CN116383886B - Data conversion method and system based on secure three-party computing protocol storage - Google Patents

Data conversion method and system based on secure three-party computing protocol storage Download PDF

Info

Publication number
CN116383886B
CN116383886B CN202310645152.6A CN202310645152A CN116383886B CN 116383886 B CN116383886 B CN 116383886B CN 202310645152 A CN202310645152 A CN 202310645152A CN 116383886 B CN116383886 B CN 116383886B
Authority
CN
China
Prior art keywords
node
party computing
random number
computing protocol
safe
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310645152.6A
Other languages
Chinese (zh)
Other versions
CN116383886A (en
Inventor
李明柱
李文敏
张慧敏
陈飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xinlian Technology Nanjing Co ltd
Original Assignee
Xinlian Technology Nanjing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xinlian Technology Nanjing Co ltd filed Critical Xinlian Technology Nanjing Co ltd
Priority to CN202310645152.6A priority Critical patent/CN116383886B/en
Publication of CN116383886A publication Critical patent/CN116383886A/en
Application granted granted Critical
Publication of CN116383886B publication Critical patent/CN116383886B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Medical Informatics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Communication Control (AREA)

Abstract

The invention relates to a data conversion application based on safe three-party computing protocol storage, which is based on the distributed storage of the safe three-party computing protocol to data, designs a data conversion method between the storage under the ABY3 safe three-party computing protocol and the storage under the Blaze safe three-party computing protocol, completes the high-efficiency conversion of the quantity between the two safe three-party computing protocols, realizes the safe conversion of secret sharing shares and the interconnection and intercommunication between the multiparty safe computing protocols, further enables the services respectively applied by the safe three-party computing protocols to directly and efficiently apply the data, and particularly designs a random number pool construction method in the data conversion method, thereby reducing the time cost consumption for calculating random numbers in the conversion process and improving the data conversion efficiency; in addition, the invention designs a system for realizing data conversion application, and adopts modularized function design to further improve the efficiency of service realized by a design method on data application.

Description

Data conversion method and system based on secure three-party computing protocol storage
Technical Field
The invention relates to a data conversion method and system based on secure three-party computing protocol storage, and belongs to the technical field of data secure storage application.
Background
The existing digital economic development requirement takes data as key elements, fully plays the role of the data elements, strengthens the construction of digital infrastructure, strengthens a digital economic security system, promotes the circulation and development and utilization of the data, and can realize the flow and sharing of the data value on the basis of ensuring the data privacy security by using a privacy computing technology.
The multiparty secure computing technology is an important branch of privacy computing, the multiparty secure computing enables distributed participants to cooperatively compute any function on the premise of not revealing privacy inputs of a plurality of participants, the available invisible data is realized, and along with the development of the multiparty secure computing technology, a plurality of multiparty secure computing protocols with different performances and efficiencies appear, so that how to realize interconnection and intercommunication among the multiparty secure computing protocols is an important problem to be solved.
The core problem of realizing interconnection and intercommunication among multiparty secure computing protocols is to realize the mutual conversion of data among the protocols under the condition of ensuring the data privacy. ABY3 and Blaze are two efficient secure three-party computing protocols, the secret sharing mode of the bottom layer of the secure three-party computing protocol has the characteristics, and the performance and the efficiency of the protocol have the advantages, namely, the two secure three-party computing protocols can respectively carry out distributed secure storage on data, but in terms of further application of the data, the two secure three-party computing protocols respectively have application directions respectively corresponding to the application directions, if the data are respectively applied differently, the data are required to be stored under the secure three-party computing protocols respectively, and the prior art is to respectively store the data by applying the secure three-party computing protocols, so that the application efficiency is low.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a data conversion method based on the storage of the safe three-party computing protocol, which can realize the high-efficiency data conversion between the storage under the ABY3 safe three-party computing protocol and the storage under the Blaze safe three-party computing protocol by adopting a brand new data processing logic design, thereby realizing the high-efficiency application of the service applicable to each safe three-party computing protocol to the data.
The invention adopts the following technical scheme for solving the technical problems: the invention designs a data conversion method based on safe three-party computing protocol storage, which is based on three-party storage of target data under the ABY3 safe three-party computing protocol or three-party storage of target data under the Blaze safe three-party computing protocol, and the data conversion method between the ABY3 safe three-party computing protocol storage and the Blaze safe three-party computing protocol storage is applied to realize direct application of the target data on each applicable service corresponding to the ABY3 safe three-party computing protocol and direct application of the target data on each applicable service corresponding to the Blaze safe three-party computing protocol.
If the target data x is divided into x with respect to the ABY3 secure three-party computing protocol a 、x b 、x c And is composed of P a 、P b 、P c Three-party nodes according to P a Correspondence (x) a ,x b )、P b Correspondence (x) b ,x c )、P c Correspondence (x) c ,x a ) Stores, and x=x a +x b +x c The application of the data conversion method from the storage under the ABY3 safe three-party computing protocol to the storage under the Blaze safe three-party computing protocol is realized according to the following steps A1 to A5;
step A1. By node P b Selecting a random number r from a pool of random numbers b As its local random number, by node P c Selecting a random number r from a pool of random numbers c As its local random number and by node P b 、P c The two parties jointly select a random number r from a random number pool to be used as a joint random number, and then the step A2 is carried out;
step A2 by node P b The local random number r b Sending to node P in Blaze secure three-party computing protocol 1 Constitute node P 1 Corresponding to the first part alpha in the target data x share x,1 And by node P c The local random number r c Sending to node P in Blaze secure three-party computing protocol 2 Constitute node P 2 Corresponding to the first part alpha in the target data x share x,2 And is formed by node P b 、P c The joint random number r is respectively sent to the node P in the Blaze safe three-party computing protocol 1 、P 2 Constitute node P 1 、P 2 Respectively corresponding to the third part gamma in the target data x share x Then enter step A3;
step A3 node P b Using locally stored x b 、x c And a local random number r b According to x b,b =x b +x c +r b Generating an auxiliary conversion share x b,b Node P c Using locally stored x a And a local random number r c According to x c,c =x a +r c Generating an auxiliary conversion share x c,c And converts the auxiliary conversion share x b,b 、x c,c Sending to node P in Blaze secure three-party computing protocol 1 、P 2 In x b,b +x c,c Results of (a) constitute node P 1 、P 2 Respectively corresponding to the second part beta in the target data x share x Obtaining node P 1 Correspondence (alpha) x,1xx ) Node P 2 Correspondence (alpha) x,2xx ) Then enter step A4;
step A4 node P b Using auxiliary conversion shares x b,b Local random number r b And joint random number r, in x b,0 =x b,b +r/2, generating temporary conversion share x b,0 Node P c Using auxiliary conversion shares x c,c And joint random number r, in x c,0 =x c,c +r/2, generating temporary conversion share x c,0 And node P b Is a local random number r of (2) b And temporary conversion share x b,0 Node P c Is a local random number r of (2) c And temporary conversion share x c,0 Sending to node P in Blaze secure three-party computing protocol 0 From r b 、r c Sequentially form node P 0 Corresponding to the first part alpha in the target data x share x,1 Second part alpha x,2 And is formed by x b,0 +x c,0 Results of (a) constitute node P 0 Corresponding to the third portion beta in the target data x share xx Obtaining node P 0 Correspondence (alpha) x,1x,2xx ) Then go to step A5;
step A5 with node P 0 Correspondence (alpha) x,1x,2xx ) Node P 1 Correspondence (alpha) x,1xx ) Node P 2 Correspondence (alpha) x,2xx ) Namely, the target data x is formed to be related to three-party storage under the Blaze safe three-party computing protocol.
If the target data x is related to the Blaze secure three-party computing protocol, the target data x is defined by P 0 、P 1 、P 2 Three-party nodes according to P 0 Correspondence (alpha) x,1x,2xx )、P 1 Correspondence (alpha) x,1xx )、P 2 Correspondence (alpha) x,2xx ) Store and alpha x =α x,1x,2 ,β x =x+α x B1 to B4 are implemented according to the following steps, and the application of the data conversion method stored under the Blaze safe three-party computing protocol to the ABY3 safe three-party computing protocol is realized;
step B1. From node P 1 Selecting a random number r from a pool of random numbers 1 As its local random number, in combination with a locally stored alpha x,1 、γ x By r 1x,1x The results of/2 constitute the target data x divided by x with respect to the ABY3 secure three-party computing protocol b And sends the data to the node P in the ABY3 secure three-party computing protocol a 、P b By node P 2 Selecting a random number r from a pool of random numbers 2 As its local random number, in combination with a locally stored alpha x,2 、γ x By r 2x,2x The results of/2 constitute the target data x divided by x with respect to the ABY3 secure three-party computing protocol c And sends the data to the node P in the ABY3 secure three-party computing protocol c 、P b Obtaining node P b Correspondence (x) b ,x c ) Then go to step B2;
step B2 node P 1 Using a local random number r 1 According to x t,1 =-r 1 Generating a temporary conversion share x t,1 Node P 2 Using a local random number r 2 According to x t,2 =-r 2 Generating a temporary conversion share x t,2 Node P 0 Will utilize locally stored beta xx As temporary conversion share x t,0 And will temporarily convert share x t,1 、x t,2 、x t,0 Sending to node P in ABY3 secure three-party computing protocol a Then enter step B3;
step B3 node P a In x t,0 +x t,1 +x t,2 The result of (a) constitutes the target data x divided x with respect to ABY3 secure three-party computing protocol a And x is taken as a To node P c Obtaining node P a Correspondence (x) a ,x b ) Node P c Correspondence (x) c ,x a ) Then go to step B4;
step B4. with node P a Correspondence (x) a ,x b ) Node P b Correspondence (x) b ,x c ) Node P c Correspondence (x) c ,x a ) I.e. constitutes a three-party store of target data x in relation to ABY3 secure three-party computing protocol.
As a preferred technical scheme of the invention: the method comprises the steps of respectively aiming at the single data conversion method application stored under the Blaze safe three-party computing protocol and the single data conversion method application stored under the Blaze safe three-party computing protocol stored under the ABY3 safe three-party computing protocol, obtaining random number pools respectively corresponding to the single data conversion method application according to the accumulated times of all the data conversion method applications in the following manner, and selecting random numbers from the corresponding random number pools in the single data conversion method application;
based on the character strings with any kappa bit composed of 0 and 1 and different sequences, the number of times serial numbers in the accumulated times of the application of the contact single-time data conversion method corresponding to all data conversion methods are applied to the character strings respectively, and the following safety pseudo random function PRF is applied:
{0,1} κ ×{0,1} κ →X
obtaining random numbers X corresponding to the character strings, further obtaining random numbers corresponding to the character strings respectively, and forming a random number pool corresponding to the single data conversion method application.
In view of the foregoing, the technical problem to be solved by the present invention is to provide a system for implementing a data conversion method based on storage of a secure three-way computing protocol, and to implement the designed data conversion method efficiently by adopting a modularized functional design, so as to implement efficient application of services applicable to each secure three-way computing protocol to data.
The invention adopts the following technical scheme for solving the technical problems: the invention designs and realizes the data transfer based on the secure three-party computing protocol storageThe system for exchanging the method comprises a data conversion module, a random number module, an ABY3 protocol module and a Blaze protocol module which are respectively connected with the data conversion module in an interactive communication manner, wherein the ABY3 protocol module is used for realizing that target data x is divided into x according to an ABY3 safety three-party computing protocol a 、x b 、x c And is composed of P a 、P b 、P c Three-party nodes according to P a Correspondence (x) a ,x b )、P b Correspondence (x) b ,x c )、P c Correspondence (x) c ,x a ) Stores, and x=x a +x b +x c
The Blaze protocol module is used for realizing that the target data x is defined by P under the Blaze secure three-party computing protocol 0 、P 1 、P 2 Three-party nodes according to P 0 Correspondence (alpha) x,1x,2xx )、P 1 Correspondence (alpha) x,1xx )、P 2 Correspondence (alpha) x,2xx ) Store and alpha x =α x,1x,2 ,β x =x+α x
The random number module is used for generating a random number pool corresponding to the single data conversion method stored under the Blaze safe three-party computing protocol and a random number pool corresponding to the single data conversion method stored under the Blaze safe three-party computing protocol;
the data conversion module is used for executing a data conversion method between storage under the ABY3 secure three-party computing protocol and storage under the Blaze secure three-party computing protocol.
Compared with the prior art, the data conversion method and system based on the secure three-party computing protocol storage have the following technical effects:
(1) The data conversion method based on the safe three-party computing protocol storage is designed, the data conversion method between the ABY3 safe three-party computing protocol storage and the Blaze safe three-party computing protocol storage is designed based on the safe three-party computing protocol storage, the high-efficiency conversion of the quantity between the two safe three-party computing protocols is completed, the safe conversion of secret sharing shares and the interconnection and intercommunication between the multiparty safe computing protocols are realized, further, the services respectively applied by the safe three-party computing protocols can be directly and efficiently applied to the data, a random number pool construction method is specifically designed in the data conversion method, the time cost consumption for calculating random numbers in the conversion process is reduced, and the data conversion efficiency is improved; in addition, the invention designs a system for realizing the data conversion method, and adopts modularized functional design to further improve the efficiency of the service realized by the design method on the data application.
Drawings
FIG. 1 is a schematic diagram of secret sharing of the ABY3 secure three-party computing protocol;
FIG. 2 is a schematic diagram of secret sharing of a Blaze secure three-party computing protocol;
FIG. 3 is a schematic representation of the conversion of data stored under the ABY3 secure three-party computing protocol to data stored under the Blaze secure three-party computing protocol;
FIG. 4 is a schematic representation of the conversion of data stored under the Blaze safe three-party computing protocol to data stored under the ABY3 safe three-party computing protocol;
FIG. 5 is a schematic diagram of random number pool construction;
fig. 6 is a schematic diagram of a system designed to implement a data conversion method based on multiparty secure three-party computing protocol storage.
Detailed Description
The following describes the embodiments of the present invention in further detail with reference to the drawings.
The data conversion method based on the safe three-party computing protocol storage is designed, and based on the three-party storage of the target data under the ABY3 safe three-party computing protocol or the three-party storage of the target data under the Blaze safe three-party computing protocol, the data conversion method between the storage under the ABY3 safe three-party computing protocol and the storage under the Blaze safe three-party computing protocol is applied, so that the direct application of the target data on each applicable service corresponding to the ABY3 safe three-party computing protocol and the direct application of the target data on each applicable service corresponding to the Blaze safe three-party computing protocol are realized.
Regarding the ABY3 secure three-party computing protocol, the underlying protocol of the ABY3 secure three-party computing protocol is a repeated secret sharing protocol, as shown in fig. 1, assuming that three nodes of ABY3 are P respectively a 、P b 、P c Three-party peer-to-peer, in which the shared data x is fragmented into three x a 、x b 、x c Satisfy x=x a +x b +x c Wherein P is a Possession (x) a ,x b ),P b Possession (x) b ,x c ),P c Possession (x) c ,x a ) Any two parties can recover the shared data x.
The underlying protocol of the Blaze secure three-party computing protocol is (2, 3) -secret sharing, as described in FIG. 2, assuming three nodes of Blaze are P respectively 0 、P 1 、p 2 Wherein p is 0 Possession (. Alpha.) x,1x,2xx ),P 1 Possession (. Alpha.) x,1xx ),P 2 Possession (. Alpha.) x,2xx ) Wherein alpha is x,1 、α x,2 、γ x Is a random number and satisfies alpha x =α x,1x,2 ,β x =x+α x X is shared data, and any two parties can recover the shared data x.
ABY3 and Blaze are both safe three-party computing protocols, and the security of the protocols can be guaranteed under a semi-honest adversary model and a malicious adversary model. However, compared with the dot product protocol of ABY3, the dot product protocol of Blaze improves the communication in the online stage and has better efficiency; the ABY3 protocol can be applied to a convolutional neural network, that is, ABY3 and Blaze respectively have applications with better application directions, that is, under the condition of executing the data conversion method between the storage under the designed ABY3 secure three-party computing protocol and the storage under the Blaze secure three-party computing protocol, the direct application of services respectively applied by the secure three-party computing protocols to data is realized.
The application of the design to the data conversion method between the storage under the ABY3 safe three-party computing protocol and the storage under the Blaze safe three-party computing protocol is divided into the data conversion method between the storage under the ABY3 safe three-party computing protocol and the storage under the Blaze safe three-party computing protocol and the data conversion method between the storage under the Blaze safe three-party computing protocol and the storage under the ABY3 safe three-party computing protocol.
In practical application, regarding the design of the method for converting the storage under the ABY3 secure three-party computing protocol to the storage under the Blaze secure three-party computing protocol, as shown in fig. 3, if the target data x is divided into x with respect to the ABY3 secure three-party computing protocol a 、x b 、x c And is composed of P a 、P b 、P c Three-party nodes according to P a Correspondence (x) a ,x b )、P b Correspondence (x) b ,x c )、P c Correspondence (x) c ,x a ) Stores, and x=x a +x b +x c And (3) according to the following steps A1 to A5, the application of the data conversion method from the storage under the ABY3 safe three-party computing protocol to the storage under the Blaze safe three-party computing protocol is realized.
Step A1. By node P b Selecting a random number r from a pool of random numbers b As its local random number, by node P c Selecting a random number r from a pool of random numbers c As its local random number and by node P b 、P c The two parties combine to select a random number r from the random number pool as a combined random number, and then step A2 is carried out.
Step A2 by node P b The local random number r b Sending to node P in Blaze secure three-party computing protocol 1 Constitute node P 1 Corresponding to the first part alpha in the target data x share x,1 And by node P c The local random number r c Sending to node P in Blaze secure three-party computing protocol 2 Constitute node P 2 Corresponding to the first part alpha in the target data x share x,2 And is formed by node P b 、P c The joint random number r is respectively sent to the node P in the Blaze safe three-party computing protocol 1 、P 2 Constitute node P 1 、P 2 Respectively corresponding to the third part gamma in the target data x share x Then step A3 is entered.
Step A3 node P b Using locally stored x b 、x c And a local random number x b According to x b,b =x b +x c +r b Generating an auxiliary conversion share x b,n Node P c Using locally stored x a And a local random number r c According to x c,c =x a +r c Generating an auxiliary conversion share x c,c And converts the auxiliary conversion share x b,b 、x c,c Sending to node P in Blaze secure three-party computing protocol 1 、P 2 In x b,b +x c,c Results of (a) constitute node P 1 、P 2 Respectively corresponding to the second part beta in the target data x share x Obtaining node P 1 Correspondence (alpha) x,1xx ) Node P 2 Correspondence (alpha) x,2xx ) Step A4 is then entered.
Step A4 node P b Using auxiliary conversion shares x b,b Local random number r b And joint random number r, in x b,0 =x b,b +r/2, generating temporary conversion share x b,0 Node P c Using auxiliary conversion shares x c,c And joint random number r, in x c,0 =x c,c +r/2, generating temporary conversion share x c,0 And node P b Is a local random number r of (2) b And temporary conversion share x b,0 Node P c Is a local random number r of (2) c And temporary conversion share x c,0 Sending to node P in Blaze secure three-party computing protocol 0 From r b 、r c Sequentially form node P 0 Corresponding to the first part alpha in the target data x share x,1 Second part alpha x,2 And is formed by x b,0 +x c,0 Results of (a) constitute node P 0 Corresponding to the third portion beta in the target data x share xx I.e.Obtaining node P 0 Correspondence (alpha) x,1x,2xx ) Step A5 is then entered.
Step A5 with node P 0 Correspondence (alpha) x,1x,2xx ) Node P 1 Correspondence (alpha) x,1xx ) Node P 2 Correspondence (alpha) x,2xx ) Namely, the target data x is formed to be related to three-party storage under the Blaze safe three-party computing protocol.
Practical application is that the data conversion method stored in the three-party Blaze secure computing protocol is stored in the three-party ABY3 secure computing protocol, as shown in FIG. 4, if the target data x is stored in the three-party Blaze secure computing protocol by P 0 、P 1 、P 2 Three-party nodes according to P 0 Correspondence (alpha) x,1x,2xx )、P 1 Correspondence (alpha) x,1xx )、P 2 Correspondence (alpha) x,2xx ) Store and alpha x =α x,1x,2 ,β x =x+α x And B1 to B4, the application of the data conversion method stored under the Blaze safe three-party computing protocol to the ABY3 safe three-party computing protocol is realized.
Step B1. From node P 1 Selecting a random number r from a pool of random numbers 1 As its local random number, in combination with a locally stored alpha x,1 、γ x By r 1x,1x The results of/2 constitute the target data x divided by x with respect to the ABY3 secure three-party computing protocol b And sends the data to the node P in the ABY3 secure three-party computing protocol a 、P b By node P 2 Selecting a random number r from a pool of random numbers 2 As its local random number, in combination with a locally stored alpha x,2 、γ x By r 2x,2x The results of/2 constitute the target data x divided by x with respect to the ABY3 secure three-party computing protocol c And sends the data to the node P in the ABY3 secure three-party computing protocol c 、P b Obtaining node P b Correspondence (x) b ,x c ) Then step B2 is entered.
Step B2 node P 1 Using a local random number r 1 According to x t,1 =-r 1 Generating a temporary conversion share x t,1 Node P 2 Using a local random number r 2 According to x t,2 =-r 2 Generating a temporary conversion share x t,2 Node P 0 Will utilize locally stored beta xx As temporary conversion share x t,0 And will temporarily convert share x t,1 、x t,2 、x t,0 Sending to node P in ABY3 secure three-party computing protocol a Then step B3 is entered.
Step B3 node P a In x t,0 +x t,1 +x t,2 The result of (a) constitutes the target data x divided x with respect to ABY3 secure three-party computing protocol a And x is taken as a To node P c Obtaining node P a Correspondence (x) a ,x b ) Node P c Correspondence (x) c ,x a ) Then step B4 is entered.
Step B4. with node P a Correspondence (x) a ,x b ) Node P b Correspondence (x) b ,x c ) Node P c Correspondence (x) c ,x a ) I.e. constitutes a three-party store of target data x in relation to ABY3 secure three-party computing protocol.
The data conversion methods in both directions relate to the selection of random numbers from the random number pool, so in practical application, the random number pool is also further designed to realize the construction of the random number pool, namely, the single data conversion method application stored under the ABY3 safe three-party computing protocol to the single data conversion method application stored under the Blaze safe three-party computing protocol and the single data conversion method application stored under the Blaze safe three-party computing protocol to the ABY3 safe three-party computing protocol are respectively carried out, according to the accumulated times of all the data conversion method applications, as shown in fig. 5, the random number pools respectively corresponding to the single data conversion method applications are obtained in the following manner, and in the single data conversion method application, the random numbers are selected from the corresponding random number pools.
Based on the character strings with any kappa bit composed of 0 and 1 and different sequences, the number of times serial numbers in the accumulated times of the application of the contact single-time data conversion method corresponding to all data conversion methods are applied to the character strings respectively, and the following safety pseudo random function PRF is applied:
{0,1} κ ×{0,1} κ →X
obtaining random numbers X corresponding to the character strings, further obtaining random numbers corresponding to the character strings respectively, and forming a random number pool corresponding to the single data conversion method application.
In practical application, the data conversion method based on the secure three-party computing protocol storage further designs a system for realizing the data conversion method, as shown in fig. 6, and specifically comprises a data conversion module, a random number module, an ABY3 protocol module and a bluze protocol module which are respectively connected with the data conversion module in an interactive communication manner.
Wherein the ABY3 protocol module comprises a secret sharing protocol, a dot product protocol, a truncated protocol, an arithmetic sharing protocol, a boolean sharing protocol and a Yao sharing conversion protocol of ABY3, and the security three-party computing protocol for realizing the object data x about ABY3 is divided into x in application a 、x b 、x c And is composed of P a 、P b 、P c Three-party nodes according to P a Correspondence (x) a ,x b )、P b Correspondence (x) b ,x c )、P c Correspondence (x) c ,x a ) Stores, and x=x a +x b +x c
The Blaze protocol module comprises a Blaze bottom secret sharing protocol, a dot product protocol, a truncated protocol, an arithmetic sharing protocol, a Boolean sharing protocol and a Yao sharing conversion protocol, and the Blaze protocol module is used for realizing that target data x is calculated by P under the Blaze safety three-party computing protocol 0 、P 1 、P 2 Three-party nodes according to P 0 Correspondence (alpha) x,1x,2xx )、P 1 Correspondence (alpha) x,1xx )、P 2 Correspondence (alpha) x,2xx ) Store and alpha x =α x,1x,2 ,β x =x+α x
The random number module is used for generating a random number pool corresponding to the single data conversion method stored under the Blaze safe three-party computing protocol and storing the random number pool corresponding to the single data conversion method stored under the ABY3 safe three-party computing protocol.
The data conversion module is used for executing a data conversion method between storage under the ABY3 secure three-party computing protocol and storage under the Blaze secure three-party computing protocol.
According to the data conversion method based on the safe three-party computing protocol storage, the data conversion method between the ABY3 safe three-party computing protocol storage and the Blaze safe three-party computing protocol storage is designed based on the safe three-party computing protocol storage, the high-efficiency conversion of the quantity between the two safe three-party computing protocols is completed, the safe conversion of secret sharing shares and the interconnection and intercommunication between the multiparty safe computing protocols are realized, further the services respectively applied by the safe three-party computing protocols can be used for directly and efficiently applying the data, a random number pool construction method is specifically designed in the data conversion method, the time cost consumption for calculating random numbers in the conversion process is reduced, and the data conversion efficiency is improved; in addition, the invention designs a system for realizing the data conversion method, and adopts modularized functional design to further improve the efficiency of the service realized by the design method on the data application.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the spirit of the present invention.

Claims (3)

1. The data conversion method based on the secure three-party computing protocol storage is characterized by comprising the following steps of: based on the three-party storage of the target data under the ABY3 safe three-party computing protocol or the three-party storage of the target data under the Blaze safe three-party computing protocol, a data conversion method between the storage under the ABY3 safe three-party computing protocol and the storage under the Blaze safe three-party computing protocol is applied, so that the direct application of the target data on each applicable service corresponding to the ABY3 safe three-party computing protocol and the direct application of the target data on each applicable service corresponding to the Blaze safe three-party computing protocol are realized;
if the target data x is divided into x with respect to the ABY3 secure three-party computing protocol a 、x b 、x c And is composed of P a 、P b 、P c Three-party nodes according to P a Correspondence (x) a ,x b )、P b Correspondence (x) b ,x c )、P c Correspondence (x) c ,x a ) Stores, and x=x a +x b +x c The application of the data conversion method from the storage under the ABY3 safe three-party computing protocol to the storage under the Blaze safe three-party computing protocol is realized according to the following steps A1 to A5;
step A1. By node P b Selecting a random number r from a pool of random numbers b As its local random number, by node P c Selecting a random number r from a pool of random numbers c As its local random number and by node P b 、P c The two parties jointly select a random number r from a random number pool to be used as a joint random number, and then the step A2 is carried out;
step A2 by node P b The local random number r b Sending to node P in Blaze secure three-party computing protocol 1 Constitute node P 1 Corresponding to the first part alpha in the target data x share x,1 And by node P c The local random number r c Sending to node P in Blaze secure three-party computing protocol 2 Constitute node P 2 Corresponding to the first part alpha in the target data x share x,2 And is formed by node P b 、P c The joint random number r is respectively sent to the node P in the Blaze safe three-party computing protocol 1 、P 2 Constitute node P 1 、P 2 Respectively corresponding to the third part gamma in the target data x share x Then enter step A3;
step A3 node P b Using locally stored x b 、x c And a local random number r b According to x b,b =x b +x c +r b Generating an auxiliary conversion share x b,b Node P c Using locally stored x a And a local random number r c According to x c,c =x a +r c Generating an auxiliary conversion share x c,c And converts the auxiliary conversion share x b,b 、x c,c Sending to node P in Blaze secure three-party computing protocol 1 、P 2 In x b,b +x c,c Results of (a) constitute node P 1 、P 2 Respectively corresponding to the second part beta in the target data x share x Obtaining node P 1 Correspondence (alpha) x,1xx ) Node P 2 Correspondence (alpha) x,2xx ) Then enter step A4;
step A4 node P b Using auxiliary conversion shares x b,b Local random number r b And joint random number r, in x b,0 =x b,b +r/2, generating temporary conversion share x b,0 Node P c Using auxiliary conversion shares x c,c And joint random number r, in x c,0 =x c,c +r/2, generating temporary conversion share x c,0 And node P b Is a local random number r of (2) b And temporary conversion share x b,0 Node P c Is a local random number r of (2) c And temporary conversion share x c,0 Sending to node P in Blaze secure three-party computing protocol 0 From r b 、r c Sequentially form node P 0 Corresponding to the first part alpha in the target data x share x,1 Second part alpha x,2 And is formed by x b,0 +x c,0 Results of (a) constitute node P 0 Corresponding to the third portion beta in the target data x share xx Obtaining node P 0 Correspondence (alpha) x,1x,2xx ) Then go to step A5;
step A5. With node p 0 Correspondence (alpha) x,1x,2xx ) Node P 1 Correspondence (alpha) x,1xx ) Node P 2 Correspondence (alpha) x,2xx ) Namely, three-party storage of the target data x under the Blaze safe three-party computing protocol is formed;
if the target data x is related to the Blaze secure three-party computing protocol, the target data x is defined by P 0 、P 1 、P 2 Three-party nodes according to P 0 Correspondence (alpha) x,1x,2xx )、P 1 Correspondence (alpha) x,1xx )、P 2 Correspondence (alpha) x,2xx ) Store and alpha x =α x,1x,2 ,β x =x+α x B1 to B4 are implemented according to the following steps, and the application of the data conversion method stored under the Blaze safe three-party computing protocol to the ABY3 safe three-party computing protocol is realized;
step B1. From node P 1 Selecting a random number r from a pool of random numbers 1 As its local random number, in combination with a locally stored alpha x,1 、γ x By r 1x,1x The results of/2 constitute the target data x divided by x with respect to the ABY3 secure three-party computing protocol b And sends the data to the node P in the ABY3 secure three-party computing protocol a 、P b By node P 2 Selecting a random number r from a pool of random numbers 2 As its local random number, in combination with a locally stored alpha x,2 、γ x By r 2x,2x The results of/2 constitute the target data x divided by x with respect to the ABY3 secure three-party computing protocol c And sends the data to the node P in the ABY3 secure three-party computing protocol c 、P b Obtaining node P b Correspondence (x) b ,x c ) Then go to step B2;
step B2 node P 1 Using a local random number r 1 According to x t,1 =-r 1 Generating a temporary conversion share x t,1 Node P 2 Using a local random number r 2 According to x t,2 =-r 2 Generating a temporary conversion share x t,2 Node P 0 Will utilize locally stored beta xx As temporary conversion share x t,0 And will temporarily convert share x t,1 、x t,2 、x t,0 Sending to node P in ABY3 secure three-party computing protocol a Then enter step B3;
step B3 node P a In x t,0 +x t,1 +x t,2 The result of (a) constitutes the target data x divided x with respect to ABY3 secure three-party computing protocol a And x is taken as a To node P c Obtaining node P a Correspondence (x) a ,x b ) Node P c Correspondence (x) c ,x a ) Then go to step B4;
step B4. with node P a Correspondence (x) a ,x b ) Node P b Correspondence (x) b ,x c ) Node P c Correspondence (x) c ,x a ) I.e. constitutes a three-party store of target data x in relation to ABY3 secure three-party computing protocol.
2. The method for converting data stored on the basis of a secure three-party computing protocol according to claim 1, wherein: the method comprises the steps of respectively aiming at the single data conversion method application stored under the Blaze safe three-party computing protocol and the single data conversion method application stored under the Blaze safe three-party computing protocol stored under the ABY3 safe three-party computing protocol, obtaining random number pools respectively corresponding to the single data conversion method application according to the accumulated times of all the data conversion method applications in the following manner, and selecting random numbers from the corresponding random number pools in the single data conversion method application;
based on the character strings with any kappa bit composed of 0 and 1 and different sequences, the number of times serial numbers in the accumulated times of the application of the contact single-time data conversion method corresponding to all data conversion methods are applied to the character strings respectively, and the following safety pseudo random function PRF is applied:
{0,1} κ ×{0,1} κ →X
obtaining random numbers X corresponding to the character strings, further obtaining random numbers corresponding to the character strings respectively, and forming a random number pool corresponding to the single data conversion method application.
3. A system for implementing the data conversion method based on the secure three-party computing protocol storage according to claim 1 or 2, characterized in that: the system comprises a data conversion module, a random number module, an ABY3 protocol module and a Blaze protocol module which are respectively connected with the data conversion module in an interactive communication way, wherein the ABY3 protocol module is used for realizing that target data x is divided into x according to an ABY3 safety three-party computing protocol a 、x b 、x c And is composed of P a 、P b 、P c Three-party nodes according to P a Correspondence (x) a ,x b )、P b Correspondence (x) b ,x c )、P c Correspondence (x) c ,x a ) Stores, and x=x a +x b +x c
The Blaze protocol module is used for realizing that the target data x is defined by P under the Blaze secure three-party computing protocol 0 、P 1 、P 2 Three-party nodes according to P 0 Correspondence (alpha) x,1x,2xx )、P 1 Correspondence (alpha) x,1xx )、P 2 Correspondence (alpha) x,2xx ) Store and alpha x =α x,1x,2 ,β x =x+α x
The random number module is used for generating a random number pool corresponding to the single data conversion method stored under the Blaze safe three-party computing protocol and a random number pool corresponding to the single data conversion method stored under the Blaze safe three-party computing protocol;
the data conversion module is used for executing a data conversion method between storage under the ABY3 secure three-party computing protocol and storage under the Blaze secure three-party computing protocol.
CN202310645152.6A 2023-06-02 2023-06-02 Data conversion method and system based on secure three-party computing protocol storage Active CN116383886B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310645152.6A CN116383886B (en) 2023-06-02 2023-06-02 Data conversion method and system based on secure three-party computing protocol storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310645152.6A CN116383886B (en) 2023-06-02 2023-06-02 Data conversion method and system based on secure three-party computing protocol storage

Publications (2)

Publication Number Publication Date
CN116383886A CN116383886A (en) 2023-07-04
CN116383886B true CN116383886B (en) 2023-09-12

Family

ID=86961885

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310645152.6A Active CN116383886B (en) 2023-06-02 2023-06-02 Data conversion method and system based on secure three-party computing protocol storage

Country Status (1)

Country Link
CN (1) CN116383886B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115348013A (en) * 2022-08-15 2022-11-15 隐数科技(北京)有限责任公司杭州分公司 Data conversion method of safe two-party computing protocol
WO2022251341A1 (en) * 2021-05-25 2022-12-01 Visa International Service Association Multi-party computation for many computers
CN115766073A (en) * 2022-09-29 2023-03-07 华北电力大学 Energy storage data sharing method supporting secure multi-party computing privacy protection

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022251341A1 (en) * 2021-05-25 2022-12-01 Visa International Service Association Multi-party computation for many computers
CN115348013A (en) * 2022-08-15 2022-11-15 隐数科技(北京)有限责任公司杭州分公司 Data conversion method of safe two-party computing protocol
CN115766073A (en) * 2022-09-29 2023-03-07 华北电力大学 Energy storage data sharing method supporting secure multi-party computing privacy protection

Also Published As

Publication number Publication date
CN116383886A (en) 2023-07-04

Similar Documents

Publication Publication Date Title
CN108564471B (en) Energy Internet safety intelligent transaction system based on block chain technology and method thereof
CN111324870B (en) Outsourcing convolutional neural network privacy protection system based on safe two-party calculation
CN107733855A (en) A kind of block catenary system and application process that can support publicly-owned chain, alliance's chain and privately owned chain simultaneously
CN106850224B (en) Cipher text strategy attribute-based encryption method with fixed length of private key
CN112380495B (en) Secure multiparty multiplication method and system
CN109447605A (en) A kind of chain currency conversion method, apparatus, equipment and medium based on block chain
CN115865953B (en) Distributed storage system based on cross-border payment
CN114866225A (en) Ultra-threshold multi-party privacy set intersection method based on accidental pseudorandom secret sharing
CN113408001B (en) Method, device, equipment and storage medium for determining most value safely by multiple parties
US20240163098A1 (en) Computer-implemented methods and systems for controlling tasks implemented by a cyclically-ordered set of nodes participating in a blockchain network
EP3750129A1 (en) System and method for transferring resources using a blockchain
CN116383886B (en) Data conversion method and system based on secure three-party computing protocol storage
CN110634101B (en) Unsupervised image-to-image conversion method based on random reconstruction
CN113779615B (en) Safe decentralized diagram federation learning method
CN117353912A (en) Three-party privacy set intersection base number calculation method and system based on bilinear mapping
CN113468562A (en) Image block encryption and decryption algorithm with hyperchaotic system and neural network mechanism fused
US20230231908A1 (en) Computer-implemented system and method for controlling processing steps of a distributed system
CN116760539A (en) End-to-end efficient and safe two-square matrix inversion privacy calculation device and method
US6301664B1 (en) Method and system for non-malleable and non-interactive cryptographic commitment in a network
CN116488804A (en) Traceable ring signature data sharing method based on block chain hierarchical nodes
CN115225266A (en) Multi-party threshold privacy set intersection method and system based on cloud server assistance
Jia et al. A collaborative secret sharing scheme based on the Chinese Remainder Theorem
CN114580661A (en) Data processing method and device based on federal learning and computer equipment
CN115632835B (en) Multi-element Ha Xisuo-based data transmission method under chain
CN110995441A (en) Multi-party collaborative EdDSA digital signature generation method and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant