CN117349898B - Ciphertext K neighbor query method and system with hidden access mode - Google Patents
Ciphertext K neighbor query method and system with hidden access mode Download PDFInfo
- Publication number
- CN117349898B CN117349898B CN202311651440.9A CN202311651440A CN117349898B CN 117349898 B CN117349898 B CN 117349898B CN 202311651440 A CN202311651440 A CN 202311651440A CN 117349898 B CN117349898 B CN 117349898B
- Authority
- CN
- China
- Prior art keywords
- query
- data
- server
- ciphertext
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 74
- 238000004364 calculation method Methods 0.000 claims abstract description 18
- 230000005540 biological transmission Effects 0.000 claims description 24
- 230000009977 dual effect Effects 0.000 claims description 5
- 239000000654 additive Substances 0.000 description 4
- 230000000996 additive effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012946 outsourcing Methods 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2228—Indexing structures
- G06F16/2246—Trees, e.g. B+trees
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Databases & Information Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a ciphertext K neighbor query method and a system with hidden access modes, wherein the method comprises the following steps: the data owner client generates and distributes public and private key pairs of an addition homomorphic encryption algorithm, encrypts a data set by using the public key, and sends a ciphertext data set to a query server; the data inquirer client encrypts inquiry data by using the public key and sends the ciphertext inquiry data to the inquiry server; under the assistance of an auxiliary server, the query server sequentially calculates ciphertext square Euclidean distance from each data point in the data set to query data by using a safe distance calculation protocol, constructs a minimum value selection tree according to the ciphertext square Euclidean distance, and searches K ciphertext data points with the shortest distance by means of the minimum value selection tree; the query server and the auxiliary server return the query results to the data querier client, which recovers the plaintext query results. The invention can effectively realize confidentiality protection of data, query conditions, query results and access modes.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a ciphertext K neighbor query method and system with hidden access mode.
Background
In recent years, more and more enterprises and organizations store data to cloud servers and provide highly flexible data query services to the outside by the cloud servers. However, data privacy issues have become one of the major impediments to outsourcing storage of data. For confidentiality reasons, the user may store the ciphertext data to the cloud server and download all ciphertext data locally for decryption at the time of the query. Obviously, the query process is extremely inefficient and requires high storage capacity, computing power and bandwidth from the client.
Searchable encryption techniques allow a user to find data without decrypting ciphertext data. And the user sends the ciphertext query condition to the cloud server, and then the cloud server searches by using the ciphertext data and the ciphertext query condition and returns the ciphertext data meeting the query condition to the user. Because the adversary may guess the data and the query conditions in combination with a priori knowledge, in the high security application scenario, not only confidentiality of the data, the query conditions and the query results, but also a hidden access mode are required.
The K-nearest neighbor query problem of privacy protection has been attracting attention in recent years. K neighbor query is one of basic algorithms in the field of data processing, and is widely applied to the fields of data mining, information retrieval, social networks and the like. For a data set and a given query point, a K-nearest neighbor query finds the first K data from the data set that are euclidean distance from the query point. Most of the existing security K neighbor query schemes only consider confidentiality protection of data, query conditions and query results, and have the problem of access mode leakage.
Currently, the access mode hidden ciphertext K neighbor query scheme mainly comprises Elmehdwi, Y., samanthus, B.K., jiang, W., security K-nearest neighbor query over encrypted data In outsourced environmental elements In: ICDE, pp. 664-675 (2014) and Cui, N., yang, X, wang, B, li, J, wang, G: svknn: efficient secure and verifiable k-nearest neighbor query on the cloud platform. In: ICDE, pp. 253-264 (2020). Both schemes are based on a non-collusion dual server model and use an additive homomorphic encryption algorithm to achieve secure computation. However, the former requires O to be performed during the querySub-security comparison protocol (wherein->Total data), the query efficiency is extremely low, the latter only supporting two-dimensional location data. Therefore, the method and the system for inquiring the ciphertext K neighbor hidden in the efficient and general access mode are designed and realized, and are very important to improving the safety and the usability of the ciphertext cloud service system.
Disclosure of Invention
In order to solve the problems, the invention provides a ciphertext K neighbor query method and a ciphertext K neighbor query system with hidden access mode, which are based on a non-collusion double-server model, realize safe calculation by using an addition homomorphic encryption algorithm, and accelerate nearest neighbor calculation by providing a minimum value selection tree, and execute the safety comparison protocol from O in the ciphertext K neighbor query methodReduced to O. The invention can realize confidentiality protection of data, query conditions and query results and hide access modes.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows:
the technical scheme adopted by the invention is as follows:
a ciphertext K neighbor query method with hidden access mode comprises the following steps:
s1, a data owner client generates and distributes public and private key pairs of an addition homomorphic encryption algorithm, encrypts a data set by using a public key, and sends a ciphertext data set to a query server;
s2, the data inquirer client encrypts inquiry data by using a public key of an addition homomorphic encryption algorithm, and sends ciphertext inquiry data to an inquiry server;
s3, under the assistance of the auxiliary server, the query server sequentially calculates the ciphertext square Euclidean distance from each data point in the data set to the query data by using a safe distance calculation protocol;
s4, constructing a minimum value selection tree by the query server under the assistance of the auxiliary server according to the ciphertext square Euclidean distance;
s5, searching K ciphertext data points with the shortest distance by the query server with the help of the auxiliary server by means of the minimum value selection tree;
s6, the query server and the auxiliary server return query results to the data querier client;
s7, the data inquirer client recovers the plaintext inquiry result.
Further, step S1 comprises the sub-steps of:
s101, a data owner client generates a public-private key pair [ sk, pk ] of an addition homomorphic encryption algorithm;
s102, sending the public key pk to a data inquirer client and an inquiry server, and sending a public-private key pair [ sk, pk ] to an auxiliary server;
s103, giving the inclusionPersonal->Data set of dimension data points->Wherein the data points,/>Representing data points +.>In->Values in dimensions; let->Is an encryption operation of the addition homomorphic encryption algorithm. Encryption of the data points using the public key pk>Values in the respective dimensions +.>Generating ciphertext data setsWherein ciphertext data points->;
S104, sending the ciphertext data set to a query server.
Further, step S2 comprises the sub-steps of:
s201 given query dataWherein->Representing query data +.>In->Values in dimensions; the data inquirer client encrypts inquiry data using the public key pk, respectively>Values in the respective dimensions +.>Obtaining ciphertext inquiry data->;
S202, sending the ciphertext query data to a query server.
Further, step S4 comprises the sub-steps of:
s401, initializing a minimum value selection tree by a query server: the minimum value selection tree comprisesLayer->Layer corresponding Linked list->,/>Comprises->Personal node, wherein->Representing the number of data points +.>,/>Represent a round-up, th->The individual nodes are denoted->The method comprises the steps of carrying out a first treatment on the surface of the Node->The storage format is->Wherein->Corresponding data set->Data points>,/>Is data point->The squared euclidean distance to the query data,for storing +.>Distance between individual node and its sibling compares boolean outcome, +.>For marking +.>Whether each node corresponds to the shortest distance of the layer; node->Is stored in the form ofWherein->,/>For node->Square euclidean distance minimum in two child nodes, ±>For storing nodes->Comparing the boolean outcome with the distance between its siblings,/->For identifying nodes->Whether to correspond to the shortest distance of the layer;
s402, updating parameters from bottom to topAnd->: let each data point calculated in step S3 +.>To query data->The square Euclidean distance of ciphertext is recorded as +.>The method comprises the steps of carrying out a first treatment on the surface of the For linked list->Node->Query server order,/>,/>,/>The method comprises the steps of carrying out a first treatment on the surface of the Let->From 1 to->For linked list->Node->The query server and the auxiliary server calculate ciphertext boolean results using a secure comparison protocolI.e. +.>When (I)>Otherwise->Addition homomorphic property computation of query server using homomorphic encryption algorithmQuery server and auxiliary server computing using secure multiplication protocolThe method comprises the steps of carrying out a first treatment on the surface of the When->When inquiring the server order,/>The method comprises the steps of carrying out a first treatment on the surface of the Otherwise->,/>;
S403, updating parameters from top to bottom: let->0, for->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>。
Further, step S5 comprises the sub-steps of:
s501, initializing result set by query serverIs empty, i.e.)>;
S502, calculating nearest neighbor points from a minimum value selection tree: query server and auxiliary server calculate nearest neighbor using secure multiplication protocolWherein,/>Representing data points +.>In->Values in dimension, ++>Representing data points +.>In->Values in dimension, ++>For marking linked lists->First->Whether each node corresponds to the shortest distance;
s503, inquiring the serverJoin result set->The method comprises the steps of carrying out a first treatment on the surface of the If->If K results exist, the step S6 is skipped, otherwise, the step S504 is continuously executed;
s504, deleting from the minimum value selection tree: given a predetermined distance threshold MAX, forThe query server will add homomorphism nature using homomorphic encryption algorithm>Updated to;
S505, updating a minimum value selection tree: order theThe query server and the auxiliary server calculate +_ using a secure multiplication protocol>And->And calculates the ciphertext boolean outcome +.>=/>Wherein->Representing the square Euclidean distance to be compared +.>Ciphertext of->Representation->Boolean results of (i.e.)>When (I)>Otherwise->The method comprises the steps of carrying out a first treatment on the surface of the For node->(/>) Based on ciphertext Boolean result->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>,,/>The method comprises the steps of carrying out a first treatment on the surface of the After each layer is updated, let ∈Tex>0, for->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>The process goes to step S502.
Further, step S6 comprises the sub-steps of:
s601 for result setK results->Query server generates->Random number->Wherein->Representing data dimension +.>,,/>Representing data points +.>In->Values in dimensions;
s602 forThe query server calculates ++using the additive homomorphism nature of homomorphic encryption algorithm>Wherein->Representing +.>And will->Send to the auxiliary server, will->Sending the data to a data inquirer client;
s603. ForThe auxiliary server decrypts to get +.>And willAnd sending the data to the data inquirer client.
Further, in step S7, forData, dataInquirer client computing。
An access mode hidden ciphertext K-nearest neighbor query system, comprising:
a data owner client configured to generate and distribute a public-private key pair of an addition homomorphic encryption algorithm, encrypt a data set using the public key, and send a ciphertext data set to a query server;
the data inquirer client is configured to encrypt inquiry data by using a public key of an addition homomorphic encryption algorithm and send ciphertext inquiry data to the inquiry server; restoring a plaintext query result according to the query result returned by the query server;
a non-collusion dual server system comprising a query server and an auxiliary server configured to sequentially calculate ciphertext squared euclidean distances of data points in a dataset to query data using a secure distance calculation protocol; constructing a minimum value selection tree according to the ciphertext square Euclidean distance; searching K ciphertext data points with the shortest distance by means of a minimum value selection tree; and returning the query result to the data querier client.
Further, the data owner client comprises a first security module and a first transmission module, wherein the first security module is configured to generate a key and related parameters required by an addition homomorphic encryption algorithm and perform encryption operation on a data set; the first transmission module is configured to distribute a key of an addition homomorphic encryption algorithm and upload a ciphertext data set.
Further, the data inquirer client comprises a second security module, a result processing module and a second transmission module, wherein the second security module is configured to encrypt inquiry data; the result processing module is configured to recover a final query result according to partial query results returned by the query server and the auxiliary server; the second transmission module is configured to receive the public key of the addition homomorphic encryption algorithm and a partial query result, and upload ciphertext query data.
Further, the query server comprises a third security module, a query module, a third transmission module and a storage module, wherein the third security module is configured to carry out encryption operation and generate random numbers in the query process; the query module is configured to perform a secure K nearest neighbor query method; the third transmission module is configured to receive the public key of the addition homomorphic encryption algorithm, interact with the auxiliary server in the query process, and return a part of query results; the storage module is configured to store a ciphertext data set and ciphertext query data.
Further, the auxiliary server comprises a fourth security module, an auxiliary query module and a fourth transmission module, wherein the fourth security module is configured to perform encryption and decryption operations in the query process; the auxiliary query module is configured to assist a query server in implementing a security protocol including a secure multiplication protocol, a secure comparison protocol, and a secure distance computation protocol; the fourth transmission module is configured to receive a public-private key pair of the addition homomorphic encryption algorithm, interact with the query server in the query process, and return a part of query results.
The invention has the beneficial effects that:
1) The invention can simultaneously protect confidentiality of data, query conditions and query results and hide access modes. In the query process, sensitive data are stored in a query server in a ciphertext form, and the auxiliary server decrypts the encrypted data to obtain randomized values, so that the query server and the auxiliary server cannot obtain any privacy information. In addition, the data owner cannot obtain query data of the data querier, and the data querier cannot obtain sensitive data other than query results.
2) One of the major performance bottlenecks of the secure K-nearest neighbor algorithm is that the secure comparison protocol requires a large number of computations and multiple rounds of interactions. The invention constructs the minimum value selection tree to make the safety comparison protocol execution times in the inquiring process from OReduced to O->. In particular, in constructing the minimum selection tree, execution +.>And comparing the protocols. When updating the minimum value selection tree after deleting a nearest neighbor, only +.>And comparing the protocols.
3) The invention supports lightweight clients. The data owner client does not need to participate in the query process, and the data querier client only needs to encrypt and upload query data and finally recover the query result. It can be seen that both the computation and communication costs of the client are small.
Drawings
Fig. 1 is a query scene diagram of a ciphertext K-nearest neighbor query method of embodiment 1 of the invention, wherein the numerical numbers represent the sequence, and the same numbers represent concurrence, i.e., simultaneous.
Fig. 2 is a block diagram of a ciphertext K-neighbor query system of embodiment 3 of the invention.
Detailed Description
Specific embodiments of the present invention will now be described in order to provide a clearer understanding of the technical features, objects and effects of the present invention. It should be understood that the particular embodiments described herein are illustrative only and are not intended to limit the invention, i.e., the embodiments described are merely some, but not all, of the embodiments of the invention. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present invention.
Example 1
As shown in fig. 1, the embodiment provides a ciphertext K neighbor query method with hidden access mode, which includes the following steps:
s1, a data owner client generates and distributes public and private key pairs of an addition homomorphic encryption algorithm, encrypts a data set by using a public key, and sends a ciphertext data set to a query server;
s2, the data inquirer client encrypts inquiry data by using a public key of an addition homomorphic encryption algorithm, and sends ciphertext inquiry data to an inquiry server;
s3, under the assistance of the auxiliary server, the query server sequentially calculates the ciphertext square Euclidean distance from each data point in the data set to the query data by using a safe distance calculation protocol;
s4, constructing a minimum value selection tree by the query server under the assistance of the auxiliary server according to the ciphertext square Euclidean distance;
s5, searching K ciphertext data points with the shortest distance by the query server with the help of the auxiliary server by means of the minimum value selection tree;
s6, the query server and the auxiliary server return query results to the data querier client;
s7, the data inquirer client recovers the plaintext inquiry result.
Preferably, step S1 comprises the following sub-steps:
s101, a data owner client generates a public-private key pair [ sk, pk ] of an addition homomorphic encryption algorithm;
s102, sending the public key pk to a data inquirer client and an inquiry server, and sending a public-private key pair [ sk, pk ] to an auxiliary server;
s103, giving the inclusionPersonal->Data set of dimension data points->Wherein the data points,/>Representing data points +.>In->Values in dimensions; let->Is an encryption operation of the addition homomorphic encryption algorithm. Encryption of the data points using the public key pk>Values in the respective dimensions +.>Generating ciphertext data setsWherein ciphertext data points->;
S104, sending the ciphertext data set to a query server.
More preferably, the data owner client may choose a Paillier addition homomorphic encryption algorithm.
Description: after the step S1 is finished, only the query server holds the ciphertext data set, and the query server only holds the public key pk, so that the ciphertext data set cannot be decrypted.
Preferably, step S2 comprises the following sub-steps:
s201 given query dataWherein->Representing query data +.>In->Values in dimensions; the data querier client uses the public key pkEncryption of inquiry data respectively->Values in the respective dimensions +.>Obtaining ciphertext inquiry data->;
S202, sending the ciphertext query data to a query server.
Description: after the step S2 is finished, only the query server holds the ciphertext query data, and the query server only holds the public key pk, so that the ciphertext query data cannot be decrypted. In the step S3, the auxiliary server cannot obtain any sensitive information in the calculation process, and only the query server holds the ciphertext square Euclidean distance corresponding to each data point after the calculation is finished.
Preferably, step S4 comprises the sub-steps of:
s401, initializing a minimum value selection tree by a query server: the minimum value selection tree comprisesLayer->Layer corresponding Linked list->,/>Comprises->Personal node, wherein->Representing the number of data points +.>,/>Represent a round-up, th->The individual nodes are denoted->The method comprises the steps of carrying out a first treatment on the surface of the Node->The storage format is->Wherein->Corresponding data set->Data points>,/>Is data point->The squared euclidean distance to the query data,for storing +.>Distance between individual node and its sibling compares boolean outcome, +.>For marking +.>Whether each node corresponds to the shortest distance of the layer; node->(/>) The storage format is->Wherein->For node->Square euclidean distance minimum in two child nodes, ±>For storing nodes->Comparing the boolean outcome with the distance between its siblings,/->For identifying nodes->Whether to correspond to the shortest distance of the layer.
Description: linked listCorresponding to the bottommost layer, node->(/>) Middle->Corresponding data set->Data points,/->A squared Euclidean distance from the data point to the query data; node->(/>,) Middle->For the minimum value of the square Euclidean distance in its two child nodes, i.e. +.>() Wherein->Representing a minimum function. Parameter->(/>,) For storing nodes->And its brother node->Comparing the distance between Boolean results, i.e,/>When->When (I)>Otherwise->. If it isNo brother node, then->. Parameter->For identifying nodes->Whether or not to correspond to the shortest distance of the layer, wherein>,/>The method comprises the following steps:
obviously if and only ifIs->At the shortest distance of the layer, from the root node->[1]To node->All->Parameter 1, thus->The method comprises the steps of carrying out a first treatment on the surface of the Otherwise, go (L)>0。
S402, updating parameters from bottom to topAnd->: let each data point calculated in step S3 +.>To query data->The square Euclidean distance of ciphertext is recorded as +.>The method comprises the steps of carrying out a first treatment on the surface of the For linked list->Node->Query server order,/>,/>,/>The method comprises the steps of carrying out a first treatment on the surface of the Let->From 1 to->For linked list->Node->The query server and the auxiliary server calculate ciphertext boolean results using a secure comparison protocolI.e. +.>When (I)>Otherwise->Addition homomorphic property computation of query server using homomorphic encryption algorithmQuery server and auxiliary server computing using secure multiplication protocolThe method comprises the steps of carrying out a first treatment on the surface of the When->When inquiring the server order,/>The method comprises the steps of carrying out a first treatment on the surface of the Otherwise->,/>。
S403, updating parameters from top to bottom: let->0, for->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>。
Description: in the step S4, the auxiliary server cannot obtain any sensitive information in the calculation process, and only the query server holds the minimum value selection tree after the calculation is finished.
Preferably, step S5 comprises the sub-steps of:
s501, initializing result set by query serverIs empty, i.e.)>。
S502, calculating nearest neighbor points from a minimum value selection tree: query server and auxiliary server calculate nearest neighbor using secure multiplication protocolWherein->,Representing data points +.>In->Values in dimension, ++>Representing data points +.>In->Values in dimension, ++>For marking linked lists->First->Whether each node corresponds to the shortest distance.
S503, inquiring the serverJoin result set->The method comprises the steps of carrying out a first treatment on the surface of the If->If there are K results, go to step S6, otherwise continue to step S504.
S504, deleting from the minimum value selection tree: given a predetermined distance threshold MAX, forThe query server will add homomorphism nature using homomorphic encryption algorithm>Updated toThe method comprises the steps of carrying out a first treatment on the surface of the Preferably, the value interval of each dimension of the data set and the query data is assumed to beMAX can be set to +.>WhereinIndicate->Lower bound of interval on dimension ∈>Indicate->Upper bound of interval in dimension.
Description: if it isCorresponding to nearest neighbors, i.e.)>Its distance->Updated to a sufficiently large value +.>So that the point is no longer selected as the nearest neighbor in the subsequent query.
S505, updating a minimum value selection tree: order theThe query server and the auxiliary server calculate +_ using a secure multiplication protocol>And->And calculates the ciphertext boolean outcome +.>=/>Wherein->Representing the square Euclidean distance to be compared +.>Ciphertext of->Representation->Boolean results of (i.e.)>When (I)>Otherwise->The method comprises the steps of carrying out a first treatment on the surface of the For node->(/>) Based on ciphertext Boolean result->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>,,/>The method comprises the steps of carrying out a first treatment on the surface of the After each layer is updated, let ∈Tex>0, for->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>The process goes to step S502.
Description: in the step S5, the auxiliary server cannot obtain any sensitive information in the calculation process, and only the query server holds the result set after the calculation is finished.
Preferably, step S6 comprises the sub-steps of:
s601 for result setK results->Query server generates->Random number->Wherein->Representing data dimension +.>,,/>Representing data points +.>In->Values in dimensions;
s602 forThe query server calculates ++using the additive homomorphism nature of homomorphic encryption algorithm>Wherein->Representing +.>And will->Send to the auxiliary server, will->Sending the data to a data inquirer client;
s603. ForThe auxiliary server decrypts to get +.>And will->And sending the data to the data inquirer client.
Preferably, in step S7, forData querier client computing。
Example 2
This example is based on example 1:
the embodiment provides a ciphertext K neighbor query method with hidden access mode.In this embodiment, the Paillier addition homomorphic encryption algorithm is used (its encryption operation is noted as) The data set isQuery condition is->. The data querier looks for 2 nearest neighbors, i.e., k=2.
The flow of this embodiment is as follows:
1. data preprocessing
1. The data owner client generates a public-private key pair (sk, pk) of the Paillier algorithm.
2. The data owner client sends the public key pk to the data querier client and the query server, and the public-private key pair (sk, pk) to the auxiliary server.
3. Data owner client encrypts data set using public key pkObtaining ciphertext data set。
4. The data owner client willAnd sending the data to the query server.
2. Secure K-nearest neighbor query
1. Data querier client encrypts query data using public key pk of Paillier algorithmObtaining ciphertext inquiry data->And will->And sending the data to the query server.
2. The query server sequentially calculates each data in the data set by using a safe distance calculation protocol under the assistance of the auxiliary serverTo query data->Ciphertext square Euclidean distance->Obtaining。
3. And the query server constructs a minimum value selection tree according to the ciphertext square Euclidean distance under the assistance of the auxiliary server. The main process is as follows:
3.1 A query server initializes a minimum selection tree. Minimum selection tree total 3 layersEach comprising 4,2,1 nodes. Wherein (1)>The node storage format of->,/>Andthe node storage format of->。
3.2 For linked list)The query server assigns the results as follows:
,/>,
,/>。
3.3 For linked list)Node->The query server and the auxiliary server calculate the following ciphertext values:
,/>,;
for nodesThe query server and the auxiliary server calculate the following ciphertext values:
,/>,
。
after the step is finished, the linked listThe assignment results are as follows:
,/>,
,/>。
linked listThe assignment results are as follows:
,/>。
3.4 For linked list)Node->The query server and the auxiliary server calculate the following ciphertext values:
,/>,
。
after the step is finished, the linked listThe assignment results are as follows:
,/>。
linked listThe assignment results are as follows:
。
linked listNo change is made. />
3.5 Updating)Parameters.
For linked listsQuery server and auxiliary server computing:
,/>;
for linked listsQuery server and auxiliary server computing:
,/>,
,/>。
after this step is completed, the minimum selection tree state is as follows:
linked list:
,/>,
,/>。
Linked list:
,/>。
Linked list:
。
4) The query server searches the K=2 ciphertext data with the shortest distance with the help of the auxiliary server by means of the minimum value selection tree. The main process is as follows:
4.1 Query server initialization result set。
4.2 Query server and auxiliary server computing nearest neighborsWherein:
,
。
4.3 A) the query server willJoin result set->。
4.4 Assuming that the value interval of each dimension of the data set and the query data isLet->. For linked list->The query server calculates the following ciphertext value:
,
,
,
。/>
4.5 Updating the minimum selection tree.
For linked listsQuery server and auxiliary server computing:
,/>,/>。
for nodesCalculate->,/>,/>。
For nodesCalculate->,/>,/>。
For linked listsQuery server and auxiliary server computing:
,/>,/>。
for the followingCalculate->,/>,/>。
4.6 Updating parameters)。
For linked listsQuery server and auxiliary server computing:
,/>;
for linked listsAnd (3) calculating:
,/>,
,/>。
after this step is completed, the minimum selection tree state is as follows:
linked list:
,/>,
,/>。
Linked list:/>,/>。
Linked list:/>。
4.7 Query server and auxiliary server computing nearest neighborsWherein:
,
。
4.8 A) the query server willJoin result set->。
5) For result setsK=2 results in->The query server generates 4 random numbers. Query server calculation +.>Obtaining,/>,,/>It is sent to the auxiliary server and the random number is sent to the data querier client.
6) The auxiliary server uses the private key sk to decrypt and obtain the plaintext,/>,/>,And sends it to the data querier client.
7) Data querier client computingObtaining a plaintext query result->,,/>,/>。
Example 3
As shown in fig. 2, the embodiment provides an access mode hidden ciphertext K neighbor query system, which includes a non-collusion dual server system, a data owner client and a plurality of data querier clients connected through a network, and is specifically described below.
The data owner client is configured to generate and distribute public-private key pairs of an additive homomorphic encryption algorithm, encrypt a data set using the public key, and send a ciphertext data set to a query server.
The data inquirer client is configured to encrypt inquiry data by using a public key of an addition homomorphic encryption algorithm and send ciphertext inquiry data to the inquiry server; and recovering a plaintext query result according to the query result returned by the query server.
The non-collusion dual server system comprises a query server and an auxiliary server, wherein the query server and the auxiliary server are configured to sequentially calculate ciphertext square Euclidean distance from each data point in the data set to query data by using a safe distance calculation protocol; constructing a minimum value selection tree according to the ciphertext square Euclidean distance; searching K ciphertext data points with the shortest distance by means of a minimum value selection tree; and returning the query result to the data querier client.
Preferably, the data owner client comprises a first security module and a first transmission module, the first security module is configured to generate a key and related parameters required by the addition homomorphic encryption algorithm, and to perform encryption operation on the data set; the first transmission module is configured to distribute a key of an addition homomorphic encryption algorithm and upload a ciphertext data set.
Preferably, the data inquirer client comprises a second security module, a result processing module and a second transmission module, wherein the second security module is configured to encrypt inquiry data; the result processing module is configured to recover a final query result according to partial query results returned by the query server and the auxiliary server; the second transmission module is configured to receive the public key of the addition homomorphic encryption algorithm and a partial query result, and upload ciphertext query data.
Preferably, the query server comprises a third security module, a query module, a third transmission module and a storage module, wherein the third security module is configured to perform encryption operation and generate random numbers in the query process; the query module is configured to perform a secure K nearest neighbor query method; the third transmission module is configured to receive the public key of the addition homomorphic encryption algorithm, interact with the auxiliary server in the query process, and return a part of query results; the storage module is configured to store a ciphertext data set and ciphertext query data.
Preferably, the auxiliary server comprises a fourth security module, an auxiliary query module and a fourth transmission module, wherein the fourth security module is configured to perform encryption and decryption operations in the query process; the auxiliary query module is configured to assist the query server in realizing security protocols including a secure multiplication protocol, a secure comparison protocol and a secure distance calculation protocol; the fourth transmission module is configured to receive a public-private key pair of the addition homomorphic encryption algorithm, interact with the query server in the query process, and return a part of query results.
It should be noted that, for the sake of simplicity of description, the foregoing method embodiments are expressed as a series of combinations of actions, but it should be understood by those skilled in the art that the present application is not limited by the order of actions described, as some steps may be performed in other order or simultaneously according to the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required in the present application.
Claims (9)
1. The ciphertext K neighbor query method with hidden access mode is characterized by comprising the following steps:
s1, a data owner client generates and distributes public and private key pairs of an addition homomorphic encryption algorithm, encrypts a data set by using a public key, and sends a ciphertext data set to a query server;
s2, the data inquirer client encrypts inquiry data by using a public key of an addition homomorphic encryption algorithm, and sends ciphertext inquiry data to an inquiry server;
s3, under the assistance of the auxiliary server, the query server sequentially calculates the ciphertext square Euclidean distance from each data point in the data set to the query data by using a safe distance calculation protocol;
s4, constructing a minimum value selection tree by the query server under the assistance of the auxiliary server according to the ciphertext square Euclidean distance;
s5, searching K ciphertext data points with the shortest distance by the query server with the help of the auxiliary server by means of the minimum value selection tree;
s6, the query server and the auxiliary server return query results to the data querier client;
s7, the data inquirer client recovers a plaintext inquiry result;
step S5 comprises the following sub-steps:
s501, initializing result set by query serverIs empty, i.e.)>;
S502, calculating nearest neighbor points from a minimum value selection tree: query server and auxiliary server calculate nearest neighbor using secure multiplication protocolWherein->,Representing data points +.>In->Values in dimension, ++>Representing data points +.>In->Values in dimension, ++>For marking linked lists->First->Whether each node corresponds to the shortest distance;
s503, inquiring the serverJoin result set->The method comprises the steps of carrying out a first treatment on the surface of the If->If K results exist, the step S6 is skipped, otherwise, the step S504 is continuously executed;
s504, deleting from the minimum value selection tree: given a predetermined distance threshold MAX, forThe query server will add homomorphism nature using homomorphic encryption algorithm>Updated to;
S505, updating a minimum value selection tree: order theThe query server and the auxiliary server calculate +_ using a secure multiplication protocol>And->And calculates the ciphertext boolean outcome +.>=/>Wherein->Representing the square Euclidean distance to be compared +.>Ciphertext of->Representation->Boolean results of (i.e.)>When (I)>OtherwiseThe method comprises the steps of carrying out a first treatment on the surface of the For node->(/>) Based on ciphertext Boolean result->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>,,/>The method comprises the steps of carrying out a first treatment on the surface of the After each layer is updated, let ∈Tex>0, for->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>The process goes to step S502.
2. The access pattern hidden ciphertext K neighbor query method of claim 1, wherein step S1 comprises the sub-steps of:
s101, a data owner client generates a public-private key pair [ sk, pk ] of an addition homomorphic encryption algorithm;
s102, sending the public key pk to a data inquirer client and an inquiry server, and sending a public-private key pair [ sk, pk ] to an auxiliary server;
s103, giving the inclusionPersonal->Data set of dimension data points->Wherein the data points,/>Representing data points +.>In->Values in dimensions; let->Encryption operation for addition homomorphic encryption algorithm; encryption of the data points using the public key pk>Values in the respective dimensions +.>Generating ciphertext data setsWherein ciphertext data points->;
S104, sending the ciphertext data set to a query server.
3. The access pattern hidden ciphertext K neighbor query method of claim 2, wherein step S2 comprises the sub-steps of:
s201 given query dataWherein->Representing query data +.>In->Values in dimensions; the data inquirer client encrypts inquiry data using the public key pk, respectively>Values in the respective dimensions +.>Obtaining ciphertext query data;
S202, sending the ciphertext query data to a query server.
4. A method of access pattern hidden ciphertext K-nearest neighbor query as claimed in claim 3, wherein step S4 comprises the sub-steps of:
s401, initializing a minimum value selection tree by a query server: the minimum value selection tree comprisesLayer->Layer corresponding Linked list->,/>Comprises->Personal node, wherein->Representing the number of data points +.>,/>Represent a round-up, th->The individual nodes are denoted->The method comprises the steps of carrying out a first treatment on the surface of the Node->The storage format is->Wherein->Corresponding data set->Data points>,/>Is data point->The squared euclidean distance to the query data,for storing +.>Distance between individual node and its sibling compares boolean outcome, +.>For marking +.>Whether each node corresponds to the shortest distance of the layer; node->Is stored in the form ofWherein->For node->Square euclidean distance minimum in two child nodes, ±>For storing nodes->Comparing the boolean outcome with the distance between its siblings,/->For identifying nodes->Whether to correspond to the shortest distance of the layer;
s402, updating parameters from bottom to topAnd->: let each data point calculated in step S3 +.>To query data->The square Euclidean distance of ciphertext is recorded as +.>The method comprises the steps of carrying out a first treatment on the surface of the For linked list->Node->Query server order,/>,/>,/>The method comprises the steps of carrying out a first treatment on the surface of the Let->From 1 toFor linked list->Node->The query server and the auxiliary server calculate ciphertext boolean outcome using a secure comparison protocol>I.e. +.>In the time-course of which the first and second contact surfaces,otherwise->Addition homomorphic property computation of query server using homomorphic encryption algorithmQuery server and auxiliary server computing using secure multiplication protocolThe method comprises the steps of carrying out a first treatment on the surface of the When->When inquiring the server order,/>The method comprises the steps of carrying out a first treatment on the surface of the Otherwise->,/>;
S403, updating parameters from top to bottom: let->0, for->The query server and the auxiliary server calculate +_ using a secure multiplication protocol>。
5. The access pattern hidden ciphertext K neighbor query method of claim 4, wherein step S6 comprises the sub-steps of:
s601 for result setK results->Query server generates->Random number->Wherein->Representing data dimension +.>,,/>Representing data points +.>In->Values in dimensions;
s602 forUsing homomorphic encryption algorithms by the query serverAddition homomorphism property computationWherein->Representing +.>And will->Send to the auxiliary server, will->Sending the data to a data inquirer client;
s603. ForThe auxiliary server decrypts to get +.>And will->And sending the data to the data inquirer client.
6. The access pattern hidden ciphertext K neighbor query method of claim 5, wherein in step S7, forData querier client side calculates +.>。
7. An access mode hidden ciphertext K neighbor query system based on the access mode hidden ciphertext K neighbor query method of claim 1, characterized in that the ciphertext K neighbor query system comprises:
a data owner client configured to generate and distribute a public-private key pair of an addition homomorphic encryption algorithm, encrypt a data set using the public key, and send a ciphertext data set to a query server;
the data inquirer client is configured to encrypt inquiry data by using a public key of an addition homomorphic encryption algorithm and send ciphertext inquiry data to the inquiry server; restoring a plaintext query result according to the query result returned by the query server;
a non-collusion dual server system comprising a query server and an auxiliary server configured to sequentially calculate ciphertext squared euclidean distances of data points in a dataset to query data using a secure distance calculation protocol; constructing a minimum value selection tree according to the ciphertext square Euclidean distance; searching K ciphertext data points with the shortest distance by means of a minimum value selection tree; and returning the query result to the data querier client.
8. The access pattern hidden ciphertext K-nearest neighbor query system of claim 7, wherein the data owner client comprises a first security module and a first transmission module, the first security module configured to generate a key and related parameters required by an addition homomorphic encryption algorithm and to encrypt a data set; the first transmission module is configured to distribute a key of an addition homomorphic encryption algorithm and upload a ciphertext data set;
the data inquirer client comprises a second security module, a result processing module and a second transmission module, wherein the second security module is configured to encrypt inquiry data; the result processing module is configured to recover a final query result according to partial query results returned by the query server and the auxiliary server; the second transmission module is configured to receive the public key of the addition homomorphic encryption algorithm and a partial query result, and upload ciphertext query data.
9. The access pattern hidden ciphertext K-nearest neighbor query system of claim 7, wherein the query server comprises a third security module, a query module, a third transmission module, and a storage module, the third security module configured to perform encryption operations and generate random numbers during a query; the query module is configured to perform a secure K nearest neighbor query method; the third transmission module is configured to receive the public key of the addition homomorphic encryption algorithm, interact with the auxiliary server in the query process, and return a part of query results; the storage module is configured to store a ciphertext data set and ciphertext query data;
the auxiliary server comprises a fourth security module, an auxiliary query module and a fourth transmission module, wherein the fourth security module is configured to encrypt and decrypt in the query process; the auxiliary query module is configured to assist a query server in implementing a security protocol including a secure multiplication protocol, a secure comparison protocol, and a secure distance computation protocol; the fourth transmission module is configured to receive a public-private key pair of the addition homomorphic encryption algorithm, interact with the query server in the query process, and return a part of query results.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311651440.9A CN117349898B (en) | 2023-12-05 | 2023-12-05 | Ciphertext K neighbor query method and system with hidden access mode |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311651440.9A CN117349898B (en) | 2023-12-05 | 2023-12-05 | Ciphertext K neighbor query method and system with hidden access mode |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117349898A CN117349898A (en) | 2024-01-05 |
| CN117349898B true CN117349898B (en) | 2024-03-08 |
Family
ID=89365322
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311651440.9A Active CN117349898B (en) | 2023-12-05 | 2023-12-05 | Ciphertext K neighbor query method and system with hidden access mode |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117349898B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1920824A (en) * | 2005-07-21 | 2007-02-28 | 曾致中 | Database cryptogram search method |
| CN102930051A (en) * | 2012-11-16 | 2013-02-13 | 上海交通大学 | Safe nearest neighbor search method and system based on isometric partition and random filling |
| CN102968477A (en) * | 2012-11-16 | 2013-03-13 | 上海交通大学 | Secure nearest neighbor query method and system based on minimum redundancy partition and random numbers |
| CN103281377A (en) * | 2013-05-31 | 2013-09-04 | 北京鹏宇成软件技术有限公司 | Cryptograph data storage and searching method for cloud |
| CN108388807A (en) * | 2018-02-28 | 2018-08-10 | 华南理工大学 | It is a kind of that the multiple key sequence that efficiently can verify that of preference search and Boolean Search is supported to can search for encryption method |
| CN109818729A (en) * | 2019-01-28 | 2019-05-28 | 东北大学 | Secret protection average distance querying method based on Paillier homomorphic cryptography |
| CN110008717A (en) * | 2019-02-26 | 2019-07-12 | 东北大学 | Support the decision tree classification service system and method for secret protection |
| CN113742362A (en) * | 2021-09-03 | 2021-12-03 | 西安电子科技大学 | Ciphertext query calculation method oriented to secret database |
| CN114817999A (en) * | 2022-06-28 | 2022-07-29 | 北京金睛云华科技有限公司 | Outsourcing privacy protection method and device based on multi-key homomorphic encryption |
| CN116775657A (en) * | 2023-06-20 | 2023-09-19 | 上海电力大学 | Privacy protection multidimensional range query method, device and storage medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7395437B2 (en) * | 2004-01-05 | 2008-07-01 | International Business Machines Corporation | System and method for fast querying of encrypted databases |
| US8862895B2 (en) * | 2010-04-27 | 2014-10-14 | Fuji Xerox Co., Ltd. | Systems and methods for communication, storage, retrieval, and computation of simple statistics and logical operations on encrypted data |
| US11502820B2 (en) * | 2020-05-27 | 2022-11-15 | International Business Machines Corporation | Privacy-enhanced decision tree-based inference on homomorphically-encrypted data |
-
2023
- 2023-12-05 CN CN202311651440.9A patent/CN117349898B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1920824A (en) * | 2005-07-21 | 2007-02-28 | 曾致中 | Database cryptogram search method |
| CN102930051A (en) * | 2012-11-16 | 2013-02-13 | 上海交通大学 | Safe nearest neighbor search method and system based on isometric partition and random filling |
| CN102968477A (en) * | 2012-11-16 | 2013-03-13 | 上海交通大学 | Secure nearest neighbor query method and system based on minimum redundancy partition and random numbers |
| CN103281377A (en) * | 2013-05-31 | 2013-09-04 | 北京鹏宇成软件技术有限公司 | Cryptograph data storage and searching method for cloud |
| CN108388807A (en) * | 2018-02-28 | 2018-08-10 | 华南理工大学 | It is a kind of that the multiple key sequence that efficiently can verify that of preference search and Boolean Search is supported to can search for encryption method |
| CN109818729A (en) * | 2019-01-28 | 2019-05-28 | 东北大学 | Secret protection average distance querying method based on Paillier homomorphic cryptography |
| CN110008717A (en) * | 2019-02-26 | 2019-07-12 | 东北大学 | Support the decision tree classification service system and method for secret protection |
| CN113742362A (en) * | 2021-09-03 | 2021-12-03 | 西安电子科技大学 | Ciphertext query calculation method oriented to secret database |
| CN114817999A (en) * | 2022-06-28 | 2022-07-29 | 北京金睛云华科技有限公司 | Outsourcing privacy protection method and device based on multi-key homomorphic encryption |
| CN116775657A (en) * | 2023-06-20 | 2023-09-19 | 上海电力大学 | Privacy protection multidimensional range query method, device and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 同态加密在加密机器学***;;计算机科学(第04期);52-58 * |
| 基于同态加密和Bloom过滤器的云外包多方隐私集合比较协议;张恩;金刚刚;;计算机应用(第08期);122-126 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117349898A (en) | 2024-01-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108494768B (en) | Ciphertext searching method and system supporting access control | |
| Hoang et al. | S3oram: A computation-efficient and constant client bandwidth blowup oram with shamir secret sharing | |
| Baek et al. | Public key encryption with keyword search revisited | |
| US10965448B1 (en) | Dynamic distributed storage for scaling blockchain | |
| Liu et al. | Efficient verifiable public key encryption with keyword search based on KP-ABE | |
| Lien et al. | A novel privacy preserving location-based service protocol with secret circular shift for k-nn search | |
| Wu et al. | Verifiable public key encryption with keyword search based on homomorphic encryption in multi-user setting | |
| US11290264B2 (en) | Secure and efficient multi-server oblivious random access machine in a malicious execution environment | |
| Danner et al. | Fully distributed privacy preserving mini-batch gradient descent learning | |
| Zheng et al. | Efficient privacy-preserving data merging and skyline computation over multi-source encrypted data | |
| CN112332979B (en) | Ciphertext search method, system and equipment in cloud computing environment | |
| Li et al. | Enabling efficient and secure data sharing in cloud computing | |
| Zou et al. | Highly secure privacy‐preserving outsourced k‐means clustering under multiple keys in cloud computing | |
| Patel et al. | An efficient approach for privacy preserving distributed clustering in semi-honest model using elliptic curve cryptography | |
| CN117349898B (en) | Ciphertext K neighbor query method and system with hidden access mode | |
| Yang et al. | Keyword searchable encryption scheme based on blockchain in cloud environment | |
| Buyrukbilen et al. | Privacy-preserving ranked search on public-key encrypted data | |
| Nita et al. | A Searchable Encryption Scheme Based on Elliptic Curves | |
| CN116226466A (en) | Minimum community searching method, device, system and storage medium | |
| WO2019178792A1 (en) | Ciphertext search method and system supporting access control | |
| CN113204788B (en) | Fine granularity attribute matching privacy protection method | |
| CN114900301A (en) | Public key searchable encryption method meeting MCI (Multi-core identity) security and specifying server | |
| CN110851850B (en) | Method for realizing searchable encryption system | |
| Zhang et al. | Dual-Server Boolean Data Retrieval for Highly-Scalable Secure File Sharing Services | |
| Xu et al. | DuMSE: Toward practical and dynamic multiuser search over encrypted cloud data against keyword guessing attack |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |