隐私数据验证场景下的隐私保护研究

石侃; 陈洁

引用本文：

石侃,陈洁.隐私数据验证场景下的隐私保护研究[J].信息安全学报,2020,5(6):27-39 [点击复制]
SHI Kan,CHEN Jie.Research on privacy protection in privacy data verification scenarios[J].Journal of Cyber Security,2020,5(6):27-39 [点击复制]

本文已被：浏览 3994次下载 3578次	码上扫一扫！
隐私数据验证场景下的隐私保护研究
石侃¹, 陈洁²
0 字体:加大+\|默认\|缩小-
(1.华东师范大学计算机科学与技术学院上海中国 200241;2.华东师范大学软件工程学院上海中国 200241)

摘要:

隐私数据验证场景是信息验证服务下的一类特殊场景，其实用性要求数据在第三方数据库进行存储、发布且有能力处理任意形式声明的验证，其安全性要求数据在存储、更新与证明期间提供有效的隐私保护手段。目前该场景下的隐私保护研究尚且处于空白阶段，因此本文引入可证明数据加密策略的概念，以满足隐私数据验证场景下的实用性与安全性需求。本文主要有三个贡献：（1）对可证明数据加密策略进行讨论并给出形式化定义；（2）基于非交互零知识证明构造出首个可证明数据加密方案，并同时支持高效的数据更新操作；（3）基于承诺方案、非交互零知识证明与全同态加密，提出可证明数据加密策略的两种通用构造框架并给予相关性质证明。

关键词: 隐私数据验证场景隐私保护可证明数据加密策略非交互零知识证明

DOI：10.19363/J.cnki.cn10-1380/tn.2020.11.03

投稿时间：2020-03-13修订日期：2020-05-25

基金项目:本课题得到国家自然科学基金项目（No.61972156，No.U1705264），中国科协青年人才托举工程（No.2017QNRC001）资助。

Research on privacy protection in privacy data verification scenarios

SHI Kan¹, CHEN Jie²

(1.School of Computer Science and Technology, East China Normal University, Shanghai 200241, China;2.School of Software Engineering, East China Normal University, Shanghai 200241, China)

Abstract:

The privacy data verification scenario is a special scenario under the information verification service. Its practicability requires data to be stored and published in third-party database and have the ability to handle any form of statement verification. Its security requires effective privacy protection during data storage, update and certification. At present, the privacy protection research in this scenario is still blank, so this paper introduces the concept of provable data encryption scheme to meet the practicality and security requirements in the privacy data verification scenario. This paper has three main contributions: (1) discussing the provable data encryption scheme and giving its formal definition; (2) constructed the first provable data encryption scheme based on non-interactive zero-knowledge proof, which also supports efficient data update operations; (3) based on the commitment scheme, non-interactive zero-knowledge proof and fully homomorphic encryption, we propose two general construction frameworks for provable data encryption scheme and proves their relevant properties.

Key words: privacy data validation scenario privacy protection provable data encryption scheme non-interactive zero-knowledge proof