CN115935426A - Remote image feature extraction and retrieval method based on SGX - Google Patents
Remote image feature extraction and retrieval method based on SGX Download PDFInfo
- Publication number
- CN115935426A CN115935426A CN202211705895.XA CN202211705895A CN115935426A CN 115935426 A CN115935426 A CN 115935426A CN 202211705895 A CN202211705895 A CN 202211705895A CN 115935426 A CN115935426 A CN 115935426A
- Authority
- CN
- China
- Prior art keywords
- data
- user
- image
- sku
- pic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a remote image feature extraction and retrieval method based on SGX, and relates to the technical field of ciphertext image retrieval. According to the method, computing operations such as image feature extraction and index construction are handed over to a trusted execution environment enclave of a cloud server for carrying out by using a trusted hardware SGX, key distribution is realized in a trusted execution environment of the cloud server by combining a secret sharing scheme, and access control on a third party user is realized through an access control list. Compared with the traditional ciphertext image retrieval scheme, the method can effectively reduce the computing power requirement on a data owner, and can realize accurate access control on a third-party user in the retrieval process.
Description
Technical Field
The invention relates to the technical field of ciphertext image retrieval, in particular to a remote image feature extraction and retrieval method based on SGX.
Background
With the advent of the big data era, the cloud service model is rapidly developed and has achieved great success with the advantages of being convenient, flexible and low in cost, and more companies and individuals select to store data on the cloud server, so that users can only trust the cloud server. However, the assumption that cloud servers are fully trusted is not secure, as the cloud may be subject to failure, intrusion, or attack at any time. Thus, cloud-based systems employ cryptographic means for encryption in transmitting, processing, and storing data. Therefore, cloud data encryption also makes it a key issue how to effectively utilize encrypted data, and at the same time, not be troubled by encryption.
The searchable encryption requires the cloud server to execute the query request of the user on the ciphertext data of the user, and the personal privacy of the user is not revealed in the query process. Searchable encryption is divided into two categories: symmetric searchable encryption and asymmetric searchable encryption. The difference between the two is that symmetric searchable encryption uses symmetric keys, which use asymmetric keys. Therefore, compared with the latter method, the symmetric searchable encryption has the characteristics of low calculation overhead, simple algorithm, high speed and the like.
The trusted hardware execution environment protects operations and operations involving private data through hardware isolation means. On the premise of not destroying hardware, an attacker cannot directly read the private data and the system key in the hardware, so that the confidentiality of the data is guaranteed. Meanwhile, an attacker cannot be tampered by solidifying hardware logic and hardware level, so that the relevant system is prevented from being maliciously tampered in the running process. Compared with a privacy protection scheme realized by pure software, the scheme combined with trusted execution hardware generally brings better performance and expansibility.
Under the background of current big data, research on ciphertext image retrieval is also becoming more important, but the current ciphertext image retrieval scheme still needs a data owner to perform work such as image feature extraction, index construction and the like, and has certain computational power requirements on the data owner, so that the ciphertext image retrieval scheme cannot be implemented on some equipment with limited resources, and cannot perform accurate access control on third-party users. By means of the trusted execution environment provided by the trusted hardware on the cloud server, not only can the computing operation of the data owner be handed over to the cloud server to be performed, and the computing power requirement on the data owner is reduced, but also the third-party user can be accurately controlled in access by combining secret sharing and an access control list in the trusted execution environment.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a remote image feature extraction and retrieval method based on SGX, aiming at the defects of the prior art.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows:
the computing operation of a data owner is handed over to a trusted execution environment of the cloud server by using trusted hardware (SGX), and access control for a third party user is achieved in the trusted execution environment of the cloud server by combining secret sharing and an access control list.
The method provided by the invention comprises three entities: data owners, data users, and cloud server providers.
The data owner encrypts the data using the symmetric key before outsourcing the image data to the cloud server; a plurality of data users can inquire data and obtain information with value; the cloud server provides sufficient storage and computing resources, provides a trusted execution environment, and responds to requests by users. In addition, at the time of system initialization, the initialization of a secret sharing scheme is carried out among three-party entities.
The specific method of the invention comprises four protocols: system initialization, data uploading, user query and strategy updating.
Step 1.1, a data owner selects a symmetric key S for encrypting an image, and then selects a security parameter lambda and the scale n of a data user, namely the number of users in the system during initialization;
step 1.2 initialises a secret sharing scheme with the aim of distributing the symmetric key S of the encrypted image data as a secret to the user and to the trusted execution environment; secret sharing is carried out twice, so that the symmetric key S cannot be recovered when the secret share of the user is combined with the secret share of the user, and the symmetric key S can be recovered only when the secret share of the user is combined with the secret share mastered by the trusted execution environment;
step 1.2.1 performs a first secret sharing, distributing the symmetric key S as sk a And sk b ,sk a And sk b Is a secret share distributed, where sk a Delivery to trusted execution Environment store, sk b Will be redistributed;
step 1.2.2 carry out the second secret sharing, and the sk is sent b Distribution is { sku 0 ,sku 1 ,…,sku n ,sku n+1 },sku 0 To sku n+1 Are all secret shares, wherein sku 0 Storage by a trusted execution Environment, sku 1 Held by the data owner, sku 2 To sku n+1 Respectively held by n-bit data users;
step 1.3 the data owner makes an access control strategy pol, which is { (uid, cids) for specifying the query authority of each user j Storage in the form of | j =1, … n }, where uid represents the user ID and cis is the set of image IDs authorized for that user;
step 1.4, two pairs of public and private keys { pk ] are generated in the trusted execution environment of the cloud server msg ,sk msg And pk sign ,sk sign A pair for communicating with data users, a pair for returning results for signed queries, where pk msg ,pk sign Disclosed is a method for producing a compound;
step 1.5 the data owner agrees on a symmetric key sk with the trusted execution environment comm Through the symmetric key encryption sk a 、sku 0 And sending the access control policy pol to the trusted execution environment;
Step 2.1 when the data owner intends to upload new image data, the data owner constructs a corresponding request token containing { id, ct } pic ,pol′,sku 1 Id is the number corresponding to the image, ct pic For ciphertext images, sku 1 Pol' a newly assigned access control policy for the secret shares held by the owner; data owner uses sk comm Encrypting and sending the token to a cloud server;
step 2.2, after receiving the request, the trusted execution environment decrypts the token to obtain { id, ct pic ,pol′,sku 1 };
Step 2.2.1 executing secret reconstruction algorithm in trusted execution environment to recover symmetric key S, and using it to decrypt ciphertext image ct pic Obtaining a plaintext image ct pic ;
Step 2.2.2 processing the plaintext image pt using a convolutional neural network pic Acquiring a corresponding Feature Vector Feature _ Vector;
step 2.2.3, using the Feature Vector Feature _ Vector of the locality sensitive hash processing image to obtain the hash Bucket number Bucket _ ID corresponding to the Feature Vector Feature _ Vector;
step 2.2.4 update the access policy of the data user using pol', which operation will trigger the access control policy update protocol;
step 2.3, a ciphertext image set and a corresponding ciphertext index set stored on the cloud server are updated;
Step 3.1 when the data user inquires, firstly constructing a query token, wherein the token contains { sku } i ,pt pic C }, where sku i For secret shares of data users, pt pic C is a freshness factor generated according to the query time; data user usage pk msg The encrypted token is sent to the cloud server;
step 3.2, after receiving the request, the trusted execution environment decrypts the request to obtain { sku i ,pt pic C, comparing the freshness factor in the token with the freshness factor stored in the trusted execution environment, and judging whether the request is legal or not;
step 3.2.1 processing image pt using convolutional neural network pic Acquiring a Feature Vector Feature _ Vector corresponding to the Feature Vector Feature _ Vector;
step 3.2.2, using the Feature Vector Feature _ Vector of the locality sensitive hash processing image to obtain the hash Bucket number Bucket _ ID corresponding to the Feature Vector Feature _ Vector;
step 3.2.3, obtaining a query feature vector Set Index _ Set1 in a hash Bucket corresponding to the Bucket _ ID;
step 3.2.4, filtering data which are not accessed in the Index _ Set1 by combining the access control strategy pol, and then obtaining a feature vector Index Set Index _ Set2;
step 3.2.5 calculating Euclidean distances between feature vectors, filtering out features with the distances larger than a threshold value which is equal to or larger than a threshold value, and acquiring a feature vector Index Set Index _ Set3;
step 3.2.6, obtaining a corresponding ciphertext image Set ct according to the Index Set Index _ Set3 pic ;
Step 3.2.7 executing the secret reconstruction algorithm to recover the symmetric key S and using it to decrypt the ciphertext image ct pic Obtaining a plaintext image pt pic ;
Step 3.2.8 generates symmetric key sk according to query user identity respond Re-encrypting the set of plaintext images pt using the key pic Obtaining a ciphertext image set ct pic ;
Step 3.2.9 signs the query result and signs signature Sign and result ct pic Returned to the user together;
step 3.3 after the user receives the returned data, whether the result is falsified can be verified through signature, and the ciphertext image ct can be decrypted after verification is passed pic Obtaining a plaintext result pt pic ;
Policy updates total three types, respectively: updating an access control strategy pol, adding users and deleting users;
step 4.1 update Access control policy pol
Step 4.1.1, the data owner establishes a new access control strategy pol and encrypts and sends the new access control strategy pol to the cloud server;
step 4.1.2, the trusted execution environment decrypts to obtain a new access control strategy pol and uses the new access control strategy pol to cover the original access control strategy pol;
step 4.2 Add user
Step 4.2.1 New user selects own secret share S n+2 Calculating
And transmit R n+2 To the data owner;
step 4.2.2 data owner selects ID for new user n+2 And calculate
Step 4.2.3 data owner will (R) n+2 ,ID n+2 ) Is published and will
Adding to MSG;
step 4.3 delete user
Step 4.3.1 delete user P i Corresponding to (R) i ,ID i ) And in MSG
/>
Adopt the produced beneficial effect of above-mentioned technical scheme to lie in: the invention provides a remote image feature extraction and retrieval method based on SGX, which uses trusted hardware to transfer client operation to a cloud server, and uses secret sharing, access control lists and other methods in a trusted execution environment of the cloud server. The requirements for the computing capacity and the storage capacity of a data owner in the traditional scheme are effectively reduced, accurate access control can be performed on a third-party user, corresponding ciphertext image retrieval system application is provided, and the user can accurately and efficiently retrieve the ciphertext image through the application.
Drawings
FIG. 1 is a schematic diagram of a solution provided in the present embodiment of the invention;
FIG. 2 is a diagram of a secret sharing scheme architecture provided by the present embodiment of the invention;
fig. 3 is a flowchart of data uploading provided in the embodiment of the present invention;
FIG. 4 is a flowchart of a user query according to the present embodiment of the invention;
FIG. 5 is an example of feature extraction and index calculation results provided by the present embodiment of the invention;
fig. 6 is an example of a partial search result provided by the present embodiment of the invention;
fig. 7 is a flowchart of policy update provided in this embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention, but are not intended to limit the scope of the invention.
The invention provides a remote image feature extraction and retrieval scheme based on SGX, as shown in figure 1, which comprises three entities: data owners, data users, and cloud server providers.
The method specifically comprises four protocols: system initialization, data uploading, user inquiry and strategy updating.
Step 1.1, a data owner selects a symmetric key S for encrypting an image, and then selects a security parameter lambda and the scale n of a data user, namely the number of users in the system during initialization;
step 1.2 initialises a secret sharing scheme with the aim of distributing the symmetric key S of the encrypted image data as a secret to the user and to the trusted execution environment; the specific scheme is as shown in fig. 2, in the scheme, secret sharing is performed twice, so as to ensure that the symmetric key S cannot be recovered when the secret share of the user is combined with the secret share of the user, and the symmetric key S can be recovered only when the secret share of the user is combined with the secret share grasped by the trusted execution environment;
step 1.2.1 performs a first secret sharing, distributing the symmetric key S as sk a And sk b ,sk a And sk b Is a secret share of the distribution, wherein sk a Delivery to trusted execution Environment store, sk b Will be redistributed;
step 1.2.2 performing a second secret sharing, the sk is b Distribution is { sku 0 ,sku 1 ,…,sku n ,sku n+1 },sku 0 To sku n+1 Are all secret shares, of which sku 0 Storage by a trusted execution Environment, sku 1 Sku held by the data owner 2 To sku n+1 Respectively held by n-bit data users;
step 1.3 the data owner makes an access control strategy pol, which is { (uid, cids) for specifying the query authority of each user j Storage in the form of | j =1, … n }, where uid represents the user ID and cis is the set of image IDs authorized for that user;
step 1.4 in trusted execution Environment of cloud ServerTwo pairs of public and private keys pk are generated msg ,sk msg And pk sign ,sk sign One pair for communicating with data users and one pair for signing returned results of queries, where pk msg ,pk sign Is disclosed;
step 1.5 the data owner agrees on a symmetric key sk with the trusted execution environment comm Through the symmetric key encryption sk a 、sku 0 And sending the access control strategy pol to the trusted execution environment;
step 2.1 when the data owner intends to upload new image data, the data owner constructs a corresponding request token containing { id, ct } pic ,pol′,sku 1 Id is the number corresponding to the image, ct pic For ciphertext images, sku 1 Pol' a newly assigned access control policy for the secret shares held by the owner; data owner uses sk comm Encrypting and sending the token to a cloud server;
step 2.2, after receiving the request, the trusted execution environment decrypts the token to obtain { id, ct pic ,pol′,sku 1 };
Step 2.2.1 executing secret reconstruction algorithm in trusted execution environment to recover symmetric key S, and using it to decrypt ciphertext image ct pic Obtaining a plaintext image pt pic ;
Step 2.2.2 processing the plaintext image pt Using convolutional neural network VGG pic Acquiring a corresponding 1024-dimensional Feature Vector Feature _ Vector;
step 2.2.3, feature vectors Feature _ vectors of 10 locality sensitive hashes are used for processing the images, each hash function outputs a binary value, and all the values are spliced to serve as hash Bucket numbers Bucket _ ID corresponding to the values;
step 2.2.4 update the access policy of the data user using pol', which operation will trigger the access control policy update protocol;
step 2.3, a ciphertext image set and a corresponding ciphertext index set stored on the cloud server are updated;
step 3.1, constructing a query token;
step 3.2, after receiving the request, the trusted execution environment decrypts the request to obtain { sku i ,pt pic C, comparing the size relationship between the freshness factor in the token and the freshness factor stored in the trusted execution environment, and judging whether the request is legal, as shown in fig. 5;
step 3.2.1, extracting image feature vectors;
step 3.2.2, calculating a hash barrel number corresponding to the image;
step 3.2.3, obtaining a query feature vector Set Index _ Set1 in a hash Bucket corresponding to the Bucket _ ID;
step 3.2.4, filtering data which are not accessed in the Index _ Set1 by combining the access control strategy pol, and then obtaining a feature vector Index Set Index _ Set2;
step 3.2.5 calculating Euclidean distances between feature vectors and filtering out features with the distances larger than a threshold value which is equal to =5, and acquiring a feature vector Index Set Index _ Set3;
step 3.2.6, obtaining a corresponding ciphertext image Set ct according to the Index Set Index _ Set3 pic Partial search results are shown in fig. 6;
step 3.2.7 executing the secret reconstruction algorithm to recover the symmetric key S and using it to decrypt the ciphertext image ct pic Obtaining a plaintext image pt pic ;
Step 3.2.8 re-encryption;
step 3.2.9 signs the query result and signs signature Sign and result ct pic Together returned to the user;
step 3.3 after the user receives the returned data, whether the result is falsified can be verified through signature, and the ciphertext image ct can be decrypted after verification is passed pic Obtaining a plaintext result pt pic ;
Policy updates total three types, respectively: updating an access control strategy pol, adding users and deleting users;
step 4.1 updating the Access control policy pol
Step 4.1.1 the data owner makes a new access control strategy pol and encrypts and sends the new access control strategy pol to the cloud server;
step 4.1.2, the trusted execution environment decrypts to obtain a new access control strategy pol and uses the new access control strategy pol to cover the original access control strategy pol;
step 4.2 Add user
Step 4.2.1 New user selects own secret share S n+2 Calculating
And sends R n+2 To the data owner;
step 4.2.2 data owner selects ID for new user n+2 And calculate
Step 4.2.3 data owner will (R) n+2 ,ID n+2 ) Is published and will
Adding to MSG;
step 4.3 delete user
Step 4.3.1 delete user P i Corresponding to (R) i ,ID i ) And in MSG
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit of the corresponding technical solutions and scope of the present invention as defined in the appended claims.
Claims (9)
1. A remote image feature extraction and retrieval method based on SGX is characterized by comprising the following steps:
step 1 System initialization
Step 1.1, a data owner selects a symmetric key S for encrypting an image, and then selects a security parameter lambda and the scale n of a data user, namely the number of users in the system during initialization;
step 1.2, key distribution is realized;
step 1.3, the data owner establishes an access control strategy pol and specifies the query authority of each user, wherein the access control strategy pol is { (uid, cids) j N, where uid represents a user ID and cids is the set of image IDs authorized for that user;
step 1.4, two pairs of public and private keys { pk ] are generated in the trusted execution environment of the cloud server msg ,sk msg And { pk } sign ,sk sign A pair for communicating with data users, a pair for returning results for signed queries, where pk msg ,pk sign Disclosed is a method for producing a compound;
step 1.5 the data owner agrees on a symmetric key sk with the trusted execution environment comm Through the symmetric key encryption sk a 、sku 0 And sending the access control policy pol to the trusted execution environment;
step 2 data uploading
Step 2.1 when the data owner intends to upload new image data, the data owner constructs a corresponding request token containing { id, ct } pic ,poi′,sku 1 Id is the number corresponding to the image, ct pic For ciphertext images, sku 1 A newly assigned access control policy for the secret share held by the owner, poi'; data owner uses sk comm Encrypting and sending the token to a cloud server;
step 2.2, after receiving the request, the trusted execution environment decrypts the token to obtain { id, ct pic ,pol′,sku 1 };
Step 2.2.1 execution of the secret reconstruction algorithm in the trusted execution Environment to recover the symmetric Key S and useIts decrypted ciphertext image ct pic Obtaining a plaintext image pt pic ;
Step 2.2.2, extracting image feature vectors;
step 2.2.3, calculating the hash barrel number corresponding to the image;
step 2.2.4 update the access policy of the data user using pol', which operation will trigger the access control policy update protocol;
step 2.3, a ciphertext image set and a corresponding ciphertext index set stored on the cloud server are updated;
step 3 user query
Step 3.1, constructing a query token;
step 3.2, after receiving the request, the trusted execution environment decrypts the request to obtain { sku i ,pt pic ,c};
Step 3.2.1, extracting image feature vectors;
step 3.2.2, calculating the hash barrel number corresponding to the image;
step 3.2.3, obtaining a query feature vector Set Index _ Set1 in a hash Bucket corresponding to the Bucket _ ID;
step 3.2.4, filtering data which are not accessed in the Index _ Set1 by combining an access control strategy p0l, and then obtaining a feature vector Index Set Index _ Set2;
step 3.2.5 calculating Euclidean distances between feature vectors, filtering out features with the distances larger than a threshold value which is equal to or larger than a threshold value, and acquiring a feature vector Index Set Index _ Set3;
step 3.2.6, obtaining a corresponding ciphertext image Set ct according to the Index Set Index _ Set3 pic ;
Step 3.2.7 executing the secret reconstruction algorithm to recover the symmetric key S and using it to decrypt the ciphertext image ct pic Obtaining a plaintext image pt pic ;
Step 3.2.8 is re-encrypted;
step 3.2.9 signs the query result and signs signature Sign and result ct pic Returned to the user together;
step 3.3 after the user receives the returned data, whether the result is falsified can be verified through signature, and the ciphertext image ct can be decrypted after verification is passed pic Obtaining a plaintext result pt pic ;
Step 4 policy update
Policy updates total three types, respectively: updating an access control strategy pol, adding users and deleting users;
step 4.1 update Access control policy pol
Step 4.1.1 the data owner makes a new access control strategy pol and encrypts and sends the new access control strategy pol to the cloud server;
step 4.1.2, the trusted execution environment decrypts to obtain a new access control strategy pol and uses the new access control strategy pol to cover the original access control strategy pol;
step 4.2 add user;
step 4.3 delete user.
2. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein said method comprises three entities: a data owner, a data user, and a cloud server provider;
the data owner encrypts the data using a symmetric key before outsourcing the image data to the cloud server; a plurality of data users can inquire data and obtain information with value; the cloud server provides sufficient storage and computing resources, provides a trusted execution environment and responds to a request of a user; at system initialization, the initialization of the secret sharing scheme is also performed between the three-party entities.
3. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 1.2 concrete steps are as follows:
performing initialization of a secret sharing scheme with the purpose of distributing a symmetric key S of encrypted image data as a secret to a user and a trusted execution environment; secret sharing is carried out twice, so that the symmetric key S cannot be recovered when the secret share of the user is combined with the secret share of the user, and the symmetric key S can be recovered only when the secret share of the user is combined with the secret share mastered by the trusted execution environment;
step 1.2.1 carrying out the first passSecret sharing, distributing symmetric key S as sk a And sk b ,sk a And sk b Is a secret share distributed, where sk a Delivery to trusted execution Environment store, sk b Will be redistributed;
step 1.2.2 performing a second secret sharing, the sk is b Distribution is { sku 0 ,sku 1 ,…,sku n ,sku n+1 },sku 0 To sku n+1 Are all secret shares, wherein sku 0 Stored by a trusted execution environment, sku 1 Held by the data owner, sku 2 To sku n+1 Respectively held by n-bit data users.
4. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 2.2.2 concrete steps are as follows:
processing an image pt using a convolutional neural network pic And acquiring the output of the full connection layer as a Feature Vector Feature _ Vector corresponding to the image, wherein the computing operation in the step is performed in a trusted execution environment of the cloud server.
5. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 2.2.3 concrete steps are as follows:
and processing the Feature Vector Feature _ Vector of the image by using the locality sensitive hash, splicing the output result of each hash function as the corresponding hash Bucket number Bucket _ ID, and performing computing operation in a trusted execution environment of the cloud server.
6. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 3.1 concrete steps are as follows:
when a data user carries out query, a query token is firstly constructed, and the token contains { sku i ,pt pic C }, where sku i For secret shares of data users, pt pic Is a plaintext image to be queried, c isGenerating a freshness factor according to the query time; data user usage pk msg The encrypted token is sent to the cloud server.
7. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 3.2.8 comprises the following specific steps:
generating a symmetric key sk according to the identity of the inquiring user respond Re-encrypting the set of plaintext images pt using the key pic Obtaining a ciphertext image set ct pic 。
8. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 4.2 concrete steps are as follows:
step 4.2.1 New user selects own secret shares S n+2 Calculating
And sends R n+2 To the data owner;
step 4.2.2 data owner selects ID for new user n+2 And calculate
Step 4.2.3 data owner will (R) n+2 ,ID n+2 ) Is published and will
Added to the MSG.
9. The SGX-based remote image feature extraction and retrieval method according to claim 1, wherein the 4.3 concrete steps are as follows:
deleting user P i Corresponding to (R) i ,ID i ) And in MSG
/>
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211705895.XA CN115935426A (en) | 2022-12-29 | 2022-12-29 | Remote image feature extraction and retrieval method based on SGX |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211705895.XA CN115935426A (en) | 2022-12-29 | 2022-12-29 | Remote image feature extraction and retrieval method based on SGX |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115935426A true CN115935426A (en) | 2023-04-07 |
Family
ID=86552152
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211705895.XA Pending CN115935426A (en) | 2022-12-29 | 2022-12-29 | Remote image feature extraction and retrieval method based on SGX |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115935426A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118171309A (en) * | 2024-05-16 | 2024-06-11 | 苏州市卫生计生统计信息中心 | Medical image encryption retrieval method |
-
2022
- 2022-12-29 CN CN202211705895.XA patent/CN115935426A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118171309A (en) * | 2024-05-16 | 2024-06-11 | 苏州市卫生计生统计信息中心 | Medical image encryption retrieval method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110224986B (en) | Efficient searchable access control method based on hidden policy CP-ABE | |
| WO2022007889A1 (en) | Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption | |
| US9985782B2 (en) | Network bound decryption with offline encryption | |
| Cui et al. | SVkNN: Efficient secure and verifiable k-nearest neighbor query on the cloud platform | |
| Khanezaei et al. | A framework based on RSA and AES encryption algorithms for cloud computing services | |
| JP4958246B2 (en) | Method, apparatus and system for fast searchable encryption | |
| US9207866B2 (en) | Chunk-level client side encryption in hierarchical content addressable storage systems | |
| Pu et al. | R²PEDS: a recoverable and revocable privacy-preserving edge data sharing scheme | |
| CN108881195A (en) | Data safety sharing method and device based on cloud environment | |
| WO2023010727A1 (en) | Key updating method and apparatus, file sharing method and apparatus, device, and computer storage medium | |
| WO2023044963A1 (en) | Method and system for re-encrypting threshold proxy based on attribute condition | |
| CN106656997B (en) | One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption | |
| He et al. | Secure encrypted data deduplication based on data popularity | |
| JP2017112604A (en) | Method for improving encryption/decryption speed by complexly applying symmetric key encryption and asymmetric key double encryption | |
| WO2023226308A1 (en) | File sharing methods, file sharing system, electronic device and readable storage medium | |
| CN112948903A (en) | Secret state search technical architecture and method for big data storage | |
| CN115459967A (en) | Ciphertext database query method and system based on searchable encryption | |
| CN117828673B (en) | Block chain-based data circulation and privacy protection method and device | |
| CN115935426A (en) | Remote image feature extraction and retrieval method based on SGX | |
| Park et al. | PKIS: practical keyword index search on cloud datacenter | |
| US20240015014A1 (en) | Dynamic and verifiable searchable encryption method and system based on updatable encryption and blockchain | |
| Yan et al. | Secure and efficient big data deduplication in fog computing | |
| CN108141462B (en) | Method and system for database query | |
| KR102386717B1 (en) | Data access control system based anonymous user attribute and method thereof | |
| CN111835731B (en) | Novel dynamic symmetric searchable encryption method and device for resisting file injection attack |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |