CN110457945B - List query method, query party device, service party device and storage medium - Google Patents

List query method, query party device, service party device and storage medium Download PDF

Info

Publication number
CN110457945B
CN110457945B CN201910720387.0A CN201910720387A CN110457945B CN 110457945 B CN110457945 B CN 110457945B CN 201910720387 A CN201910720387 A CN 201910720387A CN 110457945 B CN110457945 B CN 110457945B
Authority
CN
China
Prior art keywords
information
subset
encryption
list
inquiring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910720387.0A
Other languages
Chinese (zh)
Other versions
CN110457945A (en
Inventor
吴焕明
王文超
林俊良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Weiyinglian Information Technology Shenzhen Co ltd
Original Assignee
Weiyinglian Information Technology Shenzhen Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Weiyinglian Information Technology Shenzhen Co ltd filed Critical Weiyinglian Information Technology Shenzhen Co ltd
Priority to CN201910720387.0A priority Critical patent/CN110457945B/en
Publication of CN110457945A publication Critical patent/CN110457945A/en
Application granted granted Critical
Publication of CN110457945B publication Critical patent/CN110457945B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a method for inquiring a name list, inquiring party equipment, service party equipment and a storage medium, wherein the method comprises the following steps: the inquiring party equipment encrypts the personal information to be inquired based on the first private key and a preset exchangeable encryption algorithm to obtain first encrypted information, and desensitization processing is carried out to obtain desensitization information; the service side equipment queries a list based on the plaintext part of the desensitization information to obtain a list subset; the server side equipment encrypts each piece of data in the business form subset based on a second private key and an exchangeable encryption algorithm to obtain a first encrypted subset, and encrypts first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information; and the inquiring party equipment encrypts each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, and determines whether the personal information exists in the list or not based on the second encryption subset and the second encryption information. The invention can improve the efficiency of list query.

Description

List query method, query party device, service party device and storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method for querying a business form, a querying party device, a server device, and a storage medium.
Background
With the development of the mobile internet, more and more private information is collected, transmitted, calculated and exchanged for improving the service quality. However, this also causes a number of problems with respect to the privacy of the individual being compromised. For example, one organization provides another organization with a query interface to query whether the queried person is on a list, such list being made up of a group of individuals with the same characteristics, such as members, black lists, and the like. The conventional query interface needs to provide personal identification information pii (personal identification information) of the queried person, for example, a blacklist, the provided personal identification information may be an identification number, a mobile phone number, or a unique identification code of a mobile phone device. In the inquiring process, even if the inquired person is not in the list, the service party can obtain the personal identity information of the inquired person and simultaneously the business information of the inquiring party is leaked. Here, the problem of information leakage due to private information exchange is a "private set intersection (private set intersection)" problem.
At present, various encryption algorithms can be used to solve the above problems, but the algorithms have common problems: because all the data sets participating in calculation are encrypted and then mutually exchanged to complete the query, both parties are required to exchange a large amount of data, and the processed data volume is large; and the existing encryption algorithm has long calculation time, so that the query efficiency is low, the method is not suitable for a common service system, and the use cost is high.
Disclosure of Invention
The invention aims to provide a method for inquiring a name list, inquiring party equipment, service party equipment and a storage medium, aiming at improving the efficiency of inquiring the name list and effectively protecting the privacy information of the opposite party.
In order to achieve the above object, the present invention provides a method for querying a name list, wherein the method for querying a name list comprises:
the method comprises the steps that inquiring side equipment generates a first private key, personal information to be inquired is encrypted based on the first private key and a preset exchangeable encryption algorithm to obtain first encryption information, desensitization processing is carried out on the personal information to obtain desensitization information, and the first encryption information and the desensitization information are sent to service side equipment;
the server side equipment receives the first encryption information and desensitization information sent by the inquiring side equipment, and inquires a preset list based on a plaintext part of the desensitization information to obtain a list subset;
the server side equipment generates a second private key, encrypts each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypts first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and sends the first encrypted subset and the second encrypted information to the inquiring side equipment;
the inquiring party equipment receives the first encryption subset and second encryption information returned by the service party equipment, encrypts each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, and determines whether the personal information exists in the list based on the second encryption subset and the second encryption information.
Preferably, the step of desensitizing the personal information to obtain desensitized information specifically includes:
and acquiring the characteristic information of the personal information and the data volume of the list, and determining the data bit and the data volume for desensitizing the personal information based on the characteristic information of the personal information and the data volume of the list.
Preferably, after the step of receiving, by the service-side device, the first encryption information and desensitization information sent by the inquiring-side device, inquiring a predetermined list based on a plaintext part of the desensitization information, and obtaining a list subset, the method further includes:
analyzing whether the quantity of data in the subset of nameplates is less than a predetermined quantity;
if so, performing expansion processing on the list subset to enable the number of data in the list subset to be larger than or equal to a preset number;
if not, the expansion processing is not carried out.
Preferably, the step of determining whether the personal information exists in the list based on the second encryption subset and the second encryption information specifically includes:
inquiring whether the second encryption subset has data which is the same as the second encryption information;
if yes, determining that the personal information exists in the list;
if not, determining that the personal information does not exist in the list.
In order to achieve the above object, the present invention further provides an inquiring device, where the inquiring device includes a memory and a processor connected to the memory, the memory stores therein a processing system capable of running on the processor, and the processing system, when executed by the processor, implements the following steps:
generating a first private key, encrypting the personal information to be inquired based on the first private key and a preset exchangeable encryption algorithm to obtain first encryption information, desensitizing the personal information to obtain desensitization information, and sending the first encryption information and the desensitization information to the server side equipment;
receiving a first encryption subset and second encryption information returned by the server side equipment, encrypting each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, determining whether the personal information exists in the list based on the second encryption subset and the second encryption information, wherein the first encryption subset is obtained by inquiring a preset list based on the desensitization information by the server side equipment, and the second encryption information is obtained by encrypting the server side equipment based on the exchangeable encryption algorithm and a second private key generated by the server side equipment.
Preferably, the step of desensitizing the personal information to obtain desensitized information specifically includes:
and acquiring the characteristic information of the personal information and the data volume of the list, and determining the data bit and the data volume for desensitizing the personal information based on the characteristic information of the personal information and the data volume of the list.
In order to achieve the above object, the present invention further provides a server device, where the server device includes a memory and a processor connected to the memory, the memory stores a processing system capable of running on the processor, and the processing system, when executed by the processor, implements the following steps:
receiving first encryption information and desensitization information sent by inquiring party equipment, inquiring a preset list based on a plaintext part of the desensitization information to obtain a list subset, wherein the first encryption information is obtained by encrypting the inquiring party equipment based on a preset exchangeable encryption algorithm and a first private key generated by the inquiring party equipment, and the desensitization information is obtained by desensitizing the inquiring party equipment to-be-inquired personal information;
the server side equipment generates a second private key, encrypts each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypts first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and sends the first encrypted subset and the second encrypted information to the inquiring side equipment.
Preferably, the processing system, when executed by the processor, further implements the steps of:
analyzing whether the quantity of data in the subset of nameplates is less than a predetermined quantity;
if so, performing expansion processing on the list subset to enable the number of data in the list subset to be larger than or equal to a preset number;
if not, the expansion processing is not carried out.
The present invention also provides a computer readable storage medium having stored thereon a processing system which, when executed by a processor, implements the steps of the method performed by the querier device described above.
The present invention also provides a computer readable storage medium having stored thereon a processing system, which when executed by a processor implements the steps of the method performed by the server device described above.
The invention has the beneficial effects that: the invention provides a method for inquiring a name list, inquiring party equipment, service party equipment and a storage medium, wherein the inquiring party equipment desensitizes and encrypts personal information and sends the personal information to a service party, the service party searches for a list subset through a plaintext part of desensitization information and encrypts each piece of data of the list subset to obtain a first encryption subset, the personal information encrypted by the inquiring party is secondarily encrypted and then returned to the inquiring party, and the inquiring party secondarily encrypts the first encryption subset to obtain a second encryption subset. When inquiring whether a person is in the list of the other side or not between the organizations, the data volume needing to be processed by adopting the inquiring method of the invention is small, the inquiring efficiency can be improved, and the privacy information between the organizations is effectively protected.
Drawings
FIG. 1 is a diagram of a hardware architecture of an embodiment of a querier device of the present invention;
FIG. 2 is a block diagram of a process of one embodiment of the processing system of FIG. 1;
FIG. 3 is a diagram illustrating a hardware architecture of an embodiment of a server device according to the present invention;
FIG. 4 is a block diagram of a process of one embodiment of the processing system of FIG. 3;
FIG. 5 is a flowchart illustrating a method for querying a list according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the description relating to "first", "second", etc. in the present invention is for descriptive purposes only and is not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In addition, technical solutions between various embodiments may be combined with each other, but must be realized by a person skilled in the art, and when the technical solutions are contradictory or cannot be realized, such a combination should not be considered to exist, and is not within the protection scope of the present invention.
Fig. 1 is a schematic diagram of a hardware architecture of an embodiment of the querier device of the present invention. The inquirer device 1 is a device capable of automatically performing numerical calculation and/or information processing in accordance with an instruction set or stored in advance. The inquiring device 1 may be a computer, or may be a single network server, a server group composed of a plurality of network servers, or a cloud composed of a large number of hosts or network servers based on cloud computing, where cloud computing is one of distributed computing and is a super virtual computer composed of a group of loosely coupled computers.
In the present embodiment, the inquiring device 1 may include, but is not limited to, a memory 11, a processor 12, and a network interface 13, which may be communicatively connected to each other through a system bus, wherein the memory 11 stores a processing system 10 that may be run on the processor 12. It is noted that FIG. 1 only shows querier device 1 with components 11-13, but it is understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead.
The storage 11 includes a memory and at least one type of readable storage medium. The memory provides cache for the operation of the inquiring party equipment 1; the readable storage medium may be a non-volatile storage medium such as flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the readable storage medium may be an internal storage unit of the inquirer device 1, such as a hard disk of the inquirer device 1; in other embodiments, the non-volatile storage medium may also be an external storage device of the inquiring-side device 1, such as a plug-in hard disk provided on the inquiring-side device 1, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and so on. In this embodiment, the readable storage medium of the memory 11 is generally used for storing an operating system and various types of application software installed in the querier device 1, for example, program codes of the processing system 10 in an embodiment of the present invention. Further, the memory 11 may also be used to temporarily store various types of data that have been output or are to be output.
The processor 12 may be, in some embodiments, a Central Processing Unit (CPU), a controller, a microcontroller, a microprocessor, or other data Processing chip, and is used for executing program codes stored in the memory 11 or Processing data, such as the Processing system 10.
The network interface 13 may comprise a standard wireless network interface, a wired network interface, and the network interface 13 is typically used for establishing a communication connection between the inquirer device 1 and other electronic devices.
The processing system 10 is stored in the memory 11 and includes at least one computer-readable instruction stored in the memory 11, which is executable by the processor 12 to implement the methods of the embodiments of the present application; and the at least one computer readable instruction may be divided into different logic blocks depending on the functions implemented by the respective portions.
In one embodiment, the processing system 10 as described above, when executed by the processor 12, implements the steps of:
generating a first private key, encrypting the personal information to be inquired based on the first private key and a preset exchangeable encryption algorithm to obtain first encryption information, desensitizing the personal information to obtain desensitization information, and sending the first encryption information and the desensitization information to the server side equipment;
receiving a first encryption subset and second encryption information returned by the server side equipment, encrypting each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, determining whether the personal information exists in the list based on the second encryption subset and the second encryption information, wherein the first encryption subset is obtained by inquiring a preset list based on the desensitization information by the server side equipment, and the second encryption information is obtained by encrypting the server side equipment based on the exchangeable encryption algorithm and a second private key generated by the server side equipment.
Further, the step of desensitizing the personal information to obtain desensitized information specifically includes: and acquiring the characteristic information of the personal information and the data volume of the list, and determining the data bit and the data volume for desensitizing the personal information based on the characteristic information of the personal information and the data volume of the list.
Referring now to FIG. 2, a block diagram of a process of the processing system 10 of FIG. 1 is shown. The processing system 10 is partitioned into a plurality of modules that are stored in the memory 12 and executed by the processor 13 to accomplish the present invention. The modules referred to herein are referred to as a series of computer program instruction segments capable of performing specified functions.
The processing system 10 may be divided into: a processing module 101 and a determining module 102.
The processing module 101 is configured to generate a first private key, encrypt personal information to be queried based on the first private key and a predetermined exchangeable encryption algorithm to obtain first encryption information, perform desensitization processing on the personal information to obtain desensitization information, and send the first encryption information and the desensitization information to the server device;
the determining module 102 is configured to receive a first encryption subset and second encryption information returned by the service-side device, encrypt each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, determine whether the personal information exists in the list based on the second encryption subset and the second encryption information, where the first encryption subset is obtained by querying a predetermined list for the service-side device based on the desensitization information, and the second encryption information is obtained by encrypting the service-side device based on the exchangeable encryption algorithm and a second private key generated by the service-side device.
Fig. 3 is a schematic diagram of a hardware architecture of an embodiment of the server device according to the present invention. The server device 2 is a device capable of automatically performing numerical calculation and/or information processing in accordance with a command set or stored in advance. The server device 2 may be a computer, or may be a single network server, a server group composed of a plurality of network servers, or a cloud composed of a large number of hosts or network servers based on cloud computing, where cloud computing is one of distributed computing and is a super virtual computer composed of a group of loosely coupled computers.
In the present embodiment, the server device 2 may include, but is not limited to, a memory 21, a processor 22, and a network interface 23, which may be communicatively connected to each other through a system bus, wherein the memory 21 stores a processing system 20 that may be executed on the processor 22. It is noted that fig. 3 only shows the server device 2 with components 21-23, but it is to be understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead.
The memory 21, the processor 22, and the network interface 23 are basically similar to the memory 11, the processor 12, and the network interface 13, and refer to the functions and other description parts of the memory 11, the processor 12, and the network interface 13, respectively, which are not described herein again.
The processing system 20 is stored in the memory 21 and includes at least one computer readable instruction stored in the memory 21, the at least one computer readable instruction being executable by the processor 22 to implement the methods of the embodiments of the present application; and the at least one computer readable instruction may be divided into different logic blocks depending on the functions implemented by the respective portions.
In one embodiment, the processing system 20 described above, when executed by the processor 22, performs the following steps:
receiving first encryption information and desensitization information sent by inquiring party equipment, inquiring a preset list based on a plaintext part of the desensitization information to obtain a list subset, wherein the first encryption information is obtained by encrypting the inquiring party equipment based on a preset exchangeable encryption algorithm and a first private key generated by the inquiring party equipment, and the desensitization information is obtained by desensitizing the inquiring party equipment to-be-inquired personal information;
and generating a second private key, encrypting each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypting the first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and sending the first encrypted subset and the second encrypted information to the inquiring party equipment.
Further, when executed by the processor, the processing system further implements the steps of:
analyzing whether the quantity of data in the subset of nameplates is less than a predetermined quantity;
if so, performing expansion processing on the list subset to enable the number of data in the list subset to be larger than or equal to a preset number;
if not, the expansion processing is not carried out.
Referring now to FIG. 4, a block diagram of a process of processing system 20 of FIG. 3 is shown. The processing system 20 is partitioned into a plurality of modules that are stored in the memory 22 and executed by the processor 23 to implement the present invention. The modules referred to herein are referred to as a series of computer program instruction segments capable of performing specified functions.
The processing system 20 may be divided into: a query module 201 and an encryption module 202.
The inquiring module 201 is configured to receive first encryption information and desensitization information sent by an inquiring party device, and query a predetermined list based on a plaintext part of the desensitization information to obtain a list subset, where the first encryption information is obtained by encrypting the inquiring party device based on a predetermined exchangeable encryption algorithm and a first private key generated by the inquiring party device, and the desensitization information is obtained by desensitizing the inquiring party device to-be-inquired personal information;
the encryption module 202 is configured to generate a second private key, encrypt each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypt the first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and send the first encrypted subset and the second encrypted information to the inquiring-party device.
The specific principle of the inquiring-party device 1 and the service-party device 2 is described with reference to the following flowchart of fig. 5 about the list inquiring method.
As shown in fig. 5, fig. 5 is a flowchart illustrating an embodiment of a method for querying a list according to the present invention, where the method includes the following steps:
step S1, the inquiring side device generates a first private key, encrypts the personal information to be inquired based on the first private key and a preset exchangeable encryption algorithm to obtain first encryption information, desensitizes the personal information to obtain desensitization information, and sends the first encryption information and the desensitization information to the service side device;
preferably, the predetermined exchangeable encryption algorithm may use the Diffie-Hellman key exchange protocol, and the exchangeable encryption algorithm is characterized in that different keys are used to successively encrypt the same data, the obtained result is independent of the encryption order, and the encryption algorithm is denoted as F, and if the message M is encrypted by the keys K1 and K2, respectively, there is FK1(FK2(M))=FK2(FK1(M))。
In this embodiment, the desensitization process is not a strict data encryption technique, but a desensitization process, and specifically includes: and acquiring the characteristic information of the personal information and the data volume of the list, and determining the data bit and the data volume for desensitizing the personal information based on the characteristic information of the personal information and the data volume of the list.
The data bits which are desensitized and the number of desensitized bits of the personal information need to be determined according to the characteristic information of the personal information and the data volume of the list, so as to ensure that the list subset obtained each time is not too large, and reduce the encryption calculation amount and the exchanged data volume.
For the characteristic information of the personal information, which includes sensitive information and/or random information, desensitization processing is preferentially performed on the characteristic information. If the personal information is the ID card number, the sensitive information is the date of birth year and month, and the random information is the last 4 bits; if the personal information is a mobile phone number, the first 3 bits are network identification codes, the middle 4 bits are regional codes, and the last 4 bits are random codes, so that the desensitization treatment of the first 3 bits and the middle 4 bits is of little significance, the last 4 bits have randomness, and the desensitization treatment of the last 4 bits of the mobile phone number is general. Of course, in the case of less characteristic information, other information may be simultaneously desensitized, and the desensitizing process may be to hide the characteristic information.
For the size of the data volume in the list, the inquiring party can request the service party to obtain the size of the data volume in the list; if the size of the data amount in the list is not available to the inquiring party, the size of the data amount in the list can be estimated, for example, a member list of a certain Userra can estimate the number of members to be hundreds or thousands of persons.
The data bit and the data volume for desensitization processing of the personal information are determined based on the characteristic information of the personal information and the size of the data volume in the list, the relationship between the characteristic information of the personal information and the data bit for desensitization processing and the relationship between the data volume in the list and the data volume for desensitization processing can be configured in advance, and the data bit and the data volume for desensitization processing can be determined based on the two relationships. For example, if the amount of data in the list is small and smaller than a predetermined amount of data, the confidentiality is particularly important, and more bits can be desensitized to the characteristic information in the personal information in order to improve the confidentiality; if the amount of data in the list is large, the query efficiency is more important, and in order to improve the query efficiency, less bits of characteristic information in the personal information can be desensitized.
For example, the last 8 bits are hidden by desensitizing an 18-bit identification number 110101199003076974 to get 1101011990xxxxxx, or the last 4 bits are hidden by an 11-bit cell phone number 13812341234 to get P' ═ 1381234 xxxx.
Step S2, the service side device receives the first encryption information and desensitization information sent by the inquiring side device, and inquires a predetermined list based on a plaintext part of the desensitization information to obtain a list subset;
in this embodiment, after the service side device receives the first encrypted information and the desensitization information sent by the inquiring side device, since the first private key of the inquiring side cannot be obtained, the first encrypted information cannot be decrypted, and the corresponding personal information cannot be accurately determined through the desensitization information, the service side cannot know the personal information to be inquired by the inquiring side, and the security of the personal information to be inquired by the inquiring side can be ensured.
The service side device queries a predetermined list through a plaintext part of the desensitization information, for example, the service side device queries all mobile phone numbers in the list through the desensitization information "mobile phone number 1381234 xxxx", queries all mobile phone numbers beginning with 1381234 in the list, and obtains a list subset. If the personal information is in the list, it must be in the subset of the list; if the personal information is not on the list, it must not be in the subset of the list.
Further, after the server side device queries the obtained list subset, in order to further improve the security of the personal information, the server side device further includes the following steps after querying the obtained list subset:
analyzing whether the quantity of data in the subset of nameplates is less than a predetermined quantity;
if so, performing expansion processing on the list subset to enable the number of data in the list subset to be larger than or equal to a preset number;
if not, the expansion processing is not carried out.
Wherein if the number of data in the subset of namelists is less than a predetermined number (e.g., less than 10), 0 or single digit, some partial features about the subset of namelists are easily revealed: if the number of the data of the list subset is 0, the personal information is not in the list, and the personal information is leaked; the number of data in the list subset is a single digit, and the range is reduced due to the small number, and the service party is likely to be able to guess the personal information. Therefore, the list subset needs to be expanded, and preferably, illegal data is selected to be expanded into the list subset, so that the number of data in the list subset is greater than or equal to a predetermined number. For example, a mobile phone number may be supplemented with data like 99912345678, and the supplemented illegal data will not reveal any information and will not affect the final query result.
Step S3, the service device generates a second private key, encrypts each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypts the first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and sends the first encrypted subset and the second encrypted information to the inquiring device;
in this embodiment, the server device encrypts each piece of data in the subset of tickets for the first time by using the second private key and the exchangeable encryption algorithm, and encrypts the first encryption information for the second time by using the second private key and the exchangeable encryption algorithm.
Step S4, the inquiring device receives the first encrypted subset and the second encrypted information returned by the service device, encrypts each piece of data in the first encrypted subset based on the first private key and the exchangeable encryption algorithm to obtain a second encrypted subset, and determines whether the personal information exists in the list based on the second encrypted subset and the second encrypted information.
After the inquiring party device receives the first encrypted subset and the second encrypted information returned by the service party device, the inquiring party device cannot know the list of the service party and can ensure the safety of the list information of the service party because the second private key of the service party cannot be obtained and the first encrypted subset cannot be decrypted.
After receiving the first encryption subset and the second encryption information returned by the server side equipment, the inquiring side equipment encrypts each piece of data in the first encryption subset for the second time by using the first private key and the exchangeable encryption algorithm.
Wherein the step of determining whether the personal information exists in the list based on the second encryption subset and the second encryption information specifically includes:
inquiring whether the second encryption subset has data which is the same as the second encryption information;
if yes, determining that the personal information exists in the list;
if not, determining that the personal information does not exist in the list.
The present embodiment is based on the above-mentioned characteristics of the exchangeable encryption algorithm, the inquiring device determines that the personal information of the inquiring party exists in the list of the service party by inquiring whether there is data in the second encryption subset that is the same as the second encryption information, if there is data in the second encryption subset that is the same as the second encryption information, and if there is no data in the second encryption subset that is the same as the second encryption information, determines that the personal information of the inquiring party does not exist in the list of the service party.
The inquiring side device performs the searching operation locally, the service side device cannot know the final inquiring result (namely whether the personal information is in the list), and the information safety can be ensured.
The following description takes the query of the mobile phone number blacklist as an example:
1. the inquiring party A wants to inquire whether the mobile phone number P is 13812340004 in the blacklist library of the service party B. The blacklist bank of the service party B contains these numbers {13812340001, 13812340002, 13812340004 };
2. the inquiring party A encrypts the mobile phone number P by using the private key KA and a predetermined exchangeable encryption algorithm to obtain FKA(13812340004) and desensitizing the phone number P to obtain 1381234xxxx, FKA(13812340004) and 1381234xxxx are sent to the service part B;
3. the service party B queries the blacklist library of the service party B by using 1381234xxxx, and finds that 3 records {13812340001, 13812340002 and 13812340004} meet the conditions, but the number of the records is less than 10, and the service party B randomly expands the list subset to fill 10 data: {13812340001, 13812340002, 13812340004, 99912340001, 99912340002, 99912340003, 99912340004, 99912340005, 99912340006, 99912340007 };
encrypting each piece of data by using a private key KB and an exchangeable encryption algorithm to obtain a first encryption subset { F }KB(13812340001),FKB(13812340002),FKB(13812340004),FKB(99912340001),FKB(99912340002),FKB(99912340003),FKB(99912340004),FKB(99912340005),FKB(99912340006),FKB(99912340007)};
At the same time, the server B pairs FKA(13812340004) the encryption is again performed to obtain calculation FKB(FKA(13812340004)), and finally, the two results after encryption are transmitted back to the querier a.
4. The inquiring party A encrypts each piece of data { F) in the first encryption subset by using the private key KA and the exchangeable encryption algorithmKA(FKB(13812340001)),FKA(FKB(13812340002)),FKA(FKB(13812340004)),FKA(FKB(99912340001)),FKA(FKB(99912340002)),FKA(FKB(99912340003)),FKA(FKB(99912340004)),FKA(FKB(99912340005)),FKA(FKB(99912340006)),FKA(FKB(99912340007)) }, resulting in a second encrypted subset;
due to FKB(FKA(13812340004)) and FKA(FKB(13812340004)) is equal, querier a can find this data in this second encrypted subset, which proves 13812340004 to be in the blacklist repository for service B. In this process, the service party B does not know the number 13812340004 queried by the querying party a, nor does the querying party a know what number is specifically contained in the blacklist library of the service party B.
Furthermore, the embodiment of the present invention also provides a computer-readable storage medium, which may be any one or any combination of a hard disk, a multimedia card, an SD card, a flash memory card, an SMC, a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM), a portable compact disc read only memory (CD-ROM), a USB memory, and the like. The computer-readable storage medium includes a processing system, and the processing system implements the functions when executed by the processor, please refer to the above description about the inquiring-side device or the serving-side device in fig. 5, which is not described herein again.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A method for querying a name list, comprising:
the method comprises the steps that inquiring side equipment generates a first private key, personal information to be inquired is encrypted based on the first private key and a preset exchangeable encryption algorithm to obtain first encryption information, desensitization processing is carried out on the personal information to obtain desensitization information, and the first encryption information and the desensitization information are sent to service side equipment;
the server side equipment receives the first encryption information and desensitization information sent by the inquiring side equipment, and inquires a preset list based on a plaintext part of the desensitization information to obtain a list subset;
the server side equipment generates a second private key, encrypts each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypts first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and sends the first encrypted subset and the second encrypted information to the inquiring side equipment;
the inquiring party equipment receives the first encryption subset and second encryption information returned by the service party equipment, encrypts each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, and determines whether the personal information exists in the list based on the second encryption subset and the second encryption information.
2. The method of claim 1, wherein the step of desensitizing the personal information to obtain desensitization information comprises:
and acquiring the characteristic information of the personal information and the data volume of the list, and determining the data bit and the data volume for desensitizing the personal information based on the characteristic information of the personal information and the data volume of the list.
3. The method of claim 1, wherein the step of the server device receiving the first encryption information and desensitization information sent by the inquiring device, inquiring a predetermined list based on a plaintext part of the desensitization information, and obtaining a list subset further comprises:
analyzing whether the quantity of data in the subset of nameplates is less than a predetermined quantity;
if so, performing expansion processing on the list subset to enable the number of data in the list subset to be larger than or equal to a preset number;
if not, the expansion processing is not carried out.
4. The method of any of claims 1-3, wherein the step of determining whether the personal information is on the list based on the second encrypted subset and the second encrypted information comprises:
inquiring whether the second encryption subset has data which is the same as the second encryption information;
if yes, determining that the personal information exists in the list;
if not, determining that the personal information does not exist in the list.
5. An inquirer device, comprising a memory and a processor connected to the memory, the memory having stored therein a processing system operable on the processor, the processing system when executed by the processor implementing the steps of:
generating a first private key, encrypting the personal information to be inquired based on the first private key and a preset exchangeable encryption algorithm to obtain first encryption information, desensitizing the personal information to obtain desensitization information, and sending the first encryption information and the desensitization information to the server side equipment;
receiving a first encryption subset and second encryption information returned by the server side equipment, encrypting each piece of data in the first encryption subset based on the first private key and the exchangeable encryption algorithm to obtain a second encryption subset, determining whether the personal information exists in a list or not based on the second encryption subset and the second encryption information, wherein the first encryption subset is obtained by inquiring a preset list based on the desensitization information by the server side equipment to obtain a list subset, generating a second private key, encrypting each piece of data in the list subset based on a second private key generated by the server side equipment and the exchangeable encryption algorithm, and the second encryption information is obtained by encrypting the first encryption information by the server side equipment based on the exchangeable encryption algorithm and the second private key generated by the server side equipment.
6. The inquiring-party device of claim 5, wherein the step of desensitizing the personal information to obtain desensitization information specifically comprises:
and acquiring the characteristic information of the personal information and the data volume of the list, and determining the data bit and the data volume for desensitizing the personal information based on the characteristic information of the personal information and the data volume of the list.
7. A server device, comprising a memory and a processor coupled to the memory, wherein the memory has stored therein a processing system operable on the processor, and wherein the processing system when executed by the processor performs the steps of:
receiving first encryption information and desensitization information sent by inquiring party equipment, inquiring a preset list based on a plaintext part of the desensitization information to obtain a list subset, wherein the first encryption information is obtained by encrypting to-be-inquired personal information by the inquiring party equipment based on a preset exchangeable encryption algorithm and a first private key generated by the inquiring party equipment, and the desensitization information is obtained by desensitization processing to-be-inquired personal information by the inquiring party equipment;
the server side equipment generates a second private key, encrypts each piece of data in the business form subset based on the second private key and the exchangeable encryption algorithm to obtain a first encrypted subset, encrypts first encrypted information based on the second private key and the exchangeable encryption algorithm to obtain second encrypted information, and sends the first encrypted subset and the second encrypted information to the inquiring side equipment.
8. The server apparatus of claim 7, wherein the processing system, when executed by the processor, further performs the steps of:
analyzing whether the quantity of data in the subset of nameplates is less than a predetermined quantity;
if so, performing expansion processing on the list subset to enable the number of data in the list subset to be larger than or equal to a preset number;
if not, the expansion processing is not carried out.
9. A computer-readable storage medium, having stored thereon a processing system which, when executed by a processor, performs the steps of the method performed by an inquirer device as defined in any of claims 1 to 4.
10. A computer-readable storage medium, having stored thereon a processing system which, when executed by a processor, carries out the steps of the method performed by a server device according to any one of claims 1 to 4.
CN201910720387.0A 2019-08-01 2019-08-01 List query method, query party device, service party device and storage medium Active CN110457945B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910720387.0A CN110457945B (en) 2019-08-01 2019-08-01 List query method, query party device, service party device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910720387.0A CN110457945B (en) 2019-08-01 2019-08-01 List query method, query party device, service party device and storage medium

Publications (2)

Publication Number Publication Date
CN110457945A CN110457945A (en) 2019-11-15
CN110457945B true CN110457945B (en) 2021-03-02

Family

ID=68485003

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910720387.0A Active CN110457945B (en) 2019-08-01 2019-08-01 List query method, query party device, service party device and storage medium

Country Status (1)

Country Link
CN (1) CN110457945B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110895611B (en) * 2019-11-26 2021-04-02 支付宝(杭州)信息技术有限公司 Data query method, device, equipment and system based on privacy information protection
CN111461728B (en) * 2020-03-31 2023-03-10 支付宝(杭州)信息技术有限公司 Risk identification method, device and system
CN111177769A (en) * 2020-04-10 2020-05-19 支付宝(杭州)信息技术有限公司 Private data protection list query method and related list query system
CN112182107B (en) * 2020-09-29 2023-11-03 中国平安财产保险股份有限公司 List data acquisition method, device, computer equipment and storage medium
CN112989027B (en) * 2021-02-01 2024-04-12 中金金融认证中心有限公司 Method for querying lists and for providing list querying services and related products
CN112836239A (en) * 2021-02-19 2021-05-25 支付宝(杭州)信息技术有限公司 Method and device for cooperatively determining target object data by two parties for protecting privacy
CN113434906B (en) * 2021-07-05 2024-01-16 平安科技(深圳)有限公司 Data query method, device, computer equipment and storage medium
CN113434890B (en) * 2021-07-07 2022-07-15 海通证券股份有限公司 Data query method and system and readable storage medium
CN114840867B (en) * 2022-07-01 2022-09-20 北京融数联智科技有限公司 Data query method, device and system based on exchangeable encrypted data confusion
CN115544579B (en) * 2022-11-24 2023-03-28 北京融数联智科技有限公司 Double-random data confusion query method, device and system

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7418600B2 (en) * 2003-03-13 2008-08-26 International Business Machines Corporation Secure database access through partial encryption
US7290150B2 (en) * 2003-06-09 2007-10-30 International Business Machines Corporation Information integration across autonomous enterprises
CN103345526B (en) * 2013-07-22 2016-12-28 武汉大学 A kind of efficient secret protection cryptogram search method under cloud environment
CN106033461A (en) * 2015-03-19 2016-10-19 阿里巴巴集团控股有限公司 Sensitive information query method and apparatus
CN107682303B (en) * 2016-08-02 2020-11-10 北京宸信征信有限公司 System and method for encrypting and inquiring personal sensitive information
CN106909617B (en) * 2017-01-13 2019-06-21 华东师范大学 A kind of personalized privacy information search method based on data fitting
CN106844599B (en) * 2017-01-13 2019-06-21 华东师范大学 A kind of personalized privacy information search method based on data mapping
CN109165526B (en) * 2018-08-24 2022-10-18 武汉丰普科技股份有限公司 Big data security and privacy protection method and device and storage medium

Also Published As

Publication number Publication date
CN110457945A (en) 2019-11-15

Similar Documents

Publication Publication Date Title
CN110457945B (en) List query method, query party device, service party device and storage medium
CN100487715C (en) Date safety storing system, device and method
CN106790156B (en) Intelligent device binding method and device
CN112507365B (en) Data matching method, terminal and storage medium
CN112953974B (en) Data collision method, device, equipment and computer readable storage medium
CN113420049B (en) Data circulation method, device, electronic equipment and storage medium
CN113127915A (en) Data encryption desensitization method and device, electronic equipment and storage medium
CN111404892B (en) Data supervision method and device and server
CN114139204A (en) Method, device and medium for inquiring hiding trace
CN111563268B (en) Data encryption method and device based on matrix operation and storage medium
CN111914279A (en) Efficient and accurate privacy intersection system, method and device
CN115982761A (en) Sensitive information processing method and device, electronic equipment and storage medium
CN113434906B (en) Data query method, device, computer equipment and storage medium
CN112287371B (en) Method and device for storing industrial data and computer equipment
CN111628863B (en) Data signature method and device, electronic equipment and storage medium
CN105409159A (en) Key storage device, key storage method, and program therefor
CN113434890B (en) Data query method and system and readable storage medium
CN113946862A (en) Data processing method, device and equipment and readable storage medium
CN113312650B (en) Transaction log privacy protection method and device
CN117499159B (en) Block chain-based data transaction method and device and electronic equipment
CN114793156B (en) Data processing method, device, equipment and storage medium
CN114170014A (en) Processing method and device for blockchain transaction, computer equipment and storage medium
CN115688124A (en) Intersection data transmission method and device and electronic equipment
CN114091064A (en) Data transfer method, device, equipment and storage medium
CN116318991A (en) Sensitive data desensitization method, device and medium based on cloud service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant