JP6305946B2 - Secret pattern matching apparatus, method and program - Google Patents

Description

  The present invention relates to a cryptographic application technique, and more particularly to a secret calculation technique for processing data without revealing input data.

  There is a technique described in Non-Patent Document 1 as a pattern matching technique for a concealed character string. In this method, pattern matching is performed in a state in which both the target character string and pattern for pattern matching are concealed, and a concealed pattern matching result is obtained. This method can also use wildcards that correspond to any character.

Hiroki Kajita, Naoto Kiryu, Dai Igarashi, “Round efficient secret calculation pattern matching”, Computer Security Symposium 2014.

However, the conventional method is not adapted to pattern matching that can specify whether or not to distinguish between types of notation.
An object of the present invention is to perform pattern matching that can specify whether or not to distinguish between types of notation by secret calculation.

  The target character type information indicating whether the notation of the target character corresponds to a specific type and the pattern character type information indicating whether the notation of the pattern character corresponds to a specific type, and the target character The determination result based on the first information indicating whether or not the condition that the target code representing the content of the pattern and the pattern code representing the content of the pattern character match, and the condition that the target code and the pattern code match A concealment determination result obtained by concealing the second determination result based on the second information indicating whether or not the condition is satisfied is obtained. Concealment according to the third determination result based on the first determination result when the determination condition indicates that the type of notation is distinguished, and based on the second determination result when the determination condition indicates that the type of the notation is not distinguished Get information.

  Thereby, the pattern matching which can designate the presence or absence of distinction of the description classification is realizable by secret calculation.

FIG. 1 is a block diagram illustrating the configuration of the secret pattern matching system of the embodiment. FIG. 2 is a block diagram illustrating a functional configuration of the secret pattern matching apparatus according to the embodiment. 3A is a block diagram illustrating the functional configuration of the terminal device according to the embodiment, and FIG. 3B is a block diagram illustrating the functional configuration of the database device according to the embodiment. 4A is a flowchart for illustrating the processing of the terminal device of the embodiment, and FIG. 4B is a flowchart for illustrating the processing of the secret pattern matching device of the embodiment. FIG. 5A is a diagram illustrating an example of target codes and pattern codes (code points after conversion). FIG. 5B illustrates the relationship between the target character or pattern character, the target character type information or pattern character type information example (uppercase flag and lowercase flag), and the target code and pattern code example (converted code point). It is a figure for doing. 6A and 6B are examples of first information indicating whether or not the condition that the target character type information and the pattern character type information match and the target code and the pattern code match is satisfied (Result II). ). 6C and 6D are diagrams illustrating an example of the second information (result III) indicating whether or not the condition that the target code matches the pattern code is satisfied. 7A and 7B are examples of first information indicating whether or not the condition that the target character type information matches the pattern character type information and the target code matches the pattern code is satisfied (Result II). ). 7C and 7D are diagrams illustrating an example (result III) of the second information indicating whether or not the condition that the target code matches the pattern code is satisfied. FIG. 8A and FIG. 8B are diagrams exemplifying a first determination result example (pattern matching result x _n ) based on the first information example (result II). FIG. 9A and FIG. 9B are diagrams exemplifying a second determination result example (pattern matching result y _n ) based on the second information example (result III).

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
[the term]
Terms used in each embodiment are defined.
“Character” means a symbol having a visual expression and capable of an encoded expression. The “character” may be a symbol (non-graphic character) formed using a line or a point for transmitting and recording a language, or may be a symbol (graphic character) according to the symbol. An example of “character” is an encoded character defined by the character code standard.

  “Pattern matching” means an operation for determining whether “target character string (target information)” satisfies the condition of “pattern character string (pattern information)”. Both “target character string” and “pattern character string” include one or more characters. Each character included in the “target character string” is referred to as a “target character”, and each character included in the “pattern character string” is referred to as a “pattern character”. Examples of “target character string” and “pattern character string” are a character string and a search keyword included in text data (document data, numerical data, etc.). For example, “target character string” may be a character string included in text data, and “pattern character string” may be a search keyword, and “target character string” and “pattern character string” are the same or different from each other. It may be a character string included in the text data.

  “Type (class)” means a type of character notation. For example, examples of “type” are uppercase letters, lowercase letters, half-width characters, full-width characters, specific fonts, and the like. “Character type information” means information (flag) indicating whether or not a character notation corresponds to a specific type. When the character notation corresponds to a specific type, the value of “character type information” is true (T) (valid), and when the character notation does not correspond to a specific type, the “character type information” The value is false (F) (invalid). For example, in the case of the character “A”, the character type information “uppercase” is true (T) (valid), and the character type information “lowercase” is false (F) (invalid). “Character type information” of “target character” is called “target character type information”, and “character type information” of “pattern character” is called “pattern character type information”.

  “Character content” means the concept represented by “character”. For example, uppercase “A” and lowercase “a” represent the same concept (the first letter of the alphabet), and the content of “A” is the same as the content of “a”. The “target code” is a code representing the content of the “target character”, and the “pattern code” is a code representing the content of the “pattern character”. When the “target character” and the “pattern character” represent the same content, the “target code” and the “pattern code” are the same. For example, the “target code” corresponding to “A” and the “pattern code” corresponding to “a” are the same. On the other hand, even if the “type” is the same, when the “target character” and the “pattern character” represent different contents, the “target code” and the “pattern code” are different. For example, a “target code” corresponding to “A” is different from a “pattern code” corresponding to “B”.

[First Embodiment]
Hereinafter, the first embodiment will be described.
<Structure>
As illustrated in FIG. 1, the secret pattern matching system 1 of this embodiment includes a terminal device 12, a secret pattern matching device 11 ₁ -11 _N , and a database device 13 ₁ -13 _N. However, N is an integer greater than or equal to 1. For example, in the present system, N ≧ 2 when performing secret calculation based on the secret sharing scheme or the secret circuit scheme, and N = 1 when performing secret calculation based on the homomorphic encryption scheme.

As illustrated in FIG. 2, the secret pattern matching device 11 _n (where n∈ {1,..., N}) of the present embodiment includes an input unit 111 _n and a secret match determination unit 112 _n −k (where kε {1,..., K}, K is an integer of 1 or more (odd or even number), a concealment coincidence determination unit 113 _n , a concealment AND operation unit 114 _n , 115 _n , 116 _n , a concealment logical operation unit 117 _n , output unit 118 _n , and control unit 119 _n . Here, the concealment coincidence determination unit 112 _n -k, the concealment coincidence determination unit 113 _n , and the concealment logical product operation units 114 _n , 115 _n , and 116 _n are examples of the first operation unit, and the concealment logic operation unit 117 _n It is an example of a 2nd calculating part. For convenience of explanation, each part is described as an independent part, but they do not have to be independent parts. For example, the concealment coincidence determination unit 112 _n -k and the concealment coincidence determination unit 113 _n may be the same part, or the concealment AND operation units 114 _n , 115 _n , and 116 _n may be the same part. .

As illustrated in FIG. 3A, the terminal device 12 according to the present embodiment includes input units 121 and 126, a character type information acquisition unit 122, a code point conversion unit 123, a concealment unit 124, an output unit 125, a restoration unit 127, and a control. Part 128. As illustrated in FIG. 3B, the database apparatus 13 _n (where n∈ {1,..., N}) of the present embodiment includes a storage unit 131 _n , an extraction unit 132 _n , an output unit 133 _n , and an input unit 134. _n , a restoration unit 135 _n , and a control unit 136 _n .

Each device includes, for example, a general-purpose or dedicated memory including a communication device, a processor (hardware processor) such as a CPU (central processing unit), a RAM (random-access memory), a ROM (read-only memory), etc. The computer is configured by executing a predetermined program. The computer may include a single processor and memory, or may include a plurality of processors and memory. This program may be installed in a computer, or may be recorded in a ROM or the like in advance. In addition, some or all of the processing units are configured using an electronic circuit that realizes a processing function without using a program, instead of an electronic circuit (circuitry) that realizes a functional configuration by reading a program like a CPU. May be. An electronic circuit constituting one device may include a plurality of CPUs. Each device performs each process based on the control of the respective control units 119 _n , 128, and 136 _n .

<Pre-processing>
In the pre-processing, the database of the ciphertext C of the text data and the “confidential database” corresponding to the “target character string” included in each of the text data are stored in the storage unit 131 _{n of the} database device 13 _n (FIG. 3B). Stored in The “concealed database” includes one or a plurality of concealment records [d] _n . Concealing Records _{[d] n} is target character string (target _{information) d = (d 1, ···} , d M) ( although, M is a positive integer) each object character _{d m} included in (but, m∈ {1, ···, M} ) and, the target character _{d m} object character type information (flag notation indicating whether corresponds to a specific type _{of) df m, k ∈ {T} , F} (However, k∈ {1, ···, K }) and a concealment information of the target code dc _m and has the associated data structures representing the contents of the target character _{d m.} There is no limitation on the configuration of the target code dc _m . For example, if the target character d _m is lowercase, the original code point (Unicode, etc.) into the code point of the upper case (converted code point), the "post-conversion code point" to the target code dc _m To do. Further, for example, the target character d _m may be uppercase, to target code dc _m the code point of the original as it is as "converted code point". For example, the original code point “U + 0041” of “A” is the target code dc _m of “A” and “a”, and the original code point “U + 0042” of “B” is the target code of “B” and “b”. It is set as dc _m (FIG. 5A). Target character type information df _m, but is not limited to the configuration of _k, for example, K = 2 and then, uppercase object character type information object character d _m represents whether the upper case flag df _{m, 1} ∈ {T , F}, and the target character type information indicating whether it is a small letter is a small letter flag df _{m, 2} ∈ {T, F}. For example, the uppercase flag df _{m, 1} of “A” is “T”, the lowercase flag dfm _{, 2} is “F”, the uppercase flag dfm _{, 1} of “a” is “F”, and the lowercase flag df _{m, 1 2} is “T”, uppercase flag df _{m, 1} of “B” is “T”, lowercase flag df _{m, 2} is “F”, and uppercase flag df _{m, 1} of “b” is “F”. The small letter flag df _{m, 2} is “T” (FIG. 5B). In addition, if the target character type information df _{m, k} and the target code dc _m can be secretly calculated, the target character type information df _{m, k} and the target code dc _m may be individually concealed. The target character type information df _{m, 1} ,..., Df _{m, K} and the target code dc _m may be concealed together, or may be concealed together in other units. There is no limitation on the concealment method, and if it is possible to perform match determination (equal sign determination) and logical operation (logical sum, logical product, logical negation) by secret calculation, secret sharing method (Shamir secret sharing method, etc.), concealment Any method such as a circuit method or a homomorphic encryption method may be used. For example, Non-Patent Document 1 and Reference Document 1 (Damgard, I., Fitzi, M., Kiltz, E., Nielsen, JB, & Toft, T. (2006), “Unconditionally secure constant-rounds multi-party computation for Equality, comparison, bits and exponentiation, “In Theory of Cryptography (pp. 285-304). Springer Berlin Heidelberg.) may be used.

<Pattern matching process>
As illustrated in FIG. 4A, the input unit 121 of the terminal device 12 (FIG. 3A) has a determination condition a∈ {T, F} indicating whether to distinguish the notation type, and a pattern character string (pattern information). p = (p ₁ ,..., p _M ) is input. The determination condition “a” is “true (T)” indicating that “notation type is distinguished” or “false (F)” indicating that “notation type is not distinguished”. The pattern character string p includes M pattern characters p ₁ ,..., P _M. The determination condition a is sent to the concealment unit 124, and the pattern character string p is sent to the character type information acquisition unit 122 and the code point conversion unit 123 (step S121).

The character type information acquisition unit 122 indicates whether each notation of each pattern character p _m (where m∈ {1,..., M}) included in the pattern character string p corresponds to a specific type. The type information (flag) pf _{m, k} ε {T, F} (where kε {1,..., K}) is obtained and output. The pattern character type information pf _{m, k} is generated according to the same standard (for example, FIG. 5B) as the target character type information df _{m, k} . For example a K = 2, and the pattern character type information pattern character p _m represents whether the upper case upper case flag _{pf m, 1 ∈ {T,} F} and the pattern character type information indicating whether a lowercase Is a lowercase flag pf _{m, 2} ε {T, F} (step S122). The code point conversion unit 123 obtains and outputs a pattern code pc _m representing the contents of each pattern character p _m (where mε {1,..., M}) included in the pattern character string p. The pattern code pc _{m is} also generated according to the same standard (for example, FIG. 5A) as the target code dc _m (step S123).

The concealment unit 124 uses the same concealment method as the above-mentioned “concealment database”, and concealment information corresponding to the determination condition a (the concealment determination condition in which the determination condition a is concealed) [a] _n , and Confidential information corresponding to pattern character type information pf _{m, 1} ,..., Pf _{m, K} and pattern code pc _m of each pattern character p _m (where m∈ {1,..., M}) [ containing _{p] n,} concealing query _[a] n, and outputs to obtain _{[p] n.} If secret calculation is possible for each pattern character type information pf _{m, k} and pattern code pc _m , the pattern character type information pf _{m, k} and pattern code pc _m may be individually concealed, The pattern character type information pf _{m, 1} ,..., Pf _{m, K} and the pattern code pc _m may be concealed together or may be concealed together in other units (step S124). .

The concealment query [a] _n , [p] _n is sent to the output unit 125, and the output unit 125 sends the concealment query [a] _n , [p] _n to the concealment pattern matching device 11 _n (where n∈ { 1,..., N}) (step S125).

As illustrated in FIG. 4B, the concealment queries [a] _n and [p] _n are input to the input unit 111 _n of the concealment pattern matching device 11 _n (FIG. 2) (step S110 _n ). The control unit 119 _n generates a transmission request for the concealment record and transmits it from the output unit 118 _n . The transmission request is input to the input unit 134 _n of the database device 13 _n (FIG. 3B) and sent to the extraction unit 132 _n . Extractor 132 _n extracts one of concealing records _{[d] n} of concealing the database from the storage unit 131 _n, and transmits from the output unit 133 _n. The concealment record [d] _n is input to the input unit 111 _n of the concealment pattern matching device 11 _n (FIG. 2) (step S111 _n ).

The secret match determination unit 112 _n −k (where k∈ {1,..., K}) and the secret match determination unit 113 _n of the secret pattern matching device 11 _n (FIG. 2) are [d] _n and [p ] With _n as an input, the following steps S112 _n and S113 _n are executed for m∈ {1,..., M}. These processes may be executed in order for each m, or may be executed simultaneously for a plurality of m.

"Step S112 _n"
The secret match determination unit 112 _n −k (where k∈ {1,..., K}) matches df _{m, k} and pf _{m, k} by match determination (equal sign determination) by secret calculation. If _{(df m, k = pf m} , k) true (T), and when they do not match _{(df m, k ≠ pf m} , k) becomes false (F) to the matching determination result _{rf m, k} ∈ {T , F} concealment information [rf _{m, k} ] _n is obtained and output. In the example of FIG. 6A, the target character _{d m} = "A", a case flag _{df m,} 1 = T, lowercase flag _{df m,} 2 = F, the pattern character _{p m} = "a", uppercase flag pf _{m , 1} = F and the small letter flag pf _{m, 2} = T, so rf _{m, 1} = F and rf _{m, 2} = F. In the example of FIG. 6B, the target character _{d m} = "a" is an uppercase flag _{df m,} 1 = F, lowercase flag _{df m,} 2 = T, the pattern character _{p m} = "a", uppercase flag pf _{m , 1} = F, and the small letter flag pf _{m, 2} = T, so that rf _{m, 1} = T and rf _{m, 2} = T. In the example of FIG. 7A, the uppercase flag df _{m, 1} = T and the lowercase flag df _{m, 2} = F for the target character d _m = “B”, and the uppercase flag pf _{m, 1} for p _m = “a”. = F and the small letter flag pf _{m, 2} = T, so rf _{m, 1} = F and rf _{m, 2} = F (result I). In the example of FIG. 7B, _{d m} = the "b" is an uppercase flag _{df m,} 1 = F, lowercase flag _{df m,} 2 = T, the pattern character _{p m} = "a", uppercase flag _{pf m, 1} = F and the small letter flag pf _{m, 2} = T, so rf _{m, 1} = T and rf _{m, 2} = T (result I). Incidentally, for example, "T" is 1, when 0 to "F", _{df m, k} and _{pf m,} match determination that _k is the negation of exclusive OR of _{df m, k} and _{pf m, k} It becomes. Such coincidence determination by secret calculation can be realized, for example, by the method described in Reference 1 (hereinafter the same).

The secret match determination unit 113 _n is true (T) and does not match when the target code dc _m and the pattern code pc _m match (dc _m = pc _m ) by match determination (equal sign determination) by secret calculation. In the case (dc _m ≠ pc _m ), the concealment information [rc _m ] _n of the coincidence determination result rc _m ε {T, F} that is false (F) is obtained and output. In the example of FIGS. 6A to 6D, dc _m = pc _m = “U + 0041”, and therefore rc _m = T (result I). In the example of FIGS. 7A to 7D, dc _m = “U + 0042” and pc _m = “U + 0041”, and therefore rc _m = F (result I and result III). The match determination result rc _m is an example of “second information indicating whether or not a condition that the target code dc _m and the pattern code pc _m match” is satisfied. The match determination result rc _m is true (T) when the target code dc _m and the pattern code pc _m match, and is false (F) when the target code dc _m and the pattern code pc _m are different.

"Step S113 _n"
The concealment AND unit 114 _n receives [rf _{m, k} ] _n (where k∈ {1,..., K}) and [rc _m ] _n as inputs, and performs (rf _{m, 1} = T) AND (rf _{m, 2} = T) AND... AND (rf _{m, K} = T) AND (rc _m = T) is true (T), otherwise it is false ( F) The concealment information [CON _m ] _n (where mε {1,..., M}) of the logical product CON _m ε {T, F} is obtained and output. “AND” represents a logical product. In the example of FIG. 6A, CON _m = F, in the example of FIG. 6B, CON _m = T, in the example of FIG. 7A, CON _m = F, and in the example of FIG. 7B, CON _m = F (result II). For example, if “T” is 1 and “F” is 0, then CON _m = (rf _{m, 1} ) AND (rf _{m, 2} ) AND... AND (rf _{m, K} ) AND (rc _m ) . Such a logical product by the secret calculation can be realized, for example, by a method described in Non-Patent Document 1 or the like (hereinafter the same). Further, the logical product CON _m has the condition that “the target character type information df _{m, k} and the pattern character type information pf _{m, k} match, and the target code dc _m and the pattern code pc _m match. It is an example of “first information indicating whether or not to satisfy”. The logical product CON _m is true (T) when the target character type information df _{m, k} matches the pattern character type information pf _{m, k} and the target code dc _m matches the pattern code pc _m . , If the target character type information df _{m, k} and the pattern character type information pf _{m, k} are different, or if the target code dc _m and the pattern code pc _m are different (step S112 _n and S113 described the end of the _n of processing).

The concealment AND operation unit 115 _n receives [CON _m ] _n (where m∈ {1,..., M}) as an input, and performs (CON ₁ = T) AND (CON ₂ ) by logical product based on the secret calculation. = T) AND ... The concealment information [x] _n of the pattern matching result x, which is a logical product that is true (T) when AND (CON _M = T) and is false (F) otherwise. Output. For example, when “T” is 1 and “F” is 0, x = (CON ₁ ) AND (CON ₂ ) AND... AND (CON _M ). In the example of FIG. 8A, M = 3, CON ₁ = F, CON ₂ = F, CON ₃ = T, and x = F. In the example of FIG. 8B, M = 3, CON ₁ = T, CON ₂ = T, CON ₃ = T, and x = T. When M = 1, x = CON ₁ is satisfied. The pattern matching result x is an example of “first determination result based on first information”. The pattern matching result x is true (T) when all the logical products CON ₁ ,..., CON _M corresponding to the pattern character string p (and the target character string d) are true (T). It is false (F) when any CON _m corresponding to the column d is false (F). [X] _n is an example of “a concealment determination result in which the first determination result is concealed” (step S114 _n ).

The concealment AND operation unit 116 _n receives [rc _m ] _n (where m∈ {1,..., M}) as an input, and performs (rc ₁ = T) AND (rc ₂ ) by logical product based on the secret calculation. = T) AND ... The concealment information [y] _n of the pattern matching result y, which is a logical product that is true (T) when AND (rc _M = T) and false (F) otherwise. Output. For example, when “T” is 1 and “F” is 0, rc _m = (rc ₁ ) AND (rc ₂ ) AND... AND (rc _M ). In the example of FIG. 9A, M = 3, rc ₁ = T, rc ₂ = T, rc ₃ = T, and y = T. In the example of FIG. 9B, M = 3, rc ₁ = F, rc ₂ = T, rc ₃ = T, and y = F. When M = 1, y = rc ₁ is satisfied. The pattern matching result y is an example of “second determination result based on second information”. The pattern matching result y is true (T) when all rc _m corresponding to the pattern character string p (and the target character string d) are true (T), and any rc _m corresponding to the pattern information p is obtained. Is false (F) when is false (F). [Y] _n is an example of “a concealment determination result in which the second determination result is concealed” (step S115 _n ).

The concealment logic operation unit 117 _n receives [a] _n , [x] _n , and [y] _n as input, and when the determination condition is a = T (representing the distinction of the notation type) by logical operation by secret calculation. Case)) based on the pattern matching result x (first determination result), and when the determination condition a = F (indicating that the notation type is not distinguished), the result r based on the pattern matching result y (second determination result). The concealment information [r] _n corresponding to (third determination result) is obtained and output. In the present embodiment, concealment information [r] _n in which r is concealed as a result of r = x when the determination condition a = T and r = y when the determination condition a = F is obtained and output. For example, the concealment logic operation unit 117 _n is true (T) when {(x = T) AND (a = T)} OR {(y = T) AND (a = F)}, and otherwise. Obtain and output the concealment information [r] _{n in} which the logical operation value rε {T, F} that is false (F) is concealed. “OR” represents a logical sum. That is, the logical operation value r is (1) the pattern matching result x is true and the determination condition a is true, or (2) the pattern matching result y is true and the determination condition a True if is false, false otherwise. For example, if “T” is 1 and “F” is 0, then r = (x AND a) OR (y AND (1-a)) and [r] _n = [(x AND a) OR (y AND (1-a))] _n . Such a logical operation by the secret calculation can be realized by a method described in Non-Patent Document 1 or the like (step S116 _n ). [R] _n is transmitted from the output unit 118 _n (step S117 _n ).

[R] _n is transmitted to one of the database devices 13 _n and is input to the input unit 134 _n of the database device 13 _n (FIG. 3B). [R] _n is sent to the restoration unit 135 _n to obtain a restoration value r. Here, when a = T, r = x∈ {T, F}, and when a = F, r = y∈ {T, F}. The restoration value r is sent to the extraction unit 132 _n . When r = T, the restored value r is extracted from the storage unit 131 _n as the ciphertext C of the text data corresponding to the concealment record [d] _n extracted in step S111 _n , and transmitted from the output unit 133 _n. To do. The ciphertext C is input to the input unit 126 of the terminal device 12, and is restored to the text data m by the restoration unit 127 and output. On the other hand, when r = F, a new concealment record [d] _n is extracted from the storage unit 131 _{n as the} restoration value r, and the processes after step S111 _n are repeated. If there is no new concealment record [d] _{n in the} storage unit 131 _n , an error message may be returned.

  As described above, in this embodiment, it is possible to specify whether or not to distinguish between the types of notation according to the determination condition a, and each process can be realized by a coincidence determination by a secret calculation or a logical operation. Thereby, the pattern matching which can designate the presence or absence of distinction of the description classification is realizable by secret calculation.

[Modifications, etc.]
The present invention is not limited to the above-described embodiment. For example, in the above-described embodiment, the target character string d = (d ₁ ,..., D _M ) included in the text data and the pattern character string p = (p ₁ , ... was subjected to pattern matching with the _{p M).} That is, pattern matching between the target character string d and the pattern character string p, which is all or part of the text data, is performed. As a modification, pattern matching may be performed between a character string that is all or part of text data and a pattern that includes pattern characters and special symbols. Special symbols are those that match any target character. Examples of special symbols include “wild cards” that match one arbitrary target character, “infinite length gaps” that match zero or more arbitrary target characters, and the like. For such pattern matching, matching with a pattern character by a known method (for example, Non-Patent Document 1) that performs pattern matching using a pattern including a special symbol is performed for each character (M = 1) in step S112 _n −. S117 can be realized by replacing the _n processing.

For M = 1, concealment AND operation section is omitted _{115 n,} 116 n, concealed logical product obtained by the calculation unit 114 _n and _{[CON m] n} as a _{[x] n,} concealment matching determining unit 113 _n [Rc _m ] _n obtained in step (b) may be used as [y] _n as it is.

  In the above-described embodiment, r = x when the determination condition a = T, and r = y when the determination condition a = F. However, when the determination condition a = T, the value according to x and other information may be r, and when the determination condition a = F, the value according to y and other information may be r.

There are a plurality of sets of determination condition a, pattern character string p = (p ₁ ,..., P _M ), and target character string d = (d ₁ ,..., D _M ). step S112 processes the _n -S117 _n may be performed. Alternatively, concealment information in which a logical operation result (logical product or the like) of the result r for each pair is concealed may be output. The determination conditions a and M of each set may be the same or different. Such concealment information of the logical operation result is also “second when the determination condition indicates that the notation type is not distinguished based on the first determination result when the determination condition indicates that the notation type is distinguished. This corresponds to “confidential information according to the third determination result” based on the determination result.

  Both the pattern character string p and the target character string d may be included in the same or different text data. Both the pattern character string p and the target character string d may be input text. This method may be used not to extract the text as described above but to extract the target character string d that matches the pattern character string p from the text. Further, if secret calculation is possible, the pattern matching result x and the pattern matching result y may be individually concealed, or may be concealed together.

In the above-described embodiment, the database device 13 _n includes the restoration unit 135 _n , restores the restoration value r from the input [r] _n , and creates a new concealment record [d] _n or text according to the restoration value r. The ciphertext C of the data was extracted. However, the database device 13 _n may not have the restoration unit 135 _n , and the storage unit 131 _n may hold text data concealment information that can be secretly calculated instead of the ciphertext C of the text data. In this case, the extraction unit 132 _n may use [r] _n as it is and extract a new concealment record [d] _n or concealment information of text data by secret calculation.

  Instead of each device exchanging information via a network, at least some of the devices may exchange information via a portable recording medium. Alternatively, at least some of the devices may exchange information via a non-portable recording medium. That is, the combination which consists of a part of these apparatuses may be the same apparatus. For example, the terminal device and the database device may be the same device, and the database device and the secret pattern matching device may be the same device.

  The various processes described above are not only executed in time series according to the description, but may also be executed in parallel or individually as required by the processing capability of the apparatus that executes the processes. Needless to say, other modifications are possible without departing from the spirit of the present invention.

  When the above configuration is realized by a computer, the processing contents of the functions that each device should have are described by a program. By executing this program on a computer, the above processing functions are realized on the computer. The program describing the processing contents can be recorded on a computer-readable recording medium. An example of a computer-readable recording medium is a non-transitory recording medium. Examples of such a recording medium are a magnetic recording device, an optical disk, a magneto-optical recording medium, a semiconductor memory, and the like.

  This program is distributed, for example, by selling, transferring, or lending a portable recording medium such as a DVD or CD-ROM in which the program is recorded. Furthermore, the program may be distributed by storing the program in a storage device of the server computer and transferring the program from the server computer to another computer via a network.

  A computer that executes such a program first stores, for example, a program recorded on a portable recording medium or a program transferred from a server computer in its own storage device. When executing the process, this computer reads a program stored in its own recording device and executes a process according to the read program. As another execution form of the program, the computer may read the program directly from the portable recording medium and execute processing according to the program, and each time the program is transferred from the server computer to the computer. The processing according to the received program may be executed sequentially. The above-described processing may be executed by a so-called ASP (Application Service Provider) type service that realizes a processing function only by an execution instruction and result acquisition without transferring a program from the server computer to the computer. Good.

  Even if the data structure including the concealment information of the information in which the target character type information indicating whether the notation of the target character corresponds to a specific type and the target code indicating the content of the target character is associated is distributed Good. This distribution is performed by selling, transferring, or lending a portable recording medium or transferring the portable recording medium via a network. In such a data structure, the first arithmetic unit matches the target character type information and the pattern character type information indicating whether the notation of the pattern character corresponds to the specific type, and the target code And the first determination result based on the first information indicating whether or not the condition that the pattern code representing the content of the pattern character matches is satisfied, and the condition that the target code and the pattern code match When the second determination result based on the second information indicating whether or not the information is concealed is obtained and the second calculation unit indicates that the determination condition indicates the type of the notation, the second determination result Based on one determination result, it is used to obtain concealment information corresponding to a third determination result based on the second determination result when the determination condition indicates that the type of notation is not distinguished.

  In the above embodiment, the processing functions of the apparatus are realized by executing a predetermined program on a computer. However, at least a part of these processing functions may be realized by hardware.

  The above-described technique can be used for, for example, database search by secret calculation on the cloud.

DESCRIPTION OF SYMBOLS 1 Secret pattern matching system 11 _n Secret pattern matching apparatus 12 Terminal device 13 _n Database apparatus

Claims (5)

Target string _{d = (d 1, ...,} d M) target character type information indicating whether notation to include the target character d _m corresponds to a particular type df _{m, k} ∈ {1,0} a pattern string _{p = (p 1, ···,} p M) pattern character representation of the included pattern letters p _m indicating whether corresponding to the specific type to the type information pf _{m, k} ∈ { 1,0} and match and a target code dc _m representing the content of the object character d _m and the pattern character p pattern code pc _m representing the contents of the _m match, if the condition that 1 And the first determination result xε {1 , 0} based on the first information CON _m ε {1, 0} that becomes 0 if not satisfied , and the target code dc _m and the pattern code pc _m match 1 next to the case conditions are satisfied that, and 0 if not satisfied Second judgment result y∈ {1,0}, is concealed by the concealment decision result _{[x] n} and a first arithmetic unit for obtaining a _{[y] n} based on the second information rc _m ∈ {1,0} that When,
Based on the first determination result x when the determination condition a ∈ {1, 0} indicates that the notation type is distinguished, the second determination is performed when the determination condition a indicates that the notation type is not distinguished. A second computing unit that obtains concealment information [r] _n based on the result y and concealing the third determination result rε {1, 0} ;
I have a,
M is an integer greater than or equal to 1, K is a positive integer, m∈ {1,..., M}, k∈ {1,.
The first determination result x is (CON ₁ ) AND (CON ₂ ) AND... AND (CON _M ).
The second determination result y is (rc ₁ ) AND (rc ₂ ) AND... AND (rc _M )
a = 1 indicates that the type of the notation is distinguished, a = 0 indicates that the type of the notation is not distinguished,
The first calculation unit includes a concealment record [d] _n in which the target character type information df _{m, k} and the target code dc _m are concealed , and the pattern character type information pf _{m, k} and the pattern code. The confidential information [p] _{n in} which pc _m is concealed is input, and the concealment determination results [x] _n and [y] _n are obtained by secret calculation ,
The second calculation unit receives the concealment determination results [x] _n and [y] _n and the concealment information [a] _{n in} which the determination condition a is concealed, and performs the third determination by secret calculation. get result r = (x aND a) OR (y aND (1-a)) is concealed by the concealment information [(x aND a) OR ( y aND (1-a))] n, confidential pattern matching apparatus. The secret pattern matching device according to claim 1,
df _m, k = 1 represents that corresponding to the particular type of representation of the target character _{d m} corresponding to _{k, df m,} k = 0 is given to representation of the target character _{d m} corresponding to the k Indicates that it does not fall under the category,
pf _m, k = 1 represents that corresponding to the particular type of representation of the pattern character _{p m} corresponds to _{k, pf m,} k = 0 is given to representation of the pattern character _{p m} corresponds to the k Indicates that it does not fall under the category,
The first calculation unit includes:
Using the concealment record [d] _n and the concealment information [p] _n as inputs , exclusive calculation of the target character type information df _{m, k} and the pattern character type information pf _{m, k} is performed by secret calculation. The concealment information [rf _{m, k} ] _{n in} which the coincidence determination result rf _{m, k} ε {1, 0} representing negation of the logical sum is concealed is obtained, and the target code dc _m and the pattern code pc _m are obtained. _rc m = 1 next to the case of matching, the target code dc _m and the pattern codes pc _m and a _rc m = 0 when does not match the second information rc _m is concealed been concealed information [rc _m A concealment coincidence determining unit for obtaining _n ;
The concealment information [rf _{m, k} ] _n and the concealment information [rc _m ] _n are input, and the coincidence determination result rf _{m, 1} ,..., Rf _{m, K} and the coincidence determination result rc are obtained by secret calculation. _a first conjunctive AND operation unit for obtaining concealment information [CON _m ] _{n in} which the first information CON _m, which is a logical product of _m, is concealed ;
A second conjunctive AND operation unit that receives the concealment information [CON _m ] _n and obtains the concealment determination result [x] _n by concealment of the first determination result x ;
A third conjunctive AND operation unit which receives the concealment information [rc _m ] _n and obtains the concealment determination result [y] _n by concealing the second determination result y by a secret calculation. Secret pattern matching device. The first calculation unit, the target character string _{d = (d 1, ...,} d M) target character type information indicating whether notation to include the target character d _m corresponds to a particular type df _{m, k} ∈ {1, 0} and pattern string _{p = (p 1, ···,} p M) pattern character type information representation of the included pattern character p _m indicating whether corresponding to the particular type pf _{m, k} ∈ {1,0} and match and a pattern code pc _m representing the content of the target code dc _m representing the content of the object character d _m the pattern character p _m coincide, that The first determination result xε {1 , 0} based on the first information CON _m ε {1, 0} that is 1 when the condition is satisfied and 0 when the condition is not satisfied , and the target code dc _m and the pattern becomes 1 when the condition that the sign pc _m coincide, met Second judgment result y∈ based 0. The second information rc _m ∈ {1,0} When have {1,0}, the concealment of been concealed determination result _{[x] n} and _{[y] n} Obtaining a first computation step;
The second arithmetic unit represents that the determination condition a does not distinguish the notation type based on the first determination result x when the determination condition aε {1, 0} indicates that the notation type is distinguished. A second calculation step for obtaining concealment information [r] _{n in} which the third determination result rε {1, 0} is concealed , based on the second determination result y ,
I have a,
M is an integer greater than or equal to 1, K is a positive integer, m∈ {1,..., M}, k∈ {1,.
The first determination result x is (CON ₁ ) AND (CON ₂ ) AND... AND (CON _M ).
The second determination result y is (rc ₁ ) AND (rc ₂ ) AND... AND (rc _M )
a = 1 indicates that the type of the notation is distinguished, a = 0 indicates that the type of the notation is not distinguished,
The first calculation step includes a concealment record [d] _n in which the target character type information df _{m, k} and the target code dc _m are concealed , and the pattern character type information pf _{m, k} and the pattern code The confidential information [p] _{n in} which pc _m is concealed is input, and the concealment determination results [x] _n and [y] _n are obtained by secret calculation ,
In the second calculation step, the concealment determination results [x] _n and [y] _n and the concealment information [a] _{n in} which the determination condition a is concealed are input, and the third determination is performed by secret calculation. A result r = (x AND a) OR (y AND (1-a)) is concealed [(x AND a) OR (y AND (1-a))] _n is obtained, Secret pattern matching method.   The secret pattern matching method according to claim 3,
  df _{m, k} = 1 is the target character d _m Represents a specific type corresponding to k, and df _{m, k} = 0 is the target character d _m The notation does not correspond to a specific type corresponding to k,
  pf _{m, k} = 1 is the pattern character p _m Pp represents a specific type corresponding to k, and pf _{m, k} = 0 is the pattern character p _m The notation does not correspond to a specific type corresponding to k,
  The first calculation step includes:
  The confidentiality match determination unit is configured to perform the target character type information df _{m, k} And the target code dc _m Concealment record [d] _n , And the pattern character type information pf _{m, k} And the pattern code pc _m Information concealed [p] _n And the target character type information df by secret calculation _{m, k} And the pattern character type information pf _{m, k} Match determination result rf indicating negation of exclusive OR with _{m, k} Confidential information [rf in which ∈ {1, 0} is concealed _{m, k} ] _n And the target code dc _m And the pattern code pc _m Rc if and match _m = 1 and the target code dc _m And the pattern code pc _m Rc if does not match _m The second information rc that becomes = 0 _m Concealment information [rc _m ] _n Obtaining a concealment match determination step,
  The first concealment AND operation unit performs the concealment information [rf _{m, k} ] _n And the concealment information [rc _m ] _n And the match determination result rf by secret calculation. _{m, 1} , ..., rf _{m, K} And the coincidence determination result rc _m The first information CON which is the logical product of _m Is concealed [CON _m ] _n A first conjunctive AND operation step to obtain
  The second conjunctive AND operation unit performs the concealment information [CON _m ] _n And the concealment determination result [x] in which the first determination result x is concealed by secret calculation. _n A second conjunctive AND operation step to obtain
  The third cipher AND operation unit performs the ciphering information [rc _m ] _n And the second determination result y is concealed by a secret calculation, the concealment determination result [y] _n A secret pattern matching method comprising: a third secret AND operation step for obtaining Program for causing a computer to function as the concealed pattern matching equipment of claim 1 or 2.

Images