WO2023010273A1 - 一种支持可组合sql查询的加密数据库方法 - Google Patents

一种支持可组合sql查询的加密数据库方法 Download PDF

Info

Publication number
WO2023010273A1
WO2023010273A1 PCT/CN2021/110269 CN2021110269W WO2023010273A1 WO 2023010273 A1 WO2023010273 A1 WO 2023010273A1 CN 2021110269 W CN2021110269 W CN 2021110269W WO 2023010273 A1 WO2023010273 A1 WO 2023010273A1
Authority
WO
WIPO (PCT)
Prior art keywords
column
user
row
service provider
key
Prior art date
Application number
PCT/CN2021/110269
Other languages
English (en)
French (fr)
Inventor
刘健
曹新乐
芦浩
任奎
Original Assignee
浙江大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 浙江大学 filed Critical 浙江大学
Priority to PCT/CN2021/110269 priority Critical patent/WO2023010273A1/zh
Priority to US17/888,521 priority patent/US11734448B2/en
Publication of WO2023010273A1 publication Critical patent/WO2023010273A1/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • the invention relates to the technical fields of discrete logarithm problem, multiplication encryption, encrypted database and ciphertext search, in particular to an encrypted database method supporting combinable SQL query.
  • the discrete logarithm problem refers to the problem of finding the logarithm in a computable finite cyclic group, which was published by W.Diffie and E.Hellman in 1976. So far, the discrete logarithm problem is still considered to be difficult to solve, so it is widely used in encryption.
  • Multiplicative encryption is widely used in cryptography, including well-known encryption schemes such as ElGmal and RSA. Multiplicative encryption can achieve "perfect security" and can guarantee multiplicative homomorphism under ciphertext, that is, the multiplication operation on ciphertext is also the multiplication operation on plaintext. Therefore, multiplicative encryption achieves good security and operability.
  • a scheme was proposed at the Sigmod conference to realize encrypted database using a multiplicative encryption scheme, but this scheme is not safe and differs greatly from the present invention.
  • Encrypted database technology was first proposed in 2011.
  • the first encrypted database model is CryptDB, which cleverly combines various technologies to realize various query operations of encrypted databases.
  • CryptDB has landed, it should not be used for commercial activities.
  • Sigmod proposed a scheme for encrypting databases, which is called SDB. It proposes a novel encryption scheme that implements most of the various query operations.
  • SDB Scheme for encrypting databases
  • Ciphertext search technology has been developed for decades, and a variety of technologies for ciphertext search have appeared so far, including DET (Deterministic Encryption), OPE (Order ⁇ Preserving Encryption).
  • DET Deterministic Encryption
  • OPE Organic Preserving Encryption
  • these techniques have proven to be either insecure or too complex to be used in real-world scenarios.
  • composable SQL queries are a mainstream requirement for encrypted databases, currently no database supports secure composed SQL queries.
  • the object of the present invention is to provide an encrypted database method that supports combinable SQL queries against the deficiencies of the prior art.
  • Encrypted stored data users encrypt and preprocess their own stored data, and upload the encrypted results and preprocessed data to the service provider, who provides software, devices, electronic equipment or storage for running the database
  • the medium stores the data uploaded by the user; the step (1) specifically includes the following sub-steps:
  • the user For their own data, the user generates a set of random numbers as the row key and column key of the data; based on multiplication encryption, the user encrypts the data with the row key and column key, and outputs the encrypted database;
  • the user uploads the encrypted database to the service provider.
  • the user chooses any encryption method to encrypt and upload the row key generated in step (1.1) to the service provider to realize the encrypted storage of the row key.
  • the user preprocesses the instruction to generate the auxiliary data required to run the instruction; the user uploads the auxiliary data to the service provider, and the service provider cannot obtain any private information about the database from the auxiliary data;
  • the instruction includes Update, insert, delete, add, search for specified keywords and query specified range operations;
  • the service provider selects the storage form according to the actual situation, and the storage form includes database software, devices, electronic equipment or storage media, and stores encrypted data and auxiliary data based on the storage form, and executes subsequent instructions.
  • step (2) Run the combined SQL query command set in step (2): The service provider runs the query command according to the combined SQL query command and auxiliary parameters received from the user, saves the calculation result after the command is run, updates the data, and returns it to the user search result.
  • step (1.1) is specifically:
  • the user randomly generates two large prime numbers p and q to obtain a large integer N p q; the user uses this large integer N as the order of the generator g, and in the finite field Find the generator g on the above; the user will generate random numbers as the row key and column key, and use the row key and column key to encrypt the database.
  • the row key of the i-th row is The column key of column j is (m j , x j ), where x j ⁇ Z N ; row keys and column keys should ensure that for any i, j, there are integers make Call this integer M (i,j) as The inverse with respect to N2 , denoted as Finally, the element v (i,j) in the i-th row and j-column of the database is encrypted as follows:
  • step (1.3) is specifically:
  • each time a user updates or inserts a row of data he needs to generate a row key in advance and store it in encrypted form at the service provider.
  • the user downloads the row key generated in advance from the service provider and sends Or obtain the column key locally to decrypt and update the updated data and re-encrypt it and upload it to the service provider or directly encrypt the inserted data and upload it to the service provider;
  • the user selects two columns to compare with each other or a column to compare with the same constant to query the specified range. If the user compares two columns with each other, each comparison operation needs to generate an encrypted column
  • the random number ⁇ i (i 1,2,...,n)
  • the corresponding column key is (m ⁇ ,x ⁇ )
  • the encryption method is The encrypted element of each row is 1, and this column is collectively referred to as S column, the column key corresponding to the S column is (m s , x s ), and the i-th row element 1 is encrypted as where m s has an inverse for N 2 Right now x s has an inverse for N Right now a row A column u i - ⁇ i ⁇ i , where is the inverse of t i relative to N, that is ⁇ i , u i are random numbers on Z N and satisfy If the user compares a column with the same constant, each time the user performs a comparison operation, in addition to the
  • step (2) specifically includes the following sub-steps:
  • the user uploads the operating instructions to the service provider according to their actual business needs; the operating instructions include updating, summing, searching for specified keywords and querying specified ranges;
  • column ⁇ ' is a new column calculated by the service provider through column ⁇ , and the i-th row element E( ⁇ ') i of column ⁇ ' is calculated through the i-th row element E( ⁇ ) i of column ⁇ :
  • the user chooses to compare the size between two columns or compare a column with the same constant to query the specified range. If the user compares the size between two columns, such as column A and column B, the same row, The column keys corresponding to the two columns are (m A , x A ) and (m B , x B ), then the user needs to calculate:
  • step (3) specifically includes the following sub-steps:
  • the service provider After receiving the user's combined SQL query instruction, the service provider performs corresponding calculations and operations, and requests the user for auxiliary parameters according to the needs of the calculation, or selects the required parameters from the auxiliary parameters uploaded by the user with the instruction ;
  • the service provider After receiving the auxiliary parameters, the service provider calculates according to the instructions, saves the calculation results after the instructions run, updates the data, and returns the query results to the user.
  • the service provider For the operation of searching for a specified keyword, the user selects between two columns to query whether each row is the same keyword or to query whether all rows in a column are a specified keyword. If the user queries between two columns such as A column and B column Whether each row is the same keyword, and the corresponding column keys are (m A , x A ) and (m B , x B ), the service provider performs the following calculation:
  • the service provider directly requests the user for auxiliary parameters or selects the required parameters from the auxiliary parameters uploaded by the user with the instruction;
  • the user can choose to compare the size between two columns or compare a certain column with the same constant to query the specified range. If the user compares the size between two columns, such as column A and column B, the same row , and the column keys corresponding to the two columns are (m A , x A ) and (m B , x B ), then the service provider performs the following calculation:
  • the service provider directly requests the user for auxiliary parameters or selects the required parameters from the auxiliary parameters uploaded by the user with the instruction.
  • the step (3.2) is specifically: for the operation of searching for a specified keyword, the user selects between two columns to inquire whether each row is the same keyword or to inquire whether all rows in a certain column are a certain specified keyword, if the user For two columns such as column A and column B, query whether each row is the same keyword, and the corresponding column keys are (m A , x A ) and (m B , x B ), then the service provider receives the user step ( 2) Calculate and upload auxiliary parameters ( ⁇ , ⁇ ), perform the following calculations:
  • the service provider receives the auxiliary parameters (v ⁇ -1 , ⁇ , ⁇ ) uploaded by the user and performs the following calculation:
  • column ⁇ ' is a new column calculated by the service provider according to the auxiliary data column ⁇ described in step (1.3) and the auxiliary parameter P calculated by the user upload, the i-th row element E of column ⁇ ' ( ⁇ ′) i is calculated by the i-th row element E( ⁇ ) i of column ⁇ :
  • the user chooses to compare the size between two columns or compare a column with the same constant to query the specified range. If the user compares the size between two columns, such as column A and column B, the same row,
  • the column keys corresponding to the two columns are (m A , x A ) and (m B , x B ), and the service provider receives the auxiliary parameter P uploaded by the user: ( ⁇ , ⁇ ) and performs the following calculation:
  • the service provider receives the auxiliary parameters (v ⁇ -1 , ⁇ , ⁇ ) uploaded by the user and performs the following calculation:
  • column ⁇ ' is a new column calculated by the service provider according to the auxiliary data column ⁇ described in step (1.3) and the auxiliary parameter P calculated by the user upload, the i-th row element E of column ⁇ ' ( ⁇ ′) i is calculated by the i-th row element E( ⁇ ) i of column ⁇ :
  • the present invention realizes the encryption protection of user data and reduces the leakage of user privacy information, thereby providing a safe and complete protection scheme for cloud storage of user data in actual commercial activities;
  • the present invention realizes safe and efficient execution of combinable SQL query instructions on encrypted data.
  • the instructions include updating, inserting, deleting, summing, searching for specified keywords and querying specified ranges, which satisfies the user's requirements for cloud storage in actual business activities. Data remote operation and query requirements.
  • the present invention has the advantages of strong versatility, safety and high efficiency, privacy protection, easy to use, high efficiency, less memory and time consumption, and the like.
  • Step (1) Encrypting and storing data: User A encrypts and preprocesses data M, and uploads the encrypted result and preprocessed data to service provider B, who provides software, devices, and electronic equipment for running the database Or the storage medium is used to store the data uploaded by the user;
  • step (1.1) User A generates random number sets R and C as row keys and column keys of database M respectively. Based on multiplicative encryption, user A encrypts data with keys R and C, and outputs the encrypted database;
  • Step (1.2) User A uploads the encrypted database M to service provider B; in addition, user A chooses any secure encryption method to encrypt the random number set R and uploads the encrypted random number set R to service provider B User A can also choose to store the random number set C unencrypted locally or upload it encrypted to service provider B according to his own needs;
  • the database has n rows and m columns of elements
  • user A uploads n encrypted row keys to service provider B at the same time, and the m column keys are not
  • the encryption is stored locally or encrypted and uploaded to the service provider B.
  • the encryption method of row key and column key can adopt any safe encryption method, such as AES encryption.
  • the encrypted database and the encrypted row key are collectively referred to as the encrypted result, and the encrypted result is uploaded by user A to service provider B for storage.
  • Service provider B cannot obtain any sensitive information about user A's database M from the encryption result.
  • user A needs to restore the plaintext of the database element, he needs to download the encrypted element and the row key corresponding to the encrypted element from service provider B at the same time.
  • the column key is encrypted and uploaded to service provider B, user A needs to download the column key corresponding to the encrypted element; if the column key is not encrypted and stored locally on user A, then A only needs to find the corresponding column key of the encrypted element locally key.
  • user A needs to perform query commands on a certain column of the database, then A needs the column key of this column. If the column key is encrypted and uploaded to service provider B, user A needs to download this column from service provider B. column key; if the column key is not encrypted and stored locally in user A, then A only needs to find the column key of this column locally.
  • step (1.3) user A preprocesses the instruction to generate auxiliary data D required to execute the instruction; user A uploads the auxiliary data D to service provider B, and service provider B cannot obtain any information about the database from the auxiliary data D M’s private information; the service provider B must obtain the auxiliary parameter P calculated by user A to perform specified operations; the instructions include but are not limited to update, insert, delete, add, search for specified keywords, and query specified ranges, etc. operate;
  • auxiliary data D For delete and add instructions, user A does not need to generate auxiliary data D; for update and insert instructions, each time user A updates or inserts a row of data, he needs to generate a row key in advance and encrypt it and store it at service provider B.
  • auxiliary data columns ⁇ , S and ⁇ can be used not only for searching for specified keyword instructions, but also for querying specified range instructions. All the above-mentioned auxiliary data should be uploaded to service provider B before uploading the query command, and service provider B completes the query command with the help of the auxiliary data, which greatly improves the execution efficiency of the query command.
  • Step (1.4) Service provider B selects database software, device, electronic device or storage medium to store encrypted M, random number set R and auxiliary data D according to the actual situation, and executes subsequent instructions based on this method.
  • Step (2) Set the combined SQL query command, user A uploads the command to service provider B according to actual needs, and calculates and uploads the auxiliary parameter P for executing the command.
  • step (2.1) User A uploads the operation instruction Q to the service provider B according to its actual business needs; the instructions include updating, summing, searching for specified keywords and querying specified ranges;
  • Step (2.2) User A calculates the auxiliary parameter P according to the uploaded instruction Q, and uploads the auxiliary parameter P to the service provider B along with the instruction or after receiving the request from the service provider B.
  • user A For the command to search for a specified keyword, user A can choose between two columns to query whether each row is the same keyword or to query whether all rows in a certain column are a specified keyword. Query whether each row is the same keyword, and the corresponding column keys are (m A , x A ) and (m B , x B ), user A needs to calculate:
  • user A can choose to compare the size of two columns or compare a column with the same constant to query the specified range. If user A performs a query between two columns such as column A and column B Comparing the size, the column keys corresponding to the two columns are (m A , x A ) and (m B , x B ), then user A needs to calculate:
  • Step (3) Run the combined SQL query command set in step (2): Service provider B runs the command according to the command received from user A and the auxiliary parameter P calculated in step (2), and saves the command after running Calculate the result, update the data and return the query result U to user A; including the following sub-steps:
  • Step (3.1) service provider B performs corresponding calculations and operations after receiving the combined SQL query command set by user A, and proposes a request for auxiliary parameter P to user A according to the needs in the calculation, or follows the instruction from user A Select the required parameters from the uploaded auxiliary parameters P;
  • service provider B does not require user A to provide any auxiliary parameters.
  • service provider B For the operation of searching for a specified keyword, user A can choose whether each row is the same keyword between two columns or whether all rows in a certain column are a specified keyword. If user A checks two columns such as column A and column B Query whether each row is the same keyword, and the corresponding column keys are (m A , x A ) and (m B , x B ), then service provider B performs the following calculation:
  • Service provider B makes a request to user A for the auxiliary parameter P or selects the required parameter from the auxiliary parameter P uploaded by user A along with the instruction;
  • service provider B directly requests user A for the auxiliary parameter P or selects from the auxiliary parameter P uploaded by user A with the instruction required parameters;
  • user A can choose to compare the size of two columns or compare a column with the same constant to query the specified range. If user A performs a query between two columns such as column A and column B Comparing the size, the column keys corresponding to the two columns are (m A , x A ) and (m B , x B ), then service provider B performs the following calculation:
  • Service provider B makes a request to user A for the auxiliary parameter P or selects the required parameter from the auxiliary parameter P uploaded by user A along with the instruction;
  • service provider B directly requests user A for the auxiliary parameter P or selects all values from the auxiliary parameter P uploaded by user A with the instruction. Parameters are required.
  • Step (3.2) After service provider B receives the auxiliary parameter P, it calculates according to the instruction, saves the calculation result after the instruction runs, updates the data, and returns the query result U to user A.
  • the user can choose between two columns to check whether each row is the same keyword or to check whether all rows in a certain column are a specified keyword.
  • service provider B receives the auxiliary parameter P: (v ⁇ -1 , ⁇ , ⁇ ) uploaded by user A and performs the following calculation :
  • user A can choose to compare the size of two columns or compare a column with the same constant to query the specified range. If user A performs a query between two columns such as column A and column B Comparing the size, the column keys corresponding to the two columns are (m A , x A ) and (m B , x B ), service provider B receives the auxiliary parameter P uploaded by user A: ( ⁇ , ⁇ ) and performs the following calculation:
  • service provider B receives the auxiliary parameter P uploaded by user A: (v ⁇ -1 , ⁇ , ⁇ ), and performs the following calculation :
  • the present invention discloses an encrypted database system that supports combinable SQL queries, which can perform any secure storage of user data provided by any embodiment of the present invention and support update, insertion, deletion, addition, search for specified keywords and user data. Query the capabilities of the specified range.
  • the encrypted database system supporting combinable SQL queries includes a user device module and a service provider module; the user device module encrypts and preprocesses user data, and uploads the encrypted result and preprocessed data to the service provider module;
  • the user module executes data operation instructions, uploads operation instructions to the service provider module according to actual needs, and the operation instructions include updating, inserting, deleting, summing, searching for specified keywords and querying specified ranges, and uploads auxiliary parameter operation instructions to the service provider module, the auxiliary parameter operation instructions include updating, inserting, deleting, adding, searching for specified keywords and querying specified ranges; the service provider module saves the calculation results after the instruction is run according to the received operation instructions and auxiliary parameter operation instructions , update the data and return the query result to the user module
  • an enterprise runs the database test international standard TPC-C for transactions, that is, a certain warehouse accepts orders from multiple users at the same time, and the warehouse has multiple transactions with these users at the same time.
  • the warehouse encrypts and stores transaction data in the cloud.
  • the warehouse continuously submits SQL instructions to the encrypted data in the cloud (instructions include update, insert, delete, sum, search for specified keywords and query Specified range), according to the meaning of the order for the actual transaction, the order is divided into five sets:
  • New-Order The customer enters a new order transaction.
  • Payment operation update the customer account balance and reflect its payment status.
  • Delivery delivery (simulating batch transactions).
  • Order Status Query (Order ⁇ Status): Query the status of the customer's latest transaction.
  • Inquiry of inventory status (Stock-Level): Query the inventory status of the warehouse, so as to be able to replenish goods in time.
  • a server equipped with two 2.5GHz Intel Xeon Gold 6248 processors and 256GB memory is used to simulate the cloud service provider, and the method of the present invention is used to execute the instructions of the five sets respectively, and the time spent As in Table 1.
  • the present invention supports the execution of five TPC-C transactions.
  • the shortest time used by the present invention is 101 seconds, and the longest time is only 422 seconds (Delievery transaction), since each transaction of TPC-C is composed of dozens of SQL query instructions, it can be seen that in actual commercial activities, even if the transmission delay is considered, the present invention can still complete a SQL query instruction in about 10 seconds, and in During this process, the user's data privacy can always be guaranteed.
  • the time used by the present invention remains stable, so it can maintain stable performance in actual commercial activities. Therefore, using the method of the invention, the database runs faster, consumes less time, and runs stably.
  • the present invention realizes the encryption protection of user data and reduces the leakage of user privacy information, thus providing a safe and complete protection scheme for cloud storage of user data in actual commercial activities; the present invention realizes In order to safely and efficiently execute combinable SQL query instructions on encrypted data, the instructions include update, insert, delete, add, search for specified keywords, and query specified ranges, which satisfies users’ remote operation and query of cloud storage data in actual business activities requirements; the present invention has the advantages of strong versatility, safety and high efficiency, privacy protection, easy to use, high efficiency, less memory and time consumption, and the like.

Abstract

本发明公开了一种支持可组合SQL查询的加密数据库方法,该方案主要包括如下步骤:(1)基于本发明提出的加密方法,用户对数据进行加密和预处理,并将加密结果和预处理数据上传给服务商;(2)设定并上传SQL查询指令:用户根据实际需求上传查询指令给服务商,并同时上传用于查询指令的辅助参数;(3)数据查询:服务商根据收到的来自用户的查询指令和辅助参数进行SQL查询,保存计算结果、更新数据并返回给用户查询结果。本发明可在实际生活和商业中应用于数据加密存储和加密数据查询,具有通用性强、安全高效、保护隐私、使用简便、效率高、内存和时间消耗少等优点。

Description

一种支持可组合SQL查询的加密数据库方法 技术领域
本发明涉及离散对数问题、乘法加密、加密数据库和密文搜索技术领域,尤其涉及一种支持可组合SQL查询的加密数据库方法。
背景技术
离散对数问题是指在一个可计算的有限循环群中求对数的问题,这个问题由迪菲(W.Diffie)和赫尔曼(E.Hellman)发表于1976年。至今为止,离散对数问题仍被认为是难以求解的问题,因此被广泛应用于加密。
乘法加密被广泛应用于密码学,包括ElGmal和RSA等知名加密方案。乘法加密能够实现“perfect security”,且能保证密文下的乘同态,即对密文的乘法操作也是对明文的乘法操作。因此,乘法加密实现了良好的安全性和可操作性。2014年,Sigmod会议上提出一个方案利用乘法加密方案实现加密数据库,但该方案并不安全且和本发明相差较大。
加密数据库技术最早在2011年被提出。第一个加密数据库模型为CryptDB,它巧妙地结合了多种技术实现了加密数据库的多种查询操作。然而,从2015年开始,出现了一系列的工作攻击CryptDB。这些工作证明,CryptDB的安全性极差,尽管CryptDB已经落地,但其不应被用于商业活动。2014年,Sigmod上提出一个方案用于加密数据库,这个方案被称为SDB。它提出了一种新颖的加密方案,实现了大部分的多种查询操作。然而,这个方案依然被证明是不安全的,难以运用到商业活动中。
密文搜索技术已经发展了几十年,至今出现了多种用于密文搜索的技术,包括DET(Deterministic Encryption),OPE(Order‐Preserving Encryption)。然而,至今为止,这些技术被证明或是不安全,或是太过复杂,难以被用于真实场景。此外,尽管可组合SQL查询是加密数据库的主流需求,但是目前没有任何数据库支持安全的组合SQL查询。
随着Internet的飞速发展,用户(包括个人和公司)对于存储大规模数据(GB以上)的需求越来越大。目前,用户将数据存储于提供存储服务的服务商处,即广泛意义下的云端,成为了主流趋势。然而,将数据存储于服务商处,面临着两个问题:如果将数据不加密存储于服务商处,则用户的隐私将被暴露给服务商;如果将数据加密存储于服务商处,则用户不能对加密数据进行安全高效的操作,尤其是可组合SQL查询。
因此,如何支持对用户隐私数据的操作特别是组合SQL查询包括更新、加和、搜索指定 关键字和查询指定范围仍然是一个有待解决的问题。
发明内容
本发明的目的针对现有技术不足,提供了一种支持可组合SQL查询的加密数据库方法。
本发明的目的是通过以下技术方案来实现的:一种支持可组合SQL查询的加密数据库方法,包括以下步骤:
(1)加密存储数据:用户对自己的存储数据进行加密和预处理,并将加密结果和预处理数据上传给服务商,所述服务商提供用于运行数据库的软件、装置、电子设备或存储介质存储用户上传的数据;所述步骤(1)具体包括以下子步骤:
(1.1)用户针对自己的数据,生成随机数集合作为数据的行密钥和列密钥;基于乘法加密,用户用行密钥和列密钥来加密数据,输出加密后的数据库;
(1.2)用户将加密后的数据库上传到服务商处,用户选择任意一种加密方式将步骤(1.1)生成的行密钥加密上传到服务商实现对行密钥的加密存储,同时根据需求选择将列密钥不加密地存储在本地或加密上传至服务商处;
(1.3)用户针对指令进行预处理,生成运行指令所需的辅助数据;用户将辅助数据上传至服务商,所述服务商不能从该辅助数据中获取任何关于数据库的隐私信息;所述指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围操作;
(1.4)服务商根据实际情况选择存储形式,所述存储形式包括数据库软件、装置、电子设备或存储介质,并基于该存储形式进行存储加密数据和辅助数据,并进行后续指令执行。
(2)设定组合SQL查询指令,用户根据实际需求上传组合SQL查询指令给服务商,并上传用于查询指令的辅助参数;
(3)运行步骤(2)设定的组合SQL查询指令:服务商根据收到的来自用户的组合SQL查询指令和辅助参数运行查询指令,保存指令运行后的计算结果、更新数据并返回给用户查询结果。
进一步地,所述步骤(1.1)具体为:
用户随机生成两个大质数p和q,得到大整数N p·q;用户将此大整数N作为生成元g的阶数,并在有限域
Figure PCTCN2021110269-appb-000001
上找到生成元g;用户将生成随机数作为行密钥和列密钥,利用该行密钥和列密钥来加密数据库,第i行的行密钥为
Figure PCTCN2021110269-appb-000002
第j列的列密钥为(m j,x j),其中
Figure PCTCN2021110269-appb-000003
x j∈Z N;行密钥和列密钥应保证对于任意的i,j,都存在整数
Figure PCTCN2021110269-appb-000004
使得
Figure PCTCN2021110269-appb-000005
把该整数M (i,j)称为
Figure PCTCN2021110269-appb-000006
相对于N 2的逆,记为
Figure PCTCN2021110269-appb-000007
最后数据库第i行第j列的元素v (i,j)被加密如下:
Figure PCTCN2021110269-appb-000008
进一步地,所述步骤(1.3)具体为:
对于删除和加和指令,用户无需生成辅助数据D;
对于更新和插入指令,用户每更新或插入一行数据,则需提前生成一个行密钥加密存放至服务商处,更新和插入时,用户从服务商处下载提前生成的行密钥,从服务商或本地获取列密钥,实现对更新的数据进行解密更新并重新加密上传至服务商处或直接对插入的数据进行加密上传至服务商处;
对于搜索指定关键字指令,用户可以选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列之间查询相同行是否为同一关键字,则用户每进行一次查询需要生成一列加密的随机数α i(i=1,2,…,n),对应的列密钥为(m α,x α),加密方式为
Figure PCTCN2021110269-appb-000009
每一行加密的元素都是1,统称这列为S列,所述S列对应的列密钥为(m s,x s),第i行元素1被加密为
Figure PCTCN2021110269-appb-000010
Figure PCTCN2021110269-appb-000011
其中,m s存在对于N 2的逆
Figure PCTCN2021110269-appb-000012
Figure PCTCN2021110269-appb-000013
x s存在对于N的逆
Figure PCTCN2021110269-appb-000014
Figure PCTCN2021110269-appb-000015
一列随机数
Figure PCTCN2021110269-appb-000016
其中h i
Figure PCTCN2021110269-appb-000017
上的N 2阶生成元,N 1为两个或多个随机大质数的积,N 2为其中任意一个大质数,即N 2整除N 1,e i
Figure PCTCN2021110269-appb-000018
上的随机整数;一列数
Figure PCTCN2021110269-appb-000019
若用户对某一列所有行查询是否为某一指定关键字,则用户每进行一次查询除需要上述两列之间比较每一行是否为同一关键字所需的辅助数据外还需要额外生成一列加密的γ,即每一行加密的元素都是γ,对应的列密钥为(m γ,x γ),第i行元素被加密为
Figure PCTCN2021110269-appb-000020
其中,γ为Z N上的随机数,γ应保证存在相对于N的逆γ -1∈Z N,即γ·γ -1mod N=1;
对于查询指定范围指令,用户选择两列之间互相比较或某一列与同一个常数进行比较用于查询指定范围,若用户对两列之间互相比较,则每一次比较操作都需要生成一列加密的随机数α i(i=1,2,…,n),对应的列密钥为(m α,x α),加密方式为
Figure PCTCN2021110269-appb-000021
Figure PCTCN2021110269-appb-000022
每一行加密的元素都是1,统称这列为S列,所述S列对应的列密钥为(m s,x s),第i行元素1被加密为
Figure PCTCN2021110269-appb-000023
其中,m s存在对于N 2的逆
Figure PCTCN2021110269-appb-000024
Figure PCTCN2021110269-appb-000025
x s存在对于N的逆
Figure PCTCN2021110269-appb-000026
Figure PCTCN2021110269-appb-000027
一列
Figure PCTCN2021110269-appb-000028
一列u ii·α i,其中
Figure PCTCN2021110269-appb-000029
为t i相对于N的逆,即
Figure PCTCN2021110269-appb-000030
Figure PCTCN2021110269-appb-000031
β i,u i为Z N上的随机数且满足
Figure PCTCN2021110269-appb-000032
若用户对某一列与同一个常数进行比较,则用户每进行一次比较操作除需要上述两列之间相互比较需要的辅助数据外还 需要额外生成一列加密的γ,即每一行加密的元素都是γ,对应的列密钥为(m γ,x γ),第i行元素被加密为
Figure PCTCN2021110269-appb-000033
其中,γ为Z N上的随机数,γ应保证存在相对于N的逆γ -1∈Z N,即γ·γ -1mod N=1。
进一步地,所述步骤(2)具体包括以下子步骤:
(2.1)用户根据其实际的商业需求上传运行指令至服务商;所述运行指令包括更新、加和、搜索指定关键字和查询指定范围;
(2.2)用户根据其上传的指令计算辅助参数,并将该辅助参数随指令或在接收到服务商请求后上传至服务商:
所述步骤(2.2)具体为,对于更新、插入和删除操作,用户无需进行任何辅助参数的计算;对于加和操作,若对A列和B列进行加和,对应的列密钥为(m A,x A)和(m B,x B),则新生成列C=A+B的列密钥被用户进行计算并存储,相应计算方式为(m C=m A·m Bmod N 2,x C=x A+x Bmod N),用户选择本地不加密地存储该密钥或加密上传至服务商处进行存储;对于搜索指定关键字指令,用户选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则用户需计算:
(Ⅰ)列A′=A–B+α的列密钥(
Figure PCTCN2021110269-appb-000034
x A′=x A-x B+x α mod N);
(Ⅱ)计算辅助参数
Figure PCTCN2021110269-appb-000035
得到最后用户上传的辅助参数为(ζ,η);
若用户对某一列如A列所有行查询是否为某一指定关键字如v,则用户需计算:
(Ⅰ)v·γ -1,其中γ为步骤(1.3)所述辅助数据;
(Ⅱ)列
Figure PCTCN2021110269-appb-000036
的列密钥
Figure PCTCN2021110269-appb-000037
其中,列γ′为服务商通过列γ计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000038
(Ⅲ)列A′=A-γ′+α的列密钥
Figure PCTCN2021110269-appb-000039
Figure PCTCN2021110269-appb-000040
(Ⅳ)计算辅助参数P:
Figure PCTCN2021110269-appb-000041
得到最后用户上传的辅助参数为(v·γ -1,ζ,η)。;
对于查询指定范围指令,用户选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),则用户需计算:
(Ⅰ)列A′=A-B+α的列密钥(
Figure PCTCN2021110269-appb-000042
x A′=x A-x B+x αmod N);(2)
Figure PCTCN2021110269-appb-000043
得到最后用户上传的辅助参数为(ζ,η);
若用户对某一列如A列所有行与同一个常数如v进行比较大小,则用户需计算
(Ⅰ)v·γ -1,其中γ为步骤(1.3)所述辅助数据;
(Ⅱ)计算列γ′的列密钥(
Figure PCTCN2021110269-appb-000044
x γ′=v·γ -1·x γmod N),其中,列γ′为服务商通过列γ计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000045
(Ⅲ)计算列A′=A-γ′+α的列密钥(m A′=m A·(m γ′) -1·m αmod N 2,x A′=x A-x γ′+x αmod N);
(Ⅳ)计算辅助参数
Figure PCTCN2021110269-appb-000046
得到最后用户上传的辅助参数为(v·γ -1,ζ,η)。
进一步地,所述步骤(3)具体包括以下子步骤:
(3.1)服务商在收到用户的组合SQL查询指令后进行相应的计算和操作,根据其计算中的需求向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数;
(3.2)服务商收到辅助参数后,根据指令进行计算,保存指令运行后的计算结果、更新数据并返回给用户查询结果。
进一步地,所述步骤(3.1)具体为:对于删除指令,服务商只需进行正常的删除操作并更新数据库;对于插入和更新操作,若用户将行密钥与列密钥加密存储在服务商处,则服务商只需返回用户索取的行密钥和列密钥,接收用户上传的新数据进行正常的插入和更新即可;对于加和操作,若对A列和B列进行加和得到C列,则服务商计算C列的第i行元素C i如下:C i=A i×B i(i=1,2,3,…n),其中A i,B i分别表示A列和B列的第i行元素。在上述指令运行中,服务商不需要用户提供任何辅助参数;
对于搜索指定关键字操作,用户选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则服务商进行以下计算:
(Ⅰ)计算列B′,计算如下:列B′的第i行元素
Figure PCTCN2021110269-appb-000047
其中,B i为B列的第i行元素;
(Ⅱ)计算列A′,计算如下:列A′的第i行元素A′ i=A i×B′ i×E(α) imod N 2,其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)服务商向用户提出对辅助参数P的请求或从用户随指令上传的辅助参数中选取所需参数;
若用户对某一列如A列所有行查询是否为某一外部关键字如v,则服务商直接向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数;
对于查询指定范围指令,用户可以选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),则服务商进行以下计算:
(Ⅰ)计算列B′,计算如下:列B′的第i行元素
Figure PCTCN2021110269-appb-000048
其中,B i为B列的第i行元素;
(Ⅱ)计算列A′,计算如下:列A′的第i行元素A′ i=A i×B′ i×E(α) imod N 2,其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)服务商向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数;
若用户对某一列如A列所有行与同一个常数如v进行比较大小,则服务商直接向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数。
进一步地,所述步骤(3.2)具体为:对于搜索指定关键字操作,用户选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则服务商收到用户步骤(2)计算并上传的辅助参数(ζ,η),进行以下计算:
(Ⅰ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000049
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅱ)计算列H,计算列H的第i行元素H i如下:
Figure PCTCN2021110269-appb-000050
其中,
Figure PCTCN2021110269-appb-000051
为步骤(1.3)所述辅助数据h列的第i行元素,N 1是步骤(1.3)所述N 1;(Ⅲ)比较
Figure PCTCN2021110269-appb-000052
其中,
Figure PCTCN2021110269-appb-000053
为步骤(1.3)所述辅助数据h′列的第i行元素,若两者相等,则A列和B列第i行的元素相等;若不相等,则A列和B列第i行的元素不相等;
若用户对某一列如A列所有行查询是否为某一外部关键字如v,则服务商收到用户上传的辅助参数(v·γ -1,ζ,η)进行以下计算:
(Ⅰ)计算列γ′,列γ′为服务商根据步骤(1.3)所述辅助数据列γ和用户上传计算出的辅助参数P计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000054
(Ⅱ)计算列A′,计算如下:列A′的第i行元素
Figure PCTCN2021110269-appb-000055
其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000056
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅳ)计算列H,计算列H的第i行元素H i如下:
Figure PCTCN2021110269-appb-000057
其中,
Figure PCTCN2021110269-appb-000058
为步骤(1.3)所述辅助数据h列的第i行元素,N 2是步骤(1.3)所述N 1
(Ⅴ)比较
Figure PCTCN2021110269-appb-000059
其中,
Figure PCTCN2021110269-appb-000060
为步骤(1.3)所述辅助数据h′列的第i行元素,若两者相等,则A列第i行的元素与v相等;若不相等,则A列第i行的元素与v不相等;
对于查询指定范围指令,用户选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),服务商收到用户上传的辅助参数P:(ζ,η)进行以下计算:
(Ⅰ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000061
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅱ)计算列a′,计算列a′的第i行元素a′ i如下:
Figure PCTCN2021110269-appb-000062
其中,
Figure PCTCN2021110269-appb-000063
为步骤(1.3)所述辅助数据β列的第i行元素,u iiα i是步骤(1.3)所述u列的第i行元素;
(Ⅲ)比较a′ i
Figure PCTCN2021110269-appb-000064
Figure PCTCN2021110269-appb-000065
则A列第i行的元素较小;不然,则B列第i行的元素不大于A列第i行的元素;
若用户对某一列如A列所有行与同一个常数如v进行比较大小,则服务商收到用户上传的辅助参数(v·γ -1,ζ,η),进行以下计算:
(Ⅰ)计算列γ′,列γ′为服务商根据步骤(1.3)所述辅助数据列γ和用户上传计算出的辅助参数P计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000066
(Ⅱ)计算列A′,计算如下:列A′的第i行元素
Figure PCTCN2021110269-appb-000067
Figure PCTCN2021110269-appb-000068
其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000069
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅳ)计算列a′,计算列a′的第i行元素a′ i如下:
Figure PCTCN2021110269-appb-000070
其中,
Figure PCTCN2021110269-appb-000071
为步骤(1.3)所述辅助数据β列的第i行元素,u iiα i是步骤(1.3)所述u列的第i行元素;
(Ⅴ)比较a′ i
Figure PCTCN2021110269-appb-000072
Figure PCTCN2021110269-appb-000073
则A列第i行的元素不小于v;不然,则A列第i行的元素小于v。
根据以上技术方案,本发明的有益效果如下:
1.本发明基于离散对数问题,实现了对用户数据的加密保护、减少了用户隐私信息的泄露,从而为实际商业活动中用户数据的云端存储提供了安全完整的保护方案;
2.本发明实现了在加密数据上安全高效地执行可组合SQL查询指令,指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围,满足了实际商业活动中用户对云端存储数据远程操作和查询的需求。
3.本发明具有通用性强、安全高效、保护隐私、使用简便、效率高、内存和时间消耗少等优点。
具体实施方式
为使本申请的目的、技术方案和优点更加清楚,下面将结合本申请具体实施例及相应的附图对本申请技术方案进行清楚、完整地描述。显然,所描述的实施例仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
实施例1:
假设售货公司用户甲将自己的数据集M存储于某服务商乙处,并要求服务商乙不能获取任何关于M的信息。此外,用户甲要求能够对数据集M进行不泄露隐私的操作(操作包括但不限于更新、插入、删除、加和、搜索指定关键字和查询指定范围,如返回交易额大于5000的订单)。为了解决这种情况,利用本发明一种支持可组合SQL查询的加密数据库方法,来满足用户甲的要求,具体包括以下步骤:
步骤(1)加密存储数据:用户甲对数据M进行加密和预处理,并将加密结果和预处理数据上传给服务商乙,所述服务商乙提供用于运行数据库的软件、装置、电子设备或存储介质 用于存储用户上传的数据;
具体地,步骤(1.1)用户甲生成随机数集合R和C分别作为数据库M的行密钥和列密钥。基于乘法加密,用户甲用密钥R和C来加密数据,输出加密后的数据库;
具体来说,用户甲随机生成两个大质数p和q,得到大整数N=p·q;此外,用户甲将此大整数N作为生成元的阶数在有限域
Figure PCTCN2021110269-appb-000074
上找到生成元g;用户甲生成随机数作为行密钥和列密钥来加密数据库M,第i行的行密钥为
Figure PCTCN2021110269-appb-000075
第j列的列密钥为(m j,x j),其中
Figure PCTCN2021110269-appb-000076
x j∈Z N;行密钥和列密钥应保证对于任意的i,j,都存在整数
Figure PCTCN2021110269-appb-000077
使得
Figure PCTCN2021110269-appb-000078
把该整数M (i,j)称为
Figure PCTCN2021110269-appb-000079
相对于N 2的逆,记为
Figure PCTCN2021110269-appb-000080
最后数据库M第i行第j列的元素v (i,j)被加密如下:
Figure PCTCN2021110269-appb-000081
步骤(1.2)用户甲将加密后的数据库M上传到服务商乙处;此外,用户甲选择任意一种安全的加密方式加密随机数集合R并将加密后的随机数集合R上传至服务商乙处,用户甲也可根据自己的需求选择将随机数集合C不加密地存储在本地或加密上传至服务商乙处;
具体为,在整个过程中假设该数据库有n行m列元素,则除加密的数据库密文外,用户甲将n个加密行密钥同时上传到服务商乙处,将m个列密钥不加密存储于本地或加密上传至服务商乙处,行密钥和列密钥的加密方式可采取任意一种安全的加密方式,如AES加密。将加密数据库和加密的行密钥统称为加密结果,加密结果被用户甲上传至服务商乙处进行存储。服务商乙不能从加密结果中获取任何关于用户甲的数据库M的敏感信息。若用户甲需还原数据库元素明文,则需从服务商乙处同时下载加密元素及加密元素对应行密钥。若列密钥被加密上传至服务商乙处,则用户甲需要下载加密元素对应列密钥;若列密钥被不加密存储于用户甲本地,则甲只需在本地找到加密元素相应列密钥。若用户甲需对数据库的某一列进行查询指令的操作,则甲需要此列的列密钥,若列密钥被加密上传至服务商乙处,则用户甲需要从服务商乙处下载此列的列密钥;若列密钥被不加密存储于用户甲本地,则甲只需在本地找到此列的列密钥。
步骤(1.3),用户甲针对指令进行预处理,生成执行指令所需要的辅助数据D;用户甲将辅助数据D上传至服务商乙处,服务商乙不能从该辅助数据D中获取任何关于数据库M的隐私信息;所述服务商乙必须得到用户甲计算的辅助参数P才可以进行指定操作;所述指令包括但不限于更新、插入、删除、加和、搜索指定关键字和查询指定范围等操作;
具体地,对于删除和加和指令,用户甲无需生成辅助数据D;对于更新和插入指令,用户甲每更新或插入一行数据,则需提前生成一个行密钥加密存放至服务商乙处,更新和插入时,用户甲从服务商乙处下载提前生成的行密钥,从服务商乙或本地获取列密钥,因此可以对更新的数据进行解密更新并重新加密上传至服务商乙处或直接对插入的数据进行加密上传至服务商乙处;对于搜索指定关键字指令,用户甲可以选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户甲对两列之间查询相同行是否为同一关键字,则用户甲每进行一次查询需要生成一列加密的随机数α i(i=1,2,…,n)(统称为α列),对应的列密钥为(m α,x α),加密方式为
Figure PCTCN2021110269-appb-000082
每一行加密的元素都是1,统称这列为S列,所述S列对应的列密钥为(m s,x s),第i行元素1被加密为
Figure PCTCN2021110269-appb-000083
其中,m s存在对于N 2的逆
Figure PCTCN2021110269-appb-000084
Figure PCTCN2021110269-appb-000085
Figure PCTCN2021110269-appb-000086
x s存在对于N的逆
Figure PCTCN2021110269-appb-000087
Figure PCTCN2021110269-appb-000088
一列随机数
Figure PCTCN2021110269-appb-000089
(统称为h列),其中h i
Figure PCTCN2021110269-appb-000090
上的N 2阶生成元,N 1为两个或多个随机大质数的积,N 2为其中任意一个大质数,即N 2整除N 1,e i
Figure PCTCN2021110269-appb-000091
上的随机整数;一列数
Figure PCTCN2021110269-appb-000092
(统称为h 列);若用户甲对某一列所有行查询是否为某一指定关键字,则用户甲每进行一次查询除需要上述两列之间比较每一行是否为同一关键字所需的辅助数据外还需要额外生成一列加密的γ(即每一行加密的元素都是γ,统称此列为γ列),对应的列密钥为(m γ,x γ),第i行元素被加密为
Figure PCTCN2021110269-appb-000093
其中,γ为Z N上的随机数,γ应保证存在相对于N的逆γ -1∈Z N,即γ·γ -1mod N=1;对于查询指定范围指令,用户甲可以选择两列之间互相比较或某一列与同一个常数进行比较用于查询指定范围,若用户甲对两列之间互相比较,则每一次比较操作都需要生成一列加密的随机数α i(i=1,2,…,n)(统称为α列),对应的列密钥为(m α,x α),加密方式为
Figure PCTCN2021110269-appb-000094
Figure PCTCN2021110269-appb-000095
每一行加密的元素都是1,统称这列为S列,所述S列对应的列密钥为(m s,x s),第i行元素1被加密为
Figure PCTCN2021110269-appb-000096
其中,m s存在对于N 2的逆
Figure PCTCN2021110269-appb-000097
Figure PCTCN2021110269-appb-000098
x s存在对于N的逆
Figure PCTCN2021110269-appb-000099
Figure PCTCN2021110269-appb-000100
一列
Figure PCTCN2021110269-appb-000101
(统称为β列),一列u ii·α i(统称为u列),其中
Figure PCTCN2021110269-appb-000102
为t i相对于N的逆,即
Figure PCTCN2021110269-appb-000103
β i,u i为Z N上的随机数且满足
Figure PCTCN2021110269-appb-000104
若用户甲对某一列与同一个常数进行比较,则用户甲每进行一次比较操作除需要上述两列之间相互比较需要的辅助数据外还需要额外生成一列加密的γ(即每一行加密的元素都是γ,统称此列为γ列),对应的列密钥为(m γ,x γ),第i行元素被加密为
Figure PCTCN2021110269-appb-000105
其中, γ为Z N上的随机数,γ应保证存在相对于N的逆γ -1∈Z N,即γ·γ -1mod N=1。
上述辅助数据α列、S列和γ列既可用于搜索指定关键字指令,也可用于查询指定范围指令。上述所有辅助数据都应在查询指令上传以前被上传至服务商乙处,服务商乙借助辅助数据完成查询指令,大大提升查询指令的执行效率。
步骤(1.4)服务商乙根据实际情况选择数据库软件、装置、电子设备或存储介质存储加密的M、随机数集合R和辅助数据D并基于该方式进行后续指令执行。
步骤(2)设定组合SQL查询指令,用户甲根据实际需求上传指令给服务商乙,并计算上传用于执行指令的辅助参数P。
具体地,步骤(2.1)用户甲根据其实际的商业需求上传运行指令Q至服务商乙处;所述指令包括更新、加和、搜索指定关键字和查询指定范围;
步骤(2.2)用户甲根据其上传的指令Q计算辅助参数P,并将该辅助参数P随指令或在接收到服务商乙请求后上传至服务商乙处。
具体来说,对于更新、插入和删除操作,用户甲无需进行任何辅助参数P的计算;对于加和操作,若对A列和B列进行加和,对应的列密钥为(m A,x A)和(m B,x B),则新生成列C=A+B的列密钥被用户甲进行计算并存储,相应计算方式为(m C=m A·m Bmod N 2,x C=x A+x Bmod N),用户甲可以选择本地不加密地存储该密钥,或加密上传至服务商乙处进行存储。
对于搜索指定关键字指令,用户甲可以选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户甲对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则用户甲需计算:
(Ⅰ)列A′=A–B+α的列密钥(
Figure PCTCN2021110269-appb-000106
x A′=x A-x B+x αmod N);
(Ⅱ)计算辅助参数P:
Figure PCTCN2021110269-appb-000107
得到最后用户甲上传的辅助参数P为(ζ,η);
若用户甲对某一列如A列所有行查询是否为某一指定关键字如v,则用户甲需计算:
(Ⅰ)v·γ -1,其中γ为步骤(1.3)所述辅助数据;
(Ⅱ)列
Figure PCTCN2021110269-appb-000108
的列密钥(
Figure PCTCN2021110269-appb-000109
x γ′=v·γ -1· γmod N),其中,列γ′为服务商乙通过列γ计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000110
(Ⅲ)列A′=A-γ′+α的列密钥(m A′=m A·(m γ′) -1·m αmod N 2,x A′=x A-x γ′+x αmod N);
(Ⅳ)计算辅助参数P:
Figure PCTCN2021110269-appb-000111
得到最后用户甲上传的辅助参数为(v·γ -1,ζ,η)。
对于查询指定范围指令,用户甲可以选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户甲在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),则用户甲需计算:
(Ⅰ)列A′=A-B+α的列密钥(
Figure PCTCN2021110269-appb-000112
x A′=x A-x B+x αmod N);(2)
Figure PCTCN2021110269-appb-000113
得到最后用户甲上传的辅助参数P为(ζ,η);
若用户甲对某一列如A列所有行与同一个常数如v进行比较大小,则用户甲需计算
(Ⅰ)v·γ -1,其中γ为步骤(1.3)所述辅助数据;
(Ⅱ)计算列γ′的列密钥(
Figure PCTCN2021110269-appb-000114
x γ′=v·γ -1·x γmod N),其中,列γ′为服务商乙通过列γ计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000115
(Ⅲ)计算列A′=A-γ′+α的列密钥(m A′=m A·(m γ′) -1·m αmod N 2,x A′=x A-x γ′+x αmod N);
(Ⅳ)计算辅助参数P:
Figure PCTCN2021110269-appb-000116
得到最后用户甲上传的辅助参数为(v·γ -1,ζ,η)。
步骤(3)运行步骤(2)设定的组合SQL查询指令:服务商乙根据收到的来自用户甲的指令和步骤(2)计算得到的辅助参数P运行该指令,保存该指令运行后的计算结果、更新数据并返回给用户甲查询结果U;包括以下子步骤:
步骤(3.1),服务商乙在收到用户甲设定的组合SQL查询指令后进行相应的计算和操作,根据其计算中的需求向用户甲提出对辅助参数P的请求或从用户甲随指令上传的辅助参数P中选取所需参数;
具体来说,对于删除指令,服务商乙只需进行正常的删除操作并更新数据库;对于插入和更新操作,若用户甲将行密钥与列密钥加密存储在服务商乙处,则服务商乙只需返回用户 甲索取的行密钥和列密钥,接收用户甲上传的新数据进行正常的插入和更新即可;对于加和操作,若对A列和B列进行加和得到C列,则服务商乙计算C列的第i行元素C i如下:C i=A i×B i(i=1,2,3,…n),其中A i,B i分别表示A列和B列的第i行元素。在上述指令运行中,服务商乙不需要用户甲提供任何辅助参数。
对于搜索指定关键字操作,用户甲可以选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户甲对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则服务商乙进行以下计算:
(Ⅰ)计算列B′,计算如下:列B′的第i行元素
Figure PCTCN2021110269-appb-000117
其中,B i为B列的第i行元素;
(Ⅱ)计算列A′,计算如下:列A′的第i行元素A′ i=A i×B′ i×E(α) imod N 2(i=1,2,…,n),其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)服务商乙向用户甲提出对辅助参数P的请求或从用户甲随指令上传的辅助参数P中选取所需参数;
若用户甲对某一列如A列所有行查询是否为某一外部关键字如v,则服务商乙直接向用户甲提出对辅助参数P的请求或从用户甲随指令上传的辅助参数P中选取所需参数;
对于查询指定范围指令,用户甲可以选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户甲在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),则服务商乙进行以下计算:
(Ⅰ)计算列B′,计算如下:列B′的第i行元素
Figure PCTCN2021110269-appb-000118
其中,B i为B列的第i行元素;
(Ⅱ)计算列A′,计算如下:列A′的第i行元素A′ i=A i×B′ i×E(α) imod N 2(i=1,2,…,n),其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)服务商乙向用户甲提出对辅助参数P的请求或从用户甲随指令上传的辅助参数P中选取所需参数;
若用户甲对某一列如A列所有行与同一个常数如v进行比较大小,则服务商乙直接向用户甲提出对辅助参数P的请求或从用户甲随指令上传的辅助参数P中选取所需参数。
步骤(3.2)服务商乙收到辅助参数P后,根据指令进行计算,保存指令运行后的计算结果、更新数据并返回给用户甲查询结果U。
具体来说,对于搜索指定关键字操作,用户可以选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则服务商乙收到用户甲步骤(2) 计算并上传的辅助参数P:(ζ,η),进行以下计算:
(Ⅰ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000119
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅱ)计算列H,计算列H的第i行元素H i如下:
Figure PCTCN2021110269-appb-000120
其中,
Figure PCTCN2021110269-appb-000121
为步骤(1.3)所述辅助数据h列的第i行元素,N 1是步骤(1.3)所述N 1;(Ⅲ)比较
Figure PCTCN2021110269-appb-000122
其中,
Figure PCTCN2021110269-appb-000123
为步骤(1.3)所述辅助数据h′列的第i行元素,若两者相等,则A列和B列第i行的元素相等;若不相等,则A列和B列第i行的元素不相等;
若用户甲对某一列如A列所有行查询是否为某一外部关键字如v,则服务商乙收到用户甲上传的辅助参数P:(v·γ -1,ζ,η)进行以下计算:
(Ⅰ)计算列γ′,列γ′为服务商乙根据步骤(1.3)所述辅助数据列γ和用户甲上传计算出的辅助参数P计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000124
(Ⅱ)计算列A′,计算如下:列A′的第i行元素
Figure PCTCN2021110269-appb-000125
Figure PCTCN2021110269-appb-000126
其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000127
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅳ)计算列H,计算列H的第i行元素H i如下:
Figure PCTCN2021110269-appb-000128
其中,
Figure PCTCN2021110269-appb-000129
为步骤(1.3)所述辅助数据h列的第i行元素,N 1是步骤(1.3)所述N 1
(Ⅴ)比较
Figure PCTCN2021110269-appb-000130
其中,
Figure PCTCN2021110269-appb-000131
为步骤(1.3)所述辅助数据h′列的第i行元素,若两者相等,则A列第i行的元素与v相等;若不相等,则A列第i行的元素与v不相等;
对于查询指定范围指令,用户甲可以选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户甲在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),服务商乙收到用户甲上传的辅助参数P:(ζ,η)进行以下计算:
(Ⅰ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000132
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅱ)计算列a′,计算列a′的第i行元素a′ i如下:
Figure PCTCN2021110269-appb-000133
其中,
Figure PCTCN2021110269-appb-000134
为步骤(1.3)所述辅助数据β列的第i行元素,u iiα i是步骤(1.3)所述u列的第i行元素;
(Ⅲ)比较a′ i
Figure PCTCN2021110269-appb-000135
Figure PCTCN2021110269-appb-000136
则A列第i行的元素较小;不然,则B列第i行的元素不大于A列第i行的元素;
若用户甲对某一列如A列所有行与同一个常数如v进行比较大小,则服务商乙收到用户甲上传的辅助参数P:(v·γ -1,ζ,η),进行以下计算:
(Ⅰ)计算列γ′,列γ′为服务商乙根据步骤(1.3)所述辅助数据列γ和用户甲上传计算出的辅助参数P计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
Figure PCTCN2021110269-appb-000137
(Ⅱ)计算列A′,计算如下:列A′的第i行元素
Figure PCTCN2021110269-appb-000138
Figure PCTCN2021110269-appb-000139
其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
(Ⅲ)计算列a,计算列a的第i行元素a i如下:
Figure PCTCN2021110269-appb-000140
其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
(Ⅳ)计算列a′,计算列a′的第i行元素a′ i如下:
Figure PCTCN2021110269-appb-000141
其中,
Figure PCTCN2021110269-appb-000142
为步骤(1.3)所述辅助数据β列的第i行元素,u iiα i是步骤(1.3)所述u列的第i行元素;
(Ⅴ)比较a′ i
Figure PCTCN2021110269-appb-000143
Figure PCTCN2021110269-appb-000144
则A列第i行的元素不小于v;不然,则A列第i行的元素小于v。
实施例2
本发明公开了一种支持可组合SQL查询的加密数据库系统,可以执行任意本发明任意实施例所提供的安全存储用户数据并对用户数据支持更新、插入、删除、加和、搜索指定关键字和查询指定范围的功能。所述支持可组合SQL查询的加密数据库系统包括用户装置模块和服务商模块;所述用户装置模块对用户数据进行加密和预处理,并将加密结果和预处理数据上传给服务商模块;所述用户模块执行数据操作指令,根据实际需求上传运行指令给服务商模块,所述运行指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围,并上传辅助参数运行指令到服务商模块,所述辅助参数运行指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围;所述服务商模块根据收到的运行指令和辅助参数运行指令保存指令运行后的计算结果、更新数据并返回给用户模块查询结果。
实施例3
在数据库领域,某企业运行数据库测试国际标准TPC‐C进行交易,即某一个货物仓库同时接受多个用户的订单,该仓库同时与这些用户发生多笔交易。为了节省内存和提高性能,仓库将交易数据加密存储到云端,根据实时交易的需求,仓库不断向云端的加密数据提交SQL指令(指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围),根据指令对于实际交易的意义,指令被分为五个集合:
1.新订单(New‐Order):客户输入一笔新的订货交易。
2.支付操作(Payment):更新客户账户余额以及反映其支付状况。
3.发货(Delivery):发货(模拟批处理交易)。
4.订单状态查询(Order‐Status):查询客户最近交易的状态。
5.库存状态查询(Stock‐Level):查询仓库库存状态,以便能够及时补货。
本实施例用一台装有两个2.5GHz Intel Xeon Gold 6248处理器,配有256GB内存的的服务器模拟该云端服务商,使用本发明方法对五个集合的指令分别进行执行,所花费的时间如表1。
表1
交易事务 运行1次耗时/ms 运行2次耗时/ms 运行3次耗时/ms
New-Order 192023 411606 614116
Payment 136020 275803 417246
Delivery 422247 843313 1286638
Order-Status 346161 690062 1051611
Stock-Level 101926 204299 293828
如上表1所示,本发明支持对TPC‐C五种事务的执行,完成一次TPC‐C五种事务时,本发明所用的最短时间为101秒,而最长时间也仅为422秒(Delievery事务),由于TPC‐C的每种事务由数十条SQL查询指令组成,可见本发明在实际商业活动中,即使考虑了传输的延迟,仍然能在10秒左右完成一条SQL查询指令,且在此过程中,能始终保证用户的数据隐私。此外,随着执行次数的增加,本发明所用时间始终保持稳定,因此能在实际商业活动中保持着稳定的性能。因此,使用本发明方法,数据库运行速度较快,时间消耗少,运行稳定。综上,本发明基于离散对数问题,实现了对用户数据的加密保护、减少了用户隐私信息的泄露,从而为实际商业活动中用户数据的云端存储提供了安全完整的保护方案;本发明实现了在加密数据上安全高效地执行可组合SQL查询指令,指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围,满足了实际商业活动中用户对云端存储数据远程操作和查询的需求;本发明具有通用性强、安全高效、保护隐私、使用简便、效率高、内存和时间消耗少等优点。
以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。

Claims (7)

  1. 一种支持可组合SQL查询的加密数据库方法,其特征在于,包括以下步骤:
    (1)加密存储数据:用户对自己的存储数据进行加密和预处理,并将加密结果和预处理数据上传给服务商,所述服务商提供用于运行数据库的软件、装置、电子设备或存储介质存储用户上传的数据;所述步骤(1)具体包括以下子步骤:
    (1.1)用户针对自己的数据,生成随机数集合作为数据的行密钥和列密钥;基于乘法加密,用户用行密钥和列密钥来加密数据,输出加密后的数据库;
    (1.2)用户将加密后的数据库上传到服务商处,用户选择任意一种加密方式将步骤(1.1)生成的行密钥加密上传到服务商实现对行密钥的加密存储,同时根据需求选择将列密钥不加密地存储在本地或加密上传至服务商处;
    (1.3)用户针对指令进行预处理,生成运行指令所需的辅助数据;用户将辅助数据上传至服务商,所述服务商不能从该辅助数据中获取任何关于数据库的隐私信息;所述指令包括更新、插入、删除、加和、搜索指定关键字和查询指定范围操作;
    (1.4)服务商根据实际情况选择存储形式,所述存储形式包括数据库软件、装置、电子设备或存储介质,并基于该存储形式进行存储加密数据和辅助数据,并进行后续指令执行。
    (2)设定组合SQL查询指令,用户根据实际需求上传组合SQL查询指令给服务商,并上传用于查询指令的辅助参数;
    (3)运行步骤(2)设定的组合SQL查询指令:服务商根据收到的来自用户的组合SQL查询指令和辅助参数运行查询指令,保存指令运行后的计算结果、更新数据并返回给用户查询结果。
  2. 根据权利要求1所述的支持可组合SQL查询的加密数据库方法,其特征在于,所述步骤(1.1)具体为:
    用户随机生成两个大质数p和q,得到大整数N=p·q;用户将此大整数N作为生成元g的阶数,并在有限域
    Figure PCTCN2021110269-appb-100001
    上找到生成元g;用户将生成随机数作为行密钥和列密钥,利用该行密钥和列密钥来加密数据库,第i行的行密钥为
    Figure PCTCN2021110269-appb-100002
    第j列的列密钥为(m j,x j),其中
    Figure PCTCN2021110269-appb-100003
    行密钥和列密钥应保证对于任意的i,j,都存在整数
    Figure PCTCN2021110269-appb-100004
    使得
    Figure PCTCN2021110269-appb-100005
    把该整数M (i,j)称为
    Figure PCTCN2021110269-appb-100006
    相对于N 2的逆,记为
    Figure PCTCN2021110269-appb-100007
    最后数据库第i行第j列的元素v (i,j)被加密如下:
    Figure PCTCN2021110269-appb-100008
  3. 根据权利要求1所述的支持可组合SQL查询的加密数据库方法,其特征在于,所述步骤(1.3)具体为:
    对于删除和加和指令,用户无需生成辅助数据D;
    对于更新和插入指令,用户每更新或插入一行数据,则需提前生成一个行密钥加密存放至服务商处,更新和插入时,用户从服务商处下载提前生成的行密钥,从服务商或本地获取列密钥,实现对更新的数据进行解密更新并重新加密上传至服务商处或直接对插入的数据进行加密上传至服务商处;
    对于搜索指定关键字指令,用户可以选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列之间查询相同行是否为同一关键字,则用户每进行一次查询需要生成一列加密的随机数α i(i=1,2,…,n),对应的列密钥为(m α,x α),加密方式为
    Figure PCTCN2021110269-appb-100009
    每一行加密的元素都是1,统称这列为S列,所述S列对应的列密钥为(m s,x s),第i行元素1被加密为
    Figure PCTCN2021110269-appb-100010
    1 mod N 2,其中,m s存在对于N 2的逆
    Figure PCTCN2021110269-appb-100011
    Figure PCTCN2021110269-appb-100012
    x s存在对于N的逆
    Figure PCTCN2021110269-appb-100013
    Figure PCTCN2021110269-appb-100014
    一列随机数
    Figure PCTCN2021110269-appb-100015
    其中h i
    Figure PCTCN2021110269-appb-100016
    上的N 2阶生成元,N 1为两个或多个随机大质数的积,N 2为其中任意一个大质数,即N 2整除N 1,e i
    Figure PCTCN2021110269-appb-100017
    上的随机整数;一列数
    Figure PCTCN2021110269-appb-100018
    若用户对某一列所有行查询是否为某一指定关键字,则用户每进行一次查询除需要上述两列之间比较每一行是否为同一关键字所需的辅助数据外还需要额外生成一列加密的γ,即每一行加密的元素都是γ,对应的列密钥为(m γ,x γ),第i行元素被加密为
    Figure PCTCN2021110269-appb-100019
    其中,γ为Z N上的随机数,γ应保证存在相对于N的逆γ -1∈Z N,即γ·γ -1mod N=1;
    对于查询指定范围指令,用户选择两列之间互相比较或某一列与同一个常数进行比较用于查询指定范围,若用户对两列之间互相比较,则每一次比较操作都需要生成一列加密的随机数α i(i=1,2,…,n),对应的列密钥为(m α,x α),加密方式为
    Figure PCTCN2021110269-appb-100020
    Figure PCTCN2021110269-appb-100021
    每一行加密的元素都是1,统称这列为S列,所述S列对应的列密钥为(m s,x s),第i行元素1被加密为
    Figure PCTCN2021110269-appb-100022
    其中,m s存在对于N 2的逆
    Figure PCTCN2021110269-appb-100023
    Figure PCTCN2021110269-appb-100024
    x s存在对于N的逆
    Figure PCTCN2021110269-appb-100025
    Figure PCTCN2021110269-appb-100026
    一列
    Figure PCTCN2021110269-appb-100027
    一列u ii·α i,其中
    Figure PCTCN2021110269-appb-100028
    为t i相对于N的逆,即
    Figure PCTCN2021110269-appb-100029
    Figure PCTCN2021110269-appb-100030
    β i,u i为Z N上的随机数且满足
    Figure PCTCN2021110269-appb-100031
    若用户对某一列与同一个常 数进行比较,则用户每进行一次比较操作除需要上述两列之间相互比较需要的辅助数据外还需要额外生成一列加密的γ,即每一行加密的元素都是γ,对应的列密钥为(m γ,x γ),第i行元素被加密为
    Figure PCTCN2021110269-appb-100032
    其中,γ为Z N上的随机数,γ应保证存在相对于N的逆γ -1∈Z N,即γ·γ -1mod N=1。
  4. 根据权利要求1所述的支持可组合SQL查询的加密数据库方法,其特征在于,所述步骤(2)具体包括以下子步骤:
    (2.1)用户根据其实际的商业需求上传运行指令至服务商;所述运行指令包括更新、加和、搜索指定关键字和查询指定范围;
    (2.2)用户根据其上传的指令计算辅助参数,并将该辅助参数随指令或在接收到服务商请求后上传至服务商:
    所述步骤(2.2)具体为,对于更新、插入和删除操作,用户无需进行任何辅助参数的计算;对于加和操作,若对A列和B列进行加和,对应的列密钥为(m A,x A)和(m B,x B),则新生成列C=A+B的列密钥被用户进行计算并存储,相应计算方式为(m C=m A·m Bmod N 2,x C=x A+x Bmod N),用户选择本地不加密地存储该密钥或加密上传至服务商处进行存储;对于搜索指定关键字指令,用户选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则用户需计算:
    (Ⅰ)列A′=A–B+α的列密钥
    Figure PCTCN2021110269-appb-100033
    Figure PCTCN2021110269-appb-100034
    (Ⅱ)计算辅助参数
    Figure PCTCN2021110269-appb-100035
    得到最后用户上传的辅助参数为(ζ,η);
    若用户对某一列如A列所有行查询是否为某一指定关键字如v,则用户需计算:
    (Ⅰ)v·γ -1,其中γ为步骤(1.3)所述辅助数据;
    (Ⅱ)列
    Figure PCTCN2021110269-appb-100036
    的列密钥
    Figure PCTCN2021110269-appb-100037
    其中,列γ′为服务商通过列γ计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
    Figure PCTCN2021110269-appb-100038
    (Ⅲ)列A′=A-γ′+α的列密钥
    Figure PCTCN2021110269-appb-100039
    Figure PCTCN2021110269-appb-100040
    (Ⅳ)计算辅助参数P:
    Figure PCTCN2021110269-appb-100041
    得到最后用户上传的辅助参数为(v·γ -1,ζ,η)。;
    对于查询指定范围指令,用户选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),则用户需计算:
    (Ⅰ)列A′=A-B+α的列密钥
    Figure PCTCN2021110269-appb-100042
    Figure PCTCN2021110269-appb-100043
    (2)
    Figure PCTCN2021110269-appb-100044
    得到最后用户上传的辅助参数为(ζ,η);
    若用户对某一列如A列所有行与同一个常数如v进行比较大小,则用户需计算
    (Ⅰ)v·γ -1,其中γ为步骤(1.3)所述辅助数据;
    (Ⅱ)计算列γ′的列密钥
    Figure PCTCN2021110269-appb-100045
    其中,列γ′为服务商通过列γ计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
    Figure PCTCN2021110269-appb-100046
    (Ⅲ)计算列A′=A-γ′+α的列密钥
    Figure PCTCN2021110269-appb-100047
    Figure PCTCN2021110269-appb-100048
    (Ⅳ)计算辅助参数
    Figure PCTCN2021110269-appb-100049
    得到最后用户上传的辅助参数为(v·γ -1,ζ,η)。
  5. 根据权利要求1所述的支持可组合SQL查询的加密数据库方法,其特征在于,所述步骤(3)具体包括以下子步骤:
    (3.1)服务商在收到用户的组合SQL查询指令后进行相应的计算和操作,根据其计算中的需求向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数;
    (3.2)服务商收到辅助参数后,根据指令进行计算,保存指令运行后的计算结果、更新数据并返回给用户查询结果。
  6. 根据权利要求5所述的支持可组合SQL查询的加密数据库方法,其特征在于,所述步骤(3.1)具体为:对于删除指令,服务商只需进行正常的删除操作并更新数据库;对于插入和更新操作,若用户将行密钥与列密钥加密存储在服务商处,则服务商只需返回用户索取的行密钥和列密钥,接收用户上传的新数据进行正常的插入和更新即可;对于加和操作,若对A列和B列进行加和得到C列,则服务商计算C列的第i行元素C i如下:C i=A i×B i(i=1,2,3,…n), 其中A i,B i分别表示A列和B列的第i行元素。在上述指令运行中,服务商不需要用户提供任何辅助参数;
    对于搜索指定关键字操作,用户选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则服务商进行以下计算:
    (Ⅰ)计算列B′,计算如下:列B′的第i行元素
    Figure PCTCN2021110269-appb-100050
    其中,B i为B列的第i行元素;
    (Ⅱ)计算列A′,计算如下:列A′的第i行元素
    Figure PCTCN2021110269-appb-100051
    其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
    (Ⅲ)服务商向用户提出对辅助参数P的请求或从用户随指令上传的辅助参数中选取所需参数;
    若用户对某一列如A列所有行查询是否为某一外部关键字如v,则服务商直接向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数;
    对于查询指定范围指令,用户可以选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),则服务商进行以下计算:
    (Ⅰ)计算列B′,计算如下:列B′的第i行元素
    Figure PCTCN2021110269-appb-100052
    其中,B i为B列的第i行元素;
    (Ⅱ)计算列A′,计算如下:列A′的第i行元素A′ i=A i×B′ i×E(α) imod N 2,其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
    (Ⅲ)服务商向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数;
    若用户对某一列如A列所有行与同一个常数如v进行比较大小,则服务商直接向用户提出对辅助参数的请求或从用户随指令上传的辅助参数中选取所需参数。
  7. 根据权利要求5所述的支持可组合SQL查询的加密数据库方法,其特征在于,所述步骤(3.2)具体为:对于搜索指定关键字操作,用户选择两列之间查询每一行是否为同一关键字或对某一列所有行查询是否为某一指定关键字,若用户对两列如A列和B列之间查询每一行是否为同一关键字,对应的列密钥为(m A,x A)和(m B,x B),则服务商收到用户步骤(2)计算并上传的辅助参数(ζ,η),进行以下计算:
    (Ⅰ)计算列a,计算列a的第i行元素a i如下:
    Figure PCTCN2021110269-appb-100053
    其中,A′ i为 步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
    (Ⅱ)计算列H,计算列H的第i行元素H i如下:
    Figure PCTCN2021110269-appb-100054
    其中,
    Figure PCTCN2021110269-appb-100055
    为步骤(1.3)所述辅助数据h列的第i行元素,N 1是步骤(1.3)所述N 1;(Ⅲ)比较
    Figure PCTCN2021110269-appb-100056
    其中,
    Figure PCTCN2021110269-appb-100057
    为步骤(1.3)所述辅助数据h′列的第i行元素,若两者相等,则A列和B列第i行的元素相等;若不相等,则A列和B列第i行的元素不相等;
    若用户对某一列如A列所有行查询是否为某一外部关键字如v,则服务商收到用户上传的辅助参数(v·γ -1,ζ,η)进行以下计算:
    (Ⅰ)计算列γ′,列γ′为服务商根据步骤(1.3)所述辅助数据列γ和用户上传计算出的辅助参数P计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
    Figure PCTCN2021110269-appb-100058
    (Ⅱ)计算列A′,计算如下:列A′的第i行元素
    Figure PCTCN2021110269-appb-100059
    其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
    (Ⅲ)计算列a,计算列a的第i行元素a i如下:
    Figure PCTCN2021110269-appb-100060
    其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
    (Ⅳ)计算列H,计算列H的第i行元素H i如下:
    Figure PCTCN2021110269-appb-100061
    其中,
    Figure PCTCN2021110269-appb-100062
    为步骤(1.3)所述辅助数据h列的第i行元素,N 1是步骤(1.3)所述N 1
    (Ⅴ)比较
    Figure PCTCN2021110269-appb-100063
    其中,
    Figure PCTCN2021110269-appb-100064
    为步骤(1.3)所述辅助数据h′列的第i行元素,若两者相等,则A列第i行的元素与v相等;若不相等,则A列第i行的元素与v不相等;
    对于查询指定范围指令,用户选择两列之间互相比较大小或某一列与同一个常数进行比较大小用于查询指定范围,若用户在两列如A列和B列相同行之间进行比较大小,两列对应的列密钥为(m A,x A)和(m B,x B),服务商收到用户上传的辅助参数P:(ζ,η)进行以下计算:
    (Ⅰ)计算列a,计算列a的第i行元素a i如下:
    Figure PCTCN2021110269-appb-100065
    其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
    (Ⅱ)计算列a′,计算列a′的第i行元素a′ i如下:
    Figure PCTCN2021110269-appb-100066
    其中,
    Figure PCTCN2021110269-appb-100067
    为步骤(1.3)所述辅助数据β列的第i行元素,u iiα i是步骤(1.3)所述u列的第i行元素;
    (Ⅲ)比较a′ i
    Figure PCTCN2021110269-appb-100068
    Figure PCTCN2021110269-appb-100069
    则A列第i行的元素较小;不然,则B列第i行的元素不大于A列第i行的元素;
    若用户对某一列如A列所有行与同一个常数如v进行比较大小,则服务商收到用户上传的辅助参数(v·γ -1,ζ,η),进行以下计算:
    (Ⅰ)计算列γ′,列γ′为服务商根据步骤(1.3)所述辅助数据列γ和用户上传计算出的辅助参数P计算出的新列,列γ′的第i行元素E(γ′) i通过列γ的第i行元素E(γ) i计算:
    Figure PCTCN2021110269-appb-100070
    (Ⅱ)计算列A′,计算如下:列A′的第i行元素
    Figure PCTCN2021110269-appb-100071
    Figure PCTCN2021110269-appb-100072
    其中,A i为A列的第i行元素,E(α) i为步骤(1.3)所述辅助数据α列的第i行元素;
    (Ⅲ)计算列a,计算列a的第i行元素a i如下:
    Figure PCTCN2021110269-appb-100073
    其中,A′ i为步骤(3.1)所述列A′的第i行元素,E(1) i为步骤(1.3)所述辅助数据S列的第i行元素;
    (Ⅳ)计算列a′,计算列a′的第i行元素a′ i如下:
    Figure PCTCN2021110269-appb-100074
    其中,
    Figure PCTCN2021110269-appb-100075
    为步骤(1.3)所述辅助数据β列的第i行元素,u iiα i是步骤(1.3)所述u列的第i行元素;
    (Ⅴ)比较a′ i
    Figure PCTCN2021110269-appb-100076
    Figure PCTCN2021110269-appb-100077
    则A列第i行的元素不小于v;不然,则A列第i行的元素小于v。
PCT/CN2021/110269 2021-08-03 2021-08-03 一种支持可组合sql查询的加密数据库方法 WO2023010273A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2021/110269 WO2023010273A1 (zh) 2021-08-03 2021-08-03 一种支持可组合sql查询的加密数据库方法
US17/888,521 US11734448B2 (en) 2021-08-03 2022-08-16 Method for encrypting database supporting composable SQL query

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/110269 WO2023010273A1 (zh) 2021-08-03 2021-08-03 一种支持可组合sql查询的加密数据库方法

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/888,521 Continuation US11734448B2 (en) 2021-08-03 2022-08-16 Method for encrypting database supporting composable SQL query

Publications (1)

Publication Number Publication Date
WO2023010273A1 true WO2023010273A1 (zh) 2023-02-09

Family

ID=85154944

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/110269 WO2023010273A1 (zh) 2021-08-03 2021-08-03 一种支持可组合sql查询的加密数据库方法

Country Status (2)

Country Link
US (1) US11734448B2 (zh)
WO (1) WO2023010273A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116701493B (zh) * 2023-08-07 2023-10-31 中电信量子科技有限公司 支持模糊查询的数据库操作方法及用户端

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130191650A1 (en) * 2012-01-25 2013-07-25 Massachusetts Institute Of Technology Methods and apparatus for securing a database
CN110750797A (zh) * 2019-09-27 2020-02-04 南京大学 基于组合加密的云数据库加密方法
CN111859426A (zh) * 2020-07-21 2020-10-30 西安电子科技大学 一种通用加密数据库连接器及其设置方法
CN112800088A (zh) * 2021-01-19 2021-05-14 东北大学 基于双向安全索引的数据库密文检索系统及方法

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7529754B2 (en) * 2003-03-14 2009-05-05 Websense, Inc. System and method of monitoring and controlling application files
US8751826B2 (en) * 2009-04-01 2014-06-10 Salesforce.Com, Inc. Enhanced system security
US10594490B2 (en) * 2017-04-24 2020-03-17 Salesforce.Com, Inc. Filtering encrypted data using indexes

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130191650A1 (en) * 2012-01-25 2013-07-25 Massachusetts Institute Of Technology Methods and apparatus for securing a database
CN110750797A (zh) * 2019-09-27 2020-02-04 南京大学 基于组合加密的云数据库加密方法
CN111859426A (zh) * 2020-07-21 2020-10-30 西安电子科技大学 一种通用加密数据库连接器及其设置方法
CN112800088A (zh) * 2021-01-19 2021-05-14 东北大学 基于双向安全索引的数据库密文检索系统及方法

Also Published As

Publication number Publication date
US20230048229A1 (en) 2023-02-16
US11734448B2 (en) 2023-08-22

Similar Documents

Publication Publication Date Title
US8898478B2 (en) Method for querying data in privacy preserving manner using attributes
US8522040B2 (en) Oblivious transfer with access control
US9607161B2 (en) Optimal re-encryption strategy for joins in encrypted databases
US9069987B2 (en) Secure data access using SQL query rewrites
WO2022222813A1 (zh) 针对多方安全数据库的查询优化的方法、装置和系统
US8225107B2 (en) Methods of storing and retrieving data in/from external server
US20040243816A1 (en) Querying encrypted data in a relational database system
US11265153B2 (en) Verifying a result using encrypted data provider data on a public storage medium
US11233660B2 (en) Confidential blockchain transactions
EP1522167A2 (en) Method and apparatus for managing a key management system
US10068106B2 (en) Tokenization column replacement
Yi et al. Privacy-preserving user profile matching in social networks
WO2021238555A1 (zh) 信息搜索
WO2021109718A1 (zh) 一种基于区块链系统的验证方法及装置
Najafi et al. Verifiable ranked search over encrypted data with forward and backward privacy
EP4264472A1 (en) Systems and methods for hard deletion of data across systems
WO2023010273A1 (zh) 一种支持可组合sql查询的加密数据库方法
JP7222106B2 (ja) プライバシーデータのアップリンク方法、デバイス及び記憶媒体
CN114945932A (zh) 使用秘密共享的反馈控制器
WO2022048107A1 (zh) 一种电商平台卖家用户销售额多维统计分析系统及方法
US11947684B2 (en) Searching encrypted data
US11631117B2 (en) Method, system, and non-transitory computer readable storage device for a pooling requirement while preserving privacy
CN113704303B (zh) 一种支持可组合sql查询的加密数据库方法
Muhammad et al. A secure data outsourcing scheme based on Asmuth–Bloom secret sharing
US10187199B2 (en) Aggregation based on splayed data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21952182

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE