WO2016129259A1 - サーバ装置、データ検索システム、検索方法および記録媒体 - Google Patents
サーバ装置、データ検索システム、検索方法および記録媒体 Download PDFInfo
- Publication number
- WO2016129259A1 WO2016129259A1 PCT/JP2016/000595 JP2016000595W WO2016129259A1 WO 2016129259 A1 WO2016129259 A1 WO 2016129259A1 JP 2016000595 W JP2016000595 W JP 2016000595W WO 2016129259 A1 WO2016129259 A1 WO 2016129259A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- search
- secret
- token
- calculation
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/248—Presentation of query results
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/33—Querying
- G06F16/3331—Query processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Definitions
- the present invention relates to a server device or the like for extracting data in a system in which data is concealed and deposited in a server.
- the method using SE is a cipher that can search for a sentence including a search word while the plaintext to be searched and a keyword (search word) included in the plaintext remain encrypted.
- the encrypted plaintext to be searched is called ciphertext.
- SE searchable encryption
- This SE method is fast. However, in the SE method, in order for the client to generate a search token for inquiring of the system, the client terminal needs to hold and manage a secret key.
- the secret sharing method is a method in which certain secret information (for example, a secret key) is converted into a plurality of pieces of shared information, and a combination of shared information satisfying a certain condition is collected to restore the original secret information. It is. At this time, it is ensured that information on the original secret information is not leaked even if a combination of distributed information that does not satisfy a certain condition is collected.
- a typical method of the secret sharing method there is a method using Shamir's Secret ⁇ Sharing (SSS) described in Non-Patent Document 1.
- SSS Shamir's Secret ⁇ Sharing
- the threshold-type secret sharing method is a secret sharing method that can restore secret information by collecting a plurality of pieces of shared information among a plurality of pieces of shared information.
- Secret calculation is a technique that allows two or more server devices each having secret information to cooperate to calculate an arbitrary function value with secret information input without leaking the secret information.
- the secret calculation method using the secret sharing method includes the methods described in Non-Patent Document 2 and Non-Patent Document 3.
- Confidential data is kept secret from system administrators who are third parties if data that is confidential information is distributed and held by multiple servers using the secret sharing method (hereinafter referred to as secret sharing).
- secret sharing the secret sharing method
- data can be extracted by calculating a function that determines whether or not a specified condition is satisfied by secret calculation.
- the terminal side of the client making the inquiry has a key. There is an advantage that it is not necessary. However, on the other hand, there is a problem that it takes time to calculate the secret calculation.
- each server holds the SE secret key together with the secret information of the database.
- the inquiry side transmits secret sharing data of the search condition in which the secret is distributed to each server.
- Each server uses the secret sharing data of the search condition and the secret sharing data of the SE secret key to execute a secret calculation and generate a search token.
- the inquiry side can extract data without having a secret key.
- the server needs to perform a secret calculation using the secret sharing data of the secret key, and there is a problem that it takes time to obtain the data extraction result.
- Non-Patent Documents 1 to 3 described above have the following problems. That is, there are two methods for searching for concealed data: a method using secret computation and a method using SE.
- the method using the secret calculation has a problem that the processing speed is slow.
- the method using the SE has a problem that the client side needs to have a secret key.
- the method of performing SE data search processing by secret calculation also has a problem that the processing speed becomes slow because secret calculation is also required for decoding the search result.
- an object of the present invention is to provide a server device and the like that can extract data at high speed without having a secret key on the client side inquiring search processing.
- the first feature of the present invention is: Data storage means for holding secret registration data including shared information by secret sharing method of registration data and ciphertext by searchable encryption of registration data; Token calculation means for generating a searchable cryptographic data search token by communicating with an external server device and executing a secret calculation using a search query and secret-distributed shared information; A data search means for executing a data search and outputting a search result from the data search token received from the token calculation means and the secret registration data acquired from the data storage means; It is a server apparatus provided with.
- a data search system comprising a plurality of server devices and proxy devices connected via a network, Proxy device Registration data generating means for generating secret registration data registered in a plurality of server devices; Query data generation means for converting an analysis processing request input from the outside into confidential query data to be transmitted to a plurality of server devices, Secret sharing decryption means for restoring processing results from secret search results received from a plurality of server devices; Is a data search system.
- the third feature of the present invention is that Using a search query acquired from an external server, and distributed information acquired from data storage means for storing secret registration data including shared information by secret sharing method of registered data and ciphertext by searchable encryption of registered data Generate a searchable cryptographic data search token by performing a secret calculation,
- a data search is executed from the generated data search token and the secret registration data acquired from the data storage means, and the search result is output.
- the fourth feature of the present invention is that Using a search query acquired from an external server, and distributed information acquired from data storage means for storing secret registration data including shared information by secret sharing method of registered data and ciphertext by searchable encryption of registered data A function for generating a searchable cryptographic data search token by executing a secret calculation, A search program for causing a computer to realize a function of executing a data search and outputting a search result from a generated data search token and secret registration data acquired from a data storage unit.
- the search program may be stored in a recording medium.
- FIGS. 1 to 6 show an example, and do not limit the direction of signals between blocks.
- FIG. 1 is a block diagram illustrating a functional configuration example of the data search system 10 according to the first embodiment.
- the data search system 10 includes a plurality of server devices 100_n (1 ⁇ n ⁇ N: N is an integer of 2 or more) and a secret sharing proxy device 200.
- server devices 100_n (1 ⁇ n ⁇ N: N is an integer of 2 or more
- secret sharing proxy device 200 the server device 100_n and the secret sharing proxy device 200 will be described in detail with reference to the drawings.
- FIG. 2 is a block diagram showing in detail an example of the functional configuration of the server apparatus 100_n shown in FIG.
- the server device 100_n includes a data storage unit 101_n, a token calculation unit 102_n, and a data search unit 103_n.
- the data storage unit 101_n stores secret sharing data and SE ciphertext.
- the secret sharing data is sharing information of the secret-distributed registration data.
- the SE ciphertext is registration data (ciphertext) to be described later encrypted by the SE. Further, the data storage unit 101_n receives and stores the data extracted by the data search unit 103_n.
- the token calculation unit 102_n uses other external server devices (for example, server devices 100_1 to 100_ (n ⁇ 1), 100_ (n + 1) to 100_N), a search token for data search is generated.
- the data search unit 103_n searches the data stored in the data storage unit 101_n for data that matches the search token received from the token calculation unit 102_n, and returns the search result to the data storage unit 101_n.
- FIG. 3 shows an example of the internal configuration of the secret sharing proxy device 200 shown in FIG. 1 in detail.
- the secret sharing proxy apparatus 200 includes a registration data generation unit 201, a query data generation unit 202, and a secret sharing decryption unit 203.
- the registration data generation unit 201 receives the registration data 210 that is data to be registered input from an external client terminal (not shown) or the like, the registration data generation unit 201 secretly distributes the registration data 210 and stores a plurality of pieces of secret registration data 110_1 to 110_N. Generate.
- the secret registration data 110_1 to 110_N includes the sharing information of the secret-distributed registration data and the registration data (ciphertext) encrypted by the SE.
- the query data generation unit 202 When the query data generation unit 202 receives the search processing request 220 received from an external client terminal or the like, the query data generation unit 202 generates a plurality of query data 120_1 to 120_N from the search processing request 220. The query data generation unit 202 transmits the generated query data 120_1 to 120_N to the server devices 100_1 to 100_N.
- the secret sharing decryption unit 203 When receiving the secret search results 130_1 to 130_N from the server devices 100_1 to 100_N, the secret sharing decryption unit 203 generates a processing result 230 (search result) from the received plurality of secret search results 130_1 to 130_N, and external client terminals Output for.
- the data search system 10 in the present embodiment mainly performs two types of processing: (1) data registration processing and (2) data search processing.
- (1) data registration processing and (2) data search processing.
- these operations will be described with reference to the flowcharts shown in FIGS.
- the secret sharing proxy apparatus 200 inputs registration data 210, which is data to be registered, input from an external client terminal or the like to the registration data generation unit 201.
- the registration data generation unit 201 secretly distributes the registration data 210 and generates a plurality of secret registration data 110_1 to 110_N.
- the secret registration data 110_1 to 110_N includes secret information sharing information sharing information and ciphertext of SE registration data.
- the registration data generation unit 201 of the secret sharing proxy device 200 transmits a plurality of pieces of secret registration data 110_1 to 110_N to the server devices 100_1 to 100_N.
- step S102 the server apparatus 100_n stores the secret registration data 110_n received from the secret sharing proxy apparatus 200 in the data storage unit 101_n.
- step S201 the query data generation unit 202 of the secret sharing proxy device 200 generates a plurality of query data 120_1 to 120_N. Specifically, when receiving the search processing request 220 from an external client terminal or the like, the query data generating unit 202 receives a plurality of pieces of query data 120_1 for obtaining secret-distributed registration data based on the search processing request 220. ⁇ 120_N are generated. The query data generation unit 202 transmits the generated query data 120_1 to 120_N to the server devices 100_1 to 100_N.
- step S202 the server apparatus 100_n performs a secret calculation on the query data 120_n and outputs a search token.
- the server device 100_n inputs the query data 120_n received from the secret sharing proxy device 200 to the token calculation unit 102_n.
- the token calculation unit 102_n performs secret calculation using the methods of Non-Patent Document 2 and Non-Patent Document 3 while communicating with other server devices, and the n-th search token by a method using SE Is output.
- the server apparatus 100_n inputs the nth search token output from the token calculation unit 102_n and the secret registration data 110_n stored in the data storage unit 101_n to the data search unit 103_n.
- step S203 the data search unit 103_n performs SE data search using the method of Non-Patent Document 4 or the like based on the n-th search token and the encrypted ciphertext included in the n-th secret registration data. Execute, search for the ciphertext corresponding to the input search token, and output the search result.
- the data search unit 103_n also executes the secret calculation described in step S202 in the gate process (a process for executing a function that determines whether a given property is satisfied).
- the data search unit 103_n may collectively distribute the gate processing for the plurality of query data 120_1 to 120_N.
- the data search unit 103_n can extract data at high speed by utilizing SE, which is a high-speed search means.
- the data search unit 103_n can execute gate processing for each bit of data in parallel by a technique called a bit slicing method, whereby search processing for a plurality of data can be performed in parallel by gate unit processing. Can be executed.
- the data search unit 103_n decrypts the searched data by restoring the secret-distributed data.
- the data search unit 130 since the retrieved data itself is distributed by the secret sharing method, the data search unit 130 does not require a secret calculation for the decryption process. Therefore, decoding is fast. Moreover, no key is required for decryption of the calculation result.
- a search token is generated for a keyword (search word) using a secret calculation technique, so that a search token can be generated without a key in the client terminal.
- data extraction processing which has a heavy load in the secret calculation, can be performed at high speed by a technique using SE.
- step S204 the server apparatus 100_n outputs the n-th secret sharing data corresponding to the search result of the data search unit 103_n as the secret search result 130_n among the data stored in the data storage unit 101_n.
- the server device 100_n transmits the secret search result 130_n to the secret sharing proxy device 200.
- step S205 when the secret sharing decryption unit 203 of the secret sharing proxy device 200 receives the secret search result 130_n received from the server device 100_n, the secret sharing decryption unit 203 generates and outputs the processing result 230 from the secret search result 130_n.
- a client that makes an inquiry for search processing can extract data at high speed without having a secret key.
- a client that makes an inquiry for search processing can extract data at high speed. That is, by executing the secret calculation on the data extracted using the SE, it is possible to reduce the search processing time by the secret calculation. The reason is that the search process by the secret calculation is executed without disclosing the data deposited in the server device to the administrator of the server device. In general, when a search process is performed on all data deposited in the server apparatus using a secret calculation, the longer the amount of data, the longer it takes.
- the second embodiment of the present invention is a modification of the above-described first embodiment.
- parts having the same functions as those already described in the first embodiment are denoted by the same reference numerals, and description thereof is omitted.
- FIG. 4 is a block diagram illustrating a functional configuration example of the data search system 20 according to the second embodiment.
- the data search system 20 includes a plurality of server devices 300_1 to 300_N and a secret sharing proxy device 400.
- FIG. 5 is a block diagram illustrating a functional configuration example of the server apparatus 300_n according to the second embodiment.
- the server device 300_n includes a data storage unit 101_n, a token calculation unit 102_n, a data search unit 103_n, and an analysis processing unit 104_n.
- the data storage unit 101_n stores confidential registration data 110_n received as an input from the outside.
- the token calculation unit 102_n uses the query data 120_n received as an input from the outside to generate a search token for the nth data search while communicating with an external server device.
- the data search unit 103_n searches the data required for the requested processing from the nth search token received from the token calculation unit 102_n and the data stored in the data storage unit 101_n, and the search result is the nth data. Return to the storage unit 101_n.
- the analysis processing unit 104_n performs predetermined analysis processing according to the request from the client terminal on the data extracted by the data search unit 103_n using the search result while communicating with an external server device.
- the secret analysis result 140_n is output.
- FIG. 6 is a block diagram illustrating a functional configuration example of the secret sharing proxy apparatus 400 according to the second embodiment.
- the secret sharing proxy apparatus 400 includes a registration data generation unit 201, a query data generation unit 202, and a secret sharing decryption unit 204, which will be described later.
- the secret sharing decryption unit 204 Upon receiving the plurality of secret analysis results 140_1 to 140_N received from the server apparatuses 300_1 to 300_N, the secret sharing decryption unit 204 generates and outputs the analysis results 240 from the plurality of secret analysis results 140_1 to 140_N. Others are the same as in the first embodiment.
- the secret data search system 20 performs two types of processing: (1) data registration processing and (2) data analysis processing.
- step S ⁇ b> 301 the secret sharing proxy device 400 inputs registration data 210 input from the outside to the registration data generation unit 201.
- the registration data generation unit 201 generates a plurality of secret registration data 110_1 to 110_N from the registration data 210.
- the registration data generation unit 201 of the secret sharing proxy device 400 transmits the secret registration data 110_1 to 110_N to the server devices 300_1 to 300_N.
- step S302 the server apparatus 300_n stores the secret registration data 110_n received from the secret sharing proxy apparatus 400 in the data storage unit 101_n.
- step S401 the query data generation unit 202 of the secret sharing proxy device 400 receives the search processing request 220 received from the outside, and generates a plurality of query data 120_1 to 120_N based on the received search processing request 220.
- the query data generation unit 202 of the secret sharing proxy device 400 transmits the query data 120_1 to 120_N to the server devices 300_1 to 300_N.
- step S402 the token calculation unit 102_n of the server device 300_n receives the query data 120_n received from the secret sharing proxy device 400_n.
- the token calculation unit 102_n performs secret calculation using the methods of Non-Patent Document 2 and Non-Patent Document 3 while communicating with other server devices, and outputs the nth search token of SE.
- step S403 the server apparatus 300_n inputs the nth search token output from the token calculation unit 102_n and the confidential registration data 110_n stored in the data storage unit 101_n to the data search unit 103_n. Based on the input n-th search token and n-th secret registration data 110_n, the n-th data search unit 103_n performs a data search using the method of Non-Patent Document 4 and outputs a search result. .
- the n-th data search unit 103 — n performs secret calculation for each gate process that constitutes a function that determines whether the given property is satisfied. At this time, the same gate of this function may be secretly shared simultaneously for a plurality of rows.
- step S404 the server apparatus 300_n transmits the n-th secret sharing data corresponding to the search result of the data search unit 103_n among the data stored in the data storage unit 101_n to the analysis processing unit 104_n (1 ⁇ n ⁇ N). Output.
- the analysis processing unit 104_n performs a predetermined analysis process on the retrieved data using the secret calculation while communicating with another server device, and outputs a confidential analysis result 140_n.
- step S405 the analysis processing unit 104_n of the server device 300_n transmits the confidential analysis result 140_n to the secret sharing proxy device 400.
- the secret sharing proxy device 400 inputs the secret analysis results 140_1 to 140_N received from the server devices 300_1 to 300_N to the secret sharing decryption unit 204.
- the secret sharing decryption unit 204 generates and outputs an analysis result 240 from the plurality of secret analysis results 140_1 to 140_N.
- the third effect can be applied to applications such as consigning analysis processing based on search results while concealing the processing contents to a third party server device using secret calculation.
- the reason is that the analysis processing by the secret calculation can be performed on the retrieved data, so that the speed of the analysis processing is improved without leakage of information.
- a server device 1 according to a third embodiment of the present invention will be described with reference to FIG.
- the third embodiment of the present invention is a minimum configuration example for implementing the functions of the first and second embodiments described above.
- the server device 1 is used in a system that conceals and deposits data on the server device side.
- the server device 1 includes a data storage unit 2, a token calculation unit 3, and a data search unit 4.
- the data storage unit 2 holds secret registration data including shared information based on the secret sharing method of registered data and ciphertexts using searchable encryption of the registered data.
- the token calculation unit 3 communicates with the external server device, and generates a searchable cryptographic data search token by executing a secret calculation using the search query and the shared information that is secretly distributed.
- the data search unit 4 performs a data search using the data search token received from the token calculation unit 3 and the secret registration data acquired from the data storage unit 2 and outputs a search result.
- the server device 1 can extract data at high speed without a client making an inquiry for search processing having a secret key.
- the reason for this is that the data storage unit 2 holds secret registration data for secret sharing, and the token calculator 3 does not disclose the data deposited with the server device 1 to the administrator of the server device 1. This is because analysis processing by calculation is executed.
- the search method performed in the data search systems 10 and 20 and the server device 100_n can be realized by hardware, software, or a combination thereof.
- “realized by software” means realized by a computer reading and executing a program.
- Non-transitory computer readable media include various types of tangible storage media.
- Examples of non-transitory computer-readable media are magnetic recording media (eg, flexible disks, magnetic tapes, hard disk drives), magneto-optical recording media (eg, magneto-optical disks), CD-ROM (Compact Disk-Read Only Memory) , CD-R (Read), CD-R / W (Write), semiconductor memory (for example, mask ROM, PROM (Programmable ROM), EPROM (Erasable ROM), flash ROM, RAM (Random access memory)).
- the program may also be supplied to the computer by various types of temporary computer readable media. Examples of transitory computer readable media include electrical signals, optical signals, and electromagnetic waves.
- the temporary computer-readable medium can supply the program to the computer via a wired communication path such as an electric wire and an optical fiber, or a wireless communication path.
- each component of each device represents a functional unit block.
- a part or all of each component of each device (system) is realized by an arbitrary combination of an information processing device 500 and a program as shown in FIG. 12, for example.
- the information processing apparatus 500 includes the following configuration as an example.
- CPU Central Processing Unit
- ROM Read Only Memory
- RAM Random Access Memory
- a program 504 loaded into the RAM 503
- storage device 505 for storing the program 504
- a drive device 507 for reading / writing the recording medium 506
- Communication interface 508 connected to the communication network 509
- An input / output interface 510 for inputting / outputting data -Bus 511 connecting each component
- Each component of each device in each embodiment is realized by the CPU 501 acquiring and executing a program 504 that realizes these functions.
- the program 504 that realizes the function of each component of each device is stored in advance in the storage device 505 or the RAM 503, for example, and is read by the CPU 501 as necessary.
- the program 504 may be supplied to the CPU 501 via the communication network 509 or may be stored in the recording medium 506 in advance, and the drive device 507 may read the program and supply it to the CPU 501.
- each device may be realized by an arbitrary combination of the information processing device 500 and a program that are separately provided for each component.
- a plurality of constituent elements included in each device may be realized by an arbitrary combination of one information processing device 500 and a program.
- each device is realized by other general-purpose or dedicated circuit boards, processors, etc., or combinations thereof. These may be constituted by a single chip cage or may be constituted by a plurality of chip cages connected via a bus.
- each device may be realized by a combination of the above-described circuit and the like and a program.
- each device When some or all of the constituent elements of each device are realized by a plurality of information processing devices and circuits, the plurality of information processing devices and circuits may be centrally arranged or distributedly arranged. Also good.
- the information processing apparatus, the circuit, and the like may be realized as a form in which each is connected via a communication network, such as a client and server system and a cloud computing system.
- the present invention can be applied to a use of requesting a search process without disclosing data for data concealed and deposited with a third party server.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Software Systems (AREA)
- Computational Linguistics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
Description
登録データの秘密分散法による分散情報と、登録データの検索可能暗号による暗号文とを含む秘匿登録データを保持するデータ記憶手段と、
外部サーバ装置と通信を行い、検索クエリと秘密分散された分散情報とを用いて秘密計算を実行することで検索可能暗号のデータ検索トークンを生成するトークン計算手段と、
トークン計算手段から受信するデータ検索トークンと、データ記憶手段から取得する秘匿登録データとから、データ検索を実行し検索結果を出力するデータ検索手段と、
を備えるサーバ装置である。
ネットワークで接続された上記の複数のサーバ装置とプロキシ装置とを備えるデータ検索システムであって、
プロキシ装置は、
複数のサーバ装置に登録される秘匿登録データを生成する登録データ生成手段と、
外部から入力される分析処理要求を、複数のサーバ装置へ送信する秘匿化されたクエリデータへと変換するクエリデータ生成手段と、
複数のサーバ装置から受信する秘匿検索結果から処理結果を復元する秘密分散復号手段と、
を有するデータ検索システムである。
外部サーバから取得する検索クエリと、登録データの秘密分散法による分散情報と登録データの検索可能暗号による暗号文とを含む秘匿登録データを格納するデータ記憶手段から取得する分散情報と、を用いて秘密計算を実行することで検索可能暗号のデータ検索トークンを生成し、
生成されたデータ検索トークンと、データ記憶手段から取得する秘匿登録データとから、データ検索を実行し、検索結果を出力する
検索方法である。
外部サーバから取得する検索クエリと、登録データの秘密分散法による分散情報と登録データの検索可能暗号による暗号文とを含む秘匿登録データを格納するデータ記憶手段から取得する分散情報と、を用いて秘密計算を実行することで検索可能暗号のデータ検索トークンを生成する機能と、
生成されたデータ検索トークンと、データ記憶手段から取得する秘匿登録データとから、データ検索を実行し検索結果を出力する機能
とをコンピュータに実現させる検索プログラムである。
尚、検索プログラムは、記録媒体に格納されていてもよい。
まず、本発明の第1の実施形態について説明する。
図2は、図1に示したサーバ装置100_nの機能構成例を詳細に示したブロック図である。サーバ装置100_nは、データ記憶部101_nと、トークン計算部102_nと、データ検索部103_nとを備える。
図3に、図1に示した秘密分散プロキシ装置200の内部構成の一例を詳細に示す。秘密分散プロキシ装置200は、登録データ生成部201、クエリデータ生成部202、および、秘密分散復号部203を備える。
登録データ生成部201は、外部のクライアント端末(不図示)等から入力された登録対象のデータである登録データ210を受信すると、登録データ210を秘密分散し、複数の秘匿登録データ110_1~110_Nを生成する。秘匿登録データ110_1~110_Nは、それぞれ秘密分散された登録データの分散情報と、SEにより暗号化された登録データ(暗号文)とを含む。
ステップS205において、秘密分散プロキシ装置200の秘密分散復号部203は、サーバ装置100_nから受けた秘匿検索結果130_nを受信すると、秘匿検索結果130_nから処理結果230を生成して出力する。
続いて、本発明の第2の実施形態について説明する。本発明の第2の実施形態は、上述した第1の実施形態の変形例である。以下、本実施形態において、第1の実施形態においてすでに説明した部分と同様な機能を有する部分には同一符号を付し、説明は省略する。
その他は第1の実施形態と同様である。
ステップS301において、秘密分散プロキシ装置400は、外部から入力された登録データ210を登録データ生成部201に入力する。登録データ生成部201は、登録データ210から複数の秘匿登録データ110_1~110_Nを生成する。秘密分散プロキシ装置400の登録データ生成部201は、秘匿登録データ110_1~110_Nをサーバ装置300_1~300_Nに送信する。
ステップS401において、秘密分散プロキシ装置400のクエリデータ生成部202は、外部から受けた検索処理要求220を受信し、受信した検索処理要求220を基に、複数のクエリデータ120_1~120_Nを生成する。秘密分散プロキシ装置400のクエリデータ生成部202は、クエリデータ120_1~120_Nをサーバ装置300_1~300_Nに送信する。
本発明の第3の実施形態に係るサーバ装置1について図11を参照して説明する。本発明の第3実施形態は、上述した第1および2の実施形態の機能を実施する為の最小構成例である。サーバ装置1は、サーバ装置側にデータを秘匿化して預託するシステム等において使用される。サーバ装置1は、データ記憶部2と、トークン計算部3と、データ検索部4とを備える。
・CPU(Central Processing Unit)501
・ROM502
・RAM503
・RAM503にロードされるプログラム504
・プログラム504を格納する記憶装置505
・記録媒体506の読み書きを行うドライブ装置507
・通信ネットワーク509と接続する通信インターフェース508
・データの入出力を行う入出力インターフェース510
・各構成要素を接続するバス511
この出願は2015年2月9日に出願された日本出願特願2015-022891を基礎とする優先権を主張し、その開示の全てをここに取り込む。
101_n データ記憶部
102_n トークン計算部
103_n データ検索部
104_n 分析処理部
110_n 秘匿登録データ
120_n クエリデータ
130_n 秘匿検索結果
140_n 秘匿分析結果
200 秘密分散プロキシ装置
201 登録データ生成部
202 クエリデータ生成部
203 秘密分散復号部
210 登録データ
220 検索処理要求
230 処理結果
240 分析結果
Claims (10)
- 登録データの秘密分散法による分散情報と、前記登録データの検索可能暗号による暗号文とを含む秘匿登録データを保持するデータ記憶手段と、
外部のサーバ装置と通信を行い、検索クエリと前記分散情報とを用いて秘密計算を実行することで、前記検索可能暗号のデータ検索トークンを生成するトークン計算手段と、
前記トークン計算手段から受信する前記データ検索トークンと、前記データ記憶手段から取得する前記秘匿登録データとから、データ検索を実行し検索結果を出力するデータ検索手段と、
を備えるサーバ装置。 - 前記データ検索手段によって抽出された前記検索結果から、要求に応じて前記秘密計算を用いて分析処理を行う分析処理手段
をさらに備える請求項1に記載のサーバ装置。 - 前記データ検索手段は、前記データ記憶手段に保持された前記秘匿登録データの各行に対する検索処理を、ゲート単位の処理によって並列して前記秘密計算を行う、
請求項1又は2に記載のサーバ装置。 - ネットワークで接続された請求項1乃至3のいずれか一項に記載の複数のサーバ装置とプロキシ装置とを備えるデータ検索システムであって、
前記プロキシ装置は、
前記複数のサーバ装置に登録される前記秘匿登録データを生成する登録データ生成手段と、
外部から入力される分析処理要求を、前記複数のサーバ装置へ送信する秘匿化されたクエリデータへと変換するクエリデータ生成手段と、
前記複数のサーバ装置から受信する秘匿検索結果から処理結果を復元する秘密分散復号手段と、
を有するデータ検索システム。 - 外部サーバから取得する検索クエリと、登録データの秘密分散法による分散情報と前記登録データの検索可能暗号による暗号文とを含む秘匿登録データを格納するデータ記憶手段から取得する前記分散情報と、を用いて秘密計算を実行することで前記検索可能暗号のデータ検索トークンを生成し、
生成された前記データ検索トークンと、前記データ記憶手段から取得する前記秘匿登録データとから、データ検索を実行し、検索結果を出力する
検索方法。 - 前記検索結果から、要求に応じて前記秘密計算を用いて分析処理を行う
ことを更に含む請求項5に記載の検索方法。 - 前記データ検索手段が、前記データ記憶手段に保持された前記秘匿登録データの各行に対する検索処理を、ゲート単位の処理によって並列して前記秘密計算を行う、
請求項5又は6に記載の検索方法。 - 外部サーバから取得する検索クエリと、登録データの秘密分散法による分散情報と前記登録データの検索可能暗号による暗号文とを含む秘匿登録データを格納するデータ記憶手段から取得する前記分散情報と、を用いて秘密計算を実行することで前記検索可能暗号のデータ検索トークンを生成する機能と、
生成された前記データ検索トークンと、前記データ記憶手段から取得する前記秘匿登録データとから、データ検索を実行し検索結果を出力する機能
とをコンピュータに実現させる検索プログラムを格納する記録媒体。 - 前記検索結果から、要求に応じて前記秘密計算を用いて分析処理を行う機能
を更に含む請求項8に記載の記録媒体。 - 保持された前記秘匿登録データのデータベースの各行に対する検索処理を、ゲート単位の処理によって並列して前記秘密計算を行う機能
を更に含む請求項8又は9に記載の記録媒体。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/549,580 US10417442B2 (en) | 2015-02-09 | 2016-02-05 | Server device, data search system, search method, and recording medium for extracting concealed data |
JP2016574663A JP7020780B2 (ja) | 2015-02-09 | 2016-02-05 | サーバ装置、データ検索システム、検索方法および検索プログラム |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2015-022891 | 2015-02-09 | ||
JP2015022891 | 2015-02-09 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2016129259A1 true WO2016129259A1 (ja) | 2016-08-18 |
Family
ID=56614301
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2016/000595 WO2016129259A1 (ja) | 2015-02-09 | 2016-02-05 | サーバ装置、データ検索システム、検索方法および記録媒体 |
Country Status (3)
Country | Link |
---|---|
US (1) | US10417442B2 (ja) |
JP (1) | JP7020780B2 (ja) |
WO (1) | WO2016129259A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3531365A1 (en) * | 2018-02-22 | 2019-08-28 | Hitachi, Ltd. | Computer system, connection apparatus, and processing method using transaction |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10097522B2 (en) * | 2015-05-21 | 2018-10-09 | Nili Philipp | Encrypted query-based access to data |
US11023595B1 (en) * | 2018-12-07 | 2021-06-01 | Amazon Technologies, Inc. | System and method for processing encrypted search |
AU2018389418B2 (en) * | 2017-12-19 | 2021-11-04 | Nippon Telegraph And Telephone Corporation | Retrieval device, retrieval method, program, and recording medium |
US11764940B2 (en) | 2019-01-10 | 2023-09-19 | Duality Technologies, Inc. | Secure search of secret data in a semi-trusted environment using homomorphic encryption |
US11475020B2 (en) | 2019-06-06 | 2022-10-18 | International Business Machines Corporation | Encryption scheme recommendation |
US11907392B2 (en) * | 2021-05-12 | 2024-02-20 | Seagate Technology Llc | System and method utilizing function secret sharing with conditional disclosure of secrets |
CN117993020B (zh) * | 2024-04-03 | 2024-07-09 | 青岛国创智能家电研究院有限公司 | 基于安全多方计算的家电网络图的搜索方法、装置和设备 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004336702A (ja) * | 2003-04-15 | 2004-11-25 | Ntt Communications Kk | データ原本性確保方法およびシステム、ならびにデータ原本性確保用プログラム |
JP2011199821A (ja) * | 2010-02-24 | 2011-10-06 | Nippon Telegr & Teleph Corp <Ntt> | 秘密計算システム、秘密計算方法、計算装置 |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE60035171T2 (de) * | 2000-01-06 | 2008-02-14 | International Business Machines Corp. | Verfahren und Schaltungen zum schnellen Auffinden des minimalen / maximalen Wertes in einer Menge von Zahlen |
JP4666943B2 (ja) * | 2004-04-23 | 2011-04-06 | 株式会社エヌ・ティ・ティ・ドコモ | Idタグ、タグリーダ、idタグセキュリティシステム及びidタグ送信復元方法 |
WO2010122678A1 (en) * | 2009-04-23 | 2010-10-28 | Hitachi,Ltd. | Online storage service system and its data control method |
US8539220B2 (en) * | 2010-02-26 | 2013-09-17 | Microsoft Corporation | Secure computation using a server module |
US9177058B2 (en) * | 2010-11-18 | 2015-11-03 | Google Inc. | Multi-step search result retrieval |
US8745384B2 (en) * | 2011-08-11 | 2014-06-03 | Cisco Technology, Inc. | Security management in a group based environment |
US8930691B2 (en) * | 2011-08-16 | 2015-01-06 | Microsoft Corporation | Dynamic symmetric searchable encryption |
CN104081390B (zh) * | 2012-01-25 | 2017-11-03 | 三菱电机株式会社 | 数据检索装置、数据检索方法、数据检索程序、数据登记装置、数据登记方法、数据登记程序以及信息处理装置 |
EP2951945B1 (en) * | 2013-01-29 | 2020-09-09 | NEC Corporation | Method and system for providing encrypted data for searching of information therein and a method and system for searching of information on encrypted data |
CN103269271B (zh) * | 2013-05-23 | 2016-12-07 | 天地融科技股份有限公司 | 一种备份电子签名令牌中私钥的方法和*** |
US9069986B2 (en) * | 2013-06-18 | 2015-06-30 | International Business Machines Corporation | Providing access control for public and private document fields |
US9213764B2 (en) * | 2013-11-22 | 2015-12-15 | Sap Se | Encrypted in-memory column-store |
WO2015114947A1 (ja) * | 2014-01-28 | 2015-08-06 | 日本電信電話株式会社 | 秘密計算方法、秘密計算システム、秘密計算サーバ、登録者端末、利用者端末及びプログラム |
US9363243B2 (en) * | 2014-03-26 | 2016-06-07 | Cisco Technology, Inc. | External indexing and search for a secure cloud collaboration system |
US9342707B1 (en) * | 2014-11-06 | 2016-05-17 | Sap Se | Searchable encryption for infrequent queries in adjustable encrypted databases |
US9537838B2 (en) * | 2014-12-22 | 2017-01-03 | Sap Se | Adjustable proxy re-encryption |
-
2016
- 2016-02-05 WO PCT/JP2016/000595 patent/WO2016129259A1/ja active Application Filing
- 2016-02-05 US US15/549,580 patent/US10417442B2/en active Active
- 2016-02-05 JP JP2016574663A patent/JP7020780B2/ja active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004336702A (ja) * | 2003-04-15 | 2004-11-25 | Ntt Communications Kk | データ原本性確保方法およびシステム、ならびにデータ原本性確保用プログラム |
JP2011199821A (ja) * | 2010-02-24 | 2011-10-06 | Nippon Telegr & Teleph Corp <Ntt> | 秘密計算システム、秘密計算方法、計算装置 |
Non-Patent Citations (2)
Title |
---|
KOICHI ITO ET AL.: "Kensaku Kano Himitsu Bunsan Hoshiki no Teian", IPSJ SIG NOTES, vol. 2014 -CS, no. 13, 6 March 2014 (2014-03-06), pages 1 - 6 * |
MASARU IGARASHI ET AL.: "Keiryo Keisan Kano 3 Party Hitoku Kansu Keisan no Koritsuka Oyobi kore o Mochiita Secure na Database Shori", SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY (SCIS2011, 25 January 2011 (2011-01-25), pages 1 - 8 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3531365A1 (en) * | 2018-02-22 | 2019-08-28 | Hitachi, Ltd. | Computer system, connection apparatus, and processing method using transaction |
Also Published As
Publication number | Publication date |
---|---|
US20180039792A1 (en) | 2018-02-08 |
US10417442B2 (en) | 2019-09-17 |
JP7020780B2 (ja) | 2022-02-16 |
JPWO2016129259A1 (ja) | 2017-11-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2016129259A1 (ja) | サーバ装置、データ検索システム、検索方法および記録媒体 | |
US10785033B2 (en) | Method for storing an object on a plurality of storage nodes | |
Saraladevi et al. | Big data and hadoop-a study in security perspective | |
US9111106B2 (en) | Data processing apparatus and data storage apparatus | |
EP2901359B1 (en) | Secure private database querying with content hiding bloom filters | |
US9020149B1 (en) | Protected storage for cryptographic materials | |
US9602280B2 (en) | System and method for content encryption in a key/value store | |
JP5836506B2 (ja) | 鍵生成装置、鍵生成プログラム、秘匿検索システム及び鍵配布方法 | |
CN112000632B (zh) | 密文的分享方法、介质、分享客户端及*** | |
Kareem et al. | An approach for enhancing data confidentiality in hadoop | |
JP6352441B2 (ja) | ストリーミングデータの匿名化 | |
WO2018047698A1 (ja) | 暗号化メッセージ検索方法、メッセージ送受信システム、サーバ、端末、プログラム | |
Lee et al. | A secure index management scheme for providing data sharing in cloud storage | |
Chamili et al. | Searchable encryption: a review | |
CN105553661B (zh) | 密钥管理方法和装置 | |
Yousif et al. | Information security for big data using the NTRUEncrypt method | |
WO2018212794A1 (en) | Encrypted search cloud service with cryptographic sharing | |
Al-Sabri et al. | Building a cloud storage encryption (cse) architecture for enhancing cloud security | |
JP6693503B2 (ja) | 秘匿検索システム、サーバ装置、秘匿検索方法、検索方法、およびプログラム | |
Chen | Cloud storage third-party data security scheme based on fully homomorphic encryption | |
Bhargavi et al. | Securing BIG data: a comparative study across RSA, AES, DES, EC and ECDH | |
CN113609077A (zh) | 一种文件检索方法、***、存储介质及设备 | |
Mishra et al. | Improved cloud security approach with threshold cryptography | |
Sude et al. | Authenticated CRF based improved ranked multi-keyword search for multi-owner model in cloud computing | |
Lee et al. | A study of practical proxy reencryption with a keyword search scheme considering cloud storage structure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16748905 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2016574663 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15549580 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 16748905 Country of ref document: EP Kind code of ref document: A1 |