[go: up one dir, main page]

CN116303591A - Method and device for data storage and query - Google Patents

Method and device for data storage and query Download PDF

Info

Publication number
CN116303591A
CN116303591A CN202310115475.4A CN202310115475A CN116303591A CN 116303591 A CN116303591 A CN 116303591A CN 202310115475 A CN202310115475 A CN 202310115475A CN 116303591 A CN116303591 A CN 116303591A
Authority
CN
China
Prior art keywords
data
ciphertext
query
identifier
party
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310115475.4A
Other languages
Chinese (zh)
Inventor
董佳佳
赵原
殷山
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Ant Blockchain Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ant Blockchain Technology Shanghai Co Ltd filed Critical Ant Blockchain Technology Shanghai Co Ltd
Priority to CN202310115475.4A priority Critical patent/CN116303591A/en
Publication of CN116303591A publication Critical patent/CN116303591A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • G06F16/24553Query execution of query operations
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本说明书实施例提供一种数据存储、查询的方法及装置,用于协作的多个业务方共享数据的情况下,在数据的存储方和查询方不一致时,实现保护查询方隐私的隐私保护查询。具体而言,由存储方基于协商一致的数据标识构建对称加密密钥,将数据加密后存储在外部存储平台,查询方通过外部存储平台查询数据时,可以基于协商一致的数据标识获取数据密文,并经由与存储方的安全交互,构建解密密钥,从而解密从外部存储平台获取的数据密文,得到待查询数据。该技术构思可以在有效保护数据隐私的基础上提高查询效率。

Figure 202310115475

The embodiment of this specification provides a method and device for data storage and query, which is used to realize the privacy protection query that protects the privacy of the query party when the data storage party and the query party are inconsistent when multiple business parties in cooperation share data. . Specifically, the storage party builds a symmetric encryption key based on the agreed data identifier, and encrypts the data and stores it on the external storage platform. When the queryer queries data through the external storage platform, the data ciphertext can be obtained based on the agreed data identifier. , and through secure interaction with the storage party, a decryption key is constructed to decrypt the data ciphertext obtained from the external storage platform and obtain the data to be queried. This technical concept can improve query efficiency on the basis of effectively protecting data privacy.

Figure 202310115475

Description

数据存储、查询的方法及装置Method and device for data storage and query

技术领域technical field

本说明书一个或多个实施例涉及数据安全技术领域,尤其涉及多方数据存储、查询的方法及装置。One or more embodiments of this specification relate to the field of data security technology, and in particular to methods and devices for multi-party data storage and query.

背景技术Background technique

在网络环境中,通常将经过硬件或网络环境等隔离的内部环境称为域内,暴露在公网或不设限的环境称为域外。域内往往有一定的阻隔非相同环境其他节点的访问的能力,但受限于域内的基础设施和资源情况,如存储空间、网络环境等,域外则对访问没有特定的限制,可以突破存储和带宽的限制,如云服务端。In the network environment, the internal environment isolated by hardware or network environment is usually called intra-domain, and the environment exposed to the public network or unlimited is called extra-domain. The domain often has a certain ability to block the access of other nodes in different environments, but it is limited by the infrastructure and resources in the domain, such as storage space, network environment, etc., and there is no specific restriction on access outside the domain, which can break through storage and bandwidth. restrictions, such as cloud servers.

随着网络的发展,存在海量需要公用的业务数据。例如,一个集团公司和其各个子公司需要共享部分或全部业务数据,多个子应用共用某个应用的用户数据,多个合作联盟方共用数据,如网络黑名单数据。对于共用数据(可以称为公共数据),可能存在使用的多方都存在查询需求的情形。在公共数据存储在域内存储空间的情况下,在域内产生相应的存储压力、访问压力,海量数据下,这种压力较大。如果公共数据存储在域外,则可能产生数据泄露风险。因此,如何在域外安全存储和查询数据,是值得研究的问题。With the development of the network, there is a large amount of business data that needs to be shared. For example, a group company and its subsidiaries need to share some or all business data, multiple sub-applications share user data of an application, and multiple cooperative alliance parties share data, such as network blacklist data. For shared data (which may be referred to as public data), there may be situations where multiple users have query requirements. When the public data is stored in the storage space in the domain, corresponding storage pressure and access pressure are generated in the domain, and the pressure is relatively high under massive data. If public data is stored outside the domain, there may be a risk of data breaches. Therefore, how to securely store and query data outside the domain is a problem worth studying.

发明内容Contents of the invention

本说明书一个或多个实施例描述了一种数据存储、查询的方法及装置,用以解决背景技术提到的一个或多个问题。One or more embodiments in this specification describe a method and device for data storage and query, so as to solve one or more problems mentioned in the background art.

根据第一方面,提供一种数据存储的方法,所述方法包括:采用本地私钥Ka针对待存储数据的第一数据标识在第一加密方式下进行加密,得到第一标识密文;利用所述第一标识密文作为加密密钥加密所述待存储数据,得到第一数据密文;将所述第一数据密文与所述第一数据标识对应存储到预定的外部存储平台。According to the first aspect, a data storage method is provided, the method comprising: using a local private key Ka to encrypt the first data identifier of the data to be stored in a first encryption mode to obtain a first identifier ciphertext; using the The first identification ciphertext is used as an encryption key to encrypt the data to be stored to obtain a first data ciphertext; and the first data ciphertext and the first data identification are correspondingly stored in a predetermined external storage platform.

在一个实施例中,所述采用本地私钥Ka针对待存储数据的第一数据标识进行加密,得到第一标识密文包括:将第一数据标识经预定方式的哈希计算后,得到第一哈希值;通过椭圆曲线加密方式将所述第一哈希值映射为椭圆曲线上的第一点;利用本地私钥Ka对所述第一点进行点乘操作,得到所述第一标识密文。In one embodiment, the encrypting the first data identifier of the data to be stored by using the local private key Ka to obtain the first identifier ciphertext includes: calculating the first data identifier through a predetermined hash calculation to obtain the first Hash value; map the first hash value to the first point on the elliptic curve through elliptic curve encryption; use the local private key Ka to perform a point product operation on the first point to obtain the first identification code arts.

在一个实施例中,所述将所述第一标识密文作为加密密钥加密所述待存储数据的加密方式为对称加密。In one embodiment, the encryption method of using the first identification ciphertext as an encryption key to encrypt the data to be stored is symmetric encryption.

在一个实施例中,所述将所述第一数据密文与所述第一数据标识对应存储到预定的外部存储平台包括:利用第二加密方式处理所述第一数据标识,得到第二标识密文;将所述第一数据密文与所述第二标识密文对应存储到预定的外部存储平台。In one embodiment, the storing the first data ciphertext and the first data identifier correspondingly to a predetermined external storage platform includes: processing the first data identifier using a second encryption method to obtain a second identifier Ciphertext: correspondingly storing the first data ciphertext and the second identification ciphertext to a predetermined external storage platform.

在一个实施例中,所述将所述第一数据密文与所述第一数据标识对应存储到预定的外部存储平台包括:将所述第一数据标识、所述第一数据密文与当前存储方的身份标识对应存储至所述外部存储平台,以供查询方根据所述第一数据标识查询时,根据相应存储方身份标识确定当前存储方的身份。In one embodiment, the storing the first data ciphertext and the first data identifier correspondingly to a predetermined external storage platform includes: storing the first data identifier, the first data ciphertext and the current The identity of the storage party is correspondingly stored on the external storage platform, so that the queryer can determine the identity of the current storage party according to the corresponding storage party ID when querying according to the first data identification.

在一个实施例中,在预定条件满足的情况下,使将本地私钥Ka更新为Ka',并利用更新后的本地私钥重新存储所述待存储数据。In one embodiment, when the predetermined condition is satisfied, the local private key Ka is updated to Ka', and the data to be stored is stored again by using the updated local private key.

根据第二方面,提供一种数据查询的方法,用于查询经由权利要求1的方式存储在外部存储平台的数据,所述方法包括:基于当前的查询数据标识,向外部存储平台发送查询请求,以供外部存储平台反馈与所述查询数据标识对应的第二数据密文;利用经由与所述第二数据密文对应的存储方进行安全交互得到的解密密钥解密所述第二数据密文,得到待查询数据,其中,所述解密密钥与所述查询数据标识经由存储方的私钥在第一加密方式下加密得到的查询标识密文一致。According to the second aspect, there is provided a data query method for querying data stored on an external storage platform via the method of claim 1, the method comprising: sending a query request to the external storage platform based on the current query data identifier, The external storage platform feeds back the second data ciphertext corresponding to the query data identifier; decrypting the second data ciphertext using the decryption key obtained through secure interaction with the storage party corresponding to the second data ciphertext , to obtain the data to be queried, wherein the decryption key is consistent with the query ID ciphertext obtained by encrypting the query data ID with the private key of the storage party in the first encryption mode.

在一个实施例中,所述查询数据标识与所述第二数据密文对应的第二数据标识一致,所述第二数据标识以利用第二加密方式处理得到的密文形式与所述第二数据密文存储在外部存储平台;所述基于当前的查询数据标识,向外部存储平台发送查询请求包括:利用第二加密方式处理所述查询数据标识,得到查询标识密文;向外部存储平台发送包含查询标识密文的查询请求,以供外部存储平台在比对到与所述查询标识密文一致的第二数据标识的密文形式的情况下,反馈所述第二数据密文。In one embodiment, the query data identifier is consistent with the second data identifier corresponding to the second data ciphertext, and the second data identifier is in the form of ciphertext obtained by processing the second encryption method with the second The data ciphertext is stored in the external storage platform; the sending of the query request to the external storage platform based on the current query data identification includes: processing the query data identification with a second encryption method to obtain the query identification ciphertext; sending the query request to the external storage platform The query request includes the query identification ciphertext, so that the external storage platform can feed back the second data ciphertext when the ciphertext form of the second data identification is consistent with the query identification ciphertext.

在一个实施例中,外部存储平台还反馈有所述第二数据密文的存储方的身份标识,所述与所述第二数据密文的存储方进行安全交互还包括:基于所述存储方的身份标识确定所述第二数据密文的存储方,从而与所述存储方进行安全交互。In one embodiment, the external storage platform also feeds back the identity of the storage party of the second data ciphertext, and the secure interaction with the storage party of the second data ciphertext further includes: based on the storage party The identity of the user determines the storage party of the second data ciphertext, so as to perform secure interaction with the storage party.

在一个实施例中,所述解密密钥通过以下方式得到:利用本地密钥Kb加密所述查询数据标识,得到所述查询数据标识的一次密文;将所述查询数据标识的一次密文提供给所述存储方,以供所述存储方利用本地密钥Ka加密所述查询数据标识的一次密文,从而反馈所述查询数据标识的二次密文;通过本地密钥Kb的逆对所述查询数据标识的二次密文进行解密,得到所述解密密钥。In one embodiment, the decryption key is obtained by: encrypting the query data identifier with the local key Kb to obtain the one-time ciphertext of the query data identifier; providing the one-time ciphertext of the query data identifier To the storage side, so that the storage side uses the local key Ka to encrypt the primary ciphertext of the query data identification, thereby feeding back the secondary ciphertext of the query data identification; through the reverse of the local key Kb, the Decrypt the secondary ciphertext identified by the query data to obtain the decryption key.

根据第三方面,提供一种数据存储装置,所述装置包括:According to a third aspect, there is provided a data storage device, the device comprising:

加密单元,配置为采用本地私钥Ka针对待存储数据的第一数据标识在第一加密方式下进行加密,得到第一标识密文;以及,将所述第一标识密文作为加密密钥加密所述待存储数据,得到第一数据密文;The encryption unit is configured to use the local private key Ka to encrypt the first data identifier of the data to be stored in a first encryption mode to obtain a first identification ciphertext; and encrypt the first identification ciphertext as an encryption key The data to be stored is obtained by obtaining a first data ciphertext;

存储单元,配置为利用所述第一数据密文与所述第一数据标识对应存储到预定的外部存储平台。The storage unit is configured to use the first data ciphertext and the first data identifier to store in a predetermined external storage platform.

根据第四方面,提供一种数据查询的装置,用于查询经由第三方面提供的装置存储在外部存储平台的数据,所述数据查询的装置包括:According to the fourth aspect, there is provided a data query device for querying data stored in an external storage platform via the device provided by the third aspect, the data query device includes:

查询单元,配置为基于当前的查询数据标识,向外部存储平台发送查询请求,以供外部存储平台反馈与所述查询数据标识对应的第二数据密文;The query unit is configured to send a query request to the external storage platform based on the current query data identifier, so that the external storage platform can feed back the second data ciphertext corresponding to the query data identifier;

解密单元,配置为利用经由与所述第二数据密文对应的存储方进行安全交互得到的解密密钥解密所述第二数据密文,得到待查询数据,其中,所述解密密钥与所述查询数据标识经由存储方的私钥在第一加密方式下加密得到的查询标识密文一致。The decryption unit is configured to decrypt the second data ciphertext by using a decryption key obtained through secure interaction with the storage party corresponding to the second data ciphertext to obtain the data to be queried, wherein the decryption key is the same as the The above-mentioned query data identifier is consistent with the query identifier ciphertext encrypted by the storage party's private key in the first encryption mode.

根据第五方面,提供了一种计算机可读存储介质,其上存储有计算机程序,当所述计算机程序在计算机中执行时,令计算机执行第一方面或第二方面的方法。According to a fifth aspect, there is provided a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed in a computer, it causes the computer to execute the method of the first aspect or the second aspect.

根据第六方面,提供了一种计算设备,包括存储器和处理器,其特征在于,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现第一方面或第二方面的方法。According to a sixth aspect, there is provided a computing device, including a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, the first aspect or the first aspect is realized. two ways.

通过本说明书实施例提供的方法和装置,在多方共用业务数据的情况下,进行隐私保护查询。具体技术构思下,可以由存储方将数据加密后,存储在域外(外部存储平台),需要业务数据的查询方则可以通过可交换的加密方案,与存储方安全交互,从而在相互不泄露本地数据的情况下安全获取域外数据的解密密钥,以将从域外获取的加密数据解密。该技术构思既可以保护域外数据的数据安全,又可以保护查询方的查询条件安全,提高多方共享数据情况下,向域外存储数据的安全性以及查询的可靠性。Through the method and device provided by the embodiment of this specification, in the case of multiple parties sharing service data, privacy protection query is performed. Under the specific technical conception, the storage party can encrypt the data and store it outside the domain (external storage platform), and the query party that needs business data can safely interact with the storage party through an exchangeable encryption scheme, so as not to disclose the local Securely obtain the decryption key of data outside the domain in the case of data, so as to decrypt the encrypted data obtained from outside the domain. This technical concept can not only protect the data security of the data outside the domain, but also protect the query conditions of the query party, and improve the security of data stored outside the domain and the reliability of the query when multiple parties share data.

附图说明Description of drawings

为了更清楚地说明本发明实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the following will briefly introduce the accompanying drawings that need to be used in the description of the embodiments. Obviously, the accompanying drawings in the following description are only some embodiments of the present invention. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.

图1示出根据本说明书的一个实施架构示意图;FIG. 1 shows a schematic diagram of an implementation architecture according to this specification;

图2示出根据本说明书一个实施例的数据存储方法流程图;Fig. 2 shows a flow chart of a data storage method according to an embodiment of the specification;

图3示出根据本说明书一个实施例的数据查询方法流程图;FIG. 3 shows a flowchart of a data query method according to an embodiment of the present specification;

图4示出根据本说明书的一个具体实施场景的示意图;FIG. 4 shows a schematic diagram of a specific implementation scenario according to this specification;

图5示出根据一个实施例的数据存储装置的示意性框图;Figure 5 shows a schematic block diagram of a data storage device according to one embodiment;

图6示出根据一个实施例的数据查询装置的示意性框图。Fig. 6 shows a schematic block diagram of a data query device according to an embodiment.

具体实施方式Detailed ways

下面结合附图,对本说明书提供的技术方案进行描述。The technical solutions provided in this specification will be described below in conjunction with the accompanying drawings.

为了更清楚地理解本说明书的技术方案,首先结合一个具体实施场景描述本说明书中的技术方案提出的技术背景。In order to understand the technical solutions in this specification more clearly, firstly describe the technical background proposed by the technical solutions in this specification in combination with a specific implementation scenario.

图1示出了本说明书的一个具体实施架构。该实施架构涉及多个业务方及外部存储平台。单个业务方可以为各个用户在相应终端上进行的相关业务(例如搜索业务、查询业务、收付款业务、导航业务等)提供相应业务支持,并记录相应业务数据。其中,各个业务方之间可以具有隶属关系或合作关系,从而可以共用部分或全部业务数据。外部存储平台对于各个业务方来说,属于域外环境,其属于独立于各个业务方的其他业务服务方,或称为第三方,例如为提供存储业务的云存储服务的服务方等。Fig. 1 shows a specific implementation framework of this specification. The implementation architecture involves multiple business parties and external storage platforms. A single business party can provide corresponding business support for related businesses (such as search business, query business, collection and payment business, navigation business, etc.) performed by each user on the corresponding terminal, and record corresponding business data. Among them, various business parties may have an affiliation or cooperation relationship, so that part or all of the business data may be shared. For each business party, the external storage platform belongs to an external environment, and it belongs to other business service parties independent of each business party, or a third party, such as a cloud storage service provider that provides storage services.

多个业务方中的单个业务方可以将向其他业务方共享的公共数据存储在外部存储平台中的存储空间,以供其他业务方查询并使用相关数据。由于向外部存储平台存储业务数据可能泄露数据隐私,因此,可以采用加密存储的方式。而加密存储形式下,其他业务方的查询涉及解密过程。解密过程可能涉及查询业务方(以下简称查询方)与向外部存储平台存储数据的存储业务方(以下简称存储方)之间的数据交互。A single business party among multiple business parties can store the public data shared with other business parties in the storage space of the external storage platform, so that other business parties can query and use related data. Since storing business data on an external storage platform may reveal data privacy, encrypted storage can be used. In the form of encrypted storage, the query of other business parties involves the decryption process. The decryption process may involve data interaction between the query business party (hereinafter referred to as the query party) and the storage business party (hereinafter referred to as the storage party) that stores data on the external storage platform.

通常,多个业务方之间也存在数据隐私保护的问题,例如,查询方不希望存储方知道自己查询的目标数据,即进行保护查询方隐私的隐私保护查询。如此,本说明书针对以下的技术问题提出解决方案:查询方和存储方之间如何安全交互,使得查询方获取存储方在外部存储平台存储的数据的解密秘钥,且不向存储方泄露查询目标。Usually, data privacy protection issues also exist between multiple business parties. For example, the query party does not want the storage party to know the target data it is querying, that is, it conducts a privacy-preserving query to protect the privacy of the query party. In this way, this manual proposes a solution to the following technical problem: how to securely interact between the querying party and the storage party, so that the querying party obtains the decryption key of the data stored by the storage party on the external storage platform, and does not disclose the query target to the storage party .

具体而言,本说明书提出以下技术构思:存储方在向外部存储平台存储数据时,以数据标识、数据密文的形式存储。其中,数据密文经由对相应业务数据加密确定。为了便于查询方获取解密密钥,业务数据采用对称加密,加密密钥由数据标识构造。其中,数据标识可以是业务数据的唯一性标识,例如用户在业务平台的唯一ID或者手机号码等,也可以是对业务数据的某一字段进行描述的字段标识,例如职业、消费项目等。其中,数据标识可以以明文或密文形式存储在外部存储平台。Specifically, this specification puts forward the following technical idea: when storing data on an external storage platform, the storage party stores it in the form of data identification and data ciphertext. Among them, the data ciphertext is determined by encrypting the corresponding business data. In order to facilitate the query party to obtain the decryption key, the business data is encrypted symmetrically, and the encryption key is constructed by the data identifier. Among them, the data identifier can be a unique identifier of business data, such as the user's unique ID or mobile phone number on the business platform, or a field identifier describing a certain field of business data, such as occupation, consumption item, etc. Among them, the data identification can be stored in the external storage platform in plain text or cipher text.

进一步地,查询方在查询业务数据时,一方面可以将数据标识作为查询条件,向外部存储平台发送查询请求,查询相关数据条目,得到相应密文数据,另一方面可以与存储方进行安全交互,获取相关数据条目的加/解密密钥,在本地对密文数据解密,从而得到待查询数据的明文形式。Furthermore, when querying business data, on the one hand, the querying party can use the data identifier as the query condition, send a query request to the external storage platform, query related data entries, and obtain the corresponding ciphertext data; on the other hand, it can safely interact with the storage party , obtain the encryption/decryption key of the relevant data entry, and decrypt the ciphertext data locally, so as to obtain the plaintext form of the data to be queried.

在以密文形式存储的情况下,其可以向其他业务方公开相应的加密方式,以供其他业务方以相同加密方式加密本地数据标识,并用加密后的数据标识向外部存储平台发出查询请求。In the case of storage in ciphertext, it can disclose the corresponding encryption method to other business parties, so that other business parties can encrypt the local data identifier with the same encryption method, and use the encrypted data identifier to send a query request to the external storage platform.

在多个业务方相互共享数据作为公用数据的情况下,存储方在外部存储平台存储的业务数据还可以对应有存储方的标识,如存储方名称、代号等。此时,查询方可以先按照查询条件(如明文或密文的数据标识等)从外部存储平台查询相应数据条目,其中包含存储方标识、密文数据。如此,查询方可以基于存储方标识确定数据存储方,再与存储方交互获取解密密钥,从而解密密文数据。In the case that multiple business parties share data as public data, the business data stored by the storage party on the external storage platform can also be associated with the storage party's identification, such as the storage party's name, code, etc. At this point, the querying party can first query the corresponding data entry from the external storage platform according to the querying conditions (such as plaintext or ciphertext data identification, etc.), which includes the storage party identification and ciphertext data. In this way, the query party can determine the data storage party based on the storage party ID, and then interact with the storage party to obtain a decryption key, thereby decrypting the ciphertext data.

如此,存储方提供的数据在外部存储平台以密文形态存储,有效保护数据隐私,查询方和存储方之间安全交互获取解密密钥,为查询方的查询条件提供有效保护。另外,由于在外部存储平台存储数据可以避免存储方为多个业务方提供共用数据导致的存储压力和访问压力,使得查询更加高效。In this way, the data provided by the storage party is stored in the form of ciphertext on the external storage platform, which effectively protects data privacy. The queryer and the storage party securely interact to obtain the decryption key, providing effective protection for the querying party's query conditions. In addition, storing data on an external storage platform can avoid the storage pressure and access pressure caused by the storage party providing shared data for multiple business parties, making the query more efficient.

下面结合图2示出的一个具体实施例描述存储方对数据的安全存储过程。In the following, a specific embodiment shown in FIG. 2 will be used to describe the safe storage process of data by the storage party.

图2示出了根据本说明书一个实施例的数据存储流程。该流程的执行主体可以是具有一定计算能力的计算机、设备、服务器,如可以是图1中的多个业务方中的任意一个。图2示出的数据存储流程可以用于向外部存储平台存储数据。图2示出的流程以一条待存储数据为例描述存储过程。如图2所示,该数据存储流程可以包括:步骤201,采用本地私钥Ka针对待存储数据的第一数据标识在第一加密方式下进行加密,得到第一标识密文;步骤202,利用第一标识密文作为加密密钥加密待存储数据,得到第一数据密文;步骤203,将第一数据密文与第一数据标识对应存储到预定的外部存储平台。Fig. 2 shows a data storage process according to an embodiment of this specification. The subject of execution of this process may be a computer, device, or server with certain computing capabilities, for example, it may be any one of the multiple business parties in FIG. 1 . The data storage process shown in FIG. 2 can be used to store data on an external storage platform. The process shown in FIG. 2 uses a piece of data to be stored as an example to describe the storage process. As shown in Figure 2, the data storage process may include: Step 201, use the local private key Ka to encrypt the first data identifier of the data to be stored in the first encryption mode to obtain the first identifier ciphertext; Step 202, use The first identification ciphertext is used as an encryption key to encrypt the data to be stored to obtain the first data ciphertext; step 203, store the first data ciphertext and the first data identification in correspondence to a predetermined external storage platform.

首先,在步骤201中,采用本地私钥Ka针对待存储数据的第一数据标识在第一加密方式下进行加密,得到第一标识密文。这里,待存储数据可以是当前批次需要存储的任意一条业务数据。当前批次可以存储一条或多条数据。数据标识可以是与共用数据的其他业务方约定一致的标识,如用户唯一ID、数据关键字段等。First, in step 201, the first data identifier of the data to be stored is encrypted using the local private key Ka in the first encryption mode to obtain the first identifier ciphertext. Here, the data to be stored may be any piece of business data that needs to be stored in the current batch. The current batch can store one or more pieces of data. The data identifier can be an identifier agreed upon by other business parties sharing data, such as a unique user ID, key data fields, etc.

私钥Ka可以是由存储方随机生成的数值。第一加密方式可以是与其他数据方协商一致的加密方式,为了便于与其他业务方安全交互使得其他业务方能够安全获取解密密钥,该第一加密方式可以采用满足交换律的加密方式,例如椭圆曲线加密方式等。The private key Ka may be a value randomly generated by the storage party. The first encryption method can be an encryption method agreed upon with other data parties. In order to facilitate safe interaction with other business parties so that other business parties can securely obtain the decryption key, the first encryption method can adopt an encryption method that satisfies the commutative law, for example Elliptic curve encryption, etc.

以第一加密方式为椭圆曲线加密方式(ECC)为例,存储方可以将第一数据标识映射为椭圆曲线上的点,然后利用密钥Ka对该椭圆曲线上的点进行点乘操作,结果仍可以为椭圆曲线上的点。椭圆曲线上的点或相应点的坐标可以作为加密结果,如记为Ka(IDa)。Taking the first encryption method as an elliptic curve encryption method (ECC) as an example, the storage party can map the first data identifier to a point on the elliptic curve, and then use the key Ka to perform a point product operation on the point on the elliptic curve, the result Can still be a point on an elliptic curve. The point on the elliptic curve or the coordinates of the corresponding point can be used as the encryption result, such as denoted as Ka(IDa).

在可选的实施例中,为了进一步保护数据标识,还可以采用ECC哈希作为第一加密方式。此时,存储方可以将第一数据标识通过哈希计算得到的哈希值,映射为椭圆曲线上的点,然后利用密钥Ka对该椭圆曲线上的点进行点乘操作,得到椭圆曲线上的点或相应点的坐标作为加密结果,如记为Ka(H(IDa))。In an optional embodiment, in order to further protect the data identifier, ECC hashing may also be used as the first encryption method. At this time, the storage party can map the hash value obtained by the hash calculation of the first data identifier to a point on the elliptic curve, and then use the key Ka to perform a point product operation on the point on the elliptic curve to obtain The point or the coordinates of the corresponding point is used as the encryption result, such as Ka(H(IDa)).

在其他实现方式中,第一加密方式还可以是其他满足交换律的加密方式,在此不再赘述。针对第一数据标识的加密结果可以对应称为第一标识密文。在当前批次有多条待存储数据的情况下,针对各条待存储数据,分别针对各个数据标识,确定相应的标识密文。In other implementation manners, the first encryption method may also be other encryption methods satisfying the commutative law, which will not be repeated here. The encryption result for the first data identifier may be called the first identifier ciphertext correspondingly. In the case that there are multiple pieces of data to be stored in the current batch, for each piece of data to be stored, corresponding identification ciphertexts are determined for each data identifier.

然后,经由步骤202,利用第一标识密文作为加密密钥加密待存储数据,得到第一数据密文。Then, via step 202, the data to be stored is encrypted by using the first identification ciphertext as an encryption key to obtain a first data ciphertext.

这里,当前条待存储数据对应的是第一数据标识,因此可以利用第一标识密文作为加密密钥,加密当前条待存储数据,得到相应的第一数据密文。相应地,在当前批次有多条待存储数据的情况下,针对各条待存储数据,分别使用相应的标识密文加密相应的待存储数据,得到相应的数据密文。Here, the current piece of data to be stored corresponds to the first data identifier, so the first identification ciphertext can be used as an encryption key to encrypt the current piece of data to be stored to obtain the corresponding first data ciphertext. Correspondingly, when there are multiple pieces of data to be stored in the current batch, for each piece of data to be stored, the corresponding data to be stored is encrypted using the corresponding identification ciphertext to obtain the corresponding data ciphertext.

对于单条待存储数据而言,可以采用对称加密对业务数据进行加密。其中,对称加密方式下,可以采用相同的密钥进行加密和解密,因此,在数据标识相同的情况下,便于通过查询方查询条件中的数据标识构造解密密钥。对称加密方式例如可以是诸如DES(DataEncryption Standard,数据加密标准)、AES(Advanced Encryption Standard,高级加密标准)之类的加密算法,在此不再赘述。For a single piece of data to be stored, symmetric encryption can be used to encrypt business data. Among them, in the symmetric encryption mode, the same key can be used for encryption and decryption. Therefore, in the case of the same data identifier, it is convenient to construct a decryption key through the data identifier in the query condition of the inquiring party. The symmetric encryption method may be, for example, an encryption algorithm such as DES (Data Encryption Standard, Data Encryption Standard) or AES (Advanced Encryption Standard, Advanced Encryption Standard), which will not be repeated here.

存储方可以使用第一标识密文仅对业务数据进行加密,也可以对第一数据标识或第一标识密文与业务数据(value)的拼接数据进行加密,共同作为相关数据条目对应的数据。例如,对第一标识密文与业务数据的拼接数据进行加密的一种加密结果如记为Cipher=Enc(Ka(H(IDa)),value)。The storage party may use the first identification ciphertext to encrypt only the business data, or may encrypt the first data identification or the concatenated data of the first identification ciphertext and the business data (value), as the data corresponding to the relevant data entry. For example, an encryption result of encrypting the concatenated data of the first identification ciphertext and the service data is recorded as Cipher=Enc(Ka(H(IDa)), value).

进一步地,根据步骤203,将第一数据密文与第一数据标识对应存储到预定的外部存储平台。Further, according to step 203, the first data ciphertext and the first data identifier are correspondingly stored in a predetermined external storage platform.

第一数据标识可以作为获取第一数据密文的数据索引项,在键值对Key-Value存储方式下,其作为键Key,因此和第一数据密文对应存储。作为一个具体例子,第一数据密文可以以(ID,Cipher)二元组的形式存储。存储方可以通过调用数据存储接口、提交事务等方式向外部存储平台存储数据。The first data identifier can be used as a data index item for obtaining the first data ciphertext, and in the key-value pair Key-Value storage mode, it is used as a key, so it is correspondingly stored with the first data ciphertext. As a specific example, the first data ciphertext may be stored in the form of (ID, Cipher) tuples. The storage party can store data to the external storage platform by calling the data storage interface, submitting transactions, etc.

预定的外部存储平台可以是预定外部存储平台(如某云存储服务端)中的存储空间。该预定的外部存储平台可以是为当前存储方及其共用数据的业务方提供的专用公共数据存储空间,也可以是外部存储平台按照自身存储规则确定的存储空间,本说明书对此不做限定。The predetermined external storage platform may be a storage space in a predetermined external storage platform (such as a cloud storage server). The predetermined external storage platform may be a dedicated public data storage space provided for the current storage party and its business parties sharing data, or it may be a storage space determined by the external storage platform according to its own storage rules, which is not limited in this specification.

在可选的实现方式中,多个业务方可以向预定的外部存储平台存储本地产生的业务数据,且多个业务方可以进行数据查询,则还可以在存储数据时采用数据标识、数据密文、存储方身份标识对应存储的方式向外部存储平台存储数据。例如,可以通过三元组(ID,Merchant,Cipher)的形式存储数据,其中,Merchant可以是存储方的身份标识,如业务方名称、简称、身份代码等。In an optional implementation mode, multiple business parties can store locally generated business data to a predetermined external storage platform, and multiple business parties can perform data query, and they can also use data identification and data ciphertext when storing data 1. Store data on the external storage platform in a storage method corresponding to the identity of the storage party. For example, data can be stored in the form of a triple (ID, Merchant, Cipher), where the Merchant can be the identity of the storage party, such as the name, abbreviation, and identity code of the business party.

在可能的设计中,为了避免数据标识信息泄露,在存储数据时,所述第一数据标识可以是采用第二加密方式加密后的第二标识密文形式。第二加密方式例如可以包括按照约定的哈希计算方式计算哈希值、按照约定盐值加盐加密(在约定位置插入约定数值)等等中的一种或多种。In a possible design, in order to avoid leakage of data identification information, when storing data, the first data identification may be in the form of a second identification ciphertext encrypted by a second encryption method. The second encryption method may include, for example, one or more of calculating a hash value according to an agreed hash calculation method, adding salt and encrypting according to an agreed salt value (inserting an agreed value at an agreed position), and the like.

另外,根据一个实施例,考虑到隐私保护的有效性,存储方的本地私钥Ka可以按照预定条件进行更新,预定条件例如可以是周期条件(如每隔一个月更新一次),或者是被读取数据条数条件(如每被读取1000条次数据更新一次)。在本地私钥Ka更新为Ka'的情况下,所存储的数据可以重新按照更新后的私钥Ka=Ka'进行存储。当前存储流程同样适用于利用新的密钥Ka'存储业务数据的过程。In addition, according to an embodiment, considering the effectiveness of privacy protection, the storage party's local private key Ka can be updated according to predetermined conditions, such as periodic conditions (such as updating once every other month), or being read Conditions for fetching the number of data pieces (for example, every 1000 pieces of data are read and updated once). When the local private key Ka is updated to Ka', the stored data can be stored again according to the updated private key Ka=Ka'. The current storage process is also applicable to the process of using the new key Ka' to store service data.

图3示出了根据一个具体实施例的数据查询的方法流程图。图3示出的查询流程用于对存储方按照图2示出的流程存储在外部存储平台的业务数据进行查询。该流程的执行主体可以是具有一定计算能力的计算机、设备、服务器,如可以是图1中的多个业务方中的任意一个。图3示出的数据查询流程可以用于从外部存储平台获取合作业务方存储的共用数据。图3示出的流程以一条待查询数据为例描述存储过程。如图3所示,该数据查询流程可以包括:步骤301,基于当前的查询数据标识,向外部存储平台发送查询请求,以供外部存储平台反馈与查询数据标识对应的第二数据密文;步骤302,利用经由与第二数据密文对应的存储方进行安全交互得到的解密密钥解密第二数据密文,得到待查询数据,其中,解密密钥与查询数据标识经由存储方的私钥在第一加密方式下加密得到的查询标识密文一致。Fig. 3 shows a flowchart of a data query method according to a specific embodiment. The query process shown in FIG. 3 is used to query the service data stored on the external storage platform by the storage party according to the process shown in FIG. 2 . The subject of execution of this process may be a computer, device, or server with certain computing capabilities, for example, it may be any one of the multiple business parties in FIG. 1 . The data query process shown in FIG. 3 can be used to obtain shared data stored by cooperative business parties from an external storage platform. The process shown in FIG. 3 uses a piece of data to be queried as an example to describe the storage process. As shown in Figure 3, the data query process may include: step 301, based on the current query data identification, send a query request to the external storage platform, for the external storage platform to feed back the second data ciphertext corresponding to the query data identification; step 302. Use the decryption key obtained through secure interaction with the storage party corresponding to the second data ciphertext to decrypt the second data ciphertext to obtain the data to be queried, wherein the decryption key and the query data identifier are stored in the The query identification ciphertext obtained by encrypting in the first encryption mode is consistent.

首先,通过步骤301,基于当前的查询数据标识,向外部存储平台发送查询请求,以供外部存储平台反馈与查询数据标识对应的第二数据密文。First, through step 301, based on the current query data identifier, a query request is sent to the external storage platform, so that the external storage platform can feed back the second data ciphertext corresponding to the query data identifier.

当前的查询数据标识,可以是与其他业务方约定的用于查询的数据标识,例如用户唯一ID、数据关键字段等。如记为IDi。时间中,查询方一次可以利用一个或多个查询数据标识进行数据查询,当前的查询数据标识可以是其中的任一个。The current query data identifier can be the data identifier agreed with other business parties for query, such as user unique ID, data key field, etc. Such as recorded as IDi. During the period of time, the inquiring party can use one or more query data identifiers to perform data query at a time, and the current query data identifier can be any one of them.

值得说明的是,根据各个业务方约定的存储规则,存储方可以在外部存储平台存储的数据标识可以是明文形式,也可以是密文形式,因此,查询方发送的查询请求中,可以包含查询数据标识的明文或密文。作为一个具体例子,在存储方利用第二加密方式处理本地数据标识,得到数据标识的密文形式与相应数据密文一起存储在外部存储平台的情况下,查询方可以用相同的加密方式加密查询数据标识,并将查询数据标识的密文包含在查询请求中。该加密方式例如称为第二加密方式,该第二加密方式例如可以包括按照约定的哈希计算方式计算哈希值、按照约定盐值加盐加密(在约定位置插入约定数值)等等中的一种或多种。It is worth noting that, according to the storage rules agreed by each business party, the data identifiers that the storage party can store on the external storage platform can be in plain text or cipher text. Therefore, the query request sent by the query party can include query The plaintext or ciphertext of the data identifier. As a specific example, when the storage party uses the second encryption method to process the local data identifier and obtains the ciphertext form of the data identifier and stores it on the external storage platform together with the corresponding data ciphertext, the queryer can use the same encryption method to encrypt the query Data ID, and include the ciphertext of the query data ID in the query request. This encryption method is called the second encryption method, for example, and the second encryption method may include calculating the hash value according to the agreed hash calculation method, adding salt encryption according to the agreed salt value (inserting the agreed value at the agreed position), etc. one or more.

外部存储平台可以将查询请求中包含的查询数据标识的明文或密文形式,与预定存储空间中明文或密文形式的数据标识一一匹配,从而确定与查询数据标识一致的第二数据标识,并将相应的第二数据密文反馈至查询方。也就是说,基于上述的查询请求,查询方可以从外部存储平台接收与查询数据标识匹配的数据密文。The external storage platform can match the plaintext or ciphertext form of the query data identifier included in the query request with the data identifier in plaintext or ciphertext form in the predetermined storage space, so as to determine the second data identifier consistent with the query data identifier, And feed back the corresponding second data ciphertext to the querying party. That is to say, based on the above query request, the querying party can receive the data ciphertext matching the query data identifier from the external storage platform.

在可选的实现方式中,多个业务方可以按照以上约定的数据标识形式向外部存储平台存储相应的业务数据,外部存储平台还反馈有第二数据密文的存储方的身份标识,以供查询方根据该身份标识确定数据的存储方。In an optional implementation, multiple business parties can store corresponding business data to the external storage platform according to the data identification format agreed above, and the external storage platform also feeds back the identity of the storage party with the second data ciphertext for The query party determines the storage party of the data according to the identity.

然后,经由步骤302,利用经由与第二数据密文的存储方进行安全交互得到的解密密钥解密第二数据密文,得到待查询数据。Then, through step 302, the second data ciphertext is decrypted by using the decryption key obtained through secure interaction with the storage party of the second data ciphertext, to obtain the data to be queried.

查询方在获取第二数据密文之后,还需要对其进行解密。由于存储方存储数据时采用对称加密,而加密密钥是由第二数据密文对应的第二数据标识确定的,第二数据标识与查询数据标识一致,因此,可以利用查询数据标识确定解密密钥。After the querying party obtains the second data ciphertext, it needs to decrypt it. Since the storage party uses symmetric encryption when storing data, and the encryption key is determined by the second data identifier corresponding to the second data ciphertext, and the second data identifier is consistent with the query data identifier, therefore, the query data identifier can be used to determine the decryption key. key.

解密密钥的构造需要与存储方进行交互。如前文的存储流程,假设存储方的私钥为Ka,第二数据标识记为ID2,则加密密钥例如为Ka(ID2)、Ka(H(ID2))等。将查询密钥记为IDq,则需要查询方和存储方安全构建相应的解密密钥Ka(IDq)、Ka(H(IDq))等,并使得查询方不向存储方泄露IDq,存储方不向查询方泄露Ka。The construction of the decryption key requires interaction with the storage party. As in the previous storage process, assuming that the private key of the storage party is Ka, and the second data identifier is marked as ID 2 , the encryption key is, for example, Ka(ID 2 ), Ka(H(ID 2 )), etc. Recording the query key as ID q requires the query party and the storage party to securely construct corresponding decryption keys Ka(IDq), Ka(H(IDq)), etc., so that the query party does not disclose ID q to the storage party, and the storage party The party does not disclose Ka to the inquiring party.

如此,可以通过查询方和存储方进行安全计算。以解密密钥为Ka(H(IDa))为例,查询方可以先利用本地私钥Kb对查询数据标识IDq进行加密,得到查询数据标识IDq对应的一次密文,加密方式为ECC哈希,如该一次密文为Kb(H(IDq))。之后,查询方可以将该一次密文提供给存储方,由存储方利用其本地私钥Ka对该一次密文进行二次加密,得到二次密文KaKb(H(IDq))以反馈给查询方。由于加密方式的可交换性,KaKb(H(IDq))=KbKa(H(IDq))。查询方利用本地密钥的逆Kb-1解密该二次密文,如Kb-1KbKa(H(IDq)),得到解密密钥Ka(H(IDq))=Ka(H(ID2))。In this way, secure computing can be performed by the query side and the storage side. Taking the decryption key as Ka(H(IDa)) as an example, the query party can first use the local private key Kb to encrypt the query data identifier ID q to obtain the primary ciphertext corresponding to the query data identifier ID q , and the encryption method is ECC hash Greek, if the one-time ciphertext is Kb(H(IDq)). Afterwards, the query party can provide the primary ciphertext to the storage party, and the storage party uses its local private key Ka to encrypt the primary ciphertext twice to obtain the secondary ciphertext KaKb(H(IDq)) to feed back to the query square. Due to the exchangeability of the encryption method, KaKb(H(IDq))=KbKa(H(IDq)). The inquiring party uses the inverse Kb -1 of the local key to decrypt the secondary ciphertext, such as Kb -1 KbKa(H(IDq)), and obtains the decryption key Ka(H(IDq))=Ka(H(ID 2 )) .

在加密密钥以其他方式构建的情况下,查询方还可以采用其他数据交互,从而安全获取解密密钥,在此不再赘述。如此,第二方可以通过解密密钥解密第二数据密文,如Cipher=Enc(Ka(H(ID2)),value),解密后得到待查询数据value,或者解密密钥与待查询数据的拼接结果,即[Ka(H(ID2)),value],从中取出待查询数据value即可。If the encryption key is constructed in other ways, the querying party can also use other data interactions to securely obtain the decryption key, which will not be repeated here. In this way, the second party can decrypt the second data ciphertext through the decryption key, such as Cipher=Enc(Ka(H(ID 2 )), value), and obtain the value of the data to be queried after decryption, or the decryption key and the data to be queried The splicing result of , that is, [Ka(H(ID 2 )), value], just take out the value of the data to be queried from it.

其中,根据存储方存储数据密文的形式不同,解密密钥的确定过程可以先于查询过程执行,也可以在查询过程之后执行,还可以与查询过程并行执行。举例而言,在查询方将数据以(ID,Cipher)形式存储的情况下,存储方可以在查询之前、之后、并行执行解密密钥构建过程,而查询方以(ID,Merchant,Cipher)形式存储数据的情况下,查询方可以先经由查询过程获得存储方身份标识Merchant和待查询数据的密文Cipher,然后与存储方身份标识Merchant指示的存储方进行安全交互确定解密密钥。Wherein, according to the different forms of data ciphertext stored by the storage party, the process of determining the decryption key may be performed before the query process, or may be performed after the query process, or may be performed in parallel with the query process. For example, when the query party stores the data in the form of (ID, Cipher), the storage party can execute the decryption key construction process in parallel before, after, and after the query, while the query party stores the data in the form of (ID, Merchant, Cipher). In the case of storing data, the inquiring party can first obtain the storage party's identity Merchant and the ciphertext Cipher of the data to be queried through the query process, and then perform secure interactions with the storage party indicated by the storage party's identity Merchant to determine the decryption key.

为了更加明确本说明书的技术构思,图4示出了一个应用本说明书技术构思进行数据存储和查询的具体应用场景示意图。如图4所述,A系统、B系统、C系统、D系统、E系统、F系统为6个具有合作关系的业务方,其可以共享部分业务数据。提供共享业务数据的业务方(可作为存储方)至少包括A系统、B系统。因此,A系统、B系统在向外部存储系统存储本地产生的数据时,可以按照(IDi,Merchantj,Cipheri)的格式存储。其中,IDi为各个业务方协商一致的数据标识,如手机号码等,Merchant表示存储方的身份信息,Merchantj取不同值可以对应A系统或B系统,Cipheri为对应数据标识IDi的数据的密文形式。In order to clarify the technical concept of this specification, Figure 4 shows a schematic diagram of a specific application scenario for data storage and query using the technical concept of this specification. As shown in Fig. 4, system A, system B, system C, system D, system E, and system F are six business parties with a cooperative relationship, which can share part of business data. The business party (which can be used as a storage party) that provides shared business data includes at least A system and B system. Therefore, when system A and system B store locally generated data in an external storage system, they can store data in the format of (ID i , Merchant j , Cipher i ). Among them, ID i is the data identifier agreed upon by each business party, such as a mobile phone number, etc. Merchant represents the identity information of the storage party. Different values of Merchant j can correspond to system A or system B. Cipher i is the data corresponding to ID i ciphertext form.

在C、D、E、F系统等各个业务方需要取用共享数据时,可以先向外部存储平台发送基于查询数据标识IDq的查询请求,得到数据“(IDi,Merchantj,Cipheri)”,从而基于Merchantj确定相应调数据是由A系统还是B系统存储的。进而,基于查询数据标识IDq与Merchantj指示的存储方交互得到解密密钥,从而对Cipheri解密得到待查询数据。When business parties such as systems C, D, E, and F need to access shared data, they can first send a query request based on the query data identifier ID q to the external storage platform to obtain the data "(ID i , Merchant j , Cipher i ) ”, so as to determine whether the corresponding transfer data is stored by system A or system B based on Merchant j . Furthermore, based on the query data identifier ID q, interact with the storage party indicated by Merchant j to obtain a decryption key, thereby decrypting Cipher i to obtain the data to be queried.

值得说明的是,对于图4中的A系统、B系统而言,针对本地向其他系统共享的数据,可以直接从本地取用,而无需向外部存储系统查询,在使用其他共享数据的情况下,由于其他存储方唯一,因此可以直接确定相应存储方。如果其他存储方不唯一,则需要根据存储方身份标识确定存储方,再与存储方交互获取解密密钥。据此,相应的查询过程与解密密钥确定过程可以以前文描述的任一顺序进行,在得到解密密钥和查询得到的数据密文之后,用解密密钥对数据密文解密获取所查询的数据。It is worth noting that for system A and system B in Figure 4, the data shared locally to other systems can be directly retrieved from the local without querying the external storage system. In the case of using other shared data , since the other storage places are unique, the corresponding storage places can be determined directly. If other storage parties are not unique, you need to determine the storage party according to the storage party ID, and then interact with the storage party to obtain the decryption key. Accordingly, the corresponding query process and decryption key determination process can be carried out in any order described above. After obtaining the decryption key and the data ciphertext obtained from the query, use the decryption key to decrypt the data ciphertext to obtain the queried data.

回顾以上过程,在针对多方共享数据的安全存储和查询过程中,存储方可以利用约定一致的数据标识加密数据,并将数据存储在外部存储平台,查询方在查询数据过程中,通过约定一致的数据标识获取存储方存储的数据密文,并和存储方安全交互以利用查询数据标识构建解密密钥,从而可以对从外部存储平台获取的数据密文进行解密得到待查询数据。该技术构思一方面保护了在外部存储系统存储的数据隐私,另一方面保护了查询方的查询数据标识隐私,为多系统共享情况下利用外部存储平台存储数据提供有效解决方案,避免仅在本地存储数据导致的存储压力和访问压力,提升数据查询效率。Looking back at the above process, in the process of secure storage and query for data shared by multiple parties, the storage party can use the agreed-upon data identifier to encrypt the data and store the data in an external storage platform. The data identifier obtains the data ciphertext stored by the storage party, and securely interacts with the storage party to use the query data identifier to construct a decryption key, so that the data ciphertext obtained from the external storage platform can be decrypted to obtain the data to be queried. On the one hand, this technical concept protects the privacy of data stored in the external storage system, and on the other hand, it protects the privacy of the query data identification of the query party, and provides an effective solution for using external storage platforms to store data in the case of multi-system sharing, avoiding only local The storage pressure and access pressure caused by storing data can improve the efficiency of data query.

根据另一方面的实施例,还提供一种用于数据存储的装置。图5示出了根据一个实施例的数据存储装置500。如图5所示,装置500可以包括:According to another embodiment, a device for data storage is also provided. Figure 5 shows a data storage device 500 according to one embodiment. As shown in Figure 5, the device 500 may include:

加密单元501,配置为采用本地私钥Ka针对待存储数据的第一数据标识在第一加密方式下进行加密,得到第一标识密文;以及,利用第一标识密文作为加密密钥加密待存储数据,得到第一数据密文;The encryption unit 501 is configured to use the local private key Ka to encrypt the first data identifier of the data to be stored in a first encryption mode to obtain a first identification ciphertext; and use the first identification ciphertext as an encryption key to encrypt the data to be stored Storing the data to obtain the first data ciphertext;

存储单元502,配置为将第一数据密文与第一数据标识对应存储到预定的外部存储平台。The storage unit 502 is configured to store the first data ciphertext and the first data identifier in a predetermined external storage platform correspondingly.

根据又一方面的实施例,还提供一种用于数据查询的装置。用于查询经由图5示出的装置500存储在外部存储平台的数据。图6示出了根据一个实施例的数据查询装置600。According to yet another embodiment, an apparatus for data query is also provided. Used to query data stored on an external storage platform via the apparatus 500 shown in FIG. 5 . Fig. 6 shows a data query device 600 according to an embodiment.

如图6所示,装置600可以包括:As shown in Figure 6, the device 600 may include:

查询单元601,配置为基于当前的查询数据标识,向外部存储平台发送查询请求,以供外部存储平台反馈与查询数据标识对应的第二数据密文;The query unit 601 is configured to send a query request to the external storage platform based on the current query data identifier, so that the external storage platform can feed back the second data ciphertext corresponding to the query data identifier;

解密单元602,配置为利用经由与第二数据密文对应的存储方进行安全交互得到的解密密钥解密第二数据密文,得到待查询数据,其中,解密密钥与查询数据标识经由存储方的私钥在第一加密方式下加密得到的查询标识密文一致。The decryption unit 602 is configured to decrypt the second data ciphertext by using the decryption key obtained through secure interaction with the storage party corresponding to the second data ciphertext to obtain the data to be queried, wherein the decryption key and the query data identifier are passed through the storage party The query identification ciphertext obtained by encrypting the private key in the first encryption mode is consistent.

根据一个可能的设计,装置600还可以包括交互单元(未示出)。该交互单元可以配置为与存储方进行安全交互,以确定解密密钥。具体而言,交互单元可以配置为通过以下方式确定解密密钥:According to a possible design, the apparatus 600 may further include an interaction unit (not shown). The interaction unit may be configured to securely interact with the storage party to determine a decryption key. Specifically, the interaction unit can be configured to determine the decryption key by:

利用本地密钥Kb加密查询数据标识,得到查询数据标识的一次密文;Utilize the local key Kb to encrypt the query data identifier to obtain the primary ciphertext of the query data identifier;

将查询数据标识的一次密文提供给存储方,以供存储方利用本地密钥Ka加密查询数据标识的一次密文,从而反馈查询数据标识的二次密文;The primary ciphertext of the query data identifier is provided to the storage party, so that the storage party uses the local key Ka to encrypt the primary ciphertext of the query data identifier, thereby feeding back the secondary ciphertext of the query data identifier;

通过本地密钥Kb的逆对查询数据标识的二次密文进行解密,得到解密密钥。The secondary ciphertext identified by the query data is decrypted by the inverse of the local key Kb to obtain the decryption key.

值得说明的是,图5、图6所示的装置500、600分别与图2、图3描述的方法相对应,图2、图3所描述的方法实施例中的相应描述同样适用于装置500、600,在此不再赘述。It is worth noting that the devices 500 and 600 shown in Figure 5 and Figure 6 correspond to the methods described in Figure 2 and Figure 3 respectively, and the corresponding descriptions in the method embodiments described in Figure 2 and Figure 3 are also applicable to the device 500 , 600, which will not be repeated here.

根据另一方面的实施例,还提供一种计算机可读存储介质,其上存储有计算机程序,当所述计算机程序在计算机中执行时,令计算机执行结合图2、图3等所描述的方法。According to another embodiment, there is also provided a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed in a computer, the computer is made to execute the methods described in conjunction with FIG. 2 , FIG. 3 , etc. .

根据再一方面的实施例,还提供一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现结合图2、图3等所描述的方法。According to yet another embodiment, there is also provided a computing device, including a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, the implementation in conjunction with Fig. 2 and Fig. 3 is realized. etc. described methods.

本领域技术人员应该可以意识到,在上述一个或多个示例中,本说明书实施例所描述的功能可以用硬件、软件、固件或它们的任意组合来实现。当使用软件实现时,可以将这些功能存储在计算机可读介质中或者作为计算机可读介质上的一个或多个指令或代码进行传输。Those skilled in the art should be aware that, in the above one or more examples, the functions described in the embodiments of this specification may be implemented by hardware, software, firmware or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium.

以上所描述的具体实施方式,对本说明书的技术构思的目的、技术方案和有益效果进行了进一步详细说明,所应理解的是,以上所描述仅为本说明书的技术构思的具体实施方式而已,并不用于限定本说明书的技术构思的保护范围,凡在本说明书实施例的技术方案的基础之上,所做的任何修改、等同替换、改进等,均应包括在本说明书的技术构思的保护范围之内。The specific implementations described above further describe the purpose, technical solutions and beneficial effects of the technical concept of this specification in detail. It should be understood that the above description is only a specific implementation of the technical concept of this specification. It is not intended to limit the scope of protection of the technical concept of this specification. Any modifications, equivalent replacements, improvements, etc. made on the basis of the technical solutions of the embodiments of this specification shall be included in the scope of protection of the technical concept of this specification. within.

Claims (14)

1. A method of data storage, the method comprising:
encrypting a first data identifier of data to be stored by adopting a local private key Ka in a first encryption mode to obtain a first identifier ciphertext;
encrypting the data to be stored by using the first identification ciphertext as an encryption key to obtain a first data ciphertext;
and storing the first data ciphertext and the first data identifier to a preset external storage platform correspondingly.
2. The method of claim 1, wherein encrypting the first data identifier of the data to be stored using the local private key Ka to obtain a first identifier ciphertext comprises:
after the first data identifier is subjected to hash calculation in a preset mode, a first hash value is obtained;
mapping the first hash value into a first point on an elliptic curve in an elliptic curve encryption mode;
and performing point multiplication operation on the first point by using a local private key Ka to obtain the first identification ciphertext.
3. The method of claim 1, wherein the encryption manner of encrypting the data to be stored using the first identification ciphertext as an encryption key is symmetric encryption.
4. The method of claim 1, wherein the storing the first data ciphertext corresponding to the first data identification to a predetermined external storage platform comprises:
processing the first data identifier by using a second encryption mode to obtain a second identifier ciphertext;
and storing the first data ciphertext and the second identification ciphertext to a preset external storage platform correspondingly.
5. The method of claim 1, wherein the storing the first data ciphertext corresponding to the first data identification to a predetermined external storage platform comprises:
and storing the first data identifier, the first data ciphertext and the identity identifier of the current storage party to the external storage platform correspondingly, so that the inquiring party can determine the identity of the current storage party according to the corresponding identity identifier of the storage party when inquiring according to the first data identifier.
6. The method of claim 1, wherein the local private key Ka is updated to Ka' and the data to be stored is restored using the updated local private key in case that a predetermined condition is satisfied.
7. A method of querying data stored on an external storage platform via the manner of claim 1, the method comprising:
based on the current query data identification, sending a query request to an external storage platform so that the external storage platform feeds back a second data ciphertext corresponding to the query data identification;
and decrypting the second data ciphertext by using a decryption key obtained by carrying out secure interaction with a storage party corresponding to the second data ciphertext to obtain data to be queried, wherein the decryption key is consistent with a query identification ciphertext obtained by encrypting the query data identification in a first encryption mode by using a private key of the storage party.
8. The method of claim 7, wherein the query data identifier is consistent with a second data identifier corresponding to the second data ciphertext, and the second data identifier is stored on an external storage platform in a ciphertext form processed by a second encryption method and the second data ciphertext;
the sending the query request to the external storage platform based on the current query data identifier comprises:
processing the query data identifier by using a second encryption mode to obtain a query identifier ciphertext;
and sending a query request containing the query identification ciphertext to an external storage platform, so that the external storage platform feeds back the second data ciphertext under the condition that the external storage platform compares the ciphertext form of the second data identifier consistent with the query identification ciphertext.
9. The method of claim 7, wherein the external storage platform further feeds back an identity of the party storing the second data ciphertext, and the securely interacting with the party storing the second data ciphertext further comprises:
and determining the storage party of the second data ciphertext based on the identity of the storage party, so as to perform safe interaction with the storage party.
10. The method of claim 7, wherein the decryption key is obtained by:
encrypting the query data identifier by using a local key Kb to obtain a primary ciphertext of the query data identifier;
providing the primary ciphertext of the query data identifier to the storage party so that the storage party encrypts the primary ciphertext of the query data identifier by using a local key Ka, thereby feeding back the secondary ciphertext of the query data identifier;
and decrypting the secondary ciphertext identified by the query data through the inverse of the local key Kb to obtain the decryption key.
11. A data storage device, the device comprising:
the encryption unit is configured to encrypt a first data identifier of data to be stored by adopting a local private key Ka in a first encryption mode to obtain a first identifier ciphertext; and
encrypting the data to be stored by using the first identification ciphertext as an encryption key to obtain a first data ciphertext;
and the storage unit is configured to store the first data ciphertext and the first data identifier to a preset external storage platform correspondingly.
12. An apparatus for querying data stored on an external storage platform via the apparatus provided in claim 11, the apparatus comprising:
the query unit is configured to send a query request to the external storage platform based on the current query data identifier so that the external storage platform feeds back a second data ciphertext corresponding to the query data identifier;
and the decryption unit is configured to decrypt the second data ciphertext by using a decryption key obtained by carrying out secure interaction with a storage party corresponding to the second data ciphertext to obtain data to be queried, wherein the decryption key is consistent with a query identification ciphertext obtained by encrypting the query data identification in a first encryption mode by a private key of the storage party.
13. A computer readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of any of claims 1-10.
14. A computing device comprising a memory and a processor, wherein the memory has executable code stored therein, which when executed by the processor, implements the method of any of claims 1-10.
CN202310115475.4A 2023-02-14 2023-02-14 Method and device for data storage and query Pending CN116303591A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310115475.4A CN116303591A (en) 2023-02-14 2023-02-14 Method and device for data storage and query

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310115475.4A CN116303591A (en) 2023-02-14 2023-02-14 Method and device for data storage and query

Publications (1)

Publication Number Publication Date
CN116303591A true CN116303591A (en) 2023-06-23

Family

ID=86827874

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310115475.4A Pending CN116303591A (en) 2023-02-14 2023-02-14 Method and device for data storage and query

Country Status (1)

Country Link
CN (1) CN116303591A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106487763A (en) * 2015-08-31 2017-03-08 腾讯科技(深圳)有限公司 A kind of data access method based on cloud computing platform and user terminal
CN113886887A (en) * 2021-10-25 2022-01-04 支付宝(杭州)信息技术有限公司 Data query method and device based on multi-party secure computing
WO2022007889A1 (en) * 2020-07-08 2022-01-13 浙江工商大学 Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption
CN115098868A (en) * 2022-06-02 2022-09-23 蚂蚁区块链科技(上海)有限公司 Privacy-protecting data providing and inquiring method, device and system
US20220407729A1 (en) * 2020-02-27 2022-12-22 Huawei Cloud Computing Technologies Co., Ltd. Data processing method and apparatus, device, and medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106487763A (en) * 2015-08-31 2017-03-08 腾讯科技(深圳)有限公司 A kind of data access method based on cloud computing platform and user terminal
US20220407729A1 (en) * 2020-02-27 2022-12-22 Huawei Cloud Computing Technologies Co., Ltd. Data processing method and apparatus, device, and medium
WO2022007889A1 (en) * 2020-07-08 2022-01-13 浙江工商大学 Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption
CN113886887A (en) * 2021-10-25 2022-01-04 支付宝(杭州)信息技术有限公司 Data query method and device based on multi-party secure computing
CN115098868A (en) * 2022-06-02 2022-09-23 蚂蚁区块链科技(上海)有限公司 Privacy-protecting data providing and inquiring method, device and system

Similar Documents

Publication Publication Date Title
CN110096899B (en) Data query method and device
US8447983B1 (en) Token exchange
US10404669B2 (en) Wildcard search in encrypted text
CN110537183A (en) data tokenization
CN111046047B (en) Privacy-protecting data query method and device
US9292532B2 (en) Remote data storage
WO2016115663A1 (en) Method and apparatus for heterogeneous data storage management in cloud computing
US12212685B2 (en) Consent management
CN111914291A (en) Message processing method, device, equipment and storage medium
CN110162988A (en) A kind of sensitive data encryption method based on operation system
CN115567263A (en) A data transmission management method, data processing method and device
CN112287364A (en) Data sharing method, device, system, medium and electronic equipment
WO2020073712A1 (en) Method for sharing secure application in mobile terminal, and mobile terminal
CN103152346B (en) The method for secret protection of mass users, server and system
JPWO2018016330A1 (en) Communication terminal, server device, program
CN115408435A (en) Data query method and device
KR20250110229A (en) Key derivation for account management
Ahamed et al. Secured Data Storage Using Deduplication in Cloud Computing Based on Elliptic Curve Cryptography.
CN114697133A (en) Message encryption method, message decryption method, device and system
CN113452654B (en) Data decryption method
CN111737708A (en) A verifiable deletion method and system supporting efficient update of outsourced data
Chavan et al. Secure CRM cloud service using RC5 algorithm
CN116303591A (en) Method and device for data storage and query
CN117708381A (en) Privacy-protecting graph data query method and device
Tikore et al. Ensuring the data integrity and confidentiality in cloud storage using hash function and TPA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination