CN117792643A

CN117792643A - Point pre-stored table generation method, decryption method, device, equipment and medium thereof

Info

Publication number: CN117792643A
Application number: CN202311845273.1A
Authority: CN
Inventors: 荆博
Original assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Current assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Priority date: 2023-12-28
Filing date: 2023-12-28
Publication date: 2024-03-29

Abstract

The disclosure provides a method, a device, equipment and a medium for generating and decrypting a point pre-stored table, and particularly relates to the technical fields of cryptography and cloud computing. The specific implementation scheme is as follows: calculating coordinate data of all basic points in a basic discrete interval range on the elliptic curve, and storing the coordinate data in a basic point pre-stored table; calculating the identification data of the interval points in the range of each mapping discrete interval of one or more mapping discrete intervals on the elliptic curve, and storing the identification data in an interval point pre-stored table; wherein, all points in the basic discrete interval and each mapping discrete interval form a finite field of the elliptic curve; the points in the mapped discrete interval comprise the interval point and a plurality of non-interval points; and a mapping relation exists between the difference value between the coordinate data of any non-interval point in the mapping discrete interval and the coordinate data of the basic point and the identification data of the interval point. Through the technical scheme, the storage space occupied by the point pre-stored table can be saved.

Description

Point pre-stored table generation method, decryption method, device, equipment and medium thereof

Technical Field

The present disclosure relates to the field of computer technology, and in particular, to cryptography and cloud computing technology. In particular to a point pre-stored table generating method, a point pre-stored table decrypting device, point pre-stored table decrypting equipment and a point pre-stored table decrypting medium.

Background

The security and privacy of data are focus of attention in the technical field of data processing. In order to improve the privacy of data processing, encryption and decryption by adopting a secret key are common means in the prior art. Among them, elliptic curve cryptography (Elliptic Curve Cryptography, abbreviated as ECC) has been rapidly developed for applications in cryptography. The ECC technology can be applied to homomorphic encryption, and the security of the data calculation process and result is ensured.

An elliptic curve is a special curve and can be expressed by an equation. A finite number of points that satisfy the equation, i.e., points that fall on an elliptic curve. These limited number of points constitute the finite field of the elliptic curve and can be used for encryption and decryption operations. The discrete logarithm problem (Discrete Logarithm Problem, DLP), which is the finding of the exponent of a given element in a finite group that is equal to the exponent of another given element, is the determination of points and multiples of points on an elliptic curve for the elliptic curve discrete logarithm problem.

Because the calculation amount of DLP on the elliptic curve is large, the points on the elliptic curve are pre-calculated and stored for the high efficiency of the encryption and decryption process. Therefore, in the encryption and decryption process, pre-calculated elliptic curve points are directly used, the real-time calculated amount is reduced, and acceleration is realized.

However, if the complexity of the password is increased for security, the number of points on the elliptic curve is large, so that the space occupied by the prestored table of the elliptic curve storage points is large.

Disclosure of Invention

The disclosure provides a point pre-stored table generating method, a point pre-stored table decrypting device, point pre-stored table decrypting equipment and a point pre-stored table decrypting medium.

According to an aspect of the present disclosure, there is provided a method for generating an elliptic curve point pre-stored table, including:

calculating coordinate data of all basic points in a basic discrete interval range on the elliptic curve, and storing the coordinate data in a basic point pre-stored table;

calculating the identification data of the interval points in the range of each mapping discrete interval of one or more mapping discrete intervals on the elliptic curve, and storing the identification data in an interval point pre-stored table;

wherein, all points in the basic discrete interval and each mapping discrete interval form a finite field of an elliptic curve; mapping points in the discrete interval includes interval points and a plurality of non-interval points; the difference value between the coordinate data of any non-interval point in the mapping discrete interval and the coordinate data of the basic point has a mapping relation with the identification data of the interval point.

According to another aspect of the present disclosure, there is provided a decryption method based on an elliptic curve, including:

calculating a public key multiple point according to a private key generated based on an elliptic curve and a first point in a ciphertext;

calculating an encryption point according to the public key multiple point and the second point of the ciphertext;

determining whether the encryption point is a point on the elliptic curve according to the basic point pre-stored table and the mapping point interval point pre-stored table;

if the encryption point is a point on the elliptic curve, decrypting the ciphertext according to the basic point pre-stored table, the mapping point interval point pre-stored table and the encryption point;

the base point pre-stored table and the mapping point interval point pre-stored table are generated by adopting the generating method of the elliptic curve point pre-stored table provided by any embodiment of the disclosure.

According to another aspect of the present disclosure, there is provided a generating apparatus of an elliptic curve point pre-stored table, including:

the base point storage module is used for calculating coordinate data of all base points in a base discrete interval range on the elliptic curve and storing the coordinate data in a base point pre-stored table;

the interval point storage module is used for calculating the identification data of the interval points in the range of each mapping discrete interval of one or more mapping discrete intervals on the elliptic curve and storing the identification data in an interval point pre-stored table;

According to another aspect of the present disclosure, there is provided a decryption apparatus based on an elliptic curve, including:

the public key multiple point determining module is used for calculating the public key multiple point according to the private key generated based on the elliptic curve and the first point in the ciphertext;

the encryption point determining module is used for calculating an encryption point according to the public key multiple point and the second point of the ciphertext;

the curve point judging module is used for determining whether the encryption point is a point on the elliptic curve according to the basic point pre-stored table and the interval point pre-stored table;

the ciphertext decrypting module is used for decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption points if the encryption points are points on the elliptic curve;

the generating device of the elliptic curve point pre-stored table is used for generating the basic point pre-stored table and the interval point pre-stored table.

According to another aspect of the present disclosure, there is provided an electronic device including:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein,

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the methods provided by any of the embodiments of the present disclosure.

According to another aspect of the present disclosure, there is provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method provided by any of the embodiments of the present disclosure.

It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.

Drawings

The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:

fig. 1 is a flowchart of a method for generating an elliptic curve point pre-stored table according to an embodiment of the present disclosure;

FIG. 2 is a flowchart of another method for generating elliptic curve point pre-stored tables according to an embodiment of the present disclosure;

FIG. 3 is a flow chart of a method of generating a pre-stored table of elliptic curve points according to an embodiment of the present disclosure;

FIG. 4 is a flow chart of a decryption method based on elliptic curves, provided in accordance with an embodiment of the present disclosure;

FIG. 5 is a flow chart of another elliptic curve-based decryption method provided in accordance with an embodiment of the present disclosure;

FIG. 6 is a flow chart of another elliptic curve-based decryption method provided in accordance with an embodiment of the present disclosure;

FIG. 7 is a schematic diagram of another elliptic curve-based decryption apparatus according to an embodiment of the present disclosure;

FIG. 8 is a schematic diagram of another elliptic curve-based decryption apparatus according to an embodiment of the present disclosure;

fig. 9 is a block diagram of an electronic device for implementing the methods provided by embodiments of the present disclosure.

Detailed Description

Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

Fig. 1 is a flowchart of a method for generating an elliptic curve point pre-stored table according to an embodiment of the present disclosure, where the embodiment of the present disclosure may be applicable to a case where multiple point data in a finite field of an elliptic curve is pre-calculated in order to implement encryption and decryption requirements based on the elliptic curve, and the pre-generated point pre-stored table may be used to quickly determine points and multiples thereof in a decryption process, thereby solving DLP requirements. The method can be executed by a generating device of elliptic curve point pre-stored table, the device can be realized by adopting a hardware and/or software mode, and the device can be configured in electronic equipment. Referring to fig. 1, the method specifically includes the following:

s101, calculating coordinate data of all basic points in a basic discrete interval range on an elliptic curve, and storing the coordinate data in a basic point pre-stored table.

S102, calculating the identification data of the interval points in the range of each mapping discrete interval of one or more mapping discrete intervals on the elliptic curve, and storing the identification data in an interval point pre-stored table.

In the encryption and decryption process based on the elliptic curve, the multiple points of the elliptic curve base point are required to be calculated; wherein, the elliptic curve base point can be a point in a preset elliptic curve finite field; all points in the limited area of the elliptic curve can be used as n times of the base point of the elliptic curve; an n-fold point may be understood as a point where the multiple to the base point is n; the base point is 1 times the point itself. There is a concept of an infinity point in an elliptic curve, which is a point in a mathematical concept that can participate in the operation of a point on the elliptic curve, but which is not a true point on the elliptic curve. An infinity point can be understood as a point which is 0 times the base point, namely, the result obtained by multiplying zero by the base point is an infinity point; for any point on the elliptic curve, the point is added with an infinity point on the elliptic curve, and the obtained result is still the point.

The number of points in the elliptic curve finite field can be used as the maximum multiple between the points in the elliptic curve finite field and the base points, and then the multiple range of the points in the elliptic curve finite field relative to the base points can be determined. By way of example, if there are 100 points within the elliptic curve finite field, the points within the elliptic curve finite field may be the base points and 1-fold, 2-fold, 98-fold and 99-fold points of the base points, respectively. It should be noted that, for convenience of description, in the specific implementation scenario, the number of points in the finite field is generally large, for example, the number of points in the finite field may be 32 times 2, i.e. 4294967296 points, to ensure encryption and decryption security.

In this embodiment, a finite field of an elliptic curve is divided into at least two discrete intervals; and selecting one discrete interval from the discrete intervals as a basic discrete interval, and taking the rest discrete intervals as mapping discrete intervals. The basic point is the point in the basic discrete interval range; points in the mapped discrete interval may include two classes, denoted interval points and non-interval points. Non-interval points may be points other than interval points in the mapped discrete interval. For example, specifically, for any non-interval point, a unique number-by-mapping relationship exists between the difference value between the coordinate data of the non-interval point and the coordinate data of the corresponding one of the basic points and the identification data of the corresponding one of the interval points. The number-by-mapping relationship, that is, the relationship between the difference and the interval point is also a linear transformation relationship, and the difference is obtained by multiplying the coordinate data of the interval point by a set integer. The basic point pre-stored table is a data table for pre-storing basic point coordinate data, and multiples of points are also stored corresponding to the coordinate data; the interval point pre-stored table is a data table for pre-storing the identification data of interval points, and multiples of the points are stored corresponding to the identification data, so that the discrete interval positions corresponding to the interval points are reflected. The identification data is data capable of uniquely identifying the section point coordinate data. The coordinate data of the non-section points do not need to be stored in advance. Therefore, the coordinate data of the foundation points continuously existing are prestored in the foundation discrete section, and the coordinate data of the section points discretely existing in each of the mapped discrete sections are prestored in each of the mapped discrete sections. Based on different mapping relations, all points in the basic discrete interval can be selected as basic points, and partial points in the basic discrete interval can also be selected as basic points. For example, the base points are spaced apart by a set multiple distance. As long as the following non-interval point mapping conditions can be satisfied: any non-interval point has a set mapping relation with one interval point and one basic point, so that the multiple of the non-interval point can be calculated based on the set mapping relation and the multiple of the interval point and the basic point. Typically, an infinity point is a 0-fold point and may be included in the underlying discrete interval.

Specifically, a set algorithm is adopted to calculate the coordinate data of all basic points in a basic discrete interval range on an elliptic curve, and the coordinate data are stored in a basic point pre-stored table; and calculating the identification data of the interval points in the range of each mapping discrete interval of one or more mapping discrete intervals on the elliptic curve by adopting a setting algorithm, and storing the identification data in an interval point pre-stored table. The setting algorithm is an algorithm capable of calculating coordinate data of any point according to the coordinate data of the base point of the elliptic curve and the multiple of any point.

In this embodiment, the number of interval points in each mapping discrete interval may be one or more, and the interval points may be any points in the mapping discrete interval range. For example, the number of interval points in each mapped discrete interval may be two, where one interval point is the first point in the mapped discrete interval and the other interval point is the middle point in the mapped discrete interval. Under the condition that the number of the interval points is two, the efficiency of determining the interval point identification data corresponding to the non-interval point coordinate data in the encryption and decryption process of the elliptic curve can be improved. By way of example only, and not by way of limitation, if the base points include 0 times points (taking the infinity point as the 0 times point), 1 times points, 3 times points, &. Cndot, 8 times points and 9 times points, and there are interval points of 80 times and 85 times points in the mapped discrete interval. Wherein, the difference value between the non-interval point coordinate data of 86 times points and the basic point coordinate data of 6 times points and the interval point identification data of 80 times points have a mapping relation; there is a mapping relationship between the difference between the non-interval point coordinate data of 86 times points and the basic point coordinate data of 1 time points and the interval point identification data of 85 times points. In the encryption and decryption process of the elliptic curve, when the basic point traverses to 1 time point, the 85 times point with the mapping relation can be determined. Compared with the condition that 85 times of points are not interval points, the method can determine 80 times of points with mapping relation when traversing to 6 times of points, and improves efficiency of determining interval points. Furthermore, the consistency check can be performed on the coordinate data of the non-interval point determined by the two interval points in the same mapping discrete interval, so as to improve the accuracy of the non-interval coordinate data.

Preferably, the number of interval points of each mapping discrete interval is one, so that the space occupation of the pre-stored table can be reduced maximally. For the convenience of calculation, the interval point is the first point in the range of the mapping discrete interval, so that the number of interval points is reduced under the condition of ensuring the storage of the identification data of the interval point of the mapping discrete interval, the calculated amount of the identification data is further reduced, and the storage space of the interval point pre-stored table is reduced.

In an alternative embodiment, the finite field of the elliptic curve is divided into at least two discrete intervals of equal interval length, the interval length being the number of interval midpoints. And selecting a basic discrete interval and a mapping discrete interval from the discrete intervals, wherein the number of points included in each mapping discrete interval is the same as that of points included in the basic discrete interval.

In an alternative embodiment, the sum of the number of intervals of the mapped discrete interval and the underlying discrete interval is equal to the number of points of the mapped discrete interval. Let the number of finite field midpoints be the square number of k, which is a positive natural number. The square root k of the number of points may be used as the interval length of the discrete interval, and the number of discrete intervals is k. Of course, the rule of dividing the discrete section is not limited to the equal section length, and the multiple of the non-section point can be calculated reversely as long as the non-section point mapping condition can be satisfied.

In an alternative embodiment, the mapping relationship between the difference value between the coordinate data of the non-interval point in the mapping discrete interval and the coordinate data of one basic point and the identification data of one interval point may be a linear mapping relationship or a complex nonlinear mapping relationship. The coordinate data of any non-interval point can be obtained through mapping relation, the identification data of interval points and the coordinate data of basic points. Preferably, the mapping relation between the difference value between the coordinate data of the non-interval point in the mapping discrete interval and the coordinate data of one basic point and the identification data of one interval point is that the number multiplication result of the difference value and the positive integer corresponds to the identification data of the interval point one by one; the positive integer represents the position of the mapping discrete interval in the finite field, so that mapping with lower complexity is realized, and the efficiency of determining non-interval points is improved.

By way of example, the mapping relationship may be expressed by the following formula:

a-b＝w*e；

wherein a represents coordinate data of non-interval points in the mapping discrete interval; b represents coordinate data of the base point; w represents the identification data of the interval point; e represents a positive integer; * Representing a number multiplication operation.

In the technical scheme of the embodiment of the disclosure, a set mapping relation exists between the coordinate data of the non-interval point and one basic point and the interval point, and the scheme can map the coordinate data of any one non-interval point through the identification data of the interval point and the coordinate data of the basic point. In the scheme of encrypting and decrypting by adopting the key generated by the elliptic curve, the pre-stored table in the embodiment of the disclosure is used for calculating the multiple of any non-interval point based on the coordinate data of the interval point and the basic point and the multiple in the table and setting the mapping relation, and the multiple of the non-interval point is used for decrypting. Therefore, a large amount of coordinate data of non-interval points do not need to be stored in a pre-stored table, and multiples of the non-interval points can be rapidly calculated through the coordinate data of the interval points and the basic points and the setting of the mapping relation during subsequent decryption, so that decryption can be performed. Compared with the scheme of pre-storing the coordinates of all points on the elliptic curve in the prior art, the method reduces the storage space of the pre-stored table under the condition that the coordinate data of any elliptic curve point can be obtained.

Fig. 2 is a flowchart of a method for generating a point-pre-stored table of elliptic curves according to an embodiment of the present disclosure. This embodiment is an alternative to the embodiments described above. Referring to fig. 2, the method for generating the elliptic curve point pre-stored table according to the present embodiment includes:

s201, calculating coordinate data of all basic points in a basic discrete interval range on the elliptic curve, and storing the coordinate data in a basic point pre-stored table.

S202, setting the value range of the cycle count value as [1, k); where k is the sum of the number of base discrete intervals and all mapped discrete intervals.

S203, setting the change of the cycle count value from 1 to k, and calculating the product of the current cycle count value and the number of points in the mapping discrete interval as the sequence number of the interval point for each current cycle count value; the current cycle count value is the sequence number of the mapping discrete interval to which the currently calculated interval point belongs in the finite field.

S204, calculating coordinate data of the interval points according to the base points of the elliptic curve and the sequence numbers of the interval points.

S205, converting the coordinate data of the interval point into a character string by adopting a setting rule, calculating the character string by adopting a setting hash algorithm to obtain a hash result, and taking the hash result as the identification data of the interval point.

In this embodiment, the identification data of the interval point is a hash result calculated based on the coordinate data of the interval point, and compared with the coordinate data of the stored interval point, the hash result is used as the identification data, so that the identification data of each interval point can be unified into a hash result with a fixed length while the uniqueness of the identification data is ensured, and the interval point can be conveniently searched in the encryption and decryption process.

Further, the interval point pre-stored table is a Key Value pair structure (Key-Value), the Key domain (Key) of the Key Value pair structure stores the identification data of the interval point, the Value domain (Value) of the Key Value pair structure stores the interval sequence number, and the interval sequence number is the sequence number of the mapping discrete interval to which the interval point belongs in the finite domain, so that the efficiency of searching the interval point in the encryption and decryption process is improved.

Wherein the sequence number may be used to characterize the location of the mapped discrete interval in the finite field. Specifically, calculating a number multiplication result between a base point of the elliptic curve and a sequence number of the interval point, and taking the calculated number multiplication result as coordinate data of the interval point; converting the coordinate data of the interval points into character strings by adopting a set rule; the setting rule may be an algorithm rule for splicing coordinate data of the interval points or any other algorithm rule capable of converting the coordinate data into character strings; carrying out operation on the character string by adopting a set hash algorithm to obtain a hash result, and taking the hash result as the identification data of the interval point; and storing the section sequence number in the value domain of the key value pair of the section point pre-stored table, and storing the identification data of the section point in the key domain of the key value pair of the section point pre-stored table to finish the storage of the section point.

For example, if the number of points in the mapping discrete interval is 10, when the current cycle count value is 1, calculating to obtain the product of the current cycle count value 1 and the number of points 10 in the mapping discrete interval as 10, and taking 10 as the sequence number of the interval point; and taking 1 as the sequence number of the mapping discrete interval which the interval point 10 belongs to in the finite field. Calculating a number multiplication result between the interval point serial number 10 and the base point of the elliptic curve, and taking the calculated number multiplication result as coordinate data of the interval point 10; the coordinate data of the section point 10 is converted into a character string by adopting a setting rule, the character string is operated by adopting a setting hash algorithm to obtain a hash result, and the hash result is used as the identification data of the section point.

Optionally, the basic point pre-stored table is a key value pair structure, a key domain of the key value pair structure stores a basic sequence number, the basic sequence number is a sequence number of a basic point in a basic discrete interval, and a value domain of the key value pair structure stores coordinate data of the basic point, so that efficiency of searching the basic point in an encryption and decryption process is improved.

Optionally, setting the value range of the cycle count value as [1, k); wherein k is the sum of the number of basic discrete intervals and all mapping discrete intervals; setting the change of the cycle count value from 1 to k, and taking the current cycle count value as the serial number of the currently calculated basic point for each current cycle count value; and calculating coordinate data of the base point according to the base point of the elliptic curve and the sequence number of the base point.

Specifically, calculating the number multiplication result of the base point coordinates of the elliptic curve and the serial numbers of the base points, and taking the calculated number multiplication result as the coordinate data of the base points; and storing the basic sequence number in the value domain of the key value pair of the basic point pre-stored table, and storing the identification data of the interval point in the key domain of the key value pair of the basic point pre-stored table to finish the storage of the interval point. The sequence number of the base point reflects the multiple of the base point in the elliptic curve.

Illustratively, the basic point pre-stored table (babyStepMap) calculation logic is as follows:

exemplary, the computation logic of the interval point pre-stored table (giantatspmap) is as follows:

according to the technical scheme, the hash result of the interval point coordinate data and the serial number of the interval point can be used as identification data to be stored in the interval point pre-stored table of the key value pair structure, and the basic point coordinate data and the serial number of the basic point are stored in the basic point pre-stored table of the key value pair structure, so that the searching efficiency of searching the basic point coordinate data in the basic point pre-stored table and the identification data of the interval point in the interval point pre-stored table in the encryption and decryption process based on the elliptic curve is improved.

The technical scheme for encrypting and decrypting based on the prestored table generated by the elliptic curve point prestored table generating method is described below.

The key generated based on the elliptic curve can be encrypted by adopting any encryption algorithm, and is optionally suitable for homomorphic encryption operation. The encryption method comprises the following steps:

s1, calculating points on an elliptic curve based on the elliptic curve and a set multiple to serve as a public key;

s2, generating a random number, and determining a public key multiple point on the elliptic curve according to the random number and the public key;

s3, calculating a first point on the elliptic curve according to the base point and the random number of the elliptic curve;

s4, calculating encryption points on the elliptic curve according to the data to be encrypted and the base points; wherein the data to be encrypted is an integer;

s5, calculating a second point positioned on the elliptic curve according to the encryption point and the public key multiple point; the first point and the second point are used as ciphertext after the data to be encrypted are encrypted.

Specifically, calculating a number multiplication result of the base point and the set multiple of the elliptic curve according to the base point and the set multiple of the elliptic curve, and taking the calculated number multiplication result as a public key; generating a random number, and calculating a number multiplication result between the random number and the public key to obtain a public key multiplication point; illustratively, the public key multiple point may be determined by the following formula:

s＝r*p；

wherein s represents a public key multiple point; r represents a random number; p represents the public key.

Calculating a number multiplication result between a base point of the elliptic curve and the random number to obtain a first point on the elliptic curve; illustratively, the first point may be determined by the following formula:

c1＝r*G；

wherein c1 represents a first point; r represents a random number; g represents the base point of the elliptic curve.

Calculating an encryption point on the elliptic curve according to the data to be encrypted and the base point by adopting a setting algorithm, for example, a calculation formula of the first point can adopt a number multiplication algorithm; performing addition operation of an elliptic curve on the encryption point and the public key multiple point to obtain a second point on the elliptic curve; illustratively, the second point may be determined by the following formula:

c2＝t+s；

wherein c2 represents a second point; t represents an encryption point; s represents the public key multiple point; + represents an addition on the elliptic curve.

And taking the point pair (c 1, c 2) formed by the first point and the second point as ciphertext after encrypting the data to be encrypted.

In an alternative embodiment, if the data to be encrypted is greater than zero, calculating the number multiplication result of the data to be encrypted and the base point as an encryption point positioned on the elliptic curve; illustratively, the encryption point may be determined by the following formula:

t＝m*G；

wherein t represents an encryption point; m represents data to be encrypted; g represents the elliptic curve base point.

If the data to be encrypted is smaller than zero, calculating a number multiplication result of the data to be encrypted and the base point, and updating a y coordinate in the number multiplication result according to the following formula:

y’＝-1*y mod P；

wherein y' represents the y coordinate in the updated number multiplied result; y represents the y coordinate in the number multiplication result before updating; p is the order of the finite field in the elliptic curve.

Fig. 3 is a flowchart of a decryption method based on elliptic curves, provided according to an embodiment of the present disclosure. The embodiment of the disclosure can be applied to the case of decrypting ciphertext based on elliptic curves. The method can be performed by a decrypting device based on elliptic curves, which can be implemented in hardware and/or software and can be configured in an electronic device. Referring to fig. 3, the method specifically includes the following:

s301, calculating a public key multiple point according to a private key generated based on an elliptic curve and a first point in a ciphertext.

S302, calculating an encryption point according to the public key multiple point and the second point of the ciphertext.

S303, determining whether the encryption point is a point on the elliptic curve according to the basic point pre-stored table and the interval point pre-stored table.

S304, if the encryption point is a point on the elliptic curve, decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption point.

The basic point pre-stored table and the interval point pre-stored table can be generated by adopting the generation method of the elliptic curve point pre-stored table provided by any embodiment of the disclosure.

In this embodiment, the ciphertext may be represented as a point pair (c 1, c 2) consisting of a first point and a second point. The public key multiple points may be points on the elliptic curve that correspond to the public key.

Specifically, multiplying a private key generated by an elliptic curve with a first point in a secret text to obtain a public key multiple point; illustratively, the public key multiple point may be determined by the following formula:

s＝pk*c1；

wherein c1 represents a first point; s represents the public key multiple point; pk represents the private key; * Representing a number multiplication operation.

Subtracting the elliptic curve from the second point of the calculated ciphertext and the public key multiple point to obtain an encryption point; illustratively, the encryption point may be determined by the following formula:

t＝c2-s；

wherein t represents an encryption point; c2 represents a second point; s represents the public key multiple point.

Determining whether the encryption points are points on the elliptic curve according to the basic point pre-stored table and the interval point pre-stored table; and if the encryption point is a point on the elliptic curve, decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption point.

According to the technical scheme, whether the encryption points are points on the elliptic curve is determined according to the basic point pre-stored table and the interval point pre-stored table, if the encryption points are points on the elliptic curve, the ciphertext is decrypted according to the basic point pre-stored table, the interval point pre-stored table and the encryption points, and compared with the fact that multiple times of the encryption points and the encryption points are queried in the full-quantity point pre-stored table in the prior art, the encryption point is queried in the basic point pre-stored table and the interval point pre-stored table which occupy a small space, and decryption efficiency is improved.

Fig. 4 is a flowchart of another elliptic curve-based decryption method according to an embodiment of the present disclosure, which is an alternative presented on the basis of the above-described embodiment. Referring to fig. 4, the decryption method of the present embodiment includes:

s401, calculating a public key multiple point according to a private key generated based on an elliptic curve and a first point in ciphertext.

S402, calculating an encryption point according to the public key multiple point and the second point of the ciphertext.

S403, matching the coordinate data of the encryption points in a basic point pre-stored table; if the matching is successful in the basic point pre-stored table, the encryption point is determined to be the point on the elliptic curve.

S404, if the matching in the basic point pre-stored table is unsuccessful, calculating the difference value between the coordinate data of each basic point in the encryption point and the basic point pre-stored table, and determining the interval point with the mapping relation with the difference value based on the interval point pre-stored table.

S405, if the interval point with the mapping relation can be determined, determining the encryption point as a point on the elliptic curve.

S406, if the encryption point is a point on the elliptic curve, decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption point.

Specifically, in the basic point coordinate data stored in the basic point pre-stored table, determining whether a point identical to the coordinate data of the encrypted point exists; if the basic point coordinate data which is the same as the coordinate data of the encryption point exists in the basic point pre-stored table, the encryption point is determined to be successfully matched in the basic point pre-stored table, and the encryption point is determined to be a point on the elliptic curve.

If the basic point coordinate data which is the same as the coordinate data of the encryption point does not exist in the basic point pre-stored table, determining that the encryption point is unsuccessfully matched in the basic point pre-stored table. And calculating the difference value between the coordinate data of each basic point in the pre-stored table of the encryption point and the basic point, and determining the interval point with the mapping relation with the difference value based on the pre-stored table of the interval point.

In an alternative embodiment, before determining whether the encryption point is a point on the elliptic curve according to the base point pre-stored table and the interval point pre-stored table, the method further includes: if the encryption point is a negative point where the y coordinate is negative, the encryption point is converted into a positive point.

The positive number point may be a point whose y coordinate is positive, and the negative number point is a point whose y coordinate is negative. Specifically, the negative number of the encryption points is converted into the positive number of the points, so that the situation that the encryption points are not points on the elliptic curve when the y coordinates of the encryption points are negative numbers is avoided, and the accuracy of determining whether the encryption points are on the elliptic curve is improved.

In an alternative embodiment, converting the encryption point to a positive number point includes: and symmetrically converting the negative y coordinate of the encryption point into the positive y coordinate. Specifically, the negative y coordinate of the encryption point is converted into the opposite number of the negative y coordinate, and the positive number point after the encryption point conversion is obtained.

In an alternative embodiment, calculating the difference between the coordinate data of each base point in the pre-stored table of encrypted points and base points; converting the difference value into a character string according to a set rule, and carrying out hash operation on the character string according to a set hash algorithm to obtain a hash result; matching the hash result in an interval point pre-stored table; and if the matching is successful in the interval point pre-stored table, determining the encryption point as a point on the elliptic curve. Specifically, for each base point, determining a difference value between the encryption point and the coordinate data of the base point; converting the difference value into a character string according to a set rule, and carrying out hash operation on the character string according to a set hash algorithm to obtain a hash result; inquiring whether the same hash result exists in the interval point pre-stored table; if the encryption points exist, the matching is successful in the interval point pre-stored table, and the encryption points are determined to be points on the elliptic curve.

According to the technical scheme, if the coordinate data of the encryption point is matched in the basic point pre-stored table, the encryption point is determined to be a point on an elliptic curve; otherwise, calculating the difference value between the coordinate data of each basic point in the encryption point and basic point pre-stored table, and determining the interval point with the mapping relation with the difference value based on the interval point pre-stored table.

Fig. 5 is a flowchart of yet another elliptic curve-based decryption method provided in accordance with an embodiment of the present disclosure. This embodiment is an alternative to the embodiments described above. Referring to fig. 5, the elliptic curve-based decryption method of the present embodiment includes:

s501, calculating a public key multiple point according to a private key generated based on an elliptic curve and a first point in ciphertext.

S502, calculating an encryption point according to the public key multiple point and the second point of the ciphertext.

S503, determining whether the encryption point is a point on the elliptic curve according to the basic point pre-stored table and the interval point pre-stored table.

S504, determining corresponding data to be encrypted according to indexes of the encryption points in the basic point pre-stored table and the interval point pre-stored table.

In this embodiment, the index may be a sequence number of a point. Specifically, corresponding data to be encrypted is determined according to the index sequence number of the basic point matched with the encryption point in the basic point pre-stored table and the index sequence number of the interval point matched with the encryption point in the interval point pre-stored table.

Optionally, determining corresponding data to be encrypted according to indexes of the encryption points in the basic point pre-stored table and the interval point pre-stored table, including: calculating the product of the number of points in the mapping discrete interval and index serial numbers of interval points matched by the encryption points in an interval point pre-stored table; and calculating the sum of the product and the index sequence number of the base point matched by the encryption point in the base point mapping table, and taking the sum as data to be encrypted.

Illustratively, the data to be encrypted is determined according to the following formula:

m＝i+(k*j)

wherein m is data to be encrypted, i is index number of basic point matched by the encryption point in the basic point mapping table, k is number of points in the mapping discrete interval, and j is index number of interval point matched by the encryption point in the interval point pre-storing table. The index number of the interval point indicates what kind of mapping discrete interval the matched interval point is located. By the calculation, the multiple of the encryption point in the elliptic curve finite field, namely, a large integer is usually calculated and is the data to be encrypted.

According to the technical scheme, the corresponding data to be encrypted is determined according to the indexes of the matched points of the encryption points in the basic point pre-stored table and the interval point pre-stored table, the corresponding data to be encrypted can be quickly found according to the indexes, and the encryption is not required to be recalculated each time, so that the decryption efficiency based on the elliptic curve is improved.

In the decryption process, the logic for performing encryption point matching is as follows:

/>

fig. 6 is a flowchart of yet another elliptic curve-based decryption method provided in accordance with an embodiment of the present disclosure. This embodiment is an alternative to the embodiments described above. Referring to fig. 6, the elliptic curve-based decryption method of the present embodiment includes:

S601, obtaining a result ciphertext generated based on homomorphic operation;

wherein the result ciphertext includes at least one of:

if the two ciphertexts need to be summed, summing the first points in the two ciphertexts to obtain a first summing point, summing the second points to obtain a second summing point, and taking the first summing point and the second summing point as a homomorphic calculation summing result ciphertext;

if the ciphertext and the plaintext are required to be summed, the plaintext is used as data to be encrypted, then summation operation is carried out on each first point in the two ciphers to obtain a first summation point, summation operation is carried out on each second point to obtain a second summation point, and the first summation point and the second summation point are used as summation result ciphertext of homomorphic operation;

if the ciphertext and the plaintext are required to be multiplied, the first point of the ciphertext and the plaintext are multiplied to obtain a first product point, the second point of the ciphertext and the plaintext are multiplied to obtain a second product point, and the first product point and the second product point are used as multiplication result ciphertext of homomorphic operation.

S602, calculating a public key multiple point according to a private key generated based on an elliptic curve and a first point in a ciphertext;

S603, calculating an encryption point according to the public key multiple point and the second point of the ciphertext;

s604, determining whether the encryption point is a point on the elliptic curve according to the basic point pre-stored table and the interval point pre-stored table;

and S605, if the encryption point is a point on the elliptic curve, decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption point.

In this embodiment, the result ciphertext may refer to ciphertext generated by homomorphic operation of ciphertext obtained by encrypting based on an elliptic curve.

In this embodiment, the summation operation may be an addition operation of an elliptic curve. The multiplication operation may be a number multiplication operation. The plaintext may be represented in the form of an integer. Specifically, if summation calculation is required to be carried out on the two ciphertexts, carrying out addition operation on elliptic curves on each first point in the two ciphertexts to obtain a first summation point; carrying out addition operation of elliptic curves on each second point in the two secret marks to obtain a second summation point; and taking a point pair formed by the first summation point and the second summation point as a summation result ciphertext of homomorphic operation.

If the ciphertext and the plaintext are required to be summed, the plaintext is used as data to be encrypted and is encrypted based on an elliptic curve, then the addition operation of the elliptic curve is carried out on each first point in the two ciphers to obtain a first summation point, the addition operation of the elliptic curve is carried out on each second point to obtain a second summation point, and a point pair formed by the first summation point and the second summation point is used as a summation result ciphertext of homomorphic operation.

If the ciphertext and the plaintext are required to be multiplied, calculating a number multiplication result between a first point of the ciphertext and the plaintext, and obtaining a first product point from the number multiplication result; illustratively, the first product point may be determined by the following formula:

d1＝c1*z；

wherein d1 represents a first product point; c1 represents a first point; z represents plaintext.

Calculating a number multiplication result between a second point of the ciphertext and the plaintext, and taking the calculated number multiplication result as a second product point; illustratively, the second product point may be determined by the following formula:

d2＝c2*z；

wherein d represents a second product point; c2 represents a first point; z represents plaintext.

And taking a point pair (d 1, d 2) formed by the first product point and the second product point as a multiplication result ciphertext of homomorphic operation.

For example, if two ciphertexts need to be summed, the logic for determining the homomorphism calculation's summed result ciphertext is as follows:

the result ciphertext processed by the technical scheme of the embodiment of the disclosure can be obtained by summing two ciphertexts or summing the ciphertexts and the plaintext or multiplying the ciphertexts and the plaintext, and the result ciphertext can be obtained by homomorphic operation according to the ciphertext without decrypting the ciphertext, so that the safety of the ciphertext is improved.

Fig. 7 is a schematic structural diagram of a generating device of an elliptic curve point prestored table according to an embodiment of the present disclosure. The embodiment is suitable for the situation of generating an elliptic curve point pre-stored table. The device can be realized in a hardware and/or software mode and can be configured in electronic equipment. Referring to fig. 7, the generating device 700 of the elliptic curve point pre-stored table specifically includes the following:

the base point storage module 701 is configured to calculate coordinate data of all base points in a base discrete interval range on the elliptic curve, and store the coordinate data in a base point pre-stored table;

the interval point storage module 702 is configured to calculate identification data of an interval point within a range of each of one or more mapping discrete intervals on the elliptic curve, and store the identification data in an interval point pre-stored table;

In an alternative embodiment, the number of interval points for each mapped discrete interval is one; the interval point is the first point within the mapped discrete interval range.

In an alternative embodiment, each mapped discrete interval is the same number of points included in the underlying discrete interval.

In an alternative embodiment, the sum of the number of intervals of the mapped discrete interval and the underlying discrete interval is equal to the number of points of the mapped discrete interval.

In an alternative embodiment, the mapping relation between the difference value and the identification data of one interval point is that the number multiplication result of the difference value and the positive integer corresponds to the identification data of the interval point one by one; the positive integer represents the position of the mapped discrete interval in the finite field.

In an alternative embodiment, the identification data of the section point is a hash result calculated based on the coordinate data of the section point.

In an alternative embodiment, the interval point pre-stored table is a key value pair structure, the key domain of the key value pair structure stores interval serial numbers, the interval serial numbers are identification data of interval points, and the value domain of the key value pair structure stores serial numbers of mapping discrete intervals in a finite domain, where the interval points belong to.

In an alternative embodiment, the interval point storage module 702 includes:

a value range setting unit for setting the value range of the cycle count value to be [1, k); wherein k is the sum of the number of basic discrete intervals and all mapping discrete intervals;

A sequence number determining unit for setting a change of the cycle count value from 1 to k, and calculating a product of the current cycle count value and the number of points in the mapping discrete interval as a sequence number of the interval point for each current cycle count value; the current cycle count value is the sequence number of the mapping discrete interval to which the currently calculated interval point belongs in the finite field;

the coordinate data determining unit is used for calculating coordinate data of the interval points according to the base points of the elliptic curve and the sequence numbers of the interval points;

the identification data determining unit is used for converting the coordinate data of the interval point into a character string by adopting a setting rule, calculating the character string by adopting a setting hash algorithm to obtain a hash result, and taking the hash result as the identification data of the interval point.

In an alternative embodiment, the basic point pre-stored table is a key value pair structure, the key field of the key value pair structure stores a basic sequence number, the basic sequence number is a sequence number of the basic point in the basic discrete interval, and the value field of the key value pair structure stores coordinate data of the basic point.

Fig. 8 is a schematic structural diagram of a decryption device based on elliptic curves according to an embodiment of the present disclosure. The embodiment of the disclosure can be applied to the case of decrypting ciphertext based on elliptic curves. The device can be realized in a hardware and/or software mode and can be configured in electronic equipment. Referring to fig. 8, the elliptic curve-based decryption apparatus 800 specifically includes the following:

a public key multiple point determining module 801, configured to calculate a public key multiple point according to a private key generated based on an elliptic curve and a first point in a ciphertext;

an encryption point determining module 802, configured to calculate an encryption point according to the public key multiple point and the second point of the ciphertext;

the curve point judging module 803 is configured to determine whether the encryption point is a point on the elliptic curve according to the basic point pre-stored table and the interval point pre-stored table;

the ciphertext decrypting module 804 is configured to decrypt the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption point if the encryption point is a point on the elliptic curve;

the generating device of the elliptic curve point pre-stored table of any embodiment of the disclosure is adopted to generate the basic point pre-stored table and the interval point pre-stored table.

In an alternative embodiment, the curve point determining module 803 includes:

The coordinate data matching unit is used for matching the coordinate data of the encryption points in the basic point pre-stored table; if the matching is successful in the basic point pre-stored table, determining the encryption point as a point on the elliptic curve;

the interval point determining unit is used for calculating the difference value between the coordinate data of each basic point in the encryption point and the basic point pre-stored table if the matching in the basic point pre-stored table is unsuccessful, and determining an interval point with a mapping relation with the difference value based on the interval point pre-stored table;

and the curve point judging unit is used for determining that the encryption point is a point on the elliptic curve if the interval point with the mapping relation can be determined.

In an alternative embodiment, the apparatus further comprises:

and the encryption point conversion module is used for converting the encryption point into a positive number point if the encryption point is a negative number point of which the y coordinate is a negative number.

In an alternative embodiment, the encryption point conversion module includes:

and symmetrically converting the negative y coordinate of the encryption point into the positive y coordinate.

In an alternative embodiment, the interval point determining unit is specifically configured to:

calculating the difference value between the coordinate data of each basic point in the pre-stored table of the encryption point and the basic point;

converting the difference value into a character string according to a set rule, and carrying out hash operation on the character string according to a set hash algorithm to obtain a hash result;

Matching the hash result in an interval point pre-stored table;

and if the matching is successful in the interval point pre-stored table, determining the encryption point as a point on the elliptic curve.

In an alternative embodiment, the ciphertext decryption module may comprise:

and the ciphertext decryption unit is used for determining corresponding data to be encrypted according to indexes of the encryption points in the matching points in the basic point pre-stored table and the interval point pre-stored table.

In an alternative embodiment, the data to be encrypted is determined according to the following formula:

m＝i+(k*j)

wherein m is data to be encrypted, i is index number of basic point matched by the encryption point in the basic point mapping table, k is number of points in the mapping discrete interval, and j is index number of interval point matched by the encryption point in the interval point pre-storing table.

In an alternative embodiment, the apparatus further comprises:

the ciphertext acquisition module is used for acquiring a result ciphertext generated based on homomorphic operation; wherein the result ciphertext includes at least one of:

In the technical scheme of the disclosure, the related personal information of the user is collected, stored, used, processed, transmitted, provided, disclosed and the like, all conform to the regulations of related laws and regulations and do not violate the popular public order.

According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.

Fig. 9 shows a schematic block diagram of an example electronic device 900 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.

As shown in fig. 9, the apparatus 900 includes a computing unit 901 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 902 or a computer program loaded from a storage unit 908 into a Random Access Memory (RAM) 903. In the RAM 903, various programs and data required for the operation of the device 900 can also be stored. The computing unit 901, the ROM 902, and the RAM 903 are connected to each other by a bus 904. An input/output (I/O) interface 905 is also connected to the bus 904.

Various components in device 900 are connected to I/O interface 905, including: an input unit 906 such as a keyboard, a mouse, or the like; an output unit 907 such as various types of displays, speakers, and the like; a storage unit 908 such as a magnetic disk, an optical disk, or the like; and a communication unit 909 such as a network card, modem, wireless communication transceiver, or the like. The communication unit 909 allows the device 900 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunications networks.

The computing unit 901 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 901 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The calculation unit 901 performs the respective methods and processes described above, for example, a generation method of elliptic curve point pre-stored tables or a decryption method based on elliptic curves. For example, in some embodiments, the method of generating elliptic curve point pre-stored tables or the elliptic curve-based decryption method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as the storage unit 908. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device 900 via the ROM 902 and/or the communication unit 909. When the computer program is loaded into the RAM 903 and executed by the computing unit 901, one or more steps of the elliptic curve point pre-stored table generation method or the elliptic curve-based decryption method described above may be performed. Alternatively, in other embodiments, the computing unit 901 may be configured to perform the elliptic curve point pre-stored table generation method or the elliptic curve based decryption method in any other suitable manner (e.g. by means of firmware).

Various implementations of the systems and techniques described here above can be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.

Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.

In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.

The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome. The server may also be a server of a distributed system or a server that incorporates a blockchain.

Artificial intelligence is the discipline of studying the process of making a computer mimic certain mental processes and intelligent behaviors (e.g., learning, reasoning, thinking, planning, etc.) of a person, both hardware-level and software-level techniques. Artificial intelligence hardware technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing, and the like; the artificial intelligent software technology mainly comprises a computer vision technology, a voice recognition technology, a natural language processing technology, a machine learning/deep learning technology, a big data processing technology, a knowledge graph technology and the like.

Cloud computing (cloud computing) refers to a technical system that a shared physical or virtual resource pool which is elastically extensible is accessed through a network, resources can comprise servers, operating systems, networks, software, applications, storage devices and the like, and resources can be deployed and managed in an on-demand and self-service mode. Through cloud computing technology, high-efficiency and powerful data processing capability can be provided for technical application such as artificial intelligence and blockchain, and model training.

It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel, sequentially, or in a different order, provided that the desired results of the technical solutions provided by the present disclosure are achieved, and are not limited herein.

The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.

Claims

1. A method for generating an elliptic curve point pre-stored table comprises the following steps:

wherein, all points in the basic discrete interval and each mapping discrete interval form a finite field of the elliptic curve; the points in the mapped discrete interval comprise the interval point and a plurality of non-interval points; and a mapping relation exists between the difference value between the coordinate data of any non-interval point in the mapping discrete interval and the coordinate data of the basic point and the identification data of the interval point.

2. The method of claim 1, wherein the number of interval points per mapped discrete interval is one; the interval point is the first point in the mapped discrete interval range.

3. The method of claim 1, wherein each mapped discrete interval is the same as the number of points included in the base discrete interval.

4. A method according to claim 3, wherein the sum of the number of intervals of the mapped discrete interval and the underlying discrete interval is equal to the number of points in the mapped discrete interval.

5. The method according to claim 1, wherein the mapping relationship between the difference value and the identification data of the interval point is that the difference value and the positive integer number multiplication result are in one-to-one correspondence with the identification data of the interval point; the positive integer represents a position of the mapped discrete interval in the finite field.

6. The method according to any one of claims 1 to 5, wherein the identification data of the section point is a hash result calculated based on the coordinate data of the section point.

7. The method of claim 6, wherein the interval point pre-stored table is a key value pair structure, a key field of the key value pair structure stores identification data of the interval point, a value field of the key value pair structure stores an interval sequence number, and the interval sequence number is a sequence number of a mapping discrete interval to which the interval point belongs in the finite field.

8. The method of claim 7, wherein the calculating of the identification data of the interval points within each of the mapped discrete interval ranges of the one or more mapped discrete intervals on the elliptic curve and storing in the interval point pre-stored table comprises:

setting the value range of the cycle count value as [1, k); wherein k is the sum of the number of basic discrete intervals and all mapping discrete intervals;

setting the change of the cycle count value from 1 to k, and calculating the product of the current cycle count value and the number of points in the mapping discrete interval as the sequence number of the interval point for each current cycle count value; the current cycle count value is the sequence number of the mapping discrete interval to which the currently calculated interval point belongs in the finite field;

calculating coordinate data of the interval points according to the base points of the elliptic curve and the sequence numbers of the interval points;

and converting the coordinate data of the interval point into a character string by adopting a set rule, operating the character string by adopting a set hash algorithm to obtain a hash result, and taking the hash result as the identification data of the interval point.

9. The method of claim 1, wherein the base point pre-stored table is a key-value pair structure, a key field of the key-value pair structure stores a base sequence number, the base sequence number is a sequence number of the base point in the base discrete interval, and a value field of the key-value pair structure stores coordinate data of the base point.

10. A decryption method based on elliptic curves, comprising:

determining whether the encryption point is a point on the elliptic curve according to a basic point pre-stored table and an interval point pre-stored table;

if the encryption point is a point on the elliptic curve, decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encryption point;

wherein the basic point pre-stored table and the interval point pre-stored table are generated by adopting the generating method of the elliptic curve point pre-stored table according to any one of claims 1 to 9.

11. The method of claim 10, wherein the determining whether the encryption point is a point on the elliptic curve according to a base point pre-stored table and an interval point pre-stored table comprises:

matching the coordinate data of the encryption points in the basic point pre-stored table; if the matching is successful in the basic point pre-stored table, determining the encryption point as a point on the elliptic curve;

if the matching in the basic point pre-stored table is unsuccessful, calculating the difference value between the coordinate data of each basic point in the encryption point and the basic point pre-stored table, and determining an interval point with a mapping relation with the difference value based on the interval point pre-stored table;

And if the interval point with the mapping relation can be determined, determining the encryption point as a point on the elliptic curve.

12. The method according to claim 10 or 11, wherein before determining whether the encryption point is a point on the elliptic curve according to the base point pre-stored table and the interval point pre-stored table, further comprising:

if the encryption point is a negative point where the y coordinate is negative, the encryption point is converted into a positive point.

13. The method of claim 12, wherein converting the encryption point to a positive number point comprises:

and symmetrically converting the negative y coordinate of the encryption point into a positive y coordinate.

14. The method of claim 11, wherein the calculating the difference between the encrypted point and the coordinate data of each base point in the base point pre-stored table, and determining the interval point having a mapping relationship with the difference based on the interval point pre-stored table, comprises:

Matching the hash result in the interval point pre-stored table;

15. The method of claim 10, wherein the decrypting the ciphertext according to the base point pre-stored table, the interval point pre-stored table, and the encryption point comprises:

and determining corresponding data to be encrypted according to indexes of the encryption points in the basic point pre-stored table and the interval point pre-stored table.

16. The method of claim 15, wherein the determining corresponding data to be encrypted according to the indexes of the matched points of the encryption points in the base point pre-stored table and the interval point pre-stored table comprises:

the data to be encrypted is determined according to the following formula:

m＝i+(k*j)

wherein m is data to be encrypted, i is index number of basic point matched by encryption point in the basic point mapping table, k is number of points in mapping discrete interval, and j is index number of interval point matched by encryption point in interval point pre-storing table.

17. The method of claim 10, the method further comprising:

obtaining a result ciphertext generated based on homomorphic operation; wherein the result ciphertext comprises at least one of:

If the two ciphertexts need to be summed, summing the first points in the two ciphertexts to obtain a first summing point, summing the second points to obtain a second summing point, and taking the first summing point and the second summing point as a summing result ciphertext of homomorphic operation;

if the ciphertext and the plaintext are required to be summed, encrypting the plaintext as data to be encrypted, summing each first point in the two ciphers to obtain a first summing point, summing each second point to obtain a second summing point, and taking the first summing point and the second summing point as a summing result ciphertext of homomorphic operation;

if the ciphertext and the plaintext need to be subjected to multiplication, a first point of the ciphertext and the plaintext are subjected to multiplication operation to obtain a first product point, a second point of the ciphertext and the plaintext are subjected to multiplication operation to obtain a second product point, and the first product point and the second product point are used as multiplication result ciphertext of homomorphic operation.

18. An elliptic curve point pre-stored table generating device comprises:

19. A elliptic curve-based decryption device comprising:

the ciphertext decrypting module is used for decrypting the ciphertext according to the basic point pre-stored table, the interval point pre-stored table and the encrypting points if the encrypting points are points on the elliptic curve;

Wherein the basic point pre-stored table and the section point pre-stored table are generated by the elliptic curve point pre-stored table generating device according to claim 18.

20. An electronic device, comprising:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein,

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the elliptic curve point pre-stored table generation method of any one of claims 1-9 or the elliptic curve based decryption method of any one of claims 10-17.

21. A non-transitory computer-readable storage medium storing computer instructions for causing the computer to perform the elliptic curve point pre-stored table generation method according to any one of claims 1-9 or the elliptic curve-based decryption method according to any one of claims 10-17.