CN116776359B - Ciphertext homomorphic comparison method and device based on homomorphic encryption - Google Patents
Ciphertext homomorphic comparison method and device based on homomorphic encryption Download PDFInfo
- Publication number
- CN116776359B CN116776359B CN202311062444.3A CN202311062444A CN116776359B CN 116776359 B CN116776359 B CN 116776359B CN 202311062444 A CN202311062444 A CN 202311062444A CN 116776359 B CN116776359 B CN 116776359B
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- polynomial
- homomorphic
- plaintext
- compared
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000004364 calculation method Methods 0.000 claims description 24
- 150000001875 compounds Chemical class 0.000 claims description 16
- 238000012545 processing Methods 0.000 abstract description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 238000013329 compounding Methods 0.000 description 3
- 239000002131 composite material Substances 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000003064 k means clustering Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012706 support-vector machine Methods 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The application discloses a ciphertext homomorphic comparison method and device based on homomorphic encryption, and belongs to the technical field of ciphertext data processing. The method comprises the steps of determining a component polynomial according to input precision and output precision; and determining an approximation of the corresponding sign function of the plaintext to be compared according to the component polynomial. The homomorphic comparison approximation method disclosed by the application has optimality in the aspects of depth consumption and computational complexity, can effectively reduce homomorphic multiplication and addition times, needs less flattening running time, and is more suitable for application scenes with large data volume.
Description
Technical Field
The application relates to the technical field of ciphertext data processing, in particular to a ciphertext homomorphic comparison method and device based on homomorphic encryption.
Background
Homomorphic encryption allows arithmetic operations to be performed on the encrypted data, enabling the encrypted data to be calculated without access to a key, and decrypted to obtain a result corresponding to the operation in the clear.
In the homomorphic encryption field, full homomorphic encryption is widely focused by scientists because it satisfies both the multiplication homomorphic and the addition homomorphic, and is widely used in various fields such as finance, medical treatment, and genomics;
however, the number of applications implemented based on two arithmetic operations is limited. For some applications that require non-arithmetic operations, comparison operations such as k-means clustering, top-k data manipulation, and support vector machines are typically used.
At present, homomorphic comparison operation is more used on encrypted data, namely, the encrypted information is approximately processed by using a symbol function polynomial by using a homomorphic password, so that the problem of searching for the polynomial of the best approximation of the symbol function occurs when the data in the homomorphic password is compared, and various methods are used for more approximately encrypting the information, including chebyshev polynomials of a first type, artificial neural networks, least squares, newton-Raphson and the like.
However, the method has lower calculation efficiency, and the requirement on the number of homomorphic multiplications is higher along with the improvement of precision, so that the time consumption of calculation is greatly increased, and the problems of depth consumption and calculation complexity are exposed.
Disclosure of Invention
In view of the above, the application provides a ciphertext homomorphic comparison method and device based on homomorphic encryption, which aims to reduce depth consumption and calculation complexity, reduce time consumption and improve calculation efficiency under the condition of meeting precision requirements.
In order to achieve the above purpose, the present application adopts the following technical scheme:
on one hand, the application discloses a ciphertext homomorphic comparison method based on homomorphic encryption, which comprises the following steps of,
determining a component polynomial according to the input precision and the output precision and the following formula;
wherein, the liquid crystal display device comprises a liquid crystal display device,,/>for input accuracy, < >>For the output precision of the t-th polynomial, < >>The expression of t is +.>,/>And->Coefficients that are polynomials;
and determining the approximate value of the symbol function corresponding to the plaintext to be compared according to the component polynomial.
Preferably, the polynomial is initializedTo make it meet the maximum derivative at 0, so that +.>And thereby determine the polynomial +.>Coefficient of->And->;
Wherein the method comprises the steps ofAnd the function value of the maximum point is 1; />For input accuracy, < >>For output accuracy, < >>Is a polynomial with the expression +.>。
Preferably, the system of equations for solving the polynomial coefficients is:
in the method, in the process of the application,for the output precision of the ith polynomial, +.>And->Is the coefficient of the i-th polynomial.
Preferably, the degree n of the component polynomial is fixed to 3.
Preferably, the process of determining the approximation of the corresponding sign function of the plaintext to be compared according to the component polynomial comprises:
encrypting the plaintext to be compared, and performing homomorphic calculation after obtaining an encrypted ciphertext to obtain an input ciphertext of a component polynomial;
substituting the input ciphertext into the component polynomial to perform homomorphic operation to obtain a symbol function approximation value corresponding to the plaintext difference value to be compared.
Preferably, the plaintext to be compared is scaled to be within the range of the [0,1] interval before encryption.
Preferably, the homomorphic calculation of the encrypted ciphertext comprises the following steps:
and executing multiplication homomorphic operation on the ciphertext of the first plaintext to be compared and the ciphertext of the-1, and executing addition homomorphic operation on the obtained result and the ciphertext of the second plaintext to be compared to obtain the ciphertext of the difference value of the first plaintext to be compared and the ciphertext of the difference value of the second plaintext to be compared, wherein the ciphertext of the difference value of the first plaintext to be compared and the ciphertext of the difference value of the second plaintext to be compared are homomorphic comparison input ciphertexts.
Preferably, the ciphertext result of the plaintext to be compared is obtained according to the approximate value of the symbol function corresponding to the plaintext to be compared;
in the method, in the process of the application,is a polynomial compound operationAs a result, x is the input ciphertext of the polynomial.
On the other hand, the application discloses a ciphertext homomorphic comparison device based on homomorphic encryption, which comprises,
a component polynomial determining unit for determining a component polynomial according to the input precision and the output precision as follows; polynomial expressionCoefficient of->And->;
Wherein, the liquid crystal display device comprises a liquid crystal display device,,/>for input accuracy, < >>For the output precision of the t-th polynomial, < >>The expression of t is +.>,/>And->Coefficients that are polynomials;
and the approximate value determining unit is used for determining the approximate value of the symbol function corresponding to the plaintext to be compared according to the component polynomial.
Preferably, also comprises
The ciphertext result obtaining unit is used for obtaining a ciphertext result of the plaintext to be compared according to the following formula and the approximate value of the symbol function corresponding to the plaintext to be compared;
in the method, in the process of the application,and x is the input ciphertext of the polynomial, which is the result of the polynomial compound operation.
Compared with the prior art, the application discloses a ciphertext homomorphic comparison method and device based on full homomorphic encryption, dynamically generates a plurality of polynomials based on input precision and output precision, and performs compound operation based on the polynomials to enable the polynomials to approach a symbol function, thereby realizing the effect of approximate comparison function.
The homomorphic comparison approximation method disclosed by the application has optimality in the aspects of depth consumption and computational complexity, can effectively reduce homomorphic multiplication and addition times, needs less flattening running time, and is more suitable for application scenes with large data volume.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
The technical scheme of the application is further described in detail through the drawings and the embodiments.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a homomorphic comparison method based on homomorphic encryption in the present application;
FIG. 2 is a partial image of a component polynomial in a dynamic polynomial generation process; wherein (a) is an image of an i-th component polynomial, (b) is an image of an i+1-th component polynomial, and (c) is an image of an i+2-th component polynomial;
FIG. 3 is a symbolic function approximation image obtained by sequentially compositing component polynomials; the diagram (a) is a polynomial function diagram generated by compounding t-4 times of the component polynomial, and the diagram (b) is a polynomial function diagram generated by compounding t times of the component polynomial;
fig. 4 is a specific flow chart of implementation of the homomorphic comparison method based on homomorphic encryption.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In order to improve the calculation efficiency and reduce homomorphic operation times, the embodiment of the application provides a novel method for approximating a comparison function by utilizing a dynamic polynomial composite approximation symbol function. Specifically, the application is realized by the following scheme.
Example 1
The embodiment discloses a ciphertext homomorphic comparison method based on homomorphic encryption, which comprises the following steps:
firstly, determining a component polynomial according to the input precision and the output precision and the following formula;
wherein, the liquid crystal display device comprises a liquid crystal display device,,/>for input accuracy, < >>For the output precision of the t-th polynomial, < >>The expression of t is +.>,/>And->Coefficients that are polynomials;
and secondly, determining an approximation value of a symbol function corresponding to the plaintext to be compared according to the component polynomial.
In the whole, the method is divided into a component polynomial dynamic generation part and a polynomial compound operation part in a ciphertext state.
Specifically, in this embodiment, the component polynomial dynamic generating section dynamically solves the new component polynomial by using the initial polynomial given by the input precision according to the input precision and the output precision requirement given by the user, and continuously updates the mapped interval until the final mapped interval reaches the output precision requirement.
The input precision refers to the minimum boundary of the a-b difference value, and the output precision refers to the minimum boundary value of the interval range to which the a-b difference value is finally mapped.
The generating step comprises the following steps:
first, a polynomial is initializedMake it meet atThe derivative at 0 is maximum, such that +.>And thereby determine the polynomial +.>Coefficient->And->;
Wherein the method comprises the steps ofAnd the function value of the maximum point is 1; />For input accuracy, < >>For output accuracy, < >>Is a polynomial with the expression +.>。
In the application, two equation relations are known, two unknown quantities can be accurately obtained, and the degree of the polynomial is required to be made to be an odd degree in order to meet the property of an odd function because the degree is too high and the polynomial is required to be made to be an approximate value of Remez algorithm.
For accurate solving of the polynomials, in the present embodiment, the highest degree of each component polynomial is determined to be 3, and the form of the polynomial is;
According to the relationThe resulting system of equations for solving the polynomial coefficients is:
in the method, in the process of the application,for the output precision of the ith polynomial, +.>And->Is the coefficient of the i-th polynomial.
Further, the method comprises the steps of,
computing polynomialsSo that->Wherein->Obtaining new polynomial coefficients ++>And->;
Computing polynomialsSo that->WhereinAlso new polynomial coefficients are calculated +.>And->;
According to the same steps, finally calculating a polynomialSatisfy->WhereinWith the interval narrowed down to meet the accuracy requirement as termination condition, so that +.>Finally a set of polynomials with a limited number of degree 3 is generated>。
The procedure of the dynamically generated partial component polynomials is shown in fig. 2, where it is noted that the interval boundaries in the image are represented using T. The updating process of the function can be understood as the mapping process of the interval from another angle, and only the mapping range T of the interval is required to be ensured i By gradually shrinking 1, the calculation result within the error precision range can be obtained after iteration of a limited step, and the T of the previous component polynomial can be seen from the image as the next component polynomial。
For a polynomial compound operation part in a ciphertext state, determining an approximate value of a symbol function corresponding to a plaintext to be compared according to the component polynomial; the process comprises the following steps:
firstly, encrypting input plaintext data by using an isomorphic encryption scheme, then, performing polynomial calculation by using a homomorphic addition and homomorphic multiplication operation method, sequentially calculating according to a component polynomial order, obtaining ciphertext output of a symbol function approximation value, calculating a ciphertext result according to an equation relation of the symbol function and a comparison function, and finally, performing decryption operation of the isomorphic scheme on the ciphertext to obtain a final plaintext comparison result.
The method comprises the following specific steps:
firstly, encrypting a plaintext to be compared, and performing homomorphic calculation after obtaining an encrypted ciphertext to obtain an input ciphertext of a component polynomial;
in this embodiment, two plain texts to be compared, namely a and b, are given, and the sizes of the plain texts are determined;
in the application, the plaintext to be compared is scaled to be within the range of the interval [0,1] before encryption; to ensure that the difference between the two plaintext words is within the interval, -1, so as to conform to the definition field, -1, of the symbol function;
namely, when the plaintext input range is in the interval [0,1], directly performing encryption operation as plaintext input;
if the plaintext data to be compared is too large, it is first necessary to divide both data simultaneouslyTo make it zoom in interval [0,1]]In range, then performing encryption as plaintext input;
the application adopts CKKS full homomorphic encryption scheme supporting floating point number approximate calculation to encrypt plaintext, namely, given security parametersInvoking Key Generation Algorithm->Generating a private key sk, a public key pk and a calculation key evk;
further, invoking Enc method, user uses public key pk to make plaintext polynomial m of two plaintext inputs a and b to be homomorphic comparison calculation 1 And m 2 Respectively carrying out isomorphic encryption to obtain ciphertext which is respectivelyAnd。
the homomorphic calculation method comprises the following steps:
and executing multiplication homomorphic operation on the ciphertext of the first plaintext to be compared and the ciphertext of the-1, and executing addition homomorphic operation on the obtained result and the ciphertext of the second plaintext to be compared to obtain the ciphertext of the difference value of the first plaintext to be compared and the ciphertext of the difference value of the second plaintext to be compared, wherein the ciphertext of the difference value of the first plaintext to be compared and the ciphertext of the difference value of the second plaintext to be compared are homomorphic comparison input ciphertexts.
Adding homomorphic operationFor message m 1 And m 2 Ciphertext->And->Calculation is performed using the evaluation key evk, and m is output 1 +m 2 Corresponding ciphertext->;
Multiplication homomorphic operationFor message m 1 And m 2 Ciphertext->And->Calculation is performed using the evaluation key evk, and m is output 1 *m 2 Corresponding ciphertext->;
In this embodiment, ciphertext of plaintext bPerforming multiplication homomorphic operation with ciphertext of-1 to obtain ciphertext-;
Ciphertext using plaintext aCiphertext-/>Performing homomorphism to obtain ciphertext of the difference a-bThe difference is taken as the input ciphertext of the polynomial.
And secondly, substituting the input ciphertext into a component polynomial to perform homomorphic operation, and obtaining a symbol function approximation value corresponding to the plaintext difference value to be compared.
In the step, the input ciphertext is brought into a component polynomial to perform homomorphic operation according to the generated polynomial group, the sequential compound operation is performed according to the generated polynomial sequence, a polynomial compound operation result is obtained, and the result is used as a ciphertext result corresponding to a symbol function of the input ciphertext, and the method specifically comprises the following steps:
using the generated polynomial setsCan get->,,...,/>。
The difference value of ciphertext corresponding to the values a and b of the scaled plaintext to be comparedCarrying out homomorphic operation with the polynomial to perform compound operation, namely calculating compound polynomial +.>;
Post-computation polynomial outputA ciphertext is obtained, which is the ciphertext approximate value corresponding to the sign (a-b) of the symbol function corresponding to a-b in the plaintext, and is recorded as;
FIG. 3 shows a functional diagram after the composition of the component polynomials, the left diagram showingCan see that its image fluctuates in a certain interval, the right graph shows +.>Functional image of h t Is the final approximate function diagram, approximating a sign function. Comparing the two figures, it can be seen that interval u t To 1 is scaled down, indicating that the accuracy of the final approximation is scaled down.
Neighborhood at zeroExcluding this, it can be observed that the polynomial complex t times is almost identical to the image of the sign function.
In order to further optimize the technical scheme, in the embodiment, a ciphertext result of the plaintext to be compared is obtained according to the following formula according to an approximation value of a symbol function corresponding to the plaintext to be compared;
in the method, in the process of the application,and x is the input ciphertext of the polynomial, which is the result of the polynomial compound operation.
The deduction process comprises the following steps:
the comparison operation and the sign function are recorded as:
,
comparison functionAnd sign function->There is the following equation relationship;
,
according to the approximation equationThe following formula can be obtained:
thus, the new comparison algorithm newcomp in the present application can be obtained;
in the last stepIs->Performing homomorphism Add and homomorphism multiply Mult operations, i.e. executing +.>An operation under ciphertext;
output homomorphic comparison operationIs a ciphertext result ct.
In order to further optimize the above-mentioned technical solution,
decrypting the ciphertext result by using a private key to obtain a comparison result corresponding to the plaintext, and specifically comprising the following steps:
the user uses the private key sk pairDecrypting ciphertext ct output after execution is finished, and executing algorithm +.>The message m after ct decryption is obtained, where m is an approximation of the result of the comparison operation performed in the corresponding plaintext, and the decryption scheme used here is the decryption algorithm Dec of the CKKS homomorphic encryption scheme.
In this embodiment, a specific flow of implementation of the full isomorphic encryption homomorphic comparison method is shown in fig. 3, and is generally as follows:
s1, encrypting plaintext data: encrypting a plaintext to be compared to obtain an encrypted ciphertext of the plaintext; homomorphic calculation is carried out on the encrypted ciphertext corresponding to the plaintext, and an input ciphertext is obtained;
s2, dynamically generating a polynomial group: setting input precision and output precision, continuously updating parameters, solving polynomial coefficients, and finally dynamically generating a group of component polynomials;
s3, polynomial fitting approximate symbol function: carrying out homomorphic operation on the input ciphertext by taking the input ciphertext into a component polynomial according to the generated polynomial group, and sequentially carrying out compound operation according to the generated polynomial sequence to obtain a polynomial compound operation result which is used as a ciphertext result corresponding to a symbol function of the input ciphertext;
s4, obtaining a comparison result ciphertext: homomorphic calculation is carried out on the obtained ciphertext result by utilizing the equation relation corresponding to the symbol function and the comparison function, and a homomorphic comparison ciphertext result is obtained;
s5, decrypting the ciphertext result: and decrypting the ciphertext result by using the private key to obtain a comparison result corresponding to the plaintext.
The method for approximating the comparison function by utilizing the dynamic polynomial composite approximation sign function can effectively overcome the problems in the prior art, thereby reducing the calculation complexity, reducing homomorphic operation times and reducing the calculation time.
Example two
The embodiment discloses a ciphertext homomorphic comparing device based on homomorphic encryption, which comprises,
a component polynomial determining unit for determining a component polynomial according to the input precision and the output precision as follows;
wherein, the liquid crystal display device comprises a liquid crystal display device,,/>for input accuracy, < >>For the output precision of the t-th polynomial, < >>The expression of t is +.>,/>And->Coefficients that are polynomials;
and the approximate value determining unit is used for determining the approximate value of the symbol function corresponding to the plaintext to be compared according to the component polynomial.
In one embodiment, the method further comprises
The ciphertext result obtaining unit is used for obtaining a ciphertext result of the plaintext to be compared according to the following formula and the approximate value of the symbol function corresponding to the plaintext to be compared;
in the method, in the process of the application,is a polynomialAnd (3) compounding an operation result, wherein x is an input ciphertext of the polynomial.
Example III
The embodiment discloses a ciphertext homomorphic comparison chip based on homomorphic encryption, wherein a ciphertext homomorphic comparison device based on homomorphic encryption is arranged in the chip, and the following complete homomorphic comparison algorithm is executed;
s1, encrypting a plaintext to be compared to obtain an encrypted ciphertext of the plaintext;
s2, homomorphic calculation is carried out on the ciphertext corresponding to the plaintext, and an input ciphertext is obtained;
s3, setting input precision and output precision, continuously updating parameters, solving polynomial coefficients, and finally dynamically generating a group of component polynomials;
s4, carrying the input ciphertext into a component polynomial to perform homomorphic operation according to the generated polynomial set, and performing sequential compound operation according to the generated polynomial sequence to obtain a polynomial compound operation result which is used as a ciphertext result corresponding to a symbol function of the input ciphertext;
s5, homomorphic calculation is carried out on the obtained ciphertext result by utilizing the equation relation corresponding to the symbol function and the comparison function, and a homomorphic comparison ciphertext result is obtained;
s6, decrypting the ciphertext result by using the private key to obtain a comparison result corresponding to the plaintext.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. A ciphertext homomorphic comparison method based on homomorphic encryption is characterized by comprising the following steps of
Determining a component polynomial according to the input precision and the output precision and the following formula;
h t ([a t-1 ,1])=[a t ,1]
wherein a is t =h t (a t-1 )=h t (h t-1 (h t-2 …h 1 (e))), e is input precision, a t The output precision of the t th polynomial, h t The expression c is the t polynomial t x n +d t x,c t And d t Coefficients that are polynomials; and the equation set for solving the polynomial coefficients is:
wherein a is i For the output precision of the ith polynomial, c i And d i Coefficients for the ith polynomial;
and determining the approximate value of the symbol function corresponding to the plaintext to be compared according to the component polynomial.
2. The method for homomorphic comparison of ciphertext based on homomorphic encryption of claim 1, wherein the polynomial h is initialized 1 Maximizing the derivative at 0 is satisfied such that h 1 ([∈,1])=[a 1 ,1]And thereby determine the polynomial h 1 Coefficient c of (2) 1 And d 1 ;
Wherein a is 1 =h 1 (e), and the function value of the maximum point is 1; e is input precision, alpha is output precision, h 1 Is a polynomial, and the expression is c 1 x n +d 1 x。
3. The method of homomorphic comparison of ciphertext based on homomorphic encryption of claim 1, wherein the degree n of the component polynomial is fixed to 3.
4. The method of homomorphic comparison of ciphertext based on homomorphic encryption of claim 1, wherein determining an approximation of a corresponding symbol function of plaintext to be compared based on the component polynomial comprises:
encrypting the plaintext to be compared, and performing homomorphic calculation after obtaining an encrypted ciphertext to obtain an input ciphertext of a component polynomial;
substituting the input ciphertext into the component polynomial to perform homomorphic operation to obtain a symbol function approximation value corresponding to the plaintext difference value to be compared.
5. The method for homomorphic comparison of ciphertext based on homomorphic encryption of claim 4, wherein the plaintext to be compared is scaled to within the interval of [0,1] before encryption.
6. The homomorphic comparing method of ciphertext based on homomorphic encryption of claim 4, wherein the homomorphic calculating of the encrypted ciphertext comprises:
and executing multiplication homomorphic operation on the ciphertext of the first plaintext to be compared and the ciphertext of the-1, and executing addition homomorphic operation on the obtained result and the ciphertext of the second plaintext to be compared to obtain the ciphertext of the difference value of the first plaintext to be compared and the ciphertext of the difference value of the second plaintext to be compared, wherein the ciphertext of the difference value of the first plaintext to be compared and the ciphertext of the difference value of the second plaintext to be compared are homomorphic comparison input ciphertexts.
7. The homomorphic comparison method of ciphertext based on homomorphic encryption of claim 1, wherein the ciphertext result of the plaintext to be compared is obtained according to the approximation of the corresponding symbol function of the plaintext to be compared according to the following formula;
in the method, in the process of the application,and x is the input ciphertext of the polynomial, which is the result of the polynomial compound operation.
8. A ciphertext homomorphic comparison device based on homomorphic encryption is characterized by comprising,
a component polynomial determining unit for determining a component polynomial according to the input precision and the output precision as follows; polynomial h t Coefficient c of (2) t And d t ;
h t ([a t-1 ,1])=[a t ,1]
Wherein a is t =h t (a t-1 )=h t (h t-1 (h t-2 ...h 1 (e))), e is input precision, a t The output precision of the t th polynomial, h t The expression c is the t polynomial t x n +d t x,c t And d t Coefficients that are polynomials; and the equation set for solving the polynomial coefficients is:
wherein a is i For the output precision of the ith polynomial, c i And d i Coefficients for the ith polynomial;
and the approximate value determining unit is used for determining the approximate value of the symbol function corresponding to the plaintext to be compared according to the component polynomial.
9. The homomorphic ciphertext comparison device based on homomorphic encryption of claim 8, further comprising
The ciphertext result obtaining unit is used for obtaining a ciphertext result of the plaintext to be compared according to the following formula and the approximate value of the symbol function corresponding to the plaintext to be compared;
in the method, in the process of the application,and x is the input ciphertext of the polynomial, which is the result of the polynomial compound operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311062444.3A CN116776359B (en) | 2023-08-23 | 2023-08-23 | Ciphertext homomorphic comparison method and device based on homomorphic encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311062444.3A CN116776359B (en) | 2023-08-23 | 2023-08-23 | Ciphertext homomorphic comparison method and device based on homomorphic encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116776359A CN116776359A (en) | 2023-09-19 |
| CN116776359B true CN116776359B (en) | 2023-11-03 |
Family
ID=88012012
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311062444.3A Active CN116776359B (en) | 2023-08-23 | 2023-08-23 | Ciphertext homomorphic comparison method and device based on homomorphic encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116776359B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113541916A (en) * | 2020-04-16 | 2021-10-22 | 三星电子株式会社 | Ciphertext processing method and device based on homomorphic encryption |
| KR20210135075A (en) * | 2020-05-04 | 2021-11-12 | 삼성전자주식회사 | Device of performing homomorphic encryption and decryption, system including the same, method of performing homomorphic encryption and decryption |
| CN115208548A (en) * | 2021-04-07 | 2022-10-18 | 加密实验室公司 | Apparatus for processing non-polynomial operation on homomorphic encrypted message and method thereof |
| CN115276948A (en) * | 2022-07-20 | 2022-11-01 | 京信数据科技有限公司 | Homomorphic encryption calculation method and system |
-
2023
- 2023-08-23 CN CN202311062444.3A patent/CN116776359B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113541916A (en) * | 2020-04-16 | 2021-10-22 | 三星电子株式会社 | Ciphertext processing method and device based on homomorphic encryption |
| KR20210135075A (en) * | 2020-05-04 | 2021-11-12 | 삼성전자주식회사 | Device of performing homomorphic encryption and decryption, system including the same, method of performing homomorphic encryption and decryption |
| CN115208548A (en) * | 2021-04-07 | 2022-10-18 | 加密实验室公司 | Apparatus for processing non-polynomial operation on homomorphic encrypted message and method thereof |
| CN115276948A (en) * | 2022-07-20 | 2022-11-01 | 京信数据科技有限公司 | Homomorphic encryption calculation method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116776359A (en) | 2023-09-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sathya et al. | A review of homomorphic encryption libraries for secure computation | |
| Adleman et al. | On taking roots in finite fields | |
| US20210256165A1 (en) | Protecting parallel multiplication operations from external monitoring attacks | |
| US8428252B1 (en) | Using multiples above two with running totals in elliptic curve cryptography scalar multiplication acceleration tables | |
| Bian et al. | ENSEI: Efficient secure inference via frequency-domain homomorphic convolution for privacy-preserving visual recognition | |
| US10680810B2 (en) | Method of generating an elliptic curve cryptographic key pair | |
| US8805913B2 (en) | Method of evaluating a function and associated device | |
| WO2019242562A1 (en) | Elliptic curve point multiplication operation method and apparatus | |
| JP2001526416A (en) | Conversion method for optimization of elliptic curve encryption operation | |
| US9722773B2 (en) | Method of determining a representation of a product of a first element and a second element of a finite set, method of evaluating a function applied to an element of a finite set and associated devices | |
| CN107896142B (en) | Method and device for executing modular exponentiation and computer readable storage medium | |
| Jalali et al. | ARMv8 SIKE: Optimized supersingular isogeny key encapsulation on ARMv8 processors | |
| JP3794266B2 (en) | Elliptic curve scalar multiplication method and apparatus, and storage medium | |
| CN116776359B (en) | Ciphertext homomorphic comparison method and device based on homomorphic encryption | |
| Vijayakumar et al. | Comparative study of hyperelliptic curve cryptosystem over prime field and its survey | |
| CN111526000B (en) | Parallel part homomorphic encryption method and system based on confusion model projection | |
| CN108347334B (en) | Method for generating a cryptographic key pair | |
| CN106452726B (en) | S-shaped box and construction method thereof | |
| CN115865302A (en) | Multi-party matrix multiplication method with privacy protection attribute | |
| TWI731770B (en) | Computer system | |
| CN111756518B (en) | Color image encryption method based on memristor hyperchaotic system | |
| Zhang et al. | Image Encryption Method Based on Discrete Lorenz Chaotic Sequences. | |
| US11206136B1 (en) | Method for multiplying polynomials for a cryptographic operation | |
| Babenko et al. | Euclidean division method for the homomorphic scheme ckks | |
| Troncoso-Pastoriza et al. | Secure genomic susceptibility testing based on lattice encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240205 Address after: Room A-8961, Building 3, No. 20 Yong'an Road, Shilong Economic Development Zone, Mentougou District, Beijing, 100000 (cluster registration) Patentee after: Beijing Hidden Computing Technology Co.,Ltd. Country or region after: China Address before: 100070 Beijing city Fengtai District Fung Fu Road No. 7 Patentee before: BEIJING ELECTRONIC SCIENCE AND TECHNOLOGY INSTITUTE Country or region before: China |