provider having a large amount of blacklist client data, such as identity information of client 2, identity information of client 3, identity information of client 4, and identity information of client 5, etc.
The first step, the lending mechanism encrypts the client list to be loaned in a first encryption mode to obtain a first data set, and sends the first data set to a blacklist provider.
And secondly, encrypting the blacklist client data by the blacklist provider in a second encryption mode to obtain a second data set, and transmitting the second data set to a lending mechanism. Correspondingly, the first data set sent by the lending mechanism is received, the first data set is encrypted in a second encryption mode, a third data set is obtained, and the third data set is sent to the lending mechanism.
Thirdly, the lending mechanism receives the second data set and the third data sent by the blacklist provider, and encrypts the second data set in a first encryption mode to obtain an intermediate data set; the data sequence of the intermediate data sets is then disturbed to obtain a fourth data set, for example, the intermediate data sets are in the order of the client 2, the client 3, the client 4 and the client 5, and the fourth data set obtained after the disturbance is the client 3, the client 2, the client 5 and the client 4. The fourth data set is sent to the blacklist provider. Finally, the data intersection result between the intermediate data set and the third data set is calculated, in this example, the data intersection result between the lending institution and the blacklist provider is the client 2 and the client 3, whereby the lending institution can know that the client 3 and the client 4 are blacklist clients, and further can consider whether to lend the client 2 and the client 3.
Fourth, the blacklist provider receives the fourth data set transmitted from the lending institution, and since the arrangement order of the data in the fourth data set is disturbed, the blacklist provider can only count the number of existing data intersections between the fourth data set and the third data set. In this example, the number of data intersections between the lending institution and the blacklist provider is 2, and further, the blacklist provider may charge the lending institution based on the number of data queried by the lending institution.
In this embodiment, a first encryption manner is adopted to encrypt a first data set to be processed, which is obtained in advance, to obtain a first data set, wherein the first data set to be processed includes a plurality of data to be shared; transmitting the first data set to a data provider; receiving a second data set and a third data set sent by the data provider, wherein the second data set is obtained by encrypting a second data set to be processed by the data provider in a second encryption mode, and the third data set is obtained by encrypting the first data set by the data provider in a second encryption mode; encrypting the second data set by adopting the first encryption mode to obtain an intermediate data set; adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set; transmitting the fourth data set to the data provider; and obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set. The task initiator and the data provider encrypt the respective data sets for the first time and encrypt the data sets of the other party for the second time respectively, so that the task initiator and the data provider can not obtain other data information of the other party except the intersection, the task initiator is not required to synchronize the data intersection result to the data provider, the data provider can be ensured to obtain the accurate data intersection size, and the fairness of the intersection scheme of the privacy sets of the two parties is ensured.
In an embodiment of the present application, after the step of adjusting the arrangement order of the data in the intermediate data set to obtain a fourth data set, before the step of sending the fourth data set to the data provider, the method further includes:
the task initiator obtains first zero knowledge proof information based on the fourth data set and the first public key, wherein the first zero knowledge proof information is used for verifying whether the first data set is encrypted in the first encryption mode or not by the data provider;
the step of transmitting a fourth data set to the data provider comprises:
the task initiation sends the first zero knowledge proof information and the fourth data set to the data provider.
In this embodiment, after encrypting the first data set to be processed by using the first encryption method, the task initiator generates a first public key according to the random number a in the first encryption method, and specifically, the first public key is obtained based on the random number a in the first encryption method and G in the elliptic curve. The first public key and the first data set are both carried in the first information and sent to the data provider. The expression of the first public key is as follows,
Wherein, the liquid crystal display device comprises a liquid crystal display device,the first public key, a represents a random number in the first encryption mode, and G represents a curve parameter of an elliptic curve, which is a constant.
The first zero knowledge proof information is generated by means of the first public key and the fourth data set, the possible expressions being as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing first zero knowledge proof information, a representing random number in first encryption mode, G representing curve parameter of elliptic curve, being a constant, < ->And->Representing random numbers in the second mixed encryption mode, < >>Andall represent confusing data sets, ">Representing a first public key.
The first zero knowledge proof information is generated by the following procedure,
(1) task initiator computing
(2) Task initiator selects random numbersAnd calculate
(3) Task initiator computingObtain->
Wherein, the liquid crystal display device comprises a liquid crystal display device,that is, another expression form of the first zero knowledge proof information, the explanation of the remaining parameters is referred to the explanation in the above embodiment, and the description of this embodiment is omitted here.
Correspondingly, when the data provider verifies the first zero knowledge proof information, the verification process is as follows:
(4) data provider calculation
(5) Calculation of
(6) Verification
If equal, the verification passes. If not, the verification is not passed.
In an embodiment of the present application, the step of sending a fourth data set to the data provider includes:
The task initiation sends the first zero knowledge proof information and the fourth data set to the data provider.
After the first zero knowledge proof information is determined, the first zero knowledge proof information and the fourth data set are both sent to the data provider, so that the data provider determines that the task initiator always encrypts the first data set by adopting a random number a when encrypting the first data set according to the first zero knowledge proof information, and the obtained calculation results of the two parties are accurate.
In an embodiment of the present application, after the step of encrypting the first data set by using the second encryption manner to obtain a third data set, before the step of sending the third data set to the task initiator, the method further includes:
the data provider obtains second zero-knowledge proof information based on the third data set and the second public key, wherein the second zero-knowledge proof information is used for verifying whether the first data set is encrypted in the second encryption mode by the task initiator;
the step of sending the third data set to the task initiator includes:
a data provider sends the second zero knowledge proof information and the third data set to the task initiator.
In this embodiment, after encrypting the second data set to be processed by using the first confusion encryption mode, the data provider also generates a second public key according to the random number b in the first confusion encryption mode, and specifically, the second public key is obtained based on the random number b in the first confusion encryption mode and G in the elliptic curve. The second public key and the second data set are both carried in the third information and sent to the task initiator. The expression of the second public key is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,and b represents a random number in the first confusion encryption mode, G represents a curve parameter of an elliptic curve, and the curve parameter is a constant.
The second zero-knowledge proof information is derived based on the third data set and the second public key, the second zero-knowledge proof information being expressed as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing second zero knowledge proof information, +.>Representing a third data set,/->And b represents a random number in the first confusion encryption mode, G represents a curve parameter of an elliptic curve, and the curve parameter is a constant.
Specifically, the second zero-knowledge proof information is generated by the following procedure,
(7) data provider selection of random numbersCalculation of
(8) Calculation ofObtain->
Wherein, the liquid crystal display device comprises a liquid crystal display device,for another representation of the second zero-knowledge proof information, the explanation of the remaining parameters is referred to the explanation in the above embodiment, and the description of this embodiment is omitted here.
Correspondingly, the process of verifying the second zero knowledge proof information by the task initiator comprises the following steps:
(9) verifier (task initiator) computation
And (b)
Verification of
If equal, the verification passes. If not, the verification is not passed.
In an embodiment of the present application, the step of sending the third data set to the task initiator includes:
a data provider sends the second zero knowledge proof information and the third data set to the task initiator.
Accordingly, the task initiator receives the second zero-knowledge proof information and the third data set.
After the second zero knowledge proof information is determined, the second zero knowledge proof information and the third data set are both sent to the task initiator, so that the task initiator can ensure that the data provider always encrypts the first data set by adopting the random number b when encrypting the first data set by adopting the first confusion encryption mode according to the second zero knowledge proof information, and the obtained calculation results of the two parties are accurate.
In an embodiment of the present application, after the step of receiving the first data set and the fourth data set sent by the task initiator, before the step of obtaining the number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set, the method further includes:
The data provider verifies the first zero-knowledge proof information, and the first zero-knowledge proof information is used for verifying whether the task initiator encrypts the second data set in the first encryption mode;
in this embodiment, when the data provider verifies the first zero knowledge proof information, the specific verification process refers to the steps (4), (5) and (6) in the above embodiment, which is not described herein.
In an embodiment of the present application, the step of obtaining the number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set includes:
the data provider decrypts the fourth data set by adopting a second confusion decryption mode under the condition that the first zero knowledge proof information is correct to obtain a fifth data set, wherein the second confusion decryption mode corresponds to the second confusion encryption mode;
a data provider obtains a number of presence data intersections between the data provider and the task initiator based on the third data set and the fifth data set.
In this embodiment, when the first zero-knowledge proof information is correct, the second confusion decryption method corresponding to the second confusion encryption method is used to decrypt the fourth data set to obtain the fifth data set, where the specific decryption process and the specific implementation of obtaining the number of data intersections are referred to the specific implementation in step 110 in the above embodiment, and this embodiment is not described herein.
In an embodiment of the present application, before the step of encrypting the pre-acquired first to-be-processed data set by using the first encryption manner to obtain the first data set, the method further includes:
the task initiator acquires a first initial data set;
and the task initiator maps each initial data in the first initial data set to a preset elliptic curve to obtain a first data set to be processed, wherein the elliptic curve is used for determining the data value of each data in the first initial data set.
In this embodiment, the first initial data set refers to the original string data. Since the string data cannot be calculated, it is necessary to map the string data onto an elliptic curve so that the string data is converted into a specific data value that can be subjected to mathematical techniques. For example, the data in the first initial data set is the data of the client 1, the client 2, etc., but the characters of the client 1, the client 2, etc. cannot be calculated, so that the specific numerical value of the data value of 1 or 2, etc. can be determined by mapping the client 1, the client 2 to the elliptic curve, so as to execute subsequent calculation.
Accordingly, in another embodiment, when the fair privacy set intersection method is applied to the data provider, before the step of encrypting the pre-acquired second data set to be processed by using the second encryption method to obtain the second data set, the method further includes:
Acquiring a second initial data set;
and mapping each initial data in the second initial data set to a preset elliptic curve to obtain a second data set to be processed, wherein the elliptic curve is used for determining the data value of each data in the second initial data set.
In this embodiment, please refer to the above discussion about the first initial data set, and the description of this embodiment is omitted here.
In an embodiment of the present application, the step of encrypting the pre-acquired second data set to be processed by using a second encryption manner to obtain a second data set includes:
encrypting the pre-acquired second data set to be processed by adopting first confusion encryption to obtain a confusion data set;
encrypting the mixed data set by adopting second mixed encryption to obtain a second data set;
the second encryption mode comprises a first confusion encryption mode and a second confusion encryption mode, when the second encryption mode is adopted to encrypt the second data set to be processed, in order to ensure the correctness of zero knowledge proof between the data provider and the task initiator, the first confusion encryption mode is adopted to encrypt the second data set to be processed in sequence to obtain a confusion data set, the second confusion encryption mode is adopted to obtain a second data set, and the second data set is expressed in the form of components, so that the correctness of the two components is required to be simultaneously proved when the zero knowledge proof is used later, and the data between the task initiator and the data provider is further ensured not to be leaked. The specific proving process is referred to the above embodiments, and is not described herein.
In an embodiment of the present application, the step of encrypting the first data set by using the second encryption method to obtain a third data set includes:
and encrypting the first data set by adopting a first confusion encryption mode to obtain a third data set.
The expression for the third data set is as follows,
wherein, the liquid crystal display device comprises a liquid crystal display device,representing a third data set, b representing a random number in the first mixed encryption mode, +.>Representing a first data set, a representing a random number in a first encryption scheme, and n representing the number of first data to be processed.
The fair privacy set intersection method provided by the application has the following beneficial effects:
1. the task initiator cannot obtain other data information of the data provider except the intersection, so that the data safety of the two parties is ensured;
2. the task initiator obtains the result, the data provider can only obtain the intersection size, and the task initiator is not required to synchronize the intersection size to the data provider, so that fairness of the two parties is ensured.
3. The zero knowledge proof is used for ensuring that a task initiator and a data provider can correctly execute a protocol, namely, the data of the other party can be always encrypted in a first encryption mode and a second encryption mode, and the data obtained by the two parties is ensured to be correct.
Fig. 2 is a schematic structural diagram of a fair privacy set intersection device according to an embodiment of the present application, and for convenience of explanation, only a portion related to the embodiment of the present application is shown.
Referring to fig. 2, the fair privacy set intersection apparatus 200 may include:
a first encryption module 201, configured to encrypt a first pre-acquired data set to be processed by using a first encryption manner to obtain a first data set, where the first data set to be processed includes a plurality of data to be shared;
a first sending module 202, configured to send the first data set to a data provider;
the first receiving module 203 is configured to receive a second data set and a third data set sent by the data provider, where the second data set is obtained by encrypting a second data set to be processed by the data provider in a second encryption manner, and the third data set is obtained by encrypting the first data set by the data provider in a second encryption manner;
a second encryption module 204, configured to encrypt the second data set by using the first encryption manner, to obtain an intermediate data set;
an adjustment module 205, configured to adjust an arrangement order of the data in the intermediate data set to obtain a fourth data set;
A second sending module 206, configured to send the fourth data set to the data provider;
a first calculation module 207 for obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set.
Optionally, the fair privacy set intersection device 200 further includes:
the second calculation module is used for obtaining first zero knowledge proof information based on the fourth data set and the first public key, wherein the first zero knowledge proof information is used for verifying whether the first data set is encrypted in the first encryption mode or not by the data provider;
optionally, the second sending module 206 is specifically configured to:
the first zero knowledge proof information and the fourth data set are transmitted to the data provider.
Optionally, the fair privacy set intersection device 200 further includes:
the first verification module is used for verifying the second zero knowledge proof information, and the second zero knowledge proof information is used for verifying whether the data provider encrypts the first data set by adopting a first confusion encryption mode in the second encryption mode;
optionally, the first computing module 207 is specifically configured to:
And obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set under the condition that the second zero-knowledge proving information is correct.
Optionally, the fair privacy set intersection device 200 further includes:
the acquisition module is used for acquiring a first initial data set;
the mapping module is used for mapping each initial data in the first initial data set to a preset elliptic curve to obtain a first data set to be processed, and the elliptic curve is used for determining the data value of each data in the first initial data set.
Optionally, the first computing module 207 further includes:
a first computing sub-module, configured to obtain an intersection of the intermediate data set and the third data set, and construct an intermediate intersection result;
and the second calculation sub-module is used for acquiring initial data corresponding to each data in the intermediate intersection result and constructing a data intersection result.
Optionally, the fair privacy set intersection device 200 may further include:
the third encryption module is used for encrypting the pre-acquired second data set to be processed by adopting a second encryption mode to obtain a second data set, and the second data set to be processed comprises a plurality of data to be shared;
A third sending module, configured to send the second data set to a task initiator;
the second receiving module is used for receiving a first data set and a fourth data set which are sent by the task initiator, wherein the first data set is obtained by encrypting a second data set to be processed by the task initiator in a first encryption mode, and the fourth data set is obtained by adjusting the arrangement sequence of data in the intermediate data set by the task initiator;
the fourth encryption module is used for encrypting the first data set by adopting the second encryption mode to obtain a third data set;
a fourth sending module, configured to send the third data set to the task initiator;
a third calculation module for obtaining a number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set.
Optionally, the third encryption module further includes:
the first encryption sub-module is used for encrypting the pre-acquired second data set to be processed by adopting first confusion encryption to obtain a confusion data set;
the second encryption sub-module is used for encrypting the mixed data set by adopting second mixed encryption to obtain a second data set;
Optionally, the fourth encryption module is specifically configured to:
and encrypting the first data set by adopting a first confusion encryption mode to obtain a third data set.
Optionally, the fair privacy set intersection device 200 further includes:
the fourth calculation module is used for obtaining second zero knowledge proof information based on the third data set and the second public key, wherein the second zero knowledge proof information is used for verifying whether the first data set is encrypted in the second encryption mode by a task initiator;
optionally, the fourth sending module is specifically configured to:
and sending the second zero knowledge proof information and the third data set to the task initiator.
Optionally, the fair privacy set intersection device 200 further includes:
the second verification module is used for verifying the first zero knowledge proof information, and the first zero knowledge proof information is used for verifying whether the task initiator encrypts the second data set in the first encryption mode;
optionally, the third computing module further includes:
the decryption sub-module is used for decrypting the fourth data set by adopting a second confusion decryption mode under the condition that the first zero knowledge proof information is correct, so as to obtain a fifth data set, wherein the second confusion decryption mode corresponds to the second confusion encryption mode;
A third calculation sub-module for obtaining a number of existing data intersections between the data provider and the task initiator based on the third data set and the fifth data set.
Optionally, the third calculation sub-module is specifically configured to:
the number of existing data intersections between the third data set and the fifth data set is obtained, and the number of data intersections between the task initiator and the data provider is constructed.
The fair privacy set intersection device 200 provided in the embodiment of the present application can implement each process implemented by the foregoing method embodiment, and in order to avoid repetition, a description is omitted here.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
Fig. 3 shows a schematic hardware structure of an electronic device according to an embodiment of the present application.
The device may comprise a processor 301 and a memory 302 in which program instructions are stored.
The steps of any of the various method embodiments described above are implemented when the processor 301 executes a program.
The program of example i may be split into one or more modules/units, which are stored in the memory 302 and executed by the processor 301 to complete the present application. One or more of the modules/units may be a series of program instruction segments capable of performing specific functions to describe the execution of the program in the device.
In particular, the processor 301 may include a Central Processing Unit (CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present application.
Memory 302 may include mass storage for data or instructions. By way of example, and not limitation, memory 302 may comprise a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. Memory 302 may include removable or non-removable (or fixed) media, where appropriate. Memory 302 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the memory 302 is a non-volatile solid-state memory.
The memory may include Read Only Memory (ROM), random Access Memory (RAM), magnetic disk storage media devices, optical storage media devices, flash memory devices, electrical, optical, or other physical/tangible memory storage devices. Thus, in general, the memory includes one or more tangible (non-transitory) readable storage media (e.g., memory devices) encoded with software comprising computer-executable instructions and when the software is executed (e.g., by one or more processors) it is operable to perform the operations described with reference to methods in accordance with aspects of the present disclosure.
The processor 301 implements any of the methods of the above embodiments by reading and executing program instructions stored in the memory 302.
In one example, the electronic device may also include a communication interface 303 and a bus 310. The processor 301, the memory 302, and the communication interface 303 are connected to each other through the bus 310 and perform communication with each other.
The communication interface 303 is mainly used to implement communication between each module, device, unit and/or apparatus in the embodiments of the present application.
Bus 310 includes hardware, software, or both that couple the components of the online data flow billing device to each other. By way of example, and not limitation, the buses may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a micro channel architecture (MCa) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of the above. Bus 310 may include one or more buses, where appropriate. Although embodiments of the present application describe and illustrate a particular bus, the present application contemplates any suitable bus or interconnect.
In addition, in combination with the method in the above embodiment, the embodiment of the application may be implemented by providing a storage medium. The storage medium has program instructions stored thereon; the program instructions, when executed by a processor, implement any of the methods of the embodiments described above.
The embodiment of the application further provides a chip, the chip includes a processor and a communication interface, the communication interface is coupled with the processor, the processor is used for running a program or instructions, the processes of the above method embodiment are realized, the same technical effects can be achieved, and in order to avoid repetition, the description is omitted here.
It should be understood that the chips referred to in the embodiments of the present application may also be referred to as system-on-chip chips, chip systems, or system-on-chip chips, etc.
The embodiments of the present application provide a computer program product, which is stored in a storage medium, and the program product is executed by at least one processor to implement the respective processes of the above method embodiments, and achieve the same technical effects, and are not repeated herein.
It should be clear that the present application is not limited to the particular arrangements and processes described above and illustrated in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications, and additions, or change the order between steps, after appreciating the spirit of the present application.
The functional blocks shown in the above block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the present application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer grids such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this application describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be different from the order in the embodiments, or several steps may be performed simultaneously.
Aspects of the present disclosure are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions/acts specified in the flowchart and/or block diagram block or blocks. Such a processor may be, but is not limited to being, a general purpose processor, a special purpose processor, an application specific processor, or a field programmable logic circuit. It will also be understood that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware which performs the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In the foregoing, only the specific embodiments of the present application are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present application, which are intended to be included in the scope of the present application.

Claims (7)

1. A fair privacy set intersection method applied to a task initiator, the method comprising:
encrypting a pre-acquired first data set to be processed by adopting a first encryption mode to obtain a first data set, wherein the first data set to be processed comprises a plurality of data to be shared;
transmitting the first data set to a data provider;
receiving a second data set and a third data set sent by the data provider, wherein the second data set is obtained by encrypting a second data set to be processed by the data provider in a second encryption mode, and the third data set is obtained by encrypting the first data set by the data provider in a second encryption mode;
encrypting the second data set by adopting the first encryption mode to obtain an intermediate data set;
adjusting the arrangement sequence of the data in the intermediate data set to obtain a fourth data set;
transmitting the fourth data set to the data provider;
obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set;
the step of obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set includes:
Acquiring an intersection of the intermediate data set and the third data set, and constructing an intermediate intersection result;
and obtaining initial data corresponding to each data in the intermediate intersection result, and constructing a data intersection result.
2. The fair privacy set intersection method of claim 1 wherein the first data set is carried in first information, the first information further carrying a first public key;
after the step of adjusting the arrangement order of the data in the intermediate data set to obtain a fourth data set, before the step of sending the fourth data set to the data provider, the method further includes:
obtaining first zero knowledge proof information based on the fourth data set and the first public key, wherein the first zero knowledge proof information is used for verifying whether the first data set is encrypted in the first encryption mode by the data provider;
the step of transmitting a fourth data set to the data provider comprises:
the first zero knowledge proof information and the fourth data set are transmitted to the data provider.
3. The fair privacy set intersection method of claim 1 wherein the second zero-knowledge proof information is carried in second information, the second information further comprising a third data set;
After the step of receiving the second data set and the third data set sent by the data provider, before the step of obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set, the method further includes:
verifying second zero-knowledge proof information, wherein the second zero-knowledge proof information is used for verifying whether the data provider encrypts the first data set by adopting a first confusion encryption mode in the second encryption modes;
the step of obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set includes:
and obtaining a data intersection result between the task initiator and the data provider based on the intermediate data set and the third data set under the condition that the second zero-knowledge proving information is correct.
4. The fair privacy set intersection method as claimed in claim 1, wherein before the step of encrypting the pre-acquired first data set to be processed by the first encryption method to obtain the first data set, the method further comprises:
Acquiring a first initial data set;
and mapping each initial data in the first initial data set to a preset elliptic curve to obtain a first data set to be processed, wherein the elliptic curve is used for determining the data value of each data in the first initial data set.
5. A fair privacy set intersection method applied to a data provider, the method comprising:
encrypting the pre-acquired second data set to be processed by adopting a second encryption mode to obtain a second data set, wherein the second data set to be processed comprises a plurality of data to be shared;
transmitting the second data set to a task initiator;
receiving a first data set and a fourth data set sent by the task initiator, wherein the first data set is obtained by encrypting a second data set to be processed by the task initiator in a first encryption mode, and the fourth data set is obtained by adjusting the arrangement sequence of data in the intermediate data set by the task initiator;
encrypting the first data set by adopting the second encryption mode to obtain a third data set;
transmitting the third data set to the task initiator;
obtaining a number of presence data intersections between the data provider and the task initiator based on the third data set and the fourth data set;
The first zero knowledge proof information is carried in fourth information, and the fourth information also carries the fourth data set;
after the step of receiving the first data set and the fourth data set sent by the task initiator, before the step of obtaining the number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set, the method further includes:
verifying the first zero-knowledge proof information, wherein the first zero-knowledge proof information is used for verifying whether the task initiator encrypts the second data set in the first encryption mode;
the step of obtaining the number of existing data intersections between the data provider and the task initiator based on the third data set and the fourth data set, comprises:
under the condition that the first zero knowledge proving information is correct, decrypting the fourth data set by adopting a second confusion decryption mode to obtain a fifth data set, wherein the second confusion decryption mode corresponds to the second confusion encryption mode;
obtaining a number of presence data intersections between the data provider and the task initiator based on the third data set and the fifth data set;
The step of obtaining the number of existing data intersections between the data provider and the task initiator based on the third data set and the fifth data set, comprises:
the number of existing data intersections between the third data set and the fifth data set is obtained, and the number of data intersections between the task initiator and the data provider is constructed.
6. The fair privacy set intersection method of claim 5, wherein the second encryption scheme comprises a first confusion encryption scheme and a second confusion encryption scheme;
the step of encrypting the pre-acquired second data set to be processed by adopting a second encryption mode to obtain a second data set comprises the following steps:
encrypting the pre-acquired second data set to be processed by adopting first confusion encryption to obtain a confusion data set;
encrypting the mixed data set by adopting second mixed encryption to obtain a second data set;
the step of encrypting the first data set by adopting the second encryption mode to obtain a third data set comprises the following steps:
and encrypting the first data set by adopting a first confusion encryption mode to obtain a third data set.
7. The fair privacy set intersection method of claim 5 wherein the second data set is carried in third information, the third information further carrying a second public key;
After the step of encrypting the first data set by using the second encryption mode to obtain a third data set, before the step of sending the third data set to the task initiator, the method further includes:
obtaining second zero knowledge proof information based on the third data set and the second public key, wherein the second zero knowledge proof information is used for verifying whether the first data set is encrypted in the second encryption mode by a task initiator;
the step of sending the third data set to the task initiator includes:
and sending the second zero knowledge proof information and the third data set to the task initiator.
CN202310596821.5A 2023-05-25 2023-05-25 Fair privacy set intersection method Active CN116305300B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310596821.5A CN116305300B (en) 2023-05-25 2023-05-25 Fair privacy set intersection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310596821.5A CN116305300B (en) 2023-05-25 2023-05-25 Fair privacy set intersection method

Publications (2)

Publication Number Publication Date
CN116305300A CN116305300A (en) 2023-06-23
CN116305300B true CN116305300B (en) 2023-07-21

Family

ID=86819010

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310596821.5A Active CN116305300B (en) 2023-05-25 2023-05-25 Fair privacy set intersection method

Country Status (1)

Country Link
CN (1) CN116305300B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118133352A (en) * 2024-05-08 2024-06-04 北京国际大数据交易有限公司 Method, device, equipment and storage medium for determining data intersection

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111611623A (en) * 2020-07-03 2020-09-01 腾讯科技(深圳)有限公司 Private data processing method and device
CN111931207A (en) * 2020-08-07 2020-11-13 北京百度网讯科技有限公司 Method, device and equipment for obtaining privacy set intersection and storage medium
US11599655B1 (en) * 2018-09-21 2023-03-07 Amazon Technologies, Inc. Data sharing method
CN115865426A (en) * 2022-11-14 2023-03-28 中国联合网络通信集团有限公司 Privacy intersection method and device
CN115982768A (en) * 2022-12-31 2023-04-18 蚂蚁区块链科技(上海)有限公司 Privacy intersection method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11599655B1 (en) * 2018-09-21 2023-03-07 Amazon Technologies, Inc. Data sharing method
CN111611623A (en) * 2020-07-03 2020-09-01 腾讯科技(深圳)有限公司 Private data processing method and device
CN111931207A (en) * 2020-08-07 2020-11-13 北京百度网讯科技有限公司 Method, device and equipment for obtaining privacy set intersection and storage medium
CN115865426A (en) * 2022-11-14 2023-03-28 中国联合网络通信集团有限公司 Privacy intersection method and device
CN115982768A (en) * 2022-12-31 2023-04-18 蚂蚁区块链科技(上海)有限公司 Privacy intersection method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于同态加密的多方隐私保护集合交集协议;张紫倩;《优秀硕士学位论文全文数据库》;全文 *

Also Published As

Publication number Publication date
CN116305300A (en) 2023-06-23

Similar Documents

Publication Publication Date Title
US9538372B2 (en) Establishing communication between devices
US20230325516A1 (en) Method for file encryption, terminal, electronic device and computer-readable storage medium
CN109359471B (en) Encryption method, device, system, equipment and medium based on user identity
CN116305300B (en) Fair privacy set intersection method
CN108549824A (en) A kind of data desensitization method and device
CN110555300A (en) application program authorization method, client, server, terminal device and medium
CN112823503A (en) Data access method, data access device and mobile terminal
JP2012080152A (en) Encryption system, encryption apparatus, decryption apparatus, encryption system program and encryption method
CN111555880A (en) Data collision method and device, storage medium and electronic equipment
US20060129812A1 (en) Authentication for admitting parties into a network
CN113038463B (en) Communication encryption authentication experimental device
CN114362951B (en) Method and device for updating certificates
US11588632B2 (en) Private key creation using location data
CN112737783B (en) Decryption method and device based on SM2 elliptic curve
CN111861462A (en) Financial product transaction method and device based on block chain
CN115344848B (en) Identification acquisition method, device, equipment and computer readable storage medium
US20200145200A1 (en) Attribute-based key management system
TWI611316B (en) Text processing method for safe input method, text processing device and text processing system
JP2018151620A (en) Method and system for privacy protection order statistic collection in star network
CN114443304A (en) Security authentication method and device for cloud computing platform and computer readable storage medium
CN111861489A (en) Financial product transaction share determination method and device based on block chain
CN115378743B (en) Information encryption transmission method, device, equipment and medium
CN116522404B (en) Data processing method, device, equipment and computer storage medium
US20240111842A1 (en) License authentication method and apparatus, electronic device, system, and storage medium
EP1642205A1 (en) Authentication for admitting parties into a network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant