[go: up one dir, main page]

CN116305266A - Data query method and device based on privacy protection - Google Patents

Data query method and device based on privacy protection Download PDF

Info

Publication number
CN116305266A
CN116305266A CN202310239903.4A CN202310239903A CN116305266A CN 116305266 A CN116305266 A CN 116305266A CN 202310239903 A CN202310239903 A CN 202310239903A CN 116305266 A CN116305266 A CN 116305266A
Authority
CN
China
Prior art keywords
target
subspaces
data
party
ciphertexts
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310239903.4A
Other languages
Chinese (zh)
Inventor
李漓春
尹栋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Ant Blockchain Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ant Blockchain Technology Shanghai Co Ltd filed Critical Ant Blockchain Technology Shanghai Co Ltd
Priority to CN202310239903.4A priority Critical patent/CN116305266A/en
Publication of CN116305266A publication Critical patent/CN116305266A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9535Search customisation based on user profiles and personalisation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9537Spatial or temporal dependent retrieval, e.g. spatiotemporal queries
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本说明书实施例中提供了一种基于隐私保护的数据查询方法和装置,涉及查询方和数据方,数据方持有分布在地理空间内的多个POI,地理空间被划分为多个分区,单个分区被划分为多个子空间。查询方可以从多个分区中确定出待查询的目标位置所属的目标分区,从目标分区中确定出与目标位置间的距离在预设范围之内的m个目标子空间,向数据方发送用于查询POI的查询请求,其中包括用于指示目标分区的指示信息;查询方可以基于m个目标子空间的标识,数据方可以基于目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,使得查询方从数据方获得位于m个目标子空间内的POI信息。

Figure 202310239903

The embodiment of this specification provides a data query method and device based on privacy protection, involving the query party and the data party, the data party holds multiple POIs distributed in the geographical space, the geographical space is divided into multiple partitions, and a single A partition is divided into subspaces. The querying party can determine the target partition to which the target location to be queried belongs to from multiple partitions, determine m target subspaces whose distance from the target location is within a preset range from the target partition, and send the user to the data side A query request for querying POIs, which includes indication information for indicating the target partition; the query side can base on the identification of m target subspaces, and the data side can jointly perform N selection m based on the identification of N subspaces included in the target partition. The OT protocol enables the query side to obtain POI information located in m target subspaces from the data side.

Figure 202310239903

Description

基于隐私保护的数据查询方法及装置Data query method and device based on privacy protection

技术领域technical field

本说明书一个或多个实施例涉及计算机领域,尤其涉及一种基于隐私保护的数据查询方法及装置。One or more embodiments of this specification relate to the computer field, and in particular to a data query method and device based on privacy protection.

背景技术Background technique

基于地理位置的数据查询是地理信息服务的重要组成部分。例如,查询方可以向由地理信息服务商提供的地理信息服务系统发送待查询的目标位置,地理信息服务系统作为数据方,可以从分布在地理空间内的多个兴趣点(point of interest,POI)中,确定出与该目标位置间的距离在某个预设范围内的POI,进而将其确定的各个POI返回给查询方。Data query based on geographic location is an important part of geographic information services. For example, the inquiring party can send the target location to be queried to the geographic information service system provided by the geographic information service provider. ), determine the POIs whose distance from the target position is within a certain preset range, and then return the determined POIs to the querying party.

希望有一种新的技术方案,以期更加安全且高效的实现基于地理位置的数据查询。It is hoped that there will be a new technical solution in order to realize data query based on geographical location more safely and efficiently.

发明内容Contents of the invention

本说明书一个或多个实施例中提供了一种基于隐私保护的数据查询方法及装置。One or more embodiments of this specification provide a data query method and device based on privacy protection.

第一方面,提供了一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间。所述方法包括:所述查询方从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;所述查询方向所述数据方发送用于查询POI的查询请求,其中包括用于指示所述目标分区的指示信息;所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的不经意传输(oblivioustransfer,OT)协议,使得所述查询方获得所述m个目标子空间内的POI。In the first aspect, a data query method based on privacy protection is provided, involving a query party and a data party, the data party holds multiple POIs distributed in a geographical space, and the geographical space is divided into multiple partitions, A single said partition is divided into multiple subspaces. The method includes: the inquiring party determines from the multiple partitions the target partition to which the target location to be queried belongs, and determines from the target partition that the distance to the target location is within a preset range m target subspaces within; the query direction sends a query request for POI query to the data party, which includes indication information for indicating the target partition; the query party based on the m target subspaces based on the identifiers of the N subspaces included in the target partition, the data party jointly executes an oblivious transfer (oblivious transfer, OT) protocol in which N selects m, so that the query party obtains POIs.

在一种可能的实施方式中,所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:所述查询方向所述数据方发送m个第一密文,所述m个第一密文是根据可交换加密算法的第一密钥,对所述m个目标子空间的标识加密得到的;所述数据方根据可交换加密算法的第二密钥,对所述m个第一密文进行加密,获得m个第二密文;所述数据方向所述查询方发送所述m个第二密文和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI进行加密得到的,所述N个对称密钥是根据可交换加密算法的第二密钥,对所述N个子空间的标识加密得到的;所述查询方根据所述第一密钥对应的解密密钥,对所述m个第二密文进行解密,获得m个第三密文;所述查询方将所述m个第三密文作为解密密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。In a possible implementation manner, the query side is based on the identification of the m target subspaces, and the data side is based on the identification of the N subspaces included in the target partition, and jointly executes the OT protocol where N selects m , including: the query direction sends m first ciphertexts to the data party, the m first ciphertexts are first keys based on an exchangeable encryption algorithm, and encrypt the identifiers of the m target subspaces obtained; the data party encrypts the m first ciphertexts according to the second key of an exchangeable encryption algorithm to obtain m second ciphertexts; the data party sends the m ciphertexts to the querying party second ciphertexts and N data ciphertexts, the N data ciphertexts are obtained by encrypting POIs in the N subspaces according to N symmetric keys, and the N symmetric keys are obtained according to The second key of the exchangeable encryption algorithm is obtained by encrypting the identifiers of the N subspaces; the querying party decrypts the m second ciphertexts according to the decryption key corresponding to the first key , to obtain m third ciphertexts; the querying party uses the m third ciphertexts as decryption keys, and performs m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts Decryption is performed to obtain POIs in the m target subspaces.

在一种可能的实施方式中,所述子空间的标识包括属于k个类别的k个编号;其中,所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:所述查询方获取k个第一密文集合,并将其发送到所述数据方,所述k个第一密文集合是根据可交换加密算法的k个第一密钥,对所述m个目标子空间的标识中属于所述k个类别的编号分别进行加密得到的;所述数据方根据可交换加密算法的k个第二密钥,对所述k个第一密文集合进行加密,获得k个第二密文集合;所述数据方向所述查询方发送所述k个第二密文集合和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,第j个对称密钥是根据所述k个第二密钥,对第j个子空间的标识所包括的k个编号加密得到的;所述查询方根据所述k个第一密钥对应的k个解密密钥,对所述k个第二密文集合进行解密,获得k个第三密文集合;所述查询方根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组;所述查询方将所述m个密文组作为对称密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。In a possible implementation manner, the identification of the subspace includes k numbers belonging to k categories; wherein, the querying side is based on the identification of the m target subspaces, and the data side is based on the target The identifiers of the N subspaces included in the partition, jointly execute the OT protocol where N selects m, including: the query party acquires k first ciphertext sets and sends them to the data party, and the k first ciphertext sets The ciphertext set is obtained by encrypting the numbers belonging to the k categories in the identifiers of the m target subspaces according to the k first keys of the exchangeable encryption algorithm; The k second keys of the algorithm encrypt the k first ciphertext sets to obtain k second ciphertext sets; the data direction sends the k second ciphertext sets and N data ciphertexts, the N data ciphertexts are obtained by encrypting POIs in the N subspaces according to N symmetric keys, and the jth symmetric key is obtained according to the k second keys , obtained by encrypting the k numbers included in the identifier of the j-th subspace; the querying party performs the k second ciphertext set according to the k decryption keys corresponding to the k first keys Decrypt to obtain k third ciphertext sets; the querying party extracts ciphertext elements from the k third ciphertext sets according to the identifiers of the m target subspaces, and combines them to generate the m target subspaces m ciphertext groups corresponding to the space; the querying party uses the m ciphertext groups as symmetric keys to perform m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts Decrypt to obtain POIs in the m target subspaces.

在一种可能的实施方式中,所述查询方根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组,具体包括:所述查询方对任意的第p个目标子空间,根据所述第p个目标子空间的标识中属于第i个类别的编号,从第i个第三密文集合中确定出与所述第p个目标子空间对应的密文元素;所述查询方组合与所述第p个目标子空间对应的k个密文元素,获得对应的密文组。In a possible implementation manner, the querying party extracts ciphertext elements from the k third ciphertext sets according to the identifiers of the m target subspaces, and combines them to generate the m target subspace corresponding The m ciphertext groups specifically include: the query party for any p-th target subspace, according to the number belonging to the i-th category in the identification of the p-th target subspace, from the i-th third The ciphertext elements corresponding to the p-th target subspace are determined from the ciphertext set; the querying party combines the k ciphertext elements corresponding to the p-th target subspace to obtain a corresponding ciphertext group.

在一种可能的实施方式中,所述地理空间是二维空间,属于多个类别的多个编号具体包括,子空间对应在其所属分区中的行编号或列编号。In a possible implementation manner, the geographical space is a two-dimensional space, and the multiple numbers belonging to the multiple categories specifically include that the subspace corresponds to the row number or the column number in the partition to which it belongs.

在一种可能的实施方式中,所述地理空间基于经度和纬度划分为多个分区,或者,所述地理空间基于行政区域划分为多个分区。In a possible implementation manner, the geographic space is divided into multiple partitions based on longitude and latitude, or the geographic space is divided into multiple partitions based on administrative regions.

第二方面,提供了一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述方法由所述查询方执行。所述方法包括:从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;向所述数据方发送用于查询POI的查询请求,包括用于指示所述目标分区的指示信息;基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,获得所述m个目标子空间内的POI。In the second aspect, a data query method based on privacy protection is provided, involving a query party and a data party, the data party holds multiple POIs distributed in a geographical space, and the geographical space is divided into multiple partitions, A single partition is divided into multiple subspaces, and the method is executed by the querying party. The method includes: determining from the plurality of partitions the target partition to which the target location to be queried belongs, and determining from the target partitions m partitions whose distance to the target location is within a preset range Target subspace; sending a query request for querying POI to the data party, including indication information for indicating the target partition; based on the identification of the m target subspaces, and the data party based on the target Identify the N subspaces included in the partition, and jointly execute the OT protocol of selecting m from N to obtain POIs in the m target subspaces.

在一种可能的实施方式中,所述基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:向所述数据方发送m个第一密文,所述m个第一密文是根据可交换加密算法的第一密钥,对所述m个目标子空间的标识加密得到的;从所述数据方接收m个第二密文和N个数据密文,所述m个第二密文是根据可交换加密算法的第二密钥,对所述m个第一密文加密得到的,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI进行加密得到的,所述N个对称密钥是根据可交换加密算法的第二密钥,对所述N个子空间的标识加密得到的;根据所述第一密钥对应的解密密钥,对所述m个第二密文解密,获得m个第三密文;将所述m个第三密文作为解密密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。In a possible implementation manner, based on the identifiers of the m target subspaces, and the data party based on the identifiers of the N subspaces included in the target partition, jointly execute an OT protocol in which N selects m, including: sending m first ciphertexts to the data party, the m first ciphertexts are obtained by encrypting the identifiers of the m target subspaces according to the first key of an exchangeable encryption algorithm; The data party receives m second ciphertexts and N data ciphertexts, the m second ciphertexts are obtained by encrypting the m first ciphertexts according to the second key of an exchangeable encryption algorithm , the N data ciphertexts are obtained by encrypting POIs in the N subspaces according to N symmetric keys, and the N symmetric keys are based on the second key of the exchangeable encryption algorithm, for obtained by encrypting the identifiers of the N subspaces; according to the decryption key corresponding to the first key, the m second ciphertexts are decrypted to obtain m third ciphertexts; and the m third ciphertexts are obtained The ciphertext is used as a decryption key to decrypt m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, to obtain POIs in the m target subspaces.

在一种可能的实施方式中,所述子空间的标识包括属于k个类别的k个编号;其中,所述基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:获取k个第一密文集合,并将其发送到所述数据方,所述k个第一密文集合是根据可交换加密算法的k个第一密钥,对所述m个目标子空间的标识中属于所述k个类别的编号分别进行加密得到的;从所述数据方接收k个第二密文集合和N个数据密文,所述k个第二密文集合是根据可交换加密算法的k个第二密钥,对所述k个第一密文集合加密得到的,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,第j个对称密钥是根据所述k个第二密钥,对第j个子空间的标识所包括的k个编号加密得到的;根据所述k个第一密钥对应的k个解密密钥,对所述k个第二密文集合进行解密,获得k个第三密文集合;根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组;将所述m个密文组作为对称密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。In a possible implementation manner, the identification of the subspace includes k numbers belonging to k categories; wherein, the identification based on the m target subspaces is the same as that of the data party based on the target partition The identities of the N subspaces included, jointly execute the OT protocol where N selects m, including: obtaining k first ciphertext sets and sending them to the data party, and the k first ciphertext sets are based on The k first keys of the exchangeable encryption algorithm are obtained by encrypting the numbers belonging to the k categories in the identifiers of the m target subspaces respectively; receiving k second ciphertext sets from the data party and N data ciphertexts, the k second ciphertext sets are obtained by encrypting the k first ciphertext sets according to the k second keys of the exchangeable encryption algorithm, and the N data encryption The text is obtained by encrypting POIs in the N subspaces according to N symmetric keys, and the jth symmetric key is the k included in the identification of the jth subspace according to the k second keys. obtained by encrypting the numbers; according to the k decryption keys corresponding to the k first keys, the k second ciphertext sets are decrypted to obtain k third ciphertext sets; according to the m The identification of the target subspace, extracting ciphertext elements from the k third ciphertext sets, and combining to generate m ciphertext groups corresponding to the m target subspaces; using the m ciphertext groups as symmetric encryption key, decrypting m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, and obtaining POIs in the m target subspaces.

在一种可能的实施方式中,所述根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组,具体包括:对任意的第p个目标子空间,根据所述第p个目标子空间的标识中属于第i个类别的编号,从第i个第三密文集合中确定出与所述第p个目标子空间对应的密文元素;组合与所述第p个目标子空间对应的k个密文元素,获得对应的密文组。In a possible implementation manner, according to the identifiers of the m target subspaces, ciphertext elements are extracted from the k third ciphertext sets, and combined to generate m corresponding to the m target subspaces. A ciphertext group specifically includes: for any p-th target subspace, according to the number belonging to the i-th category in the identification of the p-th target subspace, determine from the i-th third ciphertext set A ciphertext element corresponding to the p-th target subspace; combining k ciphertext elements corresponding to the p-th target subspace to obtain a corresponding ciphertext group.

第三方面,提供了一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述方法由所述数据方执行。所述方法包括:从所述查询方接收用于查询POI的查询请求,其中包括用于指示目标分区的指示信息,所述目标分区是所述查询方从所述多个分区中确定出的待查询的目标位置所属的分区;基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,使得所述查询方获得所述m个目标子空间内的POI,所述目标子空间是所述查询方从所述目标分区中确定的与所述目标位置间的距离在预设范围之内的子空间。In the third aspect, a data query method based on privacy protection is provided, involving a query party and a data party, the data party holds multiple POIs distributed in a geographical space, and the geographical space is divided into multiple partitions, The single partition is divided into multiple subspaces, and the method is executed by the data party. The method includes: receiving a query request for querying POIs from the querying party, including indication information for indicating a target partition, and the target partition is a target partition determined by the querying party from the plurality of partitions to be The partition to which the target location of the query belongs; based on the identifiers of the N subspaces included in the target partition, and based on the identifiers of the m target subspaces with the querying party, jointly execute an OT protocol in which N selects m, so that the querying party Obtain POIs in the m target subspaces, where the target subspace is a subspace determined by the querying party from the target partition and whose distance from the target location is within a preset range.

在一种可能的实施方式中,所述基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,包括:从所述查询方接收m个第一密文,所述m个第一密文是根据可交换加密算法的第一密钥,对所述m个目标子空间的标识加密得到的;根据可交换加密算法的第二密钥对所述m个第一密文进行加密,获得m个第二密文;向所述查询方发送所述m个第二密文和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,所述N个对称密钥是根据可交换加密算法的第二密钥,对所述N个子空间的标识加密得到的,使得所述查询方根据所述第一密钥对应的解密密钥,对所述m个第二密文进行解密以获得m个第三密文,并将所述m个第三密文作为解密密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密以获得所述m个目标子空间内的POI。In a possible implementation manner, based on the identification of the N subspaces included in the target partition, and the query party based on the identification of the m target subspaces, jointly execute the OT protocol of selecting m from N, including: Receive m first ciphertexts from the querying party, the m first ciphertexts are obtained by encrypting the identifiers of the m target subspaces according to the first key of an exchangeable encryption algorithm; according to the exchangeable encryption algorithm Encrypting the m first ciphertexts with the second key of the encryption algorithm to obtain m second ciphertexts; sending the m second ciphertexts and N data ciphertexts to the querying party, the The N data ciphertexts are obtained by encrypting the POIs in the N subspaces according to N symmetric keys, and the N symmetric keys are based on the second key of the exchangeable encryption algorithm for the N subspaces. obtained by encrypting the identity of the space, so that the querying party decrypts the m second ciphertexts to obtain m third ciphertexts according to the decryption key corresponding to the first key, and converts the m The third ciphertext is used as a decryption key to decrypt m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts to obtain POIs in the m target subspaces.

在一种可能的实施方式中,所述子空间的标识包括属于k个类别的k个编号;其中,所述基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,包括:从所述数据方接收k个第一密文集合,所述k个第一密文集合是根据可交换加密算法的k个第一密钥,对所述m个目标子空间的标识中属于所述k个类别的编号分别进行加密得到的;根据可交换加密算法的k个第二密钥,对所述k个第一密文集合进行加密,获得k个第二密文集合;向所述查询方发送所述k个第二密文集合和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,第j个对称密钥是根据所述k个第二密钥,对第j个子空间的标识所包括的k个编号加密得到的,使得所述查询方根据所述k个第一密钥对应的k个解密密钥,对所述k个第二密文集合进行解密以获得k个第三密文集合,根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组,并将所述m个密文组作为对称密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密以获得所述m个目标子空间内的POI。In a possible implementation manner, the identification of the subspace includes k numbers belonging to k categories; wherein, the identification based on the N subspaces included in the target partition is the same as that of the querying party based on m The identifiers of the target subspaces, and jointly execute the OT protocol where N selects m, including: receiving k first ciphertext sets from the data party, and the k first ciphertext sets are k according to the exchangeable encryption algorithm The first key is obtained by encrypting the numbers belonging to the k categories in the identifiers of the m target subspaces respectively; according to the k second keys of the exchangeable encryption algorithm, the k first The ciphertext set is encrypted to obtain k second ciphertext sets; the k second ciphertext sets and N data ciphertexts are sent to the querying party, and the N data ciphertexts are based on N symmetric ciphertexts. key obtained by encrypting the POIs in the N subspaces, and the j symmetric key is obtained by encrypting the k numbers included in the identification of the j subspace according to the k second keys, so that The querying party decrypts the k second ciphertext sets according to the k decryption keys corresponding to the k first keys to obtain k third ciphertext sets, and according to the m target Space identification, extracting ciphertext elements from the k third ciphertext sets, combining to generate m ciphertext groups corresponding to the m target subspaces, and using the m ciphertext groups as symmetric keys , decrypting m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts to obtain POIs in the m target subspaces.

第四方面,提供了一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在多维特征空间内的多个特征数据,所述多维特征空间被划分为多个分区,单个所述分区被划分为多个子空间。所述方法包括:所述查询方从所述多个分区中确定出待查询的目标特征所属的目标分区,并从所述目标分区中确定出与所述目标特征间的距离在预设范围之内的m个目标子空间;所述查询方向所述数据方发送用于查询特征数据的查询请求,其中包括用于指示所述目标分区的指示信息;所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,使得所述查询方从所述数据方获得所述m个目标子空间内的特征数据。In the fourth aspect, a data query method based on privacy protection is provided, involving a query party and a data party, the data party holds multiple feature data distributed in a multi-dimensional feature space, and the multi-dimensional feature space is divided into multiple partitions, and a single partition is divided into multiple subspaces. The method includes: the inquiring party determines from the plurality of partitions the target partition to which the target feature to be queried belongs, and determines from the target partition that the distance to the target feature is within a preset range m target subspaces within; the query direction sends a query request for feature data query to the data party, which includes indication information for indicating the target partition; the query party based on the m target subspaces The identification of the space, the data side is based on the identification of the N subspaces included in the target partition, and jointly executes the OT protocol where N selects m, so that the query side obtains the information in the m target subspaces from the data side feature data.

第五方面,提供了一种基于隐私保护的数据查询装置,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述装置部署在所述查询方。所述装置包括:空间确定单元,配置为从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;请求发送单元,配置为向所述数据方发送用于查询POI的查询请求,其中包括用于指示所述目标分区的指示信息;安全通信单元,配置为基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,获得所述m个目标子空间内的POI。In the fifth aspect, a data query device based on privacy protection is provided, involving a query party and a data party, the data party holds multiple POIs distributed in a geographical space, and the geographical space is divided into multiple partitions, A single partition is divided into multiple subspaces, and the device is deployed on the query side. The device includes: a space determination unit configured to determine from the plurality of partitions the target partition to which the target location to be queried belongs, and determine from the target partition that the distance between the target location and the target location is within a preset distance. m target subspaces within the range; the request sending unit is configured to send a query request for querying the POI to the data party, including indication information used to indicate the target partition; a security communication unit is configured to be based on The identifiers of the m target subspaces and the data party jointly execute an OT protocol in which N selects m based on the identifiers of the N subspaces included in the target partition, to obtain POIs in the m target subspaces.

第六方面,提供了一种基于隐私保护的数据查询装置,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述装置部署在所述数据方。所述装置包括:请求接收单元,配置为从所述查询方接收用于查询POI的查询请求,其中包括用于指示目标分区的指示信息,所述目标分区是所述查询方从所述多个分区中确定出的待查询的目标位置所属的分区;安全通信单元,配置为基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,使得所述查询方获得所述m个目标子空间内的POI,所述目标子空间是所述查询方从所述目标分区中确定的与所述目标位置间的距离在预设范围之内的子空间。In the sixth aspect, a data query device based on privacy protection is provided, involving a query party and a data party, the data party holds multiple POIs distributed in a geographical space, and the geographical space is divided into multiple partitions, A single partition is divided into multiple subspaces, and the device is deployed on the data side. The device includes: a request receiving unit configured to receive a query request from the querying party for querying POIs, including indication information for indicating a target partition, and the target partition is obtained from the plurality of POIs by the querying party. The partition to which the target location to be queried is determined in the partition; the security communication unit is configured to jointly execute with the querying party based on the identifiers of the N subspaces included in the target partition, based on the identifiers of the m target subspaces N selects m OT protocol, so that the inquiring party obtains the POIs in the m target subspaces, and the target subspace is the distance between the inquiring party and the target position determined from the target partition Subspaces within a preset range.

第七方面,提供了一种计算机可读存储介质,其上存储有计算机程序/指令,所述计算机程序/指令在计算设备中执行时,计算设备实现第二或第三方面中任一项所述的方法。In a seventh aspect, a computer-readable storage medium is provided, on which computer programs/instructions are stored, and when the computer programs/instructions are executed in a computing device, the computing device implements any one of the second or third aspects. described method.

第八方面,提供了一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现第二或第三方面中任一项所述的方法。In an eighth aspect, a computing device is provided, including a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, any one of the second or third aspects is implemented. the method described.

通过本说明书一个或多个实施例中提供的方法及装置,通过将地理空间划分为多个分区,并将单个分区划分为多个子空间,当查询方期望查询与目标位置间的距离在预设范围内的POI时,其可以从多个分区中确定出待查询的目标位置所属的目标分区,然后从目标分区中确定出与目标位置间的距离在预设范围之内的m个目标子空间,并向数据方发送用于查询POI的查询请求,其中包括用于指示目标分区的指示信息;进而,查询方可以基于m个目标子空间的标识,数据方可以基于目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,使得查询方从数据方获得位于该m个目标子空间内的POI。如此,查询方查询与目标位置间的距离在预设范围内的POI的过程中,数据方无法获知查询方所查询的目标位置,可以更加安全且高效的实现基于地理位置的数据查询。With the methods and devices provided in one or more embodiments of this specification, by dividing the geographical space into multiple partitions and dividing a single partition into multiple subspaces, when the query party expects the distance between the query and the target location to be within a preset When the POI is within the range, it can determine the target partition to which the target location to be queried belongs to from multiple partitions, and then determine m target subspaces whose distance from the target location is within the preset range from the target partition , and send a query request to the data party for querying POIs, including indication information for indicating the target partition; furthermore, the query party can be based on the identification of m target subspaces, and the data party can be based on the N subspaces included in the target partition Space identification, jointly execute the OT protocol where N selects m, so that the query party can obtain POIs located in the m target subspaces from the data party. In this way, in the process of querying the POI whose distance from the target location is within the preset range, the data side cannot know the target location queried by the querying side, and the data query based on the geographic location can be implemented more safely and efficiently.

附图说明Description of drawings

为了更清楚地说明本说明书实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。In order to illustrate the technical solutions of the embodiments of this specification more clearly, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.

图1为本说明书实施例中提供的一种技术场景的示意图;FIG. 1 is a schematic diagram of a technical scenario provided in an embodiment of this specification;

图2为本说明书实施例中提供的一种基于隐私保护的数据查询方法的流程图之一;Fig. 2 is one of the flowcharts of a data query method based on privacy protection provided in the embodiment of this specification;

图3为示例性提供的查询方和数据方联合执行OT协议的过程示意图之一;Fig. 3 is one of the schematic diagrams of the process of jointly executing the OT protocol provided by the querying party and the data party;

图4为示例性提供的地理空间中被划分为多个子空间的单个分区的示意图;4 is a schematic diagram of a single partition divided into a plurality of subspaces in an exemplary provided geographic space;

图5为示例性提供的查询方和数据方联合执行OT协议的过程示意图之二;Fig. 5 is the second schematic diagram of the process of jointly executing the OT protocol provided by the querying party and the data party;

图6为本说明书实施例中提供的一种基于隐私保护的数据查询方法的流程图之二;FIG. 6 is the second flowchart of a data query method based on privacy protection provided in the embodiment of this specification;

图7为本说明书实施例中提供的一种基于隐私保护的数据查询装置的示意图之一;Fig. 7 is one of the schematic diagrams of a data query device based on privacy protection provided in the embodiment of this specification;

图8为本说明书实施例中提供的一种基于隐私保护的数据查询装置的示意图之二。FIG. 8 is the second schematic diagram of a data query device based on privacy protection provided in the embodiment of this specification.

具体实施方式Detailed ways

下面结合附图,对本说明书所提供的各个非限制性实施例进行详细描述。Various non-limiting embodiments provided in this specification will be described in detail below with reference to the accompanying drawings.

地理信息服务商提供的地理信息系统中,单个POI可以表征分布在地理空间内的一栋房子、一个商铺、一个邮筒、一个公交站等等。单个POI通常包含名称、类别、坐标以及分类等多个方面的信息,其中POI的坐标用于指示POI对应在地理空间内的位置。前述的地理空间可以是二维地理空间,POI的坐标例如可以包括其对应在地理坐标系下的经度和维度,或者也可以包括其对应的二维地图坐标系下的二维坐标;前述的地理空间也可以是三维地理空间,POI的坐标例如可以包括其对应在地理坐标系下的经度、维度以及海拔高度,或者也可以包括其对应在三维地图坐标系下的三维坐标。In the geographic information system provided by geographic information service providers, a single POI can represent a house, a shop, a mailbox, a bus stop, etc. distributed in geographic space. A single POI usually contains information on multiple aspects such as name, category, coordinates, and classification, and the coordinates of the POI are used to indicate the corresponding position of the POI in geographic space. The aforementioned geographic space can be a two-dimensional geographic space, and the coordinates of POI can include, for example, its corresponding longitude and latitude in the geographic coordinate system, or can also include its corresponding two-dimensional coordinates in the two-dimensional map coordinate system; the aforementioned geographic The space may also be a three-dimensional geographic space, and the POI coordinates may include, for example, its longitude, latitude, and altitude corresponding to the geographic coordinate system, or may also include its three-dimensional coordinates corresponding to the three-dimensional map coordinate system.

参见图1所示,地理信息服务商可能提供地理信息服务系统,地理信息服务系统中可能存储分布在地理空间内的多个POI。当存在某个用户(自然人或组织)期望查询地理空间中与某个目标位置间的距离在预设范围内的POI时,其可以向地理信息服务系统发起用于查询POI的查询请求,该查询请求中通常需要包括期望查询的目标位置,以便地理信息服务系统对应的查询并返回与目标位置间的距离在预设范围内的全部POI。然而,基于隐私保护的需要,查询POI的用户可能并不期望对外暴露其期望查询的目标位置。Referring to FIG. 1 , a geographic information service provider may provide a geographic information service system, and the geographic information service system may store multiple POIs distributed in geographic space. When there is a certain user (natural person or organization) who expects to inquire about a POI whose distance from a certain target location in geographic space is within a preset range, it can initiate a query request for POI query to the geographic information service system. The request usually needs to include the target location expected to be queried, so that the geographic information service system can perform a corresponding query and return all POIs whose distances from the target location are within a preset range. However, based on the need for privacy protection, users who inquire about POIs may not wish to expose the target location they expect to inquire about.

本说明书实施例中提供了一种基于隐私保护的数据查询方法及装置。通过将地理空间划分为多个分区,并将单个分区划分为多个子空间,当查询方期望查询与目标位置间的距离在预设范围内的POI时,其可以从多个分区中确定出待查询的目标位置所属的目标分区,然后从目标分区中确定出与目标位置间的距离在预设范围之内的m个目标子空间,并向数据方发送用于查询POI的查询请求,其中包括用于指示目标分区的指示信息;进而,查询方可以基于m个目标子空间的标识,数据方可以基于目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,使得查询方从数据方获得位于该m个目标子空间内的POI。如此,查询方查询与目标位置间的距离在预设范围内的POI的过程中,数据方无法获知查询方所查询的目标位置,可以更加安全且高效的实现基于地理位置的数据查询。The embodiment of this specification provides a data query method and device based on privacy protection. By dividing the geographic space into multiple partitions, and dividing a single partition into multiple subspaces, when the query party expects to query POIs whose distance from the target location is within a preset range, it can determine the POIs to be obtained from multiple partitions. The target partition to which the target location of the query belongs, and then determine m target subspaces whose distance from the target location is within a preset range from the target partition, and send a query request for POI query to the data party, including The indication information used to indicate the target partition; furthermore, the querying party can base on the identification of m target subspaces, and the data side can jointly execute the OT protocol where N selects m based on the identifications of the N subspaces included in the target partition, so that the querying party Obtain the POIs located in the m target subspaces from the data side. In this way, in the process of querying the POI whose distance from the target location is within the preset range, the data side cannot know the target location queried by the querying side, and the data query based on the geographic location can be implemented more safely and efficiently.

图2为本说明书实施例中提供的一种基于隐私保护的数据查询方法的流程图。该方法涉及查询方和数据方等两个不同的参与方,数据方可以对应提供地理信息系统的地理信息服务商,查询方可以对应使用地理信息系统的用户(包括自然人或组织)。查询方和数据方通常可以各自实现为任何具有计算/处理能力的装置、平台、设备或设备集群。FIG. 2 is a flow chart of a data query method based on privacy protection provided in the embodiment of this specification. The method involves two different participants such as a query party and a data party. The data party may correspond to a geographic information service provider providing a geographic information system, and the query party may correspond to a user (including a natural person or an organization) who uses a geographic information system. The query party and the data party can generally each be implemented as any device, platform, device or device cluster with computing/processing capabilities.

前述的数据方持有分布在地理空间内的多个POI。该地理空间被划分为多个分区,例如可以基于经度和纬度将该地理空间划分为多个分区,或者也可以基于行政区域将该地理空间划分为多个分区。单个分区可以被划分为多个子空间:例如当地理空间是二维空间时,可以按照经度和维度对单个分区进行网格化以实现将单个分区划分为多个子空间,即单个子空间是正方形或者说近似于正方形;再如当地理空间是三维空间时,可以按照经度、维度和海拔高度对单个分区划分为多个子空间,即单个子空间是正方体或者说近似于正方体。前述示例性描述的将单个分区划分为多个子空间的方式仅仅是示例性的,可以理解的是还可以采用其它方式进行子空间的划分。可以理解,不同分区可以包含不同数量的子空间。The aforementioned data party holds multiple POIs distributed in geographic space. The geographic space is divided into multiple partitions, for example, the geographic space can be divided into multiple partitions based on longitude and latitude, or the geographic space can also be divided into multiple partitions based on administrative regions. A single partition can be divided into multiple subspaces: for example, when the geographical space is a two-dimensional space, a single partition can be gridded according to longitude and latitude to realize the division of a single partition into multiple subspaces, that is, a single subspace is a square or Said to be similar to a square; another example is when the geographical space is a three-dimensional space, a single partition can be divided into multiple subspaces according to longitude, latitude and altitude, that is, a single subspace is a cube or is similar to a cube. The manner of dividing a single partition into multiple subspaces described above is only exemplary, and it can be understood that other manners may also be used to divide the subspaces. It is understood that different partitions may contain different numbers of subspaces.

参见图2所示,该方法可以包括但不限于如下步骤S21~步骤S25中的部分或全部。Referring to Fig. 2, the method may include but not limited to part or all of the following steps S21 to S25.

步骤S21,查询方从地理空间的多个分区中确定出待查询的目标位置所属的目标分区,并从目标分区中确定出与目标位置间的距离在预设范围之内的m个目标子空间。Step S21, the inquiring party determines the target partition to which the target location to be queried belongs to from multiple partitions in the geographic space, and determines m target subspaces whose distance from the target location is within a preset range from the target partition .

查询方可以获取分区的位置信息以及子空间的位置信息。单个分区的位置信息例如是组成该分区的边界/轮廓的多个采样点的坐标,单个子空间的位置信息例如是组成该子空间的边界/轮廓的多个采样点的坐标。可以根据多个分区的位置信息从该多个分区中,确定出待查询的目标位置所属的目标分区,进而根据该目标分区的位置信息从该目标分区所包括的N个子空间中,确定出与目标位置间的距离在预设范围之内的m个目标子空间。The query side can obtain the location information of the partition and the location information of the subspace. The location information of a single partition is, for example, coordinates of multiple sampling points constituting the boundary/contour of the partition, and the location information of a single subspace is, for example, the coordinates of multiple sampling points constituting the boundary/contour of the subspace. The target partition to which the target location to be queried belongs can be determined from the multiple partitions according to the location information of the multiple partitions, and then determined from the N subspaces included in the target partition according to the location information of the target partition. m target subspaces whose distances between target positions are within a preset range.

较为典型的应用场景中,查询方可以实现为由用户持有的并且部署有特定应用程序的终端,用户可以通过该应用程序向终端输入前述的目标位置,进而触发终端实现前述的步骤S21。预设范围可以是预先配置的,或者也可以按照用户的使用需要由用户提供的,例如用户可以通过前述的应用程序向其持有的终端输入前述的预设范围。In a typical application scenario, the inquiring party can be implemented as a terminal held by the user and deployed with a specific application program. The user can input the aforementioned target location to the terminal through the application program, and then trigger the terminal to implement the aforementioned step S21. The preset range may be pre-configured, or may also be provided by the user according to the user's needs, for example, the user may input the aforementioned preset range into the terminal held by the user through the aforementioned application program.

步骤S23,查询方向数据方发送用于查询POI的查询请求,其中包括用于指示目标分区的指示信息。例如该指示信息可以为目标分区的标识。In step S23, the querying party sends a querying request for querying the POI to the data party, which includes indication information for indicating the target partition. For example, the indication information may be an identifier of the target partition.

步骤S25,查询方基于m个目标子空间的标识,数据方基于目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,使得查询方获得m个目标子空间内的POI。Step S25, based on the identifiers of the m target subspaces, and based on the identifiers of the N subspaces included in the target partition, the data provider jointly executes an OT protocol in which N selects m, so that the queryer obtains POIs in the m target subspaces.

查询方和数据方可以通过多种方法实现联合执行N选m的OT协议。The query party and the data party can jointly implement the OT protocol of selecting m from N through various methods.

在一种可能的实施方式中,参见图3所示,查询方和数据方联合执行OT协议的过程可以包括如下步骤S301~步骤S315中的部分或全部。In a possible implementation manner, as shown in FIG. 3 , the process for the inquiring party and the data party to jointly execute the OT protocol may include part or all of the following steps S301 to S315 .

步骤S301,查询方根据可交换加密(commutative encryption)算法的第一密钥,对m个目标子空间的标识进行加密,获得m个目标子空间对应的m个第一密文。In step S301, the inquiring party encrypts the identifiers of m target subspaces according to the first key of a commutative encryption algorithm, and obtains m first ciphertexts corresponding to the m target subspaces.

可交换加密算法满足Ek1(Ek2(L))=Ek2(Ek1(L)),其中E表征可交换加密算法,k1和k2表征两个不同的密钥,L表征被加密的数据。即可交换加密算法满足,利用密钥k1和密钥k2依次加密数据L以获得的密文,相等于利用密钥k2和k1依次加密数据L以获得的密文。易于验证,对于密文Ek1(Ek2(L))或者Ek2(Ek1(L)),利用密钥k1对应的解密密钥d1解密该密文可以获得密文Ek2(L),利用密钥k2对应的解密密钥d2解密该密文可以获得密文Ek1(L)。其中可交换加密算法通常可以是非对称加密算法,例如是SRA算法或者Pohlig Hellman算法,此时前述解密密钥d1不同于密钥k1,前述解密密钥d2不同于密钥k2;当可交换加密算法是对称加密算法时,前述解密密钥d1相同于密钥k1,前述解密密钥d2相同于密钥k2。The exchangeable encryption algorithm satisfies E k1 (E k2 (L))=E k2 (E k1 (L)), where E represents the exchangeable encryption algorithm, k1 and k2 represent two different keys, and L represents the encrypted data . That is, the exchange encryption algorithm is satisfied, and the ciphertext obtained by sequentially encrypting the data L with the key k1 and the key k2 is equivalent to the ciphertext obtained by sequentially encrypting the data L with the key k2 and k1. It is easy to verify. For the ciphertext E k1 (E k2 (L)) or E k2 (E k1 (L)), the ciphertext E k2 (L) can be obtained by decrypting the ciphertext with the decryption key d1 corresponding to the key k1. The ciphertext E k1 (L) can be obtained by decrypting the ciphertext with the decryption key d2 corresponding to the key k2. The exchangeable encryption algorithm can usually be an asymmetric encryption algorithm, such as the SRA algorithm or the Pohlig Hellman algorithm. At this time, the aforementioned decryption key d1 is different from the key k1, and the aforementioned decryption key d2 is different from the key k2; when the exchangeable encryption algorithm In the case of a symmetric encryption algorithm, the aforementioned decryption key d1 is the same as the key k1, and the aforementioned decryption key d2 is the same as the key k2.

即,查询方持有可交换加密算法E的第一密钥(例如前述的密钥k1),对于m个目标子空间中任意的第p个目标子空间,查询方可以根据可交换加密算法E的密钥k1对第p个目标子空间的标识Hp进行加密,获得第p个目标子空间对应的第一密文Ek1(Hp)。That is, the query party holds the first key of the exchangeable encryption algorithm E (such as the aforementioned key k1), and for any p-th target subspace among the m target subspaces, the query party can use the exchangeable encryption algorithm E Encrypt the identity H p of the p-th target subspace with the key k1 to obtain the first ciphertext E k1 (H p ) corresponding to the p-th target subspace.

前述步骤S301是可选地的。举例来说,查询方可以预先根据可交换加密算法的第一密钥对属于地理空间的全部子空间的标识分别进行加密,获得属于地理空间的全部子空间各自对应的第一密文。与之相应的是,查询方在与数据方联合执行N选m的OT协议的过程中,无需执行前述步骤S301,而是从其预先获得的属于地理空间的全部子空间各自对应的第一密文中,获取前述m个目标子空间所对应的m个第一密文。The aforementioned step S301 is optional. For example, the querying party may encrypt the identifiers of all subspaces belonging to the geographic space in advance according to the first key of the exchangeable encryption algorithm, and obtain the first ciphertexts corresponding to all the subspaces belonging to the geographic space. Correspondingly, in the process of jointly executing the OT protocol of selecting m from N with the data party, the inquiring party does not need to perform the aforementioned step S301, but obtains the corresponding first secrets of all the subspaces belonging to the geographic space in advance. Herein, m first ciphertexts corresponding to the aforementioned m target subspaces are obtained.

步骤S303,查询方向数据方发送m个第一密文。Step S303, the query party sends m first ciphertexts to the data party.

步骤S305,数据方根据可交换加密算法的第二密钥,对m个第一密文进行加密,获得m个第二密文。Step S305, the data party encrypts m first ciphertexts according to the second key of the exchangeable encryption algorithm to obtain m second ciphertexts.

即,数据方持有可交换加密算法E的第二密钥(例如前述的密钥k2),对于m个第一密文中任意的第p个第一密文Ek1(Hp),数据方可以根据可交换加密算法E的密钥k2对第p个第一密文Ek1(Hp)进行加密,获得第p个第二密文Ek2(Ek1(Hp))。That is, the data party holds the second key of the exchangeable encryption algorithm E (such as the aforementioned key k2), and for any p-th first ciphertext E k1 (H p ) among the m first ciphertexts, the data party The p-th first ciphertext E k1 (H p ) can be encrypted according to the key k2 of the exchangeable encryption algorithm E to obtain the p-th second ciphertext E k2 (E k1 (H p )).

步骤S307,数据方根据可交换加密算法的第二密钥,对目标分区所包括的N个子空间的标识进行加密,获得N个对称密钥。In step S307, the data party encrypts the identifiers of the N subspaces included in the target partition according to the second key of the exchangeable encryption algorithm to obtain N symmetric keys.

即,对于N个子空间中任意的第j个子空间,数据方可以根据可交换加密算法E的第二密钥,对第j个子空间的标识Hj进行加密,获得第j个子空间所对应的对称密钥Ek2(Hj)。That is, for any jth subspace in the N subspaces, the data party can encrypt the identity H j of the jth subspace according to the second key of the exchangeable encryption algorithm E, and obtain the symmetric Key E k2 (H j ).

步骤S309,数据方根据N个对称密钥,对N个子空间内的POI进行对称加密,获得N个数据密文。In step S309, the data party performs symmetric encryption on POIs in N subspaces according to N symmetric keys to obtain N data ciphertexts.

即,数据方可以根据第j个子空间所对应的对称密钥Ek2(Hj),对分布在第j个子空间内的全部POI(记为Ri)进行对称加密,获得第j个子空间所对应的第j个数据密文F(Ek2(Hj),Rj),其中前述的F表征所采用的对称加密算法。That is, according to the symmetric key E k2 (H j ) corresponding to the jth subspace, the data party can perform symmetric encryption on all POIs distributed in the jth subspace (denoted as R i ), and obtain the jth subspace The corresponding j-th data ciphertext F(E k2 (H j ), R j ), where the aforementioned F represents the symmetric encryption algorithm adopted.

前述步骤S307和步骤S309是可选的。举例来说,对于属于地理空间的多个分区中的任意分区,数据方可以预先根据可交换加密算法的第二密钥,对该分区包括的多个子空间的标识进行加密,获得该分区包括的多个子空间各自对应的对称密钥,进而根据该多个子空间各自对应的对称密钥,对分布在对应的子空间内的全部POI进行对称加密,获得与该多个子空间对应的多个数据密文。与之相应的是,数据方在与查询方联合执行N选m的OT协议的过程中,无需执行前述步骤S307和步骤S309,而是从数据方预先获得的各个数据密文中,获取目标分区所包括的N个子空间对应的N个数据密文。The aforementioned step S307 and step S309 are optional. For example, for any partition among the multiple partitions belonging to geographic space, the data party can encrypt the identifiers of the multiple subspaces included in the partition in advance according to the second key of the exchangeable encryption algorithm to obtain the subspaces included in the partition. The symmetric keys corresponding to each of the multiple subspaces, and then according to the symmetric keys corresponding to the multiple subspaces, perform symmetric encryption on all POIs distributed in the corresponding subspaces, and obtain multiple data encryption keys corresponding to the multiple subspaces. arts. Correspondingly, in the process of jointly executing the OT protocol of selecting m from N with the querying party, the data party does not need to perform the aforementioned steps S307 and S309, but obtains all data ciphertexts of the target partition from the data ciphertexts obtained in advance by the data party. N data ciphertexts corresponding to the N subspaces included.

步骤S311,数据方向查询方发送m个第二密文和N个数据密文。In step S311, the data sends m second ciphertexts and N data ciphertexts to the querying party.

步骤S313,查询方根据可交换加密算法的第一密钥所对应的解密密钥,对m个第二密文进行解密,获得m个第三密文。Step S313, the inquiring party decrypts the m second ciphertexts according to the decryption key corresponding to the first key of the exchangeable encryption algorithm, and obtains m third ciphertexts.

即,对于m个第二密文中任意的第p个第二密文Ek2(Ek1(Hp)),查询方可以根据其持有的与可交换加密算法的密钥k1对应的解密密钥d1,对第p个第二密文Ek2(Ek1(Hp))进行解密,对应获得第p个第三密文Ek2(Hp)。That is, for any p-th second ciphertext E k2 (E k1 (H p )) among the m second ciphertexts, the querying party can decrypt the key according to the key k1 of the exchangeable encryption algorithm held by it. The key d1 decrypts the p-th second ciphertext E k2 (E k1 (H p )), and correspondingly obtains the p-th third ciphertext E k2 (H p ).

步骤S315,查询方将m个第三密文作为解密密钥,对N个数据密文中与m个目标子空间对应的m个数据密文进行解密,获得m个目标子空间内的POI。In step S315, the inquiring party uses the m third ciphertexts as decryption keys to decrypt the m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, and obtain the POIs in the m target subspaces.

参照前文,查询方获得的第p个第三密文Ek2(Hp),相同于数据方根据可交换加密算法的密钥k2,对第p个目标子空间的标识Hp进行加密得到的结果。对于查询方获得的N个数据密文中任意的第j个数据密文F(Ek2(Hj),Rj),其是数据方根据对称加密算法F的对称密钥Ek2(Hj),对Rj(分布在第j个子空间内的POI)进行对称加密得到。进而不难理解,当Hp相同于Hj的情况下,查询方才能将第三密文Ek2(Hp)作为对称密钥,对相应的数据密文F(Ek2(Hj),Rj)进行正确解密。如此,可以确保查询方在能够获得分布在m个目标子空间内的POI的情况下,无法过多的获取目标分区种其它子空间内的POI。Referring to the above, the p-th third ciphertext E k2 (H p ) obtained by the query party is the same as the one obtained by encrypting the identity H p of the p-th target subspace by the data party according to the key k2 of the exchangeable encryption algorithm result. For any j-th data ciphertext F(E k2 (H j ), R j ) among the N data ciphertexts obtained by the querying party, it is the symmetric key E k2 (H j ) of the data party according to the symmetric encryption algorithm F , is obtained by performing symmetric encryption on R j (POIs distributed in the jth subspace). It is not difficult to understand that when H p is the same as H j , the query party can use the third ciphertext E k2 (H p ) as a symmetric key, and for the corresponding data ciphertext F(E k2 (H j ), R j ) for correct decryption. In this way, it can be ensured that the query party cannot obtain too many POIs in other subspaces of the target partition when the POIs distributed in m target subspaces can be obtained.

在一种可能的实施方式中,子空间的标识包括属于k个类别的k个编号,k大于1。In a possible implementation manner, the identification of the subspace includes k numbers belonging to k categories, where k is greater than 1.

参见图4所示,假设地理空间是包括维度x和维度y的二维地理空间,可以在维度x(对应经度或者二维地图坐标系下的一个维度)和维度y(对应纬度或者二维地图坐标系下的另一个维度)上,对属于相同分区的多个子空间进行编号。即对于单个分区而言,可以按照维度x和维度y对该分区进行网格化以实现将该分区划分为相同大小或者大小相近似的多个子空间;进而可以在维度x上对单个子空间进行编号(此编号所属类别例如表述为行坐标或行编号),并且在维度y上对单个子空间进行编号(此编号所属类别例如表述为列坐标或列编号),子空间对应在其所属分区中的行编号和列编号等两个类别的编号即可组成该子空间的标识。基于类似的原理,还可以利用子空间对应在其所属分区中的正对角线(或者表述为主对角线)编号和反对角线(或者表述为副对角线)编号等两个类别的编号组成该子空间的标识。或者,还可以利用子空间对应在其所属分区中的行编号、列编号、正对角线编号和反对角线编号等四个类别的编号组成该子空间的标识。Referring to Fig. 4, assuming that the geographical space is a two-dimensional geographical space including dimension x and dimension y, it can be divided between dimension x (corresponding to longitude or a dimension in the two-dimensional map coordinate system) and dimension y (corresponding to latitude or two-dimensional map On another dimension in the coordinate system), multiple subspaces belonging to the same partition are numbered. That is, for a single partition, the partition can be gridded according to the dimension x and the dimension y so as to divide the partition into multiple subspaces of the same size or similar in size; Numbering (the category of this number is expressed as row coordinates or row number, for example), and a single subspace is numbered on dimension y (the category of this number is expressed as column coordinates or column number, for example), and the subspace corresponds to the partition to which it belongs The numbers of the two categories, such as the row number and the column number, can constitute the identification of the subspace. Based on a similar principle, subspaces can also be used to correspond to the number of the positive diagonal (or expressed as the main diagonal) and the number of the anti-diagonal (or expressed as the sub-diagonal) in the partition to which it belongs. Numbers make up the identity of this subspace. Alternatively, the identification of the subspace can also be composed of four categories of numbers corresponding to the row number, column number, positive diagonal number, and anti-diagonal number in the partition to which the subspace belongs.

前述对组成子空间的标识的k个类别的k个编号的描述是示例性的。举例来说,对于包括维度x、维度y和维度z的三维地理空间而言,还可以分别在维度x、维度y和维度z等三个维度上对属于相同分区的多个子空间进行分别编号;如此,单个子空间的标识可以由其对应在维度x、维度y和维度z等三个维度上的三个编号组成。The foregoing description of the k numbers of the identified k categories constituting the subspace is exemplary. For example, for a three-dimensional geographic space including dimension x, dimension y, and dimension z, multiple subspaces belonging to the same partition can also be separately numbered on the three dimensions of dimension x, dimension y, and dimension z; In this way, the identifier of a single subspace may be composed of three numbers corresponding to three dimensions of dimension x, dimension y, and dimension z.

子空间的标识包括属于k个类别的k个编号的情况下,参见图5所示,查询方和数据方联合执行N选m的OT协议的过程可以包括如下步骤S501~步骤S517中的部分或全部。In the case where the identification of the subspace includes k numbers belonging to k categories, as shown in FIG. 5, the process of jointly executing the OT protocol where N is selected by m by the querying party and the data party may include the following steps S501 to S517. all.

步骤S501,查询方获取k个第一密文集合,其是根据可交换加密算法的k个第一密钥,对m个目标子空间的标识中属于k个类别的编号分别进行加密得到的。In step S501, the inquiring party obtains k first ciphertext sets, which are obtained by encrypting numbers belonging to k categories among the identifiers of m target subspaces according to k first keys of an exchangeable encryption algorithm.

查询方持有可交换加密算法E的k个第一密钥,k个第一密钥对应前述k个类别。The querying party holds k first keys of the exchangeable encryption algorithm E, and the k first keys correspond to the aforementioned k categories.

查询方可以根据可交换加密算法的k个第一密钥,对与k个类别对应的k个编号集合中的编号进行加密,获得前述k个第一密文集合,单个编号集合由m个目标子空间的标识中属于相同类别的编号组成。其中,对于任意的第i个编号集合,其包括m个目标子空间的标识中属于第i个类别的全部编号。参见图4所示,假设图4所示的目标分区中,圆形区域的圆形是目标位置,该圆形区域涉及的全部子空间即是m个目标子空间。那么,k个编号集合,例如可以包括由列编号5~13组成的列编号集合以及由行编号4~12组成的行编号集合;或者可以包括由正对角线编号15~27组成的正对角线编号集合以及由反对角线编号10~22组成的反对角线编号集合;或者可以包括前述的行编号集合、列编号集合、正对角线编号集合以及反对角线编号集合等4个编号集合。The inquiring party can encrypt the numbers in the k number sets corresponding to the k categories according to the k first keys of the exchangeable encryption algorithm, and obtain the aforementioned k first ciphertext sets. A single number set consists of m targets The ID of a subspace consists of numbers belonging to the same category. Wherein, for any i-th numbering set, it includes all numbers belonging to the i-th category among the identifications of the m target subspaces. Referring to FIG. 4 , assuming that in the target partition shown in FIG. 4 , the circle of the circular area is the target position, all the subspaces involved in the circular area are m target subspaces. Then, the k numbering sets, for example, may include a column numbering set consisting of column numbers 5-13 and a row numbering set consisting of row numbers 4-12; or may include a pair of positive diagonal numbers 15-27. A set of diagonal numbers and a set of anti-diagonal numbers composed of anti-diagonal numbers 10 to 22; or it can include the aforementioned four numbers, such as the row number set, column number set, positive diagonal number set, and anti-diagonal number set gather.

将对应第i个类别的第一密钥记为密钥k1i,则对于第i个编号集合,可以根据密钥k1i对其包括的任意第t个编号it进行加密,获得第t个第一密文元素Ek1i(it),进而利用第i个编号集合中所包括的各个编号分别对应的第一密文元素组成第i个第一密文集合C1iThe first key corresponding to the i-th category is recorded as key k1i, then for the i-th number set, any t-th number it included in it can be encrypted according to the key k1i, and the t-th first The ciphertext element E k1i (i t ), and then use the first ciphertext elements corresponding to the numbers included in the i-th numbering set to form the i-th first ciphertext set C 1i .

对于属于地理空间的多个分区中的任意分区,假设该分区所包括的多个子空间的标识中属于任意第i个类别的编号的数量为T,数据方还可以预先根据可交换加密算法的第i个第一密钥,分别对属于第i个类别的T个编号进行加密,获得由该T个编号所对应的T个原始密文元素组成的第i个原始密文集合。与之相应的是,前述步骤S501中,查询方可以对于任意第i个类别,根据m个目标子空间的标识中属于第i个类别的若干编号,从第i个原始密文集合中选择该若干编号所对应的若干原始密文元素组成第i个第一密文集合。For any partition in multiple partitions belonging to geographic space, assuming that the number of numbers belonging to any i-th category in the identifiers of the multiple subspaces included in the partition is T, the data party can also pre-according to the exchangeable encryption algorithm. The i first key respectively encrypts T numbers belonging to the i-th category to obtain an i-th original ciphertext set composed of T original ciphertext elements corresponding to the T numbers. Correspondingly, in the aforementioned step S501, for any i-th category, the inquiring party can select the i-th original ciphertext set from the i-th original ciphertext set according to the numbers belonging to the i-th category in the identifiers of the m target subspaces A number of original ciphertext elements corresponding to a number of numbers form the i-th first ciphertext set.

步骤S503,查询方向数据方发送k个第一密文集合。In step S503, the query sends k first ciphertext sets to the data party.

步骤S505,数据方根据可交换加密算法的k个第二密钥,对k个第一密文集合进行加密,获得k个第二密文集合。In step S505, the data party encrypts the k first ciphertext sets according to the k second keys of the exchangeable encryption algorithm to obtain k second ciphertext sets.

查询方持有可交换加密算法E的k个第二密钥,k个第二密钥对应前述k个类别。The inquiring party holds k second keys of the exchangeable encryption algorithm E, and the k second keys correspond to the aforementioned k categories.

将对应第i个类别的第二密钥记为密钥k2i,则对于第i个第一密文集合C1i,可以根据密钥k2i对其包括的任意第t个第一密文元素Ek1i(it)进行加密,获得第t个第二密文元素Ek2i(Ek1i(it)),进而利用第i个第一密文集合C1i中所包括的全部第一密文元素各自对应的第二密文元素组成第i个第二密文集合C2iDenote the second key corresponding to the i-th category as key k2i, then for the i-th first ciphertext set C 1i , any t-th first ciphertext element E k1i included in it can be based on the key k2i (i t ) to encrypt to obtain the t-th second ciphertext element E k2i (E k1i (i t )), and then use all the first ciphertext elements included in the i-th first ciphertext set C 1i The corresponding second ciphertext elements form the i-th second ciphertext set C 2i .

步骤S507,对于目标分区所包括的N个子空间中任意的第j个子空间,数据方根据可交换加密算法的k个第二密钥,对第j个子空间的标识所包括的属于k个类别的k个编号进行加密,获得第j个子空间对应的第j个对称密钥。Step S507, for any j-th subspace among the N subspaces included in the target partition, the data party identifies the k-th subspaces included in the j-th subspace according to the k second keys of the exchangeable encryption algorithm. The k numbers are encrypted to obtain the jth symmetric key corresponding to the jth subspace.

将对应第i个类别的第二密钥记为密钥k2i。则对于第j个子空间的标识Hj所包括的属于第i个类别的编号Hji,可以根据密钥k2i对其进行加密,获得第j个子空间所对应的第i个编号密文Ek2i(Hji);进而可以利用第j个子空间所对应的k个编号密文,组合生成该第j个子空间所对应的第j个对称密钥,为了方便描述这里将该第j个对称密钥记为Ek(Hj)。The second key corresponding to the i-th category is recorded as key k2i. Then, for the number H ji belonging to the i-th category included in the identity H j of the j-th subspace, it can be encrypted according to the key k2i to obtain the i-th numbered ciphertext E k2i ( H ji ); furthermore, k numbered ciphertexts corresponding to the jth subspace can be used to combine and generate the jth symmetric key corresponding to the jth subspace. For the convenience of description, the jth symmetric key is recorded here as is E k (H j ).

步骤S509,数据方根据该N个子空间对应的N个对称密钥,对N个子空间内的POI进行对称加密,获得N个数据密文。In step S509, the data party performs symmetric encryption on the POIs in the N subspaces according to the N symmetric keys corresponding to the N subspaces, and obtains N data ciphertexts.

数据方可以根据第j个子空间所对应的第j个对称密钥Ek(Hj),对分布在第j个子空间内的全部POI(记为Rj)进行对称加密,获得第j个子空间所对应的第j个数据密文F(Ek(Hj),Rj),其中前述的F表征所采用的对称加密算法。The data party can perform symmetric encryption on all POIs (denoted as R j ) distributed in the jth subspace according to the jth symmetric key E k (H j ) corresponding to the jth subspace, and obtain the jth subspace The corresponding j-th data ciphertext F(E k (H j ), R j ), wherein the aforementioned F represents the symmetric encryption algorithm adopted.

前述步骤S507和步骤S509是可选的。举例来说,对于属于地理空间的多个分区中的任意分区数据方可以预先根据可交换加密算法的k个第二密钥,对前述多个分区中的任意分区均执行与前述步骤S507和步骤S509相似的过程,获得与该分区所包括的多个子空间相对应的多个数据密文。与之相应的是,数据方在与查询方联合执行N选m的OT协议的过程中,无需执行前述步骤S507和步骤S509,而是从数据方预先获得的全部的数据密文中,获取目标分区所包括的N个子空间对应的N个数据密文。The aforementioned step S507 and step S509 are optional. For example, for any partition among the multiple partitions belonging to the geographical space, the data party can perform the same steps as above step S507 and step S509 is a similar process, obtaining multiple data ciphertexts corresponding to multiple subspaces included in the partition. Correspondingly, in the process of jointly executing the OT protocol of selecting m from N with the data party, the data party does not need to perform the aforementioned steps S507 and S509, but obtains the target partition from all the data ciphertexts obtained in advance by the data party N data ciphertexts corresponding to the N subspaces included.

步骤S511,数据方向查询方发送k个第二密文集合和N个数据密文。In step S511, the data sends k second ciphertext sets and N data ciphertexts to the querying party.

步骤S513,查询方根据k个第一密钥对应的k个解密密钥,对k个第二密文集合进行解密,获得k个第三密文集合。Step S513, the querying party decrypts the k second ciphertext sets according to the k decryption keys corresponding to the k first keys, and obtains k third ciphertext sets.

对于任意第i个第二密文集合C2i所包括的任意第t个第二密文元素Ek2i(Ek1i(it)),可以根据与k个第一密钥对应的第i个解密密钥对其进行解密,获得第t个第三密文元素Ek2i(it),进而利用第i个第二密文集合C2i中所包括的全部第二密文元素各自对应的第三密文元素,组成第i个第三密文集合C3iFor any t-th second ciphertext element E k2i (E k1i (i t )) included in any i-th second ciphertext set C 2i , it can be decrypted according to the i-th corresponding to the k first keys The key decrypts it to obtain the tth third ciphertext element E k2i (i t ), and then use the corresponding third The ciphertext elements form the i-th third ciphertext set C 3i .

步骤S515,查询方根据m个目标子空间的标识,从k个第三密文集合中提取密文元素,组合生成m个目标子空间对应的m个密文组。In step S515, the querying party extracts ciphertext elements from k third ciphertext sets according to the identifiers of the m target subspaces, and combines them to generate m ciphertext groups corresponding to the m target subspaces.

查询方可以对任意的第p个目标子空间,根据第p个目标子空间的标识中属于第i个类别的编号,从第i个第三密文集合C3i中确定出与第p个目标子空间对应的密文元素(第三密文元素),然后组合与第p个目标子空间对应的k个密文元素,获得对应的密文组。For any p-th target subspace, the query party can determine the p-th target from the i-th third ciphertext set C 3i according to the number belonging to the i-th category in the identification of the p-th target subspace The ciphertext elements corresponding to the subspace (the third ciphertext element), and then k ciphertext elements corresponding to the p-th target subspace are combined to obtain the corresponding ciphertext group.

参照图4所示,假设k个类别包括行编号和列编号两个类别,则查询方可以获得对应行编号和列编号的两个第三密文集合。那么,对于任意的第p个目标子空间,假设其包括行编号5和列编号7:行编号5在对应的行编号集合中的排列位置是2,因此可以从与行编号集合对应的第三密文集合中,确定出与该目标子空间对应的密文元素是第2个密文元素(即第2个第三密文元素);类似的可以从与列编号集合对应的第三密文集合中,确定出与该目标子空间对应的密文元素是第3个密文元素(即第3个第三密文元素)。Referring to FIG. 4 , assuming that the k categories include row numbers and column numbers, the querying party can obtain two third ciphertext sets corresponding to row numbers and column numbers. Then, for any p-th target subspace, assuming that it includes row number 5 and column number 7: the arrangement position of row number 5 in the corresponding row number set is 2, so it can be obtained from the third corresponding to the row number set In the ciphertext set, it is determined that the ciphertext element corresponding to the target subspace is the second ciphertext element (i.e. the second third ciphertext element); similarly, the third ciphertext element corresponding to the column number set can be In the set, it is determined that the ciphertext element corresponding to the target subspace is the third ciphertext element (ie, the third third ciphertext element).

对于与第p个目标子空间对应的k个密文元素,可以按照与前述步骤S507示例的获得第j个子空间对应的第j个对称密钥的方式,利用第p个目标子空间所对应的k个密文元素/编号密文,组合生成该第p个子空间所对应的将会被作为对称密钥的第p个密文组。For the k ciphertext elements corresponding to the p-th target subspace, the method of obtaining the j-th symmetric key corresponding to the j-th subspace in the example of step S507 above can be used to use the p-th target subspace corresponding to The k ciphertext elements/numbered ciphertext are combined to generate the pth ciphertext group corresponding to the pth subspace which will be used as the symmetric key.

步骤S517,查询方将m个密文组作为对称密钥,对N个数据密文中与m个目标子空间对应的m个数据密文进行解密,获得m个目标子空间内的POI。In step S517, the querying party uses m ciphertext groups as symmetric keys to decrypt m data ciphertexts corresponding to m target subspaces among N data ciphertexts, and obtain POIs in m target subspaces.

参照前文,查询方获得的第p个密文组(记为Ek(Hp)),是查询方根据与第p个目标子空间对应的k个第三密文元素Ek2i(it)组合生成的,it是第p个目标子空间的标识中属于第i个类别的编号。对于查询方获得的N个数据密文中任意的第j个数据密文,其是数据方根据该第j个子空间所对应的第j个对称密钥Ek(Hj),对分布在第j个子空间内的全部POI(记为Rj)进行对称加密以获得的第j个数据密文F(Ek(Hj),Rj),而第j个对称密钥Ek(Hj)是数据方利用第j个子空间所对应的k个编号密文Ek2i(Hji)组合生成的。进而不难理解,当第p个目标子空间的标识Hp相同于第i个子空间的标识Hi的情况下,查询方获得的第p个密文组Ek(Hp)相同于第j个对称密钥Ek(Hj),查询方在此种情况下才能将第p个密文组Ek(Hp)作为对称密钥,对相应的数据密文F(Ek2(Hj),Rj)进行正确解密。如此,可以确保查询方在能够获得分布在m个目标子空间内的POI的情况下,无法过多的获取其它子空间内的POI,同时两方联合执行OT协议的过程中无需大量执行可交换加密算法的加解密处理过程,有利于更加高效的实现基于地理位置的数据查询。Referring to the above, the pth ciphertext group (denoted as E k (H p )) obtained by the querying party is obtained by the querying party according to the k third ciphertext elements E k2i (i t ) corresponding to the pth target subspace Generated by combination, it is the number belonging to the i-th category in the identity of the p - th target subspace. For any j-th data ciphertext among the N data ciphertexts obtained by the querying party, it is the j-th symmetric key E k (H j ) corresponding to the j-th subspace of the data party, and the pairs distributed in the j-th subspace All POIs (denoted as R j ) in a subspace are symmetrically encrypted to obtain the jth data ciphertext F(E k (H j ), R j ), and the jth symmetric key E k (H j ) It is generated by the data party using k numbered ciphertexts E k2i (H ji ) corresponding to the jth subspace. It is not difficult to understand that when the identity H p of the p-th target subspace is the same as the identity H i of the i-th subspace, the p-th ciphertext group E k (H p ) obtained by the query party is the same as the j-th ciphertext group E k (H p ) a symmetric key E k (H j ), in this case the query party can use the p-th ciphertext group E k (H p ) as a symmetric key, for the corresponding data ciphertext F(E k2 (H j ), R j ) for correct decryption. In this way, it can be ensured that the query party cannot obtain too many POIs in other subspaces when it can obtain POIs distributed in m target subspaces. At the same time, the two parties do not need to perform a large number of exchangeable during the joint execution of the OT protocol. The encryption and decryption processing process of the encryption algorithm is conducive to more efficient realization of data query based on geographic location.

基于相同的构思,本说明书实施例中提供的技术方案还可以由地理空间扩展到非地理空间,例如扩展到包括多个维度的特征空间以解决类似的技术问题。与之相应的是,本说明书实施例中还提供了一种在多为特征空间下实现基于隐私保护的数据查询方法。参见图6所示,该方法涉及查询方和数据方,其中数据方持有分布在多维特征空间内的多个特征数据,多维特征空间被划分为多个分区,单个分区被划分为多个子空间。查询方和数据方通常可以各自实现为任何具有计算/处理能力的装置、平台、设备或设备集群。Based on the same idea, the technical solutions provided in the embodiments of this specification can also be extended from geographic space to non-geographic space, for example, to feature space including multiple dimensions to solve similar technical problems. Correspondingly, the embodiment of this specification also provides a data query method based on privacy protection in a multi-dimensional feature space. As shown in Figure 6, this method involves the query side and the data side, where the data side holds multiple feature data distributed in the multi-dimensional feature space, the multi-dimensional feature space is divided into multiple partitions, and a single partition is divided into multiple subspaces . The query party and the data party can generally each be implemented as any device, platform, device or device cluster with computing/processing capabilities.

参见图6所示,该方法可以宝库如下步骤S61~步骤S65中的部分或全部。Referring to Fig. 6, the method may include part or all of the following steps S61 to S65.

步骤S61,查询方从多为特征空间的多个分区中确定出待查询的目标特征所属的目标分区,并从目标分区中确定出与目标特征间的距离在预设范围之内的m个目标子空间。Step S61, the inquiring party determines the target partition to which the target feature to be queried belongs to from multiple partitions of the feature space, and determines m objects whose distance to the target feature is within a preset range from the target partition subspace.

步骤S63,查询方向数据方发送用于查询特征数据的查询请求,其中包括用于指示目标分区的指示信息。In step S63, the query direction sends a query request for querying feature data to the data party, including indication information for indicating the target partition.

步骤S65,查询方基于m个目标子空间的标识,数据方基于目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,使得查询方从所述数据方获得m个目标子空间内的特征数据。Step S65, based on the identifiers of the m target subspaces, and based on the identifiers of the N subspaces included in the target partition, the data side jointly executes the OT protocol where N selects m, so that the query side obtains m target subspaces from the data side feature data in the space.

对于前述步骤S65中,查询方和数据方联合执行OT协议的过程,可以参见前文相关于图3和图5示例性描述的过程,此处不再赘述。For the process of jointly executing the OT protocol by the inquiring party and the data party in the aforementioned step S65, reference may be made to the exemplary process described above in relation to FIG. 3 and FIG. 5 , which will not be repeated here.

该技术方案中,目标特征相似于前述各个方法实施例中所述的目标位置,其可以映射为多维特征空间中的特征点;分布在多为特征空间中的单个特征数据相似于前述各个方法实施例中所述的POI,其可以包括映射在多维特征空间中的特征点以及该特征点关联的其它数据内容。通过该技术方案,查询方获得与目标特征间的距离在预设范围之内的各个特征数据的过程中,数据方无法获知查询方持有的目标特征。该技术方案可以应用到多种技术场景中,例如不同的特征点对应不同的图像,特征数据所包括的数据内容例如包括对应图像的标识(例如人脸图像所属任务的名字、图像所属的分类等),从而实现查询与目标特征对应的人物相似的其它人物、对目标特征所对应的图像进行分类等;再如不同的特征点对应不同的基因组,特征数据所包括的数据内容例如包括对应基因组容易患上的疾病名称,从而实现查询与目标特征对应的人物容易患上的疾病。In this technical solution, the target feature is similar to the target position described in the foregoing method embodiments, which can be mapped to a feature point in a multi-dimensional feature space; a single feature data distributed in a multi-dimensional feature space is similar to the implementation of the foregoing methods. The POI mentioned in the example may include feature points mapped in the multi-dimensional feature space and other data content associated with the feature points. Through this technical solution, when the inquiring party obtains each characteristic data whose distance from the target feature is within a preset range, the data party cannot know the target feature held by the inquiring party. This technical solution can be applied to a variety of technical scenarios. For example, different feature points correspond to different images. The data content included in the feature data includes, for example, the identification of the corresponding image (such as the name of the task to which the face image belongs, the category to which the image belongs, etc. ), so as to realize the query of other characters similar to the character corresponding to the target feature, classify the image corresponding to the target feature, etc.; for example, different feature points correspond to different genomes, and the data content included in the feature data includes, for example, the corresponding genome. The name of the disease, so as to realize the query of the disease that the person corresponding to the target feature is prone to suffer from.

与前述方法实施例基于相同的构思,本说明书实施例中还提供了一种基于隐私保护的数据查询装置700,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述装置700部署在所述查询方。参见图7,所述装置700包括:空间确定单元701,配置为从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;请求发送单元703,配置为向所述数据方发送用于查询POI的查询请求,其中包括用于指示所述目标分区的指示信息;安全通信单元705,配置为基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,获得所述m个目标子空间内的POI。Based on the same idea as the foregoing method embodiments, the embodiment of this specification also provides a data query device 700 based on privacy protection, which involves the query party and the data party, and the data party holds multiple data distributed in geographical space. POI, the geographic space is divided into multiple partitions, and a single partition is divided into multiple subspaces, and the apparatus 700 is deployed on the query side. Referring to FIG. 7 , the apparatus 700 includes: a space determination unit 701 configured to determine from the plurality of partitions the target partition to which the target location to be queried belongs, and determine from the target partition the m target subspaces whose distance between them is within a preset range; the request sending unit 703 is configured to send a query request for querying POIs to the data party, including indication information for indicating the target partition; The secure communication unit 705 is configured to jointly execute an OT protocol in which N selects m based on the identifiers of the m target subspaces, and the data party based on the identifiers of the N subspaces included in the target partition, to obtain the m POIs in the target subspace.

与前述方法实施例基于相同的构思,本说明书实施例中还提供了一种基于隐私保护的数据查询装置800,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述装置800部署在所述数据方。参见图8,所述装置800包括:请求接收单元801,配置为从所述查询方接收用于查询POI的查询请求,其中包括用于指示目标分区的指示信息,所述目标分区是所述查询方从所述多个分区中确定出的待查询的目标位置所属的分区;安全通信单元803,配置为基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,使得所述查询方获得所述m个目标子空间内的POI,所述目标子空间是所述查询方从所述目标分区中确定的与所述目标位置间的距离在预设范围之内的子空间。Based on the same idea as the foregoing method embodiments, the embodiment of this specification also provides a data query device 800 based on privacy protection, which involves the query party and the data party, and the data party holds multiple data distributed in geographical space. POI, the geographic space is divided into multiple partitions, and a single partition is divided into multiple subspaces, and the apparatus 800 is deployed on the data side. Referring to FIG. 8 , the apparatus 800 includes: a request receiving unit 801 configured to receive a query request for querying POIs from the querying party, including indication information for indicating a target partition, and the target partition is the query The partition to which the target position to be queried is determined by the party from the plurality of partitions; the secure communication unit 803 is configured to communicate with the querying party based on m targets based on the identifiers of the N subspaces included in the target partition The identification of the subspace, jointly execute the OT protocol of choosing m from N, so that the query party can obtain the POIs in the m target subspaces, and the target subspace is determined by the query party from the target partition and A subspace in which the distance between the target positions is within a preset range.

本领域技术人员应该可以意识到,在上述一个或多个示例中,本说明书所描述的功能可以用硬件、软件、固件或它们的任意组合来实现。当使用软件实现时,可以将这些功能所对应的计算机程序存储在计算机可读介质中或者作为计算机可读介质上的一个或多个指令/代码进行传输,以便这些功能所对应的计算机程序被计算机执行时,通过计算机实现本说明书任意一个实施例中所述的方法。Those skilled in the art should be aware that in one or more of the above examples, the functions described in this specification may be implemented by hardware, software, firmware or any combination thereof. When implemented in software, the computer programs corresponding to these functions can be stored in a computer-readable medium or transmitted as one or more instructions/codes on a computer-readable medium, so that the computer programs corresponding to these functions can be read by the computer During execution, the method described in any one of the embodiments of this specification is realized by a computer.

本说明书实施例中还提供了一种计算机可读存储介质,其上存储有计算机程序/指令,当所述计算机程序/指令在计算设备中执行时,实现本说明书任意一个实施例中由查询方或数据方所执行的方法步骤。The embodiments of this specification also provide a computer-readable storage medium on which computer programs/instructions are stored. When the computer programs/instructions are executed in a computing device, the querying party in any one of the embodiments of this specification can realize the or method steps performed by the data party.

本说明书实施例中还提供了一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码/指令,所述处理器执行所述可执行代码/指令时,实现本说明书任意一个实施例中由查询方或数据方所执行的方法步骤。The embodiment of this specification also provides a computing device, including a memory and a processor, wherein executable codes/instructions are stored in the memory, and when the processor executes the executable codes/instructions, any one of the Method steps performed by the querying party or the data party in the embodiments.

本说明书中的各个实施例均采用递进的方式描述,各个实施例中相同、相似的部分互相参见即可,每个实施例中重点说明的都是与其他实施例的不同之处。尤其,对于装置实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, and the same and similar parts in each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiment.

上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other implementations are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in an order different from that in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. Multitasking and parallel processing are also possible or may be advantageous in certain embodiments.

以上所述的具体实施方式,对本发明的目的、技术方案和有益效果进行了进一步详细说明,所应理解的是,以上所述仅为本发明的具体实施方式而已,并不用于限定本发明的保护范围,凡在本发明的技术方案的基础之上,所做的任何修改、等同替换、改进等,均应包括在本发明的保护范围之内。The specific embodiments described above have further described the purpose, technical solutions and beneficial effects of the present invention in detail. It should be understood that the above descriptions are only specific embodiments of the present invention and are not intended to limit the scope of the present invention. Protection scope, any modification, equivalent replacement, improvement, etc. made on the basis of the technical solution of the present invention shall be included in the protection scope of the present invention.

Claims (18)

1.一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个兴趣点POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述方法包括:1. A data query method based on privacy protection, involving a query party and a data party, the data party holds a plurality of points of interest POIs distributed in geographical space, the geographical space is divided into multiple partitions, and a single place The partition is divided into a plurality of subspaces, the method includes: 所述查询方从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;The inquiring party determines from the plurality of partitions the target partition to which the target location to be queried belongs, and determines from the target partitions m objects whose distance to the target location is within a preset range subspace; 所述查询方向所述数据方发送用于查询POI的查询请求,其中包括用于指示所述目标分区的指示信息;The query direction sends a query request for querying the POI to the data party, including indication information for indicating the target partition; 所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的不经意传输OT协议,使得所述查询方从所述数据方获得所述m个目标子空间内的POI。Based on the identifiers of the m target subspaces, the inquiring party jointly executes the inadvertent transfer OT protocol in which N selects m based on the identifiers of the N subspaces included in the target partition, so that the inquiring party from The data side obtains POIs in the m target subspaces. 2.根据权利要求1所述的方法,其中,2. The method of claim 1, wherein, 所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:Based on the identifiers of the m target subspaces, the query side, and based on the identifiers of the N subspaces included in the target partition, the data side jointly executes an OT protocol in which N selects m, including: 所述查询方向所述数据方发送m个第一密文,所述m个第一密文是根据可交换加密算法的第一密钥,对所述m个目标子空间的标识加密得到的;The query direction sends m first ciphertexts to the data party, and the m first ciphertexts are obtained by encrypting the identifiers of the m target subspaces according to the first key of an exchangeable encryption algorithm; 所述数据方根据可交换加密算法的第二密钥,对所述m个第一密文进行加密,获得m个第二密文;The data party encrypts the m first ciphertexts according to the second key of the exchangeable encryption algorithm to obtain m second ciphertexts; 所述数据方向所述查询方发送所述m个第二密文和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI进行加密得到的,所述N个对称密钥是根据可交换加密算法的第二密钥,对所述N个子空间的标识加密得到的;The data direction sends the m second ciphertexts and N data ciphertexts to the querying party, and the N data ciphertexts encrypt POIs in the N subspaces according to N symmetric keys obtained, the N symmetric keys are obtained by encrypting the identifiers of the N subspaces according to the second key of an exchangeable encryption algorithm; 所述查询方根据所述第一密钥对应的解密密钥,对所述m个第二密文进行解密,获得m个第三密文;The querying party decrypts the m second ciphertexts according to the decryption key corresponding to the first key to obtain m third ciphertexts; 所述查询方将所述m个第三密文作为解密密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。The querying party uses the m third ciphertexts as decryption keys to decrypt m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, and obtain the m target subspaces POIs within the subspace. 3.根据权利要求1所述的方法,所述子空间的标识包括属于k个类别的k个编号;3. The method according to claim 1, the identification of the subspace comprises k numbers belonging to k categories; 其中,所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:Wherein, the query side is based on the identification of the m target subspaces, and the data side is based on the identification of the N subspaces included in the target partition, and jointly executes an OT protocol where N selects m, including: 所述查询方获取k个第一密文集合,并将其发送到所述数据方,所述k个第一密文集合是根据可交换加密算法的k个第一密钥,对所述m个目标子空间的标识中属于所述k个类别的编号分别进行加密得到的;The querying party obtains k first ciphertext sets and sends them to the data party, the k first ciphertext sets are k first keys according to an exchangeable encryption algorithm, and the m obtained by encrypting the numbers belonging to the k categories in the identifiers of the target subspaces respectively; 所述数据方根据可交换加密算法的k个第二密钥,对所述k个第一密文集合进行加密,获得k个第二密文集合;The data party encrypts the k first ciphertext sets according to k second keys of an exchangeable encryption algorithm to obtain k second ciphertext sets; 所述数据方向所述查询方发送所述k个第二密文集合和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,第j个对称密钥是根据所述k个第二密钥,对第j个子空间的标识所包括的k个编号加密得到的;The data direction sends the k second ciphertext sets and N data ciphertexts to the querying party, and the N data ciphertexts encrypt POIs in the N subspaces according to N symmetric keys The jth symmetric key is obtained by encrypting the k numbers included in the identity of the jth subspace according to the k second keys; 所述查询方根据所述k个第一密钥对应的k个解密密钥,对所述k个第二密文集合进行解密,获得k个第三密文集合;The querying party decrypts the k second ciphertext sets according to the k decryption keys corresponding to the k first keys, and obtains k third ciphertext sets; 所述查询方根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组;The querying party extracts ciphertext elements from the k third ciphertext sets according to the identifiers of the m target subspaces, and combines them to generate m ciphertext groups corresponding to the m target subspaces; 所述查询方将所述m个密文组作为对称密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。The querying party uses the m ciphertext groups as a symmetric key to decrypt the m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, and obtains the m target subspaces POIs in the space. 4.根据权利要求3所述的方法,其中,所述查询方根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组,具体包括:4. The method according to claim 3, wherein the querying party extracts ciphertext elements from the k third ciphertext sets according to the identifications of the m target subspaces, and combines to generate the m m ciphertext groups corresponding to the target subspace, including: 所述查询方对任意的第p个目标子空间,根据所述第p个目标子空间的标识中属于第i个类别的编号,从第i个第三密文集合中确定出与所述第p个目标子空间对应的密文元素;For any p-th target subspace, the querying party determines from the i-th third ciphertext set that is consistent with the i-th ciphertext set according to the number belonging to the i-th category in the identifier of the p-th target subspace. Ciphertext elements corresponding to p target subspaces; 所述查询方组合与所述第p个目标子空间对应的k个密文元素,获得对应的密文组。The querying party combines the k ciphertext elements corresponding to the p-th target subspace to obtain a corresponding ciphertext group. 5.根据权利要求3所述的方法,所述地理空间是二维空间,属于多个类别的多个编号具体包括,子空间对应在其所属分区中的行编号或列编号。5. The method according to claim 3, wherein the geographical space is a two-dimensional space, and the multiple numbers belonging to multiple categories specifically include, the subspace corresponds to the row number or the column number in the partition to which it belongs. 6.根据权利要求1-5中任一项所述的方法,所述地理空间基于经度和纬度划分为多个分区,或者,所述地理空间基于行政区域划分为多个分区。6. The method according to any one of claims 1-5, wherein the geographic space is divided into multiple partitions based on longitude and latitude, or the geographic space is divided into multiple partitions based on administrative regions. 7.一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个兴趣点POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述方法由所述查询方执行,所述方法包括:7. A data query method based on privacy protection, involving a query party and a data party, the data party holds multiple points of interest POIs distributed in geographical space, the geographical space is divided into multiple partitions, and a single The partition is divided into multiple subspaces, the method is executed by the querying party, and the method includes: 从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;Determining the target partition to which the target position to be queried belongs to from the plurality of partitions, and determining m target subspaces whose distance from the target position is within a preset range from the target partition; 向所述数据方发送用于查询POI的查询请求,包括用于指示所述目标分区的指示信息;sending a query request for querying the POI to the data party, including indication information for indicating the target partition; 基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的不经意传输OT协议,获得所述m个目标子空间内的POI。Based on the identities of the m target subspaces, and based on the identities of the N subspaces included in the target partition, the data party and the data party jointly execute the N-choice-m-inadvertent transfer OT protocol to obtain the information in the m target subspaces POIs. 8.根据权利要求7所述的方法,其中,8. The method of claim 7, wherein, 所述基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:The OT protocol based on the identification of the m target subspaces, and the identification of the N subspaces included in the target partition by the data party, jointly executes N selecting m, including: 向所述数据方发送m个第一密文,所述m个第一密文是根据可交换加密算法的第一密钥,对所述m个目标子空间的标识加密得到的;Send m first ciphertexts to the data party, where the m first ciphertexts are obtained by encrypting the identifiers of the m target subspaces according to the first key of an exchangeable encryption algorithm; 从所述数据方接收m个第二密文和N个数据密文,所述m个第二密文是根据可交换加密算法的第二密钥,对所述m个第一密文加密得到的,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI进行加密得到的,所述N个对称密钥是根据可交换加密算法的第二密钥,对所述N个子空间的标识加密得到的;Receive m second ciphertexts and N data ciphertexts from the data party, where the m second ciphertexts are second keys based on an exchangeable encryption algorithm, and encrypt the m first ciphertexts to obtain The N data ciphertexts are obtained by encrypting POIs in the N subspaces according to N symmetric keys, and the N symmetric keys are second keys based on an exchangeable encryption algorithm, Obtained by encrypting the identifiers of the N subspaces; 根据所述第一密钥对应的解密密钥,对所述m个第二密文解密,获得m个第三密文;Decrypting the m second ciphertexts according to the decryption key corresponding to the first key to obtain m third ciphertexts; 将所述m个第三密文作为解密密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。Using the m third ciphertexts as decryption keys, decrypting the m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, to obtain the m data ciphertexts in the m target subspaces POIs. 9.根据权利要求7所述的方法,所述子空间的标识包括属于k个类别的k个编号;9. The method according to claim 7, the identification of the subspace comprises k numbers belonging to k categories; 其中,所述基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的OT协议,包括:Wherein, based on the identifiers of the m target subspaces, and based on the identifiers of the N subspaces included in the target partition, the data party jointly executes an OT protocol in which N selects m, including: 获取k个第一密文集合,并将其发送到所述数据方,所述k个第一密文集合是根据可交换加密算法的k个第一密钥,对所述m个目标子空间的标识中属于所述k个类别的编号分别进行加密得到的;Obtaining k first ciphertext sets and sending them to the data party, the k first ciphertext sets are k first keys according to an exchangeable encryption algorithm, for the m target subspaces obtained by encrypting the numbers belonging to the k categories in the identification of ; 从所述数据方接收k个第二密文集合和N个数据密文,所述k个第二密文集合是根据可交换加密算法的k个第二密钥,对所述k个第一密文集合加密得到的,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,第j个对称密钥是根据所述k个第二密钥,对第j个子空间的标识所包括的k个编号加密得到的;Receive k second ciphertext sets and N data ciphertexts from the data party, the k second ciphertext sets are k second keys according to an exchangeable encryption algorithm, and the k first The N data ciphertexts are obtained by encrypting the POIs in the N subspaces according to the N symmetric keys, and the jth symmetric key is obtained according to the k second ciphertexts. Key, obtained by encrypting the k numbers included in the identity of the jth subspace; 根据所述k个第一密钥对应的k个解密密钥,对所述k个第二密文集合进行解密,获得k个第三密文集合;Decrypting the k second ciphertext sets according to the k decryption keys corresponding to the k first keys to obtain k third ciphertext sets; 根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组;Extracting ciphertext elements from the k third ciphertext sets according to the identifiers of the m target subspaces, and combining and generating m ciphertext groups corresponding to the m target subspaces; 将所述m个密文组作为对称密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密,获得所述m个目标子空间内的POI。Using the m ciphertext groups as symmetric keys, decrypting m data ciphertexts corresponding to the m target subspaces among the N data ciphertexts, and obtaining POIs in the m target subspaces . 10.根据权利要求9所述的方法,其中,10. The method of claim 9, wherein, 所述根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组,具体包括:According to the identification of the m target subspaces, extracting ciphertext elements from the k third ciphertext sets, and combining to generate m ciphertext groups corresponding to the m target subspaces, specifically including: 对任意的第p个目标子空间,根据所述第p个目标子空间的标识中属于第i个类别的编号,从第i个第三密文集合中确定出与所述第p个目标子空间对应的密文元素;For any p-th target subspace, according to the number belonging to the i-th category in the identification of the p-th target subspace, determine from the i-th third ciphertext set that is compatible with the p-th target subspace The ciphertext element corresponding to the space; 组合与所述第p个目标子空间对应的k个密文元素,获得对应的密文组。Combining k ciphertext elements corresponding to the p-th target subspace to obtain a corresponding ciphertext group. 11.一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个兴趣点POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述方法由所述数据方执行,所述方法包括:11. A data query method based on privacy protection, involving a query party and a data party, the data party holds a plurality of points of interest POIs distributed in a geographical space, the geographical space is divided into multiple partitions, and a single The partition is divided into multiple subspaces, the method is executed by the data party, and the method includes: 从所述查询方接收用于查询POI的查询请求,其中包括用于指示目标分区的指示信息,所述目标分区是所述查询方从所述多个分区中确定出的待查询的目标位置所属的分区;A query request for POI query is received from the querying party, which includes indication information for indicating a target partition, and the target partition is where the target location to be queried determined by the querying party from the plurality of partitions belongs the partition; 基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的不经意传输OT协议,使得所述查询方获得所述m个目标子空间内的POI,所述目标子空间是所述查询方从所述目标分区中确定的与所述目标位置间的距离在预设范围之内的子空间。Based on the identities of the N subspaces included in the target partition, and based on the identities of the m target subspaces, the inquiring party jointly executes the inadvertent transfer OT protocol in which N selects m, so that the inquiring party obtains the m targets A POI in a subspace, the target subspace is a subspace determined by the querying party from the target partition and the distance between the target location and the target location is within a preset range. 12.根据权利要求11所述的方法,其中,12. The method of claim 11, wherein, 所述基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,包括:The OT protocol based on the identification of N subspaces included in the target partition, and the query party based on the identification of m target subspaces, jointly executes the OT protocol of selecting m from N, including: 从所述查询方接收m个第一密文,所述m个第一密文是根据可交换加密算法的第一密钥,对所述m个目标子空间的标识加密得到的;receiving m first ciphertexts from the querying party, where the m first ciphertexts are obtained by encrypting the identifiers of the m target subspaces according to a first key of an exchangeable encryption algorithm; 根据可交换加密算法的第二密钥对所述m个第一密文进行加密,获得m个第二密文;Encrypting the m first ciphertexts according to a second key of an exchangeable encryption algorithm to obtain m second ciphertexts; 向所述查询方发送所述m个第二密文和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,所述N个对称密钥是根据可交换加密算法的第二密钥,对所述N个子空间的标识加密得到的,使得所述查询方根据所述第一密钥对应的解密密钥,对所述m个第二密文进行解密以获得m个第三密文,并将所述m个第三密文作为解密密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密以获得所述m个目标子空间内的POI。Sending the m second ciphertexts and N data ciphertexts to the querying party, the N data ciphertexts are obtained by encrypting POIs in the N subspaces according to N symmetric keys, so The N symmetric keys are obtained by encrypting the identifiers of the N subspaces according to the second key of the exchangeable encryption algorithm, so that the querying party uses the decryption key corresponding to the first key to The m second ciphertexts are decrypted to obtain m third ciphertexts, and the m third ciphertexts are used as decryption keys, and the N data ciphertexts correspond to the m target subspaces The m data ciphertexts are decrypted to obtain the POIs in the m target subspaces. 13.根据权利要求11所述的方法,所述子空间的标识包括属于k个类别的k个编号;13. The method according to claim 11, wherein the identification of the subspace comprises k numbers belonging to k categories; 其中,所述基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的OT协议,包括:Wherein, based on the identifiers of the N subspaces included in the target partition, and the inquiring party based on the identifiers of the m target subspaces, jointly execute the OT protocol of selecting m from N, including: 从所述数据方接收k个第一密文集合,所述k个第一密文集合是根据可交换加密算法的k个第一密钥,对所述m个目标子空间的标识中属于所述k个类别的编号分别进行加密得到的;Receive k first ciphertext sets from the data party, the k first ciphertext sets are k first keys according to an exchangeable encryption algorithm, and the identifiers of the m target subspaces belong to all The numbers of the above k categories are obtained by encrypting respectively; 根据可交换加密算法的k个第二密钥,对所述k个第一密文集合进行加密,获得k个第二密文集合;Encrypting the k first ciphertext sets according to k second keys of an exchangeable encryption algorithm to obtain k second ciphertext sets; 向所述查询方发送所述k个第二密文集合和N个数据密文,所述N个数据密文是根据N个对称密钥,对所述N个子空间内的POI加密得到的,第j个对称密钥是根据所述k个第二密钥,对第j个子空间的标识所包括的k个编号加密得到的,使得所述查询方根据所述k个第一密钥对应的k个解密密钥,对所述k个第二密文集合进行解密以获得k个第三密文集合,根据所述m个目标子空间的标识,从所述k个第三密文集合中提取密文元素,组合生成所述m个目标子空间对应的m个密文组,并将所述m个密文组作为对称密钥,对所述N个数据密文中与所述m个目标子空间对应的m个数据密文进行解密以获得所述m个目标子空间内的POI。sending the k second ciphertext sets and N data ciphertexts to the querying party, where the N data ciphertexts are obtained by encrypting POIs in the N subspaces according to N symmetric keys, The jth symmetric key is obtained by encrypting the k numbers included in the identification of the jth subspace according to the k second keys, so that the query party uses the k number corresponding to the k first key k decryption keys, decrypting the k second ciphertext sets to obtain k third ciphertext sets, according to the identification of the m target subspaces, from the k third ciphertext sets Extracting ciphertext elements, combining and generating m ciphertext groups corresponding to the m target subspaces, and using the m ciphertext groups as symmetric keys, for the N data ciphertexts corresponding to the m target subspaces The m data ciphertexts corresponding to the subspaces are decrypted to obtain POIs in the m target subspaces. 14.一种基于隐私保护的数据查询方法,涉及查询方和数据方,所述数据方持有分布在多维特征空间内的多个特征数据,所述多维特征空间被划分为多个分区,单个所述分区被划分为多个子空间,所述方法包括:14. A data query method based on privacy protection, involving a query party and a data party, the data party holds multiple feature data distributed in a multi-dimensional feature space, the multi-dimensional feature space is divided into multiple partitions, and a single The partition is divided into a plurality of subspaces, the method comprising: 所述查询方从所述多个分区中确定出待查询的目标特征所属的目标分区,并从所述目标分区中确定出与所述目标特征间的距离在预设范围之内的m个目标子空间;The inquiring party determines the target partition to which the target feature to be queried belongs to from the plurality of partitions, and determines m targets whose distance from the target feature is within a preset range from the target partition subspace; 所述查询方向所述数据方发送用于查询特征数据的查询请求,其中包括用于指示所述目标分区的指示信息;The query direction sends a query request for querying characteristic data to the data party, including indication information for indicating the target partition; 所述查询方基于所述m个目标子空间的标识,所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的不经意传输OT协议,使得所述查询方从所述数据方获得所述m个目标子空间内的特征数据。Based on the identifiers of the m target subspaces, the inquiring party jointly executes the inadvertent transfer OT protocol in which N selects m based on the identifiers of the N subspaces included in the target partition, so that the inquiring party from The data party obtains feature data in the m target subspaces. 15.一种基于隐私保护的数据查询装置,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个兴趣点POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述装置部署在所述查询方,所述装置包括:15. A data query device based on privacy protection, involving a query party and a data party, the data party holds multiple points of interest POIs distributed in a geographical space, the geographical space is divided into multiple partitions, and a single The partition is divided into multiple subspaces, the device is deployed on the query side, and the device includes: 空间确定单元,配置为从所述多个分区中确定出待查询的目标位置所属的目标分区,并从所述目标分区中确定出与所述目标位置间的距离在预设范围之内的m个目标子空间;A space determination unit configured to determine from the plurality of partitions the target partition to which the target location to be queried belongs, and determine from the target partition that the distance between the target location and the target location is within a preset range m target subspace; 请求发送单元,配置为向所述数据方发送用于查询POI的查询请求,其中包括用于指示所述目标分区的指示信息;A request sending unit configured to send a query request for querying POIs to the data party, including indication information for indicating the target partition; 安全通信单元,配置为基于所述m个目标子空间的标识,与所述数据方基于所述目标分区所包括的N个子空间的标识,联合执行N选m的不经意传输OT协议,获得所述m个目标子空间内的POI。The secure communication unit is configured to jointly execute the inadvertent transfer OT protocol in which N selects m based on the identifiers of the m target subspaces, and the data party based on the identifiers of the N subspaces included in the target partition, to obtain the POIs within m target subspaces. 16.一种基于隐私保护的数据查询装置,涉及查询方和数据方,所述数据方持有分布在地理空间内的多个兴趣点POI,所述地理空间被划分为多个分区,单个所述分区被划分为多个子空间,所述装置部署在所述数据方,所述装置包括:16. A data query device based on privacy protection, involving a query party and a data party, the data party holds multiple points of interest POIs distributed in a geographical space, the geographical space is divided into multiple partitions, and a single The partition is divided into multiple subspaces, the device is deployed on the data side, and the device includes: 请求接收单元,配置为从所述查询方接收用于查询POI的查询请求,其中包括用于指示目标分区的指示信息,所述目标分区是所述查询方从所述多个分区中确定出的待查询的目标位置所属的分区;A request receiving unit configured to receive a query request for POI query from the querying party, including indication information for indicating a target partition, the target partition is determined by the querying party from the plurality of partitions The partition to which the target location to be queried belongs; 安全通信单元,配置为基于所述目标分区所包括的N个子空间的标识,与所述查询方基于m个目标子空间的标识,联合执行N选m的不经意传输OT协议,使得所述查询方获得所述m个目标子空间内的POI,所述目标子空间是所述查询方从所述目标分区中确定的与所述目标位置间的距离在预设范围之内的子空间。The secure communication unit is configured to jointly execute the inadvertent transfer OT protocol of selecting m from N with the inquiring party based on the identifiers of the N subspaces included in the target partition, so that the inquiring party Obtain POIs in the m target subspaces, where the target subspace is a subspace determined by the querying party from the target partition and whose distance from the target location is within a preset range. 17.一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现权利要求7-14中任一项所述的方法。17. A computing device, comprising a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, the method according to any one of claims 7-14 is implemented. 18.一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序在计算设备中执行时,计算设备实现权利要求7-14中任一项所述的方法。18. A computer-readable storage medium, on which a computer program is stored, and when the computer program is executed in a computing device, the computing device implements the method according to any one of claims 7-14.
CN202310239903.4A 2023-03-13 2023-03-13 Data query method and device based on privacy protection Pending CN116305266A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310239903.4A CN116305266A (en) 2023-03-13 2023-03-13 Data query method and device based on privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310239903.4A CN116305266A (en) 2023-03-13 2023-03-13 Data query method and device based on privacy protection

Publications (1)

Publication Number Publication Date
CN116305266A true CN116305266A (en) 2023-06-23

Family

ID=86814532

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310239903.4A Pending CN116305266A (en) 2023-03-13 2023-03-13 Data query method and device based on privacy protection

Country Status (1)

Country Link
CN (1) CN116305266A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150026190A1 (en) * 2013-07-19 2015-01-22 Salesforce.Com, Inc. Geo-location custom indexes
CN106954182A (en) * 2017-03-13 2017-07-14 步步高电子商务有限责任公司 A kind of anonymous region generation method and location privacy protection method
KR20200038908A (en) * 2014-04-17 2020-04-14 에스케이텔레콤 주식회사 Method of servicing space search and apparatus for the same
CN115052286A (en) * 2022-06-10 2022-09-13 翁敏 User privacy protection and target query method and system based on location service
CN115482050A (en) * 2022-10-19 2022-12-16 国网智能电网研究院有限公司 Charging and discharging excitation method and system for electric automobile

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150026190A1 (en) * 2013-07-19 2015-01-22 Salesforce.Com, Inc. Geo-location custom indexes
KR20200038908A (en) * 2014-04-17 2020-04-14 에스케이텔레콤 주식회사 Method of servicing space search and apparatus for the same
CN106954182A (en) * 2017-03-13 2017-07-14 步步高电子商务有限责任公司 A kind of anonymous region generation method and location privacy protection method
CN115052286A (en) * 2022-06-10 2022-09-13 翁敏 User privacy protection and target query method and system based on location service
CN115482050A (en) * 2022-10-19 2022-12-16 国网智能电网研究院有限公司 Charging and discharging excitation method and system for electric automobile

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
CHIM, TW; YIU, SM; HUI, LCK; LI, VOK: "OPQ: OT-based private querying in VANETs", IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, 2011,, vol. 4, no. 12, 31 October 2011 (2011-10-31), pages 1413 - 1422 *

Similar Documents

Publication Publication Date Title
Paulet et al. Privacy-preserving and content-protecting location based queries
CN111083631B (en) Efficient query processing method for protecting location privacy and query privacy
Peng et al. Enhanced location privacy preserving scheme in location-based services
Zhang et al. Message in a sealed bottle: Privacy preserving friending in mobile social networks
CN109740376B (en) Location privacy protection method, system, device and medium based on neighbor query
Schlegel et al. User-defined privacy grid system for continuous location-based services
Yi et al. Practical k nearest neighbor queries with location privacy
Lien et al. A novel privacy preserving location-based service protocol with secret circular shift for k-nn search
CN113905047B (en) A privacy protection method and system for spatial crowdsourcing task allocation
CN106792501A (en) A kind of LBS customer locations and privacy of identities guard method
CN106059988B (en) Trajectory privacy protection method based on location service
CN113886887A (en) Data query method and device based on multi-party secure computing
CN114239018B (en) Shared data number determining method and system for protecting privacy data
CN105933357A (en) Grid cell identifier matching based location-based service method
Palmieri et al. Spatial bloom filters: Enabling privacy in location-aware applications
CN115052286A (en) User privacy protection and target query method and system based on location service
CN111914264A (en) Index creation method and device, and data verification method and device
WO2022099893A1 (en) Data query method, apparatus and system, and data set processing method
Guan et al. Privacy-preserving outsourced task scheduling in mobile crowdsourcing
CN109194666A (en) A kind of safe kNN querying method based on LBS
Guan et al. Privacy-preserving fog-based multi-location task allocation in mobile crowdsourcing
van der Beets et al. FAPRIL: Towards faster privacy-preserving fingerprint-based localization
Ashouri-Talouki et al. Homomorphic encryption to preserve location privacy
CN116305266A (en) Data query method and device based on privacy protection
Xu et al. PriTAEC: Privacy-preserving task assignment based on oblivious transfer and edge computing in VANET

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination