WO2021031801A1 - Indexing system and method for protecting user privacy in social network - Google Patents

Indexing system and method for protecting user privacy in social network Download PDF

Info

Publication number
WO2021031801A1
WO2021031801A1 PCT/CN2020/105048 CN2020105048W WO2021031801A1 WO 2021031801 A1 WO2021031801 A1 WO 2021031801A1 CN 2020105048 W CN2020105048 W CN 2020105048W WO 2021031801 A1 WO2021031801 A1 WO 2021031801A1
Authority
WO
WIPO (PCT)
Prior art keywords
vertex
identity
weight
server
information
Prior art date
Application number
PCT/CN2020/105048
Other languages
French (fr)
Chinese (zh)
Inventor
张明武
陈誉
Original Assignee
湖北工业大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 湖北工业大学 filed Critical 湖北工业大学
Publication of WO2021031801A1 publication Critical patent/WO2021031801A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/951Indexing; Web crawling techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9536Search customisation based on social or collaborative filtering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/01Social networking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics

Definitions

  • the invention belongs to the technical field of information security, and relates to an indexing system and method for user data privacy protection, and in particular to a system and method for member indexing in a social network aimed at user privacy protection requirements.
  • the purpose of the present invention is to provide an indexing system and method for protecting the privacy of members in a social network, so as to quickly and accurately find the best index result according to the intimate state of the social relationship during the indexing process.
  • the present invention provides the following solutions:
  • An index system to protect the privacy of members in social networks including: a server and several members;
  • the server constructs a network connection graph according to the social relations between the members; the vertices of the network connection graph are member information; the edges of the network connection graph are the relationships between the members; The weight of the edge is the social status of each member after the abstract mapping; the member information includes the unique identity, the encrypted name, the encrypted contact information, the member group and the group level; the member group includes: family group , Friend group, partner group, classmate group and infrequent relationship group; the numerical values of the grouping levels are 1, 2, 3, 4, and 5 respectively;
  • each member in the address book is set to be included in a specific group.
  • a method for protecting member privacy in a social network is applied to the aforementioned index system for protecting member privacy in a social network; the method includes:
  • the member determines the identity and the member key corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key;
  • the generation of the optimal index path according to the network connectivity graph specifically includes:
  • the member determines the optimal index path according to the identity of the target member; the process of determining the optimal index path specifically includes:
  • the member determines the vertex index path according to the identity, and locates the vertex corresponding to the target member according to the uniqueness of the identity;
  • the server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertex of the vertex corresponding to the target member to obtain information about the optimal index path.
  • the member determines the identity corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key, which specifically includes:
  • the member generates an encrypted value C i according to the random number generated during encryption by the Paillier encryption algorithm and the public key, and sends the encrypted value C i to the server;
  • the server obtains a random integer i as the first identity of the member, and decrypts the encrypted value C i according to the public key to obtain the decrypted value of C i;
  • the server sends the sum of the first identity and the decrypted value of C i to the member, and the member determines according to the received sum of the first identity and the decrypted value of C i Obtain the identity corresponding to the member.
  • the construction process of the member key specifically includes:
  • the member uses a random number generated during encryption with the Paillier encryption algorithm as its own member key;
  • the member encrypts its own member key and sends it to other members through the neighboring member group;
  • the neighboring members multiply their own encrypted member keys by homomorphism and send the products to the server;
  • the server decrypts the product according to the private key to obtain the upload key of the member.
  • the process of constructing vertex information in the network connectivity graph specifically includes:
  • the member encrypts its own identity and the identity of the neighboring member with the system public key, and sends the encrypted identity of the first member and the identity of the neighboring member to the server;
  • the member uses the system public key and his own member key to encrypt and upload his own information
  • the server decrypts the information uploaded by all members and makes a network map based on the uploaded member ID;
  • the vertex information includes the identity of the member, the identity information and the contact information that have been confused by the member key.
  • the method before determining the vertex with the smallest weight among the adjacent vertices, the method further includes:
  • the member counts the number of short messages sent and the number of calls with neighboring members
  • the member uses the member key and the system public key to encrypt the weight between the neighboring members, and the server decrypts the weight to obtain the confused weight of the member key.
  • determining the vertex with the smallest weight among the adjacent vertices specifically includes:
  • the server For vertices in the network connectivity graph that are not in the vertex set and edges are not in the edge set, the server recursively finds the predecessor vertices of the vertex in turn until the predecessor vertex is the current vertex, and records the number of predecessors;
  • the members compare the ownership values and determine the vertex corresponding to the smallest weight value.
  • the update process of the precursor vertex specifically includes:
  • the precursor vertex is not updated. If the edge of the current vertex does not belong to the edge set, and all Vertices that are not in the set of vertices belong to the set of edges, then the current vertex is updated as a precursor vertex, and if all vertices not in the set of vertices are reachable with the current vertex, the current vertex Is the precursor vertex, and calculate the weight of the current vertex and the weight of the initial precursor vertex;
  • the weight value of the current vertex is compared with the weight value of the initial predecessor vertex to obtain a comparison result; the server will compare the vertex with the smaller weight value in the comparison result as the new predecessor vertex.
  • the server sends the predecessor tuple to the applicant, and the member performs a recursive query based on the predecessor vertex of the vertex corresponding to the target member to obtain the information of the optimal index path, which specifically includes:
  • the server encrypts the identities of all members with public keys, and generates a two-tuple based on the encrypted identity and the upload key, and then sends the two-tuple to the applicant;
  • the member encrypts the two-tuple to form a new two-tuple
  • the server uses the key to decrypt the new two-tuple
  • the member determines a random number according to the first value in the decrypted two-tuple, and obtains the identity of the target member according to the second value in the decrypted two-tuple and the random number;
  • the member obtains an index path according to the identity of the target member, and locates the vertex of the target member in the network connectivity graph by the uniqueness of the identity;
  • the member encrypts the two-tuple to form a new two-tuple, which specifically includes:
  • the member shuffles the order in the two-tuple, and converts the identity information of the target member into the code unit E , encrypts the code unit E with a public key, and the first in the two-tuple
  • the product of the two values is used as the new first value in the two-tuple; multiple random numbers are selected, and the random numbers are respectively encrypted and multiplied by the second value of the two-tuple as the two-tuple Group the new second value to form a new two-tuple.
  • the method of the present invention has the following advantages and beneficial effects:
  • the present invention has high security. All encryption processes are implemented by using Paillier homomorphic encryption algorithm. Due to the semantic security of this algorithm, even if valid ciphertexts are published, such as weight information, criminals cannot obtain any private information. In addition to knowing the size relationship, the applicant does not know the additional information when updating the weight. In the end, he only knows the referral path and does not know the information of other tutors; the server does not know the member key information, and the member’s private information is still not known after decryption. Therefore, the present invention has high privacy protection security.
  • the present invention considers the effective domain [0, N] and the cipher text area [0, N 2 ] of the paillier encryption system, and distinguishes the cipher text added with the normal homomorphism from the unreachable data and considers them separately.
  • the server does not know the specific identity of the target member that the applicant wants, and the transmission parameters can also allow the applicant to obtain valid information to verify whether it has been cheated and prevent tampering.
  • the present invention proposes an index method for protecting member privacy in a social network. Under the premise of ensuring security, server operation response speed is fast, processing is efficient, and parameters in the process can be generated in advance.
  • Figure 1 is a system architecture diagram of an embodiment of the present invention
  • Figure 2 is a flowchart of a method according to an embodiment of the present invention.
  • Figure 3 is a flowchart of member registration in a method according to an embodiment of the present invention.
  • Figure 4 is a flowchart of constructing a network diagram in a method according to an embodiment of the present invention.
  • FIG. 5 is a flowchart of generating an optimal index path in the method of an embodiment of the present invention.
  • Fig. 6 is a flowchart of inadvertent transmission in a method according to an embodiment of the present invention.
  • the purpose of the present invention is to provide an indexing system and method for protecting member privacy in a social network, so as to quickly and accurately find the best indexing result according to the intimate state of the social relationship during the indexing process.
  • FIG. 1 is a system architecture diagram of an embodiment of the present invention.
  • an index system for protecting member privacy in a social network includes: a server and several members.
  • the server constructs a network connection graph according to the social relationship between the members.
  • the vertices of the network connected graph are member information.
  • the edges of the network connectivity graph are the relationships between the members.
  • the weights of the edges of the network connection graph are the social states between members after abstract mapping.
  • the member information includes a unique identification, an encrypted name, an encrypted contact method, a member group, and a group level.
  • the member groups include: family group, friend group, buddy group, classmate group and infrequent relationship group.
  • the numerical values of the grouping levels are 1, 2, 3, 4, and 5, respectively.
  • FIG. 2 is a flowchart of a method according to an embodiment of the present invention. As shown in FIG. 2, a method for protecting member privacy in a social network is applied to the aforementioned indexing system for protecting member privacy in a social network. The method includes:
  • p and q are two large prime numbers, and satisfy
  • the member determines the identity and the member key corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key.
  • the member determines the identity corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key, which specifically includes:
  • the member generates an encrypted value C i according to the random number generated during encryption by the Paillier encryption algorithm and the public key, and sends the encrypted value C i to the server.
  • the server obtains a random integer i as the first identity of the member, and decrypts the encrypted value C i according to the public key to obtain the decrypted value of C i.
  • the server sends the sum of the first identity and the decrypted value of C i to the member, and the member determines according to the received sum of the first identity and the decrypted value of C i Obtain the identity corresponding to the member.
  • the construction process of the member key specifically includes:
  • the member uses a random number generated during encryption with the Paillier encryption algorithm as its own member key.
  • the member encrypts its own member key and sends it to other members through the neighboring member group.
  • the neighboring member multiplies the encrypted member key by the homomorphic property and sends the product to the server.
  • the server decrypts the product according to the private key to obtain the upload key of the member.
  • An encrypted network connection graph is constructed according to the identity identifier and the member key.
  • the construction of the encrypted network connection graph specifically includes:
  • the process of constructing vertex information in the network connectivity graph specifically includes:
  • the member uses the system public key to encrypt its own identity and the neighboring member's identity, and sends the encrypted first member's identity and neighboring member's identity to the server.
  • the member uses the system public key and his own member key to encrypt and upload his own information.
  • the server decrypts the information uploaded by all members and makes a network map based on the uploaded member ID.
  • the vertex information includes: the identity of the member and the identity information and contact information that have been confused by the member key.
  • the generation of the optimal index path according to the network connectivity graph specifically includes:
  • determining the vertex with the smallest weight among the adjacent vertices specifically includes:
  • the server For vertices in the network connectivity graph that are not in the vertex set and edges are not in the edge set, the server recursively finds the predecessor vertices of the vertex in turn until the predecessor vertex is the current vertex, and records the number of predecessors.
  • the weight is determined according to the number of precursors.
  • the members compare the ownership values and determine the vertex corresponding to the smallest weight value.
  • the member determines the best index path according to the identity of the target member.
  • the process of determining the optimal index path specifically includes:
  • the member determines the vertex index path according to the identity identifier, and locates the vertex corresponding to the target member according to the uniqueness of the identity identifier.
  • the server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertex of the vertex corresponding to the target member to obtain information about the optimal index path.
  • the server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertices of the vertices corresponding to the target member to obtain information on the optimal index path, which specifically includes:
  • the server encrypts the identities of all members with public keys, and generates a two-tuple according to the encrypted identity and upload key, and then sends the two-tuple to the applicant.
  • the member encrypts the two-tuple to form a new two-tuple, which specifically includes:
  • the member shuffles the order in the two-tuple, and converts the identity information of the target member into the code unit E , encrypts the code unit E with a public key, and the first in the two-tuple
  • the product of these values is used as the new first value in the two-tuple.
  • the server uses the key to decrypt the new two-tuple.
  • the member determines a random number according to the first value in the decrypted two-tuple, and obtains the identity of the target member according to the second value in the decrypted two-tuple and the random number.
  • the member obtains the index path according to the identity of the target member, and locates the vertex of the target member in the network connectivity graph by the uniqueness of the identity.
  • the precursor vertex corresponding to the vertex is determined according to the vertex.
  • the predecessor vertices are used for recursive query to obtain the index path.
  • the index path is the optimal index path.
  • the update process of the precursor vertex specifically includes:
  • the precursor vertex is not updated. If the edge of the current vertex does not belong to the edge set, and all Vertices that are not in the set of vertices belong to the set of edges, then the current vertex is updated as a precursor vertex, and if all vertices not in the set of vertices are reachable with the current vertex, the current vertex Is the predecessor vertex, and calculate the weight of the current vertex and the weight of the initial predecessor vertex.
  • the weight of the current vertex is compared with the weight of the initial predecessor vertex to obtain a comparison result.
  • the server will compare the vertex with the smaller weight value as the new predecessor vertex.
  • the method before determining the vertex with the smallest weight among the adjacent vertices, the method further includes:
  • the member counts the number of short messages sent and the number of calls with neighboring members.
  • the number of communications is determined according to the number of short messages sent and the number of calls, and the weight between members is determined according to the number of communications.
  • the member uses the member key and the system public key to encrypt the weight between the neighboring members, and the server decrypts the weight to obtain the confused weight of the member key.
  • the present invention provides an indexing system for protecting member privacy in a social network.
  • the system includes: servers and members. Assuming that there are n members in the system, a member User S applies for a referral from the target member User E , but he does not directly know this member, and he needs to obtain a way to contact the target member through the address book members he knows. Each member has a certain social relationship.
  • the information is encrypted and uploaded to the server to form a network connection graph.
  • the grouping levels include: family, friends, partners, classmates, and uncommon relationships, and the level values are (1,2,3,4,5).
  • the weight of the edge is the social state between members after abstraction: according to the grouping level and the number of calls and SMS, the state mapping is calculated as a positive integer (the closer the weight is, the smaller the weight is, the greater the distance is).
  • User S obtains an optimal index path for target members: the total weight of the current path is the smallest, which means the higher the feasibility of the referral, and at the same time, it does not know anything other than the member information on the path Member's social information.
  • the server also does not know the specific identity of the target member for which User S applies for indexing.
  • the present invention provides an indexing method for protecting member privacy in social networks, which includes the following steps:
  • Step 1 System initialization.
  • ⁇ , ⁇ private key
  • p and q are two large prime numbers and satisfy
  • ⁇ , g is A generator of.
  • Step 1.2 Member registration identity.
  • the membership registration process involves Figure 3.
  • all r in the encryption process are random numbers generated by the Paillier system during encryption.
  • Step 1.2.3 User i subtracting the values of the received self-generated random number r i acquires its own identity ID i.
  • Step 1.2.4 User i sends his identity ID i to neighboring members (members who have communication links).
  • Step 1.3 System members construct member keys.
  • Step 1.3.2 User S encrypts his own member key sk S and sends it to all members of the system through his neighboring member group.
  • Step 1.3.3 The member User j (j ⁇ i) is sent to the server after being homomorphic multiplied by the encrypted member key.
  • Step 1.3.4 The server uses the Paillier decryption key ( ⁇ , ⁇ ) and decryption algorithm to decrypt n-1 ciphertexts to obtain the upload key:
  • Step 2 Build an encrypted social network.
  • the construction process of encrypted social network involves Figure 4.
  • Step 2.1 Construct secure vertex information.
  • Step 2.1.2 User i uses the system public key and his own member key sk i to encrypt and upload his own information: identity information and contact information.
  • the encryption process first converts the characters into integer types unit i and tel i through ASCII encoding, and then encrypts the upload (beyond the plaintext space size can be grouped):
  • Step 2.1.3 The server decrypts the information uploaded by all members:
  • the server makes a network map according to the uploaded member identification.
  • the vertex information and the identity of a member of the member key obfuscated identity information
  • contact information i.e., V i vertex information comprising: ID i, Tel i, Unit i, the link between the side members: a member User i
  • the sent neighbor member ID is determined.
  • Step 2.2 Construct safe weight information.
  • Step 2.2.1 Member User i counts the number of short messages sent and the number of calls with neighboring member User j , so as to find the number of communications: num ij is the sum of the number of short messages and calls (it is assumed that the number of communications does not exceed 1000) . Therefore, the weight is:
  • Step 2.2.2 The member User i uses the member key sk i and the system public key to encrypt the weight e(i,j) between the neighboring member User j:
  • Step 2.2.3 After decryption, the server obtains the obfuscated weight of the member key:
  • Step 3 Generation of the best index path. Vertex selection and weight update refer to Figure 5.
  • Step 3.1 The server constructs a set S, a set D and a tuple P, and sets the current vertex.
  • Step 3.1.2 If there is no direct connection between all two points in graph G, that is, they are unreachable, add the edge to D.
  • Step 3.2 Pick the best vertex and join the set S.
  • Step 3.2.1 For vertices v j where all points in graph G are not in S and edges are not in D: the server recursively finds its predecessor vertices v k until the predecessor vertex is v S , records the number of predecessors as count, calculates the weight E(s,j) is the sum of index weights of all predecessors. If v j is not the adjacent vertex of v S , then SK k must be subtracted in this process. Send the weight E(s,j) to the applicant User S , and User S adds (count-2) ⁇ sk S to this weight.
  • Step 3.2.2 User S compares the ownership values, and sends the vertex v j'corresponding to the smallest weight value to the server.
  • Step 3.3 Update the predecessor vertices of all vertices.
  • Step 3.3.2 The server updates the vertex with a smaller weight to be the new precursor vertex.
  • Step 3.4 Repeat steps 3.2 and 3.3 until S contains all the vertices in the graph G.
  • Step 4 Inadvertently obtain the best index information.
  • the specific form of inadvertent transmission refers to Figure 6.
  • Step 4.1 Obtain the identity ID E of the target member User E.
  • Step 4.1.1 The server encrypts the ID i of all members with the public key, and multiplies their identity information by the upload key SK i to form a two-tuple y i , and sends n two-tuples to the application By.
  • Step 4.1.2 User S randomly shuffles the order of the two-tuples first, then converts the identity information of the target member User E into unit E , encrypts sk S -unit E with the public key, and multiplies it in the first of all the two-tuples Value. Finally, select n random numbers (r 1 ,...,r n ), encrypt the random numbers and multiply them on the second value of the two-tuple to form a new z j , and send the n two-tuples to the server .
  • Step 4.1.3 The server uses the key to decrypt all the first values of the n-tuple, and sets the sequence subscript l of the two-tuple with a unique value of 0 (assuming that the positioning information is not repeated) and the second value of the current tuple.
  • the values form a new two-tuple and are sent to User S.
  • only the plaintext of the first value in the two-tuple is unit E , and the ciphertext appended by User S can be homomorphically added with a modulus of 0.
  • Step 4.2 Get the best index.
  • Step 4.2.1 User S searches the vertex index path obtained in step 3 according to ID E , and locates the vertex v E corresponding to the target member by the uniqueness of the identity.
  • Step 4.2.2 The server sends the predecessor tuple P to the applicant, and User S queries the predecessor vertex of vertex v E recursively to obtain the information of the entire optimal index path.
  • the present invention implements an indexing scheme for protecting member privacy in social networks based on the discrete logarithm problem and homomorphic encryption algorithm.
  • the scheme realizes resistance to external attacks and internal attacks, and can also detect server fraud.

Abstract

Disclosed are an indexing system and method for protecting a user privacy in a social network. Said system comprises a server and several users; and a network connectivity diagram is constructed according to a social relationship among the users, taking user information as a vertex, and taking a social state among the users subjected to abstract mapping as a weight value: the more intimate, the smaller the weight value, and the more alienated, the larger the weight value; the user information comprises a unique identity identifier, and a name, contact information, user groups and grouping levels which are encrypted, the groups including a family group, a friend group, a companion group, a classmate group and an acquaintance group, and level values being 1, 2, 3, 4 and 5 respectively; and it is assumed that the users of an address book are all included in specific groups. Said method comprises initializing the system, constructing an encrypted social network, generating an optimal index path, and acquiring optimal index information by means of oblivious transfer. The present invention provides high privacy protection security, fast calculation speed and high processing efficiency.

Description

一种社交网络中保护成员隐私的索引系统及方法Index system and method for protecting member privacy in social network
本申请要求于2019年08月16日提交中国专利局、申请号为201910759501.0、发明名称为“一种社交网络中保护成员隐私的索引系统及方法”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on August 16, 2019, the application number is 201910759501.0, and the invention title is "An Index System and Method for Protecting Member Privacy in Social Networks". The reference is incorporated in this application.
技术领域Technical field
本发明属于信息安全技术领域,涉及一种用户数据隐私保护的索引系统及方法,尤其涉及一种针对用户隐私保护需求的社交网络中成员索引的系统及方法。The invention belongs to the technical field of information security, and relates to an indexing system and method for user data privacy protection, and in particular to a system and method for member indexing in a social network aimed at user privacy protection requirements.
背景技术Background technique
随着云存储的高效发展,人们的各种私人信息都会被上传到云端,例如通讯录、手机照片之类的备份数据。服务器端声称不会泄露这些隐私数据,但是随着服务器被攻破后数据的外流,人们逐渐不会对服务器给予完全的信任,而是将原始数据加密后上传。因而,相比明文上的操作,在密文上对数据进行处理达成相应目标受到越来越多的关注。With the efficient development of cloud storage, people's various private information will be uploaded to the cloud, such as backup data such as address book and mobile phone photos. The server side claims that it will not leak these private data, but as the data leaks out after the server is breached, people will gradually not give full trust to the server, but will encrypt the original data and upload it. Therefore, compared to operations on plaintext, processing data on ciphertext to achieve corresponding goals has attracted more and more attention.
现在升学求职过程中均需要知名人士的引荐,但是在大量的人群中找到此目标成员的联系方式需要耗费大量的时间和精力。既然每个人都有一定的社交关系,便可以构造一个社交网络,进而通过通讯录来索引目标成员。但是这些信息都属于隐私信息,不能直接存放到服务器上,以避免遭到泄露。因此,本领域亟需研发一种能够在索引过程中根据社交关系的亲密状态来寻找一种最佳索引结果的方法或系统。Nowadays, the process of entering a higher education and job hunting requires the introduction of celebrities, but it takes a lot of time and energy to find the contact information of this target member in a large number of people. Since everyone has a certain social relationship, a social network can be constructed to index target members through the address book. However, this information is private information and cannot be stored directly on the server to avoid leakage. Therefore, there is an urgent need in the art to develop a method or system that can find an optimal indexing result according to the intimacy of social relationships during the indexing process.
发明内容Summary of the invention
本发明的目的是提供一种社交网络中保护成员隐私的索引系统及方 法,以能够在索引过程中根据社交关系的亲密状态快速、精确的寻找得到最佳索引结果。The purpose of the present invention is to provide an indexing system and method for protecting the privacy of members in a social network, so as to quickly and accurately find the best index result according to the intimate state of the social relationship during the indexing process.
为实现上述目的,本发明提供了如下方案:In order to achieve the above objective, the present invention provides the following solutions:
一种社交网络中保护成员隐私的索引系统,包括:服务器和若干成员;An index system to protect the privacy of members in social networks, including: a server and several members;
所述服务器根据所述成员之间的社交关系构建网络连通图;所述网络连通图的顶点为成员信息;所述网络连通图的边为各所述成员间的关系;所述网络连通图的边的权值是抽象映射后的各成员间的社交状态;所述成员信息包括唯一身份标识、加密后的姓名、加密后的联系方式、成员分组和分组等级;所述成员分组包括:家人组、朋友组、伙伴组、同学组和不常用关系组;所述分组等级的数值分别为1、2、3、4和5;The server constructs a network connection graph according to the social relations between the members; the vertices of the network connection graph are member information; the edges of the network connection graph are the relationships between the members; The weight of the edge is the social status of each member after the abstract mapping; the member information includes the unique identity, the encrypted name, the encrypted contact information, the member group and the group level; the member group includes: family group , Friend group, partner group, classmate group and infrequent relationship group; the numerical values of the grouping levels are 1, 2, 3, 4, and 5 respectively;
所述社交状态越紧密其对应的所述权值越小,所述社交状态越疏远其对应的所述权值越大;且设定通讯录中的每位成员都已列入特定分组。The closer the social state is, the smaller the corresponding weight is, and the more distant the social state is, the greater the corresponding weight; and each member in the address book is set to be included in a specific group.
一种社交网络中保护成员隐私的方法,应用于上述的社交网络中保护成员隐私的索引系统中;所述方法包括:A method for protecting member privacy in a social network is applied to the aforementioned index system for protecting member privacy in a social network; the method includes:
系统初始化,具体包括:System initialization, including:
服务器选择安全参数κ,并确定Paillier加密算法的公钥N=pq,g和私钥(λ,μ);其中p、q是两个大素数,且满足|p|=|q|=κ,g是
Figure PCTCN2020105048-appb-000001
的一个生成元,Z是整数集,Z *是Z中除0以外的集合,N=pq; The server selects the security parameter κ, and determines the public key N=pq,g and the private key (λ,μ) of the Paillier encryption algorithm; where p and q are two large prime numbers and satisfy |p|=|q|=κ, g is
Figure PCTCN2020105048-appb-000001
A generator of, Z is the set of integers, Z * is the set of Z except 0, N=pq;
成员根据所述Paillier加密算法加密时生成的随机数和所述公钥确定与所述成员对应的身份标识和成员密钥;The member determines the identity and the member key corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key;
根据所述身份标识和所述成员密钥构建加密的网络连通图;构建所述加密的网络连通图具体包括:Constructing an encrypted network connection graph according to the identity identifier and the member key; constructing the encrypted network connection graph specifically includes:
构造顶点信息和权值信息;Construct vertex information and weight information;
根据所述顶点信息和所述权值信息构造图G=(V,E),其中,V表示顶点集合,E表示权值集合;所述图G=(V,E)即为加密的所述网络连通图;Construct a graph G=(V,E) according to the vertex information and the weight information, where V represents a vertex set, E represents a weight set; the graph G=(V,E) is the encrypted Network connectivity diagram;
根据所述网络连通图生成最佳索引路径,具体包括:The generation of the optimal index path according to the network connectivity graph specifically includes:
获取所述网络连通图中的顶点和边;根据获取的顶点构建顶点集合,根据获取的边构建边集合;Obtaining vertices and edges in the network connected graph; constructing a vertex set according to the obtained vertices, and constructing an edge set according to the obtained edges;
以所述顶点集合中的一顶点为当前顶点,遍历与所述当前顶点相邻的顶点,确定所述相邻顶点中权值最小的顶点;Taking a vertex in the vertex set as the current vertex, traversing the vertices adjacent to the current vertex, and determining the vertex with the smallest weight among the adjacent vertices;
将所述权值最小的顶点添加到所述顶点集合中,并以所述权值最小的顶点为新的当前顶点,返回至步骤“以所述顶点集合中的一顶点为当前顶点,遍历与所述当前顶点相邻的顶点,确定所述相邻顶点中权值最小的顶点”,直至所述网络连通图中的所有顶点均添加到所述顶点集合中;Add the vertex with the smallest weight to the set of vertices, and use the vertex with the smallest weight as the new current vertex, and return to step "Take a vertex in the vertex set as the current vertex, traverse and The vertex adjacent to the current vertex, determine the vertex with the smallest weight among the adjacent vertices" until all the vertices in the network connectivity graph are added to the vertex set;
获取目标成员的身份标识;Obtain the identity of the target member;
所述成员根据所述目标成员的身份标识确定最佳索引路径;确定所述最佳索引路径的过程具体包括:The member determines the optimal index path according to the identity of the target member; the process of determining the optimal index path specifically includes:
所述成员根据所述身份标识确定顶点索引路径,并根据所述身份标识的唯一性,定位目标成员对应的顶点;The member determines the vertex index path according to the identity, and locates the vertex corresponding to the target member according to the uniqueness of the identity;
服务器将前驱元组发给申请者,所述成员根据所述目标成员对应的顶点的前驱顶点进行递归查询,获取最佳索引路径的信息。The server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertex of the vertex corresponding to the target member to obtain information about the optimal index path.
优选的,所述成员根据所述Paillier加密算法加密时生成的随机数和所述公钥确定与所述成员对应的身份标识,具体包括:Preferably, the member determines the identity corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key, which specifically includes:
所述成员根据所述Paillier加密算法加密时生成的随机数和所述公钥 生成加密值C i,并将所述加密值C i发送给服务器; The member generates an encrypted value C i according to the random number generated during encryption by the Paillier encryption algorithm and the public key, and sends the encrypted value C i to the server;
所述服务器获取一随机整数i作为所述成员的第一身份标识,并根据所述公钥解密所述加密值C i得到C i的解密值; The server obtains a random integer i as the first identity of the member, and decrypts the encrypted value C i according to the public key to obtain the decrypted value of C i;
所述服务器将所述第一身份标识和所述C i的解密值的和发送给所述成员,所述成员根据接收到的所述第一身份标识和所述C i的解密值的和确定得到与所述成员对应的身份标识。 The server sends the sum of the first identity and the decrypted value of C i to the member, and the member determines according to the received sum of the first identity and the decrypted value of C i Obtain the identity corresponding to the member.
优选的,所述成员密钥的构建过程,具体包括:Preferably, the construction process of the member key specifically includes:
所述成员以所述Paillier加密算法加密时生成的一随机数为自身的成员密钥;The member uses a random number generated during encryption with the Paillier encryption algorithm as its own member key;
所述成员加密其自身的成员密钥,并通过邻近成员群发给其他成员;The member encrypts its own member key and sends it to other members through the neighboring member group;
所述邻近成员通过同态性质乘以自己加密后的成员密钥后将乘积发送给所述服务器;The neighboring members multiply their own encrypted member keys by homomorphism and send the products to the server;
所述服务器根据所述私钥对所述乘积进行解密得到所述成员的上传密钥。The server decrypts the product according to the private key to obtain the upload key of the member.
优选的,构造所述网络连通图中的顶点信息的过程具体包括:Preferably, the process of constructing vertex information in the network connectivity graph specifically includes:
所述成员用系统公钥加密自己的身份标识和邻近成员的身份标识,并将加密后的第一成员的身份标识和邻近成员的身份标识发送给服务器;The member encrypts its own identity and the identity of the neighboring member with the system public key, and sends the encrypted identity of the first member and the identity of the neighboring member to the server;
所述成员用系统公钥和自己的成员密钥加密上传自己的信息;The member uses the system public key and his own member key to encrypt and upload his own information;
服务器解密所有成员上传的信息,并根据上传的成员身份标识制作一份网络图;The server decrypts the information uploaded by all members and makes a network map based on the uploaded member ID;
根据所述网络图获取所述顶点信息;所述顶点信息包括:成员的身份标识以及成员密钥混淆过的身份信息、联系方式。Obtain the vertex information according to the network graph; the vertex information includes the identity of the member, the identity information and the contact information that have been confused by the member key.
优选的,在确定所述相邻顶点中权值最小的顶点之前,还包括:Preferably, before determining the vertex with the smallest weight among the adjacent vertices, the method further includes:
所述成员统计出与邻近成员之间的短信发送次数和通话次数;The member counts the number of short messages sent and the number of calls with neighboring members;
根据所述短信发送次数和通话次数确定通信次数,并根据所述通信次数确定各成员间的权值;Determine the number of communications according to the number of short messages sent and the number of calls, and determine the weight between members according to the number of communications;
所述成员用成员密钥和系统公钥加密与邻近成员之间的权值,服务器解密后得到成员密钥混淆过的权值。The member uses the member key and the system public key to encrypt the weight between the neighboring members, and the server decrypts the weight to obtain the confused weight of the member key.
优选的,确定所述相邻顶点中权值最小的顶点,具体包括:Preferably, determining the vertex with the smallest weight among the adjacent vertices specifically includes:
对于所述网络连通图中不在所述顶点集合内同时边不在所述边集合中的顶点,所述服务器依次递归找出该顶点的前驱顶点,直至前驱顶点为所述当前顶点,记录前驱次数;For vertices in the network connectivity graph that are not in the vertex set and edges are not in the edge set, the server recursively finds the predecessor vertices of the vertex in turn until the predecessor vertex is the current vertex, and records the number of predecessors;
根据所述前驱次数确定权值;Determine the weight according to the number of precursors;
所述成员比较所有权值,确定最小权值对应的顶点。The members compare the ownership values and determine the vertex corresponding to the smallest weight value.
优选的,所述前驱顶点的更新过程具体包括:Preferably, the update process of the precursor vertex specifically includes:
判断所述网络连通图中所有不在所述顶点集合内的顶点与所述当前顶点是否可达,若不可达则不更新所述前驱顶点,若当前顶点的边不属于所述边集合,且所有不在所述顶点集合内的顶点属于所述边集合,则将所述当前顶点更新为前驱顶点,若所有不在所述顶点集合内的顶点与所述当前顶点均可达,则以所述当前顶点为前驱顶点,并计算当前顶点的权值与最初的前驱顶点的权值;Determine whether all the vertices that are not in the vertex set in the network connected graph are reachable with the current vertex. If they are not reachable, the precursor vertex is not updated. If the edge of the current vertex does not belong to the edge set, and all Vertices that are not in the set of vertices belong to the set of edges, then the current vertex is updated as a precursor vertex, and if all vertices not in the set of vertices are reachable with the current vertex, the current vertex Is the precursor vertex, and calculate the weight of the current vertex and the weight of the initial precursor vertex;
比较所述当前顶点的权值与最初的前驱顶点的权值,得到比较结果;服务器将比较结果中权值小的顶点为新的前驱顶点。The weight value of the current vertex is compared with the weight value of the initial predecessor vertex to obtain a comparison result; the server will compare the vertex with the smaller weight value in the comparison result as the new predecessor vertex.
优选的,所述服务器将前驱元组发给申请者,所述成员根据所述目标 成员对应的顶点的前驱顶点进行递归查询,获取最佳索引路径的信息,具体包括:Preferably, the server sends the predecessor tuple to the applicant, and the member performs a recursive query based on the predecessor vertex of the vertex corresponding to the target member to obtain the information of the optimal index path, which specifically includes:
服务器将所有成员的身份标识分别用公钥加密,并根据所述加密后的身份识别和上传密钥生成二元组后,将所述二元组发给申请者;The server encrypts the identities of all members with public keys, and generates a two-tuple based on the encrypted identity and the upload key, and then sends the two-tuple to the applicant;
所述成员对所述二元组进行加密,形成新的二元组;The member encrypts the two-tuple to form a new two-tuple;
服务器采用密钥对所述新的二元组进行解密;The server uses the key to decrypt the new two-tuple;
成员根据解密后的二元组中的第一个值确定随机数,根据所述解密后的所述二元组中的第二个值和所述随机数得到所述目标成员的身份标识;The member determines a random number according to the first value in the decrypted two-tuple, and obtains the identity of the target member according to the second value in the decrypted two-tuple and the random number;
所述成员根据所述目标成员的身份标识获取索引路径,由所述身份标识的唯一性,定位所述目标成员在所述网络连通图中的顶点;The member obtains an index path according to the identity of the target member, and locates the vertex of the target member in the network connectivity graph by the uniqueness of the identity;
根据所述顶点确定与该顶点对应的前驱顶点;采用所述前驱顶点进行递归查询,得到索引路径;所述索引路径即为最佳索引路径。Determine the precursor vertex corresponding to the vertex according to the vertex; use the precursor vertex to perform a recursive query to obtain an index path; the index path is the optimal index path.
优选的,所述成员对所述二元组进行加密,形成新的二元组,具体包括:Preferably, the member encrypts the two-tuple to form a new two-tuple, which specifically includes:
所述成员将所述二元组中的顺序打乱,并将所述目标成员的身份信息转换成代号unit E,用公钥加密所述代号unit E后与所述二元组中的第一个值做乘积后作为所述二元组中新的第一个值;选择多个随机数,分别将随机数加密后与所述二元组的第二个值做乘积后作为所述二元组新的第二个值,以形成新的二元组。 The member shuffles the order in the two-tuple, and converts the identity information of the target member into the code unit E , encrypts the code unit E with a public key, and the first in the two-tuple The product of the two values is used as the new first value in the two-tuple; multiple random numbers are selected, and the random numbers are respectively encrypted and multiplied by the second value of the two-tuple as the two-tuple Group the new second value to form a new two-tuple.
本发明方法与现有技术相比有如下的优点和有益效果:Compared with the prior art, the method of the present invention has the following advantages and beneficial effects:
本发明具有很高的安全性,所有加密过程都是利用Paillier同态加密算法实现,由于此算法的语义安全性,即使有效密文公布,例如权值信息, 不法分子无法获得任何隐私信息。申请者进行权值更新时除了知道大小关系不知道额外信息,最终也只知道引荐路径不知道其他导师的信息;服务器不知道成员密钥的信息,而且解密后仍然无法得知道成员的隐私信息。因此,本发明具有很高的隐私保护安全性。The present invention has high security. All encryption processes are implemented by using Paillier homomorphic encryption algorithm. Due to the semantic security of this algorithm, even if valid ciphertexts are published, such as weight information, criminals cannot obtain any private information. In addition to knowing the size relationship, the applicant does not know the additional information when updating the weight. In the end, he only knows the referral path and does not know the information of other tutors; the server does not know the member key information, and the member’s private information is still not known after decryption. Therefore, the present invention has high privacy protection security.
本发明考虑了paillier加密系统的有效域[0,N]以及密文区域[0,N 2],将正常同态加的密文和不可达数据进行区分,分别考虑。 The present invention considers the effective domain [0, N] and the cipher text area [0, N 2 ] of the paillier encryption system, and distinguishes the cipher text added with the normal homomorphism from the unreachable data and considers them separately.
利用不经意传输的方式,服务器不知道申请者想要的目标成员的具体身份,传输时的参数也可以让申请者获得有效信息后进行验证是否被欺骗,防篡改。Using the inadvertent transmission method, the server does not know the specific identity of the target member that the applicant wants, and the transmission parameters can also allow the applicant to obtain valid information to verify whether it has been cheated and prevent tampering.
本发明提出了一种社交网络中保护成员隐私的索引方法,在保证安全性的前提下,服务器操作反应速度快,处理高效,过程中的参数都可以预先生成。The present invention proposes an index method for protecting member privacy in a social network. Under the premise of ensuring security, server operation response speed is fast, processing is efficient, and parameters in the process can be generated in advance.
说明书附图Description and drawings
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following will briefly introduce the drawings needed in the embodiments. Obviously, the drawings in the following description are only some of the present invention. Embodiments, for those of ordinary skill in the art, without creative work, other drawings can be obtained from these drawings.
图1为本发明实施例的系统构架图;Figure 1 is a system architecture diagram of an embodiment of the present invention;
图2为本发明实施例的方法流程图;Figure 2 is a flowchart of a method according to an embodiment of the present invention;
图3为本发明实施例的方法中成员注册的流程图;Figure 3 is a flowchart of member registration in a method according to an embodiment of the present invention;
图4为本发明实施例的方法中构造网络图的流程图;Figure 4 is a flowchart of constructing a network diagram in a method according to an embodiment of the present invention;
图5为本发明实施例的方法中生成最佳索引路径的流程图;FIG. 5 is a flowchart of generating an optimal index path in the method of an embodiment of the present invention;
图6为本发明实施例的方法中不经意传输的流程图。Fig. 6 is a flowchart of inadvertent transmission in a method according to an embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
本发明的目的是提供一种社交网络中保护成员隐私的索引系统及方法,以能够在索引过程中根据社交关系的亲密状态快速、精确的寻找得到最佳索引结果。The purpose of the present invention is to provide an indexing system and method for protecting member privacy in a social network, so as to quickly and accurately find the best indexing result according to the intimate state of the social relationship during the indexing process.
为使本发明的上述目的、特征和优点能够更加明显易懂,下面结合附图和具体实施方式对本发明作进一步详细的说明。In order to make the above-mentioned objects, features and advantages of the present invention more obvious and easy to understand, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.
实施例一Example one
图1为本发明实施例的系统构架图,如图1所示,一种社交网络中保护成员隐私的索引系统,包括:服务器和若干成员。FIG. 1 is a system architecture diagram of an embodiment of the present invention. As shown in FIG. 1, an index system for protecting member privacy in a social network includes: a server and several members.
所述服务器根据所述成员之间的社交关系构建网络连通图。所述网络连通图的顶点为成员信息。所述网络连通图的边为各所述成员间的关系。所述网络连通图的边的权值是抽象映射后的各成员间的社交状态。所述成员信息包括唯一身份标识、加密后的姓名、加密后的联系方式、成员分组和分组等级。所述成员分组包括:家人组、朋友组、伙伴组、同学组和不常用关系组。所述分组等级的数值分别为1、2、3、4和5。The server constructs a network connection graph according to the social relationship between the members. The vertices of the network connected graph are member information. The edges of the network connectivity graph are the relationships between the members. The weights of the edges of the network connection graph are the social states between members after abstract mapping. The member information includes a unique identification, an encrypted name, an encrypted contact method, a member group, and a group level. The member groups include: family group, friend group, buddy group, classmate group and infrequent relationship group. The numerical values of the grouping levels are 1, 2, 3, 4, and 5, respectively.
所述社交状态越紧密其对应的所述权值越小,所述社交状态越疏远其 对应的所述权值越大。且设定通讯录中的每位成员都已列入特定分组。The closer the social state, the smaller the corresponding weight, and the more distant the social state, the larger the corresponding weight. And each member in the set address book has been included in a specific group.
图2为本发明实施例的方法流程图,如图2所示,一种社交网络中保护成员隐私的方法,应用于上述的社交网络中保护成员隐私的索引系统中。所述方法包括:FIG. 2 is a flowchart of a method according to an embodiment of the present invention. As shown in FIG. 2, a method for protecting member privacy in a social network is applied to the aforementioned indexing system for protecting member privacy in a social network. The method includes:
系统初始化,具体包括:System initialization, including:
服务器选择安全参数κ,并确定Paillier加密算法的公钥N=pq,g和私钥(λ,μ)。其中p、q是两个大素数,且满足|p|=|q|=κ,g是
Figure PCTCN2020105048-appb-000002
的一个生成元,Z是整数集,为{0,1,2,…,N-1},Z *是Z中除0以外的集合,N是由安全参数下生成的数,N=pq。 The server selects the security parameter κ, and determines the public key N=pq, g and the private key (λ, μ) of the Paillier encryption algorithm. Where p and q are two large prime numbers, and satisfy |p|=|q|=κ, g is
Figure PCTCN2020105048-appb-000002
A generator of, Z is a set of integers, {0,1,2,...,N-1}, Z * is a set other than 0 in Z, N is a number generated by security parameters, N=pq.
成员根据所述Paillier加密算法加密时生成的随机数和所述公钥确定与所述成员对应的身份标识和成员密钥。The member determines the identity and the member key corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key.
其中,所述成员根据所述Paillier加密算法加密时生成的随机数和所述公钥确定与所述成员对应的身份标识,具体包括:Wherein, the member determines the identity corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key, which specifically includes:
所述成员根据所述Paillier加密算法加密时生成的随机数和所述公钥生成加密值C i,并将所述加密值C i发送给服务器。 The member generates an encrypted value C i according to the random number generated during encryption by the Paillier encryption algorithm and the public key, and sends the encrypted value C i to the server.
所述服务器获取一随机整数i作为所述成员的第一身份标识,并根据所述公钥解密所述加密值C i得到C i的解密值。 The server obtains a random integer i as the first identity of the member, and decrypts the encrypted value C i according to the public key to obtain the decrypted value of C i.
所述服务器将所述第一身份标识和所述C i的解密值的和发送给所述成员,所述成员根据接收到的所述第一身份标识和所述C i的解密值的和确定得到与所述成员对应的身份标识。 The server sends the sum of the first identity and the decrypted value of C i to the member, and the member determines according to the received sum of the first identity and the decrypted value of C i Obtain the identity corresponding to the member.
所述成员密钥的构建过程,具体包括:The construction process of the member key specifically includes:
所述成员以所述Paillier加密算法加密时生成的一随机数为自身的成 员密钥。The member uses a random number generated during encryption with the Paillier encryption algorithm as its own member key.
所述成员加密其自身的成员密钥,并通过邻近成员群发给其他成员。The member encrypts its own member key and sends it to other members through the neighboring member group.
所述邻近成员通过同态性质乘以自己加密后的成员密钥后将乘积发送给所述服务器。The neighboring member multiplies the encrypted member key by the homomorphic property and sends the product to the server.
所述服务器根据所述私钥对所述乘积进行解密得到所述成员的上传密钥。The server decrypts the product according to the private key to obtain the upload key of the member.
根据所述身份标识和所述成员密钥构建加密的网络连通图。构建所述加密的网络连通图具体包括:An encrypted network connection graph is constructed according to the identity identifier and the member key. The construction of the encrypted network connection graph specifically includes:
构造顶点信息和权值信息。Construct vertex information and weight information.
其中构造所述网络连通图中的顶点信息的过程具体包括:The process of constructing vertex information in the network connectivity graph specifically includes:
所述成员用系统公钥加密自己的身份标识和邻近成员的身份标识,并将加密后的第一成员的身份标识和邻近成员的身份标识发送给服务器。The member uses the system public key to encrypt its own identity and the neighboring member's identity, and sends the encrypted first member's identity and neighboring member's identity to the server.
所述成员用系统公钥和自己的成员密钥加密上传自己的信息。The member uses the system public key and his own member key to encrypt and upload his own information.
服务器解密所有成员上传的信息,并根据上传的成员身份标识制作一份网络图。The server decrypts the information uploaded by all members and makes a network map based on the uploaded member ID.
根据所述网络图获取所述顶点信息。所述顶点信息包括:成员的身份标识以及成员密钥混淆过的身份信息、联系方式。Acquire the vertex information according to the network graph. The vertex information includes: the identity of the member and the identity information and contact information that have been confused by the member key.
根据所述顶点信息和所述权值信息构造图G=(V,E),其中,V表示顶点集合,E表示权值集合。所述图G=(V,E)即为加密的所述网络连通图。Construct a graph G=(V, E) according to the vertex information and the weight information, where V represents a vertex set, and E represents a weight set. The graph G=(V, E) is the encrypted network connectivity graph.
根据所述网络连通图生成最佳索引路径,具体包括:The generation of the optimal index path according to the network connectivity graph specifically includes:
获取所述网络连通图中的顶点和边。根据获取的顶点构建顶点集合,根据获取的边构建边集合。Obtain vertices and edges in the network connected graph. Construct a vertex set based on the acquired vertices, and construct an edge set based on the acquired edges.
以所述顶点集合中的一顶点为当前顶点,遍历与所述当前顶点相邻的顶点,确定所述相邻顶点中权值最小的顶点。Taking a vertex in the vertex set as the current vertex, traversing the vertices adjacent to the current vertex, and determining the vertex with the smallest weight among the adjacent vertices.
其中,确定所述相邻顶点中权值最小的顶点,具体包括:Wherein, determining the vertex with the smallest weight among the adjacent vertices specifically includes:
对于所述网络连通图中不在所述顶点集合内同时边不在所述边集合中的顶点,所述服务器依次递归找出该顶点的前驱顶点,直至前驱顶点为所述当前顶点,记录前驱次数。For vertices in the network connectivity graph that are not in the vertex set and edges are not in the edge set, the server recursively finds the predecessor vertices of the vertex in turn until the predecessor vertex is the current vertex, and records the number of predecessors.
根据所述前驱次数确定权值。The weight is determined according to the number of precursors.
所述成员比较所有权值,确定最小权值对应的顶点。The members compare the ownership values and determine the vertex corresponding to the smallest weight value.
将所述权值最小的顶点添加到所述顶点集合中,并以所述权值最小的顶点为新的当前顶点,返回至步骤“以所述顶点集合中的一顶点为当前顶点,遍历与所述当前顶点相邻的顶点,确定所述相邻顶点中权值最小的顶点”,直至所述网络连通图中的所有顶点均添加到所述顶点集合中。Add the vertex with the smallest weight to the set of vertices, and use the vertex with the smallest weight as the new current vertex, and return to step "Take a vertex in the vertex set as the current vertex, traverse and For the vertex adjacent to the current vertex, determine the vertex with the smallest weight among the adjacent vertices" until all the vertices in the network connectivity graph are added to the vertex set.
获取目标成员的身份标识。Get the identity of the target member.
所述成员根据所述目标成员的身份标识确定最佳索引路径。确定所述最佳索引路径的过程具体包括:The member determines the best index path according to the identity of the target member. The process of determining the optimal index path specifically includes:
所述成员根据所述身份标识确定顶点索引路径,并根据所述身份标识的唯一性,定位目标成员对应的顶点。The member determines the vertex index path according to the identity identifier, and locates the vertex corresponding to the target member according to the uniqueness of the identity identifier.
服务器将前驱元组发给申请者,所述成员根据所述目标成员对应的顶点的前驱顶点进行递归查询,获取最佳索引路径的信息。The server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertex of the vertex corresponding to the target member to obtain information about the optimal index path.
其中,所述服务器将前驱元组发给申请者,所述成员根据所述目标成员对应的顶点的前驱顶点进行递归查询,获取最佳索引路径的信息,具体包括:Wherein, the server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertices of the vertices corresponding to the target member to obtain information on the optimal index path, which specifically includes:
服务器将所有成员的身份标识分别用公钥加密,并根据所述加密后的身份识别和上传密钥生成二元组后,将所述二元组发给申请者。The server encrypts the identities of all members with public keys, and generates a two-tuple according to the encrypted identity and upload key, and then sends the two-tuple to the applicant.
所述成员对所述二元组进行加密,形成新的二元组,具体包括:The member encrypts the two-tuple to form a new two-tuple, which specifically includes:
所述成员将所述二元组中的顺序打乱,并将所述目标成员的身份信息转换成代号unit E,用公钥加密所述代号unit E后与所述二元组中的第一个值做乘积后作为所述二元组中新的第一个值。选择多个随机数,分别将随机数加密后与所述二元组的第二个值做乘积后作为所述二元组新的第二个值,以形成新的二元组。 The member shuffles the order in the two-tuple, and converts the identity information of the target member into the code unit E , encrypts the code unit E with a public key, and the first in the two-tuple The product of these values is used as the new first value in the two-tuple. Select a plurality of random numbers, and multiply the encrypted random numbers with the second value of the two-tuple as the new second value of the two-tuple to form a new two-tuple.
服务器采用密钥对所述新的二元组进行解密。The server uses the key to decrypt the new two-tuple.
成员根据解密后的二元组中的第一个值确定随机数,根据所述解密后的所述二元组中的第二个值和所述随机数得到所述目标成员的身份标识。The member determines a random number according to the first value in the decrypted two-tuple, and obtains the identity of the target member according to the second value in the decrypted two-tuple and the random number.
所述成员根据所述目标成员的身份标识获取索引路径,由所述身份标识的唯一性,定位所述目标成员在所述网络连通图中的顶点。The member obtains the index path according to the identity of the target member, and locates the vertex of the target member in the network connectivity graph by the uniqueness of the identity.
根据所述顶点确定与该顶点对应的前驱顶点。采用所述前驱顶点进行递归查询,得到索引路径。所述索引路径即为最佳索引路径。The precursor vertex corresponding to the vertex is determined according to the vertex. The predecessor vertices are used for recursive query to obtain the index path. The index path is the optimal index path.
所述前驱顶点的更新过程具体包括:The update process of the precursor vertex specifically includes:
判断所述网络连通图中所有不在所述顶点集合内的顶点与所述当前顶点是否可达,若不可达则不更新所述前驱顶点,若当前顶点的边不属于所述边集合,且所有不在所述顶点集合内的顶点属于所述边集合,则将所述当前顶点更新为前驱顶点,若所有不在所述顶点集合内的顶点与所述当前顶点均可达,则以所述当前顶点为前驱顶点,并计算当前顶点的权值与最初的前驱顶点的权值。Determine whether all the vertices that are not in the vertex set in the network connected graph are reachable with the current vertex. If they are not reachable, the precursor vertex is not updated. If the edge of the current vertex does not belong to the edge set, and all Vertices that are not in the set of vertices belong to the set of edges, then the current vertex is updated as a precursor vertex, and if all vertices not in the set of vertices are reachable with the current vertex, the current vertex Is the predecessor vertex, and calculate the weight of the current vertex and the weight of the initial predecessor vertex.
比较所述当前顶点的权值与最初的前驱顶点的权值,得到比较结果。服务器将比较结果中权值小的顶点为新的前驱顶点。The weight of the current vertex is compared with the weight of the initial predecessor vertex to obtain a comparison result. The server will compare the vertex with the smaller weight value as the new predecessor vertex.
作为本发明的一优选实施例,在确定所述相邻顶点中权值最小的顶点之前,还包括:As a preferred embodiment of the present invention, before determining the vertex with the smallest weight among the adjacent vertices, the method further includes:
所述成员统计出与邻近成员之间的短信发送次数和通话次数。The member counts the number of short messages sent and the number of calls with neighboring members.
根据所述短信发送次数和通话次数确定通信次数,并根据所述通信次数确定各成员间的权值。The number of communications is determined according to the number of short messages sent and the number of calls, and the weight between members is determined according to the number of communications.
所述成员用成员密钥和系统公钥加密与邻近成员之间的权值,服务器解密后得到成员密钥混淆过的权值。The member uses the member key and the system public key to encrypt the weight between the neighboring members, and the server decrypts the weight to obtain the confused weight of the member key.
实施例二Example two
如图1所示,本发明提供了一种社交网络中保护成员隐私的索引系统。该系统包括:服务器、成员。假设系统内有n位成员,某位成员User S申请获得目标成员User E的引荐,但是他并不直接认识这位成员,他需要通过自己认识的通讯录成员来获得联系到目标成员的途径。每位成员都有一定的社交关系,这些信息被加密后上传到服务器端汇总成一张网络连通图,顶点是成员的唯一身份标识ID i(i=1,2,…,n)以及加密过的身份信息(工作单位、姓名)、联系方式,其中这些身份标识映射到[1,n]。假定定每位成员都已列入特定分组,分组等级包含:家人、朋友、伙伴、同学、不常用关系,等级数值分别为(1,2,3,4,5)。边的权值是抽象后的成员间社交状态:根据分组等级和通话短信次数,将状态映射计算成正整数(越紧密权值越小,越疏远权值越大)。在整个计算过程结束后,User S得到一条最佳的目标成员索引路径:当前路径的总权值最小,意味着引荐的可行度就 越高,同时除了路径上的成员部分信息也不知道其他任何成员的社交信息。服务器也不知道User S申请索引的目标成员的具体身份。 As shown in Figure 1, the present invention provides an indexing system for protecting member privacy in a social network. The system includes: servers and members. Assuming that there are n members in the system, a member User S applies for a referral from the target member User E , but he does not directly know this member, and he needs to obtain a way to contact the target member through the address book members he knows. Each member has a certain social relationship. The information is encrypted and uploaded to the server to form a network connection graph. The vertex is the member's unique identification ID i (i=1, 2,...,n) and the encrypted Identity information (work unit, name), contact information, where these identities are mapped to [1,n]. Assuming that each member has been included in a specific group, the grouping levels include: family, friends, partners, classmates, and uncommon relationships, and the level values are (1,2,3,4,5). The weight of the edge is the social state between members after abstraction: according to the grouping level and the number of calls and SMS, the state mapping is calculated as a positive integer (the closer the weight is, the smaller the weight is, the greater the distance is). After the entire calculation process is over, User S obtains an optimal index path for target members: the total weight of the current path is the smallest, which means the higher the feasibility of the referral, and at the same time, it does not know anything other than the member information on the path Member's social information. The server also does not know the specific identity of the target member for which User S applies for indexing.
请见图2,本发明提供一种社交网络中保护成员隐私的索引方法,包括以下步骤:Please refer to Figure 2. The present invention provides an indexing method for protecting member privacy in social networks, which includes the following steps:
步骤1:系统初始化。Step 1: System initialization.
步骤1.1:服务器选择安全参数κ,计算Paillier加密算法的公钥(N=pq,g)和私钥(λ,μ)。其中p、q是两个大素数且满足|p|=|q|=κ,g是
Figure PCTCN2020105048-appb-000003
的一个生成元。 Step 1.1: The server selects the security parameter κ, and calculates the public key (N=pq, g) and private key (λ, μ) of the Paillier encryption algorithm. Where p and q are two large prime numbers and satisfy |p|=|q|=κ, g is
Figure PCTCN2020105048-appb-000003
A generator of.
步骤1.2:成员注册身份标识。成员注册过程涉及图3。Step 1.2: Member registration identity. The membership registration process involves Figure 3.
步骤1.2.1:成员User i(i=1,2,…,n)选择随机数r i,加密后发送给服务器: Step 1.2.1: The member User i (i=1, 2,...,n) selects a random number r i and sends it to the server after encryption:
Figure PCTCN2020105048-appb-000004
Figure PCTCN2020105048-appb-000004
其中,所有加密过程中的r都是Paillier系统加密时生成的随机数。Among them, all r in the encryption process are random numbers generated by the Paillier system during encryption.
步骤1.2.2:服务器从整数序列[i=1,2,…,n]中随机选择一个唯一的整数作为当前成员的身份标识ID i,与解密C i的值相加,并将结果返回给User iStep 1.2.2: The server randomly selects a unique integer from the integer sequence [i=1, 2,...,n] as the current member’s identity ID i , adds it to the decrypted value of C i , and returns the result to User i .
步骤1.2.3:User i将收到的值减去自己生成的随机数r i获取自己的身份标识ID iStep 1.2.3: User i subtracting the values of the received self-generated random number r i acquires its own identity ID i.
步骤1.2.4:User i将自己的身份标识ID i发给邻近成员(有通信联系的成员)。 Step 1.2.4: User i sends his identity ID i to neighboring members (members who have communication links).
步骤1.3:系统成员构建成员密钥。Step 1.3: System members construct member keys.
步骤1.3.1:成员User i(i=1,2,…,n)选择一个随机数作为自己的成员密钥sk iStep 1.3.1: The member User i (i=1, 2,...,n) chooses a random number as its member key sk i .
步骤1.3.2:User S加密自己的成员密钥sk S,并通过自己的邻近成员群 发给系统所有成员。 Step 1.3.2: User S encrypts his own member key sk S and sends it to all members of the system through his neighboring member group.
步骤1.3.3:成员User j(j≠i)通过同态性质乘以自己加密后的成员密钥后发送给服务器。 Step 1.3.3: The member User j (j≠i) is sent to the server after being homomorphic multiplied by the encrypted member key.
步骤1.3.4:服务器利用Paillier解密密钥(λ,μ)和解密算法来解密n-1个密文获得上传密钥:Step 1.3.4: The server uses the Paillier decryption key (λ, μ) and decryption algorithm to decrypt n-1 ciphertexts to obtain the upload key:
SK j=sk S+sk j(j≠i) SK j =sk S +sk j (j≠i)
步骤2:构建加密的社交网络。加密社交网络的构建过程涉及图4。Step 2: Build an encrypted social network. The construction process of encrypted social network involves Figure 4.
步骤2.1:构造安全的顶点信息。Step 2.1: Construct secure vertex information.
步骤2.1.1:User i(i=1,2,…,n)用系统公钥加密自己的ID i和邻近成员的身份标识送给服务器。 Step 2.1.1: User i (i=1, 2,...,n) uses the system public key to encrypt his ID i and the identities of neighboring members and send them to the server.
步骤2.1.2:User i用系统公钥和自己的成员密钥sk i加密上传自己的信息:身份信息、联系方式。加密过程首先通过ASCII编码将字符转为整数类型unit i、tel i,然后加密上传(超出明文空间大小可分组): Step 2.1.2: User i uses the system public key and his own member key sk i to encrypt and upload his own information: identity information and contact information. The encryption process first converts the characters into integer types unit i and tel i through ASCII encoding, and then encrypts the upload (beyond the plaintext space size can be grouped):
Figure PCTCN2020105048-appb-000005
Figure PCTCN2020105048-appb-000005
步骤2.1.3:服务器解密所有成员上传的信息:Step 2.1.3: The server decrypts the information uploaded by all members:
Unit i=unit i+sk i Tel i=tel i+sk iUnit i =unit i +sk i Tel i =tel i +sk i .
服务器根据上传的成员身份标识制作一份网络图。其中,顶点信息是成员的身份标识以及成员密钥混淆过的身份信息、联系方式,即顶点信息V i包括:ID i、Tel i、Unit i,边是成员之间的联系:由成员User i发送的临近成员标识确定。 The server makes a network map according to the uploaded member identification. Wherein the vertex information and the identity of a member of the member key obfuscated identity information, contact information, i.e., V i vertex information comprising: ID i, Tel i, Unit i, the link between the side members: a member User i The sent neighbor member ID is determined.
步骤2.2:构造安全的权值信息。Step 2.2: Construct safe weight information.
步骤2.2.1:成员User i统计出与邻近成员User j之间的短信发送次数和 通话次数,从而求出通信次数:num ij即短信与通话次数之和(其中假定通信次数皆不超过1000)。因而权值为: Step 2.2.1: Member User i counts the number of short messages sent and the number of calls with neighboring member User j , so as to find the number of communications: num ij is the sum of the number of short messages and calls (it is assumed that the number of communications does not exceed 1000) . Therefore, the weight is:
e(i,j)=rank ij+1000-num ije(i,j)=rank ij +1000-num ij .
即联系越紧密(频繁通话、分组等级靠前)的成员之间的权值越小。That is, the closer the connection (frequent calls, the higher the group level), the smaller the weight between members.
步骤2.2.2:成员User i用成员密钥sk i和系统公钥加密与邻近成员User j之间的权值e(i,j):
Figure PCTCN2020105048-appb-000006
Step 2.2.2: The member User i uses the member key sk i and the system public key to encrypt the weight e(i,j) between the neighboring member User j:
Figure PCTCN2020105048-appb-000006
步骤2.2.3:服务器解密后得到成员密钥混淆过的权值:Step 2.2.3: After decryption, the server obtains the obfuscated weight of the member key:
E(i,j)=e(i,j)+sk iE(i,j)=e(i,j)+sk i .
步骤2.3:构造图G=(V,E),其中,V表示顶点集合,E表示权值集合。Step 2.3: Construct a graph G=(V, E), where V represents a set of vertices, and E represents a set of weights.
步骤3:最佳索引路径的生成。顶点挑选和权值更新涉及图5。Step 3: Generation of the best index path. Vertex selection and weight update refer to Figure 5.
步骤3.1:服务器构建集合S,集合D和元组P,设置当前顶点。Step 3.1: The server constructs a set S, a set D and a tuple P, and sets the current vertex.
步骤3.1.1:服务器构建顶点集合:S={v S},并设置当前顶点为v t=v SStep 3.1.1: The server constructs a vertex set: S={v S }, and sets the current vertex to v t =v S.
步骤3.1.2:图G中所有两点之间没有直接连接的情况,即不可达,将边添加到D中。Step 3.1.2: If there is no direct connection between all two points in graph G, that is, they are unreachable, add the edge to D.
步骤3.1.3:所有的顶点的前驱都设置为v s:P(v i)=v s,v i∈V。 Step 3.1.3: All precursors are set to vertices v s: P (v i) = v s, v i ∈V.
步骤3.2:挑选最佳顶点,加入集合S。Step 3.2: Pick the best vertex and join the set S.
步骤3.2.1:对于图G中所有点不在S内同时边不在D中的顶点v j:服务器依次递归找出其前驱顶点v k直至前驱顶点为v S,记录前驱次数为count,计算权值E(s,j)为所有前驱的索引权值之和。若v j不是v S的邻近顶点,则此过程需依次减去SK k。将权值E(s,j)发给申请者User S,User S将此权值加上(count-2)×sk S Step 3.2.1: For vertices v j where all points in graph G are not in S and edges are not in D: the server recursively finds its predecessor vertices v k until the predecessor vertex is v S , records the number of predecessors as count, calculates the weight E(s,j) is the sum of index weights of all predecessors. If v j is not the adjacent vertex of v S , then SK k must be subtracted in this process. Send the weight E(s,j) to the applicant User S , and User S adds (count-2)×sk S to this weight.
步骤3.2.2:User S比较所有权值,将其中最小权值对应的顶点v j'发送给服务器。 Step 3.2.2: User S compares the ownership values, and sends the vertex v j'corresponding to the smallest weight value to the server.
步骤3.2.3:服务器将顶点v j'加入到S中:S=S∪{v j'},并设当前顶点为v t=v j'Step 3.2.3: server vertices v j 'is added to the S: S = S∪ {v j' }, and set the current vertex v t = v j '.
步骤3.3:更新所有顶点的前驱顶点。Step 3.3: Update the predecessor vertices of all vertices.
步骤3.3.1:对于图G中所有不在S内的顶点v j:若当前顶点与其不可达,即E(t,j)∈D,表明更新后权值只会更大,则不更新。若
Figure PCTCN2020105048-appb-000007
表明权值更新后E(s,j)会由不可达状态变为可达,则将前驱顶点更新为P(v j)=v t,更新D。若两边都可达,同步骤3.2.1,申请者判断假定前驱顶点为v t计算的权值与原始前驱顶点v k计算的权值大小比较并将比较结果发给服务器。 Step 3.3.1: For all the vertices v j not in S in the graph G: If the current vertex is unreachable from it, that is, E(t,j)∈D, it means that the weight will only be greater after the update, so it is not updated. If
Figure PCTCN2020105048-appb-000007
Indicates that E(s,j) will change from unreachable to reachable after the weight is updated, then the precursor vertex is updated to P(v j )=v t , and D is updated. If both sides are reachable, the same as in step 3.2.1, the applicant judges that the weight calculated by assuming that the precursor vertex is v t is compared with the weight calculated by the original precursor vertex v k and the comparison result is sent to the server.
步骤3.3.2:服务器更新使得权值更小的顶点为新的前驱顶点。Step 3.3.2: The server updates the vertex with a smaller weight to be the new precursor vertex.
步骤3.4:重复步骤3.2和步骤3.3直至S包含图G中所有的顶点。Step 3.4: Repeat steps 3.2 and 3.3 until S contains all the vertices in the graph G.
步骤4:不经意获取最佳索引信息。不经意传输的具体形式涉及图6。Step 4: Inadvertently obtain the best index information. The specific form of inadvertent transmission refers to Figure 6.
步骤4.1:获取目标成员User E的身份标识ID EStep 4.1: Obtain the identity ID E of the target member User E.
步骤4.1.1:服务器将所有的成员的身份标识ID i分别用公钥加密,与他们的身份信息乘以上传密钥SK i形成一个二元组y i,将n个二元组发给申请者。 Step 4.1.1: The server encrypts the ID i of all members with the public key, and multiplies their identity information by the upload key SK i to form a two-tuple y i , and sends n two-tuples to the application By.
Figure PCTCN2020105048-appb-000008
Figure PCTCN2020105048-appb-000008
步骤4.1.2:User S首先将二元组随机打乱顺序,其次将目标成员User E的身份信息转换成unit E,用公钥加密sk S-unit E后乘在所有二元组的第一个值上。最后选择n个随机数(r 1,…,r n),分别将随机数加密后乘在在二元组的 第二个值上,形成新的z j,将n个二元组发给服务器。 Step 4.1.2: User S randomly shuffles the order of the two-tuples first, then converts the identity information of the target member User E into unit E , encrypts sk S -unit E with the public key, and multiplies it in the first of all the two-tuples Value. Finally, select n random numbers (r 1 ,...,r n ), encrypt the random numbers and multiply them on the second value of the two-tuple to form a new z j , and send the n two-tuples to the server .
Figure PCTCN2020105048-appb-000009
Figure PCTCN2020105048-appb-000009
步骤4.1.3:服务器用密钥去解密n元组所有的第一个值,将唯一为值0(假设定位信息不重复)的二元组所在的序列下标l与当前元组的第二个值形成新的二元组发送给User S。其中,只有二元组中第一个值的明文是unit E才能被User S附加上的密文以同态加的性质下模为0。 Step 4.1.3: The server uses the key to decrypt all the first values of the n-tuple, and sets the sequence subscript l of the two-tuple with a unique value of 0 (assuming that the positioning information is not repeated) and the second value of the current tuple. The values form a new two-tuple and are sent to User S. Among them, only the plaintext of the first value in the two-tuple is unit E , and the ciphertext appended by User S can be homomorphically added with a modulus of 0.
步骤4.1.4:User S根据元组第一个值以下标的方式找到对应的随机数r l,接着用第二个值减去r l得到目标成员User E所映射的身份标识:ID E=(ID E+r l)-r lStep 4.1.4: User S finds the corresponding random number r l by subscripting the first value of the tuple, and then subtracts r l from the second value to obtain the identity mapped by the target member User E : ID E = ( ID E +r l )-r l .
步骤4.2:获取最佳索引。Step 4.2: Get the best index.
步骤4.2.1:User S根据ID E查找步骤3获得的顶点索引路径,由身份标识的唯一性,定位目标成员对应的顶点v EStep 4.2.1: User S searches the vertex index path obtained in step 3 according to ID E , and locates the vertex v E corresponding to the target member by the uniqueness of the identity.
步骤4.2.2:服务器将前驱元组P发给申请者,User S根据顶点v E的前驱顶点递归查询,获取整条最佳索引路径的信息。 Step 4.2.2: The server sends the predecessor tuple P to the applicant, and User S queries the predecessor vertex of vertex v E recursively to obtain the information of the entire optimal index path.
本发明基于离散对数问题和同态加密算法实现了一种社交网络中保护成员隐私的索引方案,该方案实现了抗外部攻击和内部攻击,还可以检测服务器的欺骗行为。The present invention implements an indexing scheme for protecting member privacy in social networks based on the discrete logarithm problem and homomorphic encryption algorithm. The scheme realizes resistance to external attacks and internal attacks, and can also detect server fraud.
本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似部分互相参见即可。The various embodiments in this specification are described in a progressive manner. Each embodiment focuses on the differences from other embodiments, and the same or similar parts between the various embodiments can be referred to each other.
本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于 本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处。综上所述,本说明书内容不应理解为对本发明的限制。Specific examples are used in this article to illustrate the principles and implementation of the present invention. The description of the above examples is only used to help understand the method and core idea of the present invention; at the same time, for those of ordinary skill in the art, according to the present invention There will be changes in the specific implementation and scope of application. In summary, the content of this specification should not be construed as limiting the present invention.

Claims (10)

  1. 一种社交网络中保护成员隐私的索引系统,其特征在于,包括:服务器和若干成员;An index system for protecting the privacy of members in a social network, which is characterized by comprising: a server and a number of members;
    所述服务器根据所述成员之间的社交关系构建网络连通图;所述网络连通图的顶点为成员信息;所述网络连通图的边为各所述成员间的关系;所述网络连通图的边的权值是抽象映射后的各成员间的社交状态;所述成员信息包括唯一身份标识、加密后的姓名、加密后的联系方式、成员分组和分组等级;所述成员分组包括:家人组、朋友组、伙伴组、同学组和不常用关系组;所述分组等级的数值分别为1、2、3、4和5;The server constructs a network connection graph according to the social relations between the members; the vertices of the network connection graph are member information; the edges of the network connection graph are the relationships between the members; The weight of the edge is the social status of each member after the abstract mapping; the member information includes the unique identity, the encrypted name, the encrypted contact information, the member group and the group level; the member group includes: family group , Friend group, partner group, classmate group and infrequent relationship group; the numerical values of the grouping levels are 1, 2, 3, 4, and 5 respectively;
    所述社交状态越紧密其对应的所述权值越小,所述社交状态越疏远其对应的所述权值越大;且设定通讯录中的每位成员都已列入特定分组。The closer the social state is, the smaller the corresponding weight is, and the more distant the social state is, the greater the corresponding weight; and each member in the address book is set to be included in a specific group.
  2. 一种社交网络中保护成员隐私的方法,其特征在于,应用于如权利要求1所述的社交网络中保护成员隐私的索引系统中;所述方法包括:A method for protecting member privacy in a social network, characterized in that it is applied to an index system for protecting member privacy in a social network according to claim 1; the method includes:
    系统初始化,具体包括:System initialization, including:
    服务器选择安全参数κ,并确定Paillier加密算法的公钥N=pq,g和私钥(λ,μ);其中p、q是两个大素数,且满足|p|=|q|=κ,g是
    Figure PCTCN2020105048-appb-100001
    的一个生成元,Z是整数集,Z *是Z中除0以外的集合,N=pq;     The server selects the security parameter κ, and determines the public key N=pq,g and the private key (λ,μ) of the Paillier encryption algorithm; where p and q are two large prime numbers and satisfy |p|=|q|=κ, g is
    Figure PCTCN2020105048-appb-100001
    A generator of, Z is the set of integers, Z * is the set of Z except 0, N=pq;
    成员根据所述Paillier加密算法加密时生成的随机数和所述公钥确定与所述成员对应的身份标识和成员密钥;The member determines the identity and the member key corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key;
    根据所述身份标识和所述成员密钥构建加密的网络连通图;构建所述加密的网络连通图具体包括:Constructing an encrypted network connection graph according to the identity identifier and the member key; constructing the encrypted network connection graph specifically includes:
    构造顶点信息和权值信息;Construct vertex information and weight information;
    根据所述顶点信息和所述权值信息构造图G=(V,E),其中,V表示顶 点集合,E表示权值集合;所述图G=(V,E)即为加密的所述网络连通图;Construct a graph G=(V,E) according to the vertex information and the weight information, where V represents a vertex set, E represents a weight set; the graph G=(V,E) is the encrypted Network connectivity diagram;
    根据所述网络连通图生成最佳索引路径,具体包括:The generation of the optimal index path according to the network connectivity graph specifically includes:
    获取所述网络连通图中的顶点和边;根据获取的顶点构建顶点集合,根据获取的边构建边集合;Obtaining vertices and edges in the network connected graph; constructing a vertex set according to the obtained vertices, and constructing an edge set according to the obtained edges;
    以所述顶点集合中的一顶点为当前顶点,遍历与所述当前顶点相邻的顶点,确定所述相邻顶点中权值最小的顶点;Taking a vertex in the vertex set as the current vertex, traversing the vertices adjacent to the current vertex, and determining the vertex with the smallest weight among the adjacent vertices;
    将所述权值最小的顶点添加到所述顶点集合中,并以所述权值最小的顶点为新的当前顶点,返回至步骤“以所述顶点集合中的一顶点为当前顶点,遍历与所述当前顶点相邻的顶点,确定所述相邻顶点中权值最小的顶点”,直至所述网络连通图中的所有顶点均添加到所述顶点集合中;Add the vertex with the smallest weight to the set of vertices, and use the vertex with the smallest weight as the new current vertex, and return to step "Take a vertex in the vertex set as the current vertex, traverse and The vertex adjacent to the current vertex, determine the vertex with the smallest weight among the adjacent vertices" until all the vertices in the network connectivity graph are added to the vertex set;
    获取目标成员的身份标识;Obtain the identity of the target member;
    所述成员根据所述目标成员的身份标识确定最佳索引路径;确定所述最佳索引路径的过程具体包括:The member determines the optimal index path according to the identity of the target member; the process of determining the optimal index path specifically includes:
    所述成员根据所述身份标识确定顶点索引路径,并根据所述身份标识的唯一性,定位目标成员对应的顶点;The member determines the vertex index path according to the identity, and locates the vertex corresponding to the target member according to the uniqueness of the identity;
    服务器将前驱元组发给申请者,所述成员根据所述目标成员对应的顶点的前驱顶点进行递归查询,获取最佳索引路径的信息。The server sends the precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertex of the vertex corresponding to the target member to obtain information about the optimal index path.
  3. 根据权利要求2所述的社交网络中保护成员隐私的方法,其特征在于,所述成员根据所述Paillier加密算法加密时生成的随机数和所述公钥确定与所述成员对应的身份标识,具体包括:The method for protecting member privacy in a social network according to claim 2, wherein the member determines the identity corresponding to the member according to the random number generated during encryption by the Paillier encryption algorithm and the public key, Specifically:
    所述成员根据所述Paillier加密算法加密时生成的随机数和所述公钥生成加密值C i,并将所述加密值C i发送给服务器; The member generates an encrypted value C i according to the random number generated during encryption by the Paillier encryption algorithm and the public key, and sends the encrypted value C i to the server;
    所述服务器获取一随机整数i作为所述成员的第一身份标识,并根据所述公钥解密所述加密值C i得到C i的解密值; The server obtains a random integer i as the first identity of the member, and decrypts the encrypted value C i according to the public key to obtain the decrypted value of C i;
    所述服务器将所述第一身份标识和所述C i的解密值的和发送给所述成员,所述成员根据接收到的所述第一身份标识和所述C i的解密值的和确定得到与所述成员对应的身份标识。 The server sends the sum of the first identity and the decrypted value of C i to the member, and the member determines according to the received sum of the first identity and the decrypted value of C i Obtain the identity corresponding to the member.
  4. 根据权利要求2所述的社交网络中保护成员隐私的方法,其特征在于,所述成员密钥的构建过程,具体包括:The method for protecting member privacy in a social network according to claim 2, wherein the process of constructing the member key specifically includes:
    所述成员以所述Paillier加密算法加密时生成的一随机数为自身的成员密钥;The member uses a random number generated during encryption with the Paillier encryption algorithm as its own member key;
    所述成员加密其自身的成员密钥,并通过邻近成员群发给其他成员;The member encrypts its own member key and sends it to other members through the neighboring member group;
    所述邻近成员通过同态性质乘以自己加密后的成员密钥后将乘积发送给所述服务器;The neighboring members multiply their own encrypted member keys by homomorphism and send the products to the server;
    所述服务器根据所述私钥对所述乘积进行解密得到所述成员的上传密钥。The server decrypts the product according to the private key to obtain the upload key of the member.
  5. 根据权利要求2所述的社交网络中保护成员隐私的方法,其特征在于,构造所述网络连通图中的顶点信息的过程具体包括:The method for protecting member privacy in a social network according to claim 2, wherein the process of constructing vertex information in the network connectivity graph specifically includes:
    所述成员用系统公钥加密自己的身份标识和邻近成员的身份标识,并将加密后的第一成员的身份标识和邻近成员的身份标识发送给服务器;The member encrypts its own identity and the identity of the neighboring member with the system public key, and sends the encrypted identity of the first member and the identity of the neighboring member to the server;
    所述成员用系统公钥和自己的成员密钥加密上传自己的信息;The member uses the system public key and his own member key to encrypt and upload his own information;
    服务器解密所有成员上传的信息,并根据上传的成员身份标识制作一份网络图;The server decrypts the information uploaded by all members and makes a network map based on the uploaded member ID;
    根据所述网络图获取所述顶点信息;所述顶点信息包括:成员的身份 标识以及成员密钥混淆过的身份信息、联系方式。Acquire the vertex information according to the network graph; the vertex information includes: the identity of the member, the identity information and contact information that have been confused by the member key.
  6. 根据权利要求5所述的社交网络中保护成员隐私的方法,其特征在于,在确定所述相邻顶点中权值最小的顶点之前,还包括:The method for protecting member privacy in a social network according to claim 5, characterized in that before determining the vertex with the smallest weight among the adjacent vertices, the method further comprises:
    所述成员统计出与邻近成员之间的短信发送次数和通话次数;The member counts the number of short messages sent and the number of calls with neighboring members;
    根据所述短信发送次数和通话次数确定通信次数,并根据所述通信次数确定各成员间的权值;Determine the number of communications according to the number of short messages sent and the number of calls, and determine the weight between members according to the number of communications;
    所述成员用成员密钥和系统公钥加密与邻近成员之间的权值,服务器解密后得到成员密钥混淆过的权值。The member uses the member key and the system public key to encrypt the weight between the neighboring members, and the server decrypts the weight to obtain the confused weight of the member key.
  7. 根据权利要求1所述的社交网络中保护成员隐私的方法,其特征在于,确定所述相邻顶点中权值最小的顶点,具体包括:The method for protecting member privacy in a social network according to claim 1, wherein determining the vertex with the smallest weight among the adjacent vertices specifically comprises:
    对于所述网络连通图中不在所述顶点集合内同时边不在所述边集合中的顶点,所述服务器依次递归找出该顶点的前驱顶点,直至前驱顶点为所述当前顶点,记录前驱次数;For vertices in the network connectivity graph that are not in the vertex set and edges are not in the edge set, the server recursively finds the predecessor vertices of the vertex in turn until the predecessor vertex is the current vertex, and records the number of predecessors;
    根据所述前驱次数确定权值;Determine the weight according to the number of precursors;
    所述成员比较所有权值,确定最小权值对应的顶点。The members compare the ownership values and determine the vertex corresponding to the smallest weight value.
  8. 根据权利要求7所述的社交网络中保护成员隐私的方法,其特征在于,所述前驱顶点的更新过程具体包括:The method for protecting member privacy in a social network according to claim 7, wherein the update process of the precursor vertex specifically includes:
    判断所述网络连通图中所有不在所述顶点集合内的顶点与所述当前顶点是否可达,若不可达则不更新所述前驱顶点,若当前顶点的边不属于所述边集合,且所有不在所述顶点集合内的顶点属于所述边集合,则将所述当前顶点更新为前驱顶点,若所有不在所述顶点集合内的顶点与所述当前顶点均可达,则以所述当前顶点为前驱顶点,并计算当前顶点的权值与 最初的前驱顶点的权值;Determine whether all the vertices that are not in the vertex set in the network connected graph are reachable with the current vertex. If they are not reachable, the precursor vertex is not updated. If the edge of the current vertex does not belong to the edge set, and all Vertices that are not in the set of vertices belong to the set of edges, then the current vertex is updated as a precursor vertex, and if all vertices not in the set of vertices are reachable with the current vertex, the current vertex Is the precursor vertex, and calculate the weight of the current vertex and the weight of the initial precursor vertex;
    比较所述当前顶点的权值与最初的前驱顶点的权值,得到比较结果;服务器将比较结果中权值小的顶点为新的前驱顶点。The weight value of the current vertex is compared with the weight value of the initial predecessor vertex to obtain a comparison result; the server will compare the vertex with the smaller weight value in the comparison result as the new predecessor vertex.
  9. 根据权利要求8所述的社交网络中保护成员隐私的方法,其特征在于,所述服务器将前驱元组发给申请者,所述成员根据所述目标成员对应的顶点的前驱顶点进行递归查询,获取最佳索引路径的信息,具体包括:The method for protecting member privacy in a social network according to claim 8, wherein the server sends a precursor tuple to the applicant, and the member performs a recursive query based on the precursor vertex of the vertex corresponding to the target member, Get information about the best index path, including:
    服务器将所有成员的身份标识分别用公钥加密,并根据所述加密后的身份识别和上传密钥生成二元组后,将所述二元组发给申请者;The server encrypts the identities of all members with public keys, and generates a two-tuple based on the encrypted identity and the upload key, and then sends the two-tuple to the applicant;
    所述成员对所述二元组进行加密,形成新的二元组;The member encrypts the two-tuple to form a new two-tuple;
    服务器采用密钥对所述新的二元组进行解密;The server uses the key to decrypt the new two-tuple;
    成员根据解密后的二元组中的第一个值确定随机数,根据所述解密后的所述二元组中的第二个值和所述随机数得到所述目标成员的身份标识;The member determines a random number according to the first value in the decrypted two-tuple, and obtains the identity of the target member according to the second value in the decrypted two-tuple and the random number;
    所述成员根据所述目标成员的身份标识获取索引路径,由所述身份标识的唯一性,定位所述目标成员在所述网络连通图中的顶点;The member obtains an index path according to the identity of the target member, and locates the vertex of the target member in the network connectivity graph by the uniqueness of the identity;
    根据所述顶点确定与该顶点对应的前驱顶点;采用所述前驱顶点进行递归查询,得到索引路径;所述索引路径即为最佳索引路径。Determine the precursor vertex corresponding to the vertex according to the vertex; use the precursor vertex to perform a recursive query to obtain an index path; the index path is the optimal index path.
  10. 根据权利要求9所述的社交网络中保护成员隐私的方法,其特征在于,所述成员对所述二元组进行加密,形成新的二元组,具体包括:The method for protecting member privacy in a social network according to claim 9, wherein the member encrypts the two-tuple to form a new two-tuple, which specifically includes:
    所述成员将所述二元组中的顺序打乱,并将所述目标成员的身份信息转换成代号unit E,用公钥加密所述代号unit E后与所述二元组中的第一个值做乘积后作为所述二元组中新的第一个值;选择多个随机数,分别将随机数加密后与所述二元组的第二个值做乘积后作为所述二元组新的第二个 值,以形成新的二元组。 The member shuffles the order in the two-tuple, and converts the identity information of the target member into the code unit E , encrypts the code unit E with a public key, and the first in the two-tuple The product of the two values is used as the new first value in the two-tuple; multiple random numbers are selected, and the random numbers are respectively encrypted and multiplied by the second value of the two-tuple as the two-tuple Group the new second value to form a new two-tuple.
PCT/CN2020/105048 2019-08-16 2020-07-28 Indexing system and method for protecting user privacy in social network WO2021031801A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910759501.0A CN110569413B (en) 2019-08-16 2019-08-16 Indexing system and method for protecting member privacy in social network
CN201910759501.0 2019-08-16

Publications (1)

Publication Number Publication Date
WO2021031801A1 true WO2021031801A1 (en) 2021-02-25

Family

ID=68775521

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/105048 WO2021031801A1 (en) 2019-08-16 2020-07-28 Indexing system and method for protecting user privacy in social network

Country Status (2)

Country Link
CN (1) CN110569413B (en)
WO (1) WO2021031801A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110569413B (en) * 2019-08-16 2022-11-18 湖北工业大学 Indexing system and method for protecting member privacy in social network
CN111526155B (en) * 2020-04-30 2022-09-09 桂林电子科技大学 System for protecting user privacy in social network and optimal path matching method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292424A (en) * 2017-06-01 2017-10-24 四川新网银行股份有限公司 A kind of anti-fraud and credit risk forecast method based on complicated social networks
CN109933666A (en) * 2019-03-18 2019-06-25 西安电子科技大学 A kind of good friend's automatic classification method, device, computer equipment and storage medium
CN110569413A (en) * 2019-08-16 2019-12-13 湖北工业大学 Indexing system and method for protecting member privacy in social network

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100690021B1 (en) * 2005-03-15 2007-03-08 엔에이치엔(주) Online human network management system and method for stimulating users to build various faces of relation
US8130947B2 (en) * 2008-07-16 2012-03-06 Sap Ag Privacy preserving social network analysis
CN101510856A (en) * 2009-03-12 2009-08-19 腾讯科技(深圳)有限公司 Method and apparatus for extracting member relation loop in SNS network
CN106899700B (en) * 2017-04-27 2020-01-14 电子科技大学 Privacy protection method of location sharing system in mobile social network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292424A (en) * 2017-06-01 2017-10-24 四川新网银行股份有限公司 A kind of anti-fraud and credit risk forecast method based on complicated social networks
CN109933666A (en) * 2019-03-18 2019-06-25 西安电子科技大学 A kind of good friend's automatic classification method, device, computer equipment and storage medium
CN110569413A (en) * 2019-08-16 2019-12-13 湖北工业大学 Indexing system and method for protecting member privacy in social network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
STERN J. (ED.).: "ADVANCES IN CRYPTOLOGY - EUROCRYPT '99. INTERNATIONAL CONF. ON THE THEORY AND APPLICATION OF CRYPTOGRAPHIC TECHNIQUES. PRAGUE, CZ, MAY 2 - 6, 1999 PROCEEDINGS.", vol. VOL. 1592, 1 January 1999, BERLIN : SPRINGER., DE, ISBN: 978-3-540-65889-4, article PAILLER P.: "PUBLIC-KEY CRYPTOSYSTEMS BASED ON COMPOSITE DEGREE RESIDUOSITY CLASSES.", pages: 223 - 238., XP000830710, 023643 *
ZHANG YINGGUANG, SU SEN; CHEN WEIFENG; ANG FANGCHUN: "Privacy-preserving shortest distance computing in cloud environment", HUAZHONG KEJI DAXUE XUEBAO (ZIRAN KEXUE BAN)/JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY (NATURAL SCIENCE EDITION), HUAZHONG KEJI DAXUE, CN, 1 December 2013 (2013-12-01), CN, pages 77 - 80, XP055782037, ISSN: 1671-4512, DOI: 10.13245/j.hust.2013.s2.012 *
ZHANG YINGGUANG: "Research on Privacy-Preserving Graph Data Processing Techniques in the Cloud", CHINA DOCTORAL DISSERTATIONS FULL-TEXT DATABASE - BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS, 20 April 2014 (2014-04-20), XP055782038 *

Also Published As

Publication number Publication date
CN110569413B (en) 2022-11-18
CN110569413A (en) 2019-12-13

Similar Documents

Publication Publication Date Title
Li et al. Search me if you can: Privacy-preserving location query service
Dong et al. Secure friend discovery in mobile social networks
Baek et al. Public key encryption with keyword search revisited
Sun et al. A privacy-preserving scheme for online social networks with efficient revocation
Zhang et al. Message in a sealed bottle: Privacy preserving friending in mobile social networks
Hwang et al. A new public key encryption with conjunctive field keyword search scheme
Schwittmann et al. SoNet--Privacy and replication in federated online social networks
WO2021031801A1 (en) Indexing system and method for protecting user privacy in social network
Ukil Privacy preserving data aggregation in wireless sensor networks
Li et al. MobiShare+: Security Improved System for Location Sharing in Mobile Online Social Networks.
Son et al. Privacy enhanced location sharing for mobile online social networks
Luo et al. A security communication model based on certificateless online/offline signcryption for Internet of Things
Alornyo et al. Encrypted traffic analytic using identity based encryption with equality test for cloud computing
Hwang et al. An ElGamal-like secure channel free public key encryption with keyword search scheme
Chiou et al. Mobile common friends discovery with friendship ownership and replay-attack resistance
Chen et al. FaceChange: Attaining neighbor node anonymity in mobile opportunistic social networks with fine-grained control
Magkos et al. Towards secure and practical location privacy through private equality testing
Pakniat Public key encryption with keyword search and keyword guessing attack: a survey
Shikfa et al. Privacy in context-based and epidemic forwarding
Son et al. A new mobile online social network based location sharing with enhanced privacy protection
WO2018174063A1 (en) Collating system, method, device, and program
Wang et al. Efficient privacy preserving matchmaking for mobile social networking
Peng et al. On the security of fully homomorphic encryption for data privacy in Internet of Things
Zhou et al. Chaotic map‐based time‐aware multi‐keyword search scheme with designated server
Distl et al. Social power for privacy protected opportunistic networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20855195

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20855195

Country of ref document: EP

Kind code of ref document: A1