[go: up one dir, main page]

CN116170131B - Ciphertext processing method, device, storage medium and trusted execution device - Google Patents

Ciphertext processing method, device, storage medium and trusted execution device Download PDF

Info

Publication number
CN116170131B
CN116170131B CN202310425295.6A CN202310425295A CN116170131B CN 116170131 B CN116170131 B CN 116170131B CN 202310425295 A CN202310425295 A CN 202310425295A CN 116170131 B CN116170131 B CN 116170131B
Authority
CN
China
Prior art keywords
user
ciphertext
homomorphic
key
conversion
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310425295.6A
Other languages
Chinese (zh)
Other versions
CN116170131A (en
Inventor
李雪雷
李茹杨
赵雅倩
李仁刚
刘广庆
张亚强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Beijing Electronic Information Industry Co Ltd
Original Assignee
Inspur Beijing Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Beijing Electronic Information Industry Co Ltd filed Critical Inspur Beijing Electronic Information Industry Co Ltd
Priority to CN202310425295.6A priority Critical patent/CN116170131B/en
Publication of CN116170131A publication Critical patent/CN116170131A/en
Application granted granted Critical
Publication of CN116170131B publication Critical patent/CN116170131B/en
Priority to PCT/CN2023/141188 priority patent/WO2024217038A1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

本申请涉及同态加密技术领域,公开了一种密文处理方法、装置、存储介质及可信执行设备,包括:获取第一用户对第一数据进行同态加密后得到的第一同态密文;第一同态密文包含第一用户私钥参数;获取由第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用转换密钥将第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对第一同态密文进行转换,得到转换后同态密文;转换后同态密文包含第二用户私钥参数;将转换后同态密文发送至第二用户,以便第二用户对转换后同态密文与第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。本申请能够实现不同用户的同态密文之间的同态计算。

Figure 202310425295

This application relates to the technical field of homomorphic encryption, and discloses a ciphertext processing method, device, storage medium, and trusted execution device, including: obtaining the first homomorphic encryption obtained after the first user performs homomorphic encryption on the first data; text; the first homomorphic ciphertext contains the first user's private key parameter; obtain the conversion key obtained by the first user and the second user through key agreement, and convert the first homomorphic ciphertext by using the conversion key Convert the first homomorphic ciphertext by converting the first user private key parameter into the second user private key parameter to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext contains the second user private key parameter; convert The post-homomorphic ciphertext is sent to the second user, so that the second user performs homomorphic calculation on the converted homomorphic ciphertext and the second homomorphic ciphertext obtained by performing homomorphic encryption on the second data by the second user. This application can realize homomorphic computation between homomorphic ciphertexts of different users.

Figure 202310425295

Description

密文处理方法、装置、存储介质及可信执行设备Ciphertext processing method, device, storage medium and trusted execution device

技术领域technical field

本发明涉及同态加密技术领域,特别涉及一种密文处理方法、装置、存储介质及可信执行设备。The invention relates to the technical field of homomorphic encryption, in particular to a ciphertext processing method, device, storage medium and trusted execution device.

背景技术Background technique

同态加密(HE,Homomorphic Encryption)是指将原始数据经过同态加密后,对得到的密文进行特定的运算(同态计算),然后将计算结果再进行同态解密后得到的明文等价于原始明文数据直接进行相同计算所得到的数据结果。同态加密作为隐私计算技术中具有最高安全性的先进方法,能够在数据采集后进行加密,并在后续的同态计算中保护和增强数据的隐私安全。然而,上述同态计算过程是基于同一用户来实现的,即同一用户使用同一密钥进行同态加密,不同用户使用不同密钥加密后的数据无法实现直接的同态计算。Homomorphic Encryption (HE, Homomorphic Encryption) refers to the plaintext equivalent obtained by performing a specific operation (homomorphic calculation) on the obtained ciphertext after homomorphic encryption of the original data, and then performing homomorphic decryption on the calculation result. The data result obtained by directly performing the same calculation on the original plaintext data. As an advanced method with the highest security in privacy computing technology, homomorphic encryption can encrypt data after collection, and protect and enhance data privacy security in subsequent homomorphic computing. However, the above-mentioned homomorphic computing process is realized based on the same user, that is, the same user uses the same key for homomorphic encryption, and the data encrypted by different users using different keys cannot realize direct homomorphic computing.

因此,如何实现不同用户的同态密文之间的同态计算是本领域技术人员亟待解决的技术问题。Therefore, how to implement homomorphic computation between homomorphic ciphertexts of different users is a technical problem to be solved urgently by those skilled in the art.

发明内容Contents of the invention

有鉴于此,本发明的目的在于提供一种密文处理方法、装置、存储介质及可信执行设备,能够实现不同用户的同态密文之间的同态计算。其具体方案如下:In view of this, the object of the present invention is to provide a ciphertext processing method, device, storage medium and trusted execution device, capable of realizing homomorphic computation between homomorphic ciphertexts of different users. The specific plan is as follows:

本申请的第一方面提供了一种密文处理方法,包括:The first aspect of the present application provides a method for processing ciphertext, including:

获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;Obtaining the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data; the first homomorphic ciphertext includes the first user private key parameter;

获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;Obtain a conversion key obtained by the first user and the second user through key negotiation, and convert the first user's private key parameter in the first homomorphic ciphertext into the second Converting the first homomorphic ciphertext according to the user private key parameter to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext includes the second user private key parameter;

将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。Sending the converted homomorphic ciphertext to the second user, so that the second user homomorphically encrypts the converted homomorphic ciphertext and the second user homomorphically encrypts the second data. Bihomomorphic ciphertext performs homomorphic computation.

可选的,所述转换密钥包括所述第一用户的第一转换密钥和所述第二用户的第二转换密钥;所述第一转换密钥为第一用户私钥参数与中间转换密钥的第一逻辑运算结果,所述第二转换密钥为第二用户私钥参数与所述中间转换密钥的第二逻辑运算结果。Optionally, the conversion key includes the first conversion key of the first user and the second conversion key of the second user; the first conversion key is the private key parameter of the first user and the intermediate A first logical operation result of the conversion key, the second conversion key is a second logical operation result of the second user private key parameter and the intermediate conversion key.

可选的,所述中间转换密钥为在所述第二用户向所述第一用户发送授权请求时通过密钥协商方式确定出的密钥。Optionally, the intermediate conversion key is a key determined through key negotiation when the second user sends an authorization request to the first user.

可选的,所述获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,包括:Optionally, the acquiring the conversion key obtained by the first user and the second user through key agreement includes:

如果所述第一用户和所述第二用户能够通过密钥协商方式确定出所述中间转换密钥,则获取通过对第一用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第一转换密钥和通过对第二用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第二转换密钥;If the first user and the second user can determine the intermediate conversion key through key negotiation, then obtain all the intermediate conversion keys obtained by performing logical operations on the private key parameters of the first user and the intermediate conversion key. The first conversion key and the second conversion key obtained by performing logical operations on the second user private key parameter and the intermediate conversion key;

如果所述第一用户和所述第二用户不能通过密钥协商方式确定出所述中间转换密钥,则直接获取第一用户私钥参数作为所述第一转换密钥,并直接获取第二用户私钥参数作为所述第二转换密钥。If the first user and the second user cannot determine the intermediate transformation key through key negotiation, directly obtain the first user private key parameter as the first transformation key, and directly obtain the second transformation key. The user private key parameter is used as the second conversion key.

可选的,所述中间转换密钥为第一私钥包和第二私钥包的第三逻辑运算结果;所述第一私钥包由所述第一用户将第一用户私钥参数与随机因子进行逻辑运算得到,所述第二私钥包由所述第二用户将第二用户私钥参数与随机因子进行逻辑运算得到;Optionally, the intermediate conversion key is the third logical operation result of the first private key package and the second private key package; the first private key package is composed of the first user’s private key parameters and The random factor is obtained by performing a logical operation, and the second private key package is obtained by the second user performing a logical operation on the second user private key parameter and the random factor;

相应的,所述第一转换密钥为将第一用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第二用户私钥参数与随机因子的密钥表达式;Correspondingly, the first conversion key is a key expression that only includes the second user private key parameter and a random factor obtained after logical operation is performed on the first user private key parameter and the third logical operation result;

所述第二转换密钥为将第二用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第一用户私钥参数与随机因子的密钥表达式。The second conversion key is a key expression that only includes the first user private key parameter and a random factor, which is obtained after logical operation is performed on the second user private key parameter and the third logical operation result.

可选的,所述中间转换密钥的生成公式为:Optionally, the formula for generating the intermediate conversion key is:

tk12=F(s1,s2,r1,r2tk 12 =F(s 1 , s 2 , r 1 , r 2 )

其中,F为密钥生成函数,F对应的逻辑运算为加法或者减法,s1为第一用户私钥参数,s2为第二用户私钥参数,r1和r2为随机因子。Among them, F is the key generation function, the logical operation corresponding to F is addition or subtraction, s 1 is the first user's private key parameter, s 2 is the second user's private key parameter, r 1 and r 2 are random factors.

可选的,所述通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,包括:Optionally, converting the first homomorphic ciphertext by using the conversion key to convert the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter ,include:

利用所述第一同态密文、所述第一转换密钥和所述第二转换密钥构建具有私钥参数可消除关系的密文转换关系式;Using the first homomorphic ciphertext, the first conversion key, and the second conversion key to construct a ciphertext conversion relationship with a private key parameter that can be eliminated;

基于所述密文转换关系式将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数。Converting the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter based on the ciphertext conversion relational expression.

可选的,所述获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥之后,还包括:Optionally, after the acquisition of the conversion key obtained by the first user and the second user through key agreement, the method further includes:

获取认证信息;Obtain authentication information;

根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,如果是,则执行通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换的步骤。According to the authentication information, it is judged whether the second user is a user authorized by the first user, and if so, performing the conversion of the first user private key in the first homomorphic ciphertext by using the conversion key. A step of converting the first homomorphic ciphertext by converting parameters into second user private key parameters.

可选的,所述认证信息为利用所述中间转换密钥对所述第一同态密文进行签名后得到的数字签名;Optionally, the authentication information is a digital signature obtained after signing the first homomorphic ciphertext with the intermediate conversion key;

所述根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,包括:The judging whether the second user is a user authorized by the first user according to the authentication information includes:

利用所述中间转换密钥对所述数字签名进行验签,如果验签通过,则判定所述第二用户为经过所述第一用户授权的用户。The digital signature is verified by using the intermediate conversion key, and if the verification is successful, it is determined that the second user is authorized by the first user.

可选的,所述转换密钥及所述认证信息存储于可信执行设备中的可信执行环境;Optionally, the conversion key and the authentication information are stored in a trusted execution environment in the trusted execution device;

获取所述转换密钥和所述认证信息,包括:Obtaining the conversion key and the authentication information, including:

从所述可信执行环境中获取所述转换密钥和所述认证信息。Obtain the conversion key and the authentication information from the trusted execution environment.

可选的,所述密文处理方法,还包括:Optionally, the ciphertext processing method also includes:

在所述可信执行环境中构建安全认证信息表,并利用所述安全认证信息表对所述转换密钥、所述认证信息进行存储;所述安全认证信息表中还存储有所述第一同态密文及认证方式。Build a security authentication information table in the trusted execution environment, and use the security authentication information table to store the conversion key and the authentication information; the security authentication information table also stores the first Homomorphic ciphertext and authentication methods.

可选的,所述密文处理方法,还包括:Optionally, the ciphertext processing method also includes:

按照可信环境基本规范对所述可信执行设备进行初始化操作,以构建所述可信执行环境。The trusted execution device is initialized according to the basic specification of the trusted environment, so as to build the trusted execution environment.

可选的,所述可信执行环境分为公共计算区域和可信计算区域。Optionally, the trusted execution environment is divided into a public computing area and a trusted computing area.

可选的,所述转换密钥及所述认证信息存储于所述可信计算区域。Optionally, the conversion key and the authentication information are stored in the trusted computing area.

可选的,所述根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,包括:Optionally, the determining whether the second user is a user authorized by the first user according to the authentication information includes:

在所述可信计算区域中执行根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户的步骤。The step of judging whether the second user is authorized by the first user according to the authentication information is performed in the trusted computing area.

可选的,所述获取第一用户对第一数据进行同态加密后得到的第一同态密文,包括:Optionally, the obtaining the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data includes:

从所述第一用户获取所述第一用户利用同态加密算法对所述第一数据进行同态加密后得到的所述第一同态密文;Obtaining from the first user the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data using a homomorphic encryption algorithm;

相应的,所述第二同态密文由所述第二用户利用所述同态加密算法对所述第二数据进行同态加密后得到。Correspondingly, the second homomorphic ciphertext is obtained by the second user after performing homomorphic encryption on the second data by using the homomorphic encryption algorithm.

可选的,所述第一同态密文由所述第一用户利用所述同态加密算法对所述第一数据的第一编码数据进行同态加密后得到;所述第一编码数据为所述第一用户对所述第一数据执行编码操作后得到的符合同态加密输入数据格式的编码数据。Optionally, the first homomorphic ciphertext is obtained by the first user using the homomorphic encryption algorithm to homomorphically encrypt the first encoded data of the first data; the first encoded data is Encoded data conforming to a homomorphic encryption input data format obtained after the first user performs an encoding operation on the first data.

可选的,所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算之后,还包括:Optionally, after the second user performs homomorphic calculation on the converted homomorphic ciphertext and the second homomorphic ciphertext obtained after the second user homomorphically encrypts the second data, the method further includes:

所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文。The second user performs homomorphic decryption on the ciphertext obtained after the homomorphic calculation to obtain the decrypted plaintext.

可选的,所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文之后,还包括:Optionally, the second user performs homomorphic decryption on the ciphertext obtained after homomorphic calculation, and after obtaining the decrypted plaintext, further includes:

所述第二用户对解密后明文执行解码操作,得到相应的解码后数据;所述解码后数据与对所述第一数据和所述第二数据直接执行与同态计算相同的计算得到的结果一致。The second user performs a decoding operation on the decrypted plaintext to obtain corresponding decoded data; the decoded data is the result obtained by directly performing the same calculation as the homomorphic calculation on the first data and the second data unanimous.

本申请的第二方面提供了一种可信执行设备,所述可信执行设备包括处理器和存储器;其中所述存储器用于存储计算机程序,所述计算机程序由所述处理器加载并执行以实现前述密文处理方法。The second aspect of the present application provides a trusted execution device, the trusted execution device includes a processor and a memory; wherein the memory is used to store a computer program, and the computer program is loaded and executed by the processor to Realize the foregoing ciphertext processing method.

可选的,所述处理器构建有包括公共计算区域和可信计算区域的可信执行环境。Optionally, the processor is constructed with a trusted execution environment including a public computing area and a trusted computing area.

本申请的第三方面提供了一种密文处理装置,包括:A third aspect of the present application provides a ciphertext processing device, including:

密文获取模块,用于获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;The ciphertext obtaining module is used to obtain the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data; the first homomorphic ciphertext includes the first user private key parameter;

密钥获取及密文转换模块,用于获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;The key acquisition and ciphertext conversion module is used to obtain the conversion key obtained by the first user and the second user through key agreement, and use the conversion key to convert the first homomorphic ciphertext Convert the first user private key parameter to the second user private key parameter to convert the first homomorphic ciphertext to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext contains the second user private key key parameter;

密文发送模块,用于将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。A ciphertext sending module, configured to send the converted homomorphic ciphertext to the second user, so that the second user performs the conversion on the converted homomorphic ciphertext and the second user on the second data The second homomorphic ciphertext obtained after homomorphic encryption is subjected to homomorphic calculation.

本申请的第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质中存储有计算机可执行指令,所述计算机可执行指令被处理器加载并执行时,实现前述密文处理方法。A fourth aspect of the present application provides a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when the computer-executable instructions are loaded and executed by a processor, the aforementioned ciphertext processing is realized method.

本申请中,先获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;然后获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;最后将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。可见,本申请通过密文转换的方式将一个用户的同态密文转换成另一个用户能够进行同态计算的同态密文,从而无需数据所有权用户执行复杂的计算和管理,实现不同用户的同态密文之间的同态计算。In this application, first obtain the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data; the first homomorphic ciphertext contains the first user's private key parameter; The conversion key obtained by the user and the second user through key agreement, and using the conversion key to convert the first user's private key parameter in the first homomorphic ciphertext into the second user's private key parameter The first homomorphic ciphertext is converted to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext contains the second user private key parameter; finally, the converted homomorphic ciphertext is sent to the a second user, so that the second user performs homomorphic computation on the converted homomorphic ciphertext and a second homomorphic ciphertext obtained by performing homomorphic encryption on second data by the second user. It can be seen that this application converts a user's homomorphic ciphertext into another user's homomorphic ciphertext through ciphertext conversion, thereby eliminating the need for data ownership users to perform complex calculations and management, and realizing different users. Homomorphic computation between homomorphic ciphertexts.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据提供的附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only It is an embodiment of the present invention, and those skilled in the art can also obtain other drawings according to the provided drawings without creative work.

图1为本申请提供的一种密文处理方法流程图;Fig. 1 is a flow chart of a method for processing ciphertext provided by the present application;

图2为本申请提供的一种具体的密文处理方法示意图;Fig. 2 is a schematic diagram of a specific ciphertext processing method provided by the present application;

图3为本申请提供的一种密文处理装置结构示意图;FIG. 3 is a schematic structural diagram of a ciphertext processing device provided by the present application;

图4为本申请提供的一种可信执行设备结构图。FIG. 4 is a structural diagram of a trusted execution device provided by the present application.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

现有同态加密技术中的同态计算过程是基于同一用户来实现的,即同一用户使用同一密钥进行同态加密,不同用户使用不同密钥加密后的数据无法实现直接的同态计算。针对上述技术缺陷,本申请提供一种密文处理方案,通过密文转换的方式将一个用户的同态密文转换成另一个用户能够进行同态计算的同态密文,从而无需数据所有权用户执行复杂的计算和管理,实现不同用户的同态密文之间的同态计算。The homomorphic computing process in the existing homomorphic encryption technology is realized based on the same user, that is, the same user uses the same key to perform homomorphic encryption, and the data encrypted by different users using different keys cannot realize direct homomorphic computing. In view of the above-mentioned technical defects, this application provides a ciphertext processing scheme, which converts a user's homomorphic ciphertext into another user's homomorphic ciphertext that can perform homomorphic calculations by means of ciphertext conversion, thereby eliminating the need for data ownership users Execute complex calculations and management, and realize homomorphic calculations between homomorphic ciphertexts of different users.

图1为本申请实施例提供的一种密文处理方法流程图。参见图1所示,该密文处理方法包括:FIG. 1 is a flow chart of a method for processing ciphertext provided in an embodiment of the present application. Referring to shown in Figure 1, the ciphertext processing method includes:

S11:获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数。S11: Obtain a first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data; the first homomorphic ciphertext includes a private key parameter of the first user.

本实施例中,先获取第一用户对第一数据进行同态加密后得到的第一同态密文。其中,所述第一同态密文包含第一用户私钥参数。进一步的,所述第一同态密文由所述第一用户利用同态加密算法对所述第一数据进行同态加密后得到的密文。需要说明的是,为了提高同态计算的可信度,上述步骤S11及下述实施例中的密文处理步骤可以在可信执行环境中来执行,所述可信执行环境可以由可信执行设备提供,这里的可信执行设备是独立于第一用户和第二用户的一个计算设备,主要提供一个可信执行环境来进行可信计算。In this embodiment, the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data is obtained first. Wherein, the first homomorphic ciphertext includes a first user private key parameter. Further, the first homomorphic ciphertext is ciphertext obtained by homomorphic encryption of the first data by the first user using a homomorphic encryption algorithm. It should be noted that, in order to improve the credibility of homomorphic computing, the above step S11 and the ciphertext processing steps in the following embodiments can be executed in a trusted execution environment, and the trusted execution environment can be executed by a trusted execution environment. Device provision, here the trusted execution device is a computing device independent of the first user and the second user, and mainly provides a trusted execution environment for trusted computing.

可以理解,同态加密的密钥对包含私钥(表示为sk)和公钥(表示为pk),密钥对需要提前生成,具体可以按照同态加密算法为系统生成用户公开参数p、私钥sk、公钥pk以及后续阶段所需的其他系统公开参数para。随机选择数组S、a、e,设置系统用户U的私钥为sk,公开公钥pk。这里将所述第一用户表示为U1、U1的私钥sk1为(1,s1),U1的私钥pk1为(b,a),其中,b=-as1+e,这里的s1为第一用户私钥参数。同理,可以将所述第二用户表示为U2,其他参数的表示方式相同。所述第一用户U1按照同态加密算法对第一数据(明文m1)执行加密操作后输出的所述第一同态密文为:It can be understood that the homomorphic encryption key pair includes a private key (expressed as sk) and a public key (expressed as pk), and the key pair needs to be generated in advance. Specifically, the user public parameter p, private key can be generated for the system according to the homomorphic encryption algorithm. Key sk, public key pk, and other system public parameters para required in the subsequent stages. Randomly select the arrays S, a, and e, set the private key of the system user U as sk, and publicize the public key pk. Here, the first user is denoted as U 1 , the private key sk 1 of U 1 is (1, s 1 ), and the private key pk 1 of U 1 is (b, a), where b=-as 1 +e , where s 1 is the first user private key parameter. Similarly, the second user may be expressed as U 2 , and other parameters are expressed in the same way. The first homomorphic ciphertext output by the first user U 1 after performing an encryption operation on the first data (plaintext m 1 ) according to the homomorphic encryption algorithm is:

C1=v·pk1+(m1+e0,e1)=(-vas1+ve+ m1+e0,va+e1C 1 =v·pk 1 + (m 1 +e 0 , e 1 ) = (-vas 1 +ve+ m 1 +e 0 , va+e 1 )

其中,v 、e0、e1为随机因子。Among them, v , e 0 , e 1 are random factors.

S12:获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数。S12: Obtain the conversion key obtained by the first user and the second user through key negotiation, and use the conversion key to convert the first user's private key parameter in the first homomorphic ciphertext into The first homomorphic ciphertext is converted according to the parameters of the second user's private key to obtain a converted homomorphic ciphertext; the converted homomorphic ciphertext includes the second user's private key parameter.

本实施例中,进一步获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文。在可信执行环境下,由可信执行设备获取所述转换密钥及执行密文转换。同样的,所述转换后同态密文包含第二用户私钥参数,具体的,所述第二同态密文由所述第二用户利用所述同态加密算法对所述第二数据进行同态加密后得到。本实施例中,进行密文转换的结果是使得所述转换后同态密文不包含第一用户私钥参数,仅包含第二用户私钥参数,即将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数,如此一来,所述转换后同态密文相当于是所述第二用户对所述第一数据进行同态加密后得到的数据,这样便可以进行同态计算了。In this embodiment, the conversion key obtained by the first user and the second user through key negotiation is further obtained, and by using the conversion key, the first user's private key in the first homomorphic ciphertext The first homomorphic ciphertext is converted by converting the key parameter into the second user private key parameter to obtain the converted homomorphic ciphertext. Under the trusted execution environment, the trusted execution device obtains the conversion key and executes the ciphertext conversion. Similarly, the converted homomorphic ciphertext contains the second user's private key parameter. Specifically, the second homomorphic ciphertext is performed by the second user using the homomorphic encryption algorithm on the second data. Obtained after homomorphic encryption. In this embodiment, the result of the ciphertext conversion is that the converted homomorphic ciphertext does not contain the first user private key parameter, but only contains the second user private key parameter, that is, the first homomorphic ciphertext in the first homomorphic ciphertext A user private key parameter is converted into a second user private key parameter. In this way, the converted homomorphic ciphertext is equivalent to the data obtained by the second user performing homomorphic encryption on the first data, so that Homomorphic calculations can be performed.

本实施例中,所述转换密钥包括所述第一用户的第一转换密钥和所述第二用户的第二转换密钥;所述第一转换密钥为第一用户私钥参数与中间转换密钥的逻辑运算结果,所述第二转换密钥为第二用户私钥参数与所述中间转换密钥的逻辑运算结果。逻辑运算可以为加减乘除等,本实施例对此不进行限定,所述中间转换密钥表示为tkij(i、j表示用户),例如,所述第一转换密钥最终可以表示为s1-tk12、所述第二转换密钥最终可以表示为s2-tk12。进一步的,所述中间转换密钥为在所述第二用户向所述第一用户发送授权请求时通过密钥协商方式确定出的密钥,即所述中间转换密钥为在数据授权使用阶段生成的。当然,所述中间转换密钥也可以像私钥一样由第三方机构下发,这种方式下所述中间转换密钥为在所述第二用户向所述第一用户发送授权请求时触发第三方机构生成的密钥,上述第三方机构可以为银行等可信机构。In this embodiment, the conversion key includes the first conversion key of the first user and the second conversion key of the second user; the first conversion key is the first user's private key parameter and The logical operation result of the intermediate conversion key, the second conversion key is the logical operation result of the second user private key parameter and the intermediate conversion key. Logical operations can be addition, subtraction, multiplication, division, etc., which is not limited in this embodiment, and the intermediate conversion key is expressed as tk ij (i, j represent users), for example, the first conversion key can finally be expressed as s 1 -tk 12 . The second conversion key can finally be expressed as s 2 -tk 12 . Further, the intermediate conversion key is a key determined through key negotiation when the second user sends an authorization request to the first user, that is, the intermediate conversion key is Generated. Of course, the intermediate conversion key can also be issued by a third-party organization like a private key. In this way, the intermediate conversion key triggers the second user to send an authorization request to the first user. A key generated by a third-party institution, the above-mentioned third-party institution may be a trusted institution such as a bank.

这里需要特别说明的是,为了避免私钥泄露导致的安全隐患,第一用户U1和第二用户U2在进行密钥协商确定所述中间转换密钥时,不将各自的私钥共享出去,而是进一步生成一个私钥包,通过将私钥包共享出去来确定所述中间转换密钥,如此一来便可以避免直接共享私钥。也就是说,所述中间转换密钥为第一私钥包和第二私钥包的第三逻辑运算结果,其中,所述第一私钥包由所述第一用户将第一用户私钥参数与随机因子进行逻辑运算得到,所述第二私钥包由所述第二用户将第二用户私钥参数与随机因子进行逻辑运算得到。在此基础上,所述第一转换密钥为将第一用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第二用户私钥参数与随机因子的密钥表达式;所述第二转换密钥为将第二用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第一用户私钥参数与随机因子的密钥表达式。也就是说,将第一用户私钥参数与第三逻辑运算结果执行逻辑运算的目的是消除掉第一用户私钥参数,使得所述第一转换密钥中仅包含第二用户私钥参数与随机因子的密钥表达式。同样的,将第二用户私钥参数与第三逻辑运算结果执行逻辑运算的目的是消除掉第二用户私钥参数,使得所述第二转换密钥中仅包含第一用户私钥参数与随机因子的密钥表达式。这是后续密文转换的实现基础。What needs to be specially explained here is that in order to avoid potential security risks caused by private key leakage, the first user U 1 and the second user U 2 do not share their respective private keys when performing key negotiation to determine the intermediate conversion key , but to further generate a private key bag, and determine the intermediate conversion key by sharing the private key bag, so that direct sharing of the private key can be avoided. That is to say, the intermediate conversion key is the third logical operation result of the first private key package and the second private key package, wherein the first private key package is obtained by the first user with the first user private key parameters and random factors are obtained by logical operation, and the second private key package is obtained by the second user by logical operation of second user private key parameters and random factors. On this basis, the first conversion key is a key expression that only includes the second user private key parameters and random factors obtained after performing logical operations on the first user private key parameters and the third logical operation result; The second conversion key is a key expression that only includes the first user private key parameter and a random factor, which is obtained after logical operation is performed on the second user private key parameter and the third logical operation result. That is to say, the purpose of performing logical operations on the first user private key parameter and the third logical operation result is to eliminate the first user private key parameter, so that the first conversion key only includes the second user private key parameter and Key expression for the random factor. Similarly, the purpose of performing logical operations on the second user private key parameters and the third logical operation result is to eliminate the second user private key parameters, so that the second conversion key only includes the first user private key parameters and the random The key expression for the factor. This is the implementation basis for subsequent ciphertext conversion.

例如,当第一用户U1授权第二用户U2获得密文C1的解密、计算等使用权限时,双方通过密钥协商等安全形式生成共享的中间转换密钥tk12,中间转换密钥的生成公式如下:For example, when the first user U 1 authorizes the second user U 2 to obtain the use rights such as decryption and calculation of the ciphertext C 1 , the two parties generate a shared intermediate conversion key tk 12 through a secure form such as key negotiation, and the intermediate conversion key The generation formula of is as follows:

tk12=F(s1,s2,r1,r2tk 12 =F(s 1 , s 2 , r 1 , r 2 )

其中,F为密钥生成函数,F对应的逻辑运算为加法或者减法,r1和r2为随机因子。Among them, F is the key generation function, the logical operation corresponding to F is addition or subtraction, r 1 and r 2 are random factors.

当F对应的第三逻辑运算为加法时:When the third logical operation corresponding to F is addition:

tk12=F(s1,s2,r1,r2)=(s1+ r1)+(s2+ r2tk 12 = F(s 1 , s 2 , r 1 , r 2 ) = (s 1 + r 1 ) + (s 2 + r 2 )

其中,s1+ r1即为第一私钥包、s2+ r2即为第二私钥包,这里的F使得第三逻辑运算结果为将s1+ r1和s2+ r2进行加和的结果。Among them, s 1 + r 1 is the first private key package, s 2 + r 2 is the second private key package, and the F here makes the result of the third logic operation be the combination of s 1 + r 1 and s 2 + r 2 The result of summing.

在这个例子之下,为了使得所述第一转换密钥中仅包含第二用户私钥参数,所述第一转换密钥的密钥表达式只能为s1-tk12。同样的,为了使得所述第二转换密钥中仅包含第一用户私钥参数,所述第二转换密钥的密钥表达式只能为s2-tk12。本实施例对各逻辑运算进行不进行限定,只要能得到相应的所述所述第一转换密钥和所述第二转换密钥即可。例如,当tk12=F’(s1,s2,r1,r2)=(s2+ r2)-(s1+ r1),所述第一转换密钥的密钥表达式为s1+tk12,所述第二转换密钥的密钥表达式为s2+tk12Under this example, in order to make the first conversion key only include the second user private key parameter, the key expression of the first conversion key can only be s 1 -tk 12 . Similarly, in order to make the second conversion key only include the first user private key parameter, the key expression of the second conversion key can only be s 2 -tk 12 . This embodiment does not limit each logic operation, as long as the corresponding first conversion key and the second conversion key can be obtained. For example, when tk 12 =F'(s 1 , s 2 , r 1 , r 2 )=(s 2 + r 2 )-(s 1 + r 1 ), the key expression of the first transformation key is s 1 +tk 12 , and the key expression of the second conversion key is s 2 +tk 12 .

本实施例中,如果所述第一用户和所述第二用户能够通过密钥协商方式确定出所述中间转换密钥,则获取通过对第一用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第一转换密钥和通过对第二用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第二转换密钥。如果所述第一用户和所述第二用户不能通过密钥协商方式确定出所述中间转换密钥,则直接获取第一用户私钥参数作为所述第一转换密钥,并直接获取第二用户私钥参数作为所述第二转换密钥。在第三方机构的架构下,如果所述第一用户和所述第二用户能够通过密钥协商方式确定出所述中间转换密钥,则从所述第三方机构获取所述第一转换密钥和所述第二转换密钥;所述第一转换密钥由所述第三方机构对第一用户私钥参数与所述中间转换密钥进行逻辑运算得到,所述第二转换密钥由所述第三方机构对第二用户私钥参数与所述中间转换密钥进行逻辑运算得到,即上述方式。如果所述第一用户和所述第二用户不能通过密钥协商方式得到所述中间转换密钥,则从所述第三方机构获取所述第一转换密钥和所述第二转换密钥;所述第三方机构直接将第一用户私钥参数作为所述第一转换密钥并将第二用户私钥参数作为所述第二转换密钥。即当参与方无法实现安全的密钥协商时,另tkij为0,参与方与可信执行设备安全共享各自私钥。In this embodiment, if the first user and the second user can determine the intermediate conversion key through key negotiation, then obtain The first conversion key obtained by logical operation and the second conversion key obtained by performing logical operation on the second user private key parameter and the intermediate conversion key. If the first user and the second user cannot determine the intermediate transformation key through key negotiation, directly obtain the first user private key parameter as the first transformation key, and directly obtain the second transformation key. The user private key parameter is used as the second conversion key. Under the framework of a third-party organization, if the first user and the second user can determine the intermediate conversion key through key agreement, then obtain the first conversion key from the third-party organization and the second conversion key; the first conversion key is obtained by logical operation of the first user private key parameter and the intermediate conversion key by the third party organization, and the second conversion key is obtained by the The third-party institution performs logical operations on the second user's private key parameter and the intermediate conversion key, that is, the above-mentioned method. If the first user and the second user cannot obtain the intermediate conversion key through key agreement, then obtain the first conversion key and the second conversion key from the third party organization; The third-party organization directly uses the first user private key parameter as the first conversion key and uses the second user private key parameter as the second conversion key. That is, when the participants cannot achieve secure key agreement, the other tk ij is 0, and the participants and the trusted execution device securely share their respective private keys.

在此基础上,在进行密文转换之前,先需要利用所述第一同态密文、所述第一转换密钥和所述第二转换密钥构建具有私钥参数可消除关系的密文转换关系式,然后基于所述密文转换关系式将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数。本实施例中的所述密文转换关系式可以构建如下:On this basis, before performing ciphertext conversion, it is necessary to use the first homomorphic ciphertext, the first conversion key and the second conversion key to construct a ciphertext with a private key parameter that can eliminate the relationship converting a relational expression, and then converting the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter based on the ciphertext conversion relational expression. The ciphertext conversion relational expression in this embodiment can be constructed as follows:

-vas1+ve+m1+e0+(va+e)(s1-tk12)-(va+e)(s2-tk12-vas 1 +ve+m 1 +e 0 +(va+e)(s 1 -tk 12 )-(va+e)(s 2 -tk 12 )

对上述密文转换关系式进行简化计算后的关系式为:After simplifying the calculation of the above ciphertext conversion relational expression, the relational expression is:

-vas2+ve+ m1+e0+e s1+e s2 -vas 2 +ve+ m 1 +e 0 +es 1 +es 2

将es= e0+ e s1+e s2视为噪音干扰项(可忽略不计),最终转化如下:Considering e s = e 0 + es 1 +es 2 as a noise interference item (negligible), the final transformation is as follows:

-vas2+ve+ m1+es -vas 2 +ve+ m 1 +e s

最后,将-vas2+ve+m+es替换C1中-vas1+ve+m+e0,得到所述转换后同态密文。Finally, replace -vas 1 +ve+m + e 0 in C 1 with -vas 2 +ve+m+e s to obtain the converted homomorphic ciphertext.

这里需要说明的是,对于授权用户群组UJ(J={j,j+1,...,j+n-1},n为授权用户群组中用户数量),解密、计算等使用权限时,转换密钥生成函数扩展为:What needs to be explained here is that for the authorized user group U J (J={j,j+1,...,j+n-1}, n is the number of users in the authorized user group), decryption, calculation, etc. use permissions, the transform key generation function expands to:

tk12=F(si,sj,sj+1,...,sj+n-1,rj,rj+1,...,rj+n-1tk 12 =F(s i , s j , s j+1 ,...,s j+n-1 , r j , r j+1 ,...,r j+n-1 )

本实施例对于授权用户群组,进一步可以基于可信执行环境设计了不同密钥加密的同态密文之间的转换方法,在数据授权使用阶段生成共享的转换密钥,并将该密钥安全存储在可信执行设备,该转换密钥能够在可信执行设备的可信执行环境中将相同版本/安全等级的所有同态密文批量转换为授权用户群组可解密/计算的同态密文,这极大降低数据所有权用户的计算、管理负担,同时提升数据共享分析与使用的用户友好性和实用性。For authorized user groups in this embodiment, a conversion method between homomorphic ciphertexts encrypted with different keys can be designed based on a trusted execution environment, and a shared conversion key can be generated during the data authorization and use phase, and the key can be Securely stored in the trusted execution device, the conversion key can convert all homomorphic ciphertexts of the same version/security level into homomorphic ones that can be decrypted/calculated by authorized user groups in the trusted execution environment of the trusted execution device Ciphertext, which greatly reduces the calculation and management burden of data ownership users, and at the same time improves the user-friendliness and practicality of data sharing, analysis and use.

S13:将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。S13: Send the converted homomorphic ciphertext to the second user, so that the second user performs homomorphic encryption on the converted homomorphic ciphertext and the second user performs homomorphic encryption on second data to obtain The second homomorphic ciphertext performs homomorphic computation.

本实施例中,在进行密文转换之后,便可以将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。In this embodiment, after the ciphertext conversion, the converted homomorphic ciphertext can be sent to the second user, so that the second user can compare the converted homomorphic ciphertext with the first The second user performs homomorphic computation on the second homomorphic ciphertext obtained after performing homomorphic encryption on the second data.

可见,本申请实施例中先获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;然后获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;最后将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。本申请实施例将一个用户的同态密文转换成另一个用户能够进行同态计算的同态密文,从而无需数据所有权用户执行复杂的计算和管理,实现不同用户的同态密文之间的同态计算。It can be seen that in the embodiment of the present application, the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data is firstly obtained; the first homomorphic ciphertext contains the private key parameters of the first user; The conversion key obtained by the first user and the second user through key negotiation, and using the conversion key to convert the first user's private key parameter in the first homomorphic ciphertext into the second user's private key The first homomorphic ciphertext is converted by means of parameters to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext contains the second user private key parameter; finally, the converted homomorphic ciphertext is sent to the second user, so that the second user performs homomorphic computation on the converted homomorphic ciphertext and a second homomorphic ciphertext obtained after the second user performs homomorphic encryption on second data. In this embodiment of the present application, one user's homomorphic ciphertext is converted into another user's homomorphic ciphertext that can perform homomorphic calculations, so that the data ownership user is not required to perform complex calculations and management, and the homomorphic ciphertext of different users is realized. homomorphic calculation.

图2为本申请实施例提供的一种具体的密文处理方法流程图。参见图2所示,该密文处理方法包括:FIG. 2 is a flow chart of a specific ciphertext processing method provided by the embodiment of the present application. Referring to shown in Figure 2, the ciphertext processing method includes:

S21:从第一用户获取所述第一用户利用同态加密算法对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数。S21: Acquire from the first user the first homomorphic ciphertext obtained by the first user using a homomorphic encryption algorithm to homomorphically encrypt the first data; the first homomorphic ciphertext includes the first user's private key parameter .

本实施例中,关于上述步骤S21的具体过程,可以参考前述实施例中公开的相应内容,在此不再进行赘述。这里需要补充的是,所述第一用户在执行同态加密之前,还需要对所述第一数据执行编码操作,使得得到的第一编码数据符合同态加密输入数据格式。即所述第一同态密文由所述第一用户利用所述同态加密算法对所述第一数据的第一编码数据进行同态加密后得到;所述第一编码数据为所述第一用户对所述第一数据执行编码操作后得到的符合同态加密输入数据格式的编码数据。即按照同态加密算法将系统用户U的数据编码为符合加密输入要求的明文。In this embodiment, regarding the specific process of the above step S21, reference may be made to the corresponding content disclosed in the foregoing embodiments, and details are not repeated here. What needs to be added here is that before performing homomorphic encryption, the first user also needs to perform an encoding operation on the first data, so that the obtained first encoded data conforms to the input data format of homomorphic encryption. That is, the first homomorphic ciphertext is obtained by the first user using the homomorphic encryption algorithm to homomorphically encrypt the first coded data of the first data; the first coded data is the first Encoded data conforming to the input data format of homomorphic encryption obtained by a user after performing an encoding operation on the first data. That is, according to the homomorphic encryption algorithm, the data of the system user U is encoded into plaintext that meets the encryption input requirements.

S22:从可信执行设备中的可信执行环境中获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥和认证信息。S22: Obtain the conversion key and authentication information obtained by the first user and the second user through key agreement from the trusted execution environment in the trusted execution device.

本实施例中,需要从所述可信执行设备中的可信执行环境中获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥和认证信息。可信执行环境是通过软硬件方法在所述可信执行设备的处理器中构建一个安全区域,保证其内部加载的程序和数据在机密性和完整性上得到保护。具体的,可以按照可信环境基本规范对所述可信执行设备进行初始化操作,以构建所述可信执行环境,所述转换密钥及所述认证信息存储于所述可信执行设备中的可信执行环境。进一步的,所述可信执行环境分为公共计算区域和可信计算区域,所述转换密钥及所述认证信息存储于所述可信计算区域。In this embodiment, the conversion key and authentication information obtained by the first user and the second user through key agreement need to be obtained from the trusted execution environment in the trusted execution device. The trusted execution environment is to construct a security area in the processor of the trusted execution device through software and hardware methods, so as to ensure that the programs and data loaded inside are protected in terms of confidentiality and integrity. Specifically, the trusted execution device can be initialized according to the basic specification of the trusted environment to build the trusted execution environment, and the conversion key and the authentication information are stored in the trusted execution device Trusted Execution Environment. Further, the trusted execution environment is divided into a public computing area and a trusted computing area, and the conversion key and the authentication information are stored in the trusted computing area.

即按照可信环境基本规范将所述可信执行设备进行初始化,设置公共计算区域和可信计算区域,并将转换密钥安全存储至可信计算区域存储设备,同时初始化转换密钥、密文、认证信息(签名/版本/安全等级等)等。本实施例中,还可以在所述可信执行环境中构建安全认证信息表,并利用所述安全认证信息表对所述转换密钥、所述认证信息进行存储,另外,所述安全认证信息表中还存储有所述第一同态密文及认证方式。下表为安全认证信息表的示例:That is, initialize the trusted execution device according to the basic specification of the trusted environment, set up the public computing area and the trusted computing area, securely store the conversion key in the storage device of the trusted computing area, and initialize the conversion key and ciphertext at the same time , authentication information (signature/version/security level, etc.), etc. In this embodiment, a security authentication information table can also be constructed in the trusted execution environment, and the conversion key and the authentication information can be stored by using the security authentication information table. In addition, the security authentication information The table also stores the first homomorphic ciphertext and the authentication method. The following table is an example of a security authentication information table:

Figure SMS_1
Figure SMS_1

S23:根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,如果是,则通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文。S23: Determine whether the second user is a user authorized by the first user according to the authentication information, and if so, use the conversion key to encrypt the first user in the first homomorphic ciphertext The first homomorphic ciphertext is converted by converting the key parameter into the second user private key parameter to obtain the converted homomorphic ciphertext.

本实施例中,在获取到转换密钥和认证信息之后,根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,如果是,则通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文。其中,在所述可信计算区域中执行根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户的步骤。也就是说,由可信执行环境通过消息认证函数认证消息的可靠性,若通过验证,则可信执行环境读取转换密钥,然后可信执行环境将第一用户的密文转换为第二用户的密文。In this embodiment, after the conversion key and authentication information are obtained, it is judged according to the authentication information whether the second user is authorized by the first user, and if so, by using the conversion key The first homomorphic ciphertext is converted by converting the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter to obtain a converted homomorphic ciphertext. Wherein, the step of judging whether the second user is authorized by the first user according to the authentication information is performed in the trusted computing area. That is to say, the authenticity of the message is authenticated by the trusted execution environment through the message authentication function. If the verification is passed, the trusted execution environment reads the conversion key, and then the trusted execution environment converts the first user's ciphertext into the second The user's ciphertext.

本实施例中,所述认证信息可以为利用所述中间转换密钥对所述第一同态密文进行签名后得到的数字签名,此时的认证方式为签名(如上表)。在进行验证时,利用所述中间转换密钥对所述数字签名进行验签,如果验签通过,则判定所述第二用户为经过所述第一用户授权的用户。可信执行设备收到授权用户的密文转换请求后,先查询可信执行环境中的安全认证信息表,若认证信息(签名)验证通过,即执行密文转换,否则退出。In this embodiment, the authentication information may be a digital signature obtained by signing the first homomorphic ciphertext with the intermediate conversion key, and the authentication method at this time is signature (as shown in the above table). When performing verification, the digital signature is verified by using the intermediate conversion key, and if the verification is successful, it is determined that the second user is authorized by the first user. After the trusted execution device receives the ciphertext conversion request from the authorized user, it first queries the security authentication information table in the trusted execution environment. If the authentication information (signature) is verified, it executes the ciphertext conversion, otherwise it exits.

S24:将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算,并对同态计算后得到的密文进行同态解密,得到解密后明文。S24: Send the converted homomorphic ciphertext to the second user, so that the second user performs homomorphic encryption on the converted homomorphic ciphertext and the second user performs homomorphic encryption on second data to obtain The second homomorphic ciphertext is subjected to homomorphic calculation, and the ciphertext obtained after the homomorphic calculation is subjected to homomorphic decryption to obtain the decrypted plaintext.

本实施例中,关于上述步骤S24具体过程,可以参考前述实施例中公开的相应内容,在此不再进行赘述。需要补充的是,在得到所述解密后明文之后,同样需要对解密后明文执行解码操作,得到相应的解码后数据;所述解码后数据与对所述第一数据和所述第二数据直接执行与同态计算相同的计算得到的结果一致。In this embodiment, regarding the specific process of the above step S24, reference may be made to the corresponding content disclosed in the foregoing embodiments, and details are not repeated here. It should be added that after obtaining the decrypted plaintext, it is also necessary to perform a decoding operation on the decrypted plaintext to obtain corresponding decoded data; the decoded data is directly related to the first data and the second data. Performing the same computation as a homomorphic computation yields the same result.

参见图3所示,本申请实施例还相应公开了一种密文处理装置,包括:Referring to Figure 3, the embodiment of the present application also discloses a ciphertext processing device correspondingly, including:

密文获取模块11,用于获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;The ciphertext obtaining module 11 is used to obtain the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data; the first homomorphic ciphertext includes the first user private key parameter;

密钥获取及密文转换模块12,用于获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;A key acquisition and ciphertext conversion module 12, configured to obtain a conversion key obtained by the first user and the second user through key agreement, and convert the first homomorphic encryption In the article, the first user private key parameter is converted into the second user private key parameter to convert the first homomorphic ciphertext to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext includes the second user private key parameter;

密文发送模块13,用于将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。The ciphertext sending module 13 is configured to send the converted homomorphic ciphertext to the second user, so that the second user can understand the converted homomorphic ciphertext and the second user can understand the second data The second homomorphic ciphertext obtained after homomorphic encryption is subjected to homomorphic calculation.

可见,本申请实施例中先获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;然后获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;最后将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。本申请实施例通过密文转换的方式将一个用户的同态密文转换成另一个用户能够进行同态计算的同态密文,从而无需数据所有权用户执行复杂的计算和管理,实现不同用户的同态密文之间的同态计算。It can be seen that in the embodiment of the present application, the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data is firstly obtained; the first homomorphic ciphertext contains the private key parameters of the first user; The conversion key obtained by the first user and the second user through key negotiation, and using the conversion key to convert the first user's private key parameter in the first homomorphic ciphertext into the second user's private key The first homomorphic ciphertext is converted by means of parameters to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext contains the second user private key parameter; finally, the converted homomorphic ciphertext is sent to the second user, so that the second user performs homomorphic computation on the converted homomorphic ciphertext and a second homomorphic ciphertext obtained after the second user performs homomorphic encryption on second data. In this embodiment of the present application, the homomorphic ciphertext of one user is converted into the homomorphic ciphertext that another user can perform homomorphic calculations by means of ciphertext conversion, thereby eliminating the need for data ownership users to perform complex calculations and management, and realizing the ciphertext of different users. Homomorphic computation between homomorphic ciphertexts.

在一些具体实施例中,所述密文处理装置还包括:In some specific embodiments, the ciphertext processing device also includes:

认证信息获取模块,用于获取认证信息;An authentication information acquisition module, configured to acquire authentication information;

认证模块,用于根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,如果是,则执行通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换的步骤。An authentication module, configured to judge whether the second user is a user authorized by the first user according to the authentication information, and if yes, convert the first homomorphic ciphertext by using the conversion key A step of converting the first homomorphic ciphertext by converting the first user private key parameter into the second user private key parameter.

在一些具体实施例中,所述密文处理装置中的所述转换密钥包括所述第一用户的第一转换密钥和所述第二用户的第二转换密钥;所述第一转换密钥为第一用户私钥参数与中间转换密钥的第一逻辑运算结果,所述第二转换密钥为第二用户私钥参数与所述中间转换密钥的第二逻辑运算结果。In some specific embodiments, the conversion key in the ciphertext processing device includes a first conversion key of the first user and a second conversion key of the second user; the first conversion The key is the first logical operation result of the first user private key parameter and the intermediate conversion key, and the second conversion key is the second logical operation result of the second user private key parameter and the intermediate conversion key.

在一些具体实施例中,所述密文处理装置中的所述中间转换密钥为在所述第二用户向所述第一用户发送授权请求时通过密钥协商方式确定出的密钥。In some specific embodiments, the intermediate conversion key in the ciphertext processing apparatus is a key determined through key agreement when the second user sends an authorization request to the first user.

在一些具体实施例中,所述密文获取模块11,具体包括:In some specific embodiments, the ciphertext acquisition module 11 specifically includes:

第一获取单元,用于如果所述第一用户和所述第二用户能够通过密钥协商方式确定出所述中间转换密钥,则获取通过对第一用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第一转换密钥和通过对第二用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第二转换密钥;The first obtaining unit is configured to obtain the intermediate conversion key by comparing the private key parameter of the first user with the intermediate conversion key if the first user and the second user can determine the intermediate conversion key through key negotiation. The first conversion key obtained by performing a logical operation on the key and the second conversion key obtained by performing a logical operation on the second user private key parameter and the intermediate conversion key;

第二获取单元,用于如果所述第一用户和所述第二用户不能通过密钥协商方式确定出所述中间转换密钥,则直接获取第一用户私钥参数作为所述第一转换密钥,并直接获取第二用户私钥参数作为所述第二转换密钥。The second acquiring unit is configured to directly acquire the private key parameter of the first user as the first conversion key if the first user and the second user cannot determine the intermediate conversion key through key negotiation. key, and directly obtain the second user private key parameter as the second conversion key.

在一些具体实施例中,所述密文处理装置中的所述中间转换密钥为第一私钥包和第二私钥包的第三逻辑运算结果;所述第一私钥包由所述第一用户将第一用户私钥参数与随机因子进行逻辑运算得到,所述第二私钥包由所述第二用户将第二用户私钥参数与随机因子进行逻辑运算得到;In some specific embodiments, the intermediate conversion key in the ciphertext processing device is the third logical operation result of the first private key package and the second private key package; the first private key package is obtained by the The first user obtains the logical operation of the first user private key parameter and the random factor, and the second private key package is obtained by the second user through the logical operation of the second user private key parameter and the random factor;

相应的,所述第一转换密钥为将第一用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第二用户私钥参数与随机因子的密钥表达式;Correspondingly, the first conversion key is a key expression that only includes the second user private key parameter and a random factor obtained after logical operation is performed on the first user private key parameter and the third logical operation result;

所述第二转换密钥为将第二用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第一用户私钥参数与随机因子的密钥表达式。The second conversion key is a key expression that only includes the first user private key parameter and a random factor, which is obtained after logical operation is performed on the second user private key parameter and the third logical operation result.

在一些具体实施例中,所述密文处理装置中的所述中间转换密钥的生成公式为:In some specific embodiments, the generation formula of the intermediate conversion key in the ciphertext processing device is:

tk12=F(s1,s2,r1,r2tk 12 =F(s 1 , s 2 , r 1 , r 2 )

其中,F为密钥生成函数,F对应的逻辑运算为加法或者减法,s1为第一用户私钥参数,s2为第二用户私钥参数,r1和r2为随机因子。Among them, F is the key generation function, the logical operation corresponding to F is addition or subtraction, s 1 is the first user's private key parameter, s 2 is the second user's private key parameter, r 1 and r 2 are random factors.

在一些具体实施例中,所述密钥获取及密文转换模块12,具体还包括:In some specific embodiments, the key acquisition and ciphertext conversion module 12 specifically further includes:

关系式构建子模块,用于利用所述第一同态密文、所述第一转换密钥和所述第二转换密钥构建具有私钥参数可消除关系的密文转换关系式;A relational expression construction submodule, configured to use the first homomorphic ciphertext, the first conversion key, and the second conversion key to construct a ciphertext conversion relational expression with a private key parameter that can eliminate the relationship;

转换子模块,用于基于所述密文转换关系式将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数。A conversion submodule, configured to convert the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter based on the ciphertext conversion relational expression.

在一些具体实施例中,所述认证信息为利用所述中间转换密钥对所述第一同态密文进行签名后得到的数字签名;In some specific embodiments, the authentication information is a digital signature obtained after signing the first homomorphic ciphertext with the intermediate transformation key;

所述认证模块,具体用于利用所述中间转换密钥对所述数字签名进行验签,如果验签通过,则判定所述第二用户为经过所述第一用户授权的用户。The authentication module is specifically configured to use the intermediate conversion key to verify the digital signature, and if the verification passes, determine that the second user is authorized by the first user.

在一些具体实施例中,所述密文处理装置中的所述转换密钥及所述认证信息存储于所述可信执行设备中的可信执行环境。In some specific embodiments, the conversion key and the authentication information in the ciphertext processing apparatus are stored in a trusted execution environment in the trusted execution device.

在一些具体实施例中,所述密文处理装置,还包括:In some specific embodiments, the ciphertext processing device further includes:

表构建模块,用于在所述可信执行环境中构建安全认证信息表,并利用所述安全认证信息表对所述转换密钥、所述认证信息进行存储;所述安全认证信息表中还存储有所述第一同态密文及认证方式;A table construction module, configured to construct a security authentication information table in the trusted execution environment, and use the security authentication information table to store the conversion key and the authentication information; the security authentication information table also contains The first homomorphic ciphertext and the authentication method are stored;

初始化模块,用于按照可信环境基本规范对所述可信执行设备进行初始化操作,以构建所述可信执行环境。The initialization module is configured to initialize the trusted execution device according to the basic specification of the trusted environment, so as to build the trusted execution environment.

在一些具体实施例中,所述密文处理装置中的所述可信执行环境分为公共计算区域和可信计算区域,所述转换密钥及所述认证信息存储于所述可信计算区域。In some specific embodiments, the trusted execution environment in the ciphertext processing device is divided into a public computing area and a trusted computing area, and the conversion key and the authentication information are stored in the trusted computing area .

在一些具体实施例中,所述认证模块具体用于在所述可信计算区域中执行根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户的步骤。In some specific embodiments, the authentication module is specifically configured to perform the step of judging whether the second user is a user authorized by the first user according to the authentication information in the trusted computing area.

在一些具体实施例中,密文获取模块11,还用于:In some specific embodiments, the ciphertext acquisition module 11 is also used for:

从所述第一用户获取所述第一用户利用同态加密算法对所述第一数据进行同态加密后得到的所述第一同态密文;Obtaining from the first user the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data using a homomorphic encryption algorithm;

相应的,所述第二同态密文由所述第二用户利用所述同态加密算法对所述第二数据进行同态加密后得到;Correspondingly, the second homomorphic ciphertext is obtained by the second user using the homomorphic encryption algorithm to homomorphically encrypt the second data;

所述第一同态密文由所述第一用户利用所述同态加密算法对所述第一数据的第一编码数据进行同态加密后得到;所述第一编码数据为所述第一用户对所述第一数据执行编码操作后得到的符合同态加密输入数据格式的编码数据。The first homomorphic ciphertext is obtained by the first user using the homomorphic encryption algorithm to homomorphically encrypt the first encoded data of the first data; the first encoded data is the first Encoded data conforming to the input data format of homomorphic encryption obtained after the user performs an encoding operation on the first data.

在一些具体实施例中,密文处理装置,还包括:In some specific embodiments, the ciphertext processing device also includes:

解密模块,用于所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文;The decryption module is used for the second user to perform homomorphic decryption on the ciphertext obtained after the homomorphic calculation to obtain the decrypted plaintext;

解码模块,用于所述第二用户对解密后明文执行解码操作,得到相应的解码后数据,所述解码后数据与对所述第一数据和所述第二数据直接执行与同态计算相同的计算得到的结果一致。The decoding module is used for the second user to perform a decoding operation on the decrypted plaintext to obtain corresponding decoded data, and the decoded data is the same as directly performing homomorphic calculation on the first data and the second data The calculated results are consistent.

进一步的,本申请实施例还提供了一种可信执行设备。图4是根据一示例性实施例示出的电子设备20结构图,图中的内容不能认为是对本申请的使用范围的任何限制。Furthermore, the embodiment of the present application also provides a trusted execution device. Fig. 4 is a structural diagram of an electronic device 20 according to an exemplary embodiment, and the content in the diagram should not be regarded as any limitation on the application scope of the present application.

图4为本申请实施例提供的一种可信执行设备20的结构示意图。该可信执行设备20,具体可以包括:至少一个处理器21、至少一个存储器22、电源23、通信接口24、输入输出接口25和通信总线26。其中,所述存储器22用于存储计算机程序,所述计算机程序由所述处理器21加载并执行,以至少实现如下步骤:FIG. 4 is a schematic structural diagram of a trusted execution device 20 provided in an embodiment of the present application. The trusted execution device 20 may specifically include: at least one processor 21 , at least one memory 22 , a power supply 23 , a communication interface 24 , an input/output interface 25 and a communication bus 26 . Wherein, the memory 22 is used to store a computer program, and the computer program is loaded and executed by the processor 21 to at least realize the following steps:

获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;Obtaining the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data; the first homomorphic ciphertext includes the first user private key parameter;

获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;Obtain a conversion key obtained by the first user and the second user through key negotiation, and convert the first user's private key parameter in the first homomorphic ciphertext into the second Converting the first homomorphic ciphertext according to the user private key parameter to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext includes the second user private key parameter;

将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。Sending the converted homomorphic ciphertext to the second user, so that the second user homomorphically encrypts the converted homomorphic ciphertext and the second user homomorphically encrypts the second data. Bihomomorphic ciphertext performs homomorphic computation.

可见,本申请实施例中的所述可信执行设备先获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;然后获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;最后将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。本申请实施例将可信执行技术和同态加密技术进行融合应用,可信执行设备通过密文转换的方式在安全环境下将一个用户的同态密文转换成另一个用户能够进行同态计算的同态密文,从而无需数据所有权用户执行复杂的计算和管理,实现不同用户的同态密文之间的同态计算。It can be seen that the trusted execution device in the embodiment of the present application first obtains the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data; the first homomorphic ciphertext contains the first user's private key parameter; then obtain the conversion key obtained by the first user and the second user through key negotiation, and use the conversion key to parameterize the first user's private key in the first homomorphic ciphertext The first homomorphic ciphertext is converted into the second user private key parameter to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext contains the second user private key parameter; and finally the The converted homomorphic ciphertext is sent to the second user, so that the second user performs homomorphic encryption on the converted homomorphic ciphertext and the second user performs homomorphic encryption on the second data. The ciphertext is homomorphically computed. The embodiment of this application integrates the trusted execution technology and the homomorphic encryption technology, and the trusted execution device converts a user's homomorphic ciphertext into another user's homomorphic calculation in a secure environment through ciphertext conversion. The homomorphic ciphertext of different users does not need data ownership users to perform complex calculations and management, and realizes homomorphic calculation between homomorphic ciphertexts of different users.

可选的,所述转换密钥包括所述第一用户的第一转换密钥和所述第二用户的第二转换密钥;所述第一转换密钥为第一用户私钥参数与中间转换密钥的第一逻辑运算结果,所述第二转换密钥为第二用户私钥参数与所述中间转换密钥的第二逻辑运算结果。Optionally, the conversion key includes the first conversion key of the first user and the second conversion key of the second user; the first conversion key is the private key parameter of the first user and the intermediate A first logical operation result of the conversion key, the second conversion key is a second logical operation result of the second user private key parameter and the intermediate conversion key.

可选的,所述中间转换密钥为在所述第二用户向所述第一用户发送授权请求时通过密钥协商方式确定出的密钥。Optionally, the intermediate conversion key is a key determined through key negotiation when the second user sends an authorization request to the first user.

可选的,所述获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,包括:Optionally, the acquiring the conversion key obtained by the first user and the second user through key agreement includes:

如果所述第一用户和所述第二用户能够通过密钥协商方式确定出所述中间转换密钥,则获取通过对第一用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第一转换密钥和通过对第二用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第二转换密钥;If the first user and the second user can determine the intermediate conversion key through key negotiation, then obtain all the intermediate conversion keys obtained by performing logical operations on the private key parameters of the first user and the intermediate conversion key. The first conversion key and the second conversion key obtained by performing logical operations on the second user private key parameter and the intermediate conversion key;

如果所述第一用户和所述第二用户不能通过密钥协商方式确定出所述中间转换密钥,则直接获取第一用户私钥参数作为所述第一转换密钥,并直接获取第二用户私钥参数作为所述第二转换密钥。If the first user and the second user cannot determine the intermediate transformation key through key negotiation, directly obtain the first user private key parameter as the first transformation key, and directly obtain the second transformation key. The user private key parameter is used as the second conversion key.

可选的,所述中间转换密钥为第一私钥包和第二私钥包的第三逻辑运算结果;所述第一私钥包由所述第一用户将第一用户私钥参数与随机因子进行逻辑运算得到,所述第二私钥包由所述第二用户将第二用户私钥参数与随机因子进行逻辑运算得到;Optionally, the intermediate conversion key is the third logical operation result of the first private key package and the second private key package; the first private key package is composed of the first user’s private key parameters and The random factor is obtained by performing a logical operation, and the second private key package is obtained by the second user performing a logical operation on the second user private key parameter and the random factor;

相应的,所述第一转换密钥为将第一用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第二用户私钥参数与随机因子的密钥表达式;Correspondingly, the first conversion key is a key expression that only includes the second user private key parameter and a random factor obtained after logical operation is performed on the first user private key parameter and the third logical operation result;

所述第二转换密钥为将第二用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第一用户私钥参数与随机因子的密钥表达式。The second conversion key is a key expression that only includes the first user private key parameter and a random factor, which is obtained after logical operation is performed on the second user private key parameter and the third logical operation result.

可选的,所述中间转换密钥的生成公式为:Optionally, the formula for generating the intermediate conversion key is:

tk12=F(s1,s2,r1,r2tk 12 =F(s 1 , s 2 , r 1 , r 2 )

其中,F为密钥生成函数,F对应的逻辑运算为加法或者减法,s1为第一用户私钥参数,s2为第二用户私钥参数,r1和r2为随机因子。Among them, F is the key generation function, the logical operation corresponding to F is addition or subtraction, s 1 is the first user's private key parameter, s 2 is the second user's private key parameter, r 1 and r 2 are random factors.

可选的,所述通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,包括:Optionally, converting the first homomorphic ciphertext by using the conversion key to convert the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter ,include:

利用所述第一同态密文、所述第一转换密钥和所述第二转换密钥构建具有私钥参数可消除关系的密文转换关系式;Using the first homomorphic ciphertext, the first conversion key, and the second conversion key to construct a ciphertext conversion relationship with a private key parameter that can be eliminated;

基于所述密文转换关系式将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数。Converting the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter based on the ciphertext conversion relational expression.

可选的,所述获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥之后,还包括:Optionally, after the acquisition of the conversion key obtained by the first user and the second user through key agreement, the method further includes:

获取认证信息;Obtain authentication information;

根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,如果是,则执行通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换的步骤。According to the authentication information, it is judged whether the second user is a user authorized by the first user, and if so, performing the conversion of the first user private key in the first homomorphic ciphertext by using the conversion key. A step of converting the first homomorphic ciphertext by converting parameters into second user private key parameters.

可选的,所述认证信息为利用所述中间转换密钥对所述第一同态密文进行签名后得到的数字签名;Optionally, the authentication information is a digital signature obtained after signing the first homomorphic ciphertext with the intermediate conversion key;

所述根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,包括:The judging whether the second user is a user authorized by the first user according to the authentication information includes:

利用所述中间转换密钥对所述数字签名进行验签,如果验签通过,则判定所述第二用户为经过所述第一用户授权的用户。The digital signature is verified by using the intermediate conversion key, and if the verification is successful, it is determined that the second user is authorized by the first user.

可选的,所述转换密钥及所述认证信息存储于可信执行设备中的可信执行环境;Optionally, the conversion key and the authentication information are stored in a trusted execution environment in the trusted execution device;

获取所述转换密钥和所述认证信息,包括:Obtaining the conversion key and the authentication information, including:

从所述可信执行环境中获取所述转换密钥和所述认证信息。Obtain the conversion key and the authentication information from the trusted execution environment.

可选的,所述密文处理方法,还包括:Optionally, the ciphertext processing method also includes:

在所述可信执行环境中构建安全认证信息表,并利用所述安全认证信息表对所述转换密钥、所述认证信息进行存储;所述安全认证信息表中还存储有所述第一同态密文及认证方式。Build a security authentication information table in the trusted execution environment, and use the security authentication information table to store the conversion key and the authentication information; the security authentication information table also stores the first Homomorphic ciphertext and authentication methods.

可选的,所述密文处理方法,还包括:Optionally, the ciphertext processing method also includes:

按照可信环境基本规范对所述可信执行设备进行初始化操作,以构建所述可信执行环境。The trusted execution device is initialized according to the basic specification of the trusted environment, so as to build the trusted execution environment.

可选的,所述可信执行环境分为公共计算区域和可信计算区域。Optionally, the trusted execution environment is divided into a public computing area and a trusted computing area.

可选的,所述转换密钥及所述认证信息存储于所述可信计算区域。Optionally, the conversion key and the authentication information are stored in the trusted computing area.

可选的,所述根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,包括:Optionally, the determining whether the second user is a user authorized by the first user according to the authentication information includes:

在所述可信计算区域中执行根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户的步骤。The step of judging whether the second user is authorized by the first user according to the authentication information is performed in the trusted computing area.

可选的,所述获取第一用户对第一数据进行同态加密后得到的第一同态密文,包括:Optionally, the obtaining the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data includes:

从所述第一用户获取所述第一用户利用同态加密算法对所述第一数据进行同态加密后得到的所述第一同态密文;Obtaining from the first user the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data using a homomorphic encryption algorithm;

相应的,所述第二同态密文由所述第二用户利用所述同态加密算法对所述第二数据进行同态加密后得到。Correspondingly, the second homomorphic ciphertext is obtained by the second user after performing homomorphic encryption on the second data by using the homomorphic encryption algorithm.

可选的,所述第一同态密文由所述第一用户利用所述同态加密算法对所述第一数据的第一编码数据进行同态加密后得到;所述第一编码数据为所述第一用户对所述第一数据执行编码操作后得到的符合同态加密输入数据格式的编码数据。Optionally, the first homomorphic ciphertext is obtained by the first user using the homomorphic encryption algorithm to homomorphically encrypt the first encoded data of the first data; the first encoded data is Encoded data conforming to a homomorphic encryption input data format obtained after the first user performs an encoding operation on the first data.

可选的,所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算之后,还包括:Optionally, after the second user performs homomorphic calculation on the converted homomorphic ciphertext and the second homomorphic ciphertext obtained after the second user homomorphically encrypts the second data, the method further includes:

所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文。The second user performs homomorphic decryption on the ciphertext obtained after the homomorphic calculation to obtain the decrypted plaintext.

可选的,所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文之后,还包括:Optionally, the second user performs homomorphic decryption on the ciphertext obtained after homomorphic calculation, and after obtaining the decrypted plaintext, further includes:

所述第二用户对解密后明文执行解码操作,得到相应的解码后数据;所述解码后数据与对所述第一数据和所述第二数据直接执行与同态计算相同的计算得到的结果一致。The second user performs a decoding operation on the decrypted plaintext to obtain corresponding decoded data; the decoded data is the result obtained by directly performing the same calculation as the homomorphic calculation on the first data and the second data unanimous.

本实施例中,电源23用于为可信执行设备20上的各硬件设备提供工作电压;通信接口24能够为可信执行设备20创建与外界设备之间的数据传输通道,其所遵循的通信协议是能够适用于本申请技术方案的任意通信协议,在此不对其进行具体限定;输入输出接口25,用于获取外界输入数据或向外界输出数据,其具体的接口类型可以根据具体应用需要进行选取,在此不进行具体限定。In this embodiment, the power supply 23 is used to provide operating voltage for each hardware device on the trusted execution device 20; the communication interface 24 can create a data transmission channel between the trusted execution device 20 and external devices, and the communication it follows The protocol is any communication protocol that can be applied to the technical solution of this application, and it is not specifically limited here; the input and output interface 25 is used to obtain external input data or output data to the external, and its specific interface type can be configured according to specific application needs. selection, and is not specifically limited here.

另外,存储器22作为资源存储的载体,可以是只读存储器、随机存储器、磁盘或者光盘等,其上所存储的资源可以包括操作系统221、计算机程序222及数据223等,存储方式可以是短暂存储或者永久存储。In addition, the memory 22, as a resource storage carrier, can be a read-only memory, random access memory, magnetic disk or optical disk, etc., and the resources stored thereon can include the operating system 221, computer programs 222 and data 223, etc., and the storage method can be short-term storage or permanent storage.

其中,操作系统221用于管理与控制可信执行设备20上的各硬件设备以及计算机程序222,以实现处理器21对存储器22中海量数据223的运算与处理,其可以是WindowsServer、Netware、Unix、Linux等。计算机程序222除了包括能够用于完成前述任一实施例公开的由可信执行设备20执行的密文处理方法的计算机程序之外,还可以进一步包括能够用于完成其他特定工作的计算机程序。数据223可以包括电子设备20收集到的第一同态密文。Among them, the operating system 221 is used to manage and control each hardware device and computer program 222 on the trusted execution device 20, so as to realize the calculation and processing of the massive data 223 in the memory 22 by the processor 21, which can be WindowsServer, Netware, Unix , Linux, etc. In addition to computer programs that can be used to complete the ciphertext processing methods performed by the trusted execution device 20 disclosed in any of the foregoing embodiments, the computer program 222 may further include computer programs that can be used to complete other specific tasks. The data 223 may include the first homomorphic ciphertext collected by the electronic device 20 .

进一步的,本申请实施例还公开了一种存储介质,所述存储介质中存储有计算机程序,所述计算机程序被处理器加载并执行时,至少实现如下步骤:Further, the embodiment of the present application also discloses a storage medium, in which a computer program is stored, and when the computer program is loaded and executed by a processor, at least the following steps are implemented:

获取第一用户对第一数据进行同态加密后得到的第一同态密文;所述第一同态密文包含第一用户私钥参数;Obtaining the first homomorphic ciphertext obtained after the first user performs homomorphic encryption on the first data; the first homomorphic ciphertext includes the first user private key parameter;

获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,并通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,得到转换后同态密文;所述转换后同态密文包含第二用户私钥参数;Obtain a conversion key obtained by the first user and the second user through key negotiation, and convert the first user's private key parameter in the first homomorphic ciphertext into the second Converting the first homomorphic ciphertext according to the user private key parameter to obtain the converted homomorphic ciphertext; the converted homomorphic ciphertext includes the second user private key parameter;

将所述转换后同态密文发送至所述第二用户,以便所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算。Sending the converted homomorphic ciphertext to the second user, so that the second user homomorphically encrypts the converted homomorphic ciphertext and the second user homomorphically encrypts the second data. Bihomomorphic ciphertext performs homomorphic computation.

可选的,所述转换密钥包括所述第一用户的第一转换密钥和所述第二用户的第二转换密钥;所述第一转换密钥为第一用户私钥参数与中间转换密钥的第一逻辑运算结果,所述第二转换密钥为第二用户私钥参数与所述中间转换密钥的第二逻辑运算结果。Optionally, the conversion key includes the first conversion key of the first user and the second conversion key of the second user; the first conversion key is the private key parameter of the first user and the intermediate A first logical operation result of the conversion key, the second conversion key is a second logical operation result of the second user private key parameter and the intermediate conversion key.

可选的,所述中间转换密钥为在所述第二用户向所述第一用户发送授权请求时通过密钥协商方式确定出的密钥。Optionally, the intermediate conversion key is a key determined through key negotiation when the second user sends an authorization request to the first user.

可选的,所述获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥,包括:Optionally, the acquiring the conversion key obtained by the first user and the second user through key agreement includes:

如果所述第一用户和所述第二用户能够通过密钥协商方式确定出所述中间转换密钥,则获取通过对第一用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第一转换密钥和通过对第二用户私钥参数与所述中间转换密钥进行逻辑运算得到的所述第二转换密钥;If the first user and the second user can determine the intermediate conversion key through key negotiation, then obtain all the intermediate conversion keys obtained by performing logical operations on the private key parameters of the first user and the intermediate conversion key. The first conversion key and the second conversion key obtained by performing logical operations on the second user private key parameter and the intermediate conversion key;

如果所述第一用户和所述第二用户不能通过密钥协商方式确定出所述中间转换密钥,则直接获取第一用户私钥参数作为所述第一转换密钥,并直接获取第二用户私钥参数作为所述第二转换密钥。If the first user and the second user cannot determine the intermediate transformation key through key negotiation, directly obtain the first user private key parameter as the first transformation key, and directly obtain the second transformation key. The user private key parameter is used as the second conversion key.

可选的,所述中间转换密钥为第一私钥包和第二私钥包的第三逻辑运算结果;所述第一私钥包由所述第一用户将第一用户私钥参数与随机因子进行逻辑运算得到,所述第二私钥包由所述第二用户将第二用户私钥参数与随机因子进行逻辑运算得到;Optionally, the intermediate conversion key is the third logical operation result of the first private key package and the second private key package; the first private key package is composed of the first user’s private key parameters and The random factor is obtained by performing a logical operation, and the second private key package is obtained by the second user performing a logical operation on the second user private key parameter and the random factor;

相应的,所述第一转换密钥为将第一用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第二用户私钥参数与随机因子的密钥表达式;Correspondingly, the first conversion key is a key expression that only includes the second user private key parameter and a random factor obtained after logical operation is performed on the first user private key parameter and the third logical operation result;

所述第二转换密钥为将第二用户私钥参数与第三逻辑运算结果进行逻辑运算后得到的仅包含第一用户私钥参数与随机因子的密钥表达式。The second conversion key is a key expression that only includes the first user private key parameter and a random factor, which is obtained after logical operation is performed on the second user private key parameter and the third logical operation result.

可选的,所述中间转换密钥的生成公式为:Optionally, the formula for generating the intermediate conversion key is:

tk12=F(s1,s2,r1,r2tk 12 =F(s 1 , s 2 , r 1 , r 2 )

其中,F为密钥生成函数,F对应的逻辑运算为加法或者减法,s1为第一用户私钥参数,s2为第二用户私钥参数,r1和r2为随机因子。Among them, F is the key generation function, the logical operation corresponding to F is addition or subtraction, s 1 is the first user's private key parameter, s 2 is the second user's private key parameter, r 1 and r 2 are random factors.

可选的,所述通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换,包括:Optionally, converting the first homomorphic ciphertext by using the conversion key to convert the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter ,include:

利用所述第一同态密文、所述第一转换密钥和所述第二转换密钥构建具有私钥参数可消除关系的密文转换关系式;Using the first homomorphic ciphertext, the first conversion key, and the second conversion key to construct a ciphertext conversion relationship with a private key parameter that can be eliminated;

基于所述密文转换关系式将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数。Converting the first user private key parameter in the first homomorphic ciphertext into a second user private key parameter based on the ciphertext conversion relational expression.

可选的,所述获取由所述第一用户和第二用户通过密钥协商方式得到的转换密钥之后,还包括:Optionally, after the acquisition of the conversion key obtained by the first user and the second user through key agreement, the method further includes:

获取认证信息;Obtain authentication information;

根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,如果是,则执行通过利用所述转换密钥将所述第一同态密文中的第一用户私钥参数转换为第二用户私钥参数的方式对所述第一同态密文进行转换的步骤。According to the authentication information, it is judged whether the second user is a user authorized by the first user, and if so, performing the conversion of the first user private key in the first homomorphic ciphertext by using the conversion key. A step of converting the first homomorphic ciphertext by converting parameters into second user private key parameters.

可选的,所述认证信息为利用所述中间转换密钥对所述第一同态密文进行签名后得到的数字签名;Optionally, the authentication information is a digital signature obtained after signing the first homomorphic ciphertext with the intermediate conversion key;

所述根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,包括:The judging whether the second user is a user authorized by the first user according to the authentication information includes:

利用所述中间转换密钥对所述数字签名进行验签,如果验签通过,则判定所述第二用户为经过所述第一用户授权的用户。The digital signature is verified by using the intermediate conversion key, and if the verification is successful, it is determined that the second user is authorized by the first user.

可选的,所述转换密钥及所述认证信息存储于可信执行设备中的可信执行环境;Optionally, the conversion key and the authentication information are stored in a trusted execution environment in the trusted execution device;

获取所述转换密钥和所述认证信息,包括:Obtaining the conversion key and the authentication information, including:

从所述可信执行环境中获取所述转换密钥和所述认证信息。Obtain the conversion key and the authentication information from the trusted execution environment.

可选的,所述密文处理方法,还包括:Optionally, the ciphertext processing method also includes:

在所述可信执行环境中构建安全认证信息表,并利用所述安全认证信息表对所述转换密钥、所述认证信息进行存储;所述安全认证信息表中还存储有所述第一同态密文及认证方式。Build a security authentication information table in the trusted execution environment, and use the security authentication information table to store the conversion key and the authentication information; the security authentication information table also stores the first Homomorphic ciphertext and authentication methods.

可选的,所述密文处理方法,还包括:Optionally, the ciphertext processing method also includes:

按照可信环境基本规范对所述可信执行设备进行初始化操作,以构建所述可信执行环境。The trusted execution device is initialized according to the basic specification of the trusted environment, so as to build the trusted execution environment.

可选的,所述可信执行环境分为公共计算区域和可信计算区域。Optionally, the trusted execution environment is divided into a public computing area and a trusted computing area.

可选的,所述转换密钥及所述认证信息存储于所述可信计算区域。Optionally, the conversion key and the authentication information are stored in the trusted computing area.

可选的,所述根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户,包括:Optionally, the determining whether the second user is a user authorized by the first user according to the authentication information includes:

在所述可信计算区域中执行根据所述认证信息判断所述第二用户是否为经过所述第一用户授权的用户的步骤。The step of judging whether the second user is authorized by the first user according to the authentication information is performed in the trusted computing area.

可选的,所述获取第一用户对第一数据进行同态加密后得到的第一同态密文,包括:Optionally, the obtaining the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data includes:

从所述第一用户获取所述第一用户利用同态加密算法对所述第一数据进行同态加密后得到的所述第一同态密文;Obtaining from the first user the first homomorphic ciphertext obtained after the first user homomorphically encrypts the first data using a homomorphic encryption algorithm;

相应的,所述第二同态密文由所述第二用户利用所述同态加密算法对所述第二数据进行同态加密后得到。Correspondingly, the second homomorphic ciphertext is obtained by the second user after performing homomorphic encryption on the second data by using the homomorphic encryption algorithm.

可选的,所述第一同态密文由所述第一用户利用所述同态加密算法对所述第一数据的第一编码数据进行同态加密后得到;所述第一编码数据为所述第一用户对所述第一数据执行编码操作后得到的符合同态加密输入数据格式的编码数据。Optionally, the first homomorphic ciphertext is obtained by the first user using the homomorphic encryption algorithm to homomorphically encrypt the first encoded data of the first data; the first encoded data is Encoded data conforming to a homomorphic encryption input data format obtained after the first user performs an encoding operation on the first data.

可选的,所述第二用户对所述转换后同态密文与所述第二用户对第二数据进行同态加密后得到的第二同态密文进行同态计算之后,还包括:Optionally, after the second user performs homomorphic calculation on the converted homomorphic ciphertext and the second homomorphic ciphertext obtained after the second user homomorphically encrypts the second data, the method further includes:

所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文。The second user performs homomorphic decryption on the ciphertext obtained after the homomorphic calculation to obtain the decrypted plaintext.

可选的,所述第二用户对同态计算后得到的密文进行同态解密,得到解密后明文之后,还包括:Optionally, the second user performs homomorphic decryption on the ciphertext obtained after homomorphic calculation, and after obtaining the decrypted plaintext, further includes:

所述第二用户对解密后明文执行解码操作,得到相应的解码后数据;所述解码后数据与对所述第一数据和所述第二数据直接执行与同态计算相同的计算得到的结果一致。The second user performs a decoding operation on the decrypted plaintext to obtain corresponding decoded data; the decoded data is the result obtained by directly performing the same calculation as the homomorphic calculation on the first data and the second data unanimous.

本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其它实施例的不同之处,各个实施例之间相同或相似部分互相参见即可。对于实施例公开的装置而言,由于其与实施例公开的方法相对应,所以描述的比较简单,相关之处参见方法部分说明即可。Each embodiment in this specification is described in a progressive manner, each embodiment focuses on the difference from other embodiments, and the same or similar parts of each embodiment can be referred to each other. As for the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and for relevant details, please refer to the description of the method part.

最后,还需要说明的是,在本文中,诸如第一和第二等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个…”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。Finally, it should also be noted that in this text, relational terms such as first and second etc. are only used to distinguish one entity or operation from another, and do not necessarily require or imply that these entities or operations, any such actual relationship or order exists. Furthermore, the term "comprises", "comprises" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus comprising a set of elements includes not only those elements, but also includes elements not expressly listed. other elements of or also include elements inherent in such a process, method, article, or device. Without further limitations, an element defined by the phrase "comprising a" does not exclude the presence of additional identical elements in the process, method, article or apparatus comprising said element.

以上对本发明所提供的密文处理方法、装置、存储介质及可信执行设备进行了详细介绍,本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。The ciphertext processing method, device, storage medium and trusted execution device provided by the present invention have been introduced in detail above. In this paper, specific examples have been used to illustrate the principle and implementation of the present invention. The description of the above embodiments is only used To help understand the method of the present invention and its core idea; at the same time, for those of ordinary skill in the art, according to the idea of the present invention, there will be changes in the specific implementation and scope of application. In summary, this specification The content should not be construed as a limitation of the invention.

Claims (21)

1. A ciphertext processing method, comprising:
acquiring a first homomorphic ciphertext obtained after homomorphic encryption of first data by a first user; the first homomorphic ciphertext comprises a first user private key parameter;
obtaining a conversion key obtained by the first user and the second user through a key negotiation mode, and converting the first homomorphic ciphertext through a mode of converting a first user private key parameter in the first homomorphic ciphertext into a second user private key parameter by using the conversion key to obtain a converted homomorphic ciphertext; the homomorphic ciphertext after conversion comprises a second user private key parameter;
Sending the converted homomorphic ciphertext to the second user, so that the second user carries out homomorphic calculation on the converted homomorphic ciphertext and a second homomorphic ciphertext obtained after the second user carries out homomorphic encryption on second data;
the obtaining the conversion key obtained by the first user and the second user through a key negotiation mode comprises the following steps: if the first user and the second user can determine the intermediate conversion key through a key negotiation mode, a first conversion key obtained by carrying out logic operation on a first user private key parameter and the intermediate conversion key and a second conversion key obtained by carrying out logic operation on a second user private key parameter and the intermediate conversion key are obtained; if the first user and the second user cannot determine the intermediate conversion key in a key negotiation mode, directly acquiring a first user private key parameter as a first conversion key, and directly acquiring a second user private key parameter as a second conversion key;
the converting the first homomorphic ciphertext by converting the first user private key parameter in the first homomorphic ciphertext into the second user private key parameter by using the conversion key includes: constructing a ciphertext conversion relation with a private key parameter elimination relation by using the first homomorphic ciphertext, the first conversion key and the second conversion key; and converting the first user private key parameter in the first homomorphic secret into a second user private key parameter based on the ciphertext conversion relation.
2. The ciphertext processing method of claim 1, wherein the conversion key comprises a first conversion key of the first user and a second conversion key of the second user; the first conversion key is a first logical operation result of the first user private key parameter and the intermediate conversion key, and the second conversion key is a second logical operation result of the second user private key parameter and the intermediate conversion key.
3. The ciphertext processing method of claim 2, wherein the intermediate conversion key is a key determined by a key agreement manner when the second user sends an authorization request to the first user.
4. The ciphertext processing method of claim 2 wherein the intermediate conversion key is a third logical operation result of the first private key package and the second private key package; the first private key package is obtained by carrying out logic operation on a first user private key parameter and a random factor by the first user, and the second private key package is obtained by carrying out logic operation on a second user private key parameter and the random factor by the second user;
correspondingly, the first conversion key is a key expression which is obtained by carrying out logic operation on the first user private key parameter and the third logic operation result and only comprises the second user private key parameter and the random factor;
The second conversion key is a key expression which is obtained by carrying out logic operation on the second user private key parameter and the third logic operation result and only comprises the first user private key parameter and the random factor.
5. The ciphertext processing method of claim 4, wherein the intermediate conversion key has a generation formula of:
tk 12 =F(s 1 ,s 2 ,r 1 ,r 2
wherein F is a key generation function, the logical operation corresponding to F is addition or subtraction, s 1 S is a first user private key parameter 2 R is the second user private key parameter 1 And r 2 Is a random factor.
6. The ciphertext processing method of claim 2, wherein after the obtaining the conversion key obtained by the first user and the second user by the key negotiation method, further comprises:
acquiring authentication information;
judging whether the second user is the user authorized by the first user according to the authentication information, and if so, executing the step of converting the first homomorphic ciphertext in a mode of converting the first user private key parameter in the first homomorphic ciphertext into the second user private key parameter by utilizing the conversion key.
7. The ciphertext processing method of claim 6, wherein the authentication information is a digital signature obtained by signing the first homomorphic ciphertext with the intermediate conversion key;
The step of judging whether the second user is a user authorized by the first user according to the authentication information comprises the following steps:
and verifying the digital signature by using the intermediate conversion key, and if the verification passes, judging that the second user is the user authorized by the first user.
8. The ciphertext processing method of claim 6, wherein the conversion key and the authentication information are stored in a trusted execution environment in a trusted execution device;
obtaining the conversion key and the authentication information includes:
the conversion key and the authentication information are acquired from the trusted execution environment.
9. The ciphertext processing method of claim 8, further comprising:
constructing a security authentication information table in the trusted execution environment, and storing the conversion key and the authentication information by utilizing the security authentication information table; the security authentication information table also stores the first homomorphic ciphertext and an authentication mode.
10. The ciphertext processing method of claim 8, further comprising:
and initializing the trusted execution device according to the trusted environment basic specification to construct the trusted execution environment.
11. The ciphertext processing method of claim 8, wherein the trusted execution environment is divided into a common computing area and a trusted computing area.
12. The ciphertext processing method of claim 11, wherein the conversion key and the authentication information are stored in the trusted computing zone.
13. The ciphertext processing method of claim 9, wherein the determining whether the second user is a user authorized by the first user based on the authentication information comprises:
the step of determining whether the second user is a user authorized by the first user based on the authentication information is performed in a trusted computing area.
14. The ciphertext processing method according to any one of claims 1 to 13, wherein the obtaining a first homomorphic ciphertext obtained by homomorphically encrypting first data by a first user comprises:
acquiring the first homomorphic ciphertext obtained by the first user after homomorphic encryption of the first data by using a homomorphic encryption algorithm from the first user;
correspondingly, the second homomorphic ciphertext is obtained by homomorphic encryption of the second data by the second user through the homomorphic encryption algorithm.
15. The ciphertext processing method of claim 14 wherein the first homomorphic ciphertext is obtained by the first user homomorphic encrypting first encoded data of the first data using the homomorphic encryption algorithm; the first coded data is coded data which is obtained after the first user executes coding operation on the first data and accords with homomorphic encryption input data format.
16. The ciphertext processing method according to any one of claims 1 to 13, wherein after the second user homomorphic calculating the converted homomorphic ciphertext and a second homomorphic ciphertext obtained by homomorphic encrypting second data by the second user, further comprising:
and the second user homomorphic decrypts the ciphertext obtained after homomorphic calculation to obtain a decrypted plaintext.
17. The ciphertext processing method of claim 16, wherein the second user homomorphically decrypting the homomorphically calculated ciphertext to obtain decrypted plaintext, further comprising:
the second user executes decoding operation on the decrypted plaintext to obtain corresponding decoded data; the decoded data is consistent with the result of directly performing the same calculation as the homomorphic calculation on the first data and the second data.
18. A trusted execution device, the trusted execution device comprising a processor and a memory; wherein the memory is for storing a computer program that is loaded and executed by the processor to implement the ciphertext processing method of any one of claims 1 to 17.
19. The trusted execution device of claim 18, wherein the processor builds a trusted execution environment comprising a common computing area and a trusted computing area.
20. A ciphertext processing apparatus, comprising:
the ciphertext acquisition module is used for acquiring a first homomorphic ciphertext obtained after homomorphic encryption of the first data by the first user; the first homomorphic ciphertext comprises a first user private key parameter;
the key acquisition and ciphertext conversion module is used for acquiring a conversion key obtained by the first user and the second user in a key negotiation mode, and converting the first homomorphic ciphertext in a mode of converting a first user private key parameter in the first homomorphic ciphertext into a second user private key parameter by utilizing the conversion key to obtain a converted homomorphic ciphertext; the homomorphic ciphertext after conversion comprises a second user private key parameter;
The ciphertext sending module is used for sending the converted homomorphic ciphertext to the second user so that the second user can homomorphic calculate the converted homomorphic ciphertext and the second homomorphic ciphertext obtained by homomorphic encryption of the second data by the second user;
the key acquisition and ciphertext conversion module specifically further comprises: the first obtaining unit is used for obtaining a first conversion key obtained by carrying out logic operation on a first user private key parameter and the intermediate conversion key and a second conversion key obtained by carrying out logic operation on a second user private key parameter and the intermediate conversion key if the first user and the second user can determine the intermediate conversion key through a key negotiation mode; the second obtaining unit is used for directly obtaining a first user private key parameter as a first conversion key and directly obtaining a second user private key parameter as a second conversion key if the first user and the second user cannot determine the intermediate conversion key in a key negotiation mode; the key acquisition and ciphertext conversion module specifically further comprises: the relation construction submodule is used for constructing a ciphertext conversion relation with a private key parameter elimination relation by utilizing the first homomorphic ciphertext, the first conversion key and the second conversion key; and the conversion sub-module is used for converting the first user private key parameter in the first homomorphic secret into the second user private key parameter based on the ciphertext conversion relation.
21. A computer readable storage medium storing computer executable instructions which when loaded and executed by a processor implement the ciphertext processing method of any one of claims 1 to 17.
CN202310425295.6A 2023-04-20 2023-04-20 Ciphertext processing method, device, storage medium and trusted execution device Active CN116170131B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202310425295.6A CN116170131B (en) 2023-04-20 2023-04-20 Ciphertext processing method, device, storage medium and trusted execution device
PCT/CN2023/141188 WO2024217038A1 (en) 2023-04-20 2023-12-22 Ciphertext processing method and apparatus, storage medium and trusted execution device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310425295.6A CN116170131B (en) 2023-04-20 2023-04-20 Ciphertext processing method, device, storage medium and trusted execution device

Publications (2)

Publication Number Publication Date
CN116170131A CN116170131A (en) 2023-05-26
CN116170131B true CN116170131B (en) 2023-07-14

Family

ID=86416616

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310425295.6A Active CN116170131B (en) 2023-04-20 2023-04-20 Ciphertext processing method, device, storage medium and trusted execution device

Country Status (2)

Country Link
CN (1) CN116170131B (en)
WO (1) WO2024217038A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116170131B (en) * 2023-04-20 2023-07-14 浪潮(北京)电子信息产业有限公司 Ciphertext processing method, device, storage medium and trusted execution device
CN117992989B (en) * 2024-03-29 2024-06-11 浪潮(北京)电子信息产业有限公司 A decryption method, system, device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162752A (en) * 2021-04-26 2021-07-23 建信金融科技有限责任公司 Data processing method and device based on hybrid homomorphic encryption
CN113612597A (en) * 2021-07-26 2021-11-05 京东科技控股股份有限公司 Data calculation method, device and system and electronic equipment
CN114020842A (en) * 2021-11-04 2022-02-08 长春理工大学 Data sharing method and device based on homomorphic encryption technology
WO2022082893A1 (en) * 2020-10-22 2022-04-28 香港中文大学(深圳) Privacy blockchain-based internet of vehicles protection method, and mobile terminal

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9281941B2 (en) * 2012-02-17 2016-03-08 International Business Machines Corporation Homomorphic evaluation including key switching, modulus switching, and dynamic noise management
CN109831297A (en) * 2019-01-24 2019-05-31 中国人民武装警察部队工程大学 A kind of full homomorphic cryptography method of more identity for supporting thresholding to decrypt
CN111526002B (en) * 2019-11-18 2023-11-14 暨南大学 A lattice-based multi-identity fully homomorphic encryption method
CN112543091B (en) * 2020-10-26 2022-10-14 中国人民武装警察部队工程大学 Multi-key Fully Homomorphic Encryption with Fixed Ciphertext Length
CN116170131B (en) * 2023-04-20 2023-07-14 浪潮(北京)电子信息产业有限公司 Ciphertext processing method, device, storage medium and trusted execution device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022082893A1 (en) * 2020-10-22 2022-04-28 香港中文大学(深圳) Privacy blockchain-based internet of vehicles protection method, and mobile terminal
CN113162752A (en) * 2021-04-26 2021-07-23 建信金融科技有限责任公司 Data processing method and device based on hybrid homomorphic encryption
CN113612597A (en) * 2021-07-26 2021-11-05 京东科技控股股份有限公司 Data calculation method, device and system and electronic equipment
CN114020842A (en) * 2021-11-04 2022-02-08 长春理工大学 Data sharing method and device based on homomorphic encryption technology

Also Published As

Publication number Publication date
WO2024217038A1 (en) 2024-10-24
CN116170131A (en) 2023-05-26

Similar Documents

Publication Publication Date Title
CN110855671B (en) Trusted computing method and system
US10880100B2 (en) Apparatus and method for certificate enrollment
CN111314089B (en) SM 2-based two-party collaborative signature method and decryption method
CN104168108B (en) It is a kind of to reveal the traceable attribute base mixed encryption method of key
Yang et al. Provable data possession of resource-constrained mobile devices in cloud computing
CN101340279B (en) Method, system and apparatus for data ciphering and deciphering
US8509449B2 (en) Key protector for a storage volume using multiple keys
CN116170131B (en) Ciphertext processing method, device, storage medium and trusted execution device
US20120054491A1 (en) Re-authentication in client-server communications
Fugkeaw Enabling trust and privacy-preserving e-KYC system using blockchain
KR20250060939A (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
KR102432356B1 (en) Apparatus and method for generating key, apparatus and method for encryption
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
CN114039785B (en) Data encryption, decryption and processing methods, devices, equipment and storage medium
Sandhia et al. Secure sharing of data in cloud using MA-CPABE with elliptic curve cryptography
CN115021903A (en) A blockchain-based electronic medical record sharing method and system
Cui et al. Towards Multi-User, Secure, and Verifiable $ k $ NN Query in Cloud Database
Ameur et al. Handling security issues by using homomorphic encryption in multi-cloud environment
Kumar et al. User revocation-enabled access control model using identity-based signature in the cloud computing environment
CN114079921B (en) Session key generation method, anchor point function network element and system
CN109120606A (en) A kind of processing method and processing device of the characteristic attribute with secret protection
Ogunleye et al. Elliptic Curve Cryptography Performance Evaluation for Securing Multi-Factor Systems in a Cloud Computing Environment
Sharfuddin et al. A novel cryptographic technique for cloud environment based on feedback DNA
Senthil Kumari et al. Key derivation policy for data security and data integrity in cloud computing
Esiner et al. Two-factor authentication for trusted third party free dispersed storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant