CN115982424B - Privacy keyword query method and device and electronic equipment - Google Patents
Privacy keyword query method and device and electronic equipment Download PDFInfo
- Publication number
- CN115982424B CN115982424B CN202310269239.8A CN202310269239A CN115982424B CN 115982424 B CN115982424 B CN 115982424B CN 202310269239 A CN202310269239 A CN 202310269239A CN 115982424 B CN115982424 B CN 115982424B
- Authority
- CN
- China
- Prior art keywords
- data
- keywords
- ciphertext
- plaintext
- polynomial function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a method, a device and an electronic device for inquiring privacy keywords, which relate to the technical field of privacy computation, wherein a client device groups a plurality of keywords to be inquired, performs packing encoding by using Chinese residual theorem, adopts a semi-homomorphic encryption algorithm, performs privacy keyword inquiry through message interaction with a server device to obtain inquiry ciphertext data returned by the server device, obtains inquiry results of the keywords from the obtained decoding data after decryption and decoding, realizes privacy inquiry for a plurality of keywords in batches at one time, improves inquiry efficiency, and realizes privacy inquiry based on the semi-homomorphic encryption method, thereby reducing calculation and communication expenditure.
Description
Technical Field
The present disclosure relates to the field of privacy computing technologies, and in particular, to a method and an apparatus for querying a privacy keyword, and an electronic device.
Background
Privacy keyword query (Private Keyword Search, PKS) is an important application scenario in cryptography in the field of privacy computing technology and multiparty security computing technology, which has emerged in recent years. The method and the device can efficiently realize the inquiry of the privacy keywords, can be widely applied to the inquiry of sensitive privacy data in the scenes of finance, industry and the like, and can protect the data privacy safety of a client and a server as much as possible, so that the data of the server only reveals the information of a single data inquiry result.
Existing privacy keyword query methods, in the case of two parties only, have methods based on homomorphic encryption (Homomorphic Encryption, HE) and methods based on inadvertent transmission (Oblivious Transfer, OT). The OT-based method has high calculation efficiency, but needs to transmit a large amount of data, encrypts the data of the database of the server side, transmits the data to the client side serving as the inquiring party once, occupies a large amount of network resources, directly decrypts the ciphertext result obtained by inquiry into plaintext, and cannot perform other operations on the inquiring result in the ciphertext state like homomorphic encryption.
The method for realizing PKS based on homomorphic encryption has less communication quantity and is more suitable in the practical scene of using wide area network for communication, but the method based on homomorphic encryption (Full Homomorphic Encryption, FHE) has larger calculation cost in encryption and homomorphic operation. The calculation efficiency of encryption and homomorphic operation based on semi-homomorphic encryption (such as Paillier semi-homomorphic encryption algorithm) is relatively high, but only one keyword can be queried at a time, and when more keywords need to be queried, the query efficiency is low.
Disclosure of Invention
The embodiment of the application provides a privacy keyword query method, a device and electronic equipment, which are used for solving the problems of high calculation cost and low query efficiency of privacy keyword query in the prior art.
The embodiment of the application provides a privacy keyword query method, which is applied to client equipment, and comprises the following steps:
grouping a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of keywords contained in the v groups of keywords is smaller than or equal to the preset number;
aiming at each group of keywords, taking the prime numbers with the preset number as parameters of the Chinese residual theorem, and calculating congruence data of the preset number of keywords contained in the group of keywords by using the Chinese residual theorem to obtain total v plaintext data aiming at the v groups of keywords as plaintext data for the group of keywords package coding;
calculating ciphertext data of modulus M of 1 to M power of the plaintext data by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by a server device, and each queried data comprises a keyword and corresponding data;
Transmitting v×m ciphertext data to a server device, so that the server device uses M ciphertext data corresponding to the plaintext data as input of a first polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses M ciphertext data corresponding to the plaintext data as input of a second polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is a part of n queried data divided according to M pieces of data, a first polynomial function and a second polynomial function are generated for each piece of plaintext data respectively, uses a keyword in one piece of data as input of a corresponding first polynomial function to perform calculation, uses a keyword in one piece of data as input of a corresponding second polynomial function to perform calculation, uses a second homomorphic function as input of the corresponding second polynomial function to perform semi-homomorphic encryption calculation, uses a keyword in the one piece of data as input of a corresponding second polynomial function to perform the corresponding keyword in the one piece of data to perform the calculation, uses the keyword in the one piece of data as input of the corresponding second polynomial function to perform the corresponding keyword in the one piece of data, and uses the one piece of the first polynomial function as input of the corresponding second polynomial function to perform the one piece of the first polynomial function, and uses the one piece of keyword in the first polynomial function as the second polynomial function to perform the one of the one piece of the first polynomial function, and a corresponding to perform the one piece of the second homomorphic ciphertext data, and a corresponding ciphertext data, and a piece of the second homomorphic ciphertext data corresponding ciphertext data and a corresponding ciphertext data corresponding second polynomial function is obtained by one corresponding to a piece of the second polynomial function;
Decrypting the a×v query ciphertext data by using a private key to obtain a×v query decryption results;
aiming at each inquiry decryption result, decoding by using Chinese remainder theorem based on plaintext data corresponding to the inquiry decryption result to obtain each decoding data, wherein each decoding data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the inquiry decryption result one by one;
and taking the decoded data with the same data bit number as the data bit number of the queried data as the query result of the corresponding key words from the decoded data.
Further, the length of the prime number of the preset number is larger than the designated bit number of the data bit number of the queried data held by the server device.
The embodiment of the application provides a privacy keyword query method, which is applied to server equipment, and comprises the following steps:
receiving v×m ciphertext data sent by a client device, wherein the v×m ciphertext data are generated by the client device by adopting the following steps:
the client device groups a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
The client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords to obtain total v plaintext data for the v group of keywords;
the client device calculates ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the server device uses m ciphertext data corresponding to the plaintext data as input of a first polynomial function, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses m ciphertext data corresponding to the plaintext data as input of a second polynomial function, performs semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of parts of n queried data divided according to m pieces of data included in each piece of data, a first polynomial function and a second polynomial function are generated for each piece of data respectively, a keyword in one part of data is calculated as input of the corresponding first polynomial function, the result is 0, a keyword in one part of data is calculated as input of the corresponding second polynomial function, and the result is data corresponding to the keyword in the part of data;
The server equipment calculates the product of random numbers corresponding to the data and the plaintext data multiplied by first semi-homomorphic ciphertext data corresponding to the data and the plaintext data by homomorphic number multiplication and homomorphic addition on ciphertext by using a public key, and the sum of second semi-homomorphic ciphertext data corresponding to the plaintext data and the data is taken as query ciphertext data, so as to obtain a multiplied by v query ciphertext data in total, wherein the random numbers are obtained by taking random numbers through a module M;
and sending the a×v query ciphertext data to the client device, so that the client device decrypts the a×v query ciphertext data by using a private key to obtain a a×v query decryption result, and decoding the a×v query ciphertext data by using a Chinese remainder theorem based on plaintext data corresponding to the query decryption result for each query decryption result to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one, and the decoded data with the same data bit number as the data bit number of the queried data is used as the query result of the corresponding keyword from each decoded data.
Further, the length of the prime number of the preset number is larger than the designated bit number of the data bit number of the queried data held by the server device.
Further, before the inputting of the m ciphertext data corresponding to the plaintext data as a first polynomial function for each plaintext data, performing semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and the inputting of the m ciphertext data corresponding to the plaintext data as a second polynomial function, performing semi-homomorphic encryption calculation using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, the method further includes:
and carrying out interpolation calculation by taking M as a modulus for each data to obtain coefficients of a first polynomial function and a second polynomial function corresponding to the data.
The embodiment of the application provides a privacy keyword query device, which is applied to client equipment, and comprises:
the keyword grouping module is used for grouping a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
The keyword coding module is used for taking the prime numbers with the preset number as parameters of the Chinese residual theorem for each group of keywords, calculating congruence data of the preset number of keywords contained in the group of keywords by using the Chinese residual theorem, and taking the congruence data as plaintext data for the group of keywords packaged and coded to obtain total v plaintext data for the v group of keywords;
the plaintext data encryption module is used for calculating ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of the preset number of prime numbers, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the ciphertext data sending module is used for sending v×m ciphertext data to a server side device, so that the server side device uses M ciphertext data corresponding to the plaintext data as input of a first polynomial function, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses a public key to perform semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is a part of dividing n queried data according to M pieces of data, a first polynomial function and a second polynomial function are generated for each piece of data respectively, uses a keyword in one piece of data as input of the first polynomial function corresponding to obtain a result of 0, uses a keyword in the one piece of data as input of the second polynomial function corresponding to the second polynomial function, uses the keyword in the one piece of data as input of the second homomorphic function to perform homomorphic calculation to the corresponding to the plaintext data, uses the second homomorphic function to obtain a random ciphertext data corresponding to the second homomorphic function, and the random data corresponding to obtain a random ciphertext data, and the random product of the ciphertext data is obtained by using the random sum of the first polynomial function and the second homomorphic function to obtain the plaintext data, and the random ciphertext data corresponding to the random value, and transmitting the a×v query ciphertext data to the client device;
The inquiry ciphertext data decryption module is used for decrypting the a multiplied by v inquiry ciphertext data by using a private key to obtain a multiplied by v inquiry decryption results;
the data decoding module is used for decoding the plaintext data corresponding to each inquiry decryption result by using the Chinese remainder theorem based on the plaintext data corresponding to the inquiry decryption result to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the inquiry decryption result one by one;
and the query result determining module is used for taking the decoded data with the same data bit number as the data bit number of the queried data from the decoded data as the query result of the corresponding keyword.
Further, the length of the prime number of the preset number is larger than the designated bit number of the data bit number of the queried data held by the server device.
The embodiment of the application provides a privacy keyword query device, which is applied to a server device, and comprises:
the ciphertext data receiving module is used for receiving v×m ciphertext data sent by the client device, wherein the v×m ciphertext data are generated by the client device through the following steps:
The client device groups a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords to obtain total v plaintext data for the v group of keywords;
the client device calculates ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the system comprises a ciphertext data calculation module, a first polynomial function and a second polynomial function, wherein the ciphertext data calculation module is used for taking m ciphertext data corresponding to plaintext data as the input of a first polynomial function, performing semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, taking m ciphertext data corresponding to the plaintext data as the input of a second polynomial function, performing semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, the a is the number of parts of n queried data divided according to m pieces of data included in each piece of data, the a first polynomial function and the a second polynomial function are generated for each piece of data respectively, the keyword in one part of data is calculated as the input of the corresponding first polynomial function, the result is 0, the keyword in one part of data is calculated as the input of the corresponding second polynomial function, and the result is the data corresponding to the keyword in the part of data;
The semi-homomorphic ciphertext data calculation module is used for calculating the product of random numbers corresponding to the data and the plaintext data multiplied by first semi-homomorphic ciphertext data corresponding to the data and the plaintext data and the second semi-homomorphic ciphertext data corresponding to the data by using a public key to multiply and homomorphic addition on ciphertext for each data and each plaintext data, and taking the sum of the random numbers corresponding to the plaintext data and the second semi-homomorphic ciphertext data corresponding to the data as query ciphertext data to obtain a multiplied by v query ciphertext data in total, wherein the random numbers are obtained randomly by taking a modulus M;
and the query ciphertext data sending module is used for sending the a×v query ciphertext data to the client equipment, so that the client equipment uses a private key to decrypt the a×v query ciphertext data to obtain a×v query decryption results, decodes each query decryption result by using the Chinese remainder theorem based on the plaintext data corresponding to the query decryption result to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one, and the decoded data with the same data bit number as the data bit number of the queried data is used as the query result of the corresponding keyword.
An electronic device includes a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: the privacy keyword query method applied to the client device is realized, or the privacy keyword query method applied to the server device is realized.
The embodiment of the application provides a computer readable storage medium, wherein a computer program is stored in the computer readable storage medium, and when the computer program is executed by a processor, the privacy keyword query method of any one application to client equipment is realized, or the privacy keyword query method of any one application to server equipment is realized.
The embodiment of the application also provides a computer program product containing instructions, which when run on a computer, causes the computer to execute any one of the above-mentioned privacy keyword query methods applied to the client device or execute any one of the above-mentioned privacy keyword query methods applied to the server device.
The beneficial effects of the application include:
In the method provided by the embodiment of the application, the client device groups a plurality of keywords to be queried, performs packing coding by using the Chinese remainder theorem, performs privacy keyword query by message interaction with the server device by adopting a semi-homomorphic encryption algorithm, obtains query ciphertext data returned by the server device, and obtains query results of the keywords from the obtained decoded data after decryption and decoding, so that privacy query is performed on a plurality of keywords in batches at one time, the query efficiency is improved, and the privacy query is realized based on the semi-homomorphic encryption method, thereby reducing calculation and communication expenses.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
Drawings
The accompanying drawings are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate the application and together with the description serve to explain the embodiment of the application, and do not limit the application. In the drawings:
Fig. 1 is a flowchart of a privacy keyword query method applied to a client device according to an embodiment of the present application;
fig. 2 is a flowchart of a method for querying a privacy keyword applied to a server device according to an embodiment of the present application;
fig. 3 is a flowchart of a privacy keyword query method provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of a privacy keyword query device applied to a client device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a privacy keyword query device applied to a server device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to provide an implementation scheme for improving the query efficiency of the privacy keyword query and reducing the calculation overhead, the embodiments of the present application provide a method, an apparatus and an electronic device for querying the privacy keyword, and hereinafter, preferred embodiments of the present application will be described with reference to the accompanying drawings of the specification, but it should be understood that the preferred embodiments described herein are only used for illustrating and explaining the present application, and are not limited to the present application. And embodiments and features of embodiments in this application may be combined with each other without conflict.
The embodiment of the application provides a privacy keyword query method, which is applied to a client device, as shown in fig. 1, and comprises the following steps:
step 14, transmitting v×m ciphertext data to a server device, so that the server device uses M ciphertext data corresponding to the plaintext data as input of a first polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses M ciphertext data corresponding to the plaintext data as input of a second polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, a is a part of dividing n queried data according to M pieces of data, a first polynomial function and a second polynomial function are generated for each piece of plaintext data respectively, uses a keyword in one piece of data as input of a corresponding first polynomial function, uses a result of 0 to calculate a keyword in one piece of data as input of a corresponding second polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, uses M pieces of data to include M pieces of data to obtain a plaintext data corresponding to be queried according to each piece of plaintext data, a first polynomial function and a random value, and a corresponding to the first ciphertext data is a random value, and the corresponding to the random data is a random data, and the first ciphertext data is obtained by the same-state computing device;
and step 17, decoding data with the same data bit number as the data bit number of the queried data is used as the query result of the corresponding key words from the decoding data.
Correspondingly, the embodiment of the application also provides a privacy keyword query method, which is applied to the server device, as shown in fig. 2, and the method comprises the following steps:
the method comprises the steps that a plurality of keywords to be queried are grouped according to the fact that each group comprises a preset number of keywords, v groups of keywords are obtained, and the number of keywords contained in the v groups of keywords is smaller than or equal to the preset number;
the client device uses a preset number of prime numbers as parameters of a Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords to obtain total v plaintext data for v groups of keywords;
The method comprises the steps that a client device calculates ciphertext data of 1 to M powers of plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is a product of prime numbers of preset quantity, M is an integer with square closest to n, n is the quantity of queried data held by a server device, and each queried data comprises keywords and corresponding data;
The method comprises the steps that for each plaintext data, a server device takes m ciphertext data corresponding to the plaintext data as input of a first polynomial function, a public key is used for conducting semi-homomorphic encryption calculation to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, m ciphertext data corresponding to the plaintext data are taken as input of a second polynomial function, the public key is used for conducting semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, a is the number of parts of n queried data divided according to the fact that each data comprises m pieces of data, a first polynomial function and a second polynomial function are generated for each data respectively, keywords in one part of data are taken as input of the corresponding first polynomial function, the result is 0, keywords in the one part of data are taken as input of the corresponding second polynomial function, and the result is data corresponding to the keywords in the part of data;
and step 24, sending a×v pieces of inquiry ciphertext data to the client device, so that the client device uses a private key to decrypt the a×v pieces of inquiry ciphertext data to obtain a×v inquiry decryption results, and decoding the a×v pieces of inquiry ciphertext data based on plaintext data corresponding to each inquiry decryption result by using Chinese remainder theorem on the basis of the inquiry decryption result to obtain each piece of decoding data, wherein each piece of decoding data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the inquiry decryption result one by one, and the decoding data with the same data bit number as the data bit number of the inquired data is used as the inquiry result of the corresponding keyword.
By adopting the method provided by the embodiment of the application, the client device groups a plurality of keywords to be queried, performs packing coding by using the Chinese residual theorem, performs privacy keyword query by message interaction with the server device by adopting a semi-homomorphic encryption algorithm, obtains query ciphertext data returned by the server device, and obtains query results of the keywords from the obtained decoded data after decryption and decoding, so that privacy query for a plurality of keywords in batches at one time is realized, query efficiency is improved, and privacy query is realized based on the semi-homomorphic encryption method, and calculation and communication expenses are reduced.
The method and apparatus provided herein are described in detail with particular embodiments in conjunction with the accompanying drawings.
The embodiment of the application also provides a method for inquiring the privacy keywords, wherein the client device is used as an inquirer, and the server device is used as an inquired party, as shown in fig. 3, and the method comprises the following steps:
step 301, the client device generates a private key sk and a public key pk of the semi-homomorphic encryption algorithm, and sends the public key pk to the server device.
Step 302, negotiating between the client device and the server device to generate a preset number of prime numbers as parameters of the chinese remainder theorem.
In this step, the client device may generate a preset number of prime numbers, and send the generated preset number of prime numbers to the server device;
or the server device may generate a preset number of prime numbers and send the generated prime numbers to the client device.
In the embodiment of the application, the preset number of prime numbers is used for packing and encoding keywords to be queried by the client device through Chinese remainder theorem (Chinese Remainder Theorem, CRT), and the server device generates a polynomial function for queried data.
Further, in order to improve the accuracy of calculation in the subsequent query and the data security, the length of the preset number of prime numbers may be greater than a specified number of bits of the queried data held by the server device, specifically, the specified number of bits may be a statistical security parameter, for example, the statistical security parameter is 40 bits, the number of bits of the queried data is L, and the length of the prime numbers may be (l+40) bits.
The greater the length of the prime number is, the higher the accuracy and safety of calculation are, but the greater the calculation amount is, and in practical application, the flexible setting can be performed based on the requirement of practical application.
Step 303, grouping the keywords to be queried according to the preset number of keywords contained in each group, so as to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number.
In one example, assuming that the number of the plurality of keywords to be queried is u and the preset number is 8, grouping the keywords according to each group includes 8 keywords to obtain v groups of keywords, wherein the number of keywords included in the first v-1 group of keywords is 8, and the number of keywords included in the v th group of keywords may be less than 8 or equal to 8.
Step 304, the client device uses a preset number of prime numbers as parameters of the Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords, so as to obtain v total plaintext data for v groups of keywords.
For example, in the above example, the set of keywords includes keyword x 1 -x 8 Totally 8 keywords, 8 prime numbers comprise prime number p 1 -p 8 And calculating congruence data of a preset number of keywords contained in the group of keywords by using the Chinese remainder theorem aiming at the group of keywords, wherein the result satisfies the following relational expression:
y=x 1 (mod p 1 )
y=x 2 (mod p 2 )
......
y=x 8 (mod p8)
Wherein y=x 1 (mod p 1 ) For example, it represents y and x 1 P pair of 1 Congruence.
In the embodiment of the application, v congruence data, namely v plaintext data, are obtained for v groups of keywords and respectively recorded as y 1 -y v May also be expressed as y i I is an integer from 1 to v.
Wherein v plaintext data are all a number in the range of modulo M, i.e. a number in the range of 0 to M-1, the modulo M being the product of a predetermined number of prime numbers, i.e. m=p 1× p 2× ... × p 8 。
In step 305, the client device calculates, for each plaintext data, ciphertext data modulo M by using a public key pk, where M is a product of a preset number of prime numbers, M is an integer whose square is closest to n, n is a number of queried data held by the server device, and each queried data includes a keyword and corresponding data.
The value of m or n may be known by the client device from the server device.
In this step, the plaintext data y corresponding to the ith group of keywords is used i The plaintext data y i The 1 to m power of (c) can be expressed as: y is i 1 -y i m I.e. y i 1 ,y i 2 ,...,y i m ;
The plaintext data y i The result of modulo M by the power of 1 to M can be expressed as: y is i 1 mod M -y i m mod M, i.e. y i 1 mod M,y i 2 mod M,...,y i m mod M, y for convenience of description to follow i 1 mod M -y i m mod M, i.e. y i 1 mod M,y i 2 mod M,...,y i m mod M, denoted as: y is Y i 1 -Y i m I.e. Y i 1 ,Y i 2 ,...,Y i m ;
The modulo result is encrypted by using the public key pk, and the obtained m ciphertext data may be represented as:
[Y i 1 ] –[Y i m ]i.e. [ Y ] i 1 ],[Y i 2 ],...,[Y i m ]I takes on a value from 1 to vIs an integer of (a).
In the embodiment of the present application, according to the above example, the set of keywords includes keyword x 1 -x 8 Totally 8 keywords, 8 prime numbers comprise prime number p 1 -p 8 And if the calculated corresponding plaintext data is y, taking the modulus of the power of i of y to M, and meeting the following relation:
y i =x 1 i mod p 1
y i =x 2 i mod p 2
......
y i =x 8 i mod p 8
that is, y i mod M is in fact x 1 i mod p 1 、x 2 i mod p 2 、...、x 8 i mod p 8 Therefore, in the embodiment of the present application, for each plaintext data, M is modulo by 1 to M power of the plaintext data, and the modulo result is encrypted by using the public key pk, so as to obtain ciphertext data modulo by 1 to M power of the plaintext data.
Step 306, the client device sends v×m ciphertext data to the server device.
Step 307, the server device divides the data to be queried into multiple pieces of data.
The server device holds n pieces of queried data, each piece of queried data comprises a keyword and corresponding data, namely a key value pair, which can be expressed as (x 1 ,d 1 ),(x 2 ,d 2 ),…,(x n ,d n ) Wherein x is 1 -x n Represents n keywords, d 1 -d n Representing the corresponding data.
Dividing n pieces of queried data into a plurality of pieces of queried data according to the condition that each piece of data comprises m pieces of queried data, wherein m is an integer with the square closest to n, and n= (a-1) x m+b, wherein b is more than 0 and less than or equal to m, namely dividing the n pieces of queried data into a parts, wherein the first a-1 pieces of data comprise m pieces of queried data, and the a-th piece of data comprise b pieces of queried data, wherein the a-th piece of data comprises the following data:
data D1 1 :(x 1 ,d 1 ),(x 2 ,d 2 ),…,(x m ,d m );
Data D2 2 :(x m +1,d m +1),(x m +2,d m +2),…,(x 2m ,d 2m );
……
Data D of part a a :
(x (a-1)×m+1 ,d (a-1)×m+1 ),(x (a-1)×m+2 ,d (a-1)×m+2) ,…,(x n ,d n )。
Step 308, the server device generates a first polynomial function and a second polynomial function for each data, wherein the keyword in one piece of data is calculated as the input of the corresponding first polynomial function, the result is 0, the keyword in one piece of data is calculated as the input of the corresponding second polynomial function, and the result is the data corresponding to the keyword in the piece of data.
In the above example, n pieces of queried data are divided into a pieces of data, and the first polynomial function generated for the j-th piece of data is F j (x) The second polynomial function is generated as G j (x) The highest power of the first polynomial function and the highest power of the second polynomial function are not greater than the amount of the queried data contained in the data, the highest power may also be the amount of the queried data contained in the data, for example, the amount of the queried data contained in the data is m, the highest power of the first polynomial function and the highest power of the second polynomial function may also be m, the amount of the queried data contained in the first polynomial function and the second polynomial function is d (such as the a-th data, d is less than or equal to m), the highest power of the first polynomial function and the highest power of the second polynomial function is not greater than d, the highest power may also be d, but some polynomial coefficients may be 0, wherein j takes an integer of 1-a, i.e. a total of a first polynomial functions and a second polynomial functions are obtained;
First polynomial function F j (x) The following relation is satisfied:
F j (x k ) =0, where k= (j-1) x m+1, (j-1) x m+2, …, i.e. x k Get pass D j Keywords of all queried data;
second polynomial function G j (x) The following relation is satisfied:
G j (x k )=d k where k= (j-1) x m+1, (j-1) x m+2, …, i.e. x k Get pass D j Keywords of all queried data d k Is the corresponding keyword x k Data of (2);
for x k Wherein k is an integer from 1 to n.
In this embodiment, a first polynomial function and a second polynomial function are generated, and mainly polynomial coefficients are calculated, in this step, for each data, M may be used as a modulus to perform interpolation calculation, so as to obtain coefficients of the first polynomial function and the second polynomial function corresponding to the data, that is, perform interpolation calculation in the meaning of M, so as to obtain polynomial coefficients, and in the meaning of M, it may be understood that all operations will finally take a modulus for M, and the result is in the range of 0 to M-1.
Regarding the generation of the first polynomial function and the second polynomial function in step 308, if the preset number of prime numbers is generated by the server device, the server may generate the first polynomial function and the second polynomial function in advance, and for the request of the privacy keyword query of different client devices, the first polynomial function and the second polynomial function generated in advance may be used.
There is no strict order between steps 307-308 and steps 303-306.
Step 309, after receiving v×m ciphertext data, the server device receives v plaintext data corresponding to v ciphertext data, that is, each plaintext data corresponds to m ciphertext data, and for each plaintext data, performs semi-homomorphic encryption computation using a public key, which may be homomorphic addition and homomorphic number multiplication of a semi-homomorphic encryption algorithm, on input of a first polynomial function, and performs semi-homomorphic encryption computation using a public key, which may be homomorphic addition and homomorphic number multiplication of a second polynomial function, on input of a second ciphertext function, which may be corresponding to a second homomorphic ciphertext corresponding to the plaintext data.
For a polynomial function f (x) with a highest power not exceeding m, if Y is known 2 ,…,Y m Ciphertext [ Y ]],[Y 2 ],…,[Y m ]The polynomial function f (x) =c can be calculated using public key and homomorphic addition and homomorphic number multiplication using semi-homomorphic encryption algorithm 0 +c 1 x+c 2 x 2 +…+c m x m The function value at x=y, resulting in ciphertext [ f (Y) ]Since each polynomial coefficient of f (x) is a known multiplier, the result of ciphertext can be obtained by multiplying and summing the numbers respectively.
In this embodiment of the present application, when v×m ciphertext data are received by the server device, the server device may be regarded as v groups of ciphertext data, where each group of ciphertext data includes m ciphertext data, and the v groups of ciphertext data are in one-to-one correspondence with the v plaintext data, that is, are also in one-to-one correspondence with the v groups of keywords.
For the ith plaintext data, the corresponding ith ciphertext data is [ Y ] i 1 ],[Y i 2 ],...,[Y i m ]The set of ciphertext data is used as a first polynomial function F j (x) To obtain semi-homomorphic ciphertext data F j (Y i ) For convenience of description, it will be referred to as first semi-homomorphic ciphertext data F j (Y i ) J is an integer of 1-a, so that a pieces of first semi-homomorphic ciphertext data F are obtained in total j (Y i ) I.e. [ F ] 1 (Y i )] , [F 2 (Y i )], ...,[F a (Y i )]。
The set of ciphertext data is used as a second polynomial function G j (x) Is input to obtain semi-homomorphic ciphertext data G j (Y i ) For convenience of description, it will be referred to as second semi-homomorphic ciphertext data G j (Y i ) J is an integer of 1-a, so that a second semi-homomorphic ciphertext data G are obtained in total j (Y i ) I.e. [ G ] 1 (Y i )] , [G 2 (Y i )], ... , [G a (Y i )]。
Step 310, the server device multiplies each data and each plaintext data by a homomorphic number by using a public key and homomorphic addition on a ciphertext, calculates a product of the random number corresponding to the data and the plaintext data multiplied by the first half homomorphic ciphertext data corresponding to the data, and sums the random number corresponding to the plaintext data and the second half homomorphic ciphertext data corresponding to the data as query ciphertext data, and obtains a×v query ciphertext data in total, wherein the random number is obtained by taking a random number by a modulus M.
The random number is obtained by taking the modulus M as random, and it is understood that the random number is in the range of 0 to M-1, and the probability of taking each integer in the range of 0 to M-1 is the same.
In this step, for the ith plaintext data and the jth data, the sum value as the query ciphertext data is calculated by multiplying the homomorphic number by the public key pk and homomorphic addition on the ciphertext using the following formula:
r j,i× F j (x) + G j (x) X is Y i ;
For the ith plaintext data, j is respectively taken as an integer of 1-a to obtain [ r ] 1,i× F 1 (Y i ) + G 1 (Y i )],[r 2,i× F 2 (Y i ) + G 2 (Y i )],...,[r a,i× F a (Y i ) + G a (Y i )]A total of inquiry ciphertext data;
i is an integer of 1-v, and a total of a×v query ciphertext data are obtained.
Step 311, the server device sends a×v query ciphertext data to the client device.
Step 312, the client device decrypts the a×v pieces of inquiry ciphertext data by using the private key sk, to obtain a×v inquiry decryption results.
a×v queriesThe decryption result may be expressed as z j,i J is an integer from 1 to a, and i is an integer from 1 to v.
Step 313, the client device decodes, based on the plaintext data corresponding to the query decryption result, using the chinese remainder theorem to obtain each decoded data, where each decoded data corresponds to each keyword included in a set of keywords corresponding to the plaintext data corresponding to the query decryption result.
In this step, each query decryption result corresponds to 1 plaintext data, i.e., query decryption result z j,i And the ith plaintext data y i Correspondingly, based on the corresponding plaintext data y i Decrypting the ciphertext using the Chinese remainder theorem j,i The decoding is performed, and the number of the obtained decoding data is the same as the number of the keywords included in the ith group of keywords corresponding to the ith plaintext data, so that the decoding data corresponds to the keywords included in the corresponding group of keywords one by one.
The method comprises the steps that 1 ciphertext decryption result corresponding to plaintext data is a in total, each keyword to be queried contained in a group of keywords corresponding to the plaintext data has 1 decoding data corresponding to the keyword in each decoding data obtained by decoding each ciphertext decryption result, and a total of u multiplied by a decoding data is obtained by corresponding a decoding data to the keyword in all decoding data obtained by decoding a ciphertext decryption result in each decoding data obtained by decoding a ciphertext decryption result.
According to the above example, the preset number is 8, and taking 1 group of keywords corresponding to 1 plaintext data as an example, the 1 group of keywords includes 8 keywords, and the 8 prime numbers include prime number p 1 -p 8 If the ciphertext decryption result corresponding to the plaintext data is z, the ciphertext decryption result z is decoded by using the Chinese remainder theorem, and can be calculated by adopting the following formula:
z 1 =z mod p 1
z 2 =z mod p 2
......
z 8 =z mod p 8
obtained z 1 、z 2 、...、z 8 I.e. decoded data obtained by decoding, wherein z is 1 =z mod p 1 For example, z 1 Is z to p 1 And taking the result of the modulus.
In step 314, the client device uses the decoded data whose number of data bits matches the number of data bits of the queried data as the query result of the corresponding keyword.
According to step 313, for each keyword to be queried, a pieces of decoded data are obtained, and accordingly, from the a pieces of decoded data, the decoded data with the data bit number identical to that of the queried data (i.e. the data in the key pair consisting of the corresponding keyword and the data) can be used as the query result of the keyword, if the decoded data with the data bit number identical does not exist, the fact that the queried data corresponding to the keyword is not queried from the queried data held by the server device is indicated.
For example, if a pieces of decoded data corresponding to the keyword to be queried have the number of data bits equal to the prime number p i A coincidence, i.e., greater than the specified number of bits of the queried data (e.g., 40 bits in the example above), indicates that no data corresponding to the keyword was queried.
In the embodiment of the application, for a keyword to be queried, if there is decoding data with consistent data bits, only one decoding data with consistent data bits is present, and a plurality of decoding data cannot exist, namely only one data corresponding to the keyword to be queried can be queried.
Based on the same inventive concept, according to the privacy keyword query method applied to the client device provided in the above embodiment of the present application, correspondingly, another embodiment of the present application further provides a privacy keyword query device applied to the client device, and the structural schematic diagram of the privacy keyword query device is shown in fig. 4, and specifically includes:
the keyword grouping module 41 is configured to group a plurality of keywords to be queried according to a preset number of keywords included in each group, so as to obtain v groups of keywords, where the number of keywords included in the v groups of keywords is less than or equal to the preset number;
the keyword encoding module 42 is configured to calculate, for each group of keywords, congruent data of the preset number of keywords included in the group of keywords by using the chinese residual theorem, with the preset number of prime numbers as parameters of the chinese residual theorem, and obtain total v plaintext data for the v group of keywords as plaintext data for the group of keywords package encoding;
A plaintext data encryption module 43, configured to calculate, for each plaintext data, ciphertext data modulo M by using a public key to 1 to M powers of the plaintext data, to obtain v×m total ciphertext data for v plaintext data, where M is a product of the preset number of prime numbers, M is an integer with a square closest to n, n is a number of queried data held by a server device, and each queried data includes a keyword and corresponding data;
the ciphertext data sending module 44 is configured to send the v×m ciphertext data to a server device, so that the server device uses a public key to perform semi-homomorphic encryption calculation on M ciphertext data corresponding to the plaintext data as input of a first polynomial function, obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses a public key to perform semi-homomorphic encryption calculation on M ciphertext data corresponding to the plaintext data as input of a second polynomial function, obtains a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is a number of parts of plaintext data divided by n pieces of queried data according to M pieces of data, a first polynomial function and a second polynomial function are generated for each piece of data respectively, uses a keyword in one piece of data as input of a first polynomial function corresponding to each piece of data to perform calculation, uses a keyword in the one piece of data as input of a second polynomial function corresponding to the plaintext data as input of a second polynomial function, uses a second homomorphic function corresponding to perform semi-homomorphic encryption calculation on the plaintext data, uses a random polynomial function as input of the corresponding to each piece of plaintext data, and the random polynomial function to obtain a random product ciphertext data, and the random product of the ciphertext data is obtained by using the random sum of the first polynomial function and the corresponding to each piece of plaintext data, and the random ciphertext data is obtained, and transmitting the a×v query ciphertext data to the client device;
The query ciphertext data decryption module 45 is configured to decrypt the a×v query ciphertext data by using the private key, to obtain a×v query decryption results;
the data decoding module 46 is configured to decode, for each of the query decryption results, using the chinese remainder theorem to obtain each decoded data, where each decoded data corresponds to each keyword included in a set of keywords corresponding to the plaintext data corresponding to the query decryption result;
the query result determining module 47 is configured to determine, from the respective decoded data, decoded data having a data bit number identical to that of the queried data, as a query result of the corresponding keyword.
Further, the length of the prime number of the preset number is larger than the designated bit number of the data bit number of the queried data held by the server device.
Based on the same inventive concept, according to the privacy keyword query method applied to the client device provided in the above embodiment of the present application, correspondingly, another embodiment of the present application further provides a privacy keyword query device applied to the server device, and the structural schematic diagram of the privacy keyword query device is shown in fig. 5, and specifically includes:
The ciphertext data receiving module 51 is configured to receive v×m ciphertext data sent by a client device, where the v×m ciphertext data are generated by the client device by adopting the following steps:
the client device groups a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords to obtain total v plaintext data for the v group of keywords;
the client device calculates ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
The ciphertext data calculation module 52 is configured to, for each plaintext data, perform semi-homomorphic encryption calculation on m ciphertext data corresponding to the plaintext data as input of a first polynomial function using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and perform semi-homomorphic encryption calculation on m ciphertext data corresponding to the plaintext data as input of a second polynomial function using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, where a is the number of parts in which n pieces of queried data are divided according to each piece of data including m pieces of data, a first polynomial function and a second polynomial function are generated for each piece of data respectively, calculate a keyword in one part of data as input of a corresponding first polynomial function, and calculate a result as 0, and calculate a keyword in one part of data as input of a corresponding second polynomial function, and obtain a calculation result as data corresponding to the keyword in the part of data;
a semi-homomorphic ciphertext data calculation module 53, configured to, for each data and each plaintext data, calculate a product of a random number corresponding to the data and the plaintext data multiplied by a first semi-homomorphic ciphertext data corresponding to the plaintext data and the data, and a sum of a second semi-homomorphic ciphertext data corresponding to the plaintext data and the data, as query ciphertext data, to obtain a×v query ciphertext data in total, where the random number is obtained by taking a random number from a modulo M;
And a query ciphertext data sending module 54, configured to send the a×v query ciphertext data to the client device, so that the client device decrypts the a×v query ciphertext data using the private key to obtain a×v query decryption results, and for each of the query decryption results, decode the corresponding plaintext data based on the query decryption result using the chinese remainder theorem to obtain each decoded data, where each decoded data corresponds to each keyword included in a set of keywords corresponding to the plaintext data corresponding to the query decryption result, and use, from each decoded data, decoded data having a data bit number identical to a data bit number of the queried data as a query result of the corresponding keyword.
Further, the length of the prime number of the preset number is larger than the designated bit number of the data bit number of the queried data held by the server device.
Further, the ciphertext data calculation module 52 is further configured to perform interpolation calculation with M as a modulus for each data, to obtain coefficients of the first polynomial function and the second polynomial function corresponding to the data.
The functions of the above modules may correspond to the corresponding processing steps in the flow shown in fig. 1 to 3, and are not described herein.
The privacy keyword query device provided by the embodiment of the application can be realized through a computer program. It should be understood by those skilled in the art that the above-mentioned module dividing manner is only one of many module dividing manners, and if the module dividing manner is divided into other modules or not, it is within the scope of protection of the present application as long as the privacy keyword query device has the above-mentioned functions.
An embodiment of the present application provides an electronic device, as shown in fig. 6, comprising a processor 61 and a machine-readable storage medium 62, the machine-readable storage medium 62 storing machine-executable instructions executable by the processor 61, the processor 61 being caused by the machine-executable instructions to: the privacy keyword query method applied to the client device is realized, or the privacy keyword query method applied to the server device is realized.
The embodiment of the application provides a computer readable storage medium, wherein a computer program is stored in the computer readable storage medium, and when the computer program is executed by a processor, the privacy keyword query method of any one application to client equipment is realized, or the privacy keyword query method of any one application to server equipment is realized.
The embodiment of the application also provides a computer program product containing instructions, which when run on a computer, causes the computer to execute any one of the above-mentioned privacy keyword query methods applied to the client device or execute any one of the above-mentioned privacy keyword query methods applied to the server device.
The machine-readable storage medium in the electronic device may include random access Memory (Random Access Memory, RAM) or may include Non-Volatile Memory (NVM), such as at least one magnetic disk Memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for an apparatus, an electronic device, a computer readable storage medium, a computer program product embodiment, since it is substantially similar to a method embodiment, the description is relatively simple, and reference is made to the section description of a method embodiment for relevant points.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.
Claims (10)
1. A method for querying a privacy keyword, applied to a client device, the method comprising:
grouping a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of keywords contained in the v groups of keywords is smaller than or equal to the preset number;
aiming at each group of keywords, taking the prime numbers with the preset number as parameters of the Chinese residual theorem, and calculating congruence data of the preset number of keywords contained in the group of keywords by using the Chinese residual theorem to obtain total v plaintext data aiming at the v groups of keywords as plaintext data for the group of keywords package coding;
Calculating ciphertext data of modulus M of 1 to M power of the plaintext data by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by a server device, and each queried data comprises a keyword and corresponding data;
transmitting v×m ciphertext data to a server device, so that the server device uses M ciphertext data corresponding to the plaintext data as input of a first polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses M ciphertext data corresponding to the plaintext data as input of a second polynomial function, uses a public key to perform semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is a part of n queried data divided according to M pieces of data, a first polynomial function and a second polynomial function are generated for each piece of plaintext data respectively, uses a keyword in one piece of data as input of a corresponding first polynomial function to perform calculation, uses a keyword in one piece of data as input of a corresponding second polynomial function to perform calculation, uses a second homomorphic function as input of the corresponding second polynomial function to perform semi-homomorphic encryption calculation, uses a keyword in the one piece of data as input of a corresponding second polynomial function to perform the corresponding keyword in the one piece of data to perform the calculation, uses the keyword in the one piece of data as input of the corresponding second polynomial function to perform the corresponding keyword in the one piece of data, and uses the one piece of the first polynomial function as input of the corresponding second polynomial function to perform the one piece of the first polynomial function, and uses the one piece of keyword in the first polynomial function as the second polynomial function to perform the one of the one piece of the first polynomial function, and a corresponding to perform the one piece of the second homomorphic ciphertext data, and a corresponding ciphertext data, and a piece of the second homomorphic ciphertext data corresponding ciphertext data and a corresponding ciphertext data corresponding second polynomial function is obtained by one corresponding to a piece of the second polynomial function;
Decrypting the a×v query ciphertext data by using a private key to obtain a×v query decryption results;
aiming at each inquiry decryption result, decoding by using Chinese remainder theorem based on plaintext data corresponding to the inquiry decryption result to obtain each decoding data, wherein each decoding data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the inquiry decryption result one by one;
and taking the decoded data with the same data bit number as the data bit number of the queried data as the query result of the corresponding key words from the decoded data.
2. The method of claim 1, wherein the length of the predetermined number of prime numbers is greater than a specified number of bits of the queried data held by the server device.
3. The method is characterized by being applied to a server device, and comprises the following steps:
receiving v×m ciphertext data sent by a client device, wherein the v×m ciphertext data are generated by the client device by adopting the following steps:
the client device groups a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
The client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords to obtain total v plaintext data for the v group of keywords;
the client device calculates ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the server device uses m ciphertext data corresponding to the plaintext data as input of a first polynomial function, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses m ciphertext data corresponding to the plaintext data as input of a second polynomial function, performs semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is the number of parts of n queried data divided according to m pieces of data included in each piece of data, a first polynomial function and a second polynomial function are generated for each piece of data respectively, a keyword in one part of data is calculated as input of the corresponding first polynomial function, the result is 0, a keyword in one part of data is calculated as input of the corresponding second polynomial function, and the result is data corresponding to the keyword in the part of data;
The server equipment calculates the product of random numbers corresponding to the data and the plaintext data multiplied by first semi-homomorphic ciphertext data corresponding to the data and the plaintext data by homomorphic number multiplication and homomorphic addition on ciphertext by using a public key, and the sum of second semi-homomorphic ciphertext data corresponding to the plaintext data and the data is taken as query ciphertext data, so as to obtain a multiplied by v query ciphertext data in total, wherein the random numbers are obtained by taking random numbers through a module M;
and sending the a×v query ciphertext data to the client device, so that the client device decrypts the a×v query ciphertext data by using a private key to obtain a a×v query decryption result, and decoding the a×v query ciphertext data by using a Chinese remainder theorem based on plaintext data corresponding to the query decryption result for each query decryption result to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one, and the decoded data with the same data bit number as the data bit number of the queried data is used as the query result of the corresponding keyword from each decoded data.
4. A method according to claim 3, wherein the length of the predetermined number of prime numbers is greater than a specified number of bits of the queried data held by the server device.
5. The method of claim 3, wherein before said inputting the m ciphertext data corresponding to the plaintext data as a first polynomial function for each plaintext data, performing a semi-homomorphic encryption calculation using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, and inputting the m ciphertext data corresponding to the plaintext data as a second polynomial function, performing a semi-homomorphic encryption calculation using a public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, further comprising:
and carrying out interpolation calculation by taking M as a modulus for each data to obtain coefficients of a first polynomial function and a second polynomial function corresponding to the data.
6. A privacy keyword query apparatus, applied to a client device, the apparatus comprising:
the keyword grouping module is used for grouping a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
The keyword coding module is used for taking the prime numbers with the preset number as parameters of the Chinese residual theorem for each group of keywords, calculating congruence data of the preset number of keywords contained in the group of keywords by using the Chinese residual theorem, and taking the congruence data as plaintext data for the group of keywords packaged and coded to obtain total v plaintext data for the v group of keywords;
the plaintext data encryption module is used for calculating ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of the preset number of prime numbers, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the ciphertext data sending module is used for sending v×m ciphertext data to a server side device, so that the server side device uses M ciphertext data corresponding to the plaintext data as input of a first polynomial function, performs semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, uses a public key to perform semi-homomorphic encryption calculation to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, wherein a is a part of dividing n queried data according to M pieces of data, a first polynomial function and a second polynomial function are generated for each piece of data respectively, uses a keyword in one piece of data as input of the first polynomial function corresponding to obtain a result of 0, uses a keyword in the one piece of data as input of the second polynomial function corresponding to the second polynomial function, uses the keyword in the one piece of data as input of the second homomorphic function to perform homomorphic calculation to the corresponding to the plaintext data, uses the second homomorphic function to obtain a random ciphertext data corresponding to the second homomorphic function, and the random data corresponding to obtain a random ciphertext data, and the random product of the ciphertext data is obtained by using the random sum of the first polynomial function and the second homomorphic function to obtain the plaintext data, and the random ciphertext data corresponding to the random value, and transmitting the a×v query ciphertext data to the client device;
The inquiry ciphertext data decryption module is used for decrypting the a multiplied by v inquiry ciphertext data by using a private key to obtain a multiplied by v inquiry decryption results;
the data decoding module is used for decoding the plaintext data corresponding to each inquiry decryption result by using the Chinese remainder theorem based on the plaintext data corresponding to the inquiry decryption result to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the inquiry decryption result one by one;
and the query result determining module is used for taking the decoded data with the same data bit number as the data bit number of the queried data from the decoded data as the query result of the corresponding keyword.
7. The apparatus of claim 6, wherein the predetermined number of prime numbers has a length greater than a specified number of bits of the queried data held by the server device.
8. A privacy keyword query apparatus, applied to a server device, the apparatus comprising:
the ciphertext data receiving module is used for receiving v×m ciphertext data sent by the client device, wherein the v×m ciphertext data are generated by the client device through the following steps:
The client device groups a plurality of keywords to be queried according to the preset number of keywords contained in each group to obtain v groups of keywords, wherein the number of the keywords contained in the v groups of keywords is smaller than or equal to the preset number;
the client device uses the prime numbers of the preset number as parameters of the Chinese remainder theorem for each group of keywords, calculates congruence data of the preset number of keywords contained in the group of keywords by using the Chinese remainder theorem, and uses the congruence data as plaintext data for packing and encoding the group of keywords to obtain total v plaintext data for the v group of keywords;
the client device calculates ciphertext data of 1 to M powers of the plaintext data modulo M by using a public key for each plaintext data to obtain v multiplied by M ciphertext data for v plaintext data, wherein M is the product of prime numbers of the preset number, M is an integer with the square closest to n, n is the number of queried data held by the server device, and each queried data comprises a keyword and corresponding data;
the system comprises a ciphertext data calculation module, a first polynomial function and a second polynomial function, wherein the ciphertext data calculation module is used for taking m ciphertext data corresponding to plaintext data as the input of a first polynomial function, performing semi-homomorphic encryption calculation by using a public key to obtain a first semi-homomorphic ciphertext data corresponding to the plaintext data, taking m ciphertext data corresponding to the plaintext data as the input of a second polynomial function, performing semi-homomorphic encryption calculation by using the public key to obtain a second semi-homomorphic ciphertext data corresponding to the plaintext data, the a is the number of parts of n queried data divided according to m pieces of data included in each piece of data, the a first polynomial function and the a second polynomial function are generated for each piece of data respectively, the keyword in one part of data is calculated as the input of the corresponding first polynomial function, the result is 0, the keyword in one part of data is calculated as the input of the corresponding second polynomial function, and the result is the data corresponding to the keyword in the part of data;
The semi-homomorphic ciphertext data calculation module is used for calculating the product of random numbers corresponding to the data and the plaintext data multiplied by first semi-homomorphic ciphertext data corresponding to the data and the plaintext data and the second semi-homomorphic ciphertext data corresponding to the data by using a public key to multiply and homomorphic addition on ciphertext for each data and each plaintext data, and taking the sum of the random numbers corresponding to the plaintext data and the second semi-homomorphic ciphertext data corresponding to the data as query ciphertext data to obtain a multiplied by v query ciphertext data in total, wherein the random numbers are obtained randomly by taking a modulus M;
and the query ciphertext data sending module is used for sending the a×v query ciphertext data to the client equipment, so that the client equipment uses a private key to decrypt the a×v query ciphertext data to obtain a×v query decryption results, decodes each query decryption result by using the Chinese remainder theorem based on the plaintext data corresponding to the query decryption result to obtain each decoded data, wherein each decoded data corresponds to each keyword contained in a group of keywords corresponding to the plaintext data corresponding to the query decryption result one by one, and the decoded data with the same data bit number as the data bit number of the queried data is used as the query result of the corresponding keyword.
9. An electronic device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: a method according to any one of claims 1-2, or a method according to any one of claims 3-5.
10. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein a computer program which, when executed by a processor, implements the method of any of claims 1-2 or implements the method of any of claims 3-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310269239.8A CN115982424B (en) | 2023-03-15 | 2023-03-15 | Privacy keyword query method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310269239.8A CN115982424B (en) | 2023-03-15 | 2023-03-15 | Privacy keyword query method and device and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115982424A CN115982424A (en) | 2023-04-18 |
| CN115982424B true CN115982424B (en) | 2023-05-12 |
Family
ID=85966877
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310269239.8A Active CN115982424B (en) | 2023-03-15 | 2023-03-15 | Privacy keyword query method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115982424B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116208316B (en) * | 2023-04-27 | 2023-07-18 | 蓝象智联(杭州)科技有限公司 | Semi-homomorphic encryption method and device for saving storage space and storage medium |
| CN116303551B (en) * | 2023-05-16 | 2023-08-04 | 北京信安世纪科技股份有限公司 | Hidden query method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112667674A (en) * | 2021-03-12 | 2021-04-16 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
| CN114124343A (en) * | 2020-11-16 | 2022-03-01 | 神州融安数字科技(北京)有限公司 | Privacy-protecting risk scoring information query method, device, system and equipment |
| CN114428972A (en) * | 2022-01-21 | 2022-05-03 | 深圳市洞见智慧科技有限公司 | Privacy protection query method and device supporting outsourcing calculation and related equipment |
| CN114756886A (en) * | 2022-06-13 | 2022-07-15 | 华控清交信息科技(北京)有限公司 | Method and device for hiding trace query |
| CN114943038A (en) * | 2022-07-26 | 2022-08-26 | 阿里健康科技(杭州)有限公司 | Query method, server, query system, computer device, and storage medium |
| CN115186145A (en) * | 2022-09-09 | 2022-10-14 | 华控清交信息科技(北京)有限公司 | Privacy keyword query method, device and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8291237B2 (en) * | 2005-03-01 | 2012-10-16 | The Regents Of The University Of California | Method for private keyword search on streaming data |
-
2023
- 2023-03-15 CN CN202310269239.8A patent/CN115982424B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114124343A (en) * | 2020-11-16 | 2022-03-01 | 神州融安数字科技(北京)有限公司 | Privacy-protecting risk scoring information query method, device, system and equipment |
| CN112667674A (en) * | 2021-03-12 | 2021-04-16 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
| CN114428972A (en) * | 2022-01-21 | 2022-05-03 | 深圳市洞见智慧科技有限公司 | Privacy protection query method and device supporting outsourcing calculation and related equipment |
| CN114756886A (en) * | 2022-06-13 | 2022-07-15 | 华控清交信息科技(北京)有限公司 | Method and device for hiding trace query |
| CN114943038A (en) * | 2022-07-26 | 2022-08-26 | 阿里健康科技(杭州)有限公司 | Query method, server, query system, computer device, and storage medium |
| CN115186145A (en) * | 2022-09-09 | 2022-10-14 | 华控清交信息科技(北京)有限公司 | Privacy keyword query method, device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115982424A (en) | 2023-04-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106953722B (en) | Ciphertext query method and system for full homomorphic encryption | |
| CN115982424B (en) | Privacy keyword query method and device and electronic equipment | |
| Saarinen | HILA5: On reliability, reconciliation, and error correction for Ring-LWE encryption | |
| US9350543B2 (en) | Method and system for homomorphicly randomizing an input | |
| JP2024063125A (en) | Homomorphic encryption methods applied to private information retrieval | |
| Rohith et al. | Image encryption and decryption using chaotic key sequence generated by sequence of logistic map and sequence of states of Linear Feedback Shift Register | |
| NL2013944B1 (en) | Public-key encryption system. | |
| CN115186145B (en) | Privacy keyword query method, device and system | |
| JP2020074039A (en) | Method and system for encrypting data | |
| Sathyanarayana et al. | Symmetric Key Image Encryption Scheme with Key Sequences Derived from Random Sequence of Cyclic Elliptic Curve Points. | |
| CN115688167B (en) | Method, device and system for inquiring trace and storage medium | |
| WO1997031449A1 (en) | Communication method using common cryptographic key | |
| Jayapandian et al. | Secure and efficient online data storage and sharing over cloud environment using probabilistic with homomorphic encryption | |
| CN111404952B (en) | Transformer substation data encryption transmission method and device, computer equipment and storage medium | |
| CN115905710A (en) | System, method and device for inquiring hiding trace, electronic equipment and storage medium | |
| CN102449951A (en) | Method for performing a cryptographic task in an electronic component | |
| CN111555880A (en) | Data collision method and device, storage medium and electronic equipment | |
| WO2014030706A1 (en) | Encrypted database system, client device and server, method and program for adding encrypted data | |
| Silverman et al. | Timing attacks on NTRUEncrypt via variation in the number of hash calls | |
| CN114465708A (en) | Private data processing method, device, system, electronic equipment and storage medium | |
| CN114564730A (en) | Symmetric encryption-based federal packet statistic calculation method, device and medium | |
| CN112272082A (en) | Image encryption/decryption method and device, electronic equipment and storage medium | |
| CN117171202A (en) | Data query method and device | |
| CN113364577B (en) | Method and device for realizing OPRF protocol and electronic equipment | |
| Bai et al. | Privacy‐Preserving Oriented Floating‐Point Number Fully Homomorphic Encryption Scheme |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |