CN111585743B - A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers - Google Patents

A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers Download PDF

Info

Publication number
CN111585743B
CN111585743B CN202010351758.5A CN202010351758A CN111585743B CN 111585743 B CN111585743 B CN 111585743B CN 202010351758 A CN202010351758 A CN 202010351758A CN 111585743 B CN111585743 B CN 111585743B
Authority
CN
China
Prior art keywords
public key
party
decryptor
random
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010351758.5A
Other languages
Chinese (zh)
Other versions
CN111585743A (en
Inventor
李学俊
姜天奕
赵佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN202010351758.5A priority Critical patent/CN111585743B/en
Publication of CN111585743A publication Critical patent/CN111585743A/en
Application granted granted Critical
Publication of CN111585743B publication Critical patent/CN111585743B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3033Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Complex Calculations (AREA)
  • Storage Device Security (AREA)

Abstract

具体涉及一种整数上多对一同态加密公钥压缩方法,包括将安全参数和解密方的公钥元素代入解密方公钥函数中生成解密方公钥向量;将解密方公钥向量进行置换操作得到置换后的解密方公钥向量,将安全参数、置换后的解密方公钥向量和加密方的公钥元素代入加密方公钥函数生成加密方公钥向量集合;将加密方公钥向量集合和解密参数代入解密函数中,利用解密函数将随机明文映射为密文;将密文和加密方私钥集合代入加密私钥函数中得到解密明文;将密文和解密方私钥代入解密私钥函数中得到解密明文。本申请将公钥元素大小进行压缩,极大降低了公钥存储空间,同时使用一个密钥对多个加密方信息进行解密,使多个加密方同时进行数据传输,提高了算法的效率。

Figure 202010351758

It specifically relates to a public key compression method for many-to-one homomorphic encryption on integers, which includes substituting security parameters and the public key elements of the decryptor into the public key function of the decryptor to generate a public key vector of the decryptor; performing a permutation operation on the public key vector of the decryptor Obtain the replaced public key vector of the decryptor, substitute the security parameters, the replaced public key vector of the decryptor and the public key elements of the encryptor into the public key function of the encryptor to generate a set of public key vectors of the encryptor; Substitute the ciphertext and decryption parameters into the decryption function, and use the decryption function to map the random plaintext into ciphertext; substitute the ciphertext and the private key set of the encryptor into the encryption private key function to obtain the decrypted plaintext; substitute the ciphertext and the private key of the decryptor into the private key of the decryption The decrypted plaintext is obtained in the function. The application compresses the size of the public key element, which greatly reduces the storage space of the public key, and uses one key to decrypt the information of multiple encryption parties at the same time, so that multiple encryption parties can transmit data at the same time, which improves the efficiency of the algorithm.

Figure 202010351758

Description

Homomorphic encryption public key compression method for many-to-one on integer
Technical Field
The invention belongs to the field of homomorphic encryption on integers, and particularly relates to a many-to-one homomorphic encryption public key compression method on integers.
Background
The homomorphic encryption technology refers to a technology which can directly operate on a ciphertext without decrypting the ciphertext, and the homomorphic encryption technology directly operates on the ciphertext and has the same decryption result of the same operation on the plaintext. The homomorphic encryption technology can directly operate the ciphertext without exposing plaintext information, so that the safety of data can be guaranteed, and the homomorphic encryption technology has important application value in a cloud environment.
The first true homomorphic encryption scheme is proposed by Gentry in 2009, the scheme is an ideal lattice-based homomorphic encryption scheme, firstly, a homomorphic-like encryption scheme needs to be designed, and the scheme can support limited ciphertext operation; and then, the bootstrap technology is used for reducing the noise after each operation, so that the noise is in a reasonable range without influencing decryption, and finally, a fully homomorphic encryption scheme is obtained. In order to make the above scheme more concise and understandable, an integer-based fully homomorphic encryption scheme (DGHV) is proposed, which follows the framework of the Gentry scheme, simplifies the operation into modular operations of addition and multiplication on integers, and has simple concept and uncomplicated calculation.
The public key complexity of the DGHV scheme is O (lambda)10) Under the condition of large security parameter level, the storage amount of the public key reaches GB level, the storage amount is too large and is difficult to put into practical application, moreover, the encryption and decryption party of the scheme can only encrypt and decrypt one to one, and the key management is difficult and the efficiency is low.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a compression method of a homomorphic encryption public key of many-to-one on an integer. The technical problem to be solved by the invention is realized by the following technical scheme:
a method for compressing homomorphic encryption public keys of many-to-one on integers comprises the following steps:
substituting the security parameter lambda and the public key element of the decryptor into a public key function of the decryptor to generate a public key vector pk of the decryptor;
performing a replacement operation on the decryptor public key vector pk to obtain a replaced decryptor public key vector
Figure BDA0002472165840000021
The security parameter lambda and the replaced public key vector of the decryption party
Figure BDA0002472165840000022
And cipher side public key element substitutionEncryption side public key function generation encryption side public key vector set pki
The public key vector set pk of the encryption party is processediAnd substituting the decryption parameter into a decryption function, and mapping the random plaintext m into a ciphertext c by using the decryption functioni
The ciphertext ciSubstituting the encryption party private key set into an encryption party private key function to obtain a first decrypted plaintext mi
The ciphertext ciSubstituting the decryption side private key into a decryption side private key function to obtain a second decryption plaintext m'i
In one embodiment of the present invention, substituting the security parameter λ and the decryptor public key element into a decryptor public key function to generate a decryptor public key vector pk includes:
generating a decryption side large prime number p through a random library, wherein the decryption side large prime number p is used as a decryption side private key;
selecting a random seed se, and substituting the random seed se into the random library to generate a pseudo-random number generator f (se);
generating a maximum random integer q by the random library0
According to the decryption square large prime number p and the maximum random integer q0Obtaining a clear public key integer x for the decryptor0
Generating a set of pseudorandom integers χ by the pseudorandom number generator f (se)i,b
According to the pseudo-random integer set χi,bObtaining a public key element set delta of a decryptori,b
The random seed se and the decryption party non-interference public key integer x0And said set δ of public key elements of decryptori,bAnd substituting the public key function of the decryptor to generate a public key vector pk of the decryptor.
In an embodiment of the present invention, the public key vector pk of the decryptor is subjected to a permutation operation to obtain a permuted public key vector of the decryptor
Figure BDA0002472165840000031
The security parameter lambda and the replaced public key vector of the decryption party
Figure BDA0002472165840000032
Generating and substituting encryption party public key elements into an encryption party public key function to generate an encryption party public key vector set pkiThe method comprises the following steps:
generating a large prime number set p of an encryption square through the random libraryiThe set of square large prime numbers piAs a set of encryption party private keys;
randomly permuting the decryptor public key element set δi,bThe public key element sequence in (1) to obtain the replaced public key element set of the decryptor
Figure BDA0002472165840000033
The random seed se and the decryption party non-interference public key integer x0And the permuted set of public key elements of the decryptor
Figure BDA0002472165840000034
Substituting the public key function of the decryption party to obtain a replaced public key vector of the decryption party
Figure BDA0002472165840000035
Generating the rest random integer set q of the encryption party through the random libraryi,v,bThe rest noise set r of the encryption sidei,v,bBy said set of encrypter large primes piThe set q of the rest random integers of the encryption partyi,v,bThe set r of rest noise of the encryption sidei,v,bAnd the permuted set of public key elements of the decryptor
Figure BDA0002472165840000036
Obtaining the integer set x of the rest public keys of the encryption partyi,v,b
According to the rest public key integer set x of the encryption partyi,v,bAnd the rest of the encryption side public key element set
Figure BDA0002472165840000037
Obtaining a public key vector set pk of an encryption partyi
In one embodiment of the invention, the set pk of public key vectors of the encryptor is usediAnd substituting the decryption parameter into a decryption function, and mapping the random plaintext m into a ciphertext c by using the decryption functioniThe method comprises the following steps:
respectively generating random integer vectors b through the random libraryiRandom noise integer siAnd a random plaintext m;
the random integer vector biThe random noise integer siThe random plaintext m and the encryption side public key vector set pkiSubstituting into a decryption function to map the random plaintext m into a ciphertext ci
In one embodiment of the invention, the ciphertext c is combinediSubstituting the encryption party private key set into an encryption party private key function to obtain a first decrypted plaintext miThe method comprises the following steps:
the ciphertext ciSubstituting the encryption party private key set into an encryption party private key function, and utilizing the encryption party private key function to carry out the ciphertext ciMapping to the first decrypted plaintext miThe set of encryptor private keys is equal to the set of encryptor large prime numbers pi
In one embodiment of the invention, the ciphertext c is combinediSubstituting the decryption side private key into a decryption side private key function to obtain a second decryption plaintext m'iThe method comprises the following steps:
the ciphertext ciSubstituting the decryption party private key into a decryption party private key function, and utilizing the decryption party private key function to convert the ciphertext c into the ciphertext ciMapping to the second decrypted plaintext m'iThe decryptor private key is equal to the decryptor large prime number p.
In one embodiment of the invention, the maximum random integer q0Is a non-square integer and satisfies 2λ-rough。
In one embodiment of the invention, the set of decryptor public key elements δi,bThe expression of (a) is:
δi,b=[χi,b]pi,b·p-ri,b
wherein ξi,bIs a random integer, ri,bFor decryption side random noise, i is more than or equal to 1 and less than or equal to beta, b is more than or equal to 0 and less than or equal to 3, beta is a random integer, and i and b are parameter values.
The invention has the beneficial effects that:
1. the method and the device compress the size of the public key element, greatly reduce the storage space of the public key and improve the practicability of the scheme.
2. The method and the device can decrypt information of a plurality of encryption parties by using one key, thereby not only optimizing the problem of difficult key management, but also enabling a plurality of encryption parties to simultaneously transmit data and improving the efficiency of the algorithm.
The present invention will be described in further detail with reference to the accompanying drawings and examples.
Drawings
FIG. 1 is a diagram of steps of a method for compressing a homomorphic encryption public key for many-to-one over integers according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a method for compressing a homomorphic encryption public key of many-to-one over an integer according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to specific examples, but the embodiments of the present invention are not limited thereto.
Example one
Referring to fig. 1, fig. 1 is a diagram of steps of a method for compressing an integer many-to-one homomorphic encryption public key according to an embodiment of the present invention. The embodiment of the invention provides a method for compressing a homomorphic encryption public key of many-to-one on an integer, which comprises the following steps:
s1, substituting the security parameter lambda and the public key element of the decryptor into a public key function of the decryptor to generate a public key vector pk of the decryptor;
s2, carrying out replacement operation on the public key vector pk of the decryptor to obtain the replaced public key vector of the decryptor
Figure BDA0002472165840000051
The security parameter lambda and the replaced public key vector of the decryption party
Figure BDA0002472165840000052
Generating and substituting encryption party public key elements into an encryption party public key function to generate an encryption party public key vector set pki
S3, collecting vector pk of the public key vector of the encryption partyiAnd substituting the decryption parameter into a decryption function, and mapping the random plaintext m into a ciphertext c by using the decryption functioni
S4, converting the ciphertext ciSubstituting the encryption party private key set into an encryption party private key function to obtain a first decrypted plaintext mi
S5, the ciphertext ciSubstituting the decryption side private key into a decryption side private key function to obtain a second decryption plaintext m'i
The method obtains a decryption party public key vector pk through a security parameter lambda and a decryption party public key element, wherein the decryption party public key element comprises a random seed se and a decryption party non-interference public key integer x0And decryptor public key element set deltai,bAnd generating the decryption side public key vector pk into a replaced decryption side public key vector through a replacement operation
Figure BDA0002472165840000061
Further, the security parameter lambda and the replaced public key vector of the decryption party
Figure BDA0002472165840000062
Substituting the encryption party public key elements into an encryption party public key function to generate an encryption party public key vector set pkiThe cipher side public key element comprises the integer set x of the rest public keys of the cipher sidei,v,bAnd the rest of the public key element set of the encryption party
Figure BDA0002472165840000063
The public key vector set pk of the encryption partyiSubstituting the decryption parameter into a decryption function to obtain a ciphertext ciThe decryption parameter comprises randomInteger vector biRandom noise integer siAnd random plaintext m, ciphertext ciSubstituting the encryption party private key set into the encryption party private key function to obtain a first decrypted plaintext miCiphertext ciSubstituting the decryption side private key into a decryption side private key function to obtain a second decryption plaintext m'iWhen the values of i are the same, the first decrypted plaintext miIs equal to the second decrypted plaintext m'i
This embodiment takes the public key element size from the public key complexity O (λ) of the prior art DGHV scheme10) Compression to O (lambda)3) The public key storage space is greatly reduced, the practicability of the scheme is improved, one secret key decrypts information of a plurality of encryption parties, the problem of difficulty in managing a large number of secret keys is optimized, the plurality of encryption parties can transmit data simultaneously, and the algorithm efficiency is improved.
Example two
Referring to fig. 2, fig. 2 is a schematic diagram of a homomorphic encryption public key compression method for many-to-one over integers according to an embodiment of the present invention. The embodiment of the invention provides a method for compressing a homomorphic encryption public key of many-to-one integer, which substitutes a security parameter lambda and a public key element of a decryptor into a public key function of the decryptor to generate a public key vector pk of the decryptor, and comprises the following steps:
s11, generating a decryption side big prime number p through a random library, wherein the decryption side big prime number p is used as a decryption side private key;
s12, selecting a random seed se, and substituting the random seed se into the random library to generate a pseudo-random number generator f (se);
s13, generating the maximum random integer q through the random library0
S14, according to the decryption square big prime number p and the maximum random integer q0Obtaining a clear public key integer x for the decryptor0
S15, generating a pseudo-random integer set χ through the pseudo-random number generator f (se)i,b
S16, according to the pseudo-random integer set χi,bObtaining a public key element set delta of a decryptori,b
S17, using the random seed se and the non-interference public key integer x of the decryptor0And said set δ of public key elements of decryptori,bAnd substituting the public key function of the decryptor to generate a public key vector pk of the decryptor.
Further, the maximum random integer q0Is a non-square integer and satisfies 2λ-rough。
Further, the set δ of public key elements of decryptori,bThe expression of (a) is:
δi,b=[χi,b]pi,b·p-ri,b
wherein ξi,bIs a random integer, ri,bFor decryption side random noise, i is more than or equal to 1 and less than or equal to beta, b is more than or equal to 0 and less than or equal to 3, beta is a random integer, and i and b are parameter values.
In this embodiment, a large decrypting party prime number p with η bit length is generated by the random library as the private key sk of the decrypting party, and the large decrypting party prime number p belongs to [2 ]η-1,2η) I.e. p ∈ [2 ]η-1,2η) Substituting into a random library to generate a decryption side large prime number p with the length of eta bit, wherein the random library is random. Maximum random integer q0Is a non-square integer and satisfies 2λ-rough。
Randomly selecting one integer from 1-50 integers as a random seed se, substituting the random seed se into a random library to generate a pseudo-random number generator f (se), wherein the expression of the pseudo-random number generator is as follows: random (se), mixing q0∈[0,2γ/p) entering random library to generate maximum random integer q0Maximum random integer q0Is a non-square integer and satisfies 2λ-rough,2λThe term rough integer means that the integer does not include the ratio 2λSmall prime factors, i.e. largest random integers q0Greater than or equal to 2λMaking the decryptor have no interference public key integer x0=q0P, generating a pseudo-random integer set χ by a pseudo-random number generator f (se)i,bBy pseudo-random integer set χi,bAnd the number p of square prime numbersObtaining a public key element set delta of a decryptori,bSet of public key elements of decrypter deltai,bThe expression of (a) is:
δi,b=[χi,b]pi,b·p-ri,b
wherein ξi,bIs a random integer, ri,bFor decrypting square random noise, i is more than or equal to 1 and less than or equal to beta, b is more than or equal to 0 and less than or equal to 3, beta is a random integer, i and b are parameter values, r isi,bAnd xii,bCan be randomly generated by random library, ri,b∈(-2ρ,2ρ)。
Let decryption side public key integer set xi,b=χi,bi,bSet of public key integers x of decrypteri,bIs a public key basis quantity, a set of public key elements of a decryptor deltai,bIs the public key offset because of the decryptor public key integer set xi,bPublic key element set delta of decryption sidei,bThe invention has large memory occupation, and the public key element set delta of the decryptor is selected and stored in the inventioni,bThe size of the public key element is increased from O (lambda)10) Compression to O (lambda)3) The space complexity is reduced, the public key storage space is greatly reduced, and the practicability of the scheme is improved.
Using random seed se, decryption side non-interference public key integer x0And decryptor public key element set deltai,bSubstituting the public key function of the decryptor to generate a public key vector pk of the decryptor, wherein the expression of the public key vector set pk of the decryptor is as follows: pk ═ (se, x)0,(δi,b)1≤i≤β,0≤b≤3) I is more than or equal to 1 and less than or equal to beta, b is more than or equal to 0 and less than or equal to 3, beta is a random integer, and i and b are parameter values.
Performing a replacement operation on the decryptor public key vector pk to obtain a replaced decryptor public key vector
Figure BDA0002472165840000091
The security parameter lambda and the replaced public key vector of the decryption party
Figure BDA0002472165840000092
Substituting the encryption side public key element into the encryption side public key functionBecome the public key vector set pk of the encryption partyiThe method comprises the following steps:
s21, generating a large prime number set p of an encryption square through the random libraryiThe set of square large prime numbers piAs a set of encryption party private keys;
s22, randomly replacing the public key element set delta of the decryptori,bThe public key element sequence in (1) to obtain the replaced public key element set of the decryptor
Figure BDA0002472165840000093
S23, using the random seed se and the non-interference public key integer x of the decryptor0And the permuted set of public key elements of the decryptor
Figure BDA0002472165840000094
Substituting the public key function of the decryption party to obtain a replaced public key vector of the decryption party
Figure BDA0002472165840000095
S24, generating the rest random integer set q of the encryption party through the random libraryi,v,bThe rest noise set r of the encryption sidei,v,bBy said set of encrypter large primes piThe set q of the rest random integers of the encryption partyi,v,bThe set r of rest noise of the encryption sidei,v,bAnd the permuted set of public key elements of the decryptor
Figure BDA0002472165840000096
Obtaining the integer set x of the rest public keys of the encryption partyi,v,b
S25, according to the other public key integer set x of the encryption sidei,v,bAnd the rest of the encryption side public key element set
Figure BDA0002472165840000097
Obtaining a public key vector set pk of an encryption partyi
Will be provided with
Figure BDA0002472165840000098
Substituting random library to generate random etaiBit-encrypted square large prime number set piI 1, …, n, set of cryptographic large primes piAs the set sk of private keys of the encryption partyiSet of public key elements of decrypter deltai,bAfter each public key element in the decryption party public key element set is randomly replaced, a replaced decryption party public key element set is obtained
Figure BDA0002472165840000099
Using random seed se, decryption side non-interference public key integer x0And permuted set of public key elements of decryptor
Figure BDA00024721658400000910
Substituting the public key function of the decryption party to obtain the public key vector of the decryption party
Figure BDA00024721658400000911
The expression is
Figure BDA00024721658400000912
Wherein, beta is a random integer, and i and b are parameter values.
Generation of encryptor maximum random integer q by random libraryi,0And the rest random integer set q of the encryption partyi,v,bMaximum noise r on encryption sidei,0And the remaining noise set r of the encryption sidei,v,b
Figure BDA0002472165840000101
Figure BDA0002472165840000102
Obtaining the integer set x of the rest public keys of the encryption partyi,v,bThe expression of (a) is:
Figure BDA0002472165840000103
wherein, χi,v,bFor the remaining pseudo-random set of integers, δ, of the encryption sidei,v,bV is more than or equal to 1 and less than or equal to beta for the other public key element sets of the encryption partyi,0≤b≤3。
Order addingSecret maximum non-interfering public key integer xi,0=piqi,0x0+2ri,0The random seed se and the decryption side have no interference public key integer x0The maximum public key integer x of the encryption sidei,0And the rest public key element set delta of the encryption partyi,v,bSubstituting the encryption side public key function to obtain an encryption side public key vector set pkiExpressed as pki=(se,x0,xi,0i,v,b)1≤i≤β,1≤v≤βi,0≤b≤3) Wherein, β and βiAnd i and b are random integers, i is 1, …, n is 1, … and 3.
The public key vector set pk of the encryption party is processediAnd substituting the decryption parameter into a decryption function, and mapping the random plaintext m into a ciphertext c by using the decryption functioniThe method comprises the following steps:
s31, respectively generating random integer vectors b through the random libraryiRandom noise integer siAnd a random plaintext m;
s32, converting the random integer vector biThe random noise integer siThe random plaintext m and the encryption side public key vector set pkiSubstituting into a decryption function to map the random plaintext m into a ciphertext ci
B is toi,v∈[0,2α) Substituting random library to generate random integer vector
Figure BDA0002472165840000104
Will be provided with
Figure BDA0002472165840000105
Substituting random library to generate random noise integer siSubstituting m E {0,1} into random library of python to generate random plaintext m, and substituting random integer vector biRandom noise integer siRandom plaintext m and encryption side public key vector set pkiSubstituting into a decryption function to obtain a ciphertext ciThe expression is
Figure BDA0002472165840000106
Is referred to as a brief introductionKey function ci=E(pki,mi),v1、v2、v3And v4For parameter values, β is a random integer.
The ciphertext ciSubstituting the encryption party private key set into an encryption party private key function to obtain a first decrypted plaintext miThe method comprises the following steps:
the ciphertext ciSubstituting the encryption party private key set into an encryption party private key function, and utilizing the encryption party private key function to carry out the ciphertext ciMapping to the first decrypted plaintext miThe set of encryptor private keys is equal to the set of encryptor large prime numbers pi
The ciphertext ciSubstituting the encryption party private key set into an encryption party private key function to obtain a first decrypted plaintext miFirst decrypting plaintext miThe expression of (a) is: m isi←[cimodpi]2First decryption private key function mi=C(ski,ci) Wherein i is a parameter value, i is 1, …, n.
The ciphertext ciSubstituting the decryption side private key into a decryption side private key function to obtain a second decryption plaintext m'iThe method comprises the following steps:
the ciphertext ciSubstituting the decryption side private key into the decryption side private key function, and utilizing the decryption side private key function to carry out the cryptograph ciMapping to the second decrypted plaintext m'iThe decryptor private key is equal to the decryptor large prime number p.
The ciphertext ciSubstituting the decryption side private key into a decryption side private key function to obtain a second decryption plaintext m'iSecond decrypted plaintext m'iThe expression of (a) is: m'i←[cimodp]2Abbreviated as second decryption private key function m'i=C(sk,ci) Wherein i is a parameter value, i is 1, …, n.
When the value of i is the same, the first decrypted plaintext m can be obtained by the two methodsiAnd second decrypted plaintext m'iEquality, using one key to encrypt multiple party informationThe decryption optimizes the problem of difficult key management, and can ensure that a plurality of encryption parties transmit data simultaneously, thereby improving the efficiency of the algorithm and further proving the correctness of the scheme.
In summary, there are a decryptor and n encryptors in the present application, each encryptor encrypts its own ciphertext through its public key function and sends it to the decryptor, and after receiving the ciphertext, the decryptor decrypts it through its private key function to obtain the decrypted ciphertext finally. For example, the encryptor P1 passes through its own public key function E (PK)1,m1) After encryption, ciphertext c is obtained1Starting the ciphertext c1To the decryption side, the decryption side receives the ciphertext c1Private key function m of post-pass decryptor1=C(sk1,c1) Obtain the decrypted plaintext m1
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention; thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (6)

1.一种整数上多对一同态加密公钥压缩方法,其特征在于,包括:1. a kind of many-to-one homomorphic encryption public key compression method on an integer, is characterized in that, comprises: 将安全参数λ和解密方公钥元素代入解密方公钥函数生成解密方公钥向量pk;Substitute the security parameter λ and the decryptor public key element into the decryptor public key function to generate the decryptor public key vector pk; 将所述解密方公钥向量pk进行置换操作得到置换后的解密方公钥向量
Figure FDA0003374915490000011
将所述安全参数λ、所述置换后的解密方公钥向量
Figure FDA0003374915490000012
和加密方公钥元素代入加密方公钥函数生成加密方公钥向量集合pkiPerform a permutation operation on the decryptor's public key vector pk to obtain the permuted decryptor's public key vector
Figure FDA0003374915490000011
The security parameter λ, the permuted decryptor public key vector
Figure FDA0003374915490000012
Substitute the encryption party public key element with the encryption party public key function to generate the encryption party public key vector set p i ; 将所述加密方公钥向量集合pki和解密参数代入解密函数中,利用所述解密函数将随机明文m映射为密文ciSubstitute the encryption party public key vector set pk i and the decryption parameter into the decryption function, and utilize the decryption function to map the random plaintext m to the ciphertext c i ; 将所述密文ci和加密方私钥集合代入加密方私钥函数中得到第一解密明文miSubstitute the ciphertext c i and the encryption party's private key set into the encryption party's private key function to obtain the first decrypted plaintext m i ; 将所述密文ci和解密方私钥代入解密方私钥函数中得到第二解密明文m′iSubstitute the ciphertext c i and the private key of the decrypting party into the private key function of the decrypting party to obtain the second decrypted plaintext m′ i ; 将安全参数λ和解密方公钥元素代入解密方公钥函数生成解密方公钥向量pk,包括:Substitute the security parameter λ and the decryptor's public key elements into the decryptor's public key function to generate the decryptor's public key vector pk, including: 通过random库生成解密方大素数p,所述解密方大素数p作为解密方私钥;The large prime number p of the decryptor is generated by the random library, and the large prime number p of the decryptor is used as the private key of the decryptor; 选择随机种子se,将所述随机种子se代入所述random库生成伪随机数生成器f(se);Select a random seed se, and substitute the random seed se into the random library to generate a pseudo-random number generator f(se); 通过所述random库生成最大随机整数q0Generate the maximum random integer q 0 by the random library; 根据所述解密方大素数p和所述最大随机整数q0得到解密方无干扰公钥整数x0According to the large prime number p of the decrypting party and the largest random integer q 0 , the non-interference public key integer x 0 of the decrypting party is obtained; 通过所述伪随机数生成器f(se)生成伪随机整数集合χi,bGenerate a pseudo-random integer set χ i,b by the pseudo-random number generator f(se); 根据所述伪随机整数集合χi,b得到解密方公钥元素集合δi,bObtain the decryption party public key element set δ i,b according to the pseudo-random integer set χ i ,b; 将所述随机种子se、所述解密方无干扰公钥整数x0和所述解密方公钥元素集合δi,b代入所述解密方公钥函数生成解密方公钥向量pk;Substitute the random seed se, the decryptor non-interference public key integer x 0 and the decryptor public key element set δ i,b into the decryptor public key function to generate the decryptor public key vector pk; 所述解密方公钥元素集合δi,b的表达式为:The expression of the decryption party's public key element set δ i,b is: δi,b=[χi,b]pi,b·p-ri,bδ i,b =[χ i,b ] pi,b ·pr i,b ; 其中,ξi,b为随机整数,ri,b为解密方随机噪声,1≤i≤β,0≤b≤3,β为随机整数,i和b为参数取值。Among them, ξ i,b is a random integer, ri ,b is the random noise of the decryption party, 1≤i≤β, 0≤b≤3, β is a random integer, and i and b are parameter values. 2.根据权利要求1所述的整数上多对一同态加密公钥压缩方法,其特征在于,将所述解密方公钥向量pk进行置换操作得到置换后的解密方公钥向量
Figure FDA0003374915490000021
将所述安全参数λ、所述置换后的解密方公钥向量
Figure FDA0003374915490000022
和加密方公钥元素代入加密方公钥函数生成加密方公钥向量集合pki,包括:2. The many-to-one homomorphic encryption public key compression method on an integer according to claim 1, wherein the decryption party public key vector pk is subjected to a permutation operation to obtain the decrypted party public key vector after the replacement
Figure FDA0003374915490000021
The security parameter λ, the permuted decryptor public key vector
Figure FDA0003374915490000022
Substitute the public key elements of the encryption party with the encryption party public key function to generate the encryption party public key vector set pk i , including: 通过所述random库生成加密方大素数集合pi,所述加密方大素数集合pi作为加密方私钥集合;Generate the encryption party's large prime number set pi by the random library, and the encryption party's large prime number set p i as the encryption party's private key set; 随机置换所述解密方公钥元素集合δi,b中的公钥元素顺序,得到置换后的解密方公钥元素集合
Figure FDA0003374915490000023
Randomly permute the order of public key elements in the decryptor public key element set δ i,b to obtain the permuted decryptor public key element set
Figure FDA0003374915490000023
 将所述随机种子se、所述解密方无干扰公钥整数x0和所述置换后的解密方公钥元素集合
Figure FDA0003374915490000024
代入所述解密方公钥函数得到置换后的解密方公钥向量
Figure FDA0003374915490000025
Set the random seed se, the decryptor's non-interference public key integer x 0 , and the permuted decryptor's public key element set
Figure FDA0003374915490000024
Substitute into the decryptor public key function to obtain the replaced decryptor public key vector
Figure FDA0003374915490000025
 通过所述random库生成加密方其余随机整数集合qi,v,b、加密方其余噪声集合ri,v,b,通过所述加密方大素数集合pi、所述加密方其余随机整数集合qi,v,b、所述加密方其余噪声集合ri,v,b和所述置换后的解密方公钥元素集合
Figure FDA0003374915490000026
得到加密方其余公钥整数集合xi,v,bGenerate the remaining random integer set q i,v,b of the encryption party and the remaining noise set r i,v,b of the encryption party through the random library, and use the large prime number set p i of the encryption party and the remaining random integer set of the encryption party. q i,v,b , the remaining noise set r i,v,b of the encryption party, and the set of permuted decryption party public key elements
Figure FDA0003374915490000026
Obtain the set of remaining public key integers x i,v,b of the encryption party; 根据加密方其余公钥整数集合xi,v,b和所述加密方其余公钥元素集合
Figure FDA0003374915490000027
得到加密方公钥向量集合pkiAccording to the set of remaining public key integers x i, v, b of the encryption party and the set of remaining public key elements of the encryption party
Figure FDA0003374915490000027
Obtain the encryption party public key vector set pk i . 3.根据权利要求2所述的整数上多对一同态加密公钥压缩方法,其特征在于,将所述加密方公钥向量集合pki和解密参数代入解密函数中,利用所述解密函数将随机明文m映射为密文ci,包括:3. the many-to-one homomorphic encryption public key compression method on the integer according to claim 2, is characterized in that, described encrypting party public key vector set pk i and decryption parameter are substituted in decryption function, utilize described decryption function to be. The random plaintext m is mapped to the ciphertext c i , including: 通过所述random库分别生成随机整数向量bi、随机噪声整数si和随机明文m;Generate random integer vector b i , random noise integer s i and random plaintext m respectively through the random library; 将所述随机整数向量bi、所述随机噪声整数si、所述随机明文m和所述加密方公钥向量集合pki代入解密函数中,以将所述随机明文m映射为密文ciSubstitute the random integer vector b i , the random noise integer s i , the random plaintext m and the encryption party public key vector set pk i into the decryption function to map the random plaintext m to the ciphertext c i . 4.根据权利要求3所述的整数上多对一同态加密公钥压缩方法,其特征在于,将所述密文ci和加密方私钥集合代入加密方私钥函数中得到第一解密明文mi,包括:4. the many-to-one homomorphic encryption public key compression method on the integer according to claim 3, is characterized in that, the first decrypted plaintext is obtained by substituting described ciphertext c i and encryption party private key set in the encryption party private key function m i , including: 将所述密文ci和所述加密方私钥集合代入所述加密方私钥函数中,利用所述加密方私钥函数将所述密文ci映射为所述第一解密明文mi,所述加密方私钥集合等于所述加密方大素数集合piSubstitute the ciphertext c i and the set of the encryption party's private key into the encryption party's private key function, and use the encryption party's private key function to map the ciphertext c i to the first decrypted plaintext m i , the set of private keys of the encryption party is equal to the set of large prime numbers p i of the encryption party. 5.根据权利要求3所述的整数上多对一同态加密公钥压缩方法,其特征在于,将所述密文ci和解密方私钥代入解密方私钥函数中得到第二解密明文m′i,包括:5. the many-to-one homomorphic encryption public key compression method on the integer according to claim 3, is characterized in that, substitute described ciphertext c i and decryption party private key into decryption party private key function to obtain the second decrypted plaintext m ′ i , including: 将所述密文ci和解密方私钥代入解密方私钥函数中,利用所述解密方私钥函数将所述密文ci映射为所述第二解密明文m′i,所述解密方私钥等于所述解密方大素数p。Substitute the ciphertext ci and the decryptor's private key into the decryptor's private key function, and use the decryptor's private key function to map the ciphertext ci to the second decrypted plaintext m' i , and the decryption The private key of the party is equal to the large prime number p of the decrypting party. 6.根据权利要求1所述的整数上多对一同态加密公钥压缩方法,其特征在于,所述最大随机整数q0为非平方整数,且满足2λ-rough。6 . The public key compression method for many-to-one homomorphic encryption on integers according to claim 1 , wherein the maximum random integer q 0 is a non-square integer and satisfies -rough. 7 .
CN202010351758.5A 2020-04-28 2020-04-28 A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers Active CN111585743B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010351758.5A CN111585743B (en) 2020-04-28 2020-04-28 A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010351758.5A CN111585743B (en) 2020-04-28 2020-04-28 A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers

Publications (2)

Publication Number Publication Date
CN111585743A CN111585743A (en) 2020-08-25
CN111585743B true CN111585743B (en) 2022-05-10

Family

ID=72126299

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010351758.5A Active CN111585743B (en) 2020-04-28 2020-04-28 A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers

Country Status (1)

Country Link
CN (1) CN111585743B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113114461B (en) * 2021-03-29 2022-11-18 西北工业大学 N-time public key compression method for integer homomorphic encryption
CN114584278B (en) * 2022-02-14 2025-05-02 北京信安世纪科技股份有限公司 Data homomorphic encryption method and device, data transmission method and device
CN115442127B (en) * 2022-08-31 2025-06-24 中国工商银行股份有限公司 Transmission data processing method and device
CN117272167B (en) * 2023-08-25 2025-11-28 翼健(上海)信息科技有限公司 FHE-based softmax realization method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103916248A (en) * 2014-04-10 2014-07-09 东南大学 Fully homomorphic encryption public key space compression method
CN105933101A (en) * 2016-03-31 2016-09-07 东南大学 A Fully Homomorphic Encryption Public Key Compression Method Based on Parameter High-order Offset
CN106487506A (en) * 2016-10-08 2017-03-08 西安电子科技大学 A kind of many mechanisms KP ABE method supporting pre-encrypt and outsourcing deciphering
CN107317669A (en) * 2017-07-21 2017-11-03 西安电子科技大学 Noiseless full homomorphism public key encryption method based on binary Representation theorem ring
CN108964869A (en) * 2018-06-08 2018-12-07 浙江捷尚人工智能研究发展有限公司 The short full homomorphic cryptography method and system of key

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9281941B2 (en) * 2012-02-17 2016-03-08 International Business Machines Corporation Homomorphic evaluation including key switching, modulus switching, and dynamic noise management
KR102019159B1 (en) * 2013-12-23 2019-09-09 한국전자통신연구원 Apparatus and methdo for giving the compressed encryption functionality to integer-based homomorphic encryption schemes
CN107294698B (en) * 2017-07-25 2019-11-26 西安电子科技大学 The full homomorphic cryptography method that single ciphertext homomorphism calculates
CN109962778A (en) * 2019-03-21 2019-07-02 西北工业大学 Integer-Based Multiparty Homomorphic Encryption

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103916248A (en) * 2014-04-10 2014-07-09 东南大学 Fully homomorphic encryption public key space compression method
CN105933101A (en) * 2016-03-31 2016-09-07 东南大学 A Fully Homomorphic Encryption Public Key Compression Method Based on Parameter High-order Offset
CN106487506A (en) * 2016-10-08 2017-03-08 西安电子科技大学 A kind of many mechanisms KP ABE method supporting pre-encrypt and outsourcing deciphering
CN107317669A (en) * 2017-07-21 2017-11-03 西安电子科技大学 Noiseless full homomorphism public key encryption method based on binary Representation theorem ring
CN108964869A (en) * 2018-06-08 2018-12-07 浙江捷尚人工智能研究发展有限公司 The short full homomorphic cryptography method and system of key

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
A Public Key Compression Scheme for Fully Homomorphic Encryption Based on Quadratic Parameters With Correction;Liquan Chen,etc;《IEEE》;20170906;全文 *
Secure and Efficient Collaborative Auction Scheme for Spectrum Resource Reallocation;Erzhou Zhu,etc;《IEEE》;20180917;全文 *
一个基于整数的全同态加密改进方案;熊婉君等;《密码学报》;20160215(第01期);全文 *
一个基于整数的高效全同态加密方案;李凯强等;《 网络安全技术与应用 》;20191215;全文 *
可密钥验证的多授权属性基加密方案;杨诗雨等;《计算机应用与软件》;20170515(第05期);全文 *

Also Published As

Publication number Publication date
CN111585743A (en) 2020-08-25

Similar Documents

Publication Publication Date Title
CN111585743B (en) A Many-to-One Homomorphic Encryption Public Key Compression Method on Integers
US5974144A (en) System for encryption of partitioned data blocks utilizing public key methods and random numbers
US8942371B2 (en) Method and system for a symmetric block cipher using a plurality of symmetric algorithms
CN107086912B (en) Ciphertext conversion method, decryption method and system in heterogeneous storage system
CN112260830B (en) Certificateless threshold signcryption method under secret sharing mechanism
CN114362928A (en) A Quantum Key Distribution and Reconstruction Method for Multi-node Encryption
CN106992871A (en) A Broadcast Encryption Method Oriented to Multiple Groups
Al-Arjan et al. Intelligent security in the era of AI: The key vulnerability of RC4 algorithm
RU2411666C1 (en) Method of coding
CN115361109B (en) A homomorphic encryption method supporting two-way proxy re-encryption
Ma et al. Lattice-based identity-based homomorphic conditional proxy re-encryption for secure big data computing in cloud environment
CN113852466B (en) User revocation method based on national secret SM9
Li et al. Multi-use deterministic public key proxy re-encryption from lattices in the auxiliary-input setting
Pal et al. Design of strong cryptographic schemes based on Latin squares
KR101076747B1 (en) Method and apparatus for random accessible encryption and decryption by using a hierarchical tree structure of stream cipher module
KR100388059B1 (en) Data encryption system and its method using asymmetric key encryption algorithm
CN112668042B (en) File encryption method
CN113783898A (en) A Renewable Hybrid Encryption Method
Srikantaswamy et al. Enhanced onetime pad cipher with morearithmetic and logical operations with flexible key generation algorithm
Qiu et al. Identity-based symmetric private set intersection
Xu et al. Multi-authority attribute-based encryption supporting hierarchal access policy and range policy
Liu et al. ESSVCS: an enriched secret sharing visual cryptography
CN118869199B (en) Commercial password secure transmission method and system based on credit network
CN113824559B (en) SM 9-based efficient hierarchical encryption method
CN116668022B (en) SM9 encryption method supporting single private key to decrypt multiple ciphertexts

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant