[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN113518092B - Set intersection method for realizing multi-party privacy - Google Patents

Set intersection method for realizing multi-party privacy Download PDF

Info

Publication number
CN113518092B
CN113518092B CN202110833610.XA CN202110833610A CN113518092B CN 113518092 B CN113518092 B CN 113518092B CN 202110833610 A CN202110833610 A CN 202110833610A CN 113518092 B CN113518092 B CN 113518092B
Authority
CN
China
Prior art keywords
participants
ciphertext
bloom filter
size
plaintext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110833610.XA
Other languages
Chinese (zh)
Other versions
CN113518092A (en
Inventor
张紫倩
王保仓
段普
张本宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN202110833610.XA priority Critical patent/CN113518092B/en
Publication of CN113518092A publication Critical patent/CN113518092A/en
Application granted granted Critical
Publication of CN113518092B publication Critical patent/CN113518092B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a multi-party privacy set intersection method, which mainly solves the problem that the prior art only supports the hidden set size intersection under the environment of two parties, but the set intersection communication volume is large under the environment of a plurality of parties. The scheme is as follows: the parameter generating mechanism generates required parameters; other participants use the bloom filter to represent respective input sets and use the joint public key to encrypt the input sets and send the input sets to the appointed participants; the appointed party extracts the ciphertext by using the hash value of the set element, combines a plurality of ciphertexts into a polymerization ciphertext by using a radix number marking mode, and sends the polymerization ciphertext to other parties; and the appointed party and other parties jointly decrypt to obtain a joint plaintext, and a single plaintext is recovered from the joint plaintext to obtain an intersection. The method can support the privacy set intersection calculation of the hidden set size under the environment of a plurality of participants, reduces the communication traffic, and can be used for privacy protection of the input set elements and the hidden set sizes of the participants in the set intersection.

Description

实现多方隐私的集合交集方法A Set Intersection Method for Multi-Party Privacy

技术领域technical field

本发明属于安全技术领域,更进一步涉及一种多方隐私集合交集方法,可用于在集合交集中对参与者的输入集合元素及大小进行隐私保护。The invention belongs to the technical field of security, and further relates to a multi-party privacy set intersection method, which can be used to protect the privacy of participants' input set elements and sizes in the set intersection.

背景技术Background technique

隐私保护集合交集技术是在多方安全计算领域具有广泛应用场景的一类子问题。在大数据与人工智能时代的背景下,各种不同的应用程序中,数据每时每刻都在产生、被利用,进而给用户带来更加便捷的服务。与此同时,大量有价值的隐私数据也在不断地被挖掘,因此人们对蕴含着自己敏感信息的数据保护意识不断提高,进一步造成“信任鸿沟”,从而引发“数据孤岛”现象,使得数据失去了价值。如何在有效地保护用户数据隐私的前提下,合理发挥数据价值的问题,成为了隐私保护集合交集技术兴起的最重要的原因。Privacy-preserving set intersection technique is a sub-problem with a wide range of application scenarios in the field of multi-party secure computing. In the context of the era of big data and artificial intelligence, in various applications, data is being generated and utilized all the time, thereby bringing more convenient services to users. At the same time, a large amount of valuable private data is constantly being mined, so people's awareness of data protection that contains their own sensitive information is constantly improving, which further creates a "trust gap", which leads to the phenomenon of "data silos" and makes data lost. value. The issue of how to properly utilize the value of data under the premise of effectively protecting the privacy of user data has become the most important reason for the rise of privacy-preserving set intersection technology.

目前,隐私保护集合交集技术主要是在两个参与方的环境下进行集合交集,且在大多数情况下,参与方的输入集合的大小都是公开的。当私有输入集合的大小隐含着参与方的敏感信息时,参与方会要求对其进行保密。例如,当国土安全部门DHS需要知道某航空公司航班乘客名单与恐怖观察名单TWL是否有交集时,对于DHS来说,TWL的集合大小是机密信息,绝不可能透露给任何航空公司。如果简单的利用补充“哑元”的方式,会在处理数据时带来额外的开销问题。同时,在现实生活中,参与方不仅仅局限于两方,有时候会涉及到多个参与方,若是简单的将两方的隐私集合交集技术多次应用,势必会带来隐私数据泄露问题。At present, the privacy-preserving set intersection technology mainly performs set intersection in the context of two parties, and in most cases, the size of the input sets of the parties is public. When the size of the private input set implies a party's sensitive information, the party will require it to be kept secret. For example, when DHS, the Department of Homeland Security, needs to know whether there is an intersection between an airline's flight passenger list and the terror watch list TWL, the collection size of the TWL is classified information for DHS and can never be disclosed to any airline. If you simply use the supplementary "dummy" method, it will bring additional overhead when processing data. At the same time, in real life, the participating parties are not limited to two parties, sometimes multiple parties are involved. If the privacy set intersection technology of the two parties is simply applied multiple times, it is bound to bring about the problem of privacy data leakage.

Giuseppe Ateniese等人在其发表的论文(If)Size matters:size-hidingprivate set intersection中提出了对实现更强的隐私属性的隐私保护集合交集的需求,隐藏两个参与方之一,即“客户”所拥有的集合的大小,并利用类似于RSA累加器的工具及不可预测函数,设计了在随机预言模型的RSA假设下安全的构造方案。但该方案中使用了不可预测函数,该函数仅限于对参与方的集合中单个元素的表示,当参与方变为多个时难以做到同时求交的功能,因此若将其扩展到多个参与方的环境中安全完成求交功能的可行性不大;同时由于该方法使用了类似于RSA累加器的工具,因而在实际应用中计算量过大,所以不适合实际的应用场景。In their paper (If) Size matters: size-hidingprivate set intersection, Giuseppe Ateniese et al address the need for a privacy-preserving set intersection that achieves stronger privacy properties, hiding one of the two parties, the "client" The size of the set we have, and using tools similar to RSA accumulators and unpredictable functions, we design a construction scheme that is secure under the RSA assumption of the random oracle model. However, an unpredictable function is used in this scheme, which is limited to the representation of a single element in the set of participants. When there are multiple participants, it is difficult to achieve the function of simultaneous intersection. Therefore, if it is extended to multiple It is not feasible to safely complete the intersection function in the environment of the participants; at the same time, because this method uses a tool similar to the RSA accumulator, the calculation amount is too large in practical applications, so it is not suitable for practical application scenarios.

Sumit Kumar Debnath等人在其发表的论文Secure and efficient multipartyprivate set intersection cardinality中提出了一个基于布隆过滤器的多方隐私集合求交协议,该协议主要通过布隆过滤器结构来对参与者输入集合元素的表示,与大部分的隐私集合求交协议相比,它可以节省大量的存储空间,但是在得到交集的密文后,指定参与方需要将其集合大小数量的密文发给其他所有参与方解密,因此当其他所有参与方收到密文后,根据密文的数量就可以推测出指定参与方的集合大小,无法做对该参与方输入集合大小的隐藏,同时通信量也相对较大。In their paper Secure and efficient multipartyprivate set intersection cardinality, Sumit Kumar Debnath et al proposed a Bloom filter-based multiparty privacy set intersection protocol, which mainly uses the Bloom filter structure to input set elements to participants Compared with most privacy set intersection protocols, it can save a lot of storage space, but after obtaining the ciphertext of the intersection, the designated participant needs to send the ciphertext of the set size to all other participants. Decryption, so when all other participants receive the ciphertext, the set size of the designated participant can be inferred based on the number of ciphertexts, and the input set size of the participant cannot be hidden, and the communication volume is relatively large.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于针对上述现有技术的不足,提出一种实现多方隐私的集合交集方法,以保护多个参与方原始输入数据集合元素及其集合大小的隐私属性,即任何参与方都无法确切获得其他参与方的私有输入集合中集合数据及元素个数,并降低通信开销。The purpose of the present invention is to propose a set intersection method for realizing multi-party privacy in view of the above-mentioned deficiencies of the prior art, so as to protect the privacy attributes of the original input data set elements of multiple participants and their set sizes, that is, any participant cannot be exact Obtain the set data and the number of elements in the private input set of other participants, and reduce communication overhead.

为实现上述目的,本发明的技术方案如下:For achieving the above object, technical scheme of the present invention is as follows:

(1)参数生成机构PG生成加密算法EL的参数(G,q,g),并将这些参数共享给所有参与者,其中,G表示循环群,q表示循环群G的阶,g表示循环群G的生成元;(1) The parameter generation mechanism PG generates the parameters (G, q, g) of the encryption algorithm EL, and shares these parameters with all participants, where G represents the cyclic group, q represents the order of the cyclic group G, and g represents the cyclic group generator of G;

(2)所有参与方根据以上参数生成各自的公私钥对(pki,ski),并公开公钥pki,私藏私钥ski,再根据公开的各自公钥计算出联合公钥pk,其中,i=1,…,n,n表示参与方数目;(2) All participants generate their own public and private key pairs (pk i , ski ) according to the above parameters, disclose the public key pk i , and keep the private key ski , and then calculate the joint public key pk according to the respective public public keys , where i=1,...,n, n represents the number of participants;

(3)参数生成机构PG根据参数(G,q,g)生成其公私钥对(pkT,skT),并利用加密集合大小所需的公钥

Figure BDA0003175718090000021
再与所有参与方交互得到布隆过滤器的大小m,最后生成布隆过滤器的k个哈希函数hl,并将该参数m及哈希函数hl发给其他参与者,再将哈希函数hl发给指定参与者,其中,pk1表示指定参与方的公钥,l=1,…,k,k表示哈希函数的数量;(3) The parameter generation mechanism PG generates its public-private key pair (pk T , sk T ) according to the parameters (G, q, g), and uses the public key required to encrypt the size of the set
Figure BDA0003175718090000021
Then interact with all participants to obtain the size m of the Bloom filter, and finally generate k hash functions h l of the Bloom filter, and send the parameter m and the hash function h l to other participants, and then send the hash function h l to the other participants. The hash function h l is sent to the designated participant, where pk 1 represents the public key of the designated participant, l=1,...,k, k represents the number of hash functions;

(4)指定参与方生成t个基数wt,其中,t=1,…,v1,v1表示其输入集合的大小;(4) Designate the participant to generate t cardinal numbers w t , where t=1, . . . , v 1 , and v 1 represents the size of its input set;

(5)其他参与方均将各自的输入集合用布隆过滤器结构表示,得到各自的布隆过滤器

Figure BDA0003175718090000022
再利用联合公钥pk对布隆过滤器结构
Figure BDA0003175718090000023
加密,得到各自加密的布隆过滤器
Figure BDA0003175718090000024
并将其发送给指定参与方;(5) All other participants represent their respective input sets with Bloom filter structures to obtain their own Bloom filters
Figure BDA0003175718090000022
Reuse the joint public key pk to the Bloom filter structure
Figure BDA0003175718090000023
Encrypt, get the respective encrypted bloom filter
Figure BDA0003175718090000024
and send it to the designated party;

(6)指定参与方利用布隆过滤器的哈希函数hl,计算其输入集合中元素xt的索引值,再从收到的加密布隆过滤器

Figure BDA0003175718090000025
中提取出k(n-1)个密文
Figure BDA0003175718090000026
并对这些密文利用加密算法TEL的同态性质,得到一个聚合密文,并将该聚合密文发送给其他参与方;(6) The designated party uses the hash function h l of the Bloom filter to calculate the index value of the element x t in its input set, and then obtains the encrypted Bloom filter from the received encrypted Bloom filter.
Figure BDA0003175718090000025
Extract k(n-1) ciphertexts from
Figure BDA0003175718090000026
And use the homomorphic property of the encryption algorithm TEL to these ciphertexts to obtain an aggregated ciphertext, and send the aggregated ciphertext to other participants;

(7)指定参与方与其他参与方联合解密,得到聚合明文,并将其恢复为单个明文,完成集合交集。(7) The designated participant and other participants jointly decrypt to obtain the aggregated plaintext, and restore it to a single plaintext to complete the set intersection.

本发明与现有技术相比具有以下优点:Compared with the prior art, the present invention has the following advantages:

第一,本发明由于利用基数标记的方式,将多个密文合并为一个聚合密文,使得指定参与方发送给其他参与方的数据量大大减少,从而达到了减少通信量的目的;First, the present invention combines multiple ciphertexts into one aggregated ciphertext by using the cardinality marking method, so that the amount of data sent by the designated participant to other participants is greatly reduced, thereby achieving the purpose of reducing the amount of communication;

第二,本发明由于在生成布隆过滤器大小的过程中,利用指定参与方与参数生成机构组成的联合共钥对其他参与方的输入集合大小进行加密处理,并利用重随机化的方式,使得指定参与方无法得到其他参与方的输入集合大小,且参数生成机构也不能明确得到其他参与方对应的输入集合大小,克服了现有技术中无法做到隐藏输入集合大小的问题,实现对其他参与方输入集合大小的隐藏;Second, in the process of generating the Bloom filter size, the present invention uses the joint key composed of the designated participant and the parameter generating mechanism to encrypt the input set sizes of other participants, and uses the method of re-randomization, It makes the designated participant unable to obtain the input set size of other participants, and the parameter generation mechanism cannot clearly obtain the input set size corresponding to other participants, which overcomes the problem that the existing technology cannot hide the input set size and realizes Concealment of participant input set size;

第三,本发明由于指定参与方发给其他参与方的信息只有一个聚合密文,使得其他参与方也无法从聚合密文的数量得到指定参与方的输入集合大小,进一步提高了对指定参与方输入集合大小隐藏的效果,从而实现了多方隐私的集合交集。Third, in the present invention, because the information sent by the designated participant to other participants is only one aggregated ciphertext, other participants cannot obtain the input set size of the designated participant from the number of aggregated ciphertexts, which further improves the accuracy of the designated participant. The effect of input set size hiding, thus achieving multi-party privacy set intersection.

附图说明Description of drawings

图1为本发明的实现总流程图。Fig. 1 is the overall flow chart of the realization of the present invention.

图2为本发明中指定参与方从聚合密文中恢复出单个明文的子流程图。FIG. 2 is a sub-flow chart of the present invention for a designated participant to recover a single plaintext from an aggregated ciphertext.

具体实施方式Detailed ways

下面结合附图对本发明的实施例作进一步的详细描述。The embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.

本实例包括参数生成机构PG、指定参与方及其他参与方这三个主体,其中:This example includes three subjects: the parameter generation agency PG, the designated participant and other participants, among which:

参数生成机构PG,其负责生成实现交集所需的参数;The parameter generation mechanism PG, which is responsible for generating the parameters required to realize the intersection;

指定参与方,其用于输入其原始数据集合,并得到所有输入集合的最终交集;Specifies the party that inputs its original data set and obtains the final intersection of all input sets;

其他参与方,其用于输入各自的原始数据集合。Other parties, which are used to input their respective raw data sets.

参照图1,本实例的实现步骤如下:Referring to Figure 1, the implementation steps of this example are as follows:

步骤1,系统初始化。Step 1, system initialization.

1.1)参数生成机构PG利用ElGamal加密算法EL,生成并公开参数(G,q,g),其中,G表示循环群,q表示循环群G的阶,g表示循环群G的生成元;1.1) The parameter generation mechanism PG uses the ElGamal encryption algorithm EL to generate and disclose parameters (G, q, g), where G represents a cyclic group, q represents the order of the cyclic group G, and g represents the generator of the cyclic group G;

1.2)所有参与方根据以上参数生成各自的公私钥对(pki,ski),并公开公钥pki,私藏私钥ski,再根据公开的各自公钥计算出联合公钥

Figure BDA0003175718090000031
其中,i=1,…,n,n表示参与方数目;1.2) All participants generate their own public and private key pairs (pk i , ski ) according to the above parameters, disclose the public key pk i , and keep the private key ski , and then calculate the joint public key according to the respective public public keys
Figure BDA0003175718090000031
Among them, i=1,...,n, n represents the number of participants;

1.3)参数生成机构PG根据参数(G,q,g)生成其公私钥对(pkT,skT),公开公钥pkT,私藏私钥skT,并将其公钥pkT与指定参与方的公钥pk1相乘,得到加密集合大小所需的公钥

Figure BDA0003175718090000041
1.3) The parameter generation mechanism PG generates its public-private key pair (pk T , sk T ) according to the parameters (G, q, g), public key pk T , and private key sk T , and associates its public key pk T with the specified Multiply the public key pk 1 of the participant to get the public key required to encrypt the set size
Figure BDA0003175718090000041

1.4)其他参与方均利用公钥

Figure BDA0003175718090000042
对各自的输入集合大小vi加密,得到密文
Figure BDA0003175718090000043
并将其发给指定参与方,其中,i=2,…,n,n表示参与方的数量;1.4) All other participants use the public key
Figure BDA0003175718090000042
Encrypt the respective input set size vi to get the ciphertext
Figure BDA0003175718090000043
and send it to the designated participants, where i=2,...,n,n represents the number of participants;

1.5)指定参与方收到密文

Figure BDA0003175718090000044
后,利用自己的私钥将密文
Figure BDA0003175718090000045
部分解密为
Figure BDA0003175718090000046
再从群Zq中选择一个随机数
Figure BDA0003175718090000047
利用该随机数
Figure BDA0003175718090000048
将密文
Figure BDA0003175718090000049
重新随机化,得到重新随机化后的密文
Figure BDA00031757180900000410
并将该密文
Figure BDA00031757180900000411
乱序,再发给参数生成机构PG,其中,群Zq是阶为q的整数群;1.5) The designated participant receives the ciphertext
Figure BDA0003175718090000044
After that, use your private key to convert the ciphertext
Figure BDA0003175718090000045
Partially decrypted as
Figure BDA0003175718090000046
Then choose a random number from the group Z q
Figure BDA0003175718090000047
use this random number
Figure BDA0003175718090000048
ciphertext
Figure BDA0003175718090000049
Re-randomize to get the re-randomized ciphertext
Figure BDA00031757180900000410
and the ciphertext
Figure BDA00031757180900000411
Out of order, and then send it to the parameter generation mechanism PG, where the group Z q is an integer group of order q;

1.6)参数生成机构PG得到乱序后的密文

Figure BDA00031757180900000412
后,利用自己的私钥解密得到明文vi,通过比较vi的大小,得到最大值vmax,再计算出布隆过滤器的大小m:1.6) The parameter generation mechanism PG obtains the out-of-order ciphertext
Figure BDA00031757180900000412
Then, use your own private key to decrypt to get the plaintext v i , get the maximum value v max by comparing the size of v i , and then calculate the size m of the Bloom filter:

vmax=max(vi),v max =max( vi ),

Figure BDA00031757180900000413
Figure BDA00031757180900000413

其中,i=2,…,n,n表示参与方的数量,k表示哈希函数的数量,符号

Figure BDA00031757180900000416
表示对符号里面的值向上取整;Among them, i=2,...,n, n represents the number of participants, k represents the number of hash functions, and the symbol
Figure BDA00031757180900000416
Indicates that the value in the symbol is rounded up;

1.7)参数生成机构PG选取布隆过滤器的k个哈希函数hl,并将布隆过滤器的大小m及哈希函数hl发给其他参与者,再将哈希函数hl发给指定参与者,l=1,…,k,k表示哈希函数的数量;1.7) The parameter generation mechanism PG selects k hash functions h l of the bloom filter, and sends the size m of the bloom filter and the hash function h l to other participants, and then sends the hash function h l to Specify the participants, l=1,...,k, where k represents the number of hash functions;

1.8)指定参与方生成t个基数wt:1.8) Specify the participant to generate t bases w t :

wt=(k(n-1)+1)t-1,w t =(k(n-1)+1) t-1 ,

其中,t=1,…,v1,v1表示指定参与方输入集合的大小,k表示布隆过滤器哈希函数的数量,n表示参与方的数量。Among them, t=1,...,v 1 , v 1 represents the size of the input set of the specified participants, k represents the number of Bloom filter hash functions, and n represents the number of participants.

步骤2,其他参与方均将各自的输入集合采用布隆过滤器结构表示,得到各自的布隆过滤器

Figure BDA00031757180900000414
并对进行加密,得到各自加密后的布隆过滤器
Figure BDA00031757180900000415
Step 2: All other participants use the Bloom filter structure to represent their respective input sets to obtain their own Bloom filters.
Figure BDA00031757180900000414
And encrypt it to get the respective encrypted Bloom filters
Figure BDA00031757180900000415

2.1)其他参与方均利用布隆过滤器的k个哈希函数对各自输入集合中的元素xζ,计算其索引值:2.1) All other participants use the k hash functions of the Bloom filter to calculate the index value of the element x ζ in their respective input sets:

h1(xζ),...,hl(xζ),...,hk(xζ),h 1 (x ζ ),...,h l (x ζ ),...,h k (x ζ ),

其中,hl(xζ)表示元素xζ由哈希函数hl计算得到的索引值,ζ=1,…,vi,vi表示集合Xi的大小,l=1,…,k,k表示哈希函数的数量,i=2,…,n,n表示参与方的数量;Among them, h l (x ζ ) represents the index value of the element x ζ calculated by the hash function h l , ζ=1,...,vi, vi denotes the size of the set Xi , l=1,..., k , k represents the number of hash functions, i=2,...,n, n represents the number of participants;

2.2)其他参与方均生成空的布隆过滤器BFi,布隆过滤器BFi中每个位置的值都初始化为1;2.2) All other participants generate an empty Bloom filter BF i , and the value of each position in the Bloom filter BF i is initialized to 1;

2.3)其他参与方均按照步骤2.1)中得到的索引值,在空的布隆过滤器BFi中找到对应位置,并将其数值改为0,由此得到其他参与方各自的布隆过滤器

Figure BDA0003175718090000051
2.3) All other participants find the corresponding position in the empty Bloom filter BF i according to the index value obtained in step 2.1), and change its value to 0, thereby obtaining the respective Bloom filters of other participants
Figure BDA0003175718090000051

Figure BDA0003175718090000052
Figure BDA0003175718090000052

其中,布隆过滤器

Figure BDA0003175718090000053
第j个位置的值表示为:
Figure BDA0003175718090000054
m表示布隆过滤器的大小。Among them, the Bloom filter
Figure BDA0003175718090000053
The value of the jth position is represented as:
Figure BDA0003175718090000054
m represents the size of the bloom filter.

2.4)其他参与方利用TEL加密算法对布隆过滤器

Figure BDA0003175718090000055
进行加密,得到各自加密后的布隆过滤器
Figure BDA0003175718090000056
2.4) Other participants use TEL encryption algorithm to filter Bloom
Figure BDA0003175718090000055
Encrypt to get the respective encrypted Bloom filters
Figure BDA0003175718090000056

Figure BDA0003175718090000057
Figure BDA0003175718090000057

其中,

Figure BDA0003175718090000058
表示加密的布隆过滤器
Figure BDA0003175718090000059
的第j个位置密文。in,
Figure BDA0003175718090000058
Represents an encrypted bloom filter
Figure BDA0003175718090000059
The jth position ciphertext of .

步骤3,指定参与方利用布隆过滤器的哈希函数hl,计算其输入集合中元素xt的索引值,再从收到的加密布隆过滤器

Figure BDA00031757180900000510
中提取出k(n-1)个密文
Figure BDA00031757180900000511
Step 3: Designate the participant to use the hash function h l of the Bloom filter to calculate the index value of the element x t in its input set, and then use the received encrypted Bloom filter to calculate the index value of the element x t.
Figure BDA00031757180900000510
Extract k(n-1) ciphertexts from
Figure BDA00031757180900000511

3.1)指定参与方利用布隆过滤器的哈希函数hl,计算其输入集合中元素xt的索引值:3.1) The specified participant uses the hash function h l of the Bloom filter to calculate the index value of the element x t in its input set:

h1(xt),...,hl(xt),...,hk(xt),h 1 (x t ),...,h l (x t ),...,h k (x t ),

其中,hl(xt)表示元素xt由哈希函数hl计算得到的索引值,t=1,…,v1,v1表示集合X1的大小,l=1,…,k,k表示哈希函数的数量;Among them, h l (x t ) represents the index value of the element x t calculated by the hash function h l , t=1,...,v 1 , v 1 represents the size of the set X 1 , l=1,...,k, k represents the number of hash functions;

3.2)指定参与方从加密后的布隆过滤器

Figure BDA00031757180900000512
中提取出索引值hl(xt)对应的密文,表示如下:3.2) Specify the participants from the encrypted bloom filter
Figure BDA00031757180900000512
The ciphertext corresponding to the index value h l (x t ) is extracted from , which is expressed as follows:

Figure BDA00031757180900000513
Figure BDA00031757180900000513

其中,

Figure BDA00031757180900000514
表示
Figure BDA00031757180900000515
中索引值为hl(xt)的密文,i=2,…,n,n表示参与方的数量。in,
Figure BDA00031757180900000514
express
Figure BDA00031757180900000515
The ciphertext whose index value is h l (x t ), i=2,...,n, where n represents the number of participants.

步骤4,指定参与方对k(n-1)个密文

Figure BDA0003175718090000061
利用加密算法TEL的同态性质,得到一个聚合密文,并将该聚合密文发送给其他参与方。Step 4, specify the participants to pair k(n-1) ciphertexts
Figure BDA0003175718090000061
Using the homomorphic property of the encryption algorithm TEL, an aggregated ciphertext is obtained, and the aggregated ciphertext is sent to other parties.

4.1)指定参与方利用加密算法TEL的加法同态性,将k(n-1)个密文

Figure BDA0003175718090000062
相乘,得到元素xt对应的密文Ct,表示如下:4.1) The specified participant uses the additive homomorphism of the encryption algorithm TEL to convert k(n-1) ciphertexts
Figure BDA0003175718090000062
Multiply to obtain the ciphertext C t corresponding to the element x t , which is expressed as follows:

Ct=(αtt),C t =(α tt ),

其中,αt为Ct的第一部分密文,表示为:

Figure BDA0003175718090000063
Among them, α t is the first part of the ciphertext of C t , which is expressed as:
Figure BDA0003175718090000063

βt为Ct的第二部分密文,表示为:

Figure BDA0003175718090000064
β t is the second part of the ciphertext of C t , expressed as:
Figure BDA0003175718090000064

rij是群Zq中的随机数,i=2,…,n,n表示参与方的数量,j=1,…,m,m表示布隆过滤器的大小;r ij is a random number in the group Z q , i=2,..., n, n represents the number of participants, j=1,..., m, m represents the size of the Bloom filter;

Figure BDA0003175718090000065
表示布隆过滤器
Figure BDA0003175718090000066
第j个位置的值,
Figure BDA0003175718090000067
Figure BDA0003175718090000065
Represents a Bloom filter
Figure BDA0003175718090000066
the value of the jth position,
Figure BDA0003175718090000067

4.2)指定参与方利用基数wt及加密算法TEL的数乘同态性,对元素xt对应的密文Ct取幂,得到标记密文

Figure BDA0003175718090000068
表示如下:4.2) The designated participant uses the base w t and the number multiplication homomorphism of the encryption algorithm TEL to exponentiate the ciphertext C t corresponding to the element x t to obtain the marked ciphertext
Figure BDA0003175718090000068
It is expressed as follows:

Figure BDA0003175718090000069
Figure BDA0003175718090000069

其中,

Figure BDA00031757180900000610
为标记密文
Figure BDA00031757180900000611
的第一部分密文,表示为:
Figure BDA00031757180900000612
in,
Figure BDA00031757180900000610
ciphertext
Figure BDA00031757180900000611
The first part of the ciphertext is expressed as:
Figure BDA00031757180900000612

Figure BDA00031757180900000613
为标记密文
Figure BDA00031757180900000614
的第二部分密文,表示为:
Figure BDA00031757180900000615
k表示布隆过滤器哈希函数的数量;
Figure BDA00031757180900000613
ciphertext
Figure BDA00031757180900000614
The second part of the ciphertext is expressed as:
Figure BDA00031757180900000615
k represents the number of bloom filter hash functions;

n表示参与方的数量;n represents the number of participants;

4.3)指定参与方利用加密算法TEL的加法同态性,将v1个标记密文

Figure BDA00031757180900000616
相乘,得到一个聚合密文C,表示如下:4.3) The designated participant uses the additive homomorphism of the encryption algorithm TEL to convert v 1 marked ciphertexts
Figure BDA00031757180900000616
Multiply to get an aggregated ciphertext C, which is expressed as follows:

C=(α,β),C=(α,β),

其中,α为聚合密文C的第一部分密文,表示为:

Figure BDA00031757180900000617
Among them, α is the first part of the ciphertext of the aggregated ciphertext C, which is expressed as:
Figure BDA00031757180900000617

β为聚合密文C的第二部分密文,表示为:

Figure BDA00031757180900000618
β is the second part of the ciphertext of the aggregated ciphertext C, which is expressed as:
Figure BDA00031757180900000618

步骤5,指定参与方与其他参与方联合解密,得到聚合明文,并将其恢复为单个明文,完成集合交集。Step 5: The designated participant and other participants jointly decrypt to obtain the aggregated plaintext, and restore it to a single plaintext to complete the set intersection.

5.1)其他参方均利用各自的私钥ski,将聚合密文C的第一部分密文α取幂,得到解密所需的部分值:

Figure BDA0003175718090000071
并将其发给指定参与方,其中,i=2,…,n,n表示参与方的数量;5.1) All other parties use their own private keys ski to exponentiate the first part of the ciphertext α of the aggregated ciphertext C to obtain the partial value required for decryption:
Figure BDA0003175718090000071
and send it to the designated participants, where i=2,...,n,n represents the number of participants;

5.2)指定参与方得到Ti后,利用其私钥sk1将聚合密文C的第一部分密文α取幂,得到解密所需的另一部分值:

Figure BDA0003175718090000072
再将T1与Ti相乘,得到解密所需的全部值ρ:5.2) After the designated participant obtains T i , use its private key sk 1 to exponentiate the first part of the ciphertext α of the aggregated ciphertext C to obtain another part of the value required for decryption:
Figure BDA0003175718090000072
Then multiply T 1 by T i to get all the values ρ needed for decryption:

Figure BDA0003175718090000073
Figure BDA0003175718090000073

5.3)指定参与方利用解密所需的全部值ρ,对聚合密文C进行解密,得到聚合明文μ:5.3) The designated participant uses all the values ρ required for decryption to decrypt the aggregated ciphertext C to obtain the aggregated plaintext μ:

Figure BDA0003175718090000074
Figure BDA0003175718090000074

其中,wt表示基数,bt表示单个明文,bt∈[0,…,k(n-1)];Among them, w t represents the cardinality, b t represents a single plaintext, and b t ∈ [0,…,k(n-1)];

5.4)指定参与方利用明文恢复算法,得到明文bt,其中,t=1,…,v1,v1表示集合X1的大小:5.4) Designate the participant to use the plaintext recovery algorithm to obtain the plaintext b t , where t=1,...,v 1 , v 1 represents the size of the set X 1 :

参照图2,本步骤的具体实现如下:Referring to Fig. 2, the concrete realization of this step is as follows:

5.4.1)令变量t=v15.4.1) Let variable t=v 1 ;

5.4.2)计算变量t对应的明文:bt=(μ-μmodwt)/wt5.4.2) Calculate the plaintext corresponding to the variable t: b t =(μ-μmodw t )/w t ;

5.4.3)计算剩余变量t对应的聚合明文:μ=μ-(wt·bt);5.4.3) Calculate the aggregated plaintext corresponding to the remaining variable t: μ=μ-(w t ·b t );

5.4.2)判断变量t=1是否成立:5.4.2) Judging whether the variable t=1 is established:

若是,则结束,输出btIf so, end, output b t ;

否则,令t=t-1,返回5.4.2)。Otherwise, let t=t-1, return to 5.4.2).

5.5)指定参与方再初始化一个空集合W0,并判断单个明文bt是否为0:5.5) Designate the participant to initialize an empty set W 0 and judge whether a single plaintext b t is 0:

若是,则将元素xt放入集合W0中,输出最终的集合W,即为所有参与方输入集合的交集。If so, put the element x t into the set W 0 , and output the final set W, which is the intersection of the input sets of all participants.

否则,对集合W0不做任何操作。Otherwise, do nothing with the set W0 .

以上描述仅是本发明的一个具体实例,并未构成对本发明的任何限制,显然对于本领域的专业人员来说,在了解了本发明的内容和原理后,都可能在不背离本发明原理、结构的情况下,进行形式和细节上的各种修改和改变,但是这些基于本发明思想的修正和改变仍在本发明的权利要求保护范围之内。The above description is only a specific example of the present invention, and does not constitute any limitation to the present invention. Obviously, for those skilled in the art, after understanding the content and principles of the present invention, they may not deviate from the principles of the present invention, In the case of the structure, various modifications and changes in form and details are made, but these modifications and changes based on the idea of the present invention are still within the scope of protection of the claims of the present invention.

Claims (10)

1. A set intersection method for realizing multi-party privacy is characterized by comprising the following steps:
(1) the parameter generating mechanism PG generates parameters (G, q, G) of an encryption algorithm ElGamal, and shares the parameters to all participants, wherein G represents a cyclic group, q represents the order of the cyclic group G, and G represents a generator of the cyclic group G;
(2) all parties generate respective public and private key pairs (pk) according to the parameters i ,sk i ) And discloses a public key pk i Private secret key sk i Then, a joint public key pk is calculated according to the public keys, wherein i is 1.
(3) The parameter generation mechanism PG generates a public and private key pair (pk) thereof according to the parameters (G, q, G) T ,sk T ) And using the public key required for encrypting the set size
Figure FDA0003735424480000011
Interacting with all participants to obtain the size m of the bloom filter, and finally generating k hash functions h of the bloom filter l And the parameter m and the hash function h are combined l To all the participantsAnd then the hash function h is used l Is sent to a designated participant, wherein pk 1 A public key representing a given participant, l 1.., k, k representing the number of hash functions;
(4) specifying participants to generate t cardinalities w t Wherein t is 1 1 ,v 1 Represents the size of its input set;
(5) the other participants respectively represent the input sets by the bloom filter structure to obtain the respective bloom filters
Figure FDA0003735424480000012
Reuse joint public key pk to bloom filter structure
Figure FDA0003735424480000013
Encrypting to obtain respective encrypted bloom filters
Figure FDA0003735424480000014
And sends it to the designated party;
(6) hash function h of designated participants using bloom filters l Calculating the element x in its input set t From the received encrypted bloom filter
Figure FDA0003735424480000015
K (n-1) ciphertexts are extracted from the data
Figure FDA0003735424480000016
Obtaining a polymerization ciphertext by using homomorphism property of an encryption algorithm TEL for the ciphertexts, and sending the polymerization ciphertext to other participants;
(7) and the appointed party and other parties are combined for decryption to obtain a polymerization plaintext, and the polymerization plaintext is recovered to be a single plaintext to complete set intersection.
2. The method of claim 1, wherein all participants in (2) calculate a joint public key pk from the public individual public keys, as follows:
Figure FDA0003735424480000017
wherein, pk i A public key representing the ith participant, i 1, 2.
3. The method of claim 1, wherein (3) the parameter generation mechanism PG interacts with all participants to obtain the bloom filter size m as follows:
(3a) the other parties all using the public key
Figure FDA0003735424480000018
For respective input set size v i Encrypting to obtain ciphertext
Figure FDA0003735424480000019
And send it to the designated participants, where i ═ 2.., n, n represents the number of participants;
(3b) the designated party receives the ciphertext
Figure FDA0003735424480000021
Then, the cipher text is encrypted by using the private key of the user
Figure FDA0003735424480000022
Partially decrypted into
Figure FDA0003735424480000023
Then from group Z q In which a random number is selected
Figure FDA0003735424480000024
Using the random number
Figure FDA0003735424480000025
Cipher text
Figure FDA0003735424480000026
Re-randomizing to obtain re-randomized cipher text
Figure FDA0003735424480000027
And encrypt the ciphertext
Figure FDA0003735424480000028
Disorder, and sending to a parameter generation mechanism PG, wherein the group Z q Is a group of integers of order q;
(3c) the parameter generation mechanism PG obtains the scrambled ciphertext
Figure FDA0003735424480000029
Then, the clear text v is obtained by utilizing the private key of the user to decrypt i By comparison of v i To obtain a maximum value v max And then calculating the size m of the bloom filter:
v max =max(v i ),
Figure FDA00037354244800000210
where k represents the number of hash functions, the symbol
Figure FDA00037354244800000216
Meaning rounding up the values inside the symbol.
4. The method of claim 1, wherein t cardinalities w generated by a given participant in (4) t Expressed as follows:
w t =(k(n-1)+1) t-1
wherein, t is 1 1 ,v 1 Representing the size of the input set of the specified participant, k representing the number of bloom filter hash functions, and n representing the number of participants.
5. The method of claim 1, wherein the other participants in (5) represent respective sets of inputs by a bloom filter structure, resulting in respective bloom filters
Figure FDA00037354244800000211
The method is realized as follows:
(5a) the other participants all have to the element x in their respective input sets ζ And calculating by using k hash functions of the bloom filter to obtain an index value:
h 1 (x ζ ),…,h l (x ζ ),…,h k (x ζ ),
wherein h is l (x ζ ) Representing element x ζ By a hash function h l The calculated index value, ζ ═ 1 i ,v i A set of representations X i K, k denotes the number of hash functions, i 2, n, n denotes the number of participants;
(5b) bloom Filter BF with other participants all generating null i BF of bloom filter i The value of each position in (a) is initialized to 1;
(5c) other participants are in the empty bloom filter BF according to the index value obtained in the step (5a) i Finding the corresponding position and changing the value to 0, thereby obtaining the respective bloom filters of other participants
Figure FDA00037354244800000212
Figure FDA00037354244800000213
Wherein the bloom filter
Figure FDA00037354244800000214
The value of the jth position is expressed as:
Figure FDA00037354244800000215
j ═ 1., m, m denote the size of the bloom filter.
6. The method of claim 1, wherein (5) the other participants obtain respective encrypted bloom filters
Figure FDA0003735424480000031
Is represented as follows:
Figure FDA0003735424480000032
wherein,
Figure FDA0003735424480000033
bloom filters represented as ciphers
Figure FDA0003735424480000034
J-th position ciphertext of (1), m, m represents the size of the bloom filter, and i-2.
7. The method of claim 1, wherein the hash function h of (6) specifying that the participant utilizes a bloom filter l Calculating the element x in its input set t Index value of (d):
h 1 (x t ),…,h l (x t ),…,h k (x t ),
wherein h is l (x t ) Represents the element x t At the hash function h l Index value of 1, t 1 ,v 1 Set of representations X 1 Is 1, …, k, k denotes the number of hash functions.
8. The method of claim 1, wherein the method is performed in a batch processThe bloom Filter specifying Party to encrypt from
Figure FDA0003735424480000035
Extracting index value h l (x t ) The corresponding ciphertext, expressed as follows:
Figure FDA0003735424480000036
wherein,
Figure FDA0003735424480000037
to represent
Figure FDA0003735424480000038
The middle index value is h l (x t ) K, k denotes the number of hash functions, t 1 1 ,v 1 A set of representations X 1 N, n represents the number of participants.
9. The method of claim 1, wherein k (n-1) ciphertext pairs are specified in the (6)
Figure FDA0003735424480000039
Obtaining a polymerization ciphertext by using the homomorphism property of an encryption algorithm TEL, and realizing the following steps:
(6a) appointing the participants to use the addition homomorphism of the encryption algorithm TEL to encrypt k (n-1) ciphertexts
Figure FDA00037354244800000310
Multiplying to obtain the element x t Corresponding ciphertext C t Expressed as follows:
C t =(α t ,β t ),
wherein alpha is t Is C t The first portion of ciphertext, represented as:
Figure FDA00037354244800000311
β t is C t The second portion of ciphertext, expressed as:
Figure FDA00037354244800000312
r ij is a group Z q N, n represents the number of participants, j represents 1, the.
Figure FDA0003735424480000041
Indicating bloom filters
Figure FDA00037354244800000418
The value of the j-th position,
Figure FDA0003735424480000042
t=1,...,v 1 ,v 1 a set of representations X 1 The size of (d);
(6b) specifying participant utilization cardinality w t And number multiplication homomorphism of encryption algorithm TEL for element x t Corresponding ciphertext C t Exponentiation is performed to obtain a marked ciphertext
Figure FDA0003735424480000043
Is represented as follows:
Figure FDA0003735424480000044
wherein,
Figure FDA0003735424480000045
for marking cryptograph
Figure FDA0003735424480000046
The first portion of ciphertext, represented as:
Figure FDA0003735424480000047
Figure FDA0003735424480000048
for marking ciphertext
Figure FDA0003735424480000049
The second portion of the ciphertext, represented as:
Figure FDA00037354244800000410
k represents the number of bloom filter hash functions;
n represents the number of participants;
(6c) specifying participants to use the addition homomorphism of the encryption algorithm TEL to convert v 1 Individual mark cipher text
Figure FDA00037354244800000411
Multiplying to obtain a combined ciphertext C, as follows:
C=(α,β),
where α is the first partial ciphertext of the aggregate ciphertext C, expressed as:
Figure FDA00037354244800000412
β is the second partial ciphertext of the aggregate ciphertext C, represented as:
Figure FDA00037354244800000413
10. the method according to claim 1, characterized in that the implementation of (7) is as follows:
(7a) other parties all utilize their own private keys sk i Exponentiation is performed on the first part of ciphertext alpha of the aggregate ciphertext C to obtain a solutionPartial values required for encryption:
Figure FDA00037354244800000414
and send it to the designated participants, where i ═ 2.., n, n represents the number of participants;
(7b) designating a participant to get T i Then, use its private key sk 1 Exponentiating a first part of ciphertext alpha of the aggregated ciphertext C to obtain another part of value required for decryption:
Figure FDA00037354244800000415
then will T 1 And T i Multiplying to obtain all values rho required for decryption:
Figure FDA00037354244800000416
(7c) and the appointed party decrypts the aggregation ciphertext C by using all the values rho required by decryption to obtain an aggregation plaintext mu:
Figure FDA00037354244800000417
wherein, w t Representing the cardinality, b t Representing a single plaintext, b t ∈[0,...,k(n-1)];
(7d) The appointed participator obtains a single plaintext b by using a plaintext recovery algorithm t Reinitializing an empty set W 0 And judging a single plaintext b t Whether or not it is 0:
if so, the element x is added t Put into the set W 0 In the method, a final set W is output, namely the intersection of input sets of all the participants;
otherwise, for the set W 0 No operation is performed.
CN202110833610.XA 2021-07-22 2021-07-22 Set intersection method for realizing multi-party privacy Active CN113518092B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110833610.XA CN113518092B (en) 2021-07-22 2021-07-22 Set intersection method for realizing multi-party privacy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110833610.XA CN113518092B (en) 2021-07-22 2021-07-22 Set intersection method for realizing multi-party privacy

Publications (2)

Publication Number Publication Date
CN113518092A CN113518092A (en) 2021-10-19
CN113518092B true CN113518092B (en) 2022-08-26

Family

ID=78067662

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110833610.XA Active CN113518092B (en) 2021-07-22 2021-07-22 Set intersection method for realizing multi-party privacy

Country Status (1)

Country Link
CN (1) CN113518092B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113901501B (en) * 2021-10-20 2022-11-08 苏州斐波那契信息技术有限公司 Private domain user image expansion method based on federal learning
CN114386068B (en) * 2022-01-06 2025-01-24 北京数牍科技有限公司 A method and system for finding intersections of multi-party conditional privacy-preserving sets against collusion attacks
CN114553593B (en) * 2022-03-22 2024-05-28 杭州博盾习言科技有限公司 Multiparty secure computing privacy exchange method, device, equipment and storage medium
CN114520721B (en) * 2022-03-22 2024-03-29 杭州博盾习言科技有限公司 Multiparty secure computing privacy exchange method, device, equipment and storage medium
CN114884675B (en) * 2022-04-29 2023-12-05 杭州博盾习言科技有限公司 Multi-party privacy intersection method, device, equipment and medium based on bit transmission
CN115396144B (en) * 2022-07-20 2023-12-05 北京冲量在线科技有限公司 Multiparty privacy intersection scheme based on trusted execution environment and distributed data intersection algorithm
CN115396148B (en) * 2022-07-22 2024-04-12 西安邮电大学 Privacy-protected list query method, system, medium, device and terminal
CN115422581B (en) * 2022-08-30 2024-03-08 北京火山引擎科技有限公司 Data processing method and device
CN117454432B (en) * 2023-12-20 2024-04-09 暨南大学 Privacy protection association rule mining method in distributed environment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931207A (en) * 2020-08-07 2020-11-13 北京百度网讯科技有限公司 Method, device and equipment for obtaining privacy set intersection and storage medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8526603B2 (en) * 2011-07-08 2013-09-03 Sap Ag Public-key encrypted bloom filters with applications to private set intersection
CN109104413B (en) * 2018-07-17 2020-07-31 中国科学院计算技术研究所 Method for solving intersection of private data for secure multi-party computation and verification method
CN109495465B (en) * 2018-11-05 2020-12-25 河南师范大学 Privacy set intersection method based on intelligent contracts
CN109951443B (en) * 2019-01-28 2021-06-04 湖北工业大学 Set intersection calculation method and system for privacy protection in cloud environment
CN110719159B (en) * 2019-09-24 2023-06-30 河南师范大学 Multi-party private set intersection method against malicious adversaries
CN111641603B (en) * 2020-05-15 2022-07-01 北京青牛技术股份有限公司 Privacy set intersection data interaction method and system based on homomorphic encryption
CN112966283B (en) * 2021-03-19 2023-04-18 西安电子科技大学 PPARM (vertical partition data parallel processor) method for solving intersection based on multi-party set

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111931207A (en) * 2020-08-07 2020-11-13 北京百度网讯科技有限公司 Method, device and equipment for obtaining privacy set intersection and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于全同态加密的安全多方计算探讨;李习习等;《电脑知识与技术》;20200725(第21期);全文 *

Also Published As

Publication number Publication date
CN113518092A (en) 2021-10-19

Similar Documents

Publication Publication Date Title
CN113518092B (en) Set intersection method for realizing multi-party privacy
CN105577368B (en) The medical diagnosis service-seeking system and method for two-way secret protection
CN110233730B (en) A privacy information protection method based on K-means clustering
Torkaman et al. Innovative approach to improve hybrid cryptography by using DNA steganography
Yin et al. Improved Elliptic Curve Cryptography with Homomorphic Encryption for Medical Image Encryption.
CN106209790B (en) Efficient verifiable outsourcing attribute-based encryption method for hidden ciphertext strategy
CN105763528B (en) The encryption device of diversity person's anonymity under a kind of mixed mechanism
CN108989309A (en) Encryption communication method and its encrypted communication device based on narrowband Internet of Things
Abusukhon et al. A novel network security algorithm based on private key encryption
CN107086912B (en) Ciphertext conversion method, decryption method and system in heterogeneous storage system
WO2016112734A1 (en) Group encryption and decryption method and system having selection and exclusion functions
CN104158880A (en) User-end cloud data sharing solution
CN109688143A (en) A kind of cluster data mining method towards secret protection in cloud environment
CN113114454A (en) Efficient privacy outsourcing k-means clustering method
CN106453393A (en) Verifiable privacy-preserving data type matching in participatory sensing
CN111159727B (en) Multi-party cooperation oriented Bayes classifier safety generation system and method
CN116684061A (en) A private picture encryption method and device based on an improved AES algorithm based on key expansion
CN111191253B (en) A data encryption combination method
Uddin et al. Developing a cryptographic algorithm based on ASCII conversions and a cyclic mathematical function
CN104618098B (en) Cryptography building method and system that a kind of set member's relation judges
CN117114959B (en) Image encryption method based on key feedback mechanism of multi-parameter one-dimensional chaotic system
CN111835766A (en) A Re-random Public Key Encryption and Decryption Method
Kandar et al. Variable length key based visual cryptography scheme for color image using random number
CN108737443B (en) A Method of Hiding Email Address Based on Cryptographic Algorithm
CN107241191A (en) A kind of anti-key clone, key abuse based on encryption attribute method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant