CN115795514A - Private information retrieval method, device and system - Google Patents
Private information retrieval method, device and system Download PDFInfo
- Publication number
- CN115795514A CN115795514A CN202211652351.1A CN202211652351A CN115795514A CN 115795514 A CN115795514 A CN 115795514A CN 202211652351 A CN202211652351 A CN 202211652351A CN 115795514 A CN115795514 A CN 115795514A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- order
- preserving
- data
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a method, a device and a system for retrieving private information, wherein the method for retrieving the private information is applied to a client and comprises the following steps: acquiring a number to be checked input by a user; encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to a server; receiving a ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by the server; decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number; comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data serial numbers which accord with the data range corresponding to the numbers to be checked; and executing an oblivious transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
Description
Technical Field
The present invention relates to the field of information technologies, and in particular, to a method, an apparatus, and a system for retrieving private information.
Background
The private information retrieval protocol can realize the retrieval task of the user on the premise that the server does not know the retrieval conditions and the retrieval results of the user.
In the field of private information retrieval, the existing private information retrieval method only realizes a method based on keyword retrieval, and cannot support data range retrieval. Taking the following scenario as an example, the security enterprise C masters the vulnerability information of the software D to form a knowledge base, and the storage examples of the knowledge base are as follows: { vulnerability 1, influence version range (1.2-3.7) }, \8230 }, { vulnerability n, influence version range (3.9-7.8) }. A certain user U (such as a client in a field with higher safety requirements, such as finance, industrial control and the like) just uses the software D, and if the used version is 4.7, the user U hopes that the security enterprise C can give vulnerability information of the software D under the specific version of 4.7 on the premise of not exposing the version number used by the user U, and due to the fact that the data range is searched, the vulnerability information cannot be searched by a privacy information searching method based on keywords at present.
Therefore, how to realize private information retrieval based on the data range is an urgent technical problem to be solved.
Disclosure of Invention
The embodiment of the invention provides a private information retrieval method, a private information retrieval device and a private information retrieval system, which are used for realizing private information retrieval based on a data range and ensuring the information security of a user.
In a first aspect, an embodiment of the present invention provides a private information retrieval method, which is applied to a client, and includes:
acquiring a number to be checked input by a user;
encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to a server;
receiving a ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by the server, wherein the full plaintext data set is a data set stored in the server in advance;
decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data sequence numbers which accord with the data range corresponding to the numbers to be checked;
and executing an inadvertent transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
In one possible implementation manner, the encrypting the to-be-checked number by adopting homomorphic encryption and sending the encrypted ciphertext to the server includes:
generating a public key and a private key for homomorphic encryption;
encrypting and hiding the number to be checked by using the public key to obtain an encrypted ciphertext;
and sending the encrypted ciphertext and the public key to a server side, and storing the private key.
In one possible implementation manner, the receiving the ciphertext obtained by processing the encrypted ciphertext by the server using homomorphic encryption and order-preserving encryption, and the order-preserving ciphertext data range obtained by performing order-preserving encryption transformation on multiple data ranges in a full plaintext data set one by the server includes:
receiving a first ciphertext and a second ciphertext which are obtained by the server side respectively encrypting two randomly generated numbers by using the public key, and a processed ciphertext which is obtained by the first ciphertext and the second ciphertext carrying out homomorphic multiplication and homomorphic addition on the encrypted ciphertext, wherein the two numbers are keys for order preserving encryption;
and receiving the order-preserving ciphertext data range after the server performs order-preserving encryption transformation on a plurality of data ranges in the full plaintext data set one by using the two numbers.
In one possible implementation manner, the decrypting the processed ciphertext by using homomorphic decryption to obtain a decrypted number includes:
and decrypting the processed ciphertext by using the private key to obtain a number subjected to order-preserving encryption by using the two numbers through the server, and taking the number subjected to order-preserving encryption as a decrypted number.
In a second aspect, an embodiment of the present invention further provides a private information retrieval method, which is applied to a server and includes:
receiving an encrypted ciphertext from a client, wherein the encrypted ciphertext is a ciphertext obtained by encrypting a number to be checked input by a user by the client through homomorphic encryption;
processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption to obtain a processed ciphertext;
carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by one to obtain an order-preserving ciphertext data range, wherein the full plaintext data set is a data set stored in the server in advance;
and sending the processed ciphertext and the order-preserving ciphertext data range to the client, so that the client compares the decrypted numbers obtained by decrypting the processed ciphertext by adopting homomorphic decryption with the numbers in the order-preserving ciphertext data range one by one, and obtains the data sequence number which accords with the data range corresponding to the number to be checked.
In one possible implementation manner, the processing the encrypted ciphertext by using homomorphic encryption and order-preserving encryption to obtain a processed ciphertext includes:
randomly generating two numbers for order-preserving encryption;
receiving a public key which is sent by the client and used for homomorphic encryption, encrypting the two numbers through the public key, and respectively obtaining a first ciphertext and a second ciphertext;
and performing homomorphic multiplication operation and homomorphic addition operation on the encrypted ciphertext by using the first ciphertext and the second ciphertext to obtain a processed ciphertext.
In a third aspect, an embodiment of the present invention further provides a private information retrieval apparatus, which is applied to a client, and includes:
the first acquisition unit is used for acquiring the number to be checked input by a user;
the encryption unit is used for encrypting the number to be checked by adopting homomorphic encryption and sending the encrypted ciphertext to the server;
a first receiving unit, configured to receive a ciphertext obtained by processing the encrypted ciphertext by using homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by performing order-preserving encryption transformation on multiple data ranges in a full plaintext data set by the server one by one, where the full plaintext data set is a data set stored in the server in advance;
the decryption unit is used for decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
a first obtaining unit, configured to compare the decrypted number with the number in the order-preserving ciphertext data range one by one, and obtain a data sequence number that conforms to a data range corresponding to the number to be checked;
and the second acquisition unit is used for executing an oblivious transmission protocol according to the data sequence number and acquiring a retrieval result corresponding to the data sequence number.
In a fourth aspect, an embodiment of the present invention further provides a private information retrieval apparatus, which is applied to a server, and includes:
the second receiving unit is used for receiving an encrypted ciphertext from the client, wherein the encrypted ciphertext is a ciphertext obtained by encrypting a to-be-checked number input by a user by using homomorphic encryption by the client;
the processing unit is used for processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption to obtain a processed ciphertext;
a second obtaining unit, configured to perform order-preserving encryption transformation on multiple data ranges in a full-size plaintext data set one by one to obtain an order-preserving ciphertext data range, where the full-size plaintext data set is a data set pre-stored in the server;
and the sending unit is used for sending the processed ciphertext and the order-preserving ciphertext data range to the client, so that the client compares the decrypted numbers obtained by decrypting the processed ciphertext by adopting homomorphic decryption with the numbers in the order-preserving ciphertext data range one by one, and obtains the data sequence number which accords with the data range corresponding to the number to be checked.
In a fifth aspect, an embodiment of the present invention further provides a system for retrieving private information, including:
the system comprises a client and a server connected with the client; wherein: the client is configured to:
acquiring a number to be checked input by a user;
encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to the server;
receiving a ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by the server, wherein the full plaintext data set is a data set stored in the server in advance;
decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data serial numbers which accord with the data range corresponding to the numbers to be checked;
and executing an inadvertent transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
In a sixth aspect, embodiments of the present invention further provide a private information retrieval apparatus, where the retrieval apparatus includes a processor, and the processor is configured to implement the steps of the private information retrieval method according to the first aspect and/or the second aspect when executing the computer program stored in the memory.
In a seventh aspect, the present invention further provides a readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the private information retrieval method according to the first aspect and/or the second aspect.
The invention has the following beneficial effects:
the embodiment of the invention provides a private information retrieval method, a private information retrieval device and a private information retrieval system, wherein firstly, a number to be searched input by a user is obtained, then, homomorphic encryption is adopted to encrypt the number to be searched, and an encrypted ciphertext is sent to a server; the server side processes the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption, performs order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set stored in the server side in advance one by one to obtain an order-preserving ciphertext data range, and then sends the processed ciphertext and the order-preserving ciphertext data range to the client side; then, the client side decrypts the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number; then, comparing the decrypted number with the number in the order-preserving ciphertext data range one by one to obtain a data sequence number which accords with the data range corresponding to the number to be checked; and then, executing an oblivious transmission protocol according to the data sequence number to obtain a retrieval result corresponding to the data sequence number.
Therefore, through homomorphic encryption and order-preserving encryption, the protection of the server data and the ciphertext range retrieval of the client to the server data can be realized. Therefore, the server-side range data is presented to the user in the form of the order-preserving cipher text, and in this way, the user cannot reversely decrypt the plaintext of the original data range of the server side without knowing the order-preserving key; meanwhile, the order-preserving ciphertext guarantees that the client can sequentially carry out order-preserving ciphertext range retrieval on the data of the server; therefore, the private information retrieval in the data range is supported, and the information safety of the user is ensured.
Drawings
Fig. 1 is a flowchart of one method of a private information retrieval method according to an embodiment of the present invention;
FIG. 2 is a flowchart of one method of step S102 in FIG. 1;
FIG. 3 is a flowchart of one method of step S103 in FIG. 1;
fig. 4 is a schematic diagram illustrating a method for determining a data sequence number based on homomorphic encryption and order-preserving encryption in a private information retrieval method according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a method for implementing a privacy information retrieval scheme supporting range query in a privacy information retrieval method according to an embodiment of the present invention;
fig. 6 is a schematic diagram of one of the multiple-choice 1 inadvertent transmission protocols used in a privacy query phase in the privacy information retrieval method according to the embodiment of the present invention;
fig. 7 is a flowchart of another method of a private information retrieval method according to an embodiment of the present invention;
FIG. 8 is a flowchart of one method of step S402 of FIG. 7;
fig. 9 is a block diagram of one configuration of a private information retrieval apparatus according to an embodiment of the present invention;
fig. 10 is a block diagram of another configuration of a private information retrieval apparatus according to an embodiment of the present invention;
fig. 11 is a block diagram of one configuration of a private information retrieval system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," and the like in the description and claims of the present invention and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "comprises" and any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may alternatively include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein may be combined with other embodiments.
The term "and/or" in the embodiments of the present invention describes an association relationship of associated objects, and indicates that three relationships may exist, for example, a and/or B may indicate: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
The application scenario described in the embodiment of the present invention is for more clearly illustrating the technical solution of the embodiment of the present invention, and does not form a limitation on the technical solution provided in the embodiment of the present invention, and it can be known by a person skilled in the art that with the occurrence of a new application scenario, the technical solution provided in the embodiment of the present invention is also applicable to similar technical problems. In the description of the present invention, the meaning of "a plurality" is two or more, unless otherwise specified.
In the related art, the existing private information retrieval method only realizes a method based on keyword retrieval, and cannot support data range retrieval.
In view of this, embodiments of the present invention provide a private information retrieval method, apparatus, and system, which are used to implement private information retrieval based on a data range, and ensure information security of a user.
Before describing the private information retrieval method, device and system, related terms are briefly described.
Private Information Retrieval (PIR), also called silent trace query, can ensure that when a query user submits a query request to a database on a server, the PIR completes the query under the condition that the user query Private Information is not leaked, that is, in the user query process, the server does not know the specific query Information of the user and the retrieved data items.
Order Preserving Encryption (OPE) means that the Order of plaintext and the Order of ciphertext are matched, for example, if plaintext a and b satisfy a < b, then ciphertexts k (a) and k (b) after Encryption also satisfy k (a) < k (b).
For an Oblivious Transfer (OT), in a privacy information query stage, a client uses a known data item (index), a server uses a known data set E, both sides execute an OT protocol with more than one choice, the client can obtain a final search result, and the server can only guess that the client search result is a certain item in the data set E, but cannot determine which item specifically. To take a specific example, zhang three has n messages { m 1 ,……,m n Lie four want to know one of the messages m i (ii) a By implementing the OT protocol, lie IV can correctly obtain the message m that it wants to know i The other (n-1) messages in the n messages cannot be obtained, and Zhang III cannot know which message Liqu is obtained.
As shown in fig. 1, an embodiment of the present invention provides a private information retrieval method, which is applied to a client, and includes:
s101: acquiring a number to be checked input by a user;
s102: encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to a server;
s103: receiving a ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by the server, wherein the full plaintext data set is a data set stored in the server in advance;
s104: decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
s105: comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data serial numbers which accord with the data range corresponding to the numbers to be checked;
s106: and executing an oblivious transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
In the specific implementation process, the specific implementation process of step S101 to step S106 is explained as follows:
firstly, acquiring a number to be checked input by a user, such as a; then, encrypting the number to be checked by adopting homomorphic encryption, and sending the encrypted ciphertext to a server; in one exemplary embodiment, the client may encrypt the number to be checked according to a public key used for the generated homomorphic encryption; after the client sends the encrypted ciphertext to the server, the client receives the ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server and an order-preserving ciphertext data range obtained by performing order-preserving encryption transformation on a plurality of data ranges in a full-amount plaintext data set one by the server.
And then, decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number. In one exemplary embodiment, the processed ciphertext may be decrypted by using a private key generated by the client and corresponding to a public key used for homomorphic encryption, so as to obtain a decrypted number; then, comparing the decrypted number with the number in the order-preserving ciphertext data range one by one to obtain a data sequence number which accords with the data range corresponding to the number to be checked; and then, executing an oblivious transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number. Therefore, through homomorphic encryption and order-preserving encryption, the protection of the server data and the ciphertext range retrieval of the client to the server data can be realized. Therefore, the server-side range data is presented to the user in the form of the order-preserving cipher text, and in this way, the user cannot reversely decrypt the plaintext of the original data range of the server-side under the condition of not knowing the order-preserving key; meanwhile, the order-preserving ciphertext guarantees that the client can sequentially carry out order-preserving ciphertext range retrieval on the data of the server; therefore, the private information retrieval in the data range is supported, and the information safety of the user is ensured.
In the embodiment of the present invention, as shown in fig. 2, step S102: adopting homomorphic encryption to encrypt the number to be checked and sending the encrypted ciphertext to a server, comprising:
s201: generating a public key and a private key for homomorphic encryption;
s202: encrypting and hiding the number to be checked by using the public key to obtain an encrypted ciphertext;
s203: and sending the encrypted ciphertext and the public key to a server side, and storing the private key.
In the specific implementation process, the specific implementation process from step S201 to step S203 is as follows:
firstly, a client generates a public and private key pair for homomorphic encryption, wherein the public and private key pair comprises a public key and a private key; then, the public key is used for encrypting and hiding the number to be checked input by the user to obtain an encrypted ciphertext; and then, sending the encrypted ciphertext and the public key to a server side, and simultaneously storing the private key by the client side.
In the embodiment of the present invention, as shown in fig. 3, step S103: receiving a ciphertext obtained by the server processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption, and an order-preserving ciphertext data range obtained by the server performing order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by one, wherein the order-preserving ciphertext data range comprises:
s301: receiving a first ciphertext and a second ciphertext which are obtained by the server side respectively encrypting two randomly generated numbers by using the public key, and a processed ciphertext which is obtained by the first ciphertext and the second ciphertext carrying out homomorphic multiplication and homomorphic addition on the encrypted ciphertext, wherein the two numbers are keys for order preserving encryption;
s302: and receiving the order-preserving ciphertext data range after the server performs order-preserving encryption transformation on a plurality of data ranges in the full plaintext data set one by using the two numbers.
In the specific implementation process, the specific implementation process from step S301 to step S302 is as follows:
firstly, after a client sends an encrypted ciphertext and a public key to a server, the server encrypts two randomly generated numbers respectively by using the public key to obtain a first ciphertext and a second ciphertext; in one exemplary embodiment, the client-generated public and private key pair is (pk, sk), where pk denotes the public key and sk denotes the private key; after encrypting the number a to be checked input by the user by using the public key pk, the client obtains an encrypted ciphertext En _ a = E (pk, a); two numbers randomly generated by the server are x and y respectively, and the two numbers can be used as keys in order-preserving encryption; the server encrypts x by using the public key pk to obtain a first ciphertext En _ x = E (pk, x), and encrypts y by using the public key pk to obtain a second ciphertext En _ y = E (pk, y); then, the server performs homomorphic multiplication and homomorphic addition on the encrypted ciphertext En _ a to obtain a processed ciphertext
Wherein, the lines indicate that the ciphertexts are multiplied in the same state,
indicating a homomorphic addition of the ciphertext. The server then uses the order-preserving encryption keys x and y to encrypt multiple pieces of the full-size plaintext data setAnd carrying out order-preserving encryption transformation on the data ranges one by one to generate an order-preserving ciphertext data range. And then, the server side sends the order-preserving ciphertext data range to the client side, so that the client side can perform homomorphic multiplication and homomorphic addition on the encrypted ciphertext according to the received first ciphertext and the second ciphertext to obtain a processed ciphertext, and the order-preserving ciphertext data range can determine the data sequence number of the data range corresponding to the number to be checked. In addition, for the specific implementation process of the data sequence number determination, reference may be made to the following description of relevant parts, which are not described in detail herein.
In the embodiment of the present invention, step S104: adopting homomorphic decryption to decrypt the processed ciphertext to obtain a decrypted number, comprising:
and decrypting the processed ciphertext by using the private key to obtain a number subjected to order-preserving encryption by using the two numbers through the server, and taking the number subjected to order-preserving encryption as a decrypted number.
In the specific implementation process, after the client receives the ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, the client can decrypt the processed ciphertext by using a private key; still taking the above exemplary embodiment as an example, the client may decrypt the processed ciphertext En _ a by using the homomorphic encryption private key sk, so as to obtain a number a encrypted by the server by using the order-preserving encryption key x and y, where a = (a × x + y).
The following describes a specific implementation process for determining a data sequence number based on homomorphic encryption and order-preserving encryption in detail with reference to fig. 4.
In one exemplary embodiment, the server has n data ranges { (a) 1 ,b 1 ),……,(a n ,b n ) N data ranges belonging to a full plaintext data range, wherein the ith data range satisfies a i <b i I is any positive integer from 1 to n, and the user input is a. In order to determine the data sequence number of the server end matched with the search condition of the user, the data sequence number t needs to be found and satisfies a t <a<b t . The specific determination process for the data sequence number t is as follows:
firstly, a user side generates a public and private key pair (pk, sk) for homomorphic encryption, wherein pk is a public key and sk is a private key; then, a input by the user is encrypted and hidden by using a public key pk, and the encryption result is En _ a = E (pk, a); then, the ciphertext En _ a and the public key pk are transmitted to the server.
For the server, the server randomly generates two numbers x and y which are used as keys in order-preserving encryption; then, by using a first calculation module in the server, encrypting x and y by using the public key, we obtain En _ x = E (pk, x), and En _ y = E (pk, y); then homomorphic multiplication operation and homomorphic addition operation are carried out on the ciphertext En _ a to obtain the ciphertext
Wherein, the lines indicate that the ciphertexts are multiplied in the same state,
representing a homomorphic addition of the ciphertext; the expanded ciphertext En _ a is substantially equal to the result of encrypting the original plaintext (a x + y) by using the public key pk;
the data range { (a) can be processed by a second computing module in the server side by using the order-preserving encryption keys x and y 1 ,b 1 ),……,(a n ,b n ) Carrying out order-preserving encryption transformation on n pieces of data in the sequence to generate an order-preserving ciphertext data range En _ db { (A) 1 ,B 1) ,……,(A n ,B n ) Wherein (A) 1 ,B 1 )=(a 1 *x+y,b 1 *x+y),(A n ,B n )=(a n *x+y,b n * x + y) for (A) i ,B i )=(a i *x+y,b i *x+y),1≤i≤n。
Then, the first computing module and the second computing module in the server respectively send the order-preserving ciphertext data range En _ db and the homomorphic encryption ciphertext En _ En _ a to the client.
Then, the client decrypts the ciphertext En _ En _ a by using the homomorphic encryption private key sk to obtain the service-side-use secretThe sequence encryption keys x and y are used for encrypting the number A after sequence-preserving encryption, A = D (sk, en _ En _ a) = a x + y. Since A and En _ db are encrypted by using the same order-preserving encryption keys x and y and thus satisfy the order-preserving relationship, the data sequence number t is found and a is satisfied t <a<b t "the task is changed to" find the data sequence number t to satisfy A t <A<B t ”。
After the client finds the data serial number t meeting the relationship, an inadvertent transmission protocol can be executed, and a retrieval result is obtained. Therefore, the data sequence number is determined based on homomorphic encryption and order-preserving encryption, and the private information retrieval supporting range query can be realized.
A detailed explanation is given below to a specific implementation process of the privacy information retrieval scheme supporting range query in the embodiment of the present invention with reference to fig. 5, where User represents a client and Server represents a Server.
In the exemplary embodiment shown in fig. 5, the full-size plaintext data set (also referred to as an original plaintext data set) db pre-stored in the server is { [ (range 1_ left, range1_ right), plaintext1], \ 8230 { [ (range _ left, range _ right), plaintextn ] }, which includes n pieces of data, where range _ left, range _ right) represents a range interval of some attribute corresponding to the i-th piece of data in the n pieces of data, and plaintexti represents a specific value of some attribute corresponding to the i-th piece of data in the n pieces of data. If the number to be checked input by the user at the client is a, the server is required to provide the playexti in the data range satisfying range _ left < a < range _ right accordingly.
In the exemplary embodiment shown in fig. 5, a private information retrieval scheme supporting range query includes a public key generation phase, an order preserving encryption phase, an indexing determination phase and a private information query phase.
In the public key generation phase, the client performs the following data preprocessing:
1. inputting a number a to be checked;
2. generating a public and private key pair (pk, sk) for homomorphic encryption, wherein pk is a public key and sk is a private key;
3. the input a of the hidden user is encrypted by using a public key pk, the encryption result is En _ a, the encryption formula is En _ a = E (pk, a), and E () represents homomorphic encryption. Then, the ciphertext En _ a and the public key pk are transmitted to the server.
In the order-preserving encryption stage, after the server acquires the public key pk and the ciphertext En _ a, the following operations are performed:
4. randomly generating two numbers x and y meeting certain requirements, and using the x and y as a secret key of the order-preserving encryption algorithm; in one exemplary embodiment, x and y may be integers, and in practical applications, are not limited thereto.
5. For En _ a, calculation:
wherein, the lines indicate that the ciphertexts are multiplied in the same state,
representing a homomorphic addition of the ciphertext;
6. using x and y and data set db, generating ciphertext range set En _ list, en _ list { (range 1_ left x + y, range1_ right x + y) }, \8230 { (range _ left x + y, range _ right x + y) }; and then, returning the ciphertext range set En _ list and the transformed ciphertext data En _ En _ a to the client.
In the stage of determining the index, after receiving the ciphertext range set En _ list and the transformed ciphertext data En _ a, the client performs the following operations:
7. decrypting the ciphertext data En _ En _ a by using a homomorphic encryption private key sk to obtain A = D (sk, en _ En _ a) = a x + y;
8. using a and En _ list, find the data item satisfying the range, where the data item (index) is the index of the number to be looked up.
In the privacy information inquiry stage, the client side utilizes the known index, the server side utilizes the known data set db, the client side and the server side jointly execute the careless transmission protocol of n-selected-1, and the client side obtains a final retrieval result; the server can only guess that the client search result is a certain item in the data set db, but cannot determine which item is the specific one. That is, the PIR is executed by the client and the server, respectively, thereby realizing private information retrieval supporting a data range.
In the exemplary embodiment shown in fig. 5, steps 3, 5 and 7 apply a order-preserving cryptographic transformation to the client data using homomorphic encryption and order-preserving cryptographic algorithms. Therefore, the client is hidden by the order-preserving encryption algorithm key, and the server can perform order-preserving encryption transformation on the client data under the condition that the original data of the client is unknown. And 2-8, protecting the server data and retrieving the ciphertext range of the server data by the client by using homomorphic encryption and order-preserving encryption algorithms. Therefore, the server-side range data is presented to the user in the form of the order-preserving cipher text, and the user cannot reversely decrypt the plaintext of the server-side original data range without knowing the order-preserving key; meanwhile, the order-preserving ciphertext ensures that the client can carry out one-time order-preserving ciphertext range retrieval on the data of the server.
For the multiple-selection-1 oblivious transmission protocol adopted in the privacy information query phase, one of the exemplary embodiments shown in fig. 6 may be adopted to implement a classic multiple-selection-1 oblivious transmission protocol, where the user side is also referred to as a client side. In this exemplary embodiment, the multiple-choice-1 oblivious transport protocol execution process may be implemented using RSA public key Encryption and Advanced Encryption Standard (AES) symmetric Encryption. For specific implementation, reference may be made to technical implementation in the related art, and details will not be described here.
Based on the same inventive concept, as shown in fig. 7, an embodiment of the present invention further provides a private information retrieval method, applied to a server, including:
s401: receiving an encrypted ciphertext from a client, wherein the encrypted ciphertext is a ciphertext obtained by encrypting a number to be checked input by a user by the client through homomorphic encryption;
s402: processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption to obtain a processed ciphertext;
s403: carrying out order-preserving encryption transformation on a plurality of data ranges in a full-amount plaintext data set one by one to obtain an order-preserving ciphertext data range, wherein the full-amount plaintext data set is a data set stored in the server in advance;
s404: and sending the processed ciphertext and the order-preserving ciphertext data range to the client, so that the client compares the decrypted numbers obtained by decrypting the processed ciphertext by adopting homomorphic decryption with the numbers in the order-preserving ciphertext data range one by one, and obtains the data sequence number which accords with the data range corresponding to the number to be checked.
For the specific implementation process from step S401 to step S404, reference may be made to the description of the foregoing relevant parts, which is not described herein again.
In the embodiment of the present invention, as shown in fig. 8, step S402: processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption to obtain a processed ciphertext, comprising:
s501: randomly generating two numbers for order-preserving encryption;
s502: receiving a public key which is sent by the client and used for homomorphic encryption, encrypting the two numbers through the public key, and respectively obtaining a first ciphertext and a second ciphertext;
s503: and performing homomorphic multiplication and homomorphic addition operation on the encrypted ciphertext by using the first ciphertext and the second ciphertext to obtain a processed ciphertext.
For the specific implementation process of step S501 to step S503, reference may be made to the description of the related parts, which is not described herein again.
In addition, the private information retrieval method applied to the server side provided by the embodiment of the present invention is the same as the private information retrieval method applied to the client side, and the technical implementation of the relevant part may refer to the detailed description of the corresponding part, which is not described herein again.
Based on the same inventive concept, as shown in fig. 9, an embodiment of the present invention further provides a private information retrieval apparatus, which is applied to a client, and includes:
a first acquisition unit 10, configured to acquire a number to be checked input by a user;
the encryption unit 20 is configured to encrypt the to-be-checked number by adopting homomorphic encryption, and send an encrypted ciphertext to the server;
a first receiving unit 30, configured to receive a ciphertext obtained by processing the encrypted ciphertext by using homomorphic encryption and order-preserving encryption at the server, and an order-preserving ciphertext data range obtained by performing order-preserving encryption transformation on multiple data ranges in a full plaintext data set one by one at the server, where the full plaintext data set is a data set stored in the server in advance;
a decryption unit 40, configured to decrypt the processed ciphertext by using homomorphic decryption to obtain a decrypted number;
a first obtaining unit 50, configured to compare the decrypted number with the number in the order-preserving ciphertext data range one by one, and obtain a data sequence number that conforms to the data range corresponding to the number to be checked;
the second obtaining unit 60 is configured to execute an inadvertent transmission protocol according to the data sequence number, and obtain a retrieval result corresponding to the data sequence number.
In an embodiment of the present invention, the encryption unit 20 is configured to:
generating a public key and a private key for homomorphic encryption;
encrypting and hiding the number to be checked by using the public key to obtain an encrypted ciphertext;
and sending the encrypted ciphertext and the public key to a server side, and storing the private key.
In this embodiment of the present invention, the first receiving unit 30 is configured to:
receiving a first ciphertext and a second ciphertext which are obtained by respectively encrypting two randomly generated numbers by the server side through the public key, and a processed ciphertext which is obtained by carrying out homomorphic multiplication operation and homomorphic addition operation on the encrypted ciphertext through the first ciphertext and the second ciphertext, wherein the two numbers are keys for order-preserving encryption;
and receiving the order-preserving ciphertext data range after the server performs order-preserving encryption transformation on a plurality of data ranges in the full plaintext data set one by using the two numbers.
In an embodiment of the present invention, the decryption unit 40 is configured to:
and decrypting the processed ciphertext by using the private key to obtain a number which is subjected to order-preserving encryption by using the two numbers through the server side, and taking the number subjected to order-preserving encryption as a decrypted number.
Based on the same inventive concept, as shown in fig. 10, an embodiment of the present invention further provides a private information retrieval apparatus, which is applied to a server, and includes:
a second receiving unit 70, configured to receive an encrypted ciphertext from a client, where the encrypted ciphertext is a ciphertext obtained by encrypting, by using homomorphic encryption, a to-be-checked number input by a user at the client;
a processing unit 80, configured to process the encrypted ciphertext by using homomorphic encryption and order-preserving encryption to obtain a processed ciphertext;
a second obtaining unit 90, configured to perform order-preserving encryption transformation on multiple data ranges in a full-size plaintext data set one by one to obtain an order-preserving ciphertext data range, where the full-size plaintext data set is a data set stored in the server in advance;
a sending unit 100, configured to send the processed ciphertext and the order-preserving ciphertext data range to the client, so that the client compares, one by one, a decrypted number obtained by decrypting the processed ciphertext by adopting homomorphic decryption with a number in the order-preserving ciphertext data range, and obtains a data sequence number that corresponds to the data range corresponding to the number to be checked.
In the embodiment of the present invention, the processing unit 80 includes:
randomly generating two numbers for order-preserving encryption;
receiving a public key which is sent by the client and used for homomorphic encryption, encrypting the two numbers through the public key, and respectively obtaining a first ciphertext and a second ciphertext;
and performing homomorphic multiplication operation and homomorphic addition operation on the encrypted ciphertext by using the first ciphertext and the second ciphertext to obtain a processed ciphertext.
Based on the same inventive concept, as shown in fig. 11, an embodiment of the present invention further provides a private information retrieval system, including:
a client 110 and a server 120 connected with the client 110; wherein: the client 110 is configured to:
acquiring a number to be checked input by a user;
encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to the server 120;
receiving a ciphertext obtained by processing the encrypted ciphertext by the server 120 through homomorphic encryption and order-preserving encryption, and an order-preserving ciphertext data range obtained by performing order-preserving encryption transformation on a plurality of data ranges in a full-amount plaintext data set one by the server 120, wherein the full-amount plaintext data set is a data set pre-stored in the server 120;
decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data sequence numbers which accord with the data range corresponding to the numbers to be checked;
and executing an inadvertent transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
Based on the same inventive concept, embodiments of the present invention further provide a private information retrieval apparatus, where the retrieval apparatus includes a processor, and the processor is configured to implement the steps of the private information retrieval method as described above when executing the computer program stored in the memory.
Based on the same inventive concept, embodiments of the present invention further provide a readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the private information retrieval method as described above.
The embodiment of the invention provides a private information retrieval method, a private information retrieval device and a private information retrieval system, wherein firstly, a number to be searched input by a user is obtained, then, homomorphic encryption is adopted to encrypt the number to be searched, and an encrypted ciphertext is sent to a server; the server side processes the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption, performs order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set stored in the server side in advance one by one to obtain an order-preserving ciphertext data range, and then sends the processed ciphertext and the order-preserving ciphertext data range to the client side; then, the client side decrypts the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number; then, comparing the decrypted number with the number in the order-preserving ciphertext data range one by one to obtain a data sequence number which accords with the data range corresponding to the number to be checked; and then, executing an oblivious transmission protocol according to the data sequence number to obtain a retrieval result corresponding to the data sequence number.
Therefore, through homomorphic encryption and order-preserving encryption, the protection of the server data and the ciphertext range retrieval of the client to the server data can be realized. Therefore, the server-side range data is presented to the user in the form of the order-preserving cipher text, and in this way, the user cannot reversely decrypt the plaintext of the original data range of the server-side under the condition of not knowing the order-preserving key; meanwhile, the order-preserving ciphertext ensures that the client can sequentially search the order-preserving ciphertext range of the data of the server; therefore, the private information retrieval in the data range is supported, and the information safety of the user is ensured.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A private information retrieval method is applied to a client, and is characterized by comprising the following steps:
acquiring a number to be checked input by a user;
encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to a server;
receiving a ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by the server, wherein the full plaintext data set is a data set stored in the server in advance;
decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data sequence numbers which accord with the data range corresponding to the numbers to be checked;
and executing an oblivious transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
2. The method as claimed in claim 1, wherein the encrypting the number to be checked by using homomorphic encryption and sending the encrypted ciphertext to the server side comprises:
generating a public key and a private key for homomorphic encryption;
encrypting and hiding the number to be checked by using the public key to obtain an encrypted ciphertext;
and sending the encrypted ciphertext and the public key to a server side, and storing the private key.
3. The method as claimed in claim 2, wherein the receiving the ciphertext obtained by the server processing the encrypted ciphertext by using homomorphic encryption and order-preserving encryption, and the order-preserving ciphertext data range obtained by the server performing order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by one, comprises:
receiving a first ciphertext and a second ciphertext which are obtained by respectively encrypting two randomly generated numbers by the server side through the public key, and a processed ciphertext which is obtained by carrying out homomorphic multiplication operation and homomorphic addition operation on the encrypted ciphertext through the first ciphertext and the second ciphertext, wherein the two numbers are keys for order-preserving encryption;
and receiving the order-preserving ciphertext data range after the server performs order-preserving encryption transformation on a plurality of data ranges in the full plaintext data set one by using the two numbers.
4. The method of claim 3, wherein decrypting the processed ciphertext using homomorphic decryption to obtain a decrypted number comprises:
and decrypting the processed ciphertext by using the private key to obtain a number which is subjected to order-preserving encryption by using the two numbers through the server side, and taking the number subjected to order-preserving encryption as a decrypted number.
5. A private information retrieval method is applied to a server side and is characterized by comprising the following steps:
receiving an encrypted ciphertext from a client, wherein the encrypted ciphertext is a ciphertext obtained by encrypting a number to be checked input by a user by the client through homomorphic encryption;
processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption to obtain a processed ciphertext;
carrying out order-preserving encryption transformation on a plurality of data ranges in a full-amount plaintext data set one by one to obtain an order-preserving ciphertext data range, wherein the full-amount plaintext data set is a data set stored in the server in advance;
and sending the processed ciphertext and the order-preserving ciphertext data range to the client, so that the client compares the decrypted numbers obtained by decrypting the processed ciphertext by adopting homomorphic decryption with the numbers in the order-preserving ciphertext data range one by one, and obtains the data sequence number which accords with the data range corresponding to the number to be checked.
6. The method of claim 5, wherein the processing the encrypted ciphertext using homomorphic encryption and order preserving encryption to obtain a processed ciphertext, comprises:
randomly generating two numbers for order-preserving encryption;
receiving a public key which is sent by the client and used for homomorphic encryption, and encrypting the two numbers through the public key to respectively obtain a first ciphertext and a second ciphertext;
and performing homomorphic multiplication operation and homomorphic addition operation on the encrypted ciphertext by using the first ciphertext and the second ciphertext to obtain a processed ciphertext.
7. A private information retrieval device applied to a client is characterized by comprising:
the first acquisition unit is used for acquiring a number to be checked input by a user;
the encryption unit is used for encrypting the number to be checked by adopting homomorphic encryption and sending the encrypted ciphertext to the server;
a first receiving unit, configured to receive a ciphertext obtained by processing the encrypted ciphertext by using homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by performing order-preserving encryption transformation on multiple data ranges in a full plaintext data set one by the server, where the full plaintext data set is a data set pre-stored in the server;
the decryption unit is used for decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
the first obtaining unit is used for comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain the data serial number which accords with the data range corresponding to the number to be checked;
and the second acquisition unit is used for executing an oblivious transmission protocol according to the data sequence number and acquiring a retrieval result corresponding to the data sequence number.
8. A private information retrieval device applied to a server side is characterized by comprising:
the second receiving unit is used for receiving an encrypted ciphertext from the client, wherein the encrypted ciphertext is a ciphertext obtained by encrypting the number to be checked input by the user by adopting homomorphic encryption by the client;
the processing unit is used for processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption to obtain the processed ciphertext;
a second obtaining unit, configured to perform order-preserving encryption transformation on multiple data ranges in a full-size plaintext data set one by one to obtain an order-preserving ciphertext data range, where the full-size plaintext data set is a data set pre-stored in the server;
and the sending unit is used for sending the processed ciphertext and the order-preserving ciphertext data range to the client, so that the client compares the decrypted numbers obtained by decrypting the processed ciphertext by adopting homomorphic decryption with the numbers in the order-preserving ciphertext data range one by one, and obtains the data sequence number which accords with the data range corresponding to the number to be checked.
9. A private information retrieval system, comprising:
the system comprises a client and a server connected with the client; wherein: the client is configured to:
acquiring a number to be checked input by a user;
encrypting the number to be checked by adopting homomorphic encryption, and sending an encrypted ciphertext to the server;
receiving a ciphertext obtained by processing the encrypted ciphertext by adopting homomorphic encryption and order-preserving encryption by the server, and an order-preserving ciphertext data range obtained by carrying out order-preserving encryption transformation on a plurality of data ranges in a full plaintext data set one by the server, wherein the full plaintext data set is a data set stored in the server in advance;
decrypting the processed ciphertext by adopting homomorphic decryption to obtain a decrypted number;
comparing the decrypted numbers with the numbers in the order-preserving ciphertext data range one by one to obtain data serial numbers which accord with the data range corresponding to the numbers to be checked;
and executing an inadvertent transmission protocol according to the data sequence number, and acquiring a retrieval result corresponding to the data sequence number.
10. A private information retrieval apparatus, characterized in that the retrieval apparatus comprises a processor for implementing the steps of the private information retrieval method according to any one of claims 1 to 6 when executing a computer program stored in a memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211652351.1A CN115795514A (en) | 2022-12-21 | 2022-12-21 | Private information retrieval method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211652351.1A CN115795514A (en) | 2022-12-21 | 2022-12-21 | Private information retrieval method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115795514A true CN115795514A (en) | 2023-03-14 |
Family
ID=85426283
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211652351.1A Pending CN115795514A (en) | 2022-12-21 | 2022-12-21 | Private information retrieval method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115795514A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116743376A (en) * | 2023-07-28 | 2023-09-12 | 浙江大学 | Multiparty secret sharing data privacy comparison method based on efficient ciphertext confusion technology |
| CN117595991A (en) * | 2024-01-18 | 2024-02-23 | 深圳大学 | Privacy information retrieval method combined with key negotiation |
-
2022
- 2022-12-21 CN CN202211652351.1A patent/CN115795514A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116743376A (en) * | 2023-07-28 | 2023-09-12 | 浙江大学 | Multiparty secret sharing data privacy comparison method based on efficient ciphertext confusion technology |
| CN117595991A (en) * | 2024-01-18 | 2024-02-23 | 深圳大学 | Privacy information retrieval method combined with key negotiation |
| CN117595991B (en) * | 2024-01-18 | 2024-04-05 | 深圳大学 | Privacy information retrieval method combined with key negotiation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110337649B (en) | Method and system for dynamic symmetric searchable encryption with imperceptible search patterns | |
| JP6180177B2 (en) | Encrypted data inquiry method and system capable of protecting privacy | |
| CN110096899A (en) | A kind of data query method and device | |
| JP5348337B2 (en) | Encrypted database management system, client and server, natural join method and program | |
| CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
| WO2024077948A1 (en) | Private query method, apparatus and system, and storage medium | |
| CN115795514A (en) | Private information retrieval method, device and system | |
| JP5432736B2 (en) | Keyword search system for encrypted information, keyword search method, search request device, search agent device, program, recording medium | |
| EP3511845B1 (en) | Encrypted message search method, message transmission/reception system, server, terminal and programme | |
| US20170262546A1 (en) | Key search token for encrypted data | |
| US20140095860A1 (en) | Architecture for cloud computing using order preserving encryption | |
| WO2019215818A1 (en) | Registration device, server device, secret search system, secret search method, registration program, and server program | |
| US9641328B1 (en) | Generation of public-private key pairs | |
| CN113434555B (en) | Data query method and device based on searchable encryption technology | |
| EP4185978B1 (en) | Encrypted information retrieval | |
| CN114547078A (en) | Federal cross-feature query method, device, medium and equipment based on privacy computation | |
| CN117150557A (en) | Compression-supporting private information retrieval method and system based on secure multiparty computing | |
| JP6732887B2 (en) | Method and system for database queries | |
| CN117171202A (en) | Data query method and device | |
| CN115694921B (en) | Data storage method, device and medium | |
| CN112929169B (en) | Key negotiation method and system | |
| CN112115506B (en) | Attribute-based data searching method and system supporting Boolean query | |
| CN110830252A (en) | Data encryption method, device, equipment and storage medium | |
| CN116595562B (en) | Data processing method and electronic equipment | |
| CN117827884B (en) | Batch data query method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |