CN111046432B - Safety data processing method and system - Google Patents
Safety data processing method and system Download PDFInfo
- Publication number
- CN111046432B CN111046432B CN201911291202.5A CN201911291202A CN111046432B CN 111046432 B CN111046432 B CN 111046432B CN 201911291202 A CN201911291202 A CN 201911291202A CN 111046432 B CN111046432 B CN 111046432B
- Authority
- CN
- China
- Prior art keywords
- private data
- local path
- data terminal
- binary tree
- layer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the specification discloses a secure data processing method and system. The method comprises the following steps: the service information is corresponding to a binary tree, non-leaf sub-nodes of the binary tree correspond to data values of the service information, and leaf nodes of the binary tree correspond to processing results of the service information; the data value of the service information corresponding to the non-leaf node of the binary tree is calculated by first private data and second private data in a secret sharing mode, the first private data is held by a first private data terminal, and the second private data is held by a second private data terminal; determining a first local path and a second local path layer by layer for each layer from the topmost layer of the binary tree downwards; repeating the steps until the leaf node reaches the level; the first local path is stored in the first private data terminal, and the second local path is stored in the second private data terminal; the node path is calculated by the first local path and the second local path in a secret sharing mode.
Description
Technical Field
One or more embodiments of the present specification relate to the field of secure multiparty computing, and more particularly, to a secure data processing method and system.
Background
The secure multi-party computation is also called multi-party secure computation, namely, a plurality of parties compute the result of a function together without revealing the input data of each party of the function, and the computed result is disclosed to one or more parties. Therefore, through the safe multi-party calculation, the participating parties can safely calculate the result without exposing respective original data.
The tree model is a very important model in machine learning, a safety tree searching function is required when the tree model is used for prediction, interaction times required by the safety tree searching method increase exponentially along with the increase of the depth of the tree, and excessive transmission quantity is consumed. Therefore, there is a need to provide a method and system for secure data processing.
Disclosure of Invention
One aspect of the present specification provides a secure data processing method. The method comprises the following steps: the service information is corresponding to a binary tree, a non-leaf subnode of the binary tree corresponds to a data value of the service information, and a leaf subnode of the binary tree corresponds to a processing result of the service information; the data value of the service information corresponding to the non-leaf node of the binary tree is calculated by first private data and second private data in a secret sharing mode, the first private data is held by a first private data terminal, and the second private data is held by a second private data terminal; downwards from the topmost level of the binary tree, and determining a first local path and a second local path layer by layer aiming at each level; and analogizing step by step until the level of the leaf node is reached; wherein the first local path is stored at a first private data terminal and the second local path is stored at a second private data terminal; the node path is calculated by the first local path and the second local path in a secret sharing mode.
Another aspect of the specification provides a secure data processing system. The system comprises: a service information corresponding module and a local path calculation module; wherein: the service information corresponding module is used for corresponding the service information to a binary tree, wherein non-leaf subnodes of the binary tree correspond to data values of the service information, and leaf subnodes of the binary tree correspond to processing results of the service information; the data value of the service information corresponding to the non-leaf node of the binary tree is calculated by first private data and second private data in a secret sharing mode, the first private data is held by a first private data terminal, and the second private data is held by a second private data terminal; the local path calculation module is used for determining a first local path and a second local path layer by layer according to each layer from the topmost layer of the binary tree downwards; and analogizing step by step until the level of the leaf node is reached; wherein the first local path is stored at a first private data terminal and the second local path is stored at a second private data terminal; the node path is calculated by the first local path and the second local path in a secret sharing mode.
Another aspect of the present specification provides a secure data processing apparatus comprising at least one storage medium and at least one processor, the storage medium for storing computer instructions; the processor is used for executing the secure data processing method in any embodiment of the specification.
Another aspect of the present specification provides a computer-readable storage medium storing computer instructions, and when the computer reads the computer instructions in the storage medium, the computer executes the secure data processing method according to any one of the embodiments of the present specification.
Drawings
FIG. 1 is a diagram of an application scenario of a secure data processing system, shown in accordance with some embodiments of the present description;
FIG. 2 is a schematic diagram of a secure data processing method according to some embodiments of the present description;
FIG. 3 is a schematic diagram of path computation of a binary tree shown in accordance with some embodiments of the present description;
FIG. 4 is an exemplary flow diagram of a first local path generation method shown in accordance with some embodiments of the present description; and
FIG. 5 is a schematic diagram of local path computation, shown in accordance with some embodiments of the present description.
Detailed Description
In order to more clearly illustrate the technical solution of one or more embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only examples or embodiments of the present description, and that for a person skilled in the art, one or more embodiments of the present description can also be applied to other similar scenarios according to these drawings without inventive effort. Unless otherwise apparent from the context, or otherwise indicated, like reference numbers in the figures refer to the same structure or operation.
It should be understood that "system", "device", "unit" and/or "module" as used herein is a method for distinguishing different components, elements, parts, portions or assemblies at different levels. However, other words may be substituted by other expressions if they accomplish the same purpose.
As used in one or more embodiments of the present specification and in the claims, the terms "a," "an," and/or "the" are not intended to be inclusive of the plural form as long as the context clearly indicates the exception. In general, the terms "comprises" and "comprising" merely indicate that steps and elements are included which are explicitly identified, that the steps and elements do not form an exclusive list, and that a method or apparatus may include other steps or elements.
Flow diagrams are used in one or more embodiments of the present description to illustrate the operations performed by a system in accordance with one or more embodiments of the present description. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, the various steps may be processed in reverse order or simultaneously. Meanwhile, other operations may be added to the processes, or a certain step or several steps of operations may be removed from the processes.
FIG. 1 is a diagram of an application scenario of a secure data processing system, shown in accordance with some embodiments of the present description.
In the process of processing the business information, safe multiparty calculation can be carried out through a machine learning model, and a predicted value is finally obtained. In the multi-party security calculation process, some information needs to be stored in a binary tree mode. Further, two parties need to separately store partial data of the binary tree, and neither party can separately obtain data without assistance from the other party.
In the binary tree shown in fig. 3, the data values in each node are stored separately on both sides, and neither side is aware of the data stored on the other side, nor can either side obtain the data alone without the assistance of the other side. In this specification, two parties are referred to as a party a and a party b, respectively, and both the party a and the party b possess partial features of data, and it is desirable to obtain a prediction result based on the features.
The secure data processing system 100 shown in FIG. 1 may obtain a prediction by implementing the methods and/or processes disclosed herein while securing data held by both parties.
In some embodiments, secure data processing system 100 may be used in a number of industries, such as finance, banking, insurance, merchant, and so forth. For example, a financial institution has personal characteristic data of a user, a lending institution has lending information data of the user, a third party has machine learning model data, and the financial institution and the lending institution wish to establish a model for assessing the credit rating of the user according to the personal characteristic data of the user owned by the financial institution, the lending information data of the user and the machine learning model data owned by the third party, wherein the model can be used for credit business of the lending institution or the financial institution, determining the credit rating of the user applying for loan, and further determining whether to offer the loan to the user. The financial institution and the lending institution do not want the other party to know the data held by the financial institution and the lending institution in order to secure their own interests, and thus the lending information data of the user and the personal characteristic data of the user are stored in the two parties, respectively, without being known by the other party.
The secure data processing system 100 may be an online cloud storage platform including a server 110, a network 120, a first private data terminal 130, and a second private data terminal 140. The server 110 may include a processing device 112.
In some embodiments, the server 110 may be used to process information and/or data related to secure data lookups. For example, the server 110 may map the traffic information to a binary tree. In some embodiments, the server 110 may be a server of the querying terminal. The server 110 may be a stand-alone server or a group of servers. The set of servers can be centralized or distributed (e.g., server 110 can be a distributed system). The server 110 may be regional or remote in some embodiments. For example, the server 110 may access data and/or information stored in the first private data terminal 130 and the second private data terminal 140 via the network 120. In some embodiments, the server 110 may directly connect with the first private data terminal 130 and the second private data terminal 140 to access data and/or information stored therein. In some embodiments, the server 110 may also be a server of the first private data terminal 130 or the second private data terminal 140. In some embodiments, the server 110 may execute on a cloud platform. For example, the cloud platform may include one or any combination of a private cloud, a public cloud, a hybrid cloud, a community cloud, a decentralized cloud, an internal cloud, and the like.
In some embodiments, the server 110 may include a processing device 112. The processing device 112 may process data and/or information to perform one or more of the functions described herein. For example, the processing device 112 may map user characteristic data (e.g., user loan information data, user personal characteristic data) of the first private data terminal 130 and the second private data terminal 140 to non-leaf nodes of the binary tree. For another example, the processing device 112 may determine the positions of the leaf nodes layer by layer from the topmost layer based on the data of the non-leaf nodes of the binary tree. For another example, the processing device 112 may obtain the processing result of the traffic information according to the determined position of the leaf node of the binary tree. In some embodiments, the processing device 112 may include one or more sub-processing devices (e.g., a single core processing device or a multi-core processing device). By way of example only, the processing device 112 may include a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), an Application Specific Instruction Processor (ASIP), a Graphics Processor (GPU), a Physical Processor (PPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), a programmable logic circuit (PLD), a controller, a micro-controller unit, a Reduced Instruction Set Computer (RISC), a microprocessor, or the like, or any combination thereof.
The network 120 may facilitate the exchange of data and/or information, which may include user characteristic data in the first and second private data terminals 130, 140, the processing results of traffic information corresponding to leaf nodes of the binary tree in the server 110. In some embodiments, one or more components in the secure data processing system 100 (e.g., the server 110, the first private data terminal 130, and the second private data terminal 140) may send data and/or information to other components in the secure data processing system 100 over the network 120. In some embodiments, network 120 may be any type of wired or wireless network. For example, network 120 may include a cable network, a wired network, a fiber optic network, a telecommunications network, an intranet, the internet, a Local Area Network (LAN), a Wide Area Network (WAN), a Wireless Local Area Network (WLAN), a Metropolitan Area Network (MAN), a Public Switched Telephone Network (PSTN), a bluetooth network, a ZigBee network, a Near Field Communication (NFC) network, the like, or any combination thereof. In some embodiments, network 120 may include one or more network access points. For example, network 120 may include wired or wireless network access points through which one or more components of secure data processing system 100 may connect to network 120 to exchange data and/or information.
The first private data terminal 130 may refer to a terminal for providing the first private data. In some embodiments, the first private data terminal 130 may be a server or a storage device of a financial institution. In some embodiments, the first private data may be user personal characteristic data owned by the financial institution. In some embodiments, the first private data terminal 130 may transmit a plurality of data to the server 110.
The second private data terminal 140 may refer to a terminal for providing the second private data. In some embodiments, the second private data terminal 140 may be a server or a storage device of the lending institution. In some embodiments, the second private data may be user loan information data owned by the lending institution. In some embodiments, the second private data terminal 140 may transmit a plurality of data to the server 110.
FIG. 2 is a schematic diagram of a secure data processing method, shown in accordance with some embodiments of the present description.
In some embodiments, as shown in FIG. 3, the binary tree may be a tree structure. In the binary tree, the number of child nodes associated with each node is at most two (e.g., 0, 1, or 2), and the child node of each node is a left sub-tree or a right sub-tree. The full binary tree may be a binary tree with left and right child nodes for each node except leaf nodes, and all leaf nodes at the bottom.
In some embodiments, the service information may be mapped to a binary tree, where a non-leaf child node of the binary tree corresponds to a data value of the service information, and a leaf child node of the binary tree corresponds to a processing result of the service information.
The data value of the service information may correspond to a non-leaf node of the binary tree through a conventional binary tree implementation method, which is not the matter of interest in this specification.
In some embodiments, the service information may include feature data held by the two parties separately.
In some embodiments, the data value of the service information corresponding to the non-leaf node of the binary tree may be calculated in a secret sharing manner from first private data held by the first private data terminal and second private data held by the second private data terminal. In some embodiments, the first private data terminal may be a party participating in the computation, the second private data terminal may be another party participating in the computation, and the first private data terminal and the second private data terminal belong to different data holders. For example, the first private data terminal may belong to a financial institution and the second private data terminal may belong to a loan institution.
In some embodiments, the node value of the corresponding non-leaf node may be obtained by operating on the first private data and the second private data.
In some embodiments, the first private data and the second private data may each be a given range of values, summed, mapped to a (0, 1) interval, and rounded. For example, the first private data may be a positive integer from 0 to 50, the second private data may be a positive integer from 0 to 50, and when the first private data is 12 and the second private data is 61, the sum is equal to 73, the sum is mapped to (0, 1) and then 0.73, and the sum is rounded to 1.
In some embodiments, the sum modulo two remainder of the first private data and the second private data may be equal to a non-leaf node value of the binary tree. For example, the first private data is 4, the second private data is 6, and the sum modulo two of the first private data 4 and the second private data 6 is equal to 0, then 0 is a non-leaf node value of the binary tree.
By taking the sum of the first private data and the second private data and modulo two, the data operation can be converted into the operation of 0 and 1, so that the calculation process is more efficient.
For example, as shown in fig. 3, the data value of the first-level left sub-tree x0 in the full binary tree is 0, which can be calculated in a secret sharing manner from first private data (for example, the first private data is 1) and second private data (for example, the second private data is also 1), the first private data 1 being held by the first private data terminal and the second private data 1 being held by the second private data terminal. The data value of the service information corresponding to the non-leaf node of the binary tree can be obtained by performing operation on the first private data and the second private data, and specific contents can be referred to the following description.
The first private data terminal and the second private data terminal respectively hold the first private data and the second private data, so that the data value of the service information corresponding to each layer of node can be respectively held by the first private data terminal and the second private data terminal, and the purposes of safely calculating and storing data can be achieved under the condition that the first private data terminal and the second private data terminal do not know the data held by the other side.
In some embodiments, each non-leaf node of the binary tree may take on a value of 0 or 1. The value specifies that the subordinate node of each non-leaf node is a left child node or a right child node. For example, it may be specified that 0 corresponds to the left child node and 1 corresponds to the right child node.
Thus, the node values of the top-down nodes may form a sequence of 0's and 1's, otherwise referred to as a string. This string reflects the path of the binary tree through the nodes from top to bottom. This path may eventually reach one of the leaf nodes of the binary tree.
For example, as shown in fig. 3, for the second layer non-leaf sequence n2 being 01, a path from the top layer of the binary tree downward through the first layer and the second layer is represented, wherein the sequence value 0 represents a node value passing through a node of the layer 0, and since the node value is 0, the first layer reaches the left child node x0 of the node of the layer 0. The sequence value of 1 represents a node value passing through the first layer node x0, and since the node value is 1, the second layer reaches the right child node x01 of the first layer node x 0.
In some embodiments, the next level node may also be specified by the value of the node by other rules. For example, an odd number of nodes in each level takes 0 to point to the left child node, an even number of nodes takes 0 to point to the right child node, and so on. This is not limited by the present description.
In some embodiments, the binary tree may comprise a full binary tree or a non-full binary tree.
In some embodiments, for a non-full binary tree, the non-valued non-leaf nodes of the binary tree may be populated with arbitrary values such that the number of valued nodes of at least one level of the binary tree is greater than a set threshold of the level. In some embodiments, random or fixed use of 0 or 1 padding may be defined. In some embodiments, the set threshold of the hierarchy may be preset, and the set threshold is smaller than the number of nodes in the full binary tree at the hierarchy. For example, the number of nodes in the first layer in the full binary tree is 2, the number of nodes in the second layer is 4, and the set threshold value in the first layer may be set to 1, and the set threshold value in the second layer may be set to 3. In some embodiments, if the number of valued nodes in the non-full binary tree is greater than the set threshold of the hierarchy, then no valued non-leaf nodes of the binary tree need to be populated.
By applying the non-full binary tree, the application range of the technical scheme can be expanded, and the data processing has higher flexibility. By filling the non-full binary tree, especially by applying a threshold value, enough interference data can be generated during multi-party secure computation, so that data owned by one party can be prevented from being easily inferred by the other party, and the security is improved.
In some embodiments, the method of obtaining the leaf node may be:
and calculating a first local path and a second local path of each layer by layer from top to bottom. The first local path is held by the first private data terminal, the second local path is held by the second private data terminal, and neither party knows the local path held by the other party. And calculating downwards successively until the data of the leaf nodes are obtained. In some embodiments, summing the first local path and the second local path for each layer may result in a path and sequence value for the layer. The method for obtaining the leaf node is explained below with reference to fig. 3.
In the whole calculation process, any party does not hold a path to any node. The path to the node is calculated by the first local path and the second local path in a secret sharing mode, and the two parts can obtain a complete path through operation. By having the first local path and the second local path separately, both parties can perform calculation without knowing the local path that the other party has, thereby ensuring the safety of the calculation process.
The first partial path and the second partial path may be calculated as follows and obtained by both parties separately.
The method comprises the following specific steps:
at step 210, a first local path and a second local path of a top level are determined.
In some embodiments, the first local path and the second local path of level 0 of the full binary tree may both be set to null ("null"), and correspondingly, the path of level 0 is also null.
In some embodiments, the first private data and the second private data of layer 0 may be set as a first local path and a second local path, respectively. At this time, the subsequent processing procedures are similar, and only the detail adjustment needs to be performed, which is not described in detail herein.
In step 220, the first local path and the second local path of the non-top non-bottom level are iteratively calculated.
In some embodiments, according to the first local path and the first private data of each node held by one party and the second local path and the second private data held by the other party, the two parties may, through a calculation process, make one party get the first local path of the next layer and the other party get the second local path of the next layer. From which iterations proceed down layer by layer. And ending the calculation until the first local path and the second local path of the bottommost layer are obtained. The detailed process of acquiring the local path of the next layer in each layer can refer to the description of fig. 4, which is not described herein again.
For example, a first local path of a first layer may be derived from a first private data of a top-most layer; the first local path of the second layer may be derived from the first local path of the first layer and a function including the second private data. With this downward iteration. Accordingly, a second local path for each layer in the non-top hierarchy may also be computed. Taking the example of calculating the local path of the fourth layer from the data of the third layer in the binary tree as an example to explain: the path of the third layer is known as n3 ═ 010, where the first local path n3_ L ═ 001 and the second local path n3_ R ═ 011. The node value is known as p (n3) ═ 1, where the first private data p _ L (n3) ═ 1 and the second private data p _ R (n3) ═ 0. The first random number R4_ L is 1, and the second random number R4_ R is 0.
Calculating a first local path for the fourth layer: n4_ L & (R4_ L + p _ R (n3) -R4_ R) & (001 & (1+0-0) &0011). The second local path n4_ R ═ n3_ R & (R4_ R + p _ L (n3) -R4_ L) = 011& (0+1-1) ═ 0110 of the fourth layer. Wherein, & is a string splicing operation, and more description about & can refer to the relevant description of fig. 4.
The path of the fourth layer is: n4 ═ n4_ L + n4_ R ═ 0011+0110 ═ 0101.
In the process, both sides only hold a part of the path, and effective information of the actual node value cannot be obtained through path data, so that the safety is ensured. The calculation process only needs to be carried out once from top to bottom, the calculation complexity is only equal to the calculation complexity multiplied by the number of layers of each layer, and the calculation efficiency can be greatly improved. For the computational complexity of each layer, please see the description of fig. 4.
In practical application, a security query based on a binary tree can be performed based on the method.
In some embodiments, the query terminal may initiate a query request to the first private data terminal and the second private data terminal according to a service requirement, so as to obtain a processing result of the service information corresponding to the leaf node.
The query request may correspond to data of the binary tree, which are calculated from the first private data and the second private data, and are respectively held by the first private data terminal and the second private data terminal, as described above.
The first private data terminal and the second private data terminal may determine the first local path and the second local path of the leaf node based on the first private data and the second private data by the aforementioned method.
Further, the query terminal may determine, based on the first local path and the second local path, a corresponding leaf node value, that is, a processing result of the service information, through security calculation. This process can be implemented by conventional secure multi-party computing methods.
The inquiry terminal is a device initiating an inquiry, and may be the same as the first private data terminal, or may be the same as the second private data terminal, or may be different from both the first private data terminal and the second private data terminal.
It should be noted that the above description related to the flow 200 is only for illustration and description, and does not limit the applicable scope of the present specification. Various modifications and alterations to flow 200 will be apparent to those skilled in the art in light of this description. However, such modifications and variations are intended to be within the scope of the present description. For example, the path may be represented in other manners, such as adding a certain prefix or suffix to both the first local path and the second local path, or performing other transformation processes on the first local path and the second local path, and performing corresponding processes in subsequent processes. These transformations and processes described above have no material effect on the methods of this specification.
Fig. 4 is an exemplary flow diagram of a first local path generation method shown in accordance with some embodiments of the present description.
As shown in fig. 4, obtaining the first local path of the current layer by the first private data terminal and the second private data terminal using the oblivious transport protocol may be performed as follows.
The process of calculation is performed at a certain level. According to the first local path of the previous layer and the first private data of each node of the current layer which one party holds, and the second local path of the previous layer and the second private data of each node of the current layer which the other party holds, the two parties can obtain the first local path of the current layer and the second local path of the current layer by the following calculation.
In this process, neither party can obtain the node data held by the other party, nor the local path held by the other party.
In step 410, the second private data terminal generates a first random number.
In some embodiments, the first random number may take on a value of 0 or 1, denoted as R _ R. The first random number can be re-randomly valued after the local path computation of one layer is completed. For example, when calculating the local path of the first layer, the first random number may take a value of 1; the first random number may take a value of 0 when calculating the local path of the other layer (e.g., the second layer or the second layer). In some embodiments, the value of the first random number may also be other than 0 or 1, which is not limited herein.
Step 420, the first private data terminal obtains a first return value (in other parts of this embodiment, may also be referred to as a function including the first private data or the second private data) from the second private data terminal through an oblivious transport protocol based on the first local path of the previous level of the current level, where the first return value is a result of performing a first operation on the first random number and the second private data of the node corresponding to the path of the previous level.
In some embodiments, the first private data terminal obtains the first return value from the second private data terminal via an oblivious transport protocol based on the first local path of the previous hierarchy.
In the process of executing the unintentional transmission, based on a first local path provided by a first terminal and a second local path provided by a second terminal, the two local paths are calculated to obtain a corresponding complete path, and in the process of safety calculation, both sides can only obtain own local path but can not obtain the local path of the other side, so that the safety calculation is ensured.
From the complete path, second private data corresponding to the node may be obtained.
The first return value may be obtained from the result of the first operation performed on the second private data and the first random number in step 410.
The Oblivious Transfer (OT) technique is a secure multiparty computing technique. In this technique, the first party can provide input data, and the second party can perform calculation and provide a return result according to the input data and the data held by the second party. The first party gets the returned results of the calculations but does not know that the second party is participating in the calculated data. The second party is also unaware of the input data provided by the first party. And corresponding the first private data and the second private data held by the two parties to the binary tree, wherein both parties do not know the data held by the other party. For the first private data terminal, the first local path of the next layer may be calculated through the first local path of the previous layer and the second private data. In this calculation process, the first private data terminal needs to perform OT transmission with the second private data terminal once. Similarly, the second private data terminal may also calculate a second local path of a next layer through the second local path of the previous layer and the first private data. In this calculation process, the second private data terminal needs to perform an OT transmission with the first private data terminal once. Therefore, for a node at a certain level of the binary tree, two OT transmissions are required to calculate the local path. And calculating layer by layer to obtain a first local path of the first private data terminal on each layer of the binary tree and a second local path of the second private data terminal on each layer of the binary tree, wherein the first local path and the second local path can form a complete path of each layer of the binary tree.
In the process of this step, the first private data terminal provides a first local path, resulting in a first return value. The second private data terminal cannot obtain the first local path provided by the first private data terminal, but can only assist in calculating and providing the first return value based on the data held by the first private data terminal.
The inadvertent transmission procedure applied in this step can be implemented by various conventional algorithms for inadvertent transmission.
In some embodiments, the first operation may be a subtraction operation. In some embodiments, the first operation may be modulo two remainder after the bit subtraction. In some alternative embodiments, the second operation may also be an addition operation.
For example, as shown in fig. 3, the node x10 at the second level is taken as an example, the current level is the 2 nd level, the previous level is the 1 st level, the node at the previous level is x1, and the path is n1 equal to 1. Neither side of this path is aware. The first private data terminal holds only the first local path of the previous level, and its value is n1_ L equals 0. The second private data terminal only holds the second local path of the previous level, and its value is n1_ R ═ 1. n1_ L + n1_ R ═ n 1. The "+" here represents only a certain operation, and may be, for example, adding each bit to the bit and modulo two to get the remainder.
The node x1 corresponding to the previous route has a value of p (n1) ═ p (1) ═ 0, and both values cannot be known. The first private data terminal holds first private data with a value of p _ L (n1) ═ 1; the second private data terminal holds second private data having a value p _ R (n1) ═ 1. The node has a value of 0 which is the remainder modulo two after 1 is added, i.e., p _ L (n1) + p _ R (n1) — 0, where "+" indicates the remainder modulo two after the summation.
Assume that the first random number generated by the second private data terminal at step 410 is R2_ R ═ 1.
The first private data terminal initiates an inadvertent transmission based on the first local path n1_ L being 0.
During the unintentional transfer, based on n1_ L being 0 and n1_ R being 1 owned by the second private data terminal, the node value p (n1_ L + n1_ R) being p (n1) being 0 corresponding to the previous layer path can be obtained. n1_ L is 0, and n1_ R is 1, which is the local path of the first layer. n1_ L ═ 0 is the first private data of layer 0, and n1_ R ═ 0 is the second private data of layer 0. The specific values of the first private data and the second private data are assumed here, but are actually owned by both parties. The path of the first layer is thus n1 ═ 1. See in particular the following illustrations of fig. 3 and 5.
The corresponding first return value is p (n1_ L + n1_ R) -R2_ R. Where "-" represents only the first operation, see the description above.
During and after this inadvertent transmission, the first private data terminal only knows n1_ L provided by it, and the first return value p (n1_ L + n1_ R) -R2_ R, and does not know n1_ R and p (n 1). The second private data terminal only knows n1_ R and the random number R2_ R that it provides, and does not know n1_ L, p (n1) and the first return value p (n1_ L + n1_ R) -R _ R.
In some embodiments, the first private data terminal generates the second random number. The second random number is similar to the first random number in step 410, but is not related in value. In addition to the use in this step, the calculation procedure for the second local path is also used, and the following description may be specifically referred to. In this specification, the second random number is denoted by r _ L.
Based on the first return value determined in step 420, a second operation is performed with the second random number, and a third operation is performed with the first local path held by the first private data terminal, so that the first local path can be obtained.
In some embodiments, the second operation may be an addition operation. In some embodiments, the addition operation may be a remainder of the bit modulo two. In some alternative embodiments, the second operation may also be a subtraction operation.
In some embodiments, the first operation and the second operation may be an inverse operation. The two operations are inverse operations, which means that after one operation is performed on one object by each of the two operations, the result is still equal to the object itself. For example, addition and subtraction are a pair of inverse operations.
In some embodiments, the third operation may be a sequence stitching operation, for example, a third operation between 0 and 1001 may be a stitching operation of 0 after 1001 to form 10010. In the following description, the third operation is denoted by "&".
In some embodiments, the first, second, and third operations may belong to an abelian group. I.e. these operations may satisfy the commutative law.
The above description is further explained below:
the first return value determined at step 420 is p (n1_ L + n1_ R) -R2_ R, i.e., p (n1) -R2_ R-0-1.
Assume that the second random number generated by the first private data terminal is r2 — L ═ 1.
The second operation of the first return value and the second random number is p (n1) -R2_ R + R2_ L ═ 1+1 ═ 0. Where "+" represents only the first operation, see description above.
And performing a third operation with the first local path of the previous level, wherein p (n1) -R2_ R + R2_ L & n1_ L are 00.
The result is the first partial path of the hierarchy.
Similarly, the second local path of the hierarchy is p (n1) -R2_ L + R2_ R & n1_ R. The determination process thereof can be referred to as described later.
It is easy to see that the random numbers R2_ L and R2_ R in the first and second local paths are mutually cancelled, and n1_ L + n1_ R is n 1. Therefore, by performing the operation based on the first local path and the second local path, the operation result p (n1) & n1 based on the previous node value p (n1) and the previous path n1, that is, the path of the current layer can be obtained.
For the first private data terminal, the first local path it holds is p (n1) -R2_ R + R2_ L & n1_ L. Although the first private data terminal knows R2_ L and n1_ L, since the first random number R2_ R generated by the second private data terminal is unknown, the value of the node value p (n1) cannot be known, thereby ensuring security.
Since the first operation, the second operation and the third operation in the process belong to the Abelian group, the exchange of orders in the calculation process is ensured, and the derivation process is supported.
Through the process, the first local path and the second local path can be safely obtained by the two parties respectively, and the two parties can be prevented from obtaining extra information based on the careless transmission protocol. Meanwhile, the calculation process is simple and efficient, and the calculation efficiency can be greatly improved.
It should be noted that the above description related to the flow 400 is only for illustration and description, and does not limit the applicable scope of the present specification. Various modifications and changes to flow 400 will be apparent to those skilled in the art in light of this description. However, such modifications and variations are intended to be within the scope of the present description. For example, the first random number R _ R may be 0, and the second random number R _ L may be 0, and the above calculation may be performed in the same manner.
Similar to step 410-:
the first private data terminal generates a second random number; the second private data terminal obtains a second return value from the first private data terminal through an inadvertent transmission protocol based on the second local path of the previous level of the current level, wherein the second return value is a result of a fourth operation performed on the first private data of the node corresponding to the path of the previous level and the second random number; the second private data terminal performs second local path generation calculation based on the second return value to generate the second local path of the current level, and the second local path generation calculation performs a fifth operation on the second return value and a first random number and then performs a sixth operation on the second local path of the previous level; the first random number is generated by the second private data terminal.
For more details of the second random number, reference may be made to the related description of step 430, which is not described herein.
In some embodiments, the fourth operation may be a subtraction operation. In some embodiments, the subtraction operation may be a modulo two subtraction. In some alternative embodiments, the fourth operation may also be an addition operation. In some embodiments, the addition operation may be a modulo two addition.
In some embodiments, the fifth operation may be an addition operation. In some embodiments, the addition operation may be a modulo two addition. In some alternative embodiments, the fifth operation may also be a subtraction operation. In some embodiments, the subtraction operation may be a modulo two addition.
In some embodiments, the sixth operation may be a string concatenation operation.
In some embodiments, the fourth operation and the fifth operation may be an inverse operation. The fourth operation may be similar to the first operation, and the fifth operation may be similar to the second operation, which are not described herein again.
In some embodiments, the fourth, fifth, and sixth operations may belong to an abelian group.
Similarly, the second return value is p (n1_ L + n1_ R) -R2_ L, i.e., p (n1) -R2_ L-0-1.
The fifth operation of the second return value and the first random number is p (n1) -R2_ L + R2_ R ═ 1+1 ═ 0.
And performing a sixth operation with the second local path of the previous layer, where p (n1) -R2_ L + R2_ R & n1_ R equals 10. This result is the second local path of the hierarchy.
In some embodiments, the first partial path and the second partial path of the second layer may be merged to form a complete path. Namely: n2 ═ n2_ L + n2_ R ═ 00+10 ═ 10. Thus, the path from the topmost level to the second level in fig. 3 is: topmost level → right sub-tree of first level → left sub-tree of second level.
FIG. 5 is a schematic diagram of local path computation, shown in accordance with some embodiments of the present description.
The following explains the calculation process of the local path in the four-level binary tree by taking fig. 3 and fig. 5 as an example:
corresponding to each non-leaf node of the binary tree, second private data p _ R ═ { root → 1, 0 → 1, 1 → 1, 00 → 1, 01 → 1, 10 → 0, 11 → 0} may be preset.
As can be seen from the description in fig. 2: the first local path n1_ L of the first layer is equal to the first private data p _ L root of the topmost layer (layer 0) 0, and the second local path n1_ R of the first layer is equal to the second private data p _ R root of the topmost layer (layer 0) 1, so the path n1 of the first layer n1_ L + n1_ R0 +1 is 1.
Calculating a first local path of a second layer through the first local path of the first layer and first private data:
in the second layer, the first random number R2_ R takes 1, the second random number R2_ L takes 1, and the first private data terminal may obtain the first return value h (n1_ L) ═ p _ R (n1) -R2_ R from the second private data terminal, that is, h (0) ═ p _ R (1) -1 ═ 0. And performing a second operation on the first return value and the second random number, wherein r2_ L + h (n1_ L) is 1+0 is 1. The first local path of the second layer is r2_ L + h (n1_ L) & n1_ L ═ 01.
Accordingly, a second local path of the second layer may be calculated.
Corresponding to each non-leaf node of the binary tree, first private data p _ L ═ { root → 0, 0 → 0, 1 → 1, 00 → 1, 01 → 0, 10 → 1, 11 → 0} may be preset.
The second private data terminal may obtain a second return value g (n1_ R) ═ p _ L (n1) -R2_ L from the first private data terminal, i.e., g (n1_ R) ═ p _ L (n1) -1 ═ 1-1 ═ 0. The fifth operation is performed on the second return value and the first random number, where R2_ R + g (n1_ R) ═ 1+0 ═ 1. The second local path of the second layer is R2_ R + g (n1_ R) & n1_ R ═ 11.
Therefore, the path of the second layer is n2 — n2_ L + n2 — R01 +11 — 10.
Further, a local path of the third layer may also be calculated. Specifically, the method comprises the following steps:
at the third level, the first random number R3_ R takes 0, the second random number R3_ L takes 1, and the first private data terminal may obtain the first return value h (n2_ L) ═ p _ R (n2) -R3_ R from the second private data terminal, that is, h (01) ═ p _ R (10) -0 ═ 0. And performing a second operation on the first return value and the second random number, wherein r3_ L + h (n2_ L) is 1+0 is 1. The first local path of the third layer is r3_ L + h (n2_ L) & n2_ L ═ 011.
The second private data terminal may obtain a second return value g (n2_ R) ═ p _ L (n2) -R3_ L from the first private data terminal, i.e., g (11) ═ p _ L (10) -1 ═ 1-1 ═ 0. The fifth operation is performed on the second return value and the first random number, where R3_ R + g (n2_ R) ═ 0+0 ═ 0. The second local path of the third layer is R3_ R + g (n2_ R) & n2_ R ═ 110.
Therefore, the path of the third layer is n3 — n3 — L + n3 — R011 +110 — 101.
Thus, the path from the top-most level to the third level in fig. 3 is: topmost level → right subtree of the first level → left subtree of the second level → right subtree of the third level.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The beneficial effects that may be brought by the embodiments of the present description include, but are not limited to: (1) the first private data terminal is unaware of the second private data terminal, and the second private data terminal is unaware of the first private data terminal, which can securely calculate and transmit data; (2) the service information is corresponding to the binary tree, the operation of the service information in the binary tree is converted into the operation of 0 or 1, the leaf nodes can be found out only by two times of interaction for each layer of nodes, and the calculation efficiency is improved. It is to be noted that different embodiments may produce different advantages, and in different embodiments, any one or combination of the above advantages may be produced, or any other advantages may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be considered merely illustrative and not restrictive of the present specification. Various modifications, improvements and adaptations to the present description may occur to those skilled in the art, although not explicitly described herein. Such modifications, improvements and adaptations are proposed in the present specification and thus fall within the spirit and scope of the exemplary embodiments of the present specification.
Also, the description uses specific words to describe embodiments of the description. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the specification is included. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the specification may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the present description may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereof. Accordingly, aspects of this description may be performed entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.), or by a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the present description may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
The computer storage medium may comprise a propagated data signal with the computer program code embodied therewith, for example, on baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, etc., or any suitable combination. A computer storage medium may be any computer-readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer storage medium may be propagated over any suitable medium, including radio, cable, fiber optic cable, RF, or the like, or any combination of the preceding.
Computer program code required for the operation of various portions of this specification may be written in any one or more programming languages, including an object oriented programming language such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C + +, C #, VB.NET, Python, and the like, a conventional programming language such as C, Visual Basic, Fortran 2003, Perl, COBOL 2002, PHP, ABAP, a dynamic programming language such as Python, Ruby, and Groovy, or other programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any network format, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service, such as a software as a service (SaaS).
Additionally, the order in which the elements and sequences of the process are recited in the specification, the use of alphanumeric characters, or other designations, is not intended to limit the order in which the processes and methods of the specification occur, unless otherwise specified in the claims. While various presently contemplated embodiments of the invention have been discussed in the foregoing disclosure by way of example, it is to be understood that such detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments herein. For example, although the system components described above may be implemented by hardware devices, they may also be implemented by software-only solutions, such as installing the described system on an existing server or mobile device.
Similarly, it should be noted that in the preceding description of embodiments of the present specification, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to imply that more features than are expressly recited in a claim. Indeed, the embodiments may be characterized as having less than all of the features of a single embodiment disclosed above.
Numerals describing the number of components, attributes, etc. are used in some embodiments, it being understood that such numerals used in the description of the embodiments are modified in some instances by the use of the modifier "about", "approximately" or "substantially". Unless otherwise indicated, "about", "approximately" or "substantially" indicates that the number allows a variation of ± 20%. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximations that may vary depending upon the desired properties of the individual embodiments. In some embodiments, the numerical parameter should take into account the specified significant digits and employ a general digit preserving approach. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of the range are approximations, in the specific examples, such numerical values are set forth as precisely as possible within the scope of the application.
For each patent, patent application publication, and other material, such as articles, books, specifications, publications, documents, etc., cited in this specification, the entire contents of each are hereby incorporated by reference into this specification. Except where the application is filed in a manner inconsistent or contrary to the present specification, and except where a claim is filed in a manner limited to the broadest scope of the application (whether present or later appended to the specification). It is to be understood that the descriptions, definitions and/or uses of terms in the accompanying materials of this specification shall control if they are inconsistent or contrary to the descriptions and/or uses of terms in this specification.
Finally, it should be understood that the embodiments described herein are merely illustrative of the principles of the embodiments of the present disclosure. Other variations are also possible within the scope of this description. Thus, by way of example, and not limitation, alternative configurations of the embodiments of the specification can be considered consistent with the teachings of the specification. Accordingly, the embodiments of the present description are not limited to only those embodiments explicitly described and depicted herein.
Claims (20)
1. A secure data processing method, the method comprising:
the service information is corresponding to a binary tree, a non-leaf subnode of the binary tree corresponds to a data value of the service information, and a leaf subnode of the binary tree corresponds to a processing result of the service information; the data value of the service information corresponding to the non-leaf node of the binary tree is calculated by first private data and second private data in a secret sharing mode, the first private data is held by a first private data terminal, and the second private data is held by a second private data terminal;
downwards from the topmost level of the binary tree, and determining a first local path and a second local path layer by layer aiming at each level; and analogizing step by step until the level of the leaf node is reached; wherein the first local path is stored at a first private data terminal and the second local path is stored at a second private data terminal; the node path is calculated by the first local path and the second local path in a secret sharing mode; determining, layer by layer, a first local path and a second local path from the topmost level of the binary tree downward to each level includes:
determining the first local path and the second local path of the topmost level;
and from the first layer below the top layer, the first private data terminal and the second private data terminal adopt an oblivious transmission protocol to obtain the first local path of the current layer, and the second private data terminal and the first private data terminal adopt an oblivious transmission protocol to obtain the second local path of the current layer.
2. The method of claim 1, wherein the first private data terminal and the second private data terminal use an oblivious transport protocol to obtain the first local path of the current level, comprising:
the second private data terminal generates a first random number;
the first private data terminal obtains a first return value from the second private data terminal through an inadvertent transmission protocol based on the first local path of the previous level of the current level, wherein the first return value is a result of first operation performed on second private data of the node corresponding to the path of the previous level and the first random number;
the first private data terminal performs first local path generation calculation based on the first return value to generate the first local path of the current level, wherein the first local path generation calculation is a result of performing second calculation on the first return value and a second random number and performing third calculation on the first local path of the previous level; the second random number is generated by the first private data terminal;
the first operation and the second operation are inverse operations;
the first, second, and third operations belong to an abelian group.
3. The method of claim 2, the third operation being a string concatenation operation.
4. The method of claim 1, wherein the second private data terminal and the first private data terminal use an oblivious transport protocol to obtain the second local path of the current level, comprising:
the first private data terminal generates a second random number;
the second private data terminal obtains a second return value from the first private data terminal through an inadvertent transmission protocol based on the second local path of the previous level of the current level, wherein the second return value is a result of a fourth operation performed on the first private data of the node corresponding to the path of the previous level and the second random number;
the second private data terminal performs second local path generation calculation based on the second return value to generate the second local path of the current level, and the second local path generation calculation performs a fifth operation on the second return value and a first random number and then performs a sixth operation on the second local path of the previous level; the first random number is generated by the second private data terminal;
the fourth operation and the fifth operation are inverse operations;
the fourth, fifth, and sixth operations belong to an abelian group.
5. The method of claim 4, the sixth operation being a string concatenation operation.
6. The method of claim 1, wherein the non-leaf nodes of the binary tree correspond to data values of traffic information, comprising:
and the data value of each service information is calculated by first private data and second private data which are composed of 0 or 1 in a secret sharing mode.
7. The method of claim 1, wherein the data values of the traffic information corresponding to the non-leaf nodes of the binary tree are calculated from the first private data and the second private data in a secret sharing manner, and the method comprises:
calculating according to the first private data and the second private data to obtain a non-leaf node value of the binary tree, wherein the first private data and the second private data are any data meeting the following requirements:
a sum modulo two remainder of the first private data and the second private data is equal to a non-leaf node value of the binary tree.
8. The method of claim 1, further comprising:
filling non-value non-leaf nodes of the binary tree with any value, so that the number of value nodes of at least one level of the binary tree is larger than the set threshold value of the level.
9. The method of claim 1, further comprising:
the inquiry terminal initiates inquiry requests to the first private data terminal and the second private data terminal;
first private data second private data determining a first local path and a second local path of the leaf node based on the first private data and the second private data;
and the inquiry terminal determines the processing result of the service information through security calculation.
10. A safety data processing system comprises a service information corresponding module and a local path calculation module; wherein:
the service information corresponding module is used for corresponding the service information to a binary tree, wherein non-leaf subnodes of the binary tree correspond to data values of the service information, and leaf subnodes of the binary tree correspond to processing results of the service information; the data value of the service information corresponding to the non-leaf node of the binary tree is calculated by first private data and second private data in a secret sharing mode, the first private data is held by a first private data terminal, and the second private data is held by a second private data terminal;
the local path calculation module is used for determining a first local path and a second local path layer by layer according to each layer from the topmost layer of the binary tree downwards; and analogizing step by step until the level of the leaf node is reached; wherein the first local path is stored at a first private data terminal and the second local path is stored at a second private data terminal; the node path is calculated by the first local path and the second local path in a secret sharing mode;
the local path computation module is further to determine the first local path and the second local path of the top-most hierarchy; and from the first layer below the top layer, the first private data terminal and the second private data terminal adopt an oblivious transmission protocol to obtain the first local path of the current layer, and the second private data terminal and the first private data terminal adopt an oblivious transmission protocol to obtain the second local path of the current layer.
11. The system of claim 10, the local path computation module further to:
the second private data terminal generates a first random number;
the first private data terminal obtains a first return value from the second private data terminal through an inadvertent transmission protocol based on the first local path of the previous level of the current level, wherein the first return value is a result of first operation performed on second private data of the node corresponding to the path of the previous level and the first random number;
the first private data terminal performs first local path generation calculation based on the first return value to generate the first local path of the current level, wherein the first local path generation calculation is a result of performing second calculation on the first return value and a second random number and performing third calculation on the first local path of the previous level; the second random number is generated by the first private data terminal;
the first operation and the second operation are inverse operations;
the first, second, and third operations belong to an abelian group.
12. The system of claim 11, the third operation being a string concatenation operation.
13. The system of claim 10, the local path computation module further to:
the first private data terminal generates a second random number;
the second private data terminal obtains a second return value from the first private data terminal through an inadvertent transmission protocol based on the second local path of the previous level of the current level, wherein the second return value is a result of a fourth operation performed on the first private data of the node corresponding to the path of the previous level and the second random number;
the second private data terminal performs second local path generation calculation based on the second return value to generate the second local path of the current level, and the second local path generation calculation performs a fifth operation on the second return value and a first random number and then performs a sixth operation on the second local path of the previous level; the first random number is generated by the second private data terminal;
the fourth operation and the fifth operation are inverse operations;
the fourth, fifth, and sixth operations belong to an abelian group.
14. The system of claim 13, the sixth operation being a string concatenation operation.
15. The system of claim 10, wherein the service information mapping module is further configured to:
and the data value of each service information is calculated by first private data and second private data which are composed of 0 or 1 in a secret sharing mode.
16. The system of claim 10, wherein the service information mapping module is further configured to:
and calculating to obtain a non-leaf node value of the binary tree according to the first private data and the second private data, wherein the first private data and the second private data are any data meeting the following requirements:
a sum modulo two remainder of the first private data and the second private data is equal to a non-leaf node value of the binary tree.
17. The system of claim 10, further comprising:
filling non-value non-leaf nodes of the binary tree with any value, so that the number of value nodes of at least one level of the binary tree is larger than the set threshold value of the level.
18. The system of claim 10, further comprising:
the inquiry terminal initiates inquiry requests to the first private data terminal and the second private data terminal;
first private data second private data determining a first local path and a second local path of the leaf node based on the first private data and the second private data;
and the inquiry terminal determines the processing result of the service information through security calculation.
19. A secure data processing apparatus, the apparatus comprising at least one processor and at least one storage device for storing instructions which, when executed by the at least one processor, implement the method of any of claims 1 to 9.
20. A computer readable storage medium storing computer instructions which, when read by a computer, cause the computer to perform the method of any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911291202.5A CN111046432B (en) | 2019-12-13 | 2019-12-13 | Safety data processing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911291202.5A CN111046432B (en) | 2019-12-13 | 2019-12-13 | Safety data processing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111046432A CN111046432A (en) | 2020-04-21 |
| CN111046432B true CN111046432B (en) | 2022-01-28 |
Family
ID=70236586
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911291202.5A Active CN111046432B (en) | 2019-12-13 | 2019-12-13 | Safety data processing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111046432B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110070115A (en) * | 2019-04-04 | 2019-07-30 | 广州大学 | A kind of single pixel attack sample generating method, device, equipment and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10248324B2 (en) * | 2014-07-31 | 2019-04-02 | Cornell University | Oblivious parallel random access machine system and methods |
-
2019
- 2019-12-13 CN CN201911291202.5A patent/CN111046432B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110070115A (en) * | 2019-04-04 | 2019-07-30 | 广州大学 | A kind of single pixel attack sample generating method, device, equipment and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| "基于二叉树的加密算法";陈伟,付宇洁,秦科;《实验科学与技术》;20061231;全文 * |
| "基于博弈论的安全多方计算的研究";张兴兰,郑炜;《网络与信息安全学报》;20180131;第3-4页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111046432A (en) | 2020-04-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102599183B1 (en) | Method and system for safe data record distribution using blockchain | |
| JP7453911B2 (en) | System and method for securely sharing cryptographic materials | |
| EP3566389B1 (en) | Distributed privacy-preserving verifiable computation | |
| CN111342962B (en) | Method and system for verifying ciphertext message range | |
| CN110874648A (en) | Federal model training method and system and electronic equipment | |
| CN111539027B (en) | Information verification method and system based on privacy protection of two parties | |
| Shang et al. | Newton-interpolation-based zk-SNARK for Artificial Internet of Things | |
| Ivaz et al. | A numerical method for fuzzy differential equations and hybrid fuzzy differential equations | |
| JP2018503113A (en) | Electronic computing device for performing obfuscated operations | |
| JP7073800B2 (en) | Updatable random function | |
| CN111046432B (en) | Safety data processing method and system | |
| KR20120014254A (en) | Pairing arithmetic device, pairing arithmetic method and recording medium having pairing arithmetic program recorded thereon | |
| CN111262707B (en) | Digital signature method, verification method, device and storage medium | |
| Taha et al. | New Exact Solutions of Ion‐Acoustic Wave Equations by (G′/G)‐Expansion Method | |
| JP4354609B2 (en) | Simultaneous equation solving apparatus and inverse element computing apparatus on finite field | |
| Romeijn et al. | Computational complexity of finding Pareto efficient outcomes for biobjective lot‐sizing models | |
| WO2021218778A1 (en) | User recommendation based on blockchain | |
| Kunte | Gorenstein modules of finite length | |
| CN111784078B (en) | Distributed prediction method and system for decision tree | |
| CN111030811B (en) | Data processing method | |
| CN112989421A (en) | Method and system for processing safety selection problem | |
| Mo et al. | Mean‐square stability of the backward Euler–Maruyama method for neutral stochastic delay differential equations with jumps | |
| Muranaka et al. | Computational properties of hybrid methods with PSO and de | |
| Aslam et al. | Odd‐Ary Approximating Subdivision Schemes and RS Strategy for Irregular Dense Initial Data | |
| CN117118637B (en) | Data processing method, device, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40028425 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |