WO2022099893A1 - 数据查询方法、装置、系统以及数据集处理方法 - Google Patents

数据查询方法、装置、系统以及数据集处理方法 Download PDF

Info

Publication number
WO2022099893A1
WO2022099893A1 PCT/CN2020/140678 CN2020140678W WO2022099893A1 WO 2022099893 A1 WO2022099893 A1 WO 2022099893A1 CN 2020140678 W CN2020140678 W CN 2020140678W WO 2022099893 A1 WO2022099893 A1 WO 2022099893A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
current
queried
encrypted
candidate
Prior art date
Application number
PCT/CN2020/140678
Other languages
English (en)
French (fr)
Inventor
邱炜伟
李伟
蔡亮
汪小益
刘敬
Original Assignee
杭州趣链科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 杭州趣链科技有限公司 filed Critical 杭州趣链科技有限公司
Publication of WO2022099893A1 publication Critical patent/WO2022099893A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present application relates to the field of computer technology, and in particular, to a data query method, apparatus, system, computer equipment and storage medium, as well as a data set processing method, apparatus, computer equipment and storage medium.
  • PSI Privacy-Preserving Set Intersection
  • the privacy-preserving set intersection computing technology needs to allow two parties holding their respective sets to jointly calculate the intersection operation of the two sets. This method may easily lead to data leakage during the data query process and cannot guarantee the privacy of the query data. Querying data is not secure.
  • a method for data query comprising the following steps: sending a data query request to a device to be queried; receiving an ordered interval point set, where the ordered interval point set includes the device to be queried obtaining and obtaining data from the data query request according to the data query request.
  • the interval point of the ordered data group corresponding to the candidate data set obtain the data to be queried, and determine the sequence number of the current data group corresponding to the data to be queried according to the data to be queried and the set of ordered interval points; execute the preset encryption protocol for the data to be queried, After the encryption protocol is executed, the encrypted data to be queried corresponding to the data to be queried is obtained; the serial number of the current data group is sent to the device to be queried, so that the device to be queried obtains at least one current data corresponding to the serial number of the current data group, and obtains a preset random number
  • the corresponding current encryption function performs encryption calculation on at least one current data according to the current encryption function to obtain the current encrypted data set, constructs the current encrypted algebraic formula according to the current encrypted data set, and generates the current coordinate data set according to the current encrypted algebraic formula; receives the current coordinate data set , generate a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, the target encrypted algebra
  • a data query device the device includes: a query request sending module for sending a data query request to a device to be queried; an ordered interval point set receiving module for receiving ordered interval points
  • the set of ordered interval points includes the interval points of the ordered data group corresponding to the candidate data set obtained by the device to be queried according to the data query request; the data acquisition module to be queried is used to obtain the data to be queried, according to the data to be queried and the ordered interval
  • the point set determines the current data group serial number corresponding to the data to be queried;
  • the encrypted data to be queried generating module is used to execute a preset encryption protocol for the data to be queried, and obtain encrypted data to be queried corresponding to the data to be queried after the preset encryption protocol is executed;
  • the current data group serial number sending module is used to send the current data group serial number to the device to be queried, so that the device to be queried obtains at least one current data corresponding to the current data group serial number, and obtains the current
  • the current encryption function performs encryption calculation on at least one current data to obtain the current encrypted data set, constructs the current encrypted algebraic formula according to the current encrypted data set, and generates the current coordinate data set according to the current encrypted algebraic formula;
  • the coordinate data set receiving module is used to receive the current coordinate data set, generate a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, the target encrypted algebraic formula includes multiple target calculation unit items, and each target calculation unit item includes corresponding target algebraic formula coefficients;
  • the algebraic coefficient sending module is used to send the target algebraic formula The coefficient is sent to the device to be queried, so that the device to be queried determines the query result corresponding to the data to be queried according to the target algebraic formula coefficient and the current encrypted algebraic formula;
  • the query result receiving module is used for receiving the query result.
  • a computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implements the following steps when executing the computer program: sending The data query request is sent to the device to be queried; the ordered interval point set is received, and the ordered interval point set includes the interval point of the ordered data group corresponding to the candidate data set obtained by the device to be queried according to the data query request; The data and the ordered interval point set determine the serial number of the current data group corresponding to the data to be queried; execute the preset encryption protocol on the data to be queried, and obtain the encrypted data to be queried corresponding to the data to be queried after the execution of the preset encryption protocol is completed; The serial number is sent to the device to be queried, so that the device to be queried obtains at least one current data corresponding to the serial number of the current data group, obtains the current encryption function corresponding to the preset random number, and performs encryption calculation on the at least one current data according to
  • the target encrypted algebraic formula includes Multiple target calculation unit items, each target calculation unit item includes a corresponding target algebraic formula coefficient; send the target algebraic formula coefficient to the device to be queried, so that the device to be queried determines the query result corresponding to the data to be queried according to the target algebraic formula coefficient and the current encrypted algebraic formula ; Receive query results.
  • a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, the following steps are implemented: sending a data query request to a device to be queried; receiving an ordered interval Point set, ordered interval point set includes that the device to be queried obtains the interval points of the ordered data group corresponding to the candidate data set according to the data query request; obtains the data to be queried, and determines the correspondence of the data to be queried according to the data to be queried and the ordered interval point set Execute the preset encryption protocol for the data to be queried, and obtain the encrypted data to be queried corresponding to the data to be queried after the execution of the preset encryption protocol is completed; Send the current data group serial number to the device to be queried, so that the query to be queried The device obtains at least one current data corresponding to the serial number of the current data group, obtains the current encryption function corresponding to the preset random number, performs encryption calculation on at least one current data according to
  • Encrypted algebraic formula generates the current coordinate data set according to the current encrypted algebraic formula; receives the current coordinate data set, generates a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, and the target encrypted algebraic formula includes multiple target calculation unit items, each target calculation unit item Including the corresponding target algebraic coefficients; sending the target algebraic coefficients to the device to be queried, so that the device to be queried determines the query result corresponding to the data to be queried according to the target algebraic coefficient and the current encrypted algebraic formula; and receiving the query result.
  • a data query system comprising: a query device, used for acquiring a data query request, and sending the data query request to the device to be queried; the device to be queried, used for according to the data query request Obtain the ordered interval point set corresponding to the candidate data set, and return the ordered interval point set to the query device, where the ordered interval point set includes the ordered data group interval points corresponding to the candidate data set; the query device is also used to receive Ordered interval point set, obtain the data to be queried, determine the serial number of the current data group corresponding to the data to be queried according to the data to be queried and the ordered interval point set, execute a preset encryption protocol for the queried data, and obtain after the execution of the preset encryption protocol is completed.
  • the device to be queried is also used to obtain at least one current data corresponding to the current data group serial number, and to obtain the current encryption function corresponding to the preset random number , perform encryption calculation on at least one current data according to the current encryption function, obtain the current encrypted data set, construct the current encrypted algebraic formula according to the current encrypted data set, generate the current coordinate data set according to the current encrypted algebraic formula, and return the current coordinate data set to the query device
  • the query device is also used to receive the current coordinate data set, and generate a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, the target encrypted algebraic formula includes a plurality of target calculation unit items, and each target calculation unit item includes the corresponding target algebraic formula coefficients , send the target algebraic coefficient to the device to be queried; the device to be queried is also used to determine the query result corresponding to the data to be queried according to the target
  • a data set processing method comprising the following steps: obtaining a candidate data set, where the candidate data set includes at least one candidate data; Perform processing to obtain a target candidate data set, where the target candidate data set includes at least one candidate hash data; group the target candidate data set according to preset rules to obtain multiple candidate data groups; according to the candidate hash data in each candidate data group
  • the desired data determines the corresponding data group interval points, and generates an ordered data group interval point set according to each data group interval point.
  • a computer device comprising a memory, a processor and a computer program stored in the memory and running on the processor, the processor implements the following steps when executing the computer program: acquiring a candidate data set, The candidate data set includes at least one candidate data; at least one candidate data in the candidate data set is processed according to a preset hash function to obtain a target candidate data set, and the target candidate data set includes at least one candidate hash data; according to the preset The rule groups the target candidate data set to obtain multiple candidate data groups; determines the corresponding data group interval points according to the candidate hash data in each candidate data group, and generates an ordered data group interval point set according to each data group interval point.
  • a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, the following steps are implemented: acquiring a candidate data set, where the candidate data set includes at least one candidate data; The preset hash function processes at least one candidate data in the candidate data set to obtain a target candidate data set, where the target candidate data set includes at least one candidate hash data; the target candidate data set is grouped according to a preset rule to obtain A plurality of candidate data groups; corresponding data group interval points are determined according to the candidate hash data in each candidate data group, and an ordered data group interval point set is generated according to each data group interval point.
  • the above data query method, device, system, computer equipment and storage medium, as well as data set processing method, device, computer equipment and storage medium because the device to be queried sends the ordered interval point set of the query device itself is not a candidate in the device to be queried Data sets, the ordered data group interval points in these ordered interval point sets are meaningless themselves, and the candidate data sets in the device to be queried are not sent to the query device, which avoids the leakage of the candidate data sets in the device to be queried. , which ensures the privacy of the query data, and the data sent by the device to be queried and the query device to the other party is obtained by encrypting and calculating with a large prime number that is kept secret. real data, thereby improving the security and privacy of query data.
  • the current coordinate data set sent by the device to be inquired to the inquiring device is also randomly generated by the target encrypted algebraic formula generated by the data processed by the current encryption function.
  • the query device cannot determine the candidate data in the device to be queried, but can only determine whether the data to be queried is in the candidate data set, and the query device Neither the device to be queried nor the device to be queried can reverse the private data of the other party, thus ensuring the confidentiality of the private data.
  • FIG. 1 is an application scenario diagram of the data query method according to Embodiment 1 of the present application.
  • FIG. 2 is a flowchart of the data query method according to Embodiment 1 of the present application.
  • FIG. 3 is a structural block diagram of the data query system according to Embodiment 1 of the present application.
  • FIG. 4 is a structural block diagram of a data set processing apparatus according to Embodiment 1 of the present application.
  • Words like "connected,” “connected,” “coupled,” and the like referred to in this application are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect.
  • the “plurality” referred to in this application refers to two or more.
  • “And/or” describes the association relationship between associated objects, indicating that there can be three kinds of relationships. For example, “A and/or B” can mean that A exists alone, A and B exist at the same time, and B exists alone.
  • the character “/” generally indicates that the associated objects are an “or” relationship.
  • the terms “first”, “second”, “third”, “fourth”, etc. involved in this application are only to distinguish similar objects, and do not represent a specific order for the objects.
  • FIG. 1 is an application environment diagram of a data query method in one embodiment.
  • the data query method is applied to a data query system.
  • the data query system includes a query device 101 and a device to be queried 102 .
  • the inquiring device 101 and the device to be inquired 102 are connected through a network.
  • the query device 101 may specifically be a desktop terminal or a mobile terminal or a device to be queried, and the mobile terminal may specifically be at least one of a mobile phone, a tablet computer, a notebook computer, and the like.
  • the device 102 to be queried can be implemented by an independent server or a server cluster composed of multiple servers.
  • a data query method is provided, and the method is applied to the query device in Figure 1 as an example to illustrate, including the following steps:
  • Step 201 Send a data query request to the device to be queried.
  • the inquiring device may be the device where the data inquirer is located, and may be, but is not limited to, an inquiring terminal or a device to be inquired, and the device to be inquired here may be the device to be inquired where the data user is located, storing the candidate data set, the candidate data
  • the set includes at least one candidate data set, the candidate data set is processed to obtain a target candidate data set, the target candidate data set is grouped to obtain a plurality of candidate data sets, and the corresponding data set interval points are determined according to the data in each candidate data set , sort these data group interval points to obtain an ordered data group interval point set.
  • the data query request here is used to request the device to be queried to perform data query.
  • the data query request can be triggered and generated by an operation on the query device.
  • the query device is provided with a related query application, and the query application
  • the relevant interface is provided with a query button, and the operation of the query button triggers the generation of a data query request, wherein the operation includes but is not limited to a click operation, a voice operation or an operation triggered by a timed event.
  • Step 202 Receive an ordered interval point set, where the ordered interval point set includes the ordered data group interval points corresponding to the candidate data set obtained by the device to be queried according to the data query request.
  • the ordered interval point set here refers to a set consisting of data group interval points in a certain order
  • the data group interval point refers to the interval value between the candidate data groups corresponding to the candidate data set, and the pre-set on the device to be queried
  • Store a candidate data set the candidate data set includes at least one candidate data, process the candidate data set to obtain a target candidate data set, group the target candidate data set, and obtain a plurality of candidate data sets, according to the data in each candidate data set
  • Corresponding data group interval points are determined, and these data group interval points are sorted to obtain an ordered data group interval point set.
  • the method of determining the corresponding data group interval point according to the data in each candidate data group can be customized, and the customization can be to obtain the current candidate data group, obtain the current candidate data corresponding to the current candidate data group, and obtain the previous candidate data.
  • the target candidate data corresponding to the group calculate the interval point of the current data group according to the current candidate data and the target candidate data, obtain the next candidate data group, take the next candidate data group as the current candidate data group, and return to the step to obtain the corresponding data group of the current candidate data group the current candidate data until the interval points of each data group are obtained.
  • the current candidate data may be the first candidate data in the current candidate data group
  • the target candidate data may be the last candidate data in the previous candidate data group.
  • the device to be queried may obtain the current candidate data group and obtain the current candidate data.
  • the first candidate data in the group obtain the last candidate data in the previous candidate data group, calculate the interval point of the current data group according to the first candidate data and the last candidate data, obtain the next candidate data group, and put the next candidate data group
  • the return step obtains the first candidate data in the current candidate data group until the data group interval point is obtained.
  • the current candidate data group is: [317, 553]
  • the previous candidate data group is: [55, 270]
  • the current candidate data is the first candidate data in the current candidate data group: 317
  • the target candidate data is the previous one
  • the method of determining the interval point of the data group can also be customized by obtaining the current candidate data group, obtaining the current candidate data corresponding to the current candidate data group, and obtaining the target candidate data corresponding to the previous candidate data group. Randomly select a number between the current candidate data and the target candidate data to determine the interval point of the current data group, obtain the next candidate data group, take the next candidate data group as the current candidate data group, and return to the step to obtain the corresponding data group of the current candidate data group the current candidate data until the interval points of each data group are obtained.
  • the current candidate data may be the first candidate data in the current candidate data group
  • the target candidate data may be the last candidate data in the previous candidate data group.
  • the device to be queried may obtain the current candidate data group and obtain the current candidate data.
  • the first candidate data in the group obtain the last candidate data in the previous candidate data group, randomly select a number between the first candidate data and the last candidate data to determine the interval point of the current data group, and obtain the next candidate data group , taking the next candidate data group as the current candidate data group, and returning to the step to obtain the current candidate data corresponding to the current candidate data group until the interval points of each data group are obtained.
  • the current candidate data group is: [317, 553]
  • the previous candidate data group is: [55, 270]
  • the current candidate data is the first candidate data in the current candidate data group: 317
  • the target candidate data is the previous one
  • the current candidate data group interval point can be a number randomly selected from the first candidate data and the last candidate data, for example, 300 can be selected as the current candidate data group interval point.
  • all candidate data in the candidate data set are processed by the same hash function to obtain the target candidate data by the following formula, and the target candidate data set is composed of the target candidate data:
  • the target candidate data in a certain order, where the certain order can be ascending or descending, and group each group with a fixed size to obtain multiple candidate data groups; the fixed size can be based on Business requirements, product requirements or actual application scenarios are pre-determined.
  • the target candidate data after the target candidate data is sorted in a certain order, it can also be grouped according to different sizes of each group, that is, it can be grouped according to the non-fixed size of each group.
  • the grouping size corresponding to the data group may be specifically determined according to business requirements, product requirements, and actual application scenarios, wherein, in another embodiment, some of the grouping sizes corresponding to each candidate data group may be the same, and some may be different, and the specificity may be based on the actual situation. The situation is certain.
  • data group interval points are obtained by calculation according to the target candidate data in each candidate data group, and these data group interval points are sorted to obtain ordered data group interval points. Specifically, when the query device sends a data query request to the device to be queried, the device to be queried obtains an ordered set of interval points according to the data query request, and returns the obtained set of ordered interval points to the query device.
  • Step 203 Acquire the data to be queried, and determine the current data group serial number corresponding to the data to be queried according to the data to be queried and the ordered interval point set.
  • the data to be queried is data waiting to be queried.
  • the data to be queried can be the data processed by a hash function, and the data to be queried can be obtained by calling from a local database or obtained through other devices. Specifically, it can be based on business requirements, actual application scenarios, and product requirements. Sure get it.
  • the sequence number of the current data group here is the sequence number corresponding to the data group where the data to be queried is located.
  • the sequence number of the data group can be specifically obtained by obtaining two adjacent target interval points from the ordered interval point set according to the data to be queried, and then determining the current data group sequence number corresponding to the data to be queried according to the two target interval points. Wherein, if the data to be queried is equal to one of two adjacent target interval points, or the data to be queried has only one adjacent interval point, it means that the data to be queried is not in the candidate data set, and the data query is ended.
  • the target candidate data set obtained by hash function processing on the candidate data set is: 55, 270, 317, 553, 682, 847, and the target candidate data set is grouped to obtain: [55, 270], [317, 553] , [682, 847], the ordered interval point set is: the data group interval point between the first group and the second group is 293.5, and the data group interval point between the second group and the third group is 617.5.
  • the query data is processed by the hash function, it is 583.
  • the data to be queried is between 293.5 and 617.5, it can be determined that the current data group serial number corresponding to the data to be queried is 2, that is, if the data to be queried is to be inserted into the candidate data set, then Need to be inserted into the second group.
  • the data group interval point between the first group and the second group can be calculated according to the last target candidate data of the first group and the first target candidate data of the second group, for example, the last target of the first group
  • the candidate data is 270
  • the first target candidate data of the second group is 317
  • the data group interval point between the second group and the third group can be calculated according to the last target candidate data of the second group and the first target candidate data of the third group, for example, the last position of the second group
  • Step 204 Execute a preset encryption protocol on the data to be queried, and obtain encrypted data to be queried corresponding to the data to be queried after the execution of the preset encryption protocol is completed.
  • the preset encryption protocol here is an encryption protocol that is set by consensus between the querying device and the device to be queried in advance.
  • the random function and the corresponding random number the query device provides the data to be calculated.
  • the protocol is executed, only query the device to obtain the result of inadvertent pseudo-random function calculation.
  • the device to be queried cannot obtain the calculation data and calculation results of the device to be queried, and the device to be queried cannot learn the pseudo-random function and the corresponding random number of the device to be queried.
  • the query device can obtain the calculation result of the inadvertent pseudo-random function, and this calculation result is the encrypted data to be queried corresponding to the data to be queried.
  • the encrypted data to be queried is already encrypted data, and other devices cannot obtain the data to be queried through decryption or decryption in other ways.
  • the execution process of executing the inadvertent pseudo-random function protocol on the data to be queried may be: obtaining a preset encryption key pair, the preset encryption key pair including a first encryption key and a second encryption key, receiving the pending encryption key Query the first encrypted data and the second encrypted data sent by the device, randomly generate a first random number, calculate and obtain the third encrypted data according to the first random number and the first encryption key, and obtain the third encrypted data according to the first encrypted data, the data to be queried, and the third encrypted data.
  • the second encrypted data is calculated to obtain the fourth encrypted data.
  • the third encrypted data, the fourth encrypted data and the first encryption key are sent to the device to be inquired, so that the device to be inquired randomly generates a second random number, and the fifth encrypted data is obtained by calculating according to the fourth encrypted data,
  • the sixth encrypted data is calculated according to the fifth encrypted data and the preset encryption modulus length
  • the seventh encrypted data is calculated according to the sixth encrypted data and the third encrypted data
  • the eighth encrypted data is calculated according to the preset public parameters and the second random number.
  • the ninth encrypted data is obtained by calculating according to the seventh encrypted data, the first encryption key and the eighth encrypted data.
  • the preset public parameters and the preset encryption module length may be pre-determined according to business requirements, product requirements or actual application scenarios.
  • the query device receives the seventh encrypted data and the ninth encrypted data returned by the device to be queried, and calculates the encrypted data to be queried corresponding to the data to be queried according to the seventh encrypted data and the ninth encrypted data.
  • the encryption key pair in the query device may be (pk c , sk c ), the first encryption key is pk c , the second secret key is sk c , and the first encrypted data is The second encrypted data is pk s , the first random number is a, and the third encrypted data is The fourth encrypted data is The second random number is d s , the fifth encrypted data is b, the sixth encrypted data is r, and the seventh encrypted data is The eighth encrypted data is The ninth encrypted data is v s , the encrypted data to be queried is f k (x), x is the data to be queried, g is a preset public parameter, n is a preset encryption module length, and the specific process may be: 1.
  • the query device receives After that, the random number a is randomly generated, and the calculation is obtained: and will Sent to the device to be queried.
  • the query device receives After that, it is calculated: output
  • Step 205 Send the serial number of the current data group to the device to be queried, so that the device to be queried obtains at least one current data corresponding to the serial number of the current data group, obtains the current encryption function corresponding to the preset random number, and performs at least one encryption function according to the current encryption function.
  • the current data is encrypted and calculated to obtain the current encrypted data set, the current encrypted algebraic formula is constructed according to the current encrypted data set, and the current coordinate data set is generated according to the current encrypted algebraic formula.
  • the current data group serial number is sent to the device to be queried, and after the inquiring device receives the current data group serial number, it acquires at least one current data corresponding to the current data group serial number, where the current data It can refer to the data elements in the serial number of the current data group.
  • the current data can be all the data in the serial number of the current data group, or it can be the target data in the serial number of the current data group.
  • the quantity of target data can be determined according to business requirements and actual application conditions.
  • the target candidate data set is obtained, and the target candidate data set is grouped to obtain a plurality of candidate data groups, and each candidate data group includes the corresponding target candidate data and the corresponding group serial number,
  • all target candidate data in the current data group serial number can be used as current data.
  • a preset random number is randomly generated, and the corresponding current encryption function is obtained according to the preset random number, where the current encryption function is used for encryption calculation.
  • the current encryption function can be an inadvertent pseudo-random function, and the current encryption function is used to encrypt the current data in the serial number of the current data group.
  • the current data in the serial number of the current data group can be encrypted by using the inadvertent pseudo-random function to obtain The current encrypted dataset.
  • the current encryption algebra can be constructed according to the data elements in the current confidential data set, the current encryption algebra can be but is not limited to a polynomial, the current encryption algebra includes a plurality of current calculation unit items, and each current calculation unit item includes the corresponding current algebraic coefficients.
  • the current coordinate data set can be generated according to the current encryption algebra.
  • a non-zero current coordinate data set can be randomly generated according to the current encryption algebra. Specifically, it can be randomly assigned to the current encryption algebra. The corresponding value of the unknown quantity, so as to obtain the non-zero current coordinate data set.
  • the unknown quantity in the current encryption algebra is x
  • the corresponding value of x is randomly assigned, and the corresponding value of x can be assigned 1, 2, 3, respectively obtain the current coordinate data set
  • the current coordinate data set can be (1, f i (1)), (2, f i (2)), (3, f i (3)).
  • Step 206 Receive the current coordinate data set, generate a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, the target encrypted algebraic formula includes a plurality of target calculation unit items, and each target calculation unit item includes a corresponding target algebraic formula coefficient.
  • the query device after the query device generates and obtains the current coordinate data set, it will send the current coordinate data set to the query device, and after receiving the current coordinate data set, the query device can generate the target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, Specifically, the target algebraic structure of the target encrypted algebraic formula is obtained first, and the result of the target algebraic formula will be determined in advance according to business requirements, actual application scenarios or product requirements before the target encrypted algebraic formula is generated.
  • the encrypted data to be queried and the data to be queried form the coordinate data to be queried, and the coordinate data to be queried and the current coordinate data in the current coordinate data set are respectively taken as the value of the unknown quantity of the target algebraic structure and the corresponding result, so as to obtain the target algebraic structure
  • the target algebraic formula coefficients corresponding to each target calculation unit item are obtained, and finally the target encrypted algebraic formula is obtained.
  • the encrypted data to be queried and the data to be queried form the coordinate data to be queried: (3, 5)
  • the current The current coordinate data in the coordinate data set are: (2, 8), (5, 9), take 3 of the coordinate data to be queried as the value corresponding to x in the target algebraic structure, and 5 as f b (x in the target algebraic structure ), similarly, take 2 of the current coordinate data as the value corresponding to x in the target algebraic structure, 8 as f b (x) in the target algebraic structure, and take 5 of the current coordinate data as the value corresponding to x in the target algebraic structure value, 9 as f b (x) in the target algebraic structure, solve the equations to obtain b 0 , b 1 and b 2 .
  • the query device may generate a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set.
  • the target algebraic formula structure of the target encrypted algebraic formula may be obtained first, and the target algebraic formula The result will be determined in advance according to business requirements, actual application scenarios or product requirements before the target encrypted algebraic formula is generated.
  • the encrypted data to be queried and the data to be queried can be composed of the coordinate data to be queried.
  • the query coordinate data and each current coordinate data in the current coordinate data set restore the target encrypted algebraic formula through interpolation.
  • the interpolation method is an existing calculation method, and the specific calculation process is not repeated here.
  • the target encryption algebraic formula includes a plurality of target calculation unit items, each target calculation unit item includes a corresponding target algebraic formula coefficient, the target encryption algebraic formula includes a plurality of target calculation unit items, and each target calculation unit item includes The corresponding target algebraic coefficients.
  • the target encryption algebra is: b 0 +b 1 x+b 2 x 2
  • the target encryption algebra includes multiple target computing units: b 0 , b 1 x, b 2 x 2
  • each target computing unit item includes the corresponding target Algebraic coefficients: b 0 , b 1 , b 2 .
  • Step 207 Send the target algebraic formula coefficients to the device to be queried, so that the to-be-queried device determines a query result corresponding to the data to be queried according to the target algebraic formula coefficients and the current encrypted algebraic formula.
  • Step 208 Receive the query result.
  • the target encrypted algebraic formula includes a plurality of target calculation unit items, each target calculation unit item includes a corresponding target algebraic formula coefficient, the target encrypted algebraic formula includes a plurality of target calculation unit items, and each target calculation unit item The terms include the corresponding target algebraic coefficients. Send the target algebraic coefficients corresponding to each target calculation unit item to the device to be queried.
  • the device to be inquired acquires each current calculation unit item corresponding to the current encrypted algebraic formula, and obtains the current algebraic formula coefficient corresponding to each current calculation unit item.
  • the query result corresponding to the data to be queried can be determined according to the current algebraic coefficients and the target algebraic system.
  • the query result corresponding to the data to be queried may be determined by comparing whether the current algebraic coefficients and the corresponding target algebraic coefficients are the same. If the current algebraic coefficients are the same as the corresponding target algebraic coefficients, it means that the data to be queried is in the candidate data set. An element, so the query result is to determine that the data to be queried is in the candidate data set.
  • any current algebraic coefficient is different from the corresponding target algebraic coefficient, it means that the data to be queried is not an element in the candidate data set, therefore, it can be determined that the query result is that the data to be queried is not in the candidate data set.
  • the current encrypted algebraic formula is: a 0 +a 1 x+a 2 x 2
  • the current encrypted algebraic formula includes multiple current computing units, a 0 , a 1 x, a 2 x 2
  • each current computing unit item includes the corresponding current Algebraic coefficients: a 0 , a 1 , a 2
  • the target encryption algebra is: b 0 +b 1 x+b 2 x 2
  • the target encryption algebra includes multiple target calculation units: b 0 , b 1 x, b 2 x 2
  • each target calculation unit item includes the corresponding target algebraic coefficients: b 0 , b 1 , b 2 .
  • a 0 is the same as b 0
  • a 1 is the same as b 1
  • a 2 is the same as b 2
  • it is determined that the query result is that the data to be queried is in the candidate data set.
  • any current algebraic coefficient is different from the corresponding target algebraic coefficient, it can be determined that the query result is that the data to be queried is not in the candidate data set. If a 0 is different from b 0 , it is determined that the query result is that the data to be queried is not in the candidate data set.
  • a data query request is sent to a device to be queried; an ordered interval point set is received, where the ordered interval point set includes the device to be queried acquiring an ordered data group interval point corresponding to the candidate data set according to the data query request; For the data to be queried, determine the serial number of the current data group corresponding to the data to be queried according to the data to be queried and the ordered interval point set; execute a preset encryption protocol for the data to be queried, and obtain the to-be-queried data corresponding to the data to be queried after the execution of the preset encryption protocol is completed Encrypt data; send the current data group serial number to the device to be queried, so that the device to be queried obtains at least one current data corresponding to the current data group serial number, obtains the current encryption function corresponding to the preset random number, and performs at least one encryption function according to the current encryption function.
  • the current data is encrypted and calculated to obtain the current encrypted data set, the current encrypted algebraic formula is constructed according to the current encrypted data set, and the current coordinate data set is generated according to the current encrypted algebraic formula; the current coordinate data set is received, and the target is generated according to the encrypted data to be queried and the current coordinate data set.
  • Encrypted algebraic formula the target encrypted algebraic formula includes a plurality of target calculation unit items, and each target calculation unit item includes corresponding target algebraic formula coefficients; send the target algebraic formula coefficients to the device to be queried, so that the device to be queried determines according to the target algebraic formula coefficients and the current encrypted algebraic formula
  • the query result corresponding to the data to be queried; receive the query result.
  • the ordered interval point set sent by the device to be queried is not a candidate data set in the device to be queried, the interval points of the ordered data groups in these ordered interval point sets are meaningless by themselves, and do not set the interval points to be queried.
  • the candidate data set in the device is sent to the query device, which avoids the leakage of the candidate data set in the device to be queried, and ensures the privacy of the query data, and the data sent by the device to be queried and the query device to the other party are all through the confidential large data.
  • the prime numbers are obtained by encrypted calculation. Since their own data and exponents are kept secret, they cannot deduce each other's real data, thereby improving the security and privacy of query data.
  • the current coordinate data set sent by the device to be inquired to the inquiring device is also randomly generated by the target encrypted algebraic formula generated by the data processed by the current encryption function.
  • the query device cannot determine the candidate data in the device to be queried, but can only determine whether the data to be queried is in the candidate data set, and the query device Neither the device to be queried nor the device to be queried can reverse the private data of the other party, thus ensuring the confidentiality of the private data.
  • determining the current data group serial number corresponding to the data to be queried according to the data to be queried and the ordered interval point set including:
  • Step 301 Acquire two adjacent target interval points corresponding to the data to be queried from the ordered interval point set.
  • Step 302 Determine the current data group serial number corresponding to the data to be queried according to the two target interval points.
  • the corresponding data group interval points are determined according to the data in each candidate data group. Specifically, the current candidate data group is obtained, the current candidate hash data corresponding to the current candidate data group is obtained, and the target corresponding to the previous candidate data group is obtained.
  • the candidate hash data according to the current candidate hash data and the target candidate hash data, to obtain the current data group interval point, obtain the next candidate data group, take the next candidate data group as the current candidate data group, and return to the step to obtain the current candidate data
  • the current candidate hash data corresponding to the group is obtained until the interval points of each data group are obtained, and the interval points of each data group are sorted to obtain an ordered set of interval points of the data group.
  • the current candidate hash data may be the first candidate hash data of the current candidate data group
  • the target candidate hash data may be the last candidate hash data of the previous candidate data group.
  • the data group interval point between the first group and the second group can be calculated according to the last candidate hash data of the first group and the first candidate hash data of the second group, for example, the last candidate hash data of the first group
  • the bit candidate hash data is 270
  • the first candidate hash data of the second group is 317
  • the data group interval point between the third group and the fourth group can be calculated according to the last candidate hash data of the third group and the first candidate hash data of the fourth group.
  • the last candidate hash data of the third group The hash data is 847
  • the first candidate hash data of the fourth group is 987
  • the data query method further includes:
  • Step 401 Send a current ordered interval point set version number query request to the device to be queried, and the current ordered interval point set version number query request includes the current ordered interval point set version number, so that the device to be queried obtains candidate ordered interval points Set version number, compare whether the version number of the current ordered interval point set is consistent with the version number of the candidate ordered interval point set. If they are consistent, it is determined to be the first version number information; Returning, where the version number of the candidate ordered interval point set is the version number corresponding to the current ordered interval point set in the device to be queried.
  • Step 402 Receive the first version number information returned by the device to be queried, and obtain the historical ordered interval point set, then use the historical ordered interval point set as the ordered interval point set, and enter the step to acquire the data to be queried.
  • Step 403 Receive the second version number information returned by the device to be queried, and then enter the step of sending a data query request to the device to be queried.
  • the current ordered interval point set version number query request here is used to request to query the current ordered interval point set version number
  • the current ordered interval point set version number is the version identification number corresponding to the current ordered interval point set
  • Each time the current ordered interval point set sent by the device to be queried includes the corresponding version number of the current ordered interval point set.
  • the inquiring device carries the current ordered interval point set version number query request to the to-be-queried device, and the to-be-queried device compares the current ordered interval point set version numbers.
  • the ordered interval point cached by the inquiring device itself can be determined. It is an ordered interval point set. Specifically, the historical ordered interval point set can be obtained.
  • the so-called historical ordered interval point set refers to the ordered interval point set cached locally by the query device, and the historical ordered interval point set is used as the ordered interval point. Set, enter the step to obtain the data to be queried.
  • the query device receives the second version number information, it means that the version number of the current ordered interval point set is inconsistent with the version number of the candidate interval point set stored locally by the device to be queried, and then enters the step of sending a data query request to the device to be queried. , and replace the subsequently received ordered interval point set with the historical ordered interval point set stored locally by the query device, that is, update the locally stored historical ordered interval point set according to the subsequently received ordered interval point set.
  • the preset encryption protocol is an inadvertent pseudo-random function protocol
  • the preset encryption protocol is executed on the data to be queried, and after the execution of the preset encryption protocol is completed, the encrypted data to be queried corresponding to the data to be queried is obtained, including: the data to be queried Execute the inadvertent pseudo-random function protocol.
  • the inadvertent pseudo-random function protocol After the inadvertent pseudo-random function protocol is executed, the encrypted data to be queried corresponding to the data to be queried is obtained, wherein the inadvertent pseudo-random function protocol enables the query device and the device to be queried to exchange information in an inadvertent manner. That is, the inadvertent pseudo-random function protocol enables the inquiring device and the device to be inquired to exchange information in an inadvertent manner.
  • the encrypted data to be queried corresponding to the data to be queried is obtained, including:
  • Step 501 Obtain a preset encryption key pair, where the preset encryption key pair includes a first encryption key and a second encryption key.
  • Step 502 Receive the first encrypted data and the second encrypted data sent by the device to be queried.
  • Step 503 Randomly generate a first random number, calculate and obtain third encrypted data according to the first random number and the first encryption key, and calculate and obtain fourth encrypted data according to the first encrypted data, the data to be queried, and the second encrypted data.
  • the preset encryption key pair here refers to the key pair in the query device, and the preset encryption key pair includes a first encryption key and a second encryption key, wherein the first encryption key may be a public key , the second encryption key may be a private key.
  • the preset encryption key pair in the query device can be preset, and can be determined according to business requirements, actual application scenarios or product requirements.
  • a preset encryption key pair is obtained, and at the same time, the first encrypted data and the second encrypted data sent by the device to be queried are received, and the first encrypted data and the second encrypted data of the device to be queried are obtained confidentially through a preset encryption algorithm , which cannot be broken. Further, after receiving the first encrypted data and the second encrypted data sent by the device to be queried, the first random number is randomly generated, and the third encrypted data can be calculated and obtained according to the first random number and the first encryption key. The encrypted data, the data to be queried, and the second encrypted data are calculated to obtain fourth encrypted data. Wherein, the third encrypted data and the fourth encrypted data can be calculated according to the corresponding encryption algorithm.
  • the encryption key pair may be (pk c , sk c ), the first encryption key is pk c , the second secret key is sk c , and the first encrypted data is The second encrypted data is pk s , the first random number is a, and the third encrypted data is The fourth encrypted data is Specifically, the device to be queried randomly generates a random number k of an inadvertent pseudo-random function, and the obtained pseudo-random function is The current preset encryption key pair (pk s , sk s ) is calculated by the device to be queried and will Sent to the querying device. Then, the querying device receives After that, the random number a is randomly generated, and the calculation is obtained: and will Sent to the device to be queried.
  • Step 504 Send the third encrypted data, the fourth encrypted data and the first encryption key to the device to be queried, so that the device to be queried randomly generates a second random number, and calculates the fifth encrypted data according to the fourth encrypted data,
  • the sixth encrypted data is calculated according to the fifth encrypted data and the preset encryption modulus length
  • the seventh encrypted data is calculated according to the sixth encrypted data and the third encrypted data
  • the eighth encrypted data is calculated according to the preset public parameters and the second random number.
  • the ninth encrypted data is obtained by calculating according to the seventh encrypted data, the first encryption key and the eighth encrypted data.
  • Step 505 Receive the seventh encrypted data and the ninth encrypted data returned by the device to be queried, and calculate the encrypted data to be queried corresponding to the data to be queried according to the seventh encrypted data and the ninth encrypted data.
  • the inquiring device after calculating and obtaining the third encrypted data and the fourth encrypted data, the inquiring device sends the third encrypted data, the fourth encrypted data and the first encryption key to the device to be inquired, and the device to be inquired receives the third encrypted data and the first encryption key.
  • the second random number is randomly generated, and the fifth encrypted data can be calculated according to the fourth encrypted data.
  • the specific calculation method can be calculated according to the corresponding encryption algorithm.
  • the encrypted data is encrypted to obtain second encrypted data.
  • the seventh encrypted data can be obtained by calculation according to the fifth encrypted data and the preset encryption modulus length
  • the eighth encrypted data can be obtained by calculation according to the preset public parameters and the second random number
  • the seventh encrypted data can be obtained according to the calculation of the preset public parameter and the second random number.
  • the encrypted data, the first encryption key and the eighth encrypted data are calculated to obtain ninth encrypted data.
  • the encryption method corresponding to each encrypted data can be calculated according to the corresponding encryption algorithm, and the encryption algorithm is determined in advance according to business requirements, actual application scenarios, and product requirements, and the encryption algorithm of each encrypted data can be different.
  • the current encryption function is a current inadvertent pseudo-random function
  • the current data group serial number is sent to the device to be queried, so that the device to be queried obtains at least one current data corresponding to the current data group serial number, and obtains a preset random number.
  • the corresponding current encryption function performs encryption calculation on at least one current data according to the current encryption function to obtain the current encrypted data set, constructs the current encrypted algebraic formula according to the current encrypted data set, and generates the current coordinate data set according to the current encrypted algebraic formula, including: converting the current data
  • the group serial number is sent to the device to be queried, so that the device to be queried randomly generates a preset random number, obtains the current inadvertent pseudo-random function corresponding to the preset random number, and obtains at least one current data corresponding to the current data group serial number.
  • the random function processes at least one current data, obtains at least one current encrypted data set corresponding to the current data, uses the current encrypted data in the current encrypted data set as the root, constructs the current encrypted algebra, and randomly generates non-zero current coordinates according to the current encrypted algebra
  • the current encryption algebra includes a plurality of current computing unit items.
  • the current data can be all the data in the serial number of the current data group, or it can be the target data in the serial number of the current data group.
  • the quantity of target data can be determined according to business requirements and actual application conditions. Obtain, wherein, after the candidate data set is processed, the target candidate data set is obtained, and the target candidate data set is grouped to obtain a plurality of candidate data groups, and each candidate data group includes the corresponding target candidate data and the corresponding group serial number, In one embodiment, all target candidate data in the current data group serial number may be determined as current data.
  • a preset random number is randomly generated, and the corresponding current encryption function is obtained according to the preset random number, where the current encryption function is used for encryption calculation.
  • the current encryption function can be an inadvertent pseudo-random function, and the current encryption function is used to encrypt the current data in the serial number of the current data group.
  • the current data in the serial number of the current data group can be encrypted by using the inadvertent pseudo-random function to obtain The current encrypted dataset.
  • the current encryption algebra can be constructed according to the data elements in the current confidential data set, the current encryption algebra can be but is not limited to a polynomial, the current encryption algebra includes a plurality of current calculation unit items, and each current calculation unit item includes the corresponding current algebraic coefficients.
  • the current coordinate data set can be generated according to the current encryption algebra.
  • a non-zero current coordinate data set can be randomly generated according to the current encryption algebra. Specifically, it can be randomly assigned to the current encryption algebra. The corresponding value of the unknown quantity, so as to obtain the non-zero current coordinate data set.
  • the unknown quantity in the current encryption algebra is x
  • the corresponding value of x is randomly assigned, and the corresponding value of x can be assigned 1, 2, 3, respectively obtain the current coordinate data set
  • the current coordinate data set can be (1, f i (1)), (2, f i (2)), (3, f i (3)).
  • generating a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set including:
  • Step 601 Obtain encrypted coordinate data corresponding to the encrypted data to be queried.
  • Step 602 Calculate and obtain the target encrypted algebraic formula according to the encrypted coordinate data and the current coordinate data set.
  • the encrypted coordinate data may be a coordinate pair composed of the data to be queried and the encrypted data to be queried. For example, if the data to be queried is x and the encrypted data to be queried is y, the encrypted coordinate data is: (x, y).
  • the target encrypted algebraic formula can be calculated according to the encrypted coordinate data and the current coordinate data in the current coordinate data set. Specifically, the target algebraic formula structure of the target encrypted algebraic formula can be obtained first, and the result of the target algebraic formula is in the target algebraic formula. Before the encrypted algebraic formula is generated, it will be determined in advance according to business requirements, actual application scenarios or product requirements.
  • the encrypted data to be queried and the data to be queried can be formed into the coordinate data to be queried, and the coordinate data to be queried can be composed of the coordinate data to be queried.
  • each current coordinate data in the current coordinate data set are respectively used as the value of the unknown quantity of the target algebraic structure and the corresponding result, so as to obtain the target algebraic coefficient corresponding to each target calculation unit item of the target algebraic structure, and finally obtain the target encrypted algebraic formula.
  • the encrypted data to be queried and the data to be queried form the coordinate data to be queried: (3, 5)
  • the current The current coordinate data in the coordinate data set are: (2, 8), (5, 9), take 3 of the coordinate data to be queried as the value corresponding to x in the target algebraic structure, and 5 as f b (x in the target algebraic structure ), similarly, take 2 of the current coordinate data as the value corresponding to x in the target algebraic structure, 8 as f b (x) in the target algebraic structure, and take 5 of the current coordinate data as the value corresponding to x in the target algebraic structure value, 9 as f b (x) in the target algebraic structure, solve the equations to obtain b 0 , b 1 and b 2 .
  • the current encrypted algebraic formula includes a plurality of current calculation unit items, each current calculation unit item includes corresponding current algebraic formula coefficients, and the target algebraic formula coefficients are sent to the device to be queried, so that the to-be-queried device can be queried according to the target algebraic formula coefficients and the current algebraic formula coefficients.
  • the encrypted algebraic formula determines the query result corresponding to the data to be queried, including: Step 701: Send the target algebraic formula coefficients corresponding to each target calculation unit item to the to-be-queried device, so that the to-be-queried device obtains the current encrypted algebraic formula corresponding to each current calculation unit item For the current algebraic coefficients, compare whether the current algebraic coefficients and the corresponding target algebraic coefficients are the same. When the current algebraic coefficients are the same as the corresponding target algebraic coefficients, it is determined that the data to be queried is in the candidate data set. Step 702: Conversely, when any current algebraic formula coefficient is different from the corresponding target algebraic formula coefficient, determine that the data to be queried is not in the candidate data set.
  • the generating step of the ordered interval point set includes:
  • Step 801 The device to be queried acquires a candidate data set, where the candidate data set includes at least one candidate data.
  • Step 802 The device to be queried processes the candidate data in the candidate data set according to the preset hash function to obtain a target candidate data set, where the target candidate data set includes at least one candidate hash data.
  • the candidate data set is processed to obtain the target candidate data set. Specifically, a preset hash function is obtained, and each candidate data in the candidate data set is hashed by the preset hash function to obtain the corresponding candidate data set. Hash data, the target candidate data set is composed of each candidate hash data.
  • Step 803 The device to be queried groups the target candidate data sets according to preset rules to obtain multiple candidate data groups.
  • Step 804 The device to be queried determines the corresponding data group interval points according to the candidate hash data in each candidate data group, and generates an ordered data group interval point set according to each data group interval point.
  • the device to be queried groups the target candidate data set to obtain multiple candidate data groups.
  • Corresponding data group interval points are determined, and these data group interval points are sorted to obtain an ordered data group interval point set.
  • the device to be queried groups the target candidate data set according to a preset rule to obtain multiple candidate data groups, wherein the preset rule may be to sort the candidate hash data in the target candidate data set , the sorting can be in ascending order or descending order to obtain the sorted target candidate data set, and then group the sorted target candidate data set according to the preset group size, thereby obtaining multiple candidate data groups.
  • the candidate hash data in the target candidate data set may be sorted according to an ascending rule, or the candidate hash data in the target candidate data set may be sorted in descending order according to a descending rule to obtain the sorted target candidate data Set, and then obtain the preset group size.
  • the so-called group size refers to the maximum bearing capacity corresponding to the corresponding group.
  • the preset group size can be determined according to business requirements, application scenarios or product requirements, and the sorted targets are based on the preset group size.
  • the candidate data sets are grouped to obtain each grouped candidate data group.
  • the target candidate data set obtained by hash function processing on the candidate data set is: 55, 270, 317, 553, 682, 847, 987, 1203, and the target candidate data set is grouped to obtain: [55, 270], [ 317, 553], [682, 847], [987, 1203], the ordered interval point set is: the data group interval point between the first group and the second group is 293.5, between the second group and the third group The data set interval point is 617.5.
  • the data group interval point between the third group and the fourth group can be calculated according to the last candidate hash data of the third group and the first candidate hash data of the fourth group.
  • the last candidate hash data of the third group The hash data is 847
  • the first candidate hash data of the fourth group is 987
  • the determination method of determining the corresponding data group interval point according to the data in each candidate data group can be customized, and the customization can be to obtain the current candidate data group, obtain the current candidate hash data corresponding to the current candidate data group, and obtain the previous candidate data group.
  • the target candidate hash data corresponding to the candidate data group, the current data group interval point is calculated according to the current candidate hash data and the target candidate hash data, the next candidate data group is obtained, and the next candidate data group is used as the current candidate data group,
  • the returning step obtains the current candidate hash data corresponding to the current candidate data group until the interval points of each data group are obtained.
  • the current candidate hash data may be the first candidate hash data in the current candidate data group
  • the target candidate hash data may be the last candidate hash data in the previous candidate data group.
  • the device to be queried may obtain the current candidate hash data.
  • Candidate data group obtain the first candidate hash data in the current candidate data group, obtain the last candidate hash data in the previous candidate data group, and calculate the current data group according to the first candidate hash data and the last candidate hash data Interval point, obtain the next candidate data group, take the next candidate data group as the current candidate data group, and return to the step to obtain the first candidate hash data in the current candidate data group, until the data group interval point is obtained.
  • the way of determining the interval point of the data group can also be customized by obtaining the current candidate data group, obtaining the current candidate hash data corresponding to the current candidate data group, and obtaining the target candidate hash data corresponding to the previous candidate data group.
  • the returning step acquires the current candidate hash data corresponding to the current candidate data group until the interval points of each data group are obtained.
  • a number can be randomly selected from the first candidate hash data and the last candidate hash data to be determined as the interval point of the current data group, and the next candidate data group can be obtained.
  • the current candidate data group is: [317, 553]
  • the last candidate data group is: [55, 270]
  • the current candidate hash data is the first candidate hash data in the current candidate data group: 317
  • the target candidate hash data is the last bit in the previous candidate data group
  • the current candidate data group interval point can be a number randomly selected from the first candidate hash data and the last candidate hash data, for example, 300 can be selected as the current candidate data group interval point.
  • the device to be queried determines the corresponding data group interval points according to the candidate hash data in each candidate data group, including: the device to be queried obtains the current candidate data group, and obtains the current candidate hash in the current candidate data group. data, obtain the target candidate hash data in the previous candidate data group, calculate the interval point of the current data group according to the current candidate hash data and the target candidate hash data, obtain the next candidate data group, and use the next candidate data group as For the current candidate data group, the returning step obtains the current candidate hash data in the current candidate data group until the data group interval point is obtained.
  • the current candidate data group may be randomly selected from each candidate data group as the current candidate data group, or the candidate data group may be determined as the current candidate data group in sequence.
  • the current candidate hash data may be the first candidate hash data in the current candidate data group
  • the target candidate hash data may be the last candidate hash data in the previous candidate data group.
  • the device to be queried obtains the current candidate data group, obtains the first candidate hash data in the current candidate data group, and obtains the last candidate hash data in the previous candidate data group, according to the first candidate hash data and the last candidate hash data. Calculate the interval point of the current data group, obtain the next candidate data group, take the next candidate data group as the current candidate data group, and return to the step to obtain the first candidate hash data in the current candidate data group, until the interval point of the data group is obtained.
  • a data set processing method is provided, which is described by taking the method applied to the device to be queried in FIG. 1 as an example, including the following steps: Step 901: Obtain a candidate data set, where the candidate data set includes at least one candidate data.
  • Step 902 Process at least one candidate data in the candidate data set according to a preset hash function to obtain a target candidate data set, where the target candidate data set includes at least one candidate hash data.
  • Step 903 Group the target candidate data sets according to preset rules to obtain multiple candidate data groups.
  • Step 904 Determine corresponding data group interval points according to the candidate hash data in each candidate data group, and generate an ordered data group interval point set according to each data group interval point.
  • the data set processing method further includes: receiving newly added candidate hash data, inserting the newly added candidate hash data into its corresponding first data group, and determining whether the amount of data in the first data group is If it exceeds the set range, if it is, then re-determine the data group interval points from the first data group, and update the ordered data group interval point set according to each data group interval point.
  • the first data group here refers to the data group into which the newly added candidate hash data needs to be inserted, and the first data group corresponding to the newly added candidate hash data can be determined according to the interval point of each data group, and then the first data group Whether the amount of data in the data exceeds the set range, and if so, then re-determine the data group interval points from the first data group, and update the ordered data group interval point set according to each data group interval point.
  • the data group interval point between the first group and the second group is 293.5
  • the data group interval point between the second group and the third group is 617.5
  • the newly added candidate hash data is 530, then it is determined that the new addition
  • the candidate hash data is that the second group is the first data group, and then it is judged whether the amount of data in the first data group exceeds the set range.
  • Data group interval points update the ordered data group interval point set.
  • a data query system 1000 including: a query device 1001 for acquiring a data query request and sending the data query request to the device to be queried.
  • the device to be queried 1002 is configured to obtain an ordered interval point set corresponding to the candidate data set according to the data query request, and return the ordered interval point set to the query device, where the ordered interval point set includes the ordered data corresponding to the candidate data set Group interval points.
  • the query device 1001 is further configured to receive an ordered interval point set, obtain data to be queried, determine a current data group serial number corresponding to the to-be-queried data according to the to-be-queried data and the ordered interval point set, execute a preset encryption protocol on the to-be-queried data, and After the preset encryption protocol is executed, the encrypted data to be queried corresponding to the data to be queried is obtained, and the serial number of the current data group is sent to the device to be queried.
  • the device to be queried 1002 is further configured to obtain at least one current data corresponding to the serial number of the current data group, obtain a current encryption function corresponding to a preset random number, perform encryption calculation on the at least one current data according to the current encryption function, and obtain a current encrypted data set,
  • the current encrypted algebra is constructed according to the current encrypted data set, the current coordinate data set is generated according to the current encrypted algebra, and the current coordinate data set is returned to the query device.
  • the query device 1001 is further configured to receive the current coordinate data set, and generate a target encrypted algebraic formula according to the encrypted data to be queried and the current coordinate data set, the target encrypted algebraic formula includes a plurality of target calculation unit items, and each target calculation unit item includes a corresponding target algebraic formula coefficient , and send the target algebraic coefficients to the device to be queried.
  • the device to be queried 1002 is further configured to determine a query result corresponding to the data to be queried according to the coefficient of the target algebraic formula and the current encrypted algebraic formula, and return the query result to the query device.
  • the query device 1001 is further configured to receive query results.
  • a data set processing apparatus 1200 including: a candidate data set acquisition module 1201, a target candidate data set acquisition module 1202, a target candidate data set grouping module 1203, an ordered data set
  • the group interval point set generation module 1204 wherein: the candidate data set acquisition module 1201 is configured to acquire a candidate data set, and the candidate data set includes at least one candidate data.
  • the target candidate data set acquisition module 1202 is configured to process at least one candidate data in the candidate data set according to a preset hash function to obtain a target candidate data set, where the target candidate data set includes at least one candidate hash data.
  • the target candidate data set grouping module 1203 is configured to group the target candidate data set according to a preset rule to obtain a plurality of candidate data sets.
  • the ordered data group interval point set generating module 1204 is configured to determine corresponding data group interval points according to the candidate hash data in each candidate data group, and generate an ordered data group interval point set according to each data group interval point.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

本申请涉及一种数据查询方法、装置、系统以及数据集处理方法。该方法包括:获取待查询加密数据;将当前数据组序号发送至待查询设备中,待查询设备获取当前数据,获取预设随机数对应的当前加密函数,对当前数据进行加密计算,得到当前加密数据集,构建当前加密代数式,生成当前坐标数据集;接收当前坐标数据集,生成目标加密代数式;将目标代数式系数发送至待查询设备,确定待查询数据对应的查询结果;接收查询结果。

Description

数据查询方法、装置、系统以及数据集处理方法
相关申请
本申请要求2020年11月10日申请的,申请号为202011247552.4,发明名称为“数据查询方法、装置、系统以及数据集处理方法”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及计算机技术领域,特别是涉及一种数据查询方法、装置、系统、计算机设备和存储介质,以及数据集处理方法、装置、计算机设备和存储介质。
背景技术
保护数据集合的隐私性是在很多场景下是自然甚至是必要的需求,比如当集合是某用户的通讯录或是某基因诊断服务用户的基因组,这样的输入就一定要通过密码学的手段进行保护。隐私保护集合交集(Private Set Intersection,PSI)计算技术允许持有各自集合的两方来共同计算两个集合的交集运算。在协议交互的最后,一方或是两方应该得到正确的交集,而且不会得到交集以外另一方集合中的任何信息。
然而,隐私保护集合交集计算技术,需要允许持有各自集合的两方来共同计算两个集合的交集运算,这种方式,在数据查询过程中容易导致数据泄露,无法保证查询数据的隐私性,查询数据不安全。
发明内容
根据本申请的一个方面,提供一种数据查询的方法,包括以下步骤:发送数据查询请求至待查询设备;接收有序间隔点集,有序间隔点集包括待查询设备根据数据查询请求获取与候选数据集合对应的有序数据组间隔点;获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号;对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据;将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集;接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果;接收查询结果。
根据本申请的另一个方面,提供一种数据查询装置,该装置包括:查询请求发送模块,用于发送数据查询请求至待查询设备;有序间隔点集接收模块,用于接收有序间隔点集,有序间隔点集包括待查询设备根据数据查询请求获取与候选数据集合对应的有序数据组间隔点;待查询数据获取模块,用于获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号;待查询加密数据生成 模块,用于对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据;当前数据组序号发送模块,用于将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集;坐标数据集接收模块,用于接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;代数式系数发送模块,用于将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果;查询结果接收模块,用于接收查询结果。
根据本申请的另一个方面,提供一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现以下步骤:发送数据查询请求至待查询设备;接收有序间隔点集,有序间隔点集包括待查询设备根据数据查询请求获取与候选数据集合对应的有序数据组间隔点;获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号;对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据;将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集;接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果;接收查询结果。
根据本申请的另一个方面,提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现以下步骤:发送数据查询请求至待查询设备;接收有序间隔点集,有序间隔点集包括待查询设备根据数据查询请求获取与候选数据集合对应的有序数据组间隔点;获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号;对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据;将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集;接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果;接收查询结果。
根据本申请的另一个方面,提供一种数据查询系统,该系统包括:查询设备,用于获取数据查询 请求,并将数据查询请求发送至待查询设备;待查询设备,用于根据数据查询请求获取与候选数据集合对应的有序间隔点集,并将有序间隔点集返回至查询设备,有序间隔点集包括候选数据集合对应的有序数据组间隔点;查询设备,还用于接收有序间隔点集,获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号,对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据,将当前数据组序号发送至待查询设备;待查询设备,还用于获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集,并将当前坐标数据集返回至查询设备;查询设备,还用于接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数,将目标代数式系数发送至待查询设备;待查询设备,还用于根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果,并返回查询结果至查询设备;查询设备,还用于接收查询结果。
根据本申请的另一个方面,提供一种数据集处理方法,包括以下步骤:获取候选数据集合,候选数据集合包括至少一个候选数据;根据预设哈希函数对候选数据集合中的至少一个候选数据进行处理,得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据;按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组;根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个数据组间隔点生成有序数据组间隔点集。
根据本申请的另一个方面,提供一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,处理器执行计算机程序时实现以下步骤:获取候选数据集合,候选数据集合包括至少一个候选数据;根据预设哈希函数对候选数据集合中的至少一个候选数据进行处理,得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据;按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组;根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个数据组间隔点生成有序数据组间隔点集。
根据本申请的另一个方面,提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行时实现以下步骤:获取候选数据集合,候选数据集合包括至少一个候选数据;根据预设哈希函数对候选数据集合中的至少一个候选数据进行处理,得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据;按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组;根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个数据组间隔点生成有序数据组间隔点集。
上述数据查询方法、装置、系统、计算机设备和存储介质,以及数据集处理方法、装置、计算机设备和存储介质,由于待查询设备发送查询设备的有序间隔点集本身不是待查询设备内的候选数据集合,这些有序间隔点集中的有序数据组间隔点本身就是没有意义的,并没有将待查询设备内的候选数据集合发送至查询设备中,避免了待查询设备内的候选数据集合泄露,保证了查询数据的隐私性,而且待查询设备和查询设备发送给对方的数据都是通过保密的大质数进行加密计算得到的,由于自己的数据和指数都是保 密的,互相无法反推出对方的真实数据,从而提高查询数据的安全性和隐私性。而且,待查询设备发送给查询设备的当前坐标数据集也是由当前加密函数处理后的数据生成的目标加密代数式随机产生的,如果查询设备的待查询数据在候选数据集合中,就能够还原出正确的目标加密代数式,但是由于查询设备中的待查询数据通过目标加密代数式隐藏在系数中,查询设备无法确定待查询设备中的候选数据,只能确定待查询数据是否在候选数据集合中,查询设备与待查询设备都无法反推出对方的隐私数据,从而保证了隐私数据的保密性。
附图说明
图1为本申请实施例1的数据查询方法的应用场景图。
图2为本申请实施例1的数据查询方法的流程图。
图3为本申请实施例1的数据查询系统的结构框图。
图4为本申请实施例1的数据集处理装置的结构框图。
具体实施方式
为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。
除非另作定义,本申请所涉及的技术术语或者科学术语应当为本申请所属技术领域内具有一般技能的人士所理解的通常意义。本申请所涉及的“一”、“一个”、“一种”、“该”等类似词语并不表示数量限制,可表示单数或复数。本申请所涉及的术语“包括”、“包含”、“具有”以及它们任何变形,意图在于覆盖不排他的包含;例如包含了一系列步骤或模块(单元)的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元,而是可以还包括没有列出的步骤或单元,或可以还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。本申请所涉及的“连接”、“相连”、“耦接”等类似的词语并非限定于物理的或者机械的连接,而是可以包括电气的连接,不管是直接的还是间接的。本申请所涉及的“多个”是指两个或两个以上。“和/或”描述关联对象的关联关系,表示可以存在三种关系,例如,“A和/或B”可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。字符“/”一般表示前后关联对象是一种“或”的关系。本申请所涉及的术语“第一”、“第二”、“第三”、“第四”等仅仅是区别类似的对象,不代表针对对象的特定排序。
图1为一个实施例中数据查询方法的应用环境图。参照图1,该数据查询方法应用于数据查询系统。该数据查询系统包括查询设备101和待查询设备102。查询设备101和待查询设备102通过网络连接。查询设备101具体可以是台式终端或移动终端或查询待查询设备,移动终端具体可以手机、平板电脑、笔记本电脑等中的至少一种。待查询设备102可以用独立的服务器或者是多个服务器组成的服务器集群来实现。
在一个实施例中,如图2所示,提供了一种数据查询方法,以该方法应用于图1中的查询设备为 例进行说明,包括以下步骤:
步骤201:发送数据查询请求至待查询设备。
其中,查询设备可以是数据查询方所在的设备,可以是但不限于查询终端或查询待查询设备,而这里的待查询设备可以是数据用户方所在的待查询设备,存储候选数据集合,候选数据集合包括至少一个候选数据,对候选数据集合进行处理,得到目标候选数据集合,对目标候选数据集合进行分组,得到多个候选数据组,根据各个候选数据组中的数据确定对应的数据组间隔点,对这些数据组间隔点进行排序,得到有序数据组间隔点集。
其中,这里的数据查询请求是用来请求待查询设备进行数据查询的,数据查询请求可以在查询设备上进行操作触发生成的,具体可以是,在查询设备上设有相关查询应用,在查询应用相关界面设有查询按钮,对查询按钮进行操作,触发生成数据查询请求,其中,操作包括但不限于点击操作、语音操作或者定时事件触发操作。
步骤202:接收有序间隔点集,有序间隔点集包括待查询设备根据数据查询请求获取与候选数据集合对应的有序数据组间隔点。
其中,这里的有序间隔点集是指存在一定顺序的数据组间隔点组成的集合,而数据组间隔点是指候选数据集合对应的候选数据组之间的间隔值,而待查询设备上预先存储候选数据集合,候选数据集合包括至少一个候选数据,对候选数据集合进行处理,得到目标候选数据集合,对目标候选数据集合进行分组,得到多个候选数据组,根据各个候选数据组中的数据确定对应的数据组间隔点,对这些数据组间隔点进行排序,得到有序数据组间隔点集。
其中,根据各个候选数据组中的数据确定对应的数据组间隔点的确定方式可自定义,自定义可以是获取当前候选数据组,获取当前候选数据组对应的当前候选数据,获取上一个候选数据组对应的目标候选数据,根据当前候选数据与目标候选数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组对应的当前候选数据,直至得到各个数据组间隔点。
其中,当前候选数据可以是当前候选数据组中的首位候选数据,目标候选数据可以是上一个候选数据组中的末位候选数据,具体可以是待查询设备获取当前候选数据组,获取当前候选数据组中的首位候选数据,获取上一个候选数据组中的末位候选数据,根据首位候选数据和末位候选数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组中的首位候选数据,直至得到数据组间隔点。
例如,当前候选数据组为:[317、553],上一个候选数据组为:[55、270],当前候选数据为当前候选数据组中的首位候选数据为:317,目标候选数据为上一个候选数据组中的末位候选数据:270,则当前候选数据组间隔点可以是根据首位候选数据和末位候选数据计算得到当前数据组间隔点:(270+317)/2=293.5。
在另一个实施例中,数据组间隔点的确定方式自定义还可以是,获取当前候选数据组,获取当前 候选数据组对应的当前候选数据,获取上一个候选数据组对应的目标候选数据,可以随机从当前候选数据和目标候选数据之间任意选取一个数字确定为当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组对应的当前候选数据,直至得到各个数据组间隔点。
其中,当前候选数据可以是当前候选数据组中的首位候选数据,目标候选数据可以是上一个候选数据组中的末位候选数据,具体可以是待查询设备获取当前候选数据组,获取当前候选数据组中的首位候选数据,获取上一个候选数据组中的末位候选数据,随机从首位候选数据和末位候选数据之间任意选取一个数字确定为当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组对应的当前候选数据,直至得到各个数据组间隔点。
例如,当前候选数据组为:[317、553],上一个候选数据组为:[55、270],当前候选数据为当前候选数据组中的首位候选数据为:317,目标候选数据为上一个候选数据组中的末位候选数据:270,则当前候选数据组间隔点可以是随机从首位候选数据和末位候选数据之间任意选取的一个数字,例如,可以选取300为当前候选数据组间隔点。
例如,候选数据集合中的所有候选数据都通过相同的hash(哈希)函数通过以下公式处理得到目标候选数据,由目标候选数据组成目标候选数据集合:
Figure PCTCN2020140678-appb-000001
然后,将目标候选数据按照一定的顺序进行排序,其中,一定的顺序可以是升序,也可以是降序,按照每组固定的大小的方式进行分组,得到多个候选数据组;固定的大小可以根据业务需求、产品需求或者实际应用场景进行预先确定得到。在另一个实施例中,在将目标候选数据按照一定的顺序进行排序后,还可以按照每组不同的大小的方式进行分组,即可以按照每组非固定的大小的方式进行分组,每个候选数据组对应的分组大小可以根据业务需求、产品需求以及实际应用场景具体确定得到,其中,在又一个实施例中,各个候选数据组对应的分组大小有些可以相同,有些可以不同,具体可以根据实际情况确定得到。
进一步地,再根据各个候选数据组中的目标候选数据计算得到数据组间隔点,对这些数据组间隔点进行排序,从而得到有序数据组间隔点。具体地,当查询设备发送数据查询请求至待查询设备时,待查询设备根据数据查询请求获取有序间隔点集合,并将获取到的有序间隔点集合返回至查询设备。
步骤203:获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号。
其中,待查询数据是等待进行查询的数据。其中,待查询数据可以是经过hash(哈希)函数处理后的数据,待查询数据可以从本地数据库中调用得到,也可以通过其他设备获取得到,具体可以根据业务需求、实际应用场景、产品需求确定得到。而这里的当前数据组序号是待查询数据所在的数据组对应的序号,具体地,在接收到有序间隔点集后,可以根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号,具体可以是,根据待查询数据从有序间隔点集中获取对应的相邻的两个目标间隔点,再根据两个目标间隔点确定待查询数据对应的当前数据组序号。其中,若待查询数据与相邻的两个目标间隔点中 的一个相等,或者待查询数据只有一个相邻间隔点,则说明待查询数据不在候选数据集合中,结束数据查询。
例如,候选数据集合进行hash函数处理得到的目标候选数据集合为:55、270、317、553、682、847,对目标候选数据集合进行分组,得到:[55、270]、[317、553]、[682、847],有序间隔点集为:第一组和第二组之间的数据组间隔点为293.5、第二组和第三组之间的数据组间隔点为617.5,若待查询数据进行hash函数处理后为583,由于待查询数据位于293.5和617.5之间,因此,可以确定待查询数据对应的当前数据组序号为2,即待查询数据如果要插入候选数据集合中,则需要插入第二组中。其中,第一组和第二组之间的数据组间隔点可以根据第一组的末位目标候选数据和第二组的首位目标候选数据进行计算得到的,例如,第一组的末位目标候选数据为270,第二组的首位目标候选数据为317,第一组和第二组之间的数据组间隔点可以为:(270+317)/2=293.5。同样地,第二组和第三组之间的数据组间隔点可以根据第二组的末位目标候选数据和第三组的首位目标候选数据进行计算得到的,例如,第二组的末位目标候选数据为553,第三组的首位目标候选数据为682,第二组和第三组之间的数据组间隔点可以为:(553+682)/2=617.5。
步骤204:对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据。
其中,这里的预设加密协议是查询设备与待查询设备之间预先达成共识设置的一种加密协议,预设加密协议可以是不经意伪随机函数协议(Oblivious PseudorandomFunction-OPRF):待查询设备提供伪随机函数以及对应的随机数,查询设备提供待计算数据。在协议执行完毕后,仅查询设备获取不经意伪随机函数计算的结果。整个过程中待查询设备无法获取查询设备的计算数据和计算结果,查询设备也无法学习到待查询设备的伪随机函数以及对应的随机数。
具体地,在获取到待查询数据后,获取查询设备与待查询设备之间预先约定好的预设加密协议,具体可以是,获取查询设备与待查询设备之间预先约定好的不经意伪随机函数协议,由于不经意伪随机函数协议执行完毕后,查询设备可以获取不经意伪随机函数的计算结果,而这个计算结果就是待查询数据对应的待查询加密数据。其中,待查询加密数据是已经加密过的数据,其他设备无法经过破解、或者其他方式进行解密得到待查询数据。
在一个实施例中,待查询数据执行不经意伪随机函数协议的执行过程可以是,获取预设加密密钥对,预设加密密钥对包括第一加密密钥和第二加密密钥,接收待查询设备发送的第一加密数据和第二加密数据,随机生成第一随机数,根据第一随机数和第一加密密钥计算得到第三加密数据,根据第一加密数据、待查询数据、第二加密数据计算得到第四加密数据。进一步地,将第三加密数据、第四加密数据和第一加密密钥发送至待查询设备中,以使待查询设备随机生成第二随机数,根据第四加密数据计算得到第五加密数据,根据第五加密数据和预设加密模长计算得到第六加密数据,根据第六加密数据和第三加密数据计算得到第七加密数据,根据预设公共参数和第二随机数计算得到第八加密数据,根据第七加密数据、第一加密密钥和第八加密数据计算得到第九加密数据。其中,预设公共参数和预设加密模长可以根据业务需求、 产品需求或实际应用场景预先确定得到的。最后,查询设备接收待查询设备返回的第七加密数据和第九加密数据,根据第七加密数据和第九加密数据计算得到待查询数据对应的待查询加密数据。
例如,查询设备中的加密密钥对可以为(pk c,sk c),第一加密密钥为pk c,第二机密密钥为sk c,第一加密数据为
Figure PCTCN2020140678-appb-000002
第二加密数据为pk s,第一随机数为a,第三加密数据为
Figure PCTCN2020140678-appb-000003
第四加密数据为
Figure PCTCN2020140678-appb-000004
第二随机数为d s,第五加密数据为b,第六加密数据为r,第七加密数据为
Figure PCTCN2020140678-appb-000005
第八加密数据为
Figure PCTCN2020140678-appb-000006
第九加密数据为v s,待查询加密数据为f k(x),x为待查询数据,g为预设公共参数,n为预设加密模长,具体过程可以是:1、待查询设备随机生成不经意伪随机函数的随机数k,获取伪随机函数为f k(x)=g(k+x) -1,当前预设加密密钥对(pk s,sk s),待查询设备计算
Figure PCTCN2020140678-appb-000007
并将
Figure PCTCN2020140678-appb-000008
发送至查询设备。
2、查询设备接收到
Figure PCTCN2020140678-appb-000009
后,随机生成随机数a,计算得到:
Figure PCTCN2020140678-appb-000010
Figure PCTCN2020140678-appb-000011
并将
Figure PCTCN2020140678-appb-000012
发送至待查询设备中。
3、待查询设备接收到
Figure PCTCN2020140678-appb-000013
后,随机生成随机数d s,计算得到:
Figure PCTCN2020140678-appb-000014
r=b -1mod n=(ax+ak) -1mod n,
Figure PCTCN2020140678-appb-000015
Figure PCTCN2020140678-appb-000016
并将
Figure PCTCN2020140678-appb-000017
发送至查询设备中。
4、查询设备接收到
Figure PCTCN2020140678-appb-000018
后,计算得到:
Figure PCTCN2020140678-appb-000019
输出
Figure PCTCN2020140678-appb-000020
步骤205:将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集。
其中,在预设加密协议执行的同时,将当前数据组序号发送至待查询设备中,待查询设备接收到当前数据组序号后,获取当前数据组序号对应的至少一个当前数据,这里的当前数据可以是指当前数据组序号内的数据元素,当前数据可以是当前数据组序号内的所有数据,也可以是当前数据组序号内的目标数据,目标数据的数量可以根据业务需求、实际应用情况确定得到,其中,候选数据集合经过处理后得到目标候选数据集合,并对目标候选数据集合进行分组,得到多个候选数据组,各个候选数据组内都包括相应的目标候选数据和相应的组序号,在一个实施例中,可将当前数据组序号内的所有目标候选数据都可作为当前数据。
其中,在获取当前数据组序号对应的至少一个当前数据的同时,随机生成一个预设随机数,根据预设随机数获取对应的当前加密函数,这里的当前加密函数是用来进行加密计算的,当前加密函数可以是不经意伪随机函数,使用当前加密函数对当前数据组序号内的当前数据进行加密处理,具体可以是,使用不经意伪随机函数对当前数据组序号内的当前数据进行加密处理,得到当前加密数据集。进一步地,可以根据当前机密数据集中的数据元素构建当前加密代数式,当前加密代数式可以是但不限于多项式,当前加密代数式包括多个当前计算单元项,各个当前计算单元项包括对应的当前代数式系数。
进一步地,在构建得到当前加密代数式后,可以根据当前加密代数式生成当前坐标数据集,具体 地,可以根据当前加密代数式随机生成非零的当前坐标数据集,具体可以是,随机赋予当前加密代数式中未知量相应的值,从而求得非零的当前坐标数据集。例如,当前加密代数式为:f i(x)=a 0+a 1x+a 2x 2,当前加密代数式中的未知量为x,则随机赋予x相应的值,可以赋予x相应的值为1、2、3,分别求得当前坐标数据集,当前坐标数据集可以为(1,f i(1))、(2,f i(2))、(3,f i(3))。
步骤206:接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数。
其中,待查询设备生成得到当前坐标数据集后,会将当前坐标数据集发送至查询设备,查询设备接收到当前坐标数据集后,可以根据待查询加密数据和当前坐标数据集生成目标加密代数式,具体可以是,先获取目标加密代数式的目标代数式结构,目标代数式结果在目标加密代数式生成之前会预先根据业务需求、实际应用场景或产品需求进行确定得到的,在获取到目标代数式结构后,可以将待查询加密数据和待查询数据组成待查询坐标数据,将待查询坐标数据和当前坐标数据集中各个当前坐标数据分别作为目标代数式结构的未知量的取值和相应的结果,从而求得目标代数式结构各个目标计算单元项对应的目标代数式系数,最后得到目标加密代数式。
例如,目标加密代数式的目标代数式结构为f b(x)=b 0+b 1x+b 2x 2,待查询加密数据和待查询数据组成待查询坐标数据为:(3,5),当前坐标数据集中的当前坐标数据为:(2,8),(5,9),将待查询坐标数据的3作为目标代数式结构中的x对应的值,5作为目标代数式结构中的f b(x),同样地,将当前坐标数据的2作为目标代数式结构中的x对应的值,8作为目标代数式结构中的f b(x),将当前坐标数据的5作为目标代数式结构中的x对应的值,9作为目标代数式结构中的f b(x),解方程得到b 0、b 1和b 2
在另一个实施例中,查询设备接收到当前坐标数据集后,可以根据待查询加密数据和当前坐标数据集生成目标加密代数式,具体还可以是,先获取目标加密代数式的目标代数式结构,目标代数式结果在目标加密代数式生成之前会预先根据业务需求、实际应用场景或产品需求进行确定得到的,在获取到目标代数式结构后,可以将待查询加密数据和待查询数据组成待查询坐标数据,将待查询坐标数据和当前坐标数据集中各个当前坐标数据通过插值法还原目标加密代数式。其中,插值法还原法是现有的计算方法,具体的计算过程在此不作任何赘述。
进一步地,在得到目标加密代数式后,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数。例如,目标加密代数式为:b 0+b 1x+b 2x 2,目标加密代数式包括多个目标计算单元:b 0、b 1x、b 2x 2,各个目标计算单元项包括相应的目标代数式系数:b 0、b 1、b 2
步骤207:将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果。
步骤208:接收查询结果。
具体地,查询设备在生成目标加密代数式后,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数,目标加密代数式包括多个目标计算单元项,各个目标计算单元 项包括对应的目标代数式系数。将各个目标计算单元项对应的目标代数式系数发送至待查询设备。
进一步地,待查询设备接收到目标代数式系数后,获取当前加密代数式对应的各个当前计算单元项,获取各个当前计算单元项对应的当前代数式系数。可以根据当前代数式系数和目标代数式系统确定待查询数据对应的查询结果。其中,确定待查询数据对应的查询结果可以是,比较当前代数式系数和相应的目标代数式系数是否都相同,如果当前代数式系数与对应的目标代数式系数都相同,说明待查询数据是候选数据集合中的一个元素,因此查询结果为确定待查询数据在候选数据集合中。
反之,如果任一当前代数式系数与对应的目标代数式系数不相同时,说明待查询数据不是候选数据集合中的一个元素,因此,可以确定查询结果为待查询数据不在候选数据集合中。
例如,当前加密代数式为:a 0+a 1x+a 2x 2,当前加密代数式包括多个当前计算单元,a 0、a 1x、a 2x 2,各个当前计算单元项包括相应的当前代数式系数:a 0、a 1、a 2,目标加密代数式为:b 0+b 1x+b 2x 2,目标加密代数式包括多个目标计算单元:b 0、b 1x、b 2x 2,各个目标计算单元项包括相应的目标代数式系数:b 0、b 1、b 2。如果a 0与b 0相同,a 1与b 1相同,a 2与b 2相同,则确定查询结果为确定待查询数据在候选数据集合中。反之,如果有任一当前代数式系数与对应的目标代数式系数不相同时,则可以确定查询结果为待查询数据不在候选数据集合中。如a 0与b 0不同,则确定查询结果为待查询数据不在候选数据集合中。
上述数据查询方法中,发送数据查询请求至待查询设备;接收有序间隔点集,有序间隔点集包括待查询设备根据数据查询请求获取与候选数据集合对应的有序数据组间隔点;获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号;对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据;将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集;接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果;接收查询结果。
因此,由于待查询设备发送查询设备的有序间隔点集本身不是待查询设备内的候选数据集合,这些有序间隔点集中的有序数据组间隔点本身就是没有意义的,并没有将待查询设备内的候选数据集合发送至查询设备中,避免了待查询设备内的候选数据集合泄露,保证了查询数据的隐私性,而且待查询设备和查询设备发送给对方的数据都是通过保密的大质数进行加密计算得到的,由于自己的数据和指数都是保密的,互相无法反推出对方的真实数据,从而提高查询数据的安全性和隐私性。而且,待查询设备发送给查询设备的当前坐标数据集也是由当前加密函数处理后的数据生成的目标加密代数式随机产生的,如果查询设备的待查询数据在候选数据集合中,就能够还原出正确的目标加密代数式,但是由于查询设备中的待查询数据通过目标加密代数式隐藏在系数中,查询设备无法确定待查询设备中的候选数据,只能确定待查询数据是否在候选数据集合中,查询设备与待查询设备都无法反推出对方的隐私数据,从而保证了隐私数据 的保密性。
在一个实施例中,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号,包括:
步骤301:从有序间隔点集中获取与待查询数据对应的相邻的两个目标间隔点。
步骤302:根据两个目标间隔点确定待查询数据对应的当前数据组序号。
其中,根据各个候选数据组中的数据确定对应的数据组间隔点,具体可以是,获取当前候选数据组,获取当前候选数据组对应的当前候选哈希数据,获取上一个候选数据组对应的目标候选哈希数据,根据当前候选哈希数据与目标候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组对应的当前候选哈希数据,直至得到各个数据组间隔点,各个数据组间隔点之间进行排序,得到有序数据组间隔点集。其中,当前候选哈希数据可以是当前候选数据组的第一个候选哈希数据,而目标候选哈希数据可以是上一个候选数据组的最后一个候选哈希数据。
其中,第一组和第二组之间的数据组间隔点可以根据第一组的末位候选哈希数据和第二组的首位候选哈希数据进行计算得到的,例如,第一组的末位候选哈希数据为270,第二组的首位候选哈希数据为317,第一组和第二组之间的数据组间隔点可以为:(270+317)/2=293.5。同样地,第二组和第三组之间的数据组间隔点可以根据第二组的末位候选哈希数据和第三组的首位候选哈希数据进行计算得到的,例如,第二组的末位候选哈希数据为553,第三组的首位候选哈希数据为682,第二组和第三组之间的数据组间隔点可以为:(553+682)/2=617.5。依次类推,第三组和第四组之间的数据组间隔点可以根据第三组末位候选哈希数据和第四组首位候选哈希数据进行计算得到的,例如,第三组末位候选哈希数据为847,第四组的首位候选哈希数据为987,第三组和第四组之间的数据组间隔点可以为:(847+987)/2=917。
在一个实施例中,数据查询方法还包括:
步骤401:发送当前有序间隔点集版本号查询请求至待查询设备,当前有序间隔点集版本号查询请求包括当前有序间隔点集版本号,以使待查询设备获取候选有序间隔点集版本号,比较当前有序间隔点集版本号和候选有序间隔点集版本号是否一致,若一致,则确定为第一版本号信息,若不一致,则确定为第二版本号信息,并返回,其中候选有序间隔点集版本号为待查询设备中目前有序间隔点集对应的版本号。
步骤402:接收待查询设备返回的第一版本号信息,获取历史有序间隔点集,则将历史有序间隔点集作为有序间隔点集,进入步骤获取待查询数据。
步骤403:接收待查询设备返回的第二版本号信息,则进入步骤发送数据查询请求至待查询设备。
其中,这里的当前有序间隔点集版本号查询请求是用来请求查询当前有序间隔点集版本号的,当前有序间隔点集版本号是当前有序间隔点集对应的版本标识号,每一次待查询设备发送的当前有序间隔点集都包括对应的当前有序间隔点集版本号,在查询设备第一次向待查询设备发送有序间隔点集版本号查询请求时,会保存待查询设备返回的有序间隔点集版本号,在后续查询时,查询设备携带当前有序间隔点集版本号查询请求向待查询设备查询时,待查询设备比较当前有序间隔点集版本号与本地存储的候选间隔点集版本号是否一致,若一致,则确定为第一版本号信息,若不一致,则确定为第二版本号信息,并将第一 版本号信息或第二版本号信息返回至查询设备。
进一步地,查询设备接收到第一版本号信息,说明当前有序间隔点集版本号与待查询设备本地存储的候选间隔点集版本号一致,则可以将查询设备本身缓存的有序间隔点确定为有序间隔点集,具体可以是,获取历史有序间隔点集,所谓历史有序间隔点集是查询设备本地缓存的有序间隔点集,将历史有序间隔点集作为有序间隔点集,进入步骤获取待查询数据。其中,若查询设备接收到的是第二版本号信息,说明当前有序间隔点集版本号与待查询设备本地存储的候选间隔点集版本号不一致,则进入步骤发送数据查询请求至待查询设备,并将后续接收到的有序间隔点集替换查询设备本地存储的历史有序间隔点集,即根据后续接收到的有序间隔点集更新本地存储的历史有序间隔点集。
在一个实施例中,预设加密协议为不经意伪随机函数协议,对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据,包括:对待查询数据执行不经意伪随机函数协议,在不经意伪随机函数协议执行完毕后,得到待查询数据对应的待查询加密数据,其中,不经意伪随机函数协议使得查询设备和待查询设备以不经意的方式交互信息。即不经意伪随机函数协议使得查询设备和待查询设备以不经意的方式交互信息。
在一个实施例中,在不经意伪随机函数协议执行完毕后,得到待查询数据对应的待查询加密数据,包括:
步骤501:获取预设加密密钥对,预设加密密钥对包括第一加密密钥和第二加密密钥。
步骤502:接收待查询设备发送的第一加密数据和第二加密数据。
步骤503:随机生成第一随机数,根据第一随机数和第一加密密钥计算得到第三加密数据,根据第一加密数据、待查询数据、第二加密数据计算得到第四加密数据。
其中,这里的预设加密密钥对是指查询设备中的密钥对,预设加密密钥对包括第一加密密钥和第二加密密钥,其中,第一加密密钥可以是公钥,第二加密密钥可以是私钥。其中,可以预先设置查询设备中的预设加密密钥对,可根据业务需求、实际应用场景或产品需求确定得到。
具体地,获取预设加密密钥对,同时接收待查询设备发送的第一加密数据和第二加密数据,待查询设备的第一加密数据和第二加密数据是通过预设加密算法机密得到的,无法破解。进一步地,在接收到待查询设备发送的第一加密数据和第二加密数据后,随机生成第一随机数,可以根据第一随机数和第一加密密钥计算得到第三加密数据,根据第一加密数据、待查询数据、第二加密数据计算得到第四加密数据。其中,第三加密数据和第四加密数据可以根据相应的加密算法计算得到。例如,加密密钥对可以为(pk c,sk c),第一加密密钥为pk c,第二机密密钥为sk c,第一加密数据为
Figure PCTCN2020140678-appb-000021
第二加密数据为pk s,第一随机数为a,第三加密数据为
Figure PCTCN2020140678-appb-000022
第四加密数据为
Figure PCTCN2020140678-appb-000023
具体地,待查询设备随机生成不经意伪随机函数的随机数k,获取伪随机函数为
Figure PCTCN2020140678-appb-000024
当前预设加密密钥对(pk s,sk s),待查询设备计算
Figure PCTCN2020140678-appb-000025
并将
Figure PCTCN2020140678-appb-000026
发送至查询设备。然后,查询设备接收到
Figure PCTCN2020140678-appb-000027
后,随机生成随机数a,计算得到:
Figure PCTCN2020140678-appb-000028
Figure PCTCN2020140678-appb-000029
并将
Figure PCTCN2020140678-appb-000030
发送至待查询设备中。
步骤504:将第三加密数据、第四加密数据和第一加密密钥发送至待查询设备中,以使待查询设 备随机生成第二随机数,根据第四加密数据计算得到第五加密数据,根据第五加密数据和预设加密模长计算得到第六加密数据,根据第六加密数据和第三加密数据计算得到第七加密数据,根据预设公共参数和第二随机数计算得到第八加密数据,根据第七加密数据、第一加密密钥和第八加密数据计算得到第九加密数据。
步骤505:接收待查询设备返回的第七加密数据和第九加密数据,根据第七加密数据和第九加密数据计算得到待查询数据对应的待查询加密数据。其中,查询设备在计算得到第三加密数据、第四加密数据后,将第三加密数据、第四加密数据和第一加密密钥发送至待查询设备中,待查询设备在接收到第三加密数据、第四加密数据和第一加密密钥后,随机生成第二随机数,可以根据第四加密数据计算得到第五加密数据,具体的计算方法可以根据相应的加密算法计算得到,对第四加密数据进行加密处理,得到第二加密数据。进一步地,在得到第五加密数据后,可以根据第五加密数据和预设加密模长计算得到第七加密数据,根据预设公共参数和第二随机数计算得到第八加密数据,根据第七加密数据、第一加密密钥和第八加密数据计算得到第九加密数据。其中,各个加密数据对应的加密方式都可以根据相应的加密算法计算得到,而加密算法预先根据业务需求、实际应用场景、产品需求确定得到,各个加密数据的加密算法可以不同。
在一个实施例中,当前加密函数为当前不经意伪随机函数,将当前数据组序号发送至待查询设备中,以使待查询设备获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集,包括:将当前数据组序号发送至待查询设备中,以使待查询设备随机生成预设随机数,获取预设随机数对应的当前不经意伪随机函数,获取当前数据组序号对应的至少一个当前数据,根据当前不经意伪随机函数对至少一个当前数据进行处理,得到至少一个当前数据对应的当前加密数据集,将当前加密数据集中的当前加密数据作为根,构建当前加密代数式,根据当前加密代数式随机生成非零的当前坐标数据集,当前加密代数式包括多个当前计算单元项。其中,在预设加密协议执行的同时,将当前数据组序号发送至待查询设备中,待查询设备接收到当前数据组序号后,获取当前数据组序号对应的至少一个当前数据,这里的当前数据可以是指当前数据组序号内的数据元素,当前数据可以是当前数据组序号内的所有数据,也可以是当前数据组序号内的目标数据,目标数据的数量可以根据业务需求、实际应用情况确定得到,其中,候选数据集合经过处理后得到目标候选数据集合,并对目标候选数据集合进行分组,得到多个候选数据组,各个候选数据组内都包括相应的目标候选数据和相应的组序号,在一个实施例中,可以将当前数据组序号内的所有目标候选数据都确定为当前数据。
其中,在获取当前数据组序号对应的至少一个当前数据的同时,随机生成一个预设随机数,根据预设随机数获取对应的当前加密函数,这里的当前加密函数是用来进行加密计算的,当前加密函数可以是不经意伪随机函数,使用当前加密函数对当前数据组序号内的当前数据进行加密处理,具体可以是,使用不经意伪随机函数对当前数据组序号内的当前数据进行加密处理,得到当前加密数据集。进一步地,可以根据当前机密数据集中的数据元素构建当前加密代数式,当前加密代数式可以是但不限于多项式,当前加密代数式包括多个当前计算单元项,各个当前计算单元项包括对应的当前代数式系数。
进一步地,在构建得到当前加密代数式后,可以根据当前加密代数式生成当前坐标数据集,具体地,可以根据当前加密代数式随机生成非零的当前坐标数据集,具体可以是,随机赋予当前加密代数式中未知量相应的值,从而求得非零的当前坐标数据集。例如,当前加密代数式为:f i(x)=a 0+a 1x+a 2x 2,当前加密代数式中的未知量为x,则随机赋予x相应的值,可以赋予x相应的值为1、2、3,分别求得当前坐标数据集,当前坐标数据集可以为(1,f i(1))、(2,f i(2))、(3,f i(3))。
在一个实施例中,根据待查询加密数据和当前坐标数据集生成目标加密代数式,包括:
步骤601:获取待查询加密数据对应的加密坐标数据。
步骤602:根据加密坐标数据和当前坐标数据集计算得到目标加密代数式。
其中,加密坐标数据可以是由待查询数据与待查询加密数据组成的坐标对,例如,待查询数据为x,待查询加密数据为y,则加密坐标数据为:(x,y)。进一步地,在获取到加密坐标数据后,可以根据加密坐标数据和当前坐标数据集中的当前坐标数据计算得到目标加密代数式,具体可以是,先获取目标加密代数式的目标代数式结构,目标代数式结果在目标加密代数式生成之前会预先根据业务需求、实际应用场景或产品需求进行确定得到的,在获取到目标代数式结构后,可以将待查询加密数据和待查询数据组成待查询坐标数据,将待查询坐标数据和当前坐标数据集中各个当前坐标数据分别作为目标代数式结构的未知量的取值和相应的结果,从而求得目标代数式结构各个目标计算单元项对应的目标代数式系数,最后得到目标加密代数式。例如,目标加密代数式的目标代数式结构为f b(x)=b 0+b 1x+b 2x 2,待查询加密数据和待查询数据组成待查询坐标数据为:(3,5),当前坐标数据集中的当前坐标数据为:(2,8),(5,9),将待查询坐标数据的3作为目标代数式结构中的x对应的值,5作为目标代数式结构中的f b(x),同样地,将当前坐标数据的2作为目标代数式结构中的x对应的值,8作为目标代数式结构中的f b(x),将当前坐标数据的5作为目标代数式结构中的x对应的值,9作为目标代数式结构中的f b(x),解方程得到b 0、b 1和b 2
在一个实施例中,当前加密代数式包括多个当前计算单元项,各个当前计算单元项包括对应的当前代数式系数,将目标代数式系数发送至待查询设备,以使待查询设备根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果,包括:步骤701:将各个目标计算单元项对应的目标代数式系数发送至待查询设备,以使待查询设备获取当前加密代数式中各个当前计算单元项对应的当前代数式系数,比较当前代数式系数和对应的目标代数式系数是否都相同,在当前代数式系数与对应的目标代数式系数都相同时,确定待查询数据在候选数据集合中。步骤702:反之,在任一当前代数式系数与对应的目标代数式系数不相同时,确定待查询数据不在候选数据集合中。
在一个实施例中,有序间隔点集的生成步骤包括:
步骤801:待查询设备获取候选数据集合,候选数据集合包括至少一个候选数据。
步骤802:待查询设备根据预设哈希函数对候选数据集合中的候选数据进行处理,得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据。其中,对候选数据集合进行处理,得到目标候选数据集,具体可以是,获取预设哈希函数,通过预设哈希函数对候选数据集合中的各个候选数据进行哈希处理,得到相应的候选哈希数据,由各个候选哈希数据组成目标候选数据集合。
步骤803:待查询设备按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组。
步骤804:待查询设备根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个数据组间隔点生成有序数据组间隔点集。
具体地,待查询设备在得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据后,再对目标候选数据集合进行分组,得到多个候选数据组,根据各个候选数据组中的数据确定对应的数据组间隔点,对这些数据组间隔点进行排序,得到有序数据组间隔点集。其中,具体可以是,待查询设备按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组,其中,预设的规则可以是对目标候选数据集合中的候选哈希数据进行排序,排序可以是升序或降序,得到排序后的目标候选数据集合,再根据预设分组大小对排序后的目标候选数据集合进行分组,从而得到多个候选数据组。具体可以是,可以根据升序的规则对目标候选数据集合中的候选哈希数据进行排序,或者可以根据降序的规则对目标候选数据集合中的候选哈希数据进行降序,得到排序后的目标候选数据集合,再获取预设分组大小,所谓分组大小是指相应组对应的最大承受能力,预设分组大小可以根据业务需求、应用场景或产品需求进行确定得到,根据预设分组大小对排序后的目标候选数据集合进行分组,得到分组后的各个候选数据组。
例如,候选数据集合进行hash函数处理得到的目标候选数据集合为:55、270、317、553、682、847、987、1203,对目标候选数据集合进行分组,得到:[55、270]、[317、553]、[682、847]、[987、1203],有序间隔点集为:第一组和第二组之间的数据组间隔点为293.5、第二组和第三组之间的数据组间隔点为617.5。依次类推,第三组和第四组之间的数据组间隔点可以根据第三组末位候选哈希数据和第四组首位候选哈希数据进行计算得到的,例如,第三组末位候选哈希数据为847,第四组的首位候选哈希数据为987,第三组和第四组之间的数据组间隔点可以为:(847+987)/2=917。
其中,根据各个候选数据组中的数据确定对应的数据组间隔点的确定方式可自定义,自定义可以是获取当前候选数据组,获取当前候选数据组对应的当前候选哈希数据,获取上一个候选数据组对应的目标候选哈希数据,根据当前候选哈希数据与目标候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组对应的当前候选哈希数据,直至得到各个数据组间隔点。其中,当前候选哈希数据可以是当前候选数据组中的首位候选哈希数据,目标候选哈希数据可以是上一个候选数据组中的末位候选哈希数据,具体可以是待查询设备获取当前候选数据组,获取当前候选数据组中的首位候选哈希数据,获取上一个候选数据组中的末位候选哈希数据,根据首位候选哈希数据和末位候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组中的首位候选哈希数据,直至得到数据组间隔点。
在另一个实施例中,数据组间隔点的确定方式自定义还可以是,获取当前候选数据组,获取当前候选数据组对应的当前候选哈希数据,获取上一个候选数据组对应的目标候选哈希数据,可以随机从当前候选哈希数据和目标候选哈希数据之间任意选取一个数字确定为当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组对应的当前候选哈希数据, 直至得到各个数据组间隔点。其中,可以随机从首位候选哈希数据和末位候选哈希数据之间任意选取一个数字确定为当前数据组间隔点,获取下一个候选数据组,例如当前候选数据组为:[317、553],上一个候选数据组为:[55、270],当前候选哈希数据为当前候选数据组中的首位候选哈希数据为:317,目标候选哈希数据为上一个候选数据组中的末位候选哈希数据:270,则当前候选数据组间隔点可以是随机从首位候选哈希数据和末位候选哈希数据之间任意选取的一个数字,例如可以选取300为当前候选数据组间隔点。
在一个实施例中,待查询设备根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,包括:待查询设备获取当前候选数据组,获取当前候选数据组中的当前候选哈希数据,获取上一个候选数据组中的目标候选哈希数据,根据当前候选哈希数据和目标候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组中的当前候选哈希数据,直至得到数据组间隔点。其中,当前候选数据组可以从各个候选数据组中随机抽取一个作为当前候选数据组,或者还可以是依次将候选数据组确定为当前候选数据组。
在另一个实施例中,当前候选哈希数据可以是当前候选数据组中的首位候选哈希数据,目标候选哈希数据可以是上一个候选数据组中的末位候选哈希数据,具体可以是待查询设备获取当前候选数据组,获取当前候选数据组中的首位候选哈希数据,获取上一个候选数据组中的末位候选哈希数据,根据首位候选哈希数据和末位候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组中的首位候选哈希数据,直至得到数据组间隔点。
在一个实施例中,提供了一种数据集处理方法,以该方法应用于图1中的待查询设备为例进行说明,包括以下步骤:步骤901:获取候选数据集合,候选数据集合包括至少一个候选数据。步骤902:根据预设哈希函数对候选数据集合中的至少一个候选数据进行处理,得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据。步骤903:按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组。步骤904:根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个数据组间隔点生成有序数据组间隔点集。
在一个实施例中,数据集处理方法还包括:接收新增加的候选哈希数据,将新增加的候选哈希数据插入其对应的第一数据组内,判断第一数据组内的数据数量是否超出设定范围,若是,则从第一数据组内重新确定数据组间隔点,根据各个数据组间隔点更新有序数据组间隔点集。其中,这里的第一数据组是指新增加的候选哈希数据需要插入的数据组,可以根据各个数据组间隔点确定新增加的候选哈希数据对应的第一数据组,再第一数据组内的数据数量是否超出设定范围,若是,则从第一数据组内后重新确定数据组间隔点,根据各个数据组间隔点更新有序数据组间隔点集。例如,第一组和第二组之间的数据组间隔点为293.5、第二组和第三组之间的数据组间隔点为617.5,新增加的候选哈希数据为530,则确定新增加的候选哈希数据为第二组为第一数据组,再判断第一数据组内的数据数量是否超出设定范围,若是,则从第一数据组内后重新确定数据组间隔点,根据各个数据组间隔点更新有序数据组间隔点集。
需要说明的是,在上述流程中或者附图的流程图中示出的步骤可以在诸如一组计算机可执行指令的计算机系统中执行,并且,虽然在流程图中示出了逻辑顺序,但是在某些情况下,可以以不同于此处的 顺序执行所示出或描述的步骤。
在一个实施例中,如图3所示,提供了一种数据查询系统1000,包括:查询设备1001,用于获取数据查询请求,并将数据查询请求发送至待查询设备。待查询设备1002,用于根据数据查询请求获取与候选数据集合对应的有序间隔点集,并将有序间隔点集返回至查询设备,有序间隔点集包括候选数据集合对应的有序数据组间隔点。查询设备1001,还用于接收有序间隔点集,获取待查询数据,根据待查询数据和有序间隔点集确定待查询数据对应的当前数据组序号,对待查询数据执行预设加密协议,在预设加密协议执行完毕后得到待查询数据对应的待查询加密数据,将当前数据组序号发送至待查询设备。待查询设备1002,还用于获取当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据当前加密函数对至少一个当前数据进行加密计算,得到当前加密数据集,根据当前加密数据集构建当前加密代数式,根据当前加密代数式生成当前坐标数据集,并将当前坐标数据集返回至查询设备。查询设备1001,还用于接收当前坐标数据集,根据待查询加密数据和当前坐标数据集生成目标加密代数式,目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数,将目标代数式系数发送至待查询设备。待查询设备1002,还用于根据目标代数式系数和当前加密代数式确定待查询数据对应的查询结果,并返回查询结果至查询设备。查询设备1001,还用于接收查询结果。
在一个实施例中,如图4所示,提供了一种数据集处理装置1200,包括:候选数据集合获取模块1201、目标候选数据集合获取模块1202、目标候选数据集合分组模块1203、有序数据组间隔点集生成模块1204,其中:候选数据集合获取模块1201,用于获取候选数据集合,候选数据集合包括至少一个候选数据。目标候选数据集合获取模块1202,用于根据预设哈希函数对候选数据集合中的至少一个候选数据进行处理,得到目标候选数据集合,目标候选数据集合包括至少一个候选哈希数据。目标候选数据集合分组模块1203,用于按照预设的规则对目标候选数据集合进行分组,得到多个候选数据组。有序数据组间隔点集生成模块1204,用于根据各个候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个数据组间隔点生成有序数据组间隔点集。
以上所述实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对申请专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。

Claims (16)

  1. 一种数据查询方法,其特征在于,所述方法包括:
    发送数据查询请求至待查询设备;
    接收有序间隔点集,所述有序间隔点集包括所述待查询设备根据所述数据查询请求获取与候选数据集合对应的有序数据组间隔点;
    获取待查询数据,根据所述待查询数据和所述有序间隔点集确定所述待查询数据对应的当前数据组序号;
    对所述待查询数据执行预设加密协议,在所述预设加密协议执行完毕后得到所述待查询数据对应的待查询加密数据;
    将所述当前数据组序号发送至所述待查询设备中,以使所述待查询设备获取所述当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据所述当前加密函数对至少一个所述当前数据进行加密计算,得到当前加密数据集,根据所述当前加密数据集构建当前加密代数式,根据所述当前加密代数式生成当前坐标数据集;
    接收所述当前坐标数据集,根据所述待查询加密数据和所述当前坐标数据集生成目标加密代数式,所述目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;
    将所述目标代数式系数发送至所述待查询设备,以使所述待查询设备根据所述目标代数式系数和所述当前加密代数式确定所述待查询数据对应的查询结果;
    接收所述查询结果。
  2. 根据权利要求1所述的方法,其特征在于,所述根据所述待查询数据和所述有序间隔点集确定所述待查询数据对应的当前数据组序号,包括:
    从所述有序间隔点集中获取与所述待查询数据对应的相邻的两个目标间隔点;
    根据所述两个目标间隔点确定所述待查询数据对应的当前数据组序号。
  3. 根据权利要求1所述的方法,其特征在于,所述方法还包括:
    发送当前有序间隔点集版本号查询请求至待查询设备,所述当前有序间隔点集版本号查询请求包括当前有序间隔点集版本号,以使所述待查询设备获取候选有序间隔点集版本号,比较所述当前有序间隔点集版本号和所述候选有序间隔点集版本号是否一致,若一致,则确定为第一版本号信息,若不一致,则确定为第二版本号信息,并返回,其中候选有序间隔点集版本号为待查询设备中目前有序间隔点集对应的版本号;
    接收所述待查询设备返回的第一版本号信息,获取历史有序间隔点集,则将所述历史有序间隔点集作为有序间隔点集,进入步骤获取待查询数据,或;
    接收所述待查询设备返回的第二版本号信息,则进入步骤发送数据查询请求至待查询设备。
  4. 根据权利要求1所述的方法,其特征在于,所述预设加密协议为不经意伪随机函数协议,所述对所述待查询数据执行预设加密协议,在所述预设加密协议执行完毕后得到所述待查询数据对应的待查询加密 数据,包括:
    对所述待查询数据执行所述不经意伪随机函数协议,在所述不经意伪随机函数协议执行完毕后,得到所述待查询数据对应的待查询加密数据,其中,所述不经意伪随机函数协议使得查询设备和待查询设备以不经意的方式交互信息;
    所述在所述不经意伪随机函数协议执行完毕后,得到所述待查询数据对应的待查询加密数据,包括:
    获取预设加密密钥对,所述预设加密密钥对包括第一加密密钥和第二加密密钥;
    接收待查询设备发送的第一加密数据和第二加密数据;
    随机生成第一随机数,根据所述第一随机数和所述第一加密密钥计算得到第三加密数据,根据所述第一加密数据、所述待查询数据、所述第二加密数据计算得到第四加密数据;
    将所述第三加密数据、所述第四加密数据和所述第一加密密钥发送至所述待查询设备中,以使所述待查询设备随机生成第二随机数,根据所述第四加密数据计算得到第五加密数据,根据所述第五加密数据和预设加密模长计算得到第六加密数据,根据所述第六加密数据和所述第三加密数据计算得到第七加密数据,根据预设公共参数和所述第二随机数计算得到第八加密数据,根据所述第七加密数据、所述第一加密密钥和第八加密数据计算得到第九加密数据;
    接收所述待查询设备返回的所述第七加密数据和所述第九加密数据,根据所述第七加密数据和所述第九加密数据计算得到所述待查询数据对应的待查询加密数据。
  5. 根据权利要求1所述的方法,其特征在于,所述当前加密函数为当前不经意伪随机函数,所述将所述当前数据组序号发送至所述待查询设备中,以使所述待查询设备获取所述当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据所述当前加密函数对至少一个所述当前数据进行加密计算,得到当前加密数据集,根据所述当前加密数据集构建当前加密代数式,根据所述当前加密代数式生成当前坐标数据集,包括:
    将所述当前数据组序号发送至所述待查询设备中,以使所述待查询设备随机生成预设随机数,获取所述预设随机数对应的当前不经意伪随机函数,获取所述当前数据组序号对应的至少一个当前数据,根据所述当前不经意伪随机函数对至少一个所述当前数据进行处理,得到至少一个所述当前数据对应的当前加密数据集,将所述当前加密数据集中的当前加密数据作为根,构建当前加密代数式,根据所述当前加密代数式随机生成非零的当前坐标数据集,所述当前加密代数式包括多个当前计算单元项。
  6. 根据权利要求1所述的方法,其特征在于,所述根据所述待查询加密数据和所述当前坐标数据集生成目标加密代数式,包括:
    获取所述待查询加密数据对应的加密坐标数据;
    根据所述加密坐标数据和所述当前坐标数据集计算得到目标加密代数式。
  7. 根据权利要求1所述的方法,其特征在于,所述当前加密代数式包括多个当前计算单元项,各个当前计算单元项包括对应的当前代数式系数,所述将所述目标代数式系数发送至所述待查询设备,以使所述待查询设备根据所述目标代数式系数和所述当前加密代数式确定所述待查询数据对应的查询结果,包括:
    将各个所述目标计算单元项对应的目标代数式系数发送至所述待查询设备,以使所述待查询设备获取所述当前加密代数式中各个所述当前计算单元项对应的当前代数式系数,比较所述当前代数式系数和对应的目标代数式系数是否都相同,在所述当前代数式系数与对应的目标代数式系数都相同时,确定所述待查询数据在所述候选数据集合中;
    反之,在任一所述当前代数式系数与对应的目标代数式系数不相同时,确定所述待查询数据不在所述候选数据集合中。
  8. 根据权利要求1所述的方法,其特征在于,所述有序间隔点集的生成步骤包括:
    待查询设备获取候选数据集合,所述候选数据集合包括至少一个候选数据;
    所述待查询设备根据预设哈希函数对所述候选数据集合中的候选数据进行处理,得到目标候选数据集合,所述目标候选数据集合包括至少一个候选哈希数据;
    所述待查询设备按照预设的规则对所述目标候选数据集合进行分组,得到多个候选数据组;
    所述待查询设备根据各个所述候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个所述数据组间隔点生成有序数据组间隔点集。
  9. 根据权利要求8所述的方法,其特征在于,所述待查询设备根据各个所述候选数据组中的候选哈希数据确定对应的数据组间隔点,包括:
    所述待查询设备获取当前候选数据组,获取当前候选数据组中的当前候选哈希数据,获取上一个候选数据组中的目标候选哈希数据,根据所述当前候选哈希数据和所述目标候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将所述下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组中的当前候选哈希数据,直至得到所述数据组间隔点。
  10. 一种数据集处理方法,其特征在于,包括:
    获取候选数据集合,所述候选数据集合包括至少一个候选数据;
    根据预设哈希函数对所述候选数据集合中的至少一个候选数据进行处理,得到目标候选数据集合,所述目标候选数据集合包括至少一个候选哈希数据;
    按照预设的规则对所述目标候选数据集合进行分组,得到多个候选数据组;
    根据各个所述候选数据组中的候选哈希数据确定对应的数据组间隔点,根据各个所述数据组间隔点生成有序数据组间隔点集。
  11. 根据权利要求10所述的方法,其特征在于,所述根据各个所述候选数据组中的候选哈希数据确定对应的数据组间隔点,包括:
    获取当前候选数据组,获取当前候选数据组中的当前候选哈希数据,获取上一个候选数据组中的目标候选哈希数据,根据所述当前候选哈希数据和所述目标候选哈希数据计算得到当前数据组间隔点,获取下一个候选数据组,将所述下一个候选数据组作为当前候选数据组,返回步骤获取当前候选数据组中的当前候选哈希数据,直至得到所述数据组间隔点。
  12. 根据权利要求10或11所述的方法,其特征在于,所述方法还包括:
    接收新增加的候选哈希数据,将新增加的候选哈希数据插入其对应的第一数据组内;
    判断所述第一数据组内的数据数量是否超出设定范围:
    若是,则从所述第一数据组内重新确定数据组间隔点,根据各个数据组间隔点更新有序数据组间隔点集。
  13. 一种数据查询装置,其特征在于,所述装置包括:
    查询请求发送模块,用于发送数据查询请求至待查询设备;
    有序间隔点集接收模块,用于接收有序间隔点集,所述有序间隔点集包括所述待查询设备根据所述数据查询请求获取与候选数据集合对应的有序数据组间隔点;
    待查询数据获取模块,用于获取待查询数据,根据所述待查询数据和所述有序间隔点集确定所述待查询数据对应的当前数据组序号;
    待查询加密数据生成模块,用于对所述待查询数据执行预设加密协议,在所述预设加密协议执行完毕后得到所述待查询数据对应的待查询加密数据;
    当前数据组序号发送模块,用于将所述当前数据组序号发送至所述待查询设备中,以使所述待查询设备获取所述当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据所述当前加密函数对至少一个所述当前数据进行加密计算,得到当前加密数据集,根据所述当前加密数据集构建当前加密代数式,根据所述当前加密代数式生成当前坐标数据集;
    坐标数据集接收模块,用于接收所述当前坐标数据集,根据所述待查询加密数据和所述当前坐标数据集生成目标加密代数式,所述目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数;
    代数式系数发送模块,用于将所述目标代数式系数发送至所述待查询设备,以使所述待查询设备根据所述目标代数式系数和所述当前加密代数式确定所述待查询数据对应的查询结果;
    查询结果接收模块,用于接收所述查询结果。
  14. 一种数据查询系统,其特征在于,所述系统包括:
    查询设备,用于获取数据查询请求,并将所述数据查询请求发送至待查询设备;
    待查询设备,用于根据所述数据查询请求获取与候选数据集合对应的有序间隔点集,并将所述有序间隔点集返回至所述查询设备,所述有序间隔点集包括所述候选数据集合对应的有序数据组间隔点;
    所述查询设备,还用于接收有序间隔点集,获取待查询数据,根据所述待查询数据和所述有序间隔点集确定所述待查询数据对应的当前数据组序号,对所述待查询数据执行预设加密协议,在所述预设加密协议执行完毕后得到所述待查询数据对应的待查询加密数据,将所述当前数据组序号发送至所述待查询设备;
    所述待查询设备,还用于获取所述当前数据组序号对应的至少一个当前数据,获取预设随机数对应的当前加密函数,根据所述当前加密函数对至少一个所述当前数据进行加密计算,得到当前加密数据集,根据所述当前加密数据集构建当前加密代数式,根据所述当前加密代数式生成当前坐标数据集,并将所述当前坐标数据集返回至所述查询设备;
    所述查询设备,还用于接收所述当前坐标数据集,根据所述待查询加密数据和所述当前坐标数据集生成目标加密代数式,所述目标加密代数式包括多个目标计算单元项,各个目标计算单元项包括对应的目标代数式系数,将所述目标代数式系数发送至所述待查询设备;
    所述待查询设备,还用于根据所述目标代数式系数和所述当前加密代数式确定所述待查询数据对应的查询结果,并返回所述查询结果至所述查询设备;
    所述查询设备,还用于接收所述查询结果。
  15. 一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现权利要求1至12中任一项所述方法的步骤。
  16. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现权利要求1至12中任一项所述的方法的步骤。
PCT/CN2020/140678 2020-11-10 2020-12-29 数据查询方法、装置、系统以及数据集处理方法 WO2022099893A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202011247552.4 2020-11-10
CN202011247552.4A CN112328639A (zh) 2020-11-10 2020-11-10 数据查询方法、装置、系统以及数据集处理方法

Publications (1)

Publication Number Publication Date
WO2022099893A1 true WO2022099893A1 (zh) 2022-05-19

Family

ID=74317352

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/140678 WO2022099893A1 (zh) 2020-11-10 2020-12-29 数据查询方法、装置、系统以及数据集处理方法

Country Status (2)

Country Link
CN (1) CN112328639A (zh)
WO (1) WO2022099893A1 (zh)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115412246A (zh) * 2022-11-01 2022-11-29 北京信安世纪科技股份有限公司 不经意传输方法、装置、设备和存储介质
CN115765969A (zh) * 2023-01-10 2023-03-07 蓝象智联(杭州)科技有限公司 一种基于同态加密的隐匿集合求交方法、装置及存储介质
CN117743384A (zh) * 2023-12-20 2024-03-22 北京百度网讯科技有限公司 一种数据查询方法、装置、设备和存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170357732A1 (en) * 2016-06-10 2017-12-14 Palo Alto Research Center Incorporated System and method for efficient interval search using locality-preserving hashing
CN108768651A (zh) * 2018-04-20 2018-11-06 南京搜文信息技术有限公司 支持多维区间范围查询的可搜索公钥加密方法
CN110096899A (zh) * 2019-04-29 2019-08-06 腾讯科技(深圳)有限公司 一种数据查询方法及装置
CN110618999A (zh) * 2019-08-01 2019-12-27 平安科技(深圳)有限公司 数据的查询方法及装置、计算机存储介质、电子设备
CN111198882A (zh) * 2019-12-26 2020-05-26 东软集团股份有限公司 数据的处理方法、装置、存储介质和电子设备
CN111783109A (zh) * 2019-04-04 2020-10-16 华控清交信息科技(北京)有限公司 数据查询方法、系统及存储介质

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104794237B (zh) * 2015-05-07 2018-04-27 中国人民大学 网页信息处理方法及装置
US10872166B2 (en) * 2018-09-12 2020-12-22 Netz Forecasts Ltd. Systems and methods for secure prediction using an encrypted query executed based on encrypted data
CN110222081B (zh) * 2019-06-08 2022-04-19 西安电子科技大学 多用户环境下基于细粒度排序的数据密文查询方法

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170357732A1 (en) * 2016-06-10 2017-12-14 Palo Alto Research Center Incorporated System and method for efficient interval search using locality-preserving hashing
CN108768651A (zh) * 2018-04-20 2018-11-06 南京搜文信息技术有限公司 支持多维区间范围查询的可搜索公钥加密方法
CN111783109A (zh) * 2019-04-04 2020-10-16 华控清交信息科技(北京)有限公司 数据查询方法、系统及存储介质
CN110096899A (zh) * 2019-04-29 2019-08-06 腾讯科技(深圳)有限公司 一种数据查询方法及装置
CN110618999A (zh) * 2019-08-01 2019-12-27 平安科技(深圳)有限公司 数据的查询方法及装置、计算机存储介质、电子设备
CN111198882A (zh) * 2019-12-26 2020-05-26 东软集团股份有限公司 数据的处理方法、装置、存储介质和电子设备

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115412246A (zh) * 2022-11-01 2022-11-29 北京信安世纪科技股份有限公司 不经意传输方法、装置、设备和存储介质
CN115765969A (zh) * 2023-01-10 2023-03-07 蓝象智联(杭州)科技有限公司 一种基于同态加密的隐匿集合求交方法、装置及存储介质
CN115765969B (zh) * 2023-01-10 2023-06-09 蓝象智联(杭州)科技有限公司 一种基于同态加密的隐匿集合求交方法、装置及存储介质
CN117743384A (zh) * 2023-12-20 2024-03-22 北京百度网讯科技有限公司 一种数据查询方法、装置、设备和存储介质

Also Published As

Publication number Publication date
CN112328639A (zh) 2021-02-05

Similar Documents

Publication Publication Date Title
Wang et al. Searchable encryption over feature-rich data
WO2022099893A1 (zh) 数据查询方法、装置、系统以及数据集处理方法
JP6180177B2 (ja) プライバシーを保護することができる暗号化データの問い合わせ方法及びシステム
CA2887191C (en) Secure linkage of databases
Örencik et al. Efficient and secure ranked multi-keyword search on encrypted cloud data
Chen et al. EliMFS: achieving efficient, leakage-resilient, and multi-keyword fuzzy search on encrypted cloud data
CN109361644B (zh) 一种支持快速搜索和解密的模糊属性基加密方法
US11233629B2 (en) Registration apparatus, search operation apparatus, data management apparatus
Liu et al. Efficient searchable symmetric encryption for storing multiple source dynamic social data on cloud
Zhang et al. Dynamic and Efficient Private Keyword Search over Inverted Index--Based Encrypted Data
CN113254955A (zh) 前向安全的连接关键词对称可搜索加密方法、系统及应用
CN113434555B (zh) 一种基于可搜索加密技术的数据查询方法和装置
Xu et al. DNA similarity search with access control over encrypted cloud data
US11829503B2 (en) Term-based encrypted retrieval privacy
Zhang et al. Achieving efficient and privacy-preserving dynamic skyline query in online medical diagnosis
Zhu et al. Privacy-preserving search for a similar genomic makeup in the cloud
Ibrahim et al. Towards efficient yet privacy-preserving approximate search in cloud computing
Cui et al. Secure boolean spatial keyword query with lightweight access control in cloud environments
CN113836571B (zh) 基于云和区块链的医疗数据拥有终端位置匹配方法及系统
Guo et al. LuxGeo: Efficient and Security-Enhanced Geometric Range Queries
CN116975886A (zh) 基于隐私保护的数据查询方法及装置
Han et al. Vector Sum Range Decision for Verifiable Multiuser Fuzzy Keyword Search in Cloud-Assisted IoT
CN112328626B (zh) 面向云环境的支持模糊关键词排序的可搜索加密方法
WO2022099891A1 (zh) 数据查询方法、装置、系统和数据集处理方法
Wang Search over encrypted data in cloud computing

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20961446

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20961446

Country of ref document: EP

Kind code of ref document: A1