CN117459215A

CN117459215A - Questionnaire evaluation method, statistical system, terminal and medium based on homomorphic encryption

Info

Publication number: CN117459215A
Application number: CN202311800307.5A
Authority: CN
Inventors: 宗瑞; 彭诗煜; 幺宝刚
Original assignee: International Digital Economy Academy IDEA
Current assignee: International Digital Economy Academy IDEA
Priority date: 2023-12-26
Filing date: 2023-12-26
Publication date: 2024-01-26
Anticipated expiration: 2043-12-26
Also published as: CN117459215B

Abstract

The invention discloses a questionnaire evaluation method, a statistical system, a terminal and a medium based on homomorphic encryption. The server generates an endpoint vector ciphertext according to the endpoints of the score sections of the evaluation questionnaire, then utilizes the client to determine the score sections corresponding to the evaluation results according to the score ciphertext and the endpoint vector ciphertext, generates a result vector ciphertext, and obtains the score sections corresponding to the evaluation results by comparing the result vector ciphertext with the endpoint vector ciphertext, multiplies the comparison result vector with the evaluation conclusion vector, obtains an evaluation result ciphertext, and sends the evaluation result ciphertext to the client for decryption and display. By adopting ciphertext in various vector forms corresponding to the score section and utilizing client cooperation, the calculation speed is high and the calculation accuracy is high.

Description

Questionnaire evaluation method, statistical system, terminal and medium based on homomorphic encryption

Technical Field

The invention relates to the technical field of questionnaire evaluation, in particular to a questionnaire evaluation method, a statistical system, a terminal and a medium based on isomorphic encryption.

Background

Psychological assessment plays a key role in fields such as recruitment, medical diagnosis, education, etc., and various psychological assessment software has been developed, such as northern sen, moka, flybooks, etc., but with digitization and sharing of data, personal privacy protection has become a non-negligible issue.

The traditional psychological assessment software consists of a client and a server, and is used for processing plaintext data directly at the server for the convenience of research and calculation, storing answers and assessment results of users in a plaintext form, and presenting data leakage and privacy risks.

At present, related researches apply isomorphic encryption to a psychological assessment system, and although the method can better prevent data leakage and protect privacy, the ciphertext carries noise, and the noise accumulation is caused by multiple operations, so that the accuracy of a calculation result is affected; meanwhile, the calculation of the ciphertext increases the calculation complexity, reduces the calculation speed of the system and influences the efficiency.

Disclosure of Invention

The invention mainly aims to provide a questionnaire evaluation method, a questionnaire evaluation statistical system, an intelligent terminal and a computer readable storage medium based on isomorphic encryption, which can solve the problems of low calculation efficiency and low calculation precision when the questionnaire evaluation is performed by using the isomorphic encryption.

In order to achieve the above object, a first aspect of the present invention provides a questionnaire evaluation method based on homomorphic encryption, applied to a client, the method comprising:

receiving an assessment questionnaire and encryption parameters;

generating a public key, a private key, a re-linear key for homomorphic operation and a rotating key according to the encryption parameters;

obtaining an evaluation result according to an evaluation questionnaire, binarizing the evaluation result, and converting the evaluation result into a binary format to obtain a result vector;

encrypting the result vector by bits by adopting the public key to obtain a result ciphertext;

the result ciphertext, the re-linear key and the rotating key are sent to a server;

responding to a received score ciphertext and an endpoint vector ciphertext formed by endpoints of a score section, obtaining a result vector ciphertext according to the score ciphertext and the endpoint vector ciphertext, and sending the result vector ciphertext and the endpoint vector ciphertext to a server, wherein the score ciphertext is calculated by the server according to the result ciphertext;

and responding to the received evaluation result ciphertext, and decrypting the evaluation result ciphertext according to the private key to obtain an evaluation result plaintext.

Optionally, the obtaining a result vector ciphertext according to the score ciphertext and the endpoint vector ciphertext includes:

Decrypting the score ciphertext and the endpoint vector ciphertext according to the private key to obtain a score plaintext and an endpoint vector plaintext;

obtaining a result vector plaintext according to the score plaintext and the endpoint vector plaintext;

converting the result vector plaintext into a binary format, and encrypting the result vector plaintext according to the public key by bits to obtain the result vector ciphertext;

and converting the endpoint vector plaintext into a binary format, encrypting the endpoint vector plaintext according to the public key by bits, and updating the endpoint vector ciphertext according to an encryption result.

Optionally, after the evaluation result is obtained, the evaluation result and the evaluation volume are saved to obtain evaluation data; when a query condition ciphertext is received, encrypting the evaluation data according to the public key to obtain an evaluation data ciphertext; inquiring the evaluation data ciphertext according to the inquiry condition ciphertext to obtain an inquiry vector; and accumulating the query vector by adopting the rotating key to obtain an accumulated value ciphertext, and transmitting the accumulated value ciphertext to a server.

Optionally, the accumulating the query vector by using the rotation key to obtain an accumulated value ciphertext includes:

Shifting the query vector one bit to the left according to the rotation key to obtain a left shift vector;

obtaining a first accumulated vector according to the query vector and the left shift vector;

sequentially adding the left shift vector and the first accumulated vector in sequence, and updating the first accumulated vector according to the addition result to obtain an updated accumulated vector;

according to the length of the query vector, the left shift vector and the updated accumulated vector are updated in sequence until all elements in the updated accumulated vector are the same, and an accumulated vector result is obtained;

and homomorphic encryption is carried out on the first element in the accumulated vector result by adopting the public key, so as to obtain the accumulated value ciphertext.

The second aspect of the invention provides a questionnaire evaluation method based on isomorphic encryption, which is applied to a server, and comprises the following steps:

responding to a received evaluation questionnaire request, acquiring an evaluation questionnaire and encryption parameters, and sending the evaluation questionnaire and the encryption parameters to a client;

responding to the received result ciphertext, and carrying out homomorphic operation on the result ciphertext according to an operation rule corresponding to the evaluation questionnaire to obtain a score ciphertext; acquiring a score section corresponding to the evaluation questionnaire, generating an endpoint vector according to the score section, and carrying out homomorphic encryption to obtain an endpoint vector ciphertext; the score ciphertext and the endpoint vector ciphertext are sent to a client;

Responding to the received result vector ciphertext and endpoint vector ciphertext, and comparing the result vector ciphertext with the endpoint vector ciphertext to obtain a comparison result vector; acquiring an evaluation conclusion vector corresponding to the evaluation questionnaire; and calculating the comparison result vector and the evaluation conclusion vector, obtaining an evaluation result ciphertext and sending the evaluation result ciphertext to the client.

Optionally, the comparing the result vector ciphertext with the endpoint vector ciphertext to obtain a comparison result vector includes:

sequentially comparing the elements in the result vector secret with the elements in the endpoint vector secret, setting the element with the current sequence number in the comparison result vector to be 1 when the comparison result is the same, otherwise, setting the element with the current sequence number in the comparison result vector to be 0 to obtain the comparison result vector; the number of elements of the comparison result vector is the same as the number of elements of the endpoint vector ciphertext.

Optionally, comparing the second element of the result vector ciphertext with the first element of the endpoint vector ciphertext to obtain the comparison result includes:

subtracting the first element and the second element according to the bit to obtain a bit vector;

solving an interpolation function based on the bit vector to obtain a target vector;

Shifting the target vector one bit left by adopting a rotating key to obtain a left shift vector, multiplying the left shift vector by the target vector according to the bit to obtain a multiplication result, updating the multiplication result into the target vector, shifting the left shift vector one bit left by adopting the rotating key, updating the left shift vector, multiplying the updated left shift vector by the target vector according to the bit to update the target vector until the accumulated left shift times is equal to the length of the bit vector;

when all elements in the target vector are zero, judging that the first element and the second element are different; otherwise, the first element and the second element are judged to be the same.

Optionally, when the server performs homomorphic multiplication operation, the server uses the re-linear key to control the ciphertext scale in homomorphic operation.

A third aspect of the present invention provides a questionnaire evaluation statistical system based on homomorphic encryption, the system comprising: the system comprises a client, a server and a third-party research institution;

the third-party research institution is provided with a client selection module, a statistical analysis module and a decryption module;

the client selection module is used for determining a client list participating in statistical analysis and sending the client list to the server;

The statistical analysis module is used for carrying out homomorphic operation on all inquiry result ciphertext according to a preset rule when receiving the inquiry result ciphertext of all clients in the client list, obtaining a statistical result ciphertext and sending the statistical result ciphertext to the server;

the decryption module is used for decrypting the joint decryption result received from the server to obtain a statistical analysis result;

the client is provided with a query module and a key generation module;

the key generation module is used for generating a public key, a private key, a re-linear key and a rotating key for homomorphic operation according to the received encryption parameters;

the query module is used for carrying out query and statistics in the stored evaluation data according to the received query condition ciphertext, obtaining a query result plaintext, converting the query result plaintext into a binary format, carrying out homomorphic encryption on the query result plaintext according to the public key, obtaining a query result ciphertext, and sending the query result ciphertext to the server;

the server is provided with a joint decryption module;

and the joint decryption module is used for interacting with each client in the client list when the statistic result ciphertext is received from the third-party research institution so as to respectively and partially decrypt the statistic result ciphertext by utilizing each client to obtain a joint decryption result, and transmitting the joint decryption result to the third-party research institution.

Optionally, the statistical analysis module comprises a mean value obtaining unit and a variance obtaining unit;

the average value solving unit is used for splicing the query result ciphertext of all the clients to obtain a spliced vector, accumulating the spliced vector by adopting a rotating key to obtain an accumulated value, and multiplying the accumulated value by the reciprocal of the total number of the clients in the client list to obtain an average value result;

the variance calculating unit is used for obtaining a variance result according to the query result ciphertext of each client and the mean value result.

A fourth aspect of the present invention provides an intelligent terminal, where the intelligent terminal includes a memory, a processor, and an isohomomorphic encryption-based questionnaire evaluation program stored in the memory and executable on the processor, and the isomorphic encryption-based questionnaire evaluation program implements any one of the steps of the isomorphic encryption-based questionnaire evaluation method when executed by the processor.

A fifth aspect of the present invention provides a computer-readable storage medium having stored thereon a full homomorphic encryption-based questionnaire evaluation program, which when executed by a processor, implements any one of the steps of the full homomorphic encryption-based questionnaire evaluation method.

From the above, the client side converts the questionnaire evaluation result into the binary format result ciphertext, and the server side carries out homomorphic operation on the result ciphertext according to the operation rule to obtain the score ciphertext, so that the operation is simple and convenient. The server generates an endpoint vector ciphertext according to the endpoints of the score sections of the evaluation questionnaire, then utilizes the client to determine the score sections corresponding to the evaluation results according to the score ciphertext and the endpoint vector ciphertext, generates a result vector ciphertext, obtains the score sections corresponding to the evaluation results by comparing the result vector ciphertext with the endpoint vector ciphertext, multiplies the comparison result vector with the evaluation result vector, obtains the evaluation result ciphertext, and sends the evaluation result ciphertext to the client for decryption and display. By adopting ciphertext in various vector forms corresponding to the score section and utilizing client cooperation, the calculation speed is high and the calculation accuracy is high.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic flow chart of a questionnaire evaluation method based on isomorphic encryption, which is provided by the embodiment of the invention, running on a client;

FIG. 2 is a schematic flow chart of a score segment in which the identification score is provided according to an embodiment of the present invention;

fig. 3 is a schematic flow chart of a questionnaire evaluation method based on isomorphic encryption running on a server according to an embodiment of the present invention;

FIG. 4 is a flowchart of a comparison of a first element in a endpoint vector ciphertext and a second element of a result vector ciphertext according to an embodiment of the invention;

FIG. 5 is a functional schematic diagram of joint decryption provided by an embodiment of the present invention;

fig. 6 is a schematic block diagram of an internal structure of an intelligent terminal according to an embodiment of the present invention.

Detailed Description

In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.

It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

It is also to be understood that the terminology used in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.

It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.

As used in this specification and the appended claims, the term "if" may be interpreted in context as "when …" or "upon" or "in response to a determination" or "in response to detection. Similarly, the phrase "if a condition or event described is determined" or "if a condition or event described is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a condition or event described" or "in response to detection of a condition or event described".

The following description of the embodiments of the present invention will be made more fully hereinafter with reference to the accompanying drawings, in which embodiments of the invention are shown, it being evident that the embodiments described are only some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways other than those described herein, and persons skilled in the art will readily appreciate that the present invention is not limited to the specific embodiments disclosed below.

The questionnaire evaluation system mainly comprises a client and a server. The server monitors the connection request of the client, processes the request or data sent by the client, executes corresponding business logic, and returns the processing result to the requesting client. The client provides an interactive interface for the user, sends the data of the user to the server, and receives and processes the response returned by the server.

Calculations are performed on the encrypted data using fully homomorphic encryption techniques such that the data remains encrypted at all times and unauthorized service providers cannot access or view the clear content of the data. Providing strong privacy protection during data transmission, storage and processing.

However, since homomorphic encryption requires complex mathematical operations, only limited computational operations are supported; and the ciphertext carries noise, and multiple operations lead to noise accumulation, thereby affecting the accuracy of the calculation result. Therefore, although the privacy disclosure risk brought by the traditional encryption method is avoided, the calculation efficiency of questionnaire evaluation is low, and the accuracy of the calculation result is affected.

In order to improve the calculation efficiency and calculation accuracy when the full homomorphic encryption is applied to questionnaire evaluation, the questionnaire evaluation result is converted into the binary format, score statistics can be conveniently carried out according to the operation rule, the score section is determined by adopting the ciphertext in the vector form corresponding to the score section and utilizing the client to cooperate, the operation speed is high, and the calculation accuracy is high.

The embodiment of the invention provides a questionnaire evaluation method based on isomorphic encryption, which is used for realizing safe psychological questionnaire evaluation. It should be emphasized that the questionnaire evaluation method of the present invention is not limited to psychological questionnaire evaluation, but may be used in other questionnaire evaluation.

When running on a client, as shown in fig. 1, the present embodiment includes the following steps:

step S100: receiving an assessment questionnaire and encryption parameters;

step S200: generating a public key, a private key, a re-linear key and a rotating key for homomorphic operation according to the encryption parameters;

and after the user selects the questionnaire on the interactive interface, sending a questionnaire request to the server, and acquiring the questionnaire from the server. In order to improve the security of data storage and transmission, the embodiment designs corresponding encryption parameters for each evaluation volume. Encryption parameters are used to generate public keysPrivate key->Re-linear key->And rotation key->Wherein the re-linear key->And rotation key->For subsequent homomorphic operation.

Step S300: obtaining an evaluation result according to the evaluation volume, binarizing the evaluation result, and converting the evaluation result into a binary format to obtain a result vector;

binarization of the questionnaire evaluation results refers to: a boolean value of 0 or 1 is used to indicate whether the individual options of the questionnaire are selected, for example: assuming that there are four options for a title, [ A, B, C, D ], when B is selected, the evaluation result can be described as [0,1, 0], and then the evaluation result is converted into a binary format to be 0100. After the evaluation is completed, all the evaluation results are converted into binary format to obtain result vectors, e.g., [0100, 1000, 0100, 0010].

At present, homomorphic encryption generally only supports limited computing operation, and may not meet the complex data processing requirement in a questionnaire evaluation system, so that the functions and flexibility of the system are limited. By converting the evaluation result into a binary format without directly using an ASCII code corresponding to A, B, C, D, the subsequent ciphertext comparison and homomorphic operation are more convenient.

Step S400: encrypting the result vector by bits by adopting a public key to obtain a result ciphertext;

using public keysBit-encrypting the binary evaluation result into corresponding ciphertext to obtain a result ciphertext ++>. For example: result vector [0100, 1000, 0100, 0010]Conversion to a junctionFruit ciphertext [>，/>，/>，/>]。

Step S500: the result ciphertext, the re-linear key and the rotating key are sent to a server;

obtaining result ciphertextAfter that, the client side adds the result ciphertext->The re-linear key required for ciphertext operations +.>And rotation key->Packaging and sending to a server side, wherein the server side obtains ciphertext ++>Statistics are performed to calculate a score ciphertext (e.g., ciphertext corresponding to score plaintext 81).

Step S600: responding to the received score ciphertext and an endpoint vector ciphertext formed by endpoints of the score section, obtaining a result vector ciphertext according to the score ciphertext and the endpoint vector ciphertext, and sending the result vector ciphertext and the endpoint vector ciphertext to a server, wherein the score ciphertext is obtained by the server according to the result ciphertext;

The endpoint vector ciphertext is composed of endpoints of the score segment, and may be lower endpoints or upper endpoints. For example: the score section is { [75, 80), [80, 85), [85, 90), [90, 95) }, and when the endpoint is removed, the endpoint vector ciphertext is the ciphertext corresponding to plaintext [75, 80, 85, 90 ].

Because complex mathematical operation is needed for homomorphic operation, the calculation cost is high, and the performance and response speed of the questionnaire evaluation system can be affected. Therefore, the client is utilized to assist in determining the score segment in which the score is located. Specifically, after receiving the score ciphertext and the endpoint vector ciphertext sent by the server, the client processes the score ciphertext and the endpoint vector ciphertext, and uses the score ciphertext to replace the nearest element which satisfies the preset rule in the endpoint vector ciphertext to identify the score section where the score is located, so as to obtain the result vector ciphertext. Assume that: the endpoint vector ciphertext of the lower endpoint is ciphertext corresponding to plaintext [75, 80, 85, 90], the score ciphertext is ciphertext corresponding to score plaintext 81, the preset rule is that the score ciphertext is larger than an element in the endpoint vector ciphertext, and the result vector ciphertext is ciphertext corresponding to plaintext [75, 81, 85, 90 ].

In this embodiment, as shown in fig. 2, according to the score ciphertext and the endpoint vector ciphertext, a result vector ciphertext for identifying a score section where the score is located is obtained, which specifically includes the steps of:

Step S610: decrypting the score ciphertext and the endpoint vector ciphertext according to the private key to obtain a score plaintext and an endpoint vector plaintext;

step S620: obtaining a result vector plaintext according to the score plaintext and the endpoint vector plaintext;

firstly, decrypting a score ciphertext and an endpoint vector ciphertext by using a private key, respectively obtaining a score plaintext and an endpoint vector plaintext, searching each element of the endpoint vector plaintext in a plaintext state, determining an element which meets a preset rule and is closest to the score plaintext, replacing the element by using the score plaintext, and identifying a score section where a score is located by using the change of the element to obtain a result vector plaintext, wherein [75, 81, 85, 90] in the example is obtained;

step S630: converting the result vector plaintext into a binary format, and encrypting the result vector plaintext according to the public key by bits to obtain a result vector ciphertext;

step S640: and converting the endpoint vector plaintext into a binary format, encrypting the endpoint vector plaintext according to the public key by bits, and updating the endpoint vector ciphertext according to the encryption result.

The server side needs to compare the result vector ciphertext with the endpoint vector ciphertext to obtain a score section where the score is located, so that the comparison is more convenient, the result vector plaintext is converted into a binary format, and then the result vector ciphertext is obtained by using a public key to encrypt the result vector plaintext in bits; similarly, the endpoint vector plaintext is converted to binary format, then encrypted by bits using a public key to obtain an encryption result, and the endpoint vector ciphertext is updated using the encryption result.

Step S700: and in response to the received test result ciphertext, decrypting the test result ciphertext according to the private key to obtain a test result plaintext.

The evaluation result is: overall evaluation results made from answers to the questionnaire, for example: for 16 personality factor questionnaires, one of the evaluation results was: "free open" and the like. When receiving the test result ciphertext sent by the serverWhen the client uses the private key +.>Decrypting and judging the result ciphertext ++>And converting the result text into an evaluation result text, and presenting the evaluation result text to a user.

Because the invention stores the evaluation data (the evaluation volume, the encryption parameters corresponding to the evaluation volume, the public key, the private key, the evaluation result, and the like) locally, when the evaluation volume performs statistical analysis, for example, a third-party research institution needs to retrieve the evaluation data of a plurality of clients to perform comprehensive statistical analysis, at this time, the clients are required to have a query function, and the queried data is encrypted into ciphertext and sent to the third-party research institution.

In one example, when a query condition ciphertext (e.g., plaintext: ciphertext corresponding to age < 16) is received, the evaluation data is encrypted according to a public key to obtain an evaluation data ciphertext, then a query field (age) in the query condition ciphertext, a comparison condition (< 16) and data of a field and a column in which the field is located in the evaluation data ciphertext are compared to obtain a query vector, the query vector identifies data satisfying a numerical range in all data of the column in which the field is located, and the query vector is [1, 0,1] assuming that the column data has 4 data in total.

And then the rotation key is adopted to accumulate the query vector, an accumulated value ciphertext (the accumulated value of the number of people with the age of < 16) is obtained, and the accumulated value ciphertext is sent to the server. When encrypting the text and the letters in the query condition and the field in the local evaluation data, the text and the letters are converted into ascii codes and then binary encryption is carried out.

In one example, in the above step, the query vector is accumulated by using the rotation key to obtain the accumulated value ciphertext, which specifically includes: setting the query vector [1, 0] as a left shift vector and an accumulated vector; shifting the left shift vector one bit left by using the rotation key, the left shift vector becomes [1,0, 1]; sequentially adding the left shift vector and the accumulated vector [1, 0] to obtain an addition result [2,1,0,1], and updating the accumulated vector to obtain the addition result; then, the left shift vector is shifted one bit to the left, the left shift vector becomes [0, 1], and the left shift vector is sequentially added with the accumulated vector [2,1,0,1] to obtain a new accumulated vector [2,1,1,2], the left shift operation is repeated, and finally the accumulated vector is [2, 2], namely all elements in the accumulated vector are the same. The query vector [1, 0] indicates that 2 items of data satisfy the query condition, and at this time, each element in the cumulative vector is the same as the cumulative value of the number of data satisfying the query condition. And homomorphic encryption is carried out on the first element in the accumulated vector by adopting the public key, so as to obtain an accumulated value ciphertext.

When the questionnaire evaluation method based on isomorphic encryption in the embodiment of the invention is operated at a server, as shown in fig. 3, the method comprises the following steps:

step P100: responding to the received evaluation questionnaire request, acquiring an evaluation questionnaire and encryption parameters, and sending the evaluation questionnaire and the encryption parameters to a client;

the server side predefines the psychological assessment questionnaireAnd sets the corresponding encryption parameter for the questionnaire +.>. When receiving an evaluation questionnaire request sent by a client, reading the evaluation questionnaire and encryption parameters corresponding to the evaluation questionnaire from a database, and then sending the evaluation questionnaire and the encryption parameters to the client.

Step P200: responding to the received result ciphertext, and carrying out homomorphic operation on the result ciphertext according to an operation rule corresponding to the evaluation questionnaire to obtain a score ciphertext; acquiring a score section corresponding to the evaluation questionnaire, generating an endpoint vector according to the score section, and carrying out homomorphic encryption to obtain an endpoint vector ciphertext; sending the score ciphertext and the endpoint vector ciphertext to the client;

the rules of calculation of score statistics are different for different questionnaires. For example, in processing a 16 personality factor questionnaire (16 PF), the operational rules involve a complex calculation of weighted scores for answer options, including 16 dimensions (e.g., exotic, anxious, abstract thinking, etc.); whereas for the beck depression scale (BDI), the calculation rules include scoring the severity of each item and weighting the scores on the basis of this, ultimately determining the overall depression level.

After receiving the result ciphertext sent by the client, determining an operation rule according to the evaluation questionnaire, performing homomorphic operation according to the operation rule, and finally obtaining a score ciphertext. Then, the score section corresponding to the evaluation result of the evaluation questionnaire is read, for example, the score section is { [75, 80), [80, 85), [85, 90), [90, 95) }, wherein [75, 80) corresponds to the evaluation result a, [80, 85) corresponds to the evaluation result B, and so on. Selecting a lower endpoint to obtain an endpoint vector [75, 80, 85, 90], homomorphic encrypting the endpoint vector by adopting a public key to obtain an endpoint vector ciphertext, transmitting the endpoint vector ciphertext and a score ciphertext to a client, and utilizing the client to assist in determining a score section corresponding to the score ciphertext.

By designing the score ciphertext and the endpoint vector ciphertext, a higher level of privacy protection is provided for individuals. Meanwhile, the questionnaire design (scoring rules and score dividing ranges) of the server side is not exposed, and privacy protection is more comprehensive.

Step P300: responding to the received result vector ciphertext and endpoint vector ciphertext, and comparing the result vector ciphertext with the endpoint vector ciphertext to obtain a comparison result vector; acquiring an evaluation conclusion vector corresponding to the evaluation questionnaire; and calculating a comparison result vector and an evaluation conclusion vector, obtaining an evaluation result ciphertext and sending the evaluation result ciphertext to the client.

After receiving the result vector ciphertext and the endpoint vector ciphertext sent by the client, the score section where the evaluation value is located can be determined by comparing the endpoint vector ciphertext and the result vector ciphertext. Specifically, a comparison result vector with the same number of elements as that of the endpoint vector ciphertext is constructed, and the elements in the endpoint vector ciphertext and the elements in the result vector ciphertext are sequentially compared (for example, the first element in the endpoint vector ciphertext and the first element in the result vector ciphertext are compared), when the comparison results are the same, the element with the current sequence number in the comparison result vector is set to be 1, otherwise, the element with the current sequence number in the comparison result vector is set to be 0. For example: the plaintext corresponding to the endpoint vector ciphertext is [75, 80, 85, 90], the plaintext corresponding to the result vector ciphertext is [75, 81, 85, 90], the second element is different, the comparison result vector is [0,1, 0], and the score section where the measurement score is located is also the second section.

Then, reading an evaluation conclusion vector corresponding to the evaluation questionnaire from the database according to the evaluation questionnaire, and multiplying the comparison result vector and the evaluation conclusion vector by element level, namely: if the element at a certain position in the comparison result vector is 0, the product result corresponding to the position is 0 under the ciphertext, if the element at a certain position in the comparison result vector is 1, the product result corresponding to the position is the ciphertext corresponding to the evaluation conclusion vector, and all the product results are accumulated, so that the evaluation result ciphertext can be obtained and sent to the client. Illustratively, the comparison result vector is [0,1, 0]; the evaluation conclusion vector is [ a, b, c, d ], and the evaluation conclusion vector is multiplied with the comparison result vector by bits to obtain an evaluation result b.

In this embodiment, as shown in fig. 4, comparing a first element in the endpoint vector ciphertext with a second element in the result vector ciphertext to obtain a comparison result, and the specific steps include:

step P310: subtracting the first element and the second element according to the bit to obtain a bit vector;

step P320: solving an interpolation function based on the bit vector to obtain a target vector;

step P330: shifting the target vector by one bit leftwards by adopting a rotating key to obtain a leftwards shifting vector, multiplying the leftwards shifting vector by the target vector according to the bit to obtain a multiplication result, updating the multiplication result into the target vector, shifting the leftwards shifting vector by one bit by adopting the rotating key, updating the leftwards shifting vector, multiplying the updated leftwards shifting vector by the target vector according to the bit to update the target vector until the accumulated leftwards shifting times are equal to the length of the bit vector;

step P340: when all elements in the target vector are zero, judging that the first element and the second element are different; otherwise, it is determined that the first element and the second element are identical.

Specifically, assuming that the first element is 1 and the second element is 2, the binary forms thereof are 0001 and 0010, respectively. And (3) subtracting the first element and the second element according to the bit sequence to obtain a bit vector z= [0, -1,1], constructing an interpolation function (1-z) (1+z), substituting the bit vector to solve to obtain a target vector [1, 0], and copying the target vector to obtain a left shift vector [1, 0].

Then use the rotating keyAnd performing left shift operation on the left shift vector, shifting one bit each time, multiplying the updated left shift vector with the target vector obtained by the last left shift operation according to the bit, and updating the multiplication result with the target vector. Such as left shift vector [1,0 ]]After shifting one bit left, the shift left becomes [1,0, 1 ]]And the target vector [1,0 ]]The result of the multiplication is [1,0]Updating the target vector to [1,0 ]，0]The method comprises the steps of carrying out a first treatment on the surface of the Then shift left vector [1,0, 1 ]]Continuing to move left by one bit, and changing left movement direction into [0, 1 ]]And the target vector [1,0 ]]The result of the bit-wise multiplication is [0,0]Stopping operation when the accumulated left shift times are equal to the length of the bit vector, and finally obtaining all elements in the target vector, wherein the elements are 0, so that the first element and the second element are unequal; all elements in the target vector are 1, then this indicates that the first element and the second element are equal.

Because the embodiment converts each data participating in homomorphic operation into a binary form and performs bit-by-bit encryption, the shifting operation can be adopted to realize comparison of ciphertext data, and the comparison result is obtained, so that the calculation is simple and efficient.

In one example, the server uses the re-linear key to control the ciphertext size in homomorphic operations when performing homomorphic multiplication operations.

Specifically, in ciphertext operations, ciphertext and ciphertext multiplication may result in ciphertext expansion for both ciphertexts、Define multiplication operation as +.>The decryption operation is->Consider the product of two decrypted values:

，

wherein,，/>，/>. Contrast->Ciphertext multiplication results in an increase in the size of ciphertext. This increase may result in the ciphertext eventually not being available, thus requiring the use of a re-linear key to control ciphertext size.

Wherein the re-linear key is defined as follows:wherein->，/>Is a large integer, +.>From->Random sampling in>Is to->And->Is a modular loop, +.>Is the error that is present in the error, and (2)>Is the modulus of each layer. It can be seen that the re-linearized ciphertext is changed from three dimensions to two dimensions. The result after decryption of the re-linearized ciphertext is +>The last term is that errors can be omitted.

The server side controls the scale of the multiplication result by applying the re-linear key after each multiplication operation is finished, so that the linear property of the ciphertext can be maintained, and the ciphertext is prevented from becoming too complex after multiple multiplication operations, thereby influencing the calculation efficiency. It should be noted that, although the re-linearity controls the size of the ciphertext by introducing a small error term, multiple accumulations may also result in the ciphertext not being available.

In one example, the server side performs homomorphism operation, and performs merging on the homomorphism items to reduce the accumulation degree of noise.

Specifically, in order to reduce the influence of errors, the invention optimizes the operation flow in the process of ciphertext operation, and combines similar items as far as possible in the calculation process, such as combining operation items with the same index; at the same time, for the similarThe present invention splits it into ++>，/>Compared with the original four times of calculation, the splitting method reduces the calculation times by half, and greatly reduces the accumulation degree of noise.

The complete interaction process of the embodiment for performing the mind assessment is as follows: service end definition assessment volumeAnd sets the corresponding encryption parameter for the test questionnaire +.>The method comprises the steps of carrying out a first treatment on the surface of the The client acquires the assessment questionnaire from the server according to the selection request of the user>And matched encryption parameter->The method comprises the steps of carrying out a first treatment on the surface of the The user completes the psychological assessment questionnaire; client side adds according to the additionSecret parameter generation public key->Private key->Re-linear key->And rotation key->The method comprises the steps of carrying out a first treatment on the surface of the The client side carries out binarization processing on the questionnaire options, converts the evaluation result into a binary form, and obtains a result vector +.>. For example, when a question has four options and the answer is +. >In binary form, 1000. Subsequently, the client uses the public key +.>Encryption, the result vector in binary form +.>And converting into result ciphertext. After encryption, the client side uses the result ciphertext and the re-linear key required by ciphertext operation +.>Rotating a keyPackaging and sending the packaged data to a server; the server side is according to the re-linear key submitted by the user +.>Rotation key->The phase of score statistics by the operation rule of the selected questionnaireAnd (5) performing off operation to obtain a score ciphertext. And the server sends the score ciphertext and the endpoint vector ciphertext formed by the left endpoint of each score interval back to the client. After receiving the score ciphertext and the endpoint vector ciphertext, the client first decrypts the score plaintext and then compares the score plaintext with each left endpoint in turn to obtain a result vector, e.g., the score plaintext is 81, and the endpoint vectors are [75, 80, 85, 90 ]]The resulting vector is [75, 81, 85, 90]. The client converts the result vector and the endpoint vector obtained by comparison into binary, encrypts the binary, and returns the binary to the server. The server side obtains the result vector of the client side and then carries out ciphertext comparison operation, the endpoint vector and the result vector in the secret state are sequentially compared, if the result vector is equal to 1, otherwise, the result vector is 0, then element-level multiplication product operation is carried out on the result vector and the result vector which is defined in advance, if the value of the position of the comparison result vector is 0, the product result is 0 in ciphertext, if the value of the position of the comparison result vector is 1, the product result is the evaluation result converted into ciphertext, all the product operation results are accumulated, and the correct evaluation result in ciphertext is obtained >And returning the result to the client. Client uses private key->Decrypting and evaluating the result +.>And converting the result into a plaintext, and presenting the plaintext result to a user.

In summary, the invention adopts personalized parameter schemes aiming at different questionnaires, reasonably sets the encrypted parameters according to the characteristic of full homomorphic encryption hierarchy encryption, reasonably reconstructs the calculation process, reduces the influence of noise caused by ciphertext operation, and ensures the calculation efficiency and the accuracy of calculation results.

In some scenarios, a third party research institution needs to retrieve evaluation data of several clients for comprehensive statistical analysis.

The invention also provides a questionnaire evaluation statistical system based on homomorphic encryption, which comprises a client, a server and a third-party research institution. The third-party research institution is used for designating clients participating in statistical analysis, and selecting statistical indexes such as average value, variance and the like; the server is used for safely transmitting ciphertext messages between the client and the third-party research institution and between the clients; the client stores the evaluation data for statistical analysis, reads the evaluation data according to the query condition of the third-party research institution, accumulates the evaluation data, and sends the accumulated value to the server.

Specifically, a query module and a key generation module are arranged on the client. When receiving the encryption parameterGenerating a public key ++by the key generation module according to the encryption parameters>Private key->Re-linear key for homomorphic operationAnd rotation key->The method comprises the steps of carrying out a first treatment on the surface of the When the query condition ciphertext is received, query and statistics are carried out in the stored evaluation data according to the query condition ciphertext through a query module, a query result plaintext is obtained, the query result plaintext is converted into a binary format, the query result ciphertext is obtained according to public key homomorphic encryption of the query result plaintext, and the query result ciphertext is sent to a server.

The third-party research institution is provided with a customer selection module and a statistical analysis module; determining which clients participate in statistical analysis through a client selection module, obtaining a client list and sending the client list to a server; when query result ciphertexts of all clients transmitted by the server are received, homomorphic operation is carried out on all the query result ciphertexts according to a preset rule through a statistical analysis module, statistical result ciphertexts are obtained, and then the statistical result ciphertexts are transmitted to the server. The preset rules are set according to the requirements of statistical analysis, for example: and calculating the mean value and variance of all the inquiry result ciphertext.

To improve the calculation efficiency of the mean and variance, in one example, the statistical analysis module includes a mean unit and a variance unit; the average value calculating unit is used for splicing the query result ciphertext of all the clients to obtain a spliced vector, accumulating the spliced vector by adopting a rotating key to obtain an accumulated value, and multiplying the accumulated value by the reciprocal of the total number of the clients in the client list to obtain an average value result; the variance calculating unit is used for obtaining a variance result according to the query result ciphertext and the mean result of each client. Specifically, subtracting the mean value result from the accumulated value ciphertext of each client, calculating the square, obtaining the square value of each client, summing the square values of all clients by adopting the rotating key, obtaining the square accumulated value, multiplying the square accumulated value by the reciprocal of the total number of clients in the client list, and obtaining the variance result. For example: the splice vectors are [14, 15, 16, 17], the cumulative value after the sum of the rotation keys is [62, 62, 62, 62] is multiplied by 1/4 to obtain [15.5, 15.5, 15.5, 15.5] which is the average value, then the difference is correspondingly calculated for each position of the splice vectors [14, 15, 16, 17] and [15.5, 15.5, 15.5, 15.5] to obtain [ -1.5, -0.5,0.5,1.5], and the multiplication is performed for each position of [ -1.5, -0.5,0.5,1.5] to obtain [2.25,0.25,0.25,2.25]. The sum of the rotation keys is adopted to obtain [5, 5], and 1/4 is multiplied to obtain [1.25,1.25,1.25,1.25], and 1.25 is the variance.

The method for accumulating the spliced vector by using the rotating key can refer to the specific step of accumulating the query vector by using the rotating key to obtain the accumulated value ciphertext, which is not described herein. The use of the rotation key enables a simple and efficient calculation of the accumulated value.

In some cases, after the third-party research institution obtains the statistics result ciphertext, since the statistics result ciphertext includes ciphertext information of each client, the corresponding part needs to be decrypted through each client before the statistics result plaintext is obtained on the third-party research institution. Therefore, the server is provided with the joint decryption module, when the statistical result ciphertext is received from the third-party research institution, the joint decryption module interacts with each client in the client list to respectively decrypt the statistical result ciphertext by using each client to obtain a joint decryption result, and then the joint decryption result is sent to the third-party research institution.

The third-party research institution is also provided with a decryption module for decrypting the joint decryption result received from the server to obtain a statistical analysis result;

based on the questionnaire evaluation statistical system, the embodiment realizes the statistical analysis of the psychological evaluation questionnaire by the third-party research institution, firstly, the third-party research institution selects clients participating in the statistical analysis to form a client list, determines the psychological evaluation questionnaire aimed at by the statistical analysis, and then sends the client list and the psychological evaluation questionnaire to the server. After receiving the request of the third-party research institution, the server is responsible for sending the encryption parameters related to the selected psychological assessment questionnaire to each client. Each client generates a public key according to encryption parameters provided by the server through a key generation module Private key->Re-linear key->And rotation key->. After the third-party research institution encrypts the query condition (for example, whether to select a certain option), a query condition ciphertext is generated, and the query condition ciphertext is distributed to the user through the server. Assuming that the query condition is that the age is less than 16, the age field and the number field are encrypted in the same state, and the encryption process is carried out by converting the binary representation and then encrypting the binary representation according to bits, wherein the characters and the letters are converted into asc firstii, binary encryption is carried out after the code is coded.

After receiving the cipher text of the query condition, the client performs binary encryption processing on the field and the numerical value stored locally, searches the data meeting the numerical value range in each column to obtain a query vector, the position meeting the condition is a numerical value 1, otherwise is a value 0, performs accumulation and summation on the query vector, uses a rotating key such as [1, 0] after rotating once, is [1,0, 1], adds the corresponding positions of the two, to give [2,1,0,1], then [1,0, 1] is rotated once again to give [0, 1], which is added to [2,1,0,1], obtaining [2,1,1,2], continuing to perform the rotation operation on [0, 1] to obtain [2, 2], that is, the elements at all positions are the same, the client takes the numerical value encryption of the element at the first position to obtain the inquiry result ciphertext, and then sends the inquiry result ciphertext to the server.

And after receiving the query result ciphertext of the client, the server forwards the query result ciphertext to the third-party research institution. After receiving the inquiry result ciphertext of all the user segments, the third-party research institution completes corresponding calculation through the statistics analysis module to obtain the statistics result ciphertext. Meanwhile, by means of the server, the third-party research institution can safely transmit encrypted ciphertext results between the clients, so that multiparty joint decryption of the statistics result ciphertext is realized. The specific process is as follows: as shown in fig. 5, each client securely returns the result to the server after locally completing a partial decryption operation. After receiving the partial decryption result, the server side transmits the partial decryption result to the next client side according to the client side list for further decryption operation. This process can be visually described as primary decryption, secondary decryption. Finally, the server returns the results (i.e. the joint decryption results) of all the client-side decryption to the third-party research institution. And after receiving the combined decryption result, the third-party research institution performs final decryption operation (namely three times of decryption) to obtain a correct statistical result plaintext result.

Based on the above embodiment, the present invention also provides an intelligent terminal, and a functional block diagram thereof may be shown in fig. 6. The intelligent terminal comprises a processor, a memory, a network interface and a display screen which are connected through a system bus. The processor of the intelligent terminal is used for providing computing and control capabilities. The memory of the intelligent terminal comprises a nonvolatile storage medium and an internal memory. The nonvolatile storage medium stores an operating system and a questionnaire evaluation program based on homomorphic encryption. The internal memory provides an environment for the operation of an operating system and a questionnaire evaluation program based on homomorphic encryption in a nonvolatile storage medium. The network interface of the intelligent terminal is used for communicating with an external terminal through network connection. The method comprises the step of realizing any one of the questionnaire evaluation methods based on the homomorphic encryption when the questionnaire evaluation program based on the homomorphic encryption is executed by a processor. The display screen of the intelligent terminal can be a liquid crystal display screen or an electronic ink display screen.

It will be appreciated by those skilled in the art that the schematic block diagram shown in fig. 6 is merely a block diagram of a portion of the structure associated with the present inventive arrangements and is not limiting of the smart terminal to which the present inventive arrangements are applied, and that a particular smart terminal may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.

The embodiment of the invention also provides a computer readable storage medium, wherein the computer readable storage medium stores a full homomorphic encryption-based questionnaire evaluation program, and the full homomorphic encryption-based questionnaire evaluation program realizes any one of the steps of the full homomorphic encryption-based questionnaire evaluation method provided by the embodiment of the invention when being executed by a processor.

It should be understood that the sequence number of each step in the above embodiment does not mean the sequence of execution, and the execution sequence of each process should be determined by its function and internal logic, and should not be construed as limiting the implementation process of the embodiment of the present invention.

It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, the specific names of the functional units and modules are only for distinguishing from each other, and are not used for limiting the protection scope of the present invention. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.

In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.

Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

In the embodiments provided in the present invention, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other manners. For example, the apparatus/terminal device embodiments described above are merely illustrative, e.g., the division of the modules or units described above is merely a logical function division, and may be implemented in other manners, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed.

The integrated modules/units described above, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer-readable storage medium. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the steps of each method embodiment may be implemented. The computer program comprises computer program code, and the computer program code can be in a source code form, an object code form, an executable file or some intermediate form and the like. The computer readable medium may include: any entity or device capable of carrying the computer program code described above, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. The content of the computer readable storage medium can be appropriately increased or decreased according to the requirements of the legislation and the patent practice in the jurisdiction.

The above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art will understand that; the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions are not intended to depart from the spirit and scope of the various embodiments of the invention, which are also within the spirit and scope of the invention.

Claims

1. The questionnaire evaluation method based on homomorphic encryption is applied to a client and is characterized by comprising the following steps:

receiving an assessment questionnaire and encryption parameters;

Responding to a received score ciphertext and an endpoint vector ciphertext formed by endpoints of a score section, according to the score ciphertext and the endpoint vector ciphertext, obtaining a result vector ciphertext, and sending the result vector ciphertext and the endpoint vector ciphertext to a server, wherein the score ciphertext is calculated by the server according to the result ciphertext;

2. The fully homomorphic encryption-based questionnaire evaluation method according to claim 1, wherein said obtaining a result vector ciphertext from said score ciphertext and said endpoint vector ciphertext comprises:

3. The fully homomorphic encryption-based questionnaire evaluation method according to claim 1, wherein after the evaluation result is obtained, the evaluation result and the questionnaire are saved to obtain evaluation data; when a query condition ciphertext is received, encrypting the evaluation data according to the public key to obtain an evaluation data ciphertext; inquiring the evaluation data ciphertext according to the inquiry condition ciphertext to obtain an inquiry vector; and accumulating the query vector by adopting the rotating key to obtain an accumulated value ciphertext, and transmitting the accumulated value ciphertext to a server.

4. The fully homomorphic encryption-based questionnaire evaluation method according to claim 3, wherein said employing said rotation key to accumulate said query vector to obtain an accumulated value ciphertext comprises:

5. The questionnaire evaluation method based on homomorphic encryption is applied to a server and is characterized by comprising the following steps:

6. The fully homomorphic encryption-based questionnaire evaluation method according to claim 5, wherein said comparing said result vector ciphertext with said endpoint vector ciphertext to obtain a comparison result vector comprises:

7. The isomorphic encryption-based questionnaire evaluation method according to claim 6, wherein comparing the second element of the result vector ciphertext with the first element of the endpoint vector ciphertext to obtain a comparison result comprises:

8. The fully homomorphic encryption-based questionnaire evaluation method according to claim 5, wherein the server uses a re-linear key to control the ciphertext size in homomorphic operation when performing homomorphic multiplication operation.

9. A questionnaire evaluation statistical system based on homomorphic encryption, characterized in that it comprises: the system comprises a client, a server and a third-party research institution;

The client is provided with a query module and a key generation module;

the server is provided with a joint decryption module;

10. The full homomorphic encryption-based questionnaire evaluation statistical system according to claim 9, wherein the statistical analysis module comprises a mean unit and a variance unit;

11. A smart terminal comprising a memory, a processor and an isohomomorphic encryption based questionnaire evaluation program stored on the memory and executable on the processor, the isomorphic encryption based questionnaire evaluation program when executed by the processor implementing the steps of the isomorphic encryption based questionnaire evaluation method according to any one of claims 1-8.

12. A computer-readable storage medium, wherein the computer-readable storage medium has stored thereon a fully homomorphic encryption-based questionnaire evaluation program, which when executed by a processor, implements the steps of the fully homomorphic encryption-based questionnaire evaluation method according to any one of claims 1-8.