WO2012077541A1 - 検索可能暗号処理システム - Google Patents
検索可能暗号処理システム Download PDFInfo
- Publication number
- WO2012077541A1 WO2012077541A1 PCT/JP2011/077588 JP2011077588W WO2012077541A1 WO 2012077541 A1 WO2012077541 A1 WO 2012077541A1 JP 2011077588 W JP2011077588 W JP 2011077588W WO 2012077541 A1 WO2012077541 A1 WO 2012077541A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- unit
- search
- registration
- client
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
- G06F16/24553—Query execution of query operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Definitions
- the present invention relates to a search processing system in which, in a server / client model, a server searches entrusted encrypted data in accordance with a client request without decrypting the encrypted data.
- the operation management form called cloud which uses information systems provided by other organizations instead of maintaining the information systems by the own organization, has been spotlighted. ing.
- the cloud because the organization that manages the information system is different from the organization that uses the information system, measures to prevent information leakage, investigation of the cause after the occurrence of an accident, measures to prevent recurrence, etc. Hard to stand. Therefore, it is necessary to ensure the confidentiality of data in advance by using encryption technology as a preventive measure against illegal data leakage.
- Non-Patent Document 1 and Non-Patent Document 2 describe a search processing method for searching entrusted encrypted data without decrypting the encrypted data in accordance with a client request.
- This search processing method is a probabilistic encryption method in which plaintext and ciphertext have a complicated correspondence of 1 to m, which is safer than deterministic encryption that has a simple one-to-one correspondence.
- a technique for safely searching data stored in a server while preventing information leakage to a server administrator is disclosed.
- Non-Patent Document 1 and Non-Patent Document 2 the operation management necessary for decrypting data encrypted by probabilistic encryption deposited in the server is complicated, and both the client and the server are complicated. It is. Furthermore, probabilistic encryption using pseudo-random numbers is effective until the client performs a search, but after the search, the mask of the pseudo-random numbers of the ciphertext corresponding to the search is canceled, and the ciphertext security is increased. , It will drop from stochastic encryption to deterministic encryption. In addition, since the client uses a low-security deterministic encryption method for encrypting a request (search query) at the time of search, the client is also vulnerable to unauthorized attacks such as frequency analysis.
- a searchable cryptographic processing system includes a DB server for depositing data, a registration client for depositing data in the DB server, and a search client for causing the DB server to retrieve data in cooperation via a network.
- the client securely deposits the encrypted data to the server by a probabilistic encryption method using a mask based on the hash value and the output value of the homomorphic function, and the search client encrypts the search query with a plurality of Using probabilistic encryption with a mask using a homomorphic function that outputs the same value from different input values, without causing the DB server to release the mask, and the appearance frequency of the data corresponding to the search leaks to the DB server
- the search query and data that do not apply are output as search results, and after the search client obtains the search results, It performs encryption, to re-deposit the data in the DB server.
- the data corresponding to the search is encrypted with probabilistic encryption, which is highly secure.
- the encrypted data can be efficiently decrypted without forcing the client to perform complicated operation management.
- FIG. 1 is a schematic diagram of the search processing system of the present embodiment.
- the search processing system includes a registration client 100 (Registration Client), a search client 200 (Search Client), and a DB server 300 (Data Base Server), and the registration client 100, DB server 300, and search client.
- the DB 200 and the DB server 300 are configured to be able to send and receive information to and from each other via the network 400.
- the registration client 100 in this embodiment functions as a data registration transmission / reception device that transmits the concealed data to the DB server 300, and the search client 200 transmits the concealed search query to the DB server 300.
- the database server 300 functions as a database management transceiver that receives search results, stores the concealed data in a database, and searches for data in the database.
- FIG. 2 is a functional schematic diagram of the registered client 100.
- the registration client 100 includes a control unit 110, a storage unit 120, an input unit 101, an output unit 102, and a communication unit 103.
- the storage unit 120 includes a registration data storage unit 130, a secret key storage unit 150, a parameter storage unit 160, and a temporary information storage unit 180.
- the registration data storage unit 130 stores information for specifying a transmission sentence, which is data to be transmitted to the DB server 300.
- information specifying the received plaintext registration data 131 via the input unit 101, information defining the secret registration data 132 registered in the DB server 300, plaintext registration data 131, Information for specifying the attribute 133 of the secret registration data 132 is stored.
- the secret key storage unit 150 stores information for specifying the secret key 151 that should be secretly managed by the registration client 100 from the viewpoint of security.
- the parameter storage unit 160 stores information for specifying parameters used for data concealment.
- information for specifying the function parameter 161 input to the homomorphic function unit 116 and the inspection parameter 162 input to the basic calculation unit 117 is stored.
- the function parameter 161 is information that the registered client 100 should manage secretly.
- the control unit 110 includes an overall processing unit 111, an encryption unit 112, a pseudo random number generation unit 114, a compression function unit 115, a homomorphic function unit 116, and a basic calculation unit 117.
- the overall processing unit 111 controls all processing in the registered client 100.
- the overall processing unit 111 performs processing for storing information received via the input unit 101 as plaintext registration data 131 in the registration data storage unit 130.
- the overall processing unit 111 performs processing for displaying the plaintext registration data 131 on the output unit 102.
- the overall processing unit 111 reads the plaintext registration data 131 stored in the registration data storage unit 130, respectively, and the encryption unit 112, the pseudo random number generation unit 114, the compression function unit 115, A process of storing the data input to and output from the isomorphic function unit 116 and the basic arithmetic unit 117 as the confidential registration data 132 in the registration data storage unit 130 is performed.
- the overall processing unit 111 performs processing for transmitting the attribute 133 and the secret registration data 132 to the DB server 300 via the communication unit 103.
- the overall processing unit 111 displays the attribute 133 and the confidential registration data 132 received from the DB server 300 via the communication unit 103 on the process of storing in the temporary information storage unit 180 and the output unit 102. Process.
- the encryption unit 112 performs a process of outputting data obtained by encrypting the input data.
- data and a secret key 151 are input from the overall processing unit 111, and processing for outputting encrypted data is performed using the secret key 151.
- the encryption unit 112 is realized by implementing a standard encryption algorithm.
- the pseudorandom number generator 114 performs a process of outputting a pseudorandom number.
- the pseudo random number generation unit 114 outputs a random number from a physical phenomenon such as temperature, time, and electric energy.
- the pseudo random number generation unit 114 uses the secret key 151 input from the overall processing unit 111 and outputs a pseudo random number.
- the data value of the secret key 151 is updated to a new data value and stored again in the secret key storage unit 150 by the overall processing unit 111.
- the pseudo random number generation unit 114 is realized by implementing a standard pseudo random number generation algorithm.
- the compression function unit 115 performs processing for outputting data obtained by compressing input data.
- the data input from the overall processing unit 111 is converted into another data having a fixed length (h bits) and output.
- the compression function unit 115 that converts input data of arbitrary length into fixed length data can be realized.
- the homomorphic function unit 116 performs processing for outputting the output result of the function calculation as data for the input data.
- the data input from the overall processing unit 111 is regarded as an input value of a function having a homomorphic property, and the function parameter 161 input from the overall processing unit 111 is used to perform function calculation.
- a process of converting the output value into fixed-length (f-bit) data expressed in a binary string is performed.
- the homomorphic function is the function F, the input variable x, and the input variable y.
- the homomorphic function unit 116 is realized by implementing an algorithm that realizes a homomorphic function.
- the basic operation unit 117 performs processing related to basic arithmetic operations such as addition, subtraction, and comparison.
- the basic operation unit 117 performs an XOR operation that is an exclusive OR for each bit of two pieces of data input from the overall processing unit 111, or a verification result of whether or not an equal sign of a comparison operation is established. Is output as data.
- the registration client 100 shown above includes, for example, a CPU (Central Processing Unit) 501, a memory 502, and an external storage device 503 such as an HDD (Hard Disk Drive) as shown in FIG. 5 (schematic diagram of a computer).
- a general computer 500 including a communication device 504 such as a NIC (Network Interface Card) for connecting to a communication network, and an internal communication line (referred to as a system bus) 509 such as a system bus that connects them. realizable.
- the storage unit 120 can be realized by the CPU 501 using the memory 502 or the external storage device 503, and the control unit 110 and each processing unit included in the control unit 110 are stored in the external storage device 503. It can be realized by loading a predetermined program into the memory 502 and executed by the CPU 501, the input unit 101 can be realized by the CPU 501 using the input device 506, and the output unit 102 can be realized by the CPU 501
- the communication unit 103 can be realized by using the communication device 504 by the CPU 501.
- the predetermined program is stored (downloaded) in the external storage device 503 from the storage medium 508 via the reading device 507 or from the network via the communication device 504, and then loaded onto the memory 502 to be read by the CPU 501. May also be executed. Alternatively, the program may be directly loaded onto the memory 502 from the storage medium 508 via the reading device 507 or from the network via the communication device 504 and executed by the CPU 501.
- FIG. 3 is a functional schematic diagram of the search client 200.
- the search client 200 includes a control unit 210, a storage unit 220, an input unit 201, an output unit 202, and a communication unit 203.
- the storage unit 220 includes a search query storage unit 230, a secret key storage unit 250, a parameter storage unit 260, a received data storage unit 270, and a temporary information storage unit 280.
- the search query storage unit 230 stores information for specifying a transmission sentence, which is data to be transmitted to the DB server 300.
- the search client 200 specifies information for identifying the plaintext search query 231 received via the input unit 201, the secret search query 232 to be transmitted to the DB server 300, the plaintext search query 231 and the secret. Information specifying the attribute 233 of the search query 232 is stored.
- the secret key storage unit 250 stores information for specifying the secret key 251 that should be secretly managed by the search client 200 from the viewpoint of security.
- the secret key 251 input to the encryption unit 212, the secret key 251 input to the decryption unit 213, the secret key 251 input to the pseudorandom number generation unit 214, and the compression function unit 215 Information for identifying the secret key 251 to be input is stored.
- the parameter storage unit 260 stores information for specifying parameters used for data concealment and deconcealment.
- information for specifying the function parameter 261 input to the homomorphic function unit 216 and information for specifying the inspection parameter 262 input to the basic calculation unit 217 are stored.
- the function parameter 261 is information that the search client 200 should manage secretly.
- the received data storage unit 270 stores information for specifying data received via the communication unit 203.
- information specifying data received from the DB server 300 via the communication unit 203 is stored as the secret registration data 271.
- a process is performed in which the data that has been deciphered from the secret registration data 271 is stored in the received data storage unit 270 as plain text registration data 272.
- the temporary information storage unit 280 information necessary for processing in the control unit 210 is stored.
- the control unit 210 includes an overall processing unit 211, an encryption unit 212, a decryption unit 213, a pseudo random number generation unit 214, a compression function unit 215, a homomorphic function unit 216, and a basic calculation unit 217. .
- the overall processing unit 211 controls all processing in the search client 200.
- the overall processing unit 211 performs a process of storing information received through the input unit 201 as a plain text search query 231 in the search query storage unit 230.
- the overall processing unit 211 performs processing for displaying the plaintext search query 231 on the output unit 202.
- the overall processing unit 211 reads the plaintext search query 231 stored in the search query storage unit 230, and respectively encrypts the unit 212, the pseudo random number generation unit 214, the compression function unit 215, A process of storing the input data that is input to the isomorphic function unit 216 and the basic calculation unit 217 and stored in the search query storage unit 230 as the secret search query 232 is performed.
- the overall processing unit 211 performs processing for transmitting the attribute 233 and the secret search query 232 to the DB server 300 via the communication unit 203.
- the overall processing unit 211 performs processing for receiving the secret registration data 271 from the DB server 300 via the communication unit 203.
- the overall processing unit 211 performs processing for storing the received confidential registration data 271 in the received data storage unit 270 as the confidential registration data 271 via the communication unit 203.
- the overall processing unit 211 reads the confidential registration data 271 stored in the received data storage unit 270, respectively, the decoding unit 213, the compression function unit 215, the homomorphic function unit 216, and the basic A process of storing the data input to and output from the arithmetic unit 217 in the received data storage unit 270 as plain text registration data 272 is performed.
- the overall processing unit 211 performs processing for displaying the plaintext registration data 272 on the output unit 202.
- the overall processing unit 211 performs processing for storing data received from the DB server 300 via the communication unit 203 in the temporary information storage unit 280 and processing for displaying the data on the output unit 202.
- the encryption unit 212 performs a process of outputting data obtained by encrypting the input data.
- data and a secret key 251 are input from the overall processing unit 211, and processing for outputting encrypted data is performed using the secret key 251.
- the decryption unit 213 performs a process of outputting data obtained by decrypting the input data.
- data and a secret key 251 are input from the overall processing unit 211, and a process of outputting decrypted data using the secret key 251 is performed.
- the pseudorandom number generator 114 performs a process of outputting a pseudorandom number.
- the pseudo random number generation unit 214 outputs a random number from a physical phenomenon such as temperature, time, and electric energy.
- the pseudo random number generation unit 214 outputs a pseudo random number using the secret key 251 input from the overall processing unit 211.
- the data value of the secret key 251 is updated to a new data value and stored again in the secret key storage unit 250 by the overall processing unit 211.
- a process of outputting a pseudo random number is performed using the secret key 251 input from the overall processing unit 211.
- the compression function unit 215 performs processing to output data obtained by compressing input data.
- the data input from the overall processing unit 211 is converted into another data having a fixed length (h bits) and output.
- the homomorphic function unit 216 performs processing for outputting the output result of the function calculation as data for the input data.
- the data input from the overall processing unit 211 is regarded as an input value of a function having a homomorphic property
- the function parameter 261 input from the overall processing unit 211 is used to output the function calculation.
- a process of converting the value into data of a fixed length (f bits) expressed as a binary string is performed.
- the homomorphic function shows a case where the expression (2) is established for the function F, the input variable x, and the input variable y, but is homomorphic with an operation symbol other than the XOR operation that is an exclusive OR for each bit.
- the present embodiment can be implemented in the same way even when the characteristics hold.
- the basic operation unit 217 performs processing related to basic arithmetic operations such as addition, subtraction, and comparison.
- the basic arithmetic unit 217 performs a process of outputting a subtraction result of binary values (binary numbers) of two data input from the overall processing unit 211 as data.
- the search client 200 described above includes, for example, a CPU 501, a memory 502, an external storage device 503 such as an HDD, and a portable storage such as a CD and a DVD as shown in FIG. 5 (schematic diagram of a computer).
- a reading device 507 that reads / writes information from / to the medium 508, an input device 506 such as a keyboard and a mouse, an output device 505 such as a display, and a communication device 504 such as a NIC for connecting to a communication network are connected to each other.
- an internal communication line (referred to as a system bus) such as a system bus.
- the storage unit 220 can be realized by the CPU 501 using the memory 502 or the external storage device 503, and the control unit 210 and each processing unit included in the control unit 210 are stored in the external storage device 503. It can be realized by loading a predetermined program into the memory 502 and executed by the CPU 501, the input unit 201 can be realized by the CPU 501 using the input device 506, and the output unit 202 can be realized by the CPU 501 using the output device
- the communication unit 203 can be realized by using the communication device 504 by the CPU 501.
- the predetermined program is stored (downloaded) in the external storage device 503 from the storage medium 508 via the reading device 507 or from the network via the communication device 504, and then loaded onto the memory 502 to be read by the CPU 501. May also be executed. Alternatively, the program may be directly loaded onto the memory 502 from the storage medium 508 via the reading device 507 or from the network via the communication device 504 and executed by the CPU 501.
- FIG. 4 is a functional schematic diagram of the DB server 300.
- the DB server 300 includes a control unit 310, a storage unit 320, an input unit 301, an output unit 302, and a communication unit 303.
- the storage unit 320 includes a parameter storage unit 360, a secret key storage unit 350, a database storage unit 340, a search query storage unit 330, and a temporary information storage unit 380.
- the parameter storage unit 360 stores information for specifying parameters used for checking the relationship between the secret search query 332 and the database 341.
- information for specifying the function parameter 361 input to the homomorphic function unit 316 is stored.
- the function parameter 361 is information that the DB server 300 should manage secretly.
- the secret key storage unit 350 stores information for specifying the secret key 351 that should be secretly managed by the DB server 300 from the viewpoint of security.
- information for specifying the secret key 351 input to the decryption unit 313 is stored.
- the database storage unit 340 stores information for specifying registration data received via the communication unit 303.
- information received from the registered client 100 via the communication unit 303 is stored in the database storage unit 340 as configuration information of the database 341.
- the search query storage unit 330 stores information for specifying a search query received via the communication unit 303.
- a process of storing information received from the search client 200 via the communication unit 303 as the secret search query 332 in the search query storage unit 330 is performed.
- the temporary information storage unit 380 In the temporary information storage unit 380, information necessary for processing in the control unit 310 is stored.
- the control unit 310 includes an overall processing unit 311, a decoding unit 313, a compression function unit 315, a homomorphic function unit 316, and a basic calculation unit 317.
- the overall processing unit 311 controls all processes in the DB server 300.
- the overall processing unit 311 performs processing for receiving the secret registration data 131 from the registration client 100 via the communication unit 303.
- the overall processing unit 311 performs processing for storing the secret registration data 131 received via the communication unit 303 in the database storage unit 340 as configuration information of the database 341.
- the overall processing unit 311 performs processing for receiving the secret search query 332 from the search client 200 via the communication unit 303.
- the overall processing unit 311 performs processing for storing the secret search query 332 received via the communication unit 303 in the search query storage unit 330.
- the overall processing unit 311 reads the confidential search query 332 stored in the search query storage unit 330, respectively, the decoding unit 313, the compression function unit 315, the homomorphic function unit 316, and the basic A process of transmitting data input to and output from the calculation unit 317 to the search client 200 via the communication unit 303 is performed.
- the overall processing unit 311 performs processing for storing information related to data received from the search client 200 or the registration client 100 via the communication unit 303 in the temporary information storage unit 380 and processing for displaying the information on the output unit 302. .
- the decryption unit 313 performs a process of outputting data obtained by decrypting the input data.
- the data and the secret key 351 are input from the overall processing unit 311, and the decrypted data is output using the secret key 351.
- the compression function unit 315 performs a process of outputting data obtained by compressing input data.
- the data input from the overall processing unit 311 is converted into another data having a fixed length (h bits) and output.
- the homomorphic function unit 316 performs processing for outputting the output result of the function calculation as data for the input data.
- data input from the overall processing unit 311 is regarded as an input value of a function having a homomorphic property
- the function parameter 361 input from the overall processing unit 311 is used to perform function calculation.
- a process of converting data representing an output value in a binary string into fixed-length (f-bit) data is performed.
- the homomorphic function shows a case where the expression (2) is established for the function F, the input variable x, and the input variable y, but is homomorphic with an operation symbol other than the XOR operation that is an exclusive OR for each bit.
- the present embodiment can be implemented in the same way even when the characteristics hold.
- the basic operation unit 317 performs processing related to basic arithmetic operations such as addition, subtraction, and comparison.
- the basic operation unit 317 performs a process of outputting a subtraction result of binary values (binary numbers) of two data input from the overall processing unit 311 as data.
- the basic operation unit 317 performs processing for outputting the comparison result of the binary values (binary numbers) of the two data input from the overall processing unit 311 as data.
- the DB server 300 described above includes, for example, a CPU 501, a memory 502, an external storage device 503 such as an HDD, and a portable storage such as a CD and a DVD as shown in FIG. 5 (schematic diagram of a computer).
- a reading device 507 that reads / writes information from / to the medium 508, an input device 506 such as a keyboard and a mouse, an output device 505 such as a display, and a communication device 504 such as a NIC for connecting to a communication network are connected to each other. It can be realized by a general computer having an internal communication line (referred to as a system bus) such as a system bus.
- the storage units 120, 220, and 320 can be realized by the CPU 501 using the memory 502 or the external storage device 503, and each process included in the control units 110, 210, and 310 and the control units 110, 210, and 310 is performed.
- the unit can be realized by loading a predetermined program stored in the external storage device 503 into the memory 502 and executing it by the CPU 501.
- the input units 101, 201, and 301 use the input device 506 by the CPU 501.
- the output units 102, 202, and 302 can be realized by the CPU 501 using the output device 505.
- the communication units 103, 203, and 303 can be realized by the CPU 501 using the communication device 504. It is feasible.
- the predetermined program is stored (downloaded) in the external storage device 503 from the storage medium 508 via the reading device 507 or from the network via the communication device 504, and then loaded onto the memory 502 to be read by the CPU 501. May also be executed. Alternatively, the program may be directly loaded on the memory 502 from the storage medium 508 via the reading device 507 or from the network via the communication device 504 and executed by the CPU 501.
- FIG. 6 is a diagram illustrating the display content 600 of the output unit 102 of the registration client 100.
- the registration client 100 includes a management method selection unit 610, a management form unit 620, an execution button 650 indicating a button displayed as “execution”, and a clear button 660 indicating a button displayed as “clear”.
- a management method selection unit 610 the registration client 100 includes a management method selection unit 610, a management form unit 620, an execution button 650 indicating a button displayed as “execution”, and a clear button 660 indicating a button displayed as “clear”.
- the management method selection unit 610 includes items related to data management such as data registration, data update, and data deletion.
- data management such as data registration, data update, and data deletion.
- a radio button for specifying data addition, data update, and data deletion is provided. Each item can be selected via the input unit 101.
- the management form part 620 is an item identified by the management method selection part 610, and includes an attribute 621 indicating the type of data to be handled according to data registration, data update, or data deletion, and data It is comprised from the input form 622 which inputs the detailed content of. For example, in the present embodiment, an attribute 621 indicating a number, name, email, department, entry of a number, input of a name, input of an e-mail, input of an affiliated department And an input form 622 designed for the above. Information input to each input form 622 is stored in the temporary information storage unit 180 of the storage unit 120.
- the clear button 660 can be selected via the input unit 101. For example, in this embodiment, when the clear button 660 is selected, information input to each input form 622 is deleted.
- the execution button 650 can be selected via the input unit 101.
- the execution button 650 when the execution button 650 is selected, the secret registration data 131 is created based on the items specified by the management method selection unit 610 and the information input in each form, and the DB server 300 Process to send to.
- the management item selection unit 610 specifies data registration, but the same processing is performed when data update and data deletion are specified.
- the management method selection unit 610 when the specified item is data registration, the processing procedure of the secret registration data 131 to be executed when the execution button 650 is selected is shown in S701 to S715.
- FIG. 7A is an example of a block diagram illustrating a data configuration of the concatenated data 703 that the registration client 100 creates based on information input to the input form 622 output to the output unit 102 in the present embodiment.
- FIG. 7B is an example of a block diagram showing the data structure of the concatenated data 704 that the registration client 100 creates in the process of creating the secret registration data 712 in this embodiment.
- FIG. 7C is a block diagram showing a data configuration of the secret registration data 712 created by the registration client 100 in the present embodiment.
- the registration client 100 creates secret registration data 712 with different data values every time, regardless of the data values input to the input form 622. Will be explained.
- the overall processing unit 111 of the registration client 100 performs processing for storing the information input in the input form 622 in the registration data storage unit 130 of the storage unit 120 as plain text registration data 701.
- the plaintext registration data 701 is stored in the temporary information storage unit 180 of the registration client 100 as data configured in an m-bit binary representation.
- the overall processing unit 111 of the registered client 100 performs a process of reading the inspection parameter 162 stored in the parameter storage unit 160 and outputting it as error inspection data 702.
- the output error check data 702 is stored as e-bit data in the temporary information storage unit 180 of the registration client 100.
- the overall processing unit 111 of the registration client 100 performs processing for concatenating the plaintext registration data 701 and the error check data 702 (S701).
- the divided error check data 702 may be inserted at various points in the plaintext registration data 701.
- the error check data 702 may be inserted at the beginning (header) and end (footer) of the plaintext registration data 701.
- the error check data 702 may be mixed by multiplying the plaintext registration data 701 by multiplication.
- the registration client 100 concatenates the error check data 702 to the end of the plaintext registration data 701 input by the overall processing unit 111 and regards the concatenated data 703 as one data. deal with.
- the concatenated data 703 is stored in the temporary information storage unit 180 of the registered client 100 as (m + e) bit data.
- the connection process is not limited to this case, and other connection processes can be similarly performed.
- the entire processing unit 111 of the registration client 100 inputs the concatenated data 703, which is data obtained by concatenating the plaintext registration data 701 and the error check data 702, and the secret key 151 stored in the secret key storage unit 150 to the encryption unit 112. (S702).
- the encryption unit 112 of the registered client 100 performs a process of encrypting the input data and outputting the data C R 705 (S703).
- the encryption unit 112 encrypts the concatenated data 703 input by the overall processing unit 111, and regards the output data as data C R 705.
- the data C R 705 is stored as c-bit data in the temporary information storage unit 180 of the registration client 100 (S704).
- the data C R 705 may depend on the concatenated data 703, that is, may depend on input information on the input form 622.
- the same data C R 705 may be output from the concatenated data 703 having the same data value.
- the overall processing unit 111 of the registered client 100 reads the secret key 151 from the secret key storage unit 150, and performs a process of inputting the secret key 151 to the pseudorandom number generation unit 114 (S705).
- the pseudo random number generation unit 114 of the registered client 100 performs a process of outputting a pseudo random number using the input secret key 151.
- the pseudo-random number in the temporary information storage unit 180 of the registration client 100 is stored as the data P R 706 of r bits (S706).
- the pseudo random number output from the pseudo random number generation unit 114 does not depend on the concatenated data 703 and the data C R 705. Therefore, without depending on the input information of the input form 622, each time, you can create different data P R 706 of the data values.
- Overall processing unit 111 of the registration client 100 reads the secret key 151 from the secret key storage unit 150, and inputs the data in which the data P R 706 outputted from the private key 151 and the random number generation unit, the compression function unit 115 Processing is performed (S707).
- the compression function unit 115 of the registration client 100 performs a process of converting the input data and outputting a hash value.
- the hash value, the temporary information storage unit 180 of the registration client 100 is stored as data H R 707 of h bits (S 708).
- the data H R 707 can be regarded as a random number because of the nature of the compression function.
- the data H R 707 does not depend on the concatenated data 703 and the data C R 705. Therefore, similarly to the data P R 706, the data H R 707 having different data values can be created each time without depending on the input information of the input form 622.
- the overall processing unit 111 of the registered client 100 inputs the data H R 707 and the function parameter 161 stored in the parameter storage unit 160 to the homomorphic function unit 116 (S709).
- the homomorphic function unit 116 of the registration client 100 regards the input data as an input value of a function having a homomorphic property, and uses the function parameter 161 to express the output value of the function calculation as a binary string. Process to output the value.
- homomorphic function value the temporary information storage unit 180 of the registration client 100, is stored as the data F R 708 of f bits (S710).
- Equation (3) is established for the data H R 707 that is the input value and the data F R 708 that is the output value (however, description of the function parameter 161 is omitted).
- F R func (H R) (3)
- the data F R 708 can be regarded as a random output when the input data value is a random number because of the property of the homomorphic function processed by the homomorphic function unit 116. Further, the data F R 708 does not depend on the concatenated data 703 and the data C R 705. Therefore, like the data H R 707, the data F R 707 having different data values can be created each time without depending on the input information of the input form 622.
- the overall processing unit 111 of the registered client 100 performs processing for inputting the data F R 708 output from the homomorphic function unit 116 to the compression function unit 115 (S711).
- the compression function unit 115 of the registration client 100 performs a process of converting the input data and outputting a hash value.
- the hash value, the temporary information storage unit 180 of the registration client 100 is stored as data G R 709 of g bits (S712).
- the data G R 709 is a random number because of the nature of the compression function. Therefore, like the data F R 707 and the data H R 707, the data G R 709 having different data values can be generated each time without depending on the input information of the input form 622. Furthermore, the nature of the compression function, since the inverse image is difficult calculations, be registered data G R 709 to the DB server 300, it does not affect the security of the data.
- FIG. 7C is a block diagram showing a data configuration of the secret registration data 712 created by the registration client 100 in the present embodiment.
- the overall processing unit 111 of the registered client 100 performs a process of inputting the data H R 707 and the data C R 705 to the basic calculation unit 117 (S713).
- the basic operation unit 117 of the registration client 100 calculates an XOR operation that is an exclusive OR for each bit of the input data H R 707 and the data C R 705, and outputs the calculation result as data D R 711. (S714).
- the data H R 707, the data C R 705, and the data D R 711 satisfy Expression (4) by the xor calculation of S714.
- D R H R xor C R (4)
- the calculation of S714 uses data H R 707 that is a random number that does not depend on the concatenated data 703 or the data C R 705. Therefore, even when the relationship between the concatenated data 703 and the data C R 705 is uniquely determined, data D R 711 having different data values can be obtained by using the data H R 707 having different data values each time.
- the overall processing unit 111 of the registration client 100 performs a process of connecting the data P R 706, the data D R 711, and the data G R 709 and storing the created data in the registration data storage unit 130 as the secret registration data 712. (S715).
- Confidential registration data 712, data P R 706 is a random number that does not depend on the connection data 703 and data C R 705, data D R 711, and using the data G R 709, each time, different data values are obtained.
- confidential registration data 712 connecting the data P R 706 and the data D R 711 and data G R 709 is independent of the connection data 703 and the data C R 705. That is, the secret registration data 712 with different data values can be created each time without depending on the input information of the input form 622.
- processing procedure is not fixed, and the processing procedure may be changed.
- the processing procedure of S713 and S714 is changed, and data P R 706, data H R 707 and data G R 709 are concatenated in S713, and then XOR calculation of data H R 707 and data C R 705 is performed in S714. You may calculate.
- other processing procedures may be changed.
- control unit 110 in charge of each process described above is not fixed, and the control unit 110 in charge may be changed.
- the data F R 708 in S711, the compression function unit 115 not may enter the data F R 708 to the encryption unit 112, in S712, the data output from the encryption unit 112, the data G R 709 may be stored in the temporary information storage unit 180.
- the data configuration of the secret registration data 712 may be changed, and the process may be changed accordingly.
- information about the data P R 706 is stored in the storage unit 120, it may be configured to not include the secret registration data 712.
- the data output from S706 is regarded as data H R 706, and the processes related to S707 and S708 can be deleted.
- the entire processing unit 111 of the registration client 100 may concatenate the data D R 711 and the data G R 709 as the secret registration data 712 in S715.
- FIG. 8 is a sequence diagram illustrating processing in which the registration client 100 registers the secret registration data 132 in the DB server 300 via the network 400 in the present embodiment.
- the registration client 100 performs a process of storing the information input to the form from the user via the input unit 101 in the temporary information storage unit 180 (S801).
- the registration client 100 detects that the execution button 650 has been selected by the user via the input unit 101, and performs processing for storing the information input in the form in the storage unit 120 as plain text registration data 131 (S802). ).
- the registration client 100 creates secret registration data 132 by the control unit 110 and stores it in the storage unit 120 (S803).
- the registration client 100 performs processing for transmitting the attribute 133 and the secret registration data 132 to the DB server 300 from the communication unit 103 via the network 400 (S804).
- the DB server 300 performs processing for receiving the attribute 133 and the secret registration data 132 transmitted from the registration client 100 via the network 400 from the communication unit 303 (S805).
- the DB server 300 performs processing for storing the secret registration data 132 in the storage unit 320 as the configuration information of the database 341 using the attribute 133 received by the control unit 310 (S806).
- the DB server 300 performs processing for transmitting the success or failure of the registration processing of the secret registration data 132 from the communication unit 303 to the registration server via the network 400 (S807).
- the registration client 100 performs a process of receiving success or failure of the registration process of the secret registration data 132 transmitted from the DB server 300 via the network 400 from the communication unit 103 (S808).
- the registration client 100 performs a process of displaying registration information including the success or failure of the registration process to the user via the output unit 102 (S809).
- FIG. 9A is a configuration diagram illustrating the management state of the database 341 stored in the database storage unit 340 of the storage unit 320 in the DB server 300.
- the database 341 in the DB server 300 includes an attribute 901 indicating a number, name, email, and the like, and secret registration data 902 (d 0 , d 1 , d) associated with the attribute 901. 2 ...
- FIG. 10 is a diagram illustrating the display content 1000 of the output unit 202 of the search client 200.
- the search client 200 includes a search item portion 1010, a search form portion 1020, a search button 1050 indicating a button displayed as search, and a clear button 1060 indicating a button displayed as clear.
- the search method selection part consists of items related to the type of data to be searched.
- a radio button for specifying a number, name, e-mail, and department to which the user belongs is provided.
- a plurality of items can be selected via the input unit 201.
- the search form part 1020 is composed of an input form 1022 for inputting details such as a number, name, e-mail, and department to which the attribute 1011 is specified by the search method selection part.
- the present embodiment includes a plurality of input forms 1022 designed for entering numbers, entering names, entering emails, and entering departments. Information input to each input form 1022 is stored in the temporary information storage unit 280 of the storage unit 220.
- the clear button 1060 can be selected via the input unit 201. For example, in this embodiment, when the clear button 1060 is selected, the input information of each input form 1022 is deleted.
- the search button 1050 can be selected via the input unit 201.
- the search button 1050 when the search button 1050 is selected, the secret search query 232 is created based on the attribute 1011 specified by the search method selection unit and the information input in the input form 1022, and the DB server Process to send to 300.
- the case where only one attribute 1011 (for example, name) is selected in the selection part of the search method is shown.
- information is input to a plurality of input forms 1022 and a plurality of attributes 1011 are selected. In this case, the same processing can be performed.
- FIG. 11A is an example of a block diagram illustrating a data configuration of the concatenated data 1103 created by the search client 200 based on information input to the input form 1022 output to the output unit 202 in the present embodiment.
- FIG. 11B is an example of a block diagram showing the data structure of the concatenated data 1104 created in the process of creating the secret search query 1111 by the search client 200 in the present embodiment.
- FIG. 11C is a block diagram showing the data structure of the concatenated data 1108 created by the search client 200 in this embodiment.
- the search client 200 uses FIG. 11A, FIG. 11B, and FIG. 11C to create a secret search query 1111 having a different data value every time, regardless of the data value input to the input form 1022. Will be explained.
- the overall processing unit 211 of the search client 200 performs processing for storing the information input in the input form 1022 in the search query storage unit 230 of the storage unit 220 as a plain text search query 1101.
- the plaintext search query 1101 is stored in the temporary information storage unit 280 of the search client 200 as data composed of an m-bit binary representation.
- the overall processing unit 211 of the search client 200 reads the inspection parameter 262 stored in the parameter storage unit 260 and outputs it as error inspection data 1102. At this time, the output error check data 1102 is stored in the temporary information storage unit 280 of the search client 200 as e-bit data.
- the entire processing unit 211 of the search client 200 performs processing for connecting the plain text search query 1101 and the error check data 1102 (S1101).
- the divided error check data 1102 may be inserted at various points in the plaintext search query 1101. For example, error check data 1102 may be inserted at the beginning (header) and end (footer) of the plaintext search query 1101. Further, the error check data 1102 may be mixed by multiplying the plain text search query 1101 by multiplication.
- the search client 200 handles the case where the error check data 1102 is concatenated to the end of the plaintext search query input by the overall processing unit 211 and the concatenated data 1103 is regarded as one data.
- the concatenated data 1103 is stored in the temporary information storage unit 280 of the search client 200 as (m + e) bit data.
- the connection process is not limited to this case, and other connection processes can be similarly performed.
- the overall processing unit 211 of the search client 200 inputs the concatenated data 1103, which is data obtained by concatenating the plaintext search query 1101 and the error check data 1102, and the secret key 251 stored in the secret key storage unit 250 to the encryption unit 212. (S1102).
- the encryption unit 212 of the search client 200 performs a process of encrypting the input data and outputting the data C S 1105 (S1103).
- the concatenated data 1103 input by the overall processing unit 211 may be encrypted by the encryption unit 212, and the output data may be regarded as data C S 1105.
- the data C S 1105 is stored as c-bit data in the temporary information storage unit 280 of the search client 200 (S1104).
- the data C S 1105 may depend on the concatenated data 1103, that is, the input information of the input form 1022.
- the same data C S 1105 may be output from the concatenated data 1103 having the same data value.
- the entire processing unit 211 of the search client 200 reads the secret key 251 from the secret key storage unit 250 and performs a process of inputting the secret key 251 to the pseudo random number generation unit 214 (S1105).
- the pseudo random number generation unit 214 of the search client 200 uses the input secret key 251 to perform a process of outputting a pseudo random number. At this time, the pseudo random number is stored as r-bit data P S 1106 in the temporary information storage unit 280 of the search client 200 (S 1106).
- the pseudo random number output from the pseudo random number generation unit 214 does not depend on the concatenated data 1103 and the data C S 1105. Therefore, the data P S 1106 having different data values can be created each time without depending on the input information of the input form 1022.
- the data P S 1106 outputs a random number due to the nature of the pseudo-random number generation function. Further, the data P S 1106 does not depend on the concatenated data 703 and the data C S 705. Therefore, the data P S 1106 does not depend on the input information of the input form 1022, and the data F S 1107 having different data values can be created each time.
- the overall processing unit 211 of the search client 200 inputs the data P S 1106 and the function parameter 261 stored in the parameter storage unit 260 to the homomorphic function unit 216 (S1107).
- the homomorphic function unit 216 of the search client 200 regards the input data as an input value of a function having a homomorphic property, and uses the function parameter 261 to express the output value of the function calculation as a binary string. Process to output the function value.
- the homomorphic function value is stored as f-bit data F S 1107 in the temporary information storage unit 280 of the search client 200 (S1108).
- Equation (5) holds for the data P S that is the input value and the data F S that is the output value (however, description of the function parameter 261 is omitted).
- F S func (P S ) (5)
- the output of the data F S 1107 is also uniformly distributed due to the property of the homomorphic function processed by the homomorphic function unit 216.
- the data F S 1107 does not depend on the concatenated data 1103 and the data C S 1104. Therefore, similarly to the data P S 1106, the data F S 1107 having different data values can be created each time without depending on the input information of the input form 1022.
- FIG. 11C is a block diagram showing a data configuration of the concatenated data 1108 created by the search client 200 in the present embodiment.
- the overall processing unit 211 of the search client 200 performs a process of connecting the data P S 1106 and the data F S 1107 and inputting the generated connected data 1104 and the data C S 1105 to the basic calculation unit 217 (S1109). .
- the basic operation unit 217 of the search client 200 calculates an XOR operation that is an exclusive OR for each bit of the input concatenated data 1104 and the data C S 1105, and outputs the calculation result as data D S 1110. Processing is performed (S1110).
- the calculation of S1110 uses data P S 1106 which is a random number that does not depend on the concatenated data 1103 and the data C S 1105. Therefore, even when the relationship between the concatenated data 1103 and the data C S 1105 is uniquely determined, the data D S 1110 having different data values can be obtained by using the data P S 1106 having different data values each time.
- the overall processing unit 211 of the search client 200 transmits the concatenated data 1108, which is data obtained by concatenating the data D S 1110 and the data F S 1107, and the secret key 251 stored in the secret key storage unit 250 to the encryption unit 212. Input processing is performed (S1111).
- the encryption unit 212 of the search client 200 encrypts the input data, and the overall processing unit 211 performs a process of storing the encrypted data in the search query storage unit 230 as the secret search query 1111 (S1112).
- the output concealed search query 1111 can also be regarded as a random number. Therefore, even if the search client 200 transmits to the DB server 300 via the network 400 that can be illegally intercepted, the secret search query 1111 is safe.
- the secret search query 1111 uses data P S 1106 and data F S 1107 which are random numbers that do not depend on the concatenated data 1103 and the data C S 1105, and a different data value is obtained each time.
- the concealed search query 1111 that concatenates the data D S 1106 and the data F S 1107 is independent of the concatenated data 1103 and the data C R 1105. That is, the secret search query 1111 having a different data value can be created each time without depending on the input information of the input form 1022.
- processing procedure is not fixed, and the processing procedure may be changed.
- the processing procedure of S1109 and S1110 is changed, the XOR operation of data C S 1105 and data P S 1106 is calculated in S1109, and then data F S 1107 and data D S 1110 are concatenated in S1110. May be.
- other processing procedures may be changed.
- control unit 210 in charge of each of the above processes is not fixed, and the control unit 210 in charge may be changed.
- the secret key 251 may be input to the compression function unit 215 instead of the pseudo-random number generation unit 214 in S1105.
- the data structure of the secret search query 1111 may be changed, and the process may be changed accordingly.
- the overall processing unit 211 performs processing for inputting the data F S 1107 and the secret key 251 stored in the secret key storage unit 250 to the encryption unit 212 (S1111), and the data output by the encryption unit, and data D S 1106, the linked data may be regarded as confidential a search query 1111 (S1112).
- FIG. 12 is a sequence diagram showing processing in which the DB server 300 searches the database 341 using the secret search query 232 transmitted by the search client 200 via the network 400 in the present embodiment.
- the search client 200 performs processing for storing the information input to the form from the user via the input unit 201 in the temporary information storage unit 280 (S1201).
- the search client 200 detects that the search button 1050 has been selected by the user via the input unit 201, and performs processing for storing the information input in the form in the storage unit 220 as the plaintext search query 231 (S1202). ).
- the search client 200 performs a process of creating a secret search query 232 by the control unit 210 and storing it in the storage unit 220 (S1203).
- the search client 200 performs processing for transmitting the attribute 233 and the secret search query 232 from the communication unit 203 to the DB server 300 via the network 400 (S1204).
- the DB server 300 performs processing for receiving the attribute 233 and the secret search query 232 transmitted from the search client 200 via the network 400 from the communication unit 303 (S1205).
- the DB server 300 uses the control unit 310 to search the secret registration data 902 related to the secret search query 332 from the database 341 using the attribute 233 (S1206).
- the DB server 300 performs a process of transmitting a search result (extracted part of the attribute 901 and the secret registration data 902) corresponding to the secret search query 332 from the communication unit 303 to the search server via the network 400 (S1207). ).
- the search client 200 performs a process of receiving a search result corresponding to the secret search query 232 transmitted from the DB server 300 via the network 400 from the communication unit 203 (S1208).
- the search client 200 causes the control unit 210 to restore the plaintext registration data 272 from the search result corresponding to the secret search query 232 (S1209).
- the search client 200 stores the extracted plaintext registration data 272 in the storage unit 220 via the output unit 202. Moreover, you may perform the process which displays the extracted plaintext registration data 272 on the output part 202 (S1210).
- the processing procedure shown in S1206 by which the control unit 310 of the DB server 300 searches for the secret registration data 902 follows S1301 to S1318.
- the overall processing unit 311 of the DB server 300 sets the secret registration data 902 related to the attribute 901 of the database 341 related to the received attribute 233 as a search target.
- FIG. 9B is a configuration diagram illustrating a search target in the database 341 stored in the database storage unit 340 of the storage unit 320 of the DB server 300 using the configuration diagram shown in FIG. 9A.
- the overall processing unit 311 of the DB server 300 indicates the attribute 901 related to the name in the database 341 as indicated by the portion surrounded by the solid line frame in FIG. 9B. Are handled as confidential registration data 902 to be searched.
- the processing procedure from S1301 to S1318 for searching for the secret registration data 902 includes all of the secret registration data 902 to be searched, or the secret registration data 902 arbitrarily extracted from the secret registration data 902 to be searched, or This is performed for a certain number of secret registration data 902.
- FIG. 13A is an example of a block diagram illustrating a data configuration of the concatenated data 1301 obtained by decrypting the confidential search query received from the communication unit 303 by the DB server 300 in the present embodiment.
- FIG. 13B is an example of a block diagram illustrating a data configuration of the secret registration data 1304 in the database 341 stored in the database storage unit 340 by the DB server 300 in the present embodiment.
- FIG. 13C is an example of a block diagram showing a data configuration of the concatenated data 1308 created in the process in which the DB server 300 searches the secret registration data 1304 using the concatenated data 1301 in this embodiment.
- FIG. 13D is an example of a block diagram illustrating a data configuration of the concatenated data 1311 created in the process in which the DB server 300 searches the secret registration data 1304 using the concatenated data 1301 in the present embodiment.
- the DB server 300 correctly retrieves the secret registration data 1304 even when using the concatenated data 1301 having different data values each time. Will be explained.
- the overall processing unit 311 of the DB server 300 performs processing for receiving the confidential search query 1300 using the communication unit 303. At this time, the overall processing unit 311 of the DB server 300 stores the secret search query 1300 in the search query storage unit 330.
- the overall processing unit 311 of the DB server 300 performs a process of inputting the secret search query 1300 and the secret key 351 stored in the secret key storage unit 350 to the decryption unit 313 (S1301).
- the decryption unit of the DB server 300 decrypts the input confidential search query 1300 and outputs the concatenated data 1301 (S1302).
- the concatenated data 1301 is stored in the temporary information storage unit 280 of the DB server 300 as data configured in binary representation of (h + f) bits.
- Overall processing unit 311 of the DB server 300 performs processing to retrieve the data D S 1302 from the connection data 1301 (S1303).
- S1303 is, for example, as shown in FIG. 13A, DB server 300, the overall processing unit 311, the concatenated data 1301, the first h-bit corresponding to the data D S 1302, may be extracted.
- Overall processing unit 311 of the DB server 300 is stored in the database storage unit 340, reads the secret registration data 1304 in the database 341, the secret registration data 1304 performs a process of retrieving data D R 1306 (S1304).
- S1304 is, for example, as shown in FIG. 13B, the last DB server 300, the overall processing unit 311, the answer from confidential registration data 1304, and the first r bits corresponding to the data P R 1305, the data G R 1307
- the data from which the g bits are removed can be treated as data D R 1306.
- FIG. 13C is a block diagram showing a data structure of the concatenated data 1308 created by the DB server 300 in this embodiment.
- the overall processing unit 311 of the DB server 300 performs a process of inputting the data D R 711 and the data D S 1302 to the basic calculation unit 317 (S1305).
- the basic operation unit 117 of the registered client 100 calculates an XOR operation that is an exclusive OR for each bit of the input data D R 1309 and the data D S 1310, and outputs the calculation result as concatenated data 1308. Is performed (S1306).
- FIG. 13D is an example of a block diagram illustrating a data configuration of the concatenated data 1311 created by the DB server 300 in the present embodiment.
- the overall processing unit 311 of the DB server 300 inputs the concatenated data 1308 and the function parameter 361 stored in the parameter storage unit 360 to the homomorphic function unit 316 (S1307).
- the homomorphic function unit 316 of the DB server 300 regards the input data as an input value of a function having a homomorphic property, and uses the function parameter 361 to express a function calculation output value as a binary string. Process to output the value.
- the temporary information storage unit 380 of the DB server 300 is stored as data F D 1312 of h bits (S1308).
- the overall processing unit 311 of the DB server 300 performs processing for extracting the data F S 1303 from the concatenated data 1301 (S1309).
- the DB server 300 may extract the last f bits corresponding to the data F S 1303 from the concatenated data 1301 input by the overall processing unit 311.
- the basic operation unit 317 of the DB server 300 calculates an XOR operation that is an exclusive OR for each bit of the input data F D 1312 and the data F S 1303, and outputs the calculation result as data D D 1313. Processing is performed (S1311).
- the compression function unit 315 of the DB server 300 performs a process of converting input data and outputting a hash value.
- the hash value, the temporary information storage unit 180 of the registration client 100 is stored as data G D 1314 of g bits (S1313).
- Overall processing unit 311 of the DB server 300 performs processing to input data G D 1314 and the data G R 1307 to the basic computation unit 317 (S1314).
- the basic operation unit 317 of the DB server 300 calculates an XOR operation that is an exclusive OR of each bit of the input data G D 1314 and the data G R 1307, and outputs the calculation result as data E D 1315 (S1315).
- the entire processing unit 311 of the DB server 300 determines that there is no relationship between the secure search query 1300 and confidentiality registration data 1304. At this time, until all of the secret registration data 1304 to be searched, all of the secret registration data 1304 arbitrarily extracted from the secret registration data 1304 to be searched, or the searched secret registration data 1304 reaches a certain number, The control unit 310 of the server 300 returns to S1304 and continues the process of searching for the secret registration data 1304 (S1317).
- the entire processing unit 311 of the DB server 300 determines that a relationship of the secure search query 1300 and confidentiality registration data 1304. At this time, the determined secret registration data 1304 and the secret registration data 1304 corresponding to the related attribute 901 are regarded as search results corresponding to the secret search query 1300 (S1318).
- the search result is that the searched attribute 901 is information related to the name, and that the secret registration data 1304 related to the secret search query 1300 is d k + 1.
- the unit 311 determines, d k + 1 that is the determined secret registration data 1304 and the secret registration data 1304 (d k , d k + 2) surrounded by a thick dotted line in FIG. 9B corresponding to the attribute 901. , D k + 3 ,...) are regarded as search results corresponding to the secret search query 1300.
- the registration client 100 creates secret registration data 712 having different data values each time
- the search client 200 creates a secret search query 1111 having different data values each time
- the secret registration data 1304 corresponding to the received secret search query 1300 can be correctly searched.
- the data values of the data C s 705 and the data C R 1105 are canceled out in the search process, and the DB server 300 stores the data C s 705 and the data C R 1105. Data values are not leaked.
- processing procedure is not fixed, and the processing procedure may be changed.
- the processing procedures of S1303 and S1305 and S1304 and S1306 may be changed, and the data D R 1306 may be extracted in S1304, and the data D S 1302 may be extracted in S1306.
- other processing procedures may be changed.
- control unit 310 in charge of each process described above is not fixed, and the control unit 310 in charge may be changed.
- the DB server 300 comprises an encryption unit 312, the data D R 1313 in S1312, the compression function unit 315 not may be input to the encryption unit 312, in S1314, the output from the encryption unit 312 the data, as data G D 1314 may be stored in the temporary information storage unit 380.
- the determination criterion corresponding to the search process may be changed. For example, used in S1316, instead of determining that the any bit of data E D 1315 is equal to 0, and the specific values can be changed, the judgment formula of magnitude relationships of the data values of the data E D 1315 You may make it judge.
- the search result may be configured by changing the data configuration of the secret registration data 1304 corresponding to the secret search query 1301.
- information about the data G R 1307 is may be configured not in the search results.
- the DB server 300 comprises a pseudo-random number generation unit 314, the overall processing unit 311 inputs the secret key 351 to the pseudo-random number generation unit 314, a pseudo-random pseudo random number generation unit 314 has output the data G R 1307
- the linked data may be included in the search result as the secret registration data 1304 corresponding to the secret search query 1301.
- the data G R 1307 and the pseudo-random number, as the secret registration data 1304 corresponding to the secure search query 1301 together, may be included in the search results, instead of the pseudo-random number, it is possible to apply a general index.
- the overall processing unit 311 inputs the secret registration data 1304 corresponding to the secret search query 1301 and the secret key 351 to the encryption unit 313, and outputs the output data. May be regarded as a search result.
- the secret registration data 1304 corresponding to the secret search query 1301 is linked with a pseudo-random number or a general index, the input value to the encryption unit 313 is different from time to time. Can be considered. Therefore, even if the DB server 300 transmits to the search client 200 via the network 400 that can be illegally intercepted, the search result is safe.
- control unit 210 of the search client 200 shown in S1209 decrypts the confidential registration data 1304 for all or part of the received confidential registration data 1304 and extracts the plaintext registration data 272.
- the processing procedure from S1401 to S1411 is followed.
- FIG. 14A is an example of a block diagram illustrating a data configuration of the secret registration data 1401 received from the communication unit 203 by the search client 200 in the present embodiment.
- FIG. 14B in this embodiment, DB server 300 is an example of a block diagram showing the data structure of the data C R 1405 to create in the process of decoding the secret registration data 1401.
- FIG. 14C is an example of a block diagram showing the data structure of the concatenated data 1409 that the DB server 300 creates in the process of decrypting the secret registration data 1401 in this embodiment.
- the overall processing unit 211 of the search client 200 performs processing for receiving the confidential registration data 1401 using the communication unit 203.
- the search client 200 stores the registration data 1401 in the search query storage unit 230 as data configured with a binary representation of (r + h + g) bits.
- Overall processing unit 211 of the search client 200 performs a process for retrieving data P R 1402 from confidential registration data 1401 (S1401).
- S1401 is, for example, as shown in FIG. 14, the search client 200, the secret registration data 1401 overall processing unit 211 is input, it may be extracted first r bits corresponding to the data P R 1402.
- Overall processing unit 211 of the search client 200 reads the secret key 251 from the secret key storage unit 250, performs a process of inputting the secret key 251 and the data P R 1402 to the compression function unit 215 (S1402).
- the compression function unit 215 of the search client 200 performs a process of converting the input data and outputting a hash value (S1403). At this time, the hash value is stored in the temporary information storage unit 280 of the search client 200 as h-bit data H S 1407.
- Figure 14B in this embodiment, is a block diagram showing the data structure of the data C R 1405 that DB server 300 creates.
- the overall processing unit 211 of the search client 200 performs a process of inputting the data D R 1403 and the data H S 1407 to the basic calculation unit 217 (S1404).
- the basic operation unit 217 of the search client 200 calculates an XOR operation that is an exclusive OR for each bit of the input data D R 1403 and the data H S 1407 and outputs the calculation result as data C R 1405. Processing is performed (S1405).
- the overall processing unit 211 of the search client 200 performs a process of inputting the data output from the basic calculation unit 217 and the secret key 251 stored in the secret key storage unit 250 to the decryption unit 213 (S1406).
- Decoding unit of the search client 200 decrypts the data C R 1405 that is input, performs a process of outputting the concatenated data 1409 (S1407). At this time, as shown in FIG. 14C, the concatenated data 1409 is stored in the temporary information storage unit 280 of the search client 200 as (m + e) bit data.
- the overall processing unit 211 of the search client 200 performs processing for extracting error check data 1411 from the concatenated data 1409 (S1408).
- the search client 200 may extract the e-bit at the end of the data as error check data 1411 from the concatenated data 1403 input by the overall processing unit 211.
- the overall processing unit 211 of the search client 200 performs a process of reading the inspection parameter 262 stored in the parameter storage unit 260 and inputting the data converted into inspection data and the error inspection data 1411 to the basic arithmetic unit 217. (S1409).
- the basic operation unit 217 of the search client 200 performs processing for comparing the input data converted for inspection with the error inspection data 1411 and outputting the comparison result (S1410).
- the bit (1) representing the equal sign is output, and if not equal, the bit (0) representing the inequality sign is output. Do.
- the overall processing unit 211 of the search client 200 performs a process of determining that the search result is correct.
- the overall processing unit 311 of the DB server 300 performs a process of determining that the search result is incorrect.
- the overall processing unit 211 of the search client 200 performs processing that uses the plaintext registration data 1410 extracted from the concatenated data 1402 as a search result according to the result output by the basic calculation unit 217, and restores the plaintext registration data 1410 (S1209 ) Is terminated (S1411). For example, as shown in FIG. 14C, the search client 200 regards the first m bits of data as the plaintext registration data 1410 from the concatenated data 1409 input by the overall processing unit 211.
- search client 200 or register Processing may be performed so that the secret registration data is re-registered in the DB server 300 from the client 100.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
Description
F(x・y)=F(x)?F(y) (1)
が成り立つ関数を指す。ただし、・と?は、演算記号を表わし、加算用の演算記号+、乗算用の演算記号*、ビット毎の排他的論理和であるXOR(eXclusive OR)演算用の演算記号xor等が入る。
F(x xor y)=F(x)xor F(y) (2)
ただし、準同型関数が式(2)以外の演算記号で成り立つ時でも、本実施形態は同様に実施できる。
FR = func(HR) (3)
データFR708は、準同型関数部116が処理する準同型関数の性質から、入力されたデータ値が乱数の場合、出力も乱数とみなせる。また、データFR708は、連結データ703と、データCR705に依存しない。従って、データHR707同様、入力フォーム622の入力情報に依存せず、毎回、データ値の異なるデータFR707を作成できる。
DR =HR xor CR (4)
S714の計算は、連結データ703やデータCR705に依存しない、乱数であるデータHR707を用いている。従って、連結データ703とデータCR705の関係が一意に定まる場合でも、毎回、データ値が異なる、データHR707を用いれば、異なるデータ値のデータDR711が得られる。
以下では、図11Aと、図11Bと、図11Cとを用い、入力フォーム1022に入力されたデータ値によらず、検索クライアント200が、毎回、データ値の異なる秘匿検索クエリ1111を作成する処理手順を説明する。
FS = func(PS) (5)
データFS1107は、準同型関数部216が処理する準同型関数の性質から、入力されたデータ値が一様に分布する乱数の場合、出力も同様に一様分布する。また、データFS1107は、連結データ1103とデータCS1104に依存しない。従って、データPS1106同様、入力フォーム1022の入力情報に依存せず、毎回、データ値の異なるデータFS1107を作成できる。
Ds xor DR = PS xor HR (ただし、Cs=CRのとき) (6)
図13Dは、本実施形態において、DBサーバ300が作成する連結データ1311のデータ構成を示すブロック図の例である。
FD = F(PS xor HR) =FS xor FR (7)
なお、式(7)は、式(3)と、式(5)と、式(6)とより導ける。
DR = FD xor FS= FR (8)
従って、データCs705とデータCR1105のデータ値が等しい場合、データDR1313のデータ値はデータFR708と等しい。
GD xor GS= 0 (9)
DBサーバ300の全体処理部311は、任意の数だけ、データED1315のビット値が0であるかを判定する(S1316)。
CR =HR xor DR (10)
なお、式(10)は、式(4)を変形した数式である。
Claims (10)
- 確率的暗号化方式により暗号化された登録データを記憶するDBサーバと、
検索クライアントとを含み、
前記検索クライアントから受信した、前記DBサーバが記憶するデータの検索を要求する検索クエリに従い、前記DBサーバが記憶する前記データの暗号化を解除せずに、検索する検索可能暗号処理システムであって、
前記確率的暗号化方式は、同一のデータ値の平文から異なるデータ値の暗号文を生成するデータの暗号化方式であり、
前記検索クライアントは、前記検索クエリを記憶する記憶部と、前記検索クエリを暗号化する制御部と、暗号化した前記検索クエリを送信する通信部とを備え、
前記検索クライアントにおける前記制御部は、第1の乱数を生成する乱数生成部と、前記第1の乱数により前記検索クエリを前記確率的暗号化方式で暗号化する基本演算部と、前記第1の乱数を入力値とする準同型関数の関数値を出力値とする準同型関数部とを備え、
前記検索クライアントにおける前記制御部は、前記準同型関数部が出力した前記関数値を変換し、ハッシュ値を出力する圧縮関数部を備え、
前記DBサーバは、前記検索クエリを受信する通信部と、暗号化された前記検索クエリと暗号化された前記登録データを記憶する記憶部と、記憶する前記登録データが前記検索クエリに該当するかを決定する制御部とを備え、
前記DBサーバにおける前記制御部は、暗号化された前記登録データと暗号化された前記検索クエリとの乱数の相関を導出する全体処理部と、前記相関を入力値とする準同型関数の関数値を出力値とする準同型関数部とを備え、
前記検索クライアントが送信する暗号化された前記検索クエリは、前記基本演算部により、前記確率的暗号化方式で暗号化された暗号文と、前記圧縮関数部が出力する前記ハッシュ値から構成されるデータが暗号化されていることを特徴とする検索可能暗号処理ステム。 - 確率的暗号化方式により、暗号化された登録データを記憶するDBサーバと、
検索クライアントとを含み、
前記検索クライアントから受信した、前記DBサーバが記憶するデータの検索を要求する検索クエリに従い、前記DBサーバが記憶する前記データの暗号化を解除せずに、検索する検索可能暗号処理システムであって、
前記確率的暗号化方式は、同一のデータ値の平文から異なるデータ値の暗号文を生成するデータの暗号化方式であり、
前記検索クライアントは、前記検索クエリを記憶する記憶部と、前記検索クエリを暗号化する制御部と、暗号化した前記検索クエリを送信する通信部とを備え、
前記検索クライアントにおける前記制御部は、乱数を生成する乱数生成部と、前記乱数により前記検索クエリを前記確率的暗号化方式で暗号化する基本演算部と、前記乱数を入力値とする準同型関数の関数値を出力値とする準同型関数部とを備え、
前記DBサーバは、前記検索クエリを受信する通信部と、暗号化された前記検索クエリと暗号化された前記登録データを記憶する記憶部と、記憶する前記登録データが前記検索クエリに該当するかを決定する制御部とを備え、
前記DBサーバにおける前記制御部は、暗号化された前記登録データと、暗号化された前記検索クエリとの乱数の相関を導出する全体処理部と、前記相関を入力値とする準同型関数の関数値を出力値とする準同型関数部とを備え、
前記検索クライアントが送信する暗号化された前記検索クエリは、前記基本演算部により、前記確率的暗号化方式で暗号化された前記データと、前記準同型関数部が出力した前記関数値から構成されるデータが暗号化されることを特徴とする検索可能暗号処理ステム。 - 請求項1記載の検索可能暗号処理システムであって、
、前記確率的暗号化方式により、前記登録データを暗号化する登録クライアントを有し、
前記DBサーバの前記通信部は、暗号化した前記登録データを受信し、前記DBサーバの前記記憶部は前記登録データを記憶し、
前記登録クライアントは、前記登録データを記憶する記憶部と、前記登録データを暗号化する制御部と、暗号化した前記登録データを送信する通信部とを備え、
前記登録クライアントにおける前記制御部は、第2の乱数を生成する乱数生成部と、前記第2の乱数により前記登録データを前記確率的暗号化方式で暗号化する基本演算部と、前記第2の乱数を入力値とする準同型関数の関数値を出力値とする準同型関数部と、を備えることを特徴とする検索可能暗号処理ステム。 - 請求項3記載の検索可能暗号処理システムであって、
前記登録クライアントが送信する暗号化された前記登録データは、前記乱数部が出力した前記第2の乱数と、前記基本演算部により前記確率的暗号化方式で暗号化された暗号文と、前記準同型関数部が出力する前記関数値から構成されることを特徴とする検索可能暗号処理システム。 - 請求項4記載の検索可能暗号処理システムであって、
前記DBサーバの前記通信部は、前記検索クエリに該当する、暗号化された前記登録データを送信し、
前記検索クライアントの前記通信部は、暗号化された前記登録データを受信し、前記検索クライアントの前記制御部は、前記登録データを復号化し、
前記検索クライアントの前記制御部は、暗号化された前記登録データを暗号化した第3の乱数を出力する圧縮関数部を備え、前記検索クライアントの前記基本演算部は、前記登録データの暗号化を解除することを特徴とする検索可能暗号処理ステム。 - 請求項5記載の検索可能暗号処理システムであって、
前記DBサーバの前記基本演算部は、前記登録データから任意のデータを抽出し、前記圧縮関数部が出力した前記第3の乱数から、指定されたデータ長分を検査することを特徴とする検索可能暗号処理ステム。 - 請求項6記載の検索可能暗号処理システムであって、
前記登録クライアントの前記記憶部は、前記登録クライアントの前記準同型関数部に入力可能な関数パラメータを記憶し、
前記検索クライアントの前記記憶部は、前記検索クライアントの前記準同型関数部に入力可能な関数パラメータを記憶し、
前記DBサーバの前記記憶部は、前記DBサーバの前記準同型関数部に入力可能な関数パラメータを記憶することを特徴とする検索可能暗号処理システム。 - 請求項7記載の検索可能暗号処理システムであって、
前記検索クライアントの前記記憶部は、暗号化を解除した前記登録データの検査用のパラメータを記憶し、
前記検索クライアントは、暗号化を解除した前記登録データから検査用のデータを抽出し、前記検査用のパラメータとの関係を検査する全体処理部を備えることを特徴とする検索可能暗号処理ステム。 - 請求項8記載の検索可能暗号処理システムであって、
前記登録クライアントは、前記登録データを決定的暗号化方式で暗号化する暗号化部を備え、
前記決定的暗号化方式は、同一のデータ値の平文からデータ値が等しい暗号文を生成するデータの暗号化方式であることを特徴とする検索可能暗号処理ステム。 - 請求項9記載の検索可能暗号処理システムであって、
前記登録クライアントの前記記憶部は、暗号化されていない、登録用のデータを記憶し、前記登録クライアントの前記記憶部に記憶した検査用のパラメータから、誤り検査用のデータを抽出し、前記登録用のデータと結合させる全体制御部を備えることを特徴とする検索可能暗号処理ステム。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020137007399A KR101467130B1 (ko) | 2010-12-08 | 2011-11-29 | 검색 가능 암호 처리 시스템 |
EP15195911.1A EP3012754B1 (en) | 2010-12-08 | 2011-11-29 | Searchable symmetric encryption processing system |
CN201180046068.8A CN103119594B (zh) | 2010-12-08 | 2011-11-29 | 可检索密码处理*** |
US13/825,643 US9275250B2 (en) | 2010-12-08 | 2011-11-29 | Searchable encryption processing system |
EP11847558.1A EP2650798A4 (en) | 2010-12-08 | 2011-11-29 | BROKEN ENCRYPTION PROCESSING SYSTEM |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2010-273556 | 2010-12-08 | ||
JP2010273556A JP5412414B2 (ja) | 2010-12-08 | 2010-12-08 | 検索可能暗号処理システム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012077541A1 true WO2012077541A1 (ja) | 2012-06-14 |
Family
ID=46207032
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2011/077588 WO2012077541A1 (ja) | 2010-12-08 | 2011-11-29 | 検索可能暗号処理システム |
Country Status (6)
Country | Link |
---|---|
US (1) | US9275250B2 (ja) |
EP (2) | EP3012754B1 (ja) |
JP (1) | JP5412414B2 (ja) |
KR (1) | KR101467130B1 (ja) |
CN (1) | CN103119594B (ja) |
WO (1) | WO2012077541A1 (ja) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014203339A1 (ja) | 2013-06-18 | 2014-12-24 | 株式会社日立製作所 | 保持数検証システム |
WO2015108052A1 (ja) | 2014-01-16 | 2015-07-23 | 株式会社日立ソリューションズ | 検索可能暗号処理システムおよび検索可能暗号処理方法 |
CN104978536A (zh) * | 2015-07-08 | 2015-10-14 | 合肥高维数据技术有限公司 | 一种隐私保护云图像管理*** |
JP5963936B2 (ja) * | 2013-02-25 | 2016-08-03 | 三菱電機株式会社 | サーバ装置、秘匿検索プログラム,記録媒体及び秘匿検索システム |
JP2017044779A (ja) * | 2015-08-25 | 2017-03-02 | 株式会社日立製作所 | 検索可能暗号処理システム |
WO2017122326A1 (ja) * | 2016-01-14 | 2017-07-20 | 三菱電機株式会社 | 秘匿検索システム、秘匿検索方法及び秘匿検索プログラム |
EP3531365A1 (en) | 2018-02-22 | 2019-08-28 | Hitachi, Ltd. | Computer system, connection apparatus, and processing method using transaction |
Families Citing this family (64)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012115031A1 (ja) * | 2011-02-22 | 2012-08-30 | 三菱電機株式会社 | 検索システム、検索システムの検索方法、情報処理装置、検索プログラム、対応キーワード管理装置および対応キーワード管理プログラム |
CN103392197B (zh) * | 2011-03-04 | 2016-04-13 | 日本电信电话株式会社 | 代理计算***、方法、委托装置 |
JP5622714B2 (ja) * | 2011-12-27 | 2014-11-12 | 株式会社東芝 | 情報処理装置および電力利用調整システム |
CN104081390B (zh) | 2012-01-25 | 2017-11-03 | 三菱电机株式会社 | 数据检索装置、数据检索方法、数据检索程序、数据登记装置、数据登记方法、数据登记程序以及信息处理装置 |
US9087212B2 (en) * | 2012-01-25 | 2015-07-21 | Massachusetts Institute Of Technology | Methods and apparatus for securing a database |
CA3092595A1 (en) * | 2012-06-18 | 2014-01-16 | Ologn Technologies Ag | Secure password management systems, methods and apparatuses |
US9665722B2 (en) * | 2012-08-10 | 2017-05-30 | Visa International Service Association | Privacy firewall |
WO2014092105A1 (ja) | 2012-12-12 | 2014-06-19 | 日本電気株式会社 | データベース検索装置、データベース検索方法及びプログラム |
JP2014119486A (ja) * | 2012-12-13 | 2014-06-30 | Hitachi Solutions Ltd | 秘匿検索処理システム、秘匿検索処理方法、および秘匿検索処理プログラム |
JP5889177B2 (ja) * | 2012-12-25 | 2016-03-22 | 株式会社日立製作所 | データベースシステム及びその更新方法 |
US9286488B2 (en) | 2013-03-13 | 2016-03-15 | Northrop Grumman Systems Corporation | System and method for secure database queries |
US9553867B2 (en) | 2013-08-01 | 2017-01-24 | Bitglass, Inc. | Secure application access system |
US9552492B2 (en) * | 2013-08-01 | 2017-01-24 | Bitglass, Inc. | Secure application access system |
US10122714B2 (en) | 2013-08-01 | 2018-11-06 | Bitglass, Inc. | Secure user credential access system |
JP6144992B2 (ja) | 2013-08-08 | 2017-06-07 | 株式会社日立製作所 | 検索可能暗号処理システム及び方法 |
JP5937556B2 (ja) * | 2013-09-30 | 2016-06-22 | 日本電信電話株式会社 | 秘密計算装置、秘匿検索システム、秘密計算方法、秘匿検索方法、プログラム |
JPWO2015063905A1 (ja) * | 2013-10-31 | 2017-03-09 | 株式会社日立製作所 | データ分析システム |
US9363243B2 (en) | 2014-03-26 | 2016-06-07 | Cisco Technology, Inc. | External indexing and search for a secure cloud collaboration system |
US10693626B2 (en) * | 2014-04-23 | 2020-06-23 | Agency For Science, Technology And Research | Method and system for generating/decrypting ciphertext, and method and system for searching ciphertexts in a database |
US9558366B2 (en) * | 2014-05-12 | 2017-01-31 | Compugroup Medical Se | Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method |
KR101583311B1 (ko) * | 2014-08-28 | 2016-01-08 | 고려대학교 산학협력단 | 키 교환 방법 및 바디 센서 |
WO2016063344A1 (ja) * | 2014-10-21 | 2016-04-28 | 三菱電機株式会社 | サーバ装置及び検索システム及び端末装置及び検索方法及びサーバプログラム及び端末プログラム |
US10484182B2 (en) | 2014-11-05 | 2019-11-19 | Nec Corporation | Encrypted text verification system, method, and recording medium |
US20170322977A1 (en) * | 2014-11-07 | 2017-11-09 | Hitachi, Ltd. | Method for retrieving encrypted graph, system for retrieving encrypted graph, and computer |
US9537838B2 (en) | 2014-12-22 | 2017-01-03 | Sap Se | Adjustable proxy re-encryption |
US9547720B2 (en) | 2014-12-24 | 2017-01-17 | Sap Se | Access control for encrypted query processing |
WO2016113886A1 (ja) * | 2015-01-15 | 2016-07-21 | 三菱電機株式会社 | 乱数拡大装置、乱数拡大方法及び乱数拡大プログラム |
WO2016120975A1 (ja) * | 2015-01-26 | 2016-08-04 | 株式会社日立製作所 | データ集計分析システム及びその方法 |
WO2016129390A1 (ja) | 2015-02-10 | 2016-08-18 | 株式会社RNAi | 端末装置、データベースサーバおよび計算システム |
US11775656B2 (en) | 2015-05-01 | 2023-10-03 | Micro Focus Llc | Secure multi-party information retrieval |
KR102423885B1 (ko) * | 2015-05-08 | 2022-07-21 | 한국전자통신연구원 | 연산 에러 검출이 가능한 준동형 암호 방법 및 그 시스템 |
US10404669B2 (en) | 2015-06-09 | 2019-09-03 | Skyhigh Networks, Llc | Wildcard search in encrypted text |
US10176207B1 (en) | 2015-06-09 | 2019-01-08 | Skyhigh Networks, Llc | Wildcard search in encrypted text |
US9894042B2 (en) * | 2015-07-24 | 2018-02-13 | Skyhigh Networks, Inc. | Searchable encryption enabling encrypted search based on document type |
CN108141462B (zh) * | 2015-08-18 | 2020-11-13 | 诺基亚通信公司 | 数据库查询的方法和*** |
JP6701646B2 (ja) * | 2015-09-02 | 2020-05-27 | 富士通株式会社 | 情報処理装置、情報処理システム及び情報管理方法 |
JP5969681B1 (ja) * | 2015-10-30 | 2016-08-17 | 株式会社第一コンピュータサービス | 秘密情報管理システム |
WO2017082875A1 (en) | 2015-11-10 | 2017-05-18 | Hewlett Packard Enterprise Development Lp | Data allocation based on secure information retrieval |
EP3392865B1 (en) | 2016-01-15 | 2021-06-02 | Mitsubishi Electric Corporation | Encryption device, encryption method, and encryption program |
JP6289768B2 (ja) * | 2016-01-18 | 2018-03-07 | 三菱電機株式会社 | 暗号化装置、暗号化プログラム及び暗号化方法 |
JP6589051B2 (ja) * | 2016-03-28 | 2019-10-09 | 株式会社日立製作所 | データベースシステム及びデータ検索方法 |
CN109923549B (zh) * | 2016-08-24 | 2023-11-07 | 罗伯特·博世有限公司 | 处理倒排索引的可搜索对称加密***和方法 |
US11080301B2 (en) | 2016-09-28 | 2021-08-03 | Hewlett Packard Enterprise Development Lp | Storage allocation based on secure data comparisons via multiple intermediaries |
US10230703B1 (en) | 2016-10-27 | 2019-03-12 | Cisco Technology, Inc. | Providing multiple levels of group access to partial data objects |
JP6653246B2 (ja) * | 2016-12-08 | 2020-02-26 | 株式会社日立製作所 | 計算機システム及びデータ管理方法 |
EP3561797B1 (en) | 2016-12-20 | 2022-02-09 | Nippon Telegraph And Telephone Corporation | Message transmission system, communication terminal, server device, message transmission method, and program |
US11128452B2 (en) * | 2017-03-25 | 2021-09-21 | AVAST Software s.r.o. | Encrypted data sharing with a hierarchical key structure |
CN110546631A (zh) | 2017-04-25 | 2019-12-06 | 三菱电机株式会社 | 检索装置、检索***、检索方法和检索程序 |
JP6351890B1 (ja) | 2017-05-18 | 2018-07-04 | 三菱電機株式会社 | 検索装置、秘匿検索システム及び検索プログラム |
US10846423B2 (en) * | 2017-08-11 | 2020-11-24 | Palo Alto Research Center Incorporated | System and architecture for analytics on encrypted databases |
EP3675086B1 (en) | 2017-09-12 | 2021-10-27 | Mitsubishi Electric Corporation | Registration terminal, search terminal, search server, search system, registration program, and search program |
JP6619401B2 (ja) * | 2017-09-21 | 2019-12-11 | 三菱スペース・ソフトウエア株式会社 | データ検索システム、データ検索方法およびデータ検索プログラム |
US10963429B2 (en) | 2017-10-11 | 2021-03-30 | Lognovations Holdings, Llc | Method and system for content agnostic file indexing |
US11138152B2 (en) | 2017-10-11 | 2021-10-05 | Lognovations Holdings, Llc | Method and system for content agnostic file indexing |
US10866822B2 (en) * | 2017-11-28 | 2020-12-15 | Bank Of America Corporation | Computer architecture for emulating a synchronous correlithm object processing system |
GB201720341D0 (en) * | 2017-12-06 | 2018-01-17 | Trisent Communications Ltd | Personal data management |
WO2019142268A1 (ja) | 2018-01-17 | 2019-07-25 | 三菱電機株式会社 | 登録装置、検索操作装置、データ管理装置、登録プログラム、検索操作プログラムおよびデータ管理プログラム |
US11764940B2 (en) | 2019-01-10 | 2023-09-19 | Duality Technologies, Inc. | Secure search of secret data in a semi-trusted environment using homomorphic encryption |
JP7249248B2 (ja) * | 2019-08-30 | 2023-03-30 | 株式会社日立製作所 | 秘匿情報処理システム及び秘匿情報処理方法 |
US11436351B1 (en) * | 2019-12-18 | 2022-09-06 | Bae Systems Information And Electronic Systems Integration Inc. | Homomorphic encryption of secure data |
JP7325396B2 (ja) | 2020-12-25 | 2023-08-14 | 株式会社日立製作所 | データファイル暗号化送受信システム及びデータファイル暗号化送受信方法 |
KR102401485B1 (ko) * | 2021-12-30 | 2022-05-24 | 주식회사 디사일로 | 동형 암호화된 데이터 처리 방법 및 시스템 |
KR102613986B1 (ko) | 2023-03-31 | 2023-12-14 | 고려대학교산학협력단 | 신뢰 실행 환경 기반의 동적 탐색 가능한 암호화에서 정보 유출을 최소화하는 방법, 장치 및 시스템 |
KR102613985B1 (ko) | 2023-03-31 | 2023-12-14 | 고려대학교산학협력단 | 탐색 가능한 암호화에서 역방향 안정성 하향 공격에 대한 방어 방법, 장치 및 시스템 |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007114494A (ja) * | 2005-10-20 | 2007-05-10 | Nippon Telegr & Teleph Corp <Ntt> | 秘匿計算方法及び装置 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030140112A1 (en) * | 1999-11-04 | 2003-07-24 | Satish Ramachandran | Electronic messaging system method and apparatus |
US7362868B2 (en) * | 2000-10-20 | 2008-04-22 | Eruces, Inc. | Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data |
JP2002278970A (ja) * | 2001-03-16 | 2002-09-27 | Ricoh Co Ltd | 文書管理システム |
US7472105B2 (en) * | 2004-10-19 | 2008-12-30 | Palo Alto Research Center Incorporated | System and method for providing private inference control |
CN101593196B (zh) * | 2008-05-30 | 2013-09-25 | 日电(中国)有限公司 | 用于快速密文检索的方法、装置和*** |
CN101739400B (zh) * | 2008-11-11 | 2014-08-13 | 日电(中国)有限公司 | 生成索引的方法和装置以及检索方法和装置 |
US8819451B2 (en) * | 2009-05-28 | 2014-08-26 | Microsoft Corporation | Techniques for representing keywords in an encrypted search index to prevent histogram-based attacks |
-
2010
- 2010-12-08 JP JP2010273556A patent/JP5412414B2/ja active Active
-
2011
- 2011-11-29 US US13/825,643 patent/US9275250B2/en active Active
- 2011-11-29 EP EP15195911.1A patent/EP3012754B1/en active Active
- 2011-11-29 WO PCT/JP2011/077588 patent/WO2012077541A1/ja active Application Filing
- 2011-11-29 CN CN201180046068.8A patent/CN103119594B/zh active Active
- 2011-11-29 EP EP11847558.1A patent/EP2650798A4/en not_active Withdrawn
- 2011-11-29 KR KR1020137007399A patent/KR101467130B1/ko active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007114494A (ja) * | 2005-10-20 | 2007-05-10 | Nippon Telegr & Teleph Corp <Ntt> | 秘匿計算方法及び装置 |
Non-Patent Citations (3)
Title |
---|
DAWN XIAODONG SONG; DAVID WAGNER; ARIAN PERRIG: "Practical Techniques for Searches on Encrypted Data", PROCEEDINGS OF THE 2000 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2000, pages 44 - 55 |
See also references of EP2650798A4 |
ZHIQIANG YANG; SHENG ZHONG; REBECCA N. WRIGHT.: "Proceedings of the 11th European Symposium on Research in Computer Security (Esorics", vol. 4189, 2006, COMPUTER SCIENCE, article "Privacy-Preserving Queries on Encrypted Data", pages: 476 - 495 |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5963936B2 (ja) * | 2013-02-25 | 2016-08-03 | 三菱電機株式会社 | サーバ装置、秘匿検索プログラム,記録媒体及び秘匿検索システム |
US9654472B2 (en) | 2013-06-18 | 2017-05-16 | Hitachi, Ltd. | Storage count verification system |
JP5976932B2 (ja) * | 2013-06-18 | 2016-08-24 | 株式会社日立製作所 | 保持数検証システム |
WO2014203339A1 (ja) | 2013-06-18 | 2014-12-24 | 株式会社日立製作所 | 保持数検証システム |
WO2015108052A1 (ja) | 2014-01-16 | 2015-07-23 | 株式会社日立ソリューションズ | 検索可能暗号処理システムおよび検索可能暗号処理方法 |
US10489604B2 (en) | 2014-01-16 | 2019-11-26 | Hitachi, Ltd. | Searchable encryption processing system and searchable encryption processing method |
CN104978536A (zh) * | 2015-07-08 | 2015-10-14 | 合肥高维数据技术有限公司 | 一种隐私保护云图像管理*** |
WO2017033843A1 (ja) * | 2015-08-25 | 2017-03-02 | 株式会社日立製作所 | 検索可能暗号処理システム |
JP2017044779A (ja) * | 2015-08-25 | 2017-03-02 | 株式会社日立製作所 | 検索可能暗号処理システム |
US10733317B2 (en) | 2015-08-25 | 2020-08-04 | Hitachi, Ltd. | Searchable encryption processing system |
WO2017122326A1 (ja) * | 2016-01-14 | 2017-07-20 | 三菱電機株式会社 | 秘匿検索システム、秘匿検索方法及び秘匿検索プログラム |
WO2017122696A1 (ja) * | 2016-01-14 | 2017-07-20 | 三菱電機株式会社 | 秘匿検索システム、秘匿検索方法及び秘匿検索プログラム |
WO2017122393A1 (ja) * | 2016-01-14 | 2017-07-20 | 三菱電機株式会社 | 秘匿検索システム、秘匿検索方法及び秘匿検索プログラム |
JP6239213B1 (ja) * | 2016-01-14 | 2017-11-29 | 三菱電機株式会社 | 秘匿検索システム、秘匿検索方法及び秘匿検索プログラム |
EP3531365A1 (en) | 2018-02-22 | 2019-08-28 | Hitachi, Ltd. | Computer system, connection apparatus, and processing method using transaction |
Also Published As
Publication number | Publication date |
---|---|
JP5412414B2 (ja) | 2014-02-12 |
KR20130056314A (ko) | 2013-05-29 |
US9275250B2 (en) | 2016-03-01 |
EP2650798A4 (en) | 2016-01-27 |
EP3012754A1 (en) | 2016-04-27 |
CN103119594B (zh) | 2016-05-18 |
US20130262863A1 (en) | 2013-10-03 |
CN103119594A (zh) | 2013-05-22 |
EP2650798A1 (en) | 2013-10-16 |
KR101467130B1 (ko) | 2014-11-28 |
JP2012123614A (ja) | 2012-06-28 |
EP3012754B1 (en) | 2019-10-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5412414B2 (ja) | 検索可能暗号処理システム | |
JP6144992B2 (ja) | 検索可能暗号処理システム及び方法 | |
US10489604B2 (en) | Searchable encryption processing system and searchable encryption processing method | |
US8429421B2 (en) | Server-side encrypted pattern matching | |
US8578473B2 (en) | Systems and methods for information security using one-time pad | |
US20210152351A1 (en) | Computer System Implemented Method for Generating a Symmetric Encryption Key Used for Encrypting and Decrypting a Computer System User's Hidden Data | |
CN106776904A (zh) | 一种不可信云计算环境中支持动态验证的模糊查询加密方法 | |
JP6961324B2 (ja) | 検索可能暗号処理システム | |
JP5948060B2 (ja) | 暗号化データの高速な類似検索処理システム | |
CN104052740A (zh) | 云存储中可验证的基于词典的可搜索加密方法 | |
CN106778292B (zh) | 一种Word加密文档的快速还原方法 | |
CN115567188A (zh) | 一种多键值隐匿求交方法、装置及存储介质 | |
CN115473703A (zh) | 认证的基于身份的密文等值测试方法、装置、***及介质 | |
CN111475690B (zh) | 字符串的匹配方法和装置、数据检测方法、服务器 | |
KR20120071844A (ko) | 기밀성과 무결성을 제공하는 통합 암호화 장치 및 그 방법 | |
CN108920968B (zh) | 一种基于连接关键词的文件可搜索加密方法 | |
CN115168909B (zh) | 一种基于比较索引的密文数据范围查询方法和*** | |
CN106789007B (zh) | 一种基于密文检索的网络信息审查方法与*** | |
KR20100003093A (ko) | 암호문 크기를 줄이기 위한 공개키 기반의 검색가능암호문생성 방법과, 그에 따른 공개키 기반의 데이터 검색 방법 | |
Zhang et al. | An extensive analysis of truecrypt encryption forensics | |
Adak et al. | Dynamic Data Masking by Two-Step Encryption | |
Zhang et al. | The Security Analysis of MySQL's Encryption Functions | |
Alfawair et al. | Secure Image Indexing Using Speeded Up Robust Features (SURF) Key Points and SHAKE256 Hashing | |
Nagpal et al. | An innovative Schematic design to Customize Blowfish for Better Security | |
CN113259438A (zh) | 模型文件的发送方法和装置及模型文件的接收方法和装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201180046068.8 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11847558 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 20137007399 Country of ref document: KR Kind code of ref document: A |
|
REEP | Request for entry into the european phase |
Ref document number: 2011847558 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2011847558 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 13825643 Country of ref document: US |