Data processing method and apparatus
By using pseudo-random number interaction to achieve hidden queries that retrieve multiple data entries at once, the problem of high transmission and computational overhead in existing technologies is solved, thus protecting data privacy.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- JISHU (HANGZHOU) TECH CO LTD
- Filing Date
- 2023-02-28
- Publication Date
- 2026-06-30
AI Technical Summary
Existing technologies cannot query multiple data entries at once, resulting in excessive transmission and computational overhead, and the privacy protection of data providers is not high.
By generating and using pseudo-random numbers, the data queryer and the provider interact to construct the pseudo-random number to be queried and the encrypted business data, enabling a hidden query of multiple data entries in a single query.
It enables querying multiple data entries at once, reducing communication and computational overhead, and protecting the privacy of both the data queryer and the data provider.
Smart Images

Figure CN116226216B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of computer technology, and in particular to data processing methods. This application also relates to a data processing apparatus, a computing device, and a computer-readable storage medium. Background Technology
[0002] With the development of science and technology, people's lives are becoming increasingly intelligent, and they are paying more and more attention to their privacy. In today's reality, users often need to query data from data providers. When users search for information in databases, existing anonymous query technologies employ methods to prevent database servers from knowing the relevant information in the user's query, thereby protecting the user's query privacy. For example, medical databases and patent databases have high requirements for query privacy.
[0003] In current practical applications, it is not possible to query multiple data entries at once. To query multiple data entries, the same method must be used multiple times, resulting in significant transmission and computational overhead. Furthermore, users need to know the location of the data they are querying in the database, meaning the data provider must disclose the database ID information in advance, which compromises the data provider's privacy. Summary of the Invention
[0004] In view of this, embodiments of this application provide a data processing method. This application also relates to a data processing apparatus, a computing device, and a computer-readable storage medium to solve the aforementioned problems existing in the prior art.
[0005] According to a first aspect of the embodiments of this application, a data processing method is provided, applied to a data query party, including:
[0006] Obtain at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number;
[0007] The first service pseudo-random number is sent by the data provider, wherein the first service pseudo-random number is the first pseudo-random number corresponding to the service data;
[0008] A queried pseudo-random number is constructed based on the first pseudo-random number and the first service pseudo-random number, and the queried pseudo-random number is sent to the data provider;
[0009] The system receives encrypted business data returned by the data provider based on the pseudo-random number to be queried, and obtains query results based on the encrypted business data, wherein the encrypted business data is determined based on the pseudo-random number to be queried and a second business pseudo-random number.
[0010] According to a second aspect of the embodiments of this application, a data processing apparatus is provided, applied to a data querying party, comprising:
[0011] The first acquisition module is configured to acquire at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number;
[0012] The first receiving module is configured to receive a first service pseudo-random number sent by the data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to the service data;
[0013] The construction module is configured to construct a queried pseudo-random number based on the first pseudo-random number and the first business pseudo-random number, and send the queried pseudo-random number to the data provider;
[0014] The query module is configured to receive encrypted business data returned by the data provider based on the pseudo-random number to be queried, and to obtain query results based on the encrypted business data, wherein the encrypted business data is determined based on the pseudo-random number to be queried and a second business pseudo-random number.
[0015] According to a third aspect of the embodiments of this application, a data processing method is provided, applied to a data provider, including:
[0016] Obtain the business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes the first business pseudo-random number and the second business pseudo-random number;
[0017] Send the first pseudo-random number corresponding to each business data to the data query party;
[0018] Receive the pseudo-random number to be queried returned by the data query party based on the first business pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first business pseudo-random number;
[0019] Based on the pseudo-random number to be queried, target business data and a second pseudo-random number corresponding to the target business data are determined in the business data, and the target business data is encrypted to obtain encrypted business data.
[0020] The encrypted business data is sent to the data query party.
[0021] According to a fourth aspect of the embodiments of this application, a data processing apparatus is provided, applied to a data provider, comprising:
[0022] The second acquisition module is configured to acquire the business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes the first business pseudo-random number and the second business pseudo-random number.
[0023] The first sending module is configured to send the first pseudo-random number corresponding to each business data to the data query party;
[0024] The second receiving module is configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first service pseudo-random number.
[0025] The encryption module is configured to determine, based on the pseudo-random number to be queried, target business data and a second pseudo-random number corresponding to the target business data in the business data, encrypt the target business data, and obtain encrypted business data.
[0026] The second sending module is configured to send the encrypted service data to the data query party.
[0027] According to a fifth aspect of the embodiments of this application, a data processing system is provided, including: a data querying party and a data providing party;
[0028] The data querying party is configured to obtain at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number;
[0029] The data provider is configured to obtain a business pseudo-random number corresponding to each business data, and send a first business pseudo-random number corresponding to each business data to the data query party, wherein the business pseudo-random number includes a first business pseudo-random number and a second business pseudo-random number.
[0030] The data querying party is further configured to receive the first service pseudo-random number sent by the data provider, construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider;
[0031] The data provider is further configured to receive a pseudo-random number to be queried returned by the data querying party based on the first business pseudo-random number, determine the target business data and the second business pseudo-random number corresponding to the target business data in the business data based on the pseudo-random number to be queried, encrypt the target business data to obtain encrypted business data, and send the encrypted business data to the data querying party.
[0032] The data querying party is also configured to receive the encrypted business data returned by the data provider based on the pseudo-random number to be queried, and to obtain query results based on the encrypted business data.
[0033] According to a sixth aspect of the present application, a computing device is provided, including a memory, a processor, and computer instructions stored in the memory and executable on the processor, wherein the processor executes the computer instructions to implement the steps of the data processing method.
[0034] According to a seventh aspect of the present application, a computer-readable storage medium is provided that stores computer instructions which, when executed by a processor, implement the steps of the data processing method.
[0035] The data processing method provided in this application is applied to a data querying party, comprising: obtaining at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number; receiving a first business pseudo-random number sent by a data provider, wherein the first business pseudo-random number is a first pseudo-random number corresponding to the business data; constructing a pseudo-random number to be queried based on the first pseudo-random number and the first business pseudo-random number, and sending the pseudo-random number to be queried to the data provider; receiving encrypted business data returned by the data provider based on the pseudo-random number to be queried, and obtaining a query result based on the encrypted business data, wherein the encrypted business data is determined based on the pseudo-random number to be queried and the second business pseudo-random number.
[0036] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can use a pseudo-random number corresponding to its own data entry to query the corresponding data from the data provider. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer. Attached Figure Description
[0037] Figure 1 This is a schematic diagram illustrating an application scenario of a data processing method provided in an embodiment of this application;
[0038] Figure 2 This is a flowchart of a data processing method provided in an embodiment of this application;
[0039] Figure 3 This is an interactive schematic diagram of a data processing method provided in an embodiment of this application;
[0040] Figure 4This is a flowchart illustrating a data processing method applied to a banking business scenario, provided by an embodiment of this application.
[0041] Figure 5 This is a schematic diagram of the structure of a data processing device provided in an embodiment of this application;
[0042] Figure 6 This is a flowchart of another data processing method provided in an embodiment of this application;
[0043] Figure 7 This is a schematic diagram of the structure of another data processing device provided in an embodiment of this application;
[0044] Figure 8 This is a structural block diagram of a data processing system provided in one embodiment of this application;
[0045] Figure 9 This is a structural block diagram of a computing device provided in one embodiment of this application. Detailed Implementation
[0046] Many specific details are set forth in the following description to provide a full understanding of this application. However, this application can be implemented in many other ways different from those described herein, and those skilled in the art can make similar extensions without departing from the spirit of this application; therefore, this application is not limited to the specific embodiments disclosed below.
[0047] The terminology used in one or more embodiments of this application is for the purpose of describing particular embodiments only and is not intended to limit the scope of one or more embodiments of this application. The singular forms “a,” “the,” and “the” used in one or more embodiments of this application and in the appended claims are also intended to include the plural forms unless the context clearly indicates otherwise. It should also be understood that the term “and / or” used in one or more embodiments of this application refers to and includes any or all possible combinations of one or more associated listed items.
[0048] It should be understood that although the terms first, second, etc., may be used to describe various information in one or more embodiments of this application, such information should not be limited to these terms. These terms are only used to distinguish information of the same type from one another. For example, first may also be referred to as second without departing from the scope of one or more embodiments of this application, and similarly, second may also be referred to as first. Depending on the context, the word "if" as used herein may be interpreted as "when," "when," or "in response to a determination."
[0049] First, the terms and concepts involved in one or more embodiments of this application will be explained.
[0050] Anonymous query (Private Information Retrieval – PIR): Also known as privacy information retrieval, this refers to a query where the queryer hides the keywords or customer ID information of the queried object, and the data service provider provides matching query results without knowing which specific queried object it corresponds to. Typically, an anonymous query retrieves a single piece of data at a time, while a batch anonymous query retrieves multiple pieces of data at once.
[0051] PseudoRandomFunction (PRF): Generates random numbers based on a random seed and the data itself. If the data and the random seed are the same, the same random numbers will be generated.
[0052] Oblivious PseudoRandom Function (OPRF): A cryptographic protocol executed by two parties. One party obtains the pseudo-random function value corresponding to its data through this protocol, while the other party obtains the seed of the pseudo-random function. The receiver knows nothing about the pseudo-random function value corresponding to its data; similarly, the receiver only obtains the seed of the pseudo-random function and is completely unaware of the receiver's data.
[0053] In real-world scenarios, users often need to query data from providers. When users search for information in a database, existing anonymous query technologies employ methods to prevent the database server from knowing the details of the user's query, thereby protecting the user's privacy. For example, medical databases and patent databases have high requirements for query privacy.
[0054] In current practical applications, it is not possible to query multiple data entries at once. To query multiple data entries, the same method must be used multiple times, resulting in significant transmission and computational overhead. Furthermore, users need to know the location of the data they are querying in the database, meaning the data provider must disclose the database ID information in advance, which compromises the data provider's privacy.
[0055] This application provides a data processing method, and also relates to a data processing apparatus, a computing device, and a computer-readable storage medium, which will be described in detail in the following embodiments.
[0056] Figure 1 This illustration shows an application scenario diagram of a data processing method according to an embodiment of this application. The data processing method provided in this embodiment is applied to a terminal, which may be a laptop computer, desktop computer, tablet computer, smart device, server, cloud server, distributed server, etc. In the embodiments provided in this application, the specific form of the terminal is not limited. Figure 1 As shown, the data querying party splits the pseudo-random number corresponding to the data to be queried into a first pseudo-random number and a second pseudo-random number. The data provider splits the business pseudo-random number corresponding to the business data into a first business pseudo-random number and a second business pseudo-random number. Then, the data querying party receives the first business pseudo-random number sent by the data provider, constructs the pseudo-random number to be queried based on the first business pseudo-random number and the first pseudo-random number, and sends the constructed pseudo-random number to be queried to the data provider.
[0057] The data provider receives the pseudo-random number to be queried returned by the data querying party. Based on the pseudo-random number, the data provider retrieves the target business data corresponding to the pseudo-random number and a second pseudo-random number corresponding to the target business data from the business data. Then, the data provider encrypts the target business data according to the second pseudo-random number corresponding to the target business data, obtaining encrypted business data, and sends the encrypted business data to the data querying party.
[0058] After receiving encrypted business data from the data provider, the data querying party decrypts the encrypted business data to obtain the corresponding query results.
[0059] The data processing method provided in this application can complete the query of multiple data at once. The data queryer can query the corresponding data from the data provider based on their own data to be queried, but cannot obtain any other data besides the data to be queried. The data provider also cannot know the ID position queried by the data queryer.
[0060] It enables hidden queries on multiple data entries at once. By expanding the query range of the data to be queried to a certain number, the data queryer can reduce communication and computation overhead by eliminating the need for the transmission and computation of all business data.
[0061] Figure 2 A flowchart of a data processing method according to an embodiment of this application is shown. This data processing method is applied to a data query party and specifically includes the following steps:
[0062] Step 202: Obtain at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number.
[0063] Specifically, the data to be queried refers to the data or data query identifier used by the data querying party to perform the data query. It is the data stored on the data querying party, which is the terminal that needs to perform the data query. This terminal can be a smart device with query capabilities, such as a mobile phone, tablet, or desktop computer. For example, if Zhang San needs to check whether his identity information is on list A, during the data query process, Zhang San can use his name to query his gender, age, height, weight, and ID number, and he can use his ID number to query his name, gender, age, height, and weight. In this case, the terminal used by Zhang San to perform the data query is the data querying party, and Zhang San's name can be considered the data to be queried; similarly, Zhang San's ID number can also be considered the data to be queried.
[0064] Pseudo-random numbers refer to a sequence of random numbers generated for each piece of query data using a pseudo-random function. A pseudo-random number consists of two parts: a first pseudo-random number and a second pseudo-random number. For example, if a pseudo-random number is a 32-bit integer divided into two 16-bit integers, then the first pseudo-random number is the first 16 bits, and the second pseudo-random number is the last 16 bits. Accordingly, each different piece of query data corresponds to a different pseudo-random number.
[0065] In one embodiment provided in this application, obtaining a pseudo-random number corresponding to each piece of data to be queried includes:
[0066] The pseudo-random number corresponding to each data to be queried is obtained based on a preset pseudo-random function.
[0067] The preset pseudo-random function is a pre-set pseudo-random function used to generate a corresponding pseudo-random number for each piece of data to be queried. Specifically, after obtaining at least one piece of data to be queried, the preset pseudo-random function is used to calculate the pseudo-random number for each piece of data to be queried. In this application, the preset pseudo-random function is preferably calculated using an unintended pseudo-random function.
[0068] For example, if the data to be queried is qi, the pseudo-random number F(qi) corresponding to the data to be queried is obtained by calculating the random number of the data qi according to the random function. The first pseudo-random number is F(qi)0 and the second pseudo-random number is F(qi)1.
[0069] Step 204: Receive the first service pseudo-random number sent by the data provider, wherein the first service pseudo-random number is the first pseudo-random number corresponding to the service data.
[0070] The first business pseudo-random number refers to a portion of the random number sequence generated by the data provider using a pseudo-random function based on the business data stored therein. The business pseudo-random number includes both the first and second business pseudo-random numbers; similar to the pseudo-random numbers mentioned above, it also comprises two parts. The data provider refers to the terminal that provides data to the data querying party.
[0071] Business data refers to data stored by the data provider for data query services. Continuing the example, Zhang San uses his name to query his gender, age, height, weight, and ID number. In this context, Zhang San's name is the data to be queried, while his name, gender, age, height, weight, and ID number are the business data.
[0072] Specifically, the data querying party can receive a first business pseudo-random number sent by the data provider. Receiving this first business pseudo-random number allows the data querying party to subsequently retrieve the corresponding business data from the data provider's business data based on that first business pseudo-random number.
[0073] Step 206: Construct a pseudo-random number to be queried based on the first pseudo-random number and the first business pseudo-random number, and send the pseudo-random number to be queried to the data provider.
[0074] The pseudo-random number to be queried refers to the pseudo-random number sequence constructed based on the first pseudo-random number and the first business pseudo-random number.
[0075] Specifically, after receiving the first business pseudo-random number sent by the data provider, a corresponding pseudo-random number to be queried can be constructed based on the first pseudo-random number and the first business pseudo-random number, and then the constructed pseudo-random number to be queried can be sent to the data provider.
[0076] Furthermore, the specific implementation method for constructing the pseudo-random number to be queried based on the first pseudo-random number and the first business pseudo-random number is as follows:
[0077] In one embodiment provided in this application, constructing a pseudo-random number to be queried based on the first pseudo-random number and the first business pseudo-random number includes:
[0078] Based on the first pseudo-random number, a target first pseudo-random number is determined from the first service pseudo-random number;
[0079] The pseudo-random number to be queried is constructed based on the target first pseudo-random number and the first business pseudo-random number.
[0080] Specifically, the target first pseudo-random number refers to the intersection data determined from the first business pseudo-random numbers that corresponds to the first pseudo-random number. For example, if the data querying party has 5 pieces of data to be queried, and among the 10 first business pseudo-random numbers received, there are first pseudo-random numbers corresponding to 3 of the aforementioned 5 pieces of data to be queried, then the first pseudo-random numbers corresponding to these 3 pieces of data to be queried are all the target first pseudo-random numbers.
[0081] Specifically, after receiving the first service pseudo-random number sent by the data provider, the intersection data between the first pseudo-random number and the first service pseudo-random number is determined based on the first pseudo-random number, and the intersection data is determined as the target first pseudo-random number. Further, a query pseudo-random number corresponding to the target first pseudo-random number is constructed based on the target first pseudo-random number and the first service pseudo-random number.
[0082] Taking the example where the data querying party obtains 5 pieces of data to be queried, and these 5 pieces of data are the identity information corresponding to 5 users, the data provider sends 10 first business pseudo-random numbers. Since the data querying party obtains 5 pieces of data to be queried, there are 5 first pseudo-random numbers corresponding to the data to be queried. Because these 5 pieces of data to be queried are the identity information corresponding to 5 users, these 5 pieces of data to be queried are different. Based on the principle that the pseudo-random numbers corresponding to the same data are the same, it can be determined that the 5 first pseudo-random numbers corresponding to the 5 pieces of data to be queried are not the same to each other.
[0083] Furthermore, based on these 5 first pseudo-random numbers, a query is performed among the 10 first business pseudo-random numbers received to determine whether these 5 first pseudo-random numbers can be found among the first business pseudo-random numbers. The first pseudo-random numbers found are determined as the target first pseudo-random numbers. Based on the target first pseudo-random number and the first business pseudo-random numbers, the corresponding query pseudo-random number is constructed.
[0084] By determining the intersection data with the first pseudo-random number in the first business pseudo-random number, it can be preliminarily determined whether the data to be queried is stored in the business data. Then, based on the first business pseudo-random number and the target first pseudo-random number, a pseudo-random number to be queried can be constructed, so that the data provider cannot know the specific data that the data query party needs to query.
[0085] Furthermore, in one embodiment provided in this application, determining a target first pseudo-random number from the first service pseudo-random number based on the first pseudo-random number includes:
[0086] Compare the first pseudo-random number with the first business pseudo-random number;
[0087] The target first pseudo-random number is determined based on the comparison results.
[0088] Specifically, each random number sequence in the first pseudo-random number is compared with each random number sequence in the first business pseudo-random number. If there is a random number sequence in the first pseudo-random number that is completely identical to the random number sequence in the first business pseudo-random number, then that random number sequence in the first business pseudo-random number is determined to be the target first pseudo-random number.
[0089] Furthermore, taking the name information of user Zhang San as the data to be queried, and the first pseudo-random number corresponding to "Zhang San" as "XXXXXXXXXXXXXXXX" as an example, let's illustrate this further. For instance, both the first pseudo-random number and the first business pseudo-random number are split into 16-bit random integers. A random number sequence "YYYYYYYYYYYYYYYY" is obtained from the first business pseudo-random number. This first pseudo-random number sequence "XXXXXXXXXXXXXXXX" is compared one-to-one with "YYYYYYYYYYYYYYYY". If the 16-bit integers of the first business pseudo-random number are the same as those of the first pseudo-random number, that is, if "YYYYYYYYYYYYYYYY" is the same as "XXXXXXXXXXXXXXXX", then this first business pseudo-random number sequence is determined to be the target first pseudo-random number. It should be noted that the first pseudo-random number and the first business pseudo-random number having the same 16-bit integer means that 16 consecutive integers are the same.
[0090] In one embodiment provided by this application, the method for constructing the queried pseudo-random number based on the target first pseudo-random number and the first business pseudo-random number includes:
[0091] Obtain a random service pseudo-random number from the first service pseudo-random number;
[0092] The pseudo-random number to be queried is constructed based on the random business pseudo-random number and the target first pseudo-random number.
[0093] Specifically, the "random business pseudo-random number" refers to a first business pseudo-random number, excluding the target first pseudo-random number, randomly obtained from a first business pseudo-random number according to a preset quantity. For example, if the first business pseudo-random number includes 10,000 business pseudo-random numbers, of which 1,000 are the target first pseudo-random number, then the remaining 9,000 business pseudo-random numbers, randomly obtained from the preset quantity, are the random business pseudo-random numbers. For example, if the preset quantity is 500, then the 500 business pseudo-random numbers randomly obtained from the remaining 9,000 are the random business pseudo-random numbers. It should be noted that the preset quantity used to obtain the random business pseudo-random numbers is set according to the actual application situation, and this application does not impose any limitations on it.
[0094] Specifically, in order to protect the privacy of the data querying party, that is, to prevent the data provider from knowing the data querying party, after determining the target first pseudo-random number, other pseudo-random numbers need to be randomly selected and combined with the target first pseudo-random number to form the pseudo-random number to be queried.
[0095] Therefore, a target first pseudo-random number is determined from the first business pseudo-random number. A random business pseudo-random number is then obtained from the first business pseudo-random number based on the target first pseudo-random number. Finally, the target first pseudo-random number and the random business pseudo-random number are used to construct the corresponding pseudo-random number to be queried. In this way, the data provider cannot know which specific business data items the data querying party is seeking, thus protecting the privacy of the data querying party.
[0096] Furthermore, in one embodiment provided by this application, obtaining a random service pseudo-random number from the first service pseudo-random number includes:
[0097] A reference first service pseudo-random number is determined based on the first pseudo-random number and the first service pseudo-random number;
[0098] Based on a preset quantity, a corresponding random service pseudo-random number is selected from the reference first service pseudo-random number.
[0099] Among them, the reference first business pseudo-random number is the business pseudo-random number other than the target first pseudo-random number in the first business pseudo-random number. Continuing with the previous example, the first business pseudo-random number includes 10,000 business pseudo-random numbers, of which 1,000 are the target first pseudo-random number, and the remaining 9,000 business pseudo-random numbers are all reference first business pseudo-random numbers.
[0100] The preset quantity specifically refers to the number of pseudo-random numbers that the data querying party pre-sets for generating the query.
[0101] Specifically, after determining the target first pseudo-random number from the first business pseudo-random number, a reference first business pseudo-random number can be further determined, and a corresponding number of business pseudo-random numbers can be selected from the reference first business pseudo-random number as random business pseudo-random numbers according to a preset quantity.
[0102] Let's take an example where the data querying party pre-sets a quantity of 200 pseudo-random numbers to be generated for the query. Assume the data querying party has 100 pieces of data to be queried, and receives 1000 first-level pseudo-random numbers from the data provider. The first-level pseudo-random numbers corresponding to these 100 pieces of data are compared with the 1000 first-level pseudo-random numbers. If 50 target first-level pseudo-random numbers are obtained based on the comparison results, then the number of reference first-level pseudo-random numbers is determined to be 950, and the number of random first-level pseudo-random numbers to be obtained is 150. Therefore, 150 pseudo-random numbers need to be randomly selected from the 950 reference first-level pseudo-random numbers as the random first-level pseudo-random numbers.
[0103] Based on this, the 50 target pseudo-random numbers and 150 random business pseudo-random numbers can be combined to form the pseudo-random numbers to be queried, and the total number of pseudo-random numbers to be queried is 200.
[0104] More specifically, for example, the first business pseudo-random number includes 123456, where the numbers 1, 2, 3, 4, 5, and 6 represent the sequence identifiers corresponding to each first business pseudo-random number sequence, and each first business pseudo-random number sequence corresponds to a 16-bit random integer. The target first pseudo-random number includes first pseudo-random number 2 and first pseudo-random number 3. Then, the reference first business pseudo-random number includes first business pseudo-random number 1, first business pseudo-random number 4, first business pseudo-random number 5, and first business pseudo-random number 6. If the preset quantity is 2, then the random business pseudo-random number can be first business pseudo-random number 1 and first business pseudo-random number 4, first business pseudo-random number 1 and first business pseudo-random number 5, first business pseudo-random number 1 and first business pseudo-random number 6, etc. This application does not list all the specific business pseudo-random numbers included in the random business pseudo-random number.
[0105] Step 208: Receive encrypted business data returned by the data provider based on the pseudo-random number to be queried, and obtain query results based on the encrypted business data, wherein the encrypted business data is determined based on the pseudo-random number to be queried and the second business pseudo-random number.
[0106] Specifically, the encrypted business data refers to the data encrypted by the data provider based on a second business pseudo-random number corresponding to the pseudo-random number to be queried returned by the data querying party. The target business data refers to the business data that the data provider determines within the business data that corresponds to the pseudo-random number to be queried, based on the pseudo-random number to be queried.
[0107] In one embodiment provided in this application, obtaining query results based on the encrypted business data includes:
[0108] Obtain target encrypted data to be queried from the encrypted business data, wherein the target encrypted data to be queried is determined based on the business data corresponding to the first pseudo-random number and the second business pseudo-random number;
[0109] The target encrypted data to be queried is decrypted based on the second pseudo-random number to obtain the query result.
[0110] The target encrypted data to be queried can be understood as the encrypted data obtained by the data provider after encrypting the business data corresponding to the target first pseudo-random number based on the second business pseudo-random number.
[0111] Specifically, after receiving the encrypted business data returned by the data provider, the data querying party retrieves the target encrypted data to be queried from the encrypted business data, determines the second pseudo-random number corresponding to the target encrypted data, and decrypts the target encrypted data based on the second pseudo-random number to obtain the query result. It should be noted that the second pseudo-random number corresponding to the target encrypted data is the same as the second business pseudo-random number corresponding to the target encrypted data. Therefore, after obtaining the target encrypted data, the data querying party can decrypt the target encrypted data based on the second pseudo-random number corresponding to it.
[0112] Furthermore, in one embodiment provided in this application, obtaining the target encrypted data to be queried from the encrypted business data includes:
[0113] Random encrypted data is determined from the encrypted business data;
[0114] The random encrypted data is deleted from the encrypted business data to obtain the target encrypted data to be queried.
[0115] Specifically, the data querying party determines randomly encrypted data from the received encrypted business data and deletes the randomly encrypted data from the encrypted business data to obtain the target encrypted data to be queried.
[0116] For example, if you receive 10 encrypted service data items from a data provider, determine that the 5th to 7th encrypted service data items are randomly encrypted data, delete the determined random encrypted data items from the 10 encrypted service data items, and obtain the 1st to 4th and 8th to 10th target encrypted data items to be queried.
[0117] After obtaining the target encrypted data to be queried, the query results can be obtained based on the target encrypted data. Continuing with the previous example, the target encrypted data to be queried are encrypted business data 1-4 and encrypted business data 8-10. A second pseudo-random number corresponding to encrypted business data 1-4 and encrypted business data 8-10 is determined from the second pseudo-random number corresponding to each data to be queried. Then, the encrypted business data 1-4 and encrypted business data 8-10 are decrypted based on the corresponding second pseudo-random number, thereby obtaining the data query results corresponding to encrypted business data 1-4 and encrypted business data 8-10.
[0118] Optionally, in another embodiment provided by this application, obtaining query results based on the encrypted business data includes:
[0119] Determine the target data to be queried from the data to be queried, and the target second pseudo-random number corresponding to the target data to be queried;
[0120] Based on the target second pseudo-random number, the encrypted business data is decrypted to obtain the query result corresponding to the target query data.
[0121] The target query data is the business data selected from the query data from which the query result needs to be determined, and the target second pseudo-random number is the second pseudo-random number corresponding to the target query data.
[0122] For example, if the data to be queried includes data to be queried 1, data to be queried 2, data to be queried 3, and data to be queried 4, and the query results corresponding to data to be queried 1 and data to be queried 3 are to be queried, then data to be queried 1 and data to be queried 3 are to be queried target data, and the corresponding second pseudo-random number is to be queried target second pseudo-random number.
[0123] Specifically, the target data to be queried is determined from the data to be queried, and the target second pseudo-random number corresponding to the target data to be queried is obtained. Further, the encrypted business data is decrypted based on the target second pseudo-random number, and the query result corresponding to the target data to be queried is obtained based on the decryption result.
[0124] Specifically, in one embodiment provided by this application, the encrypted business data is decrypted based on the target second pseudo-random number to obtain the query result corresponding to the target query data, including:
[0125] Identify the target data to be decrypted from the encrypted business data;
[0126] Based on the target second pseudo-random number, the target data to be decrypted is decrypted;
[0127] If decryption is successful, the query result for the target data to be queried is determined;
[0128] If decryption fails, the step of determining the target data to be decrypted in the encrypted business data is repeated.
[0129] The target data to be decrypted is the encrypted data selected from the encrypted business data that needs to be decrypted. For example, if the encrypted business data includes data to be decrypted 1, data to be decrypted 2, data to be decrypted 3, and data to be decrypted 4, and data to be decrypted 1 needs to be decrypted, then data to be decrypted 1 is the target data to be decrypted.
[0130] Specifically, the target data to be decrypted is identified within the encrypted business data. Based on the aforementioned determined target second pseudo-random number, the target data to be decrypted is then decrypted. However, since the target second pseudo-random number corresponds to the target query data, but not necessarily to the target data to be decrypted, it cannot be determined whether decryption based on the target second pseudo-random number will be successful.
[0131] Therefore, the decryption result may be successful or unsuccessful. If decryption is successful, the target second pseudo-random number can be determined to be the second pseudo-random number corresponding to the target data to be decrypted, indicating that the target data to be decrypted is stored by the data provider. If decryption fails, the target second pseudo-random number is determined not to be the second pseudo-random number corresponding to the target data to be decrypted, indicating that the target data to be decrypted is not stored by the data provider. The target data to be decrypted needs to be re-determined, and the above steps should be repeated for the next target data to be decrypted until the encrypted data in the encrypted business data is decrypted.
[0132] The data processing method provided in this application is applied to a data querying party, comprising: obtaining at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number; receiving a first business pseudo-random number sent by a data provider, wherein the first business pseudo-random number is a first pseudo-random number corresponding to the business data; constructing a pseudo-random number to be queried based on the first pseudo-random number and the first business pseudo-random number, and sending the pseudo-random number to be queried to the data provider; receiving encrypted business data returned by the data provider based on the pseudo-random number to be queried, and obtaining a query result based on the encrypted business data, wherein the encrypted business data is determined based on the pseudo-random number to be queried and the second business pseudo-random number.
[0133] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can retrieve corresponding data from the data provider based on the pseudo-random number corresponding to their own data. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0134] See Figure 3 , Figure 3 The diagram illustrates an interactive schematic of a data processing method provided in an embodiment of this application, including steps 302 to 322.
[0135] Step 302: The data querying party obtains at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number.
[0136] Step 304: The data provider obtains the business pseudo-random number corresponding to each business data, wherein the pseudo-random number includes the first business pseudo-random number and the second business pseudo-random number.
[0137] Step 306: The data querying party splits the pseudo-random number corresponding to each piece of data to be queried into a first pseudo-random number and a second pseudo-random number.
[0138] Step 308: The data provider splits the pseudo-random number corresponding to each business data into a first pseudo-random number and a second pseudo-random number.
[0139] Step 310: The data provider sends the first pseudo-random number corresponding to each business data to the data queryer.
[0140] Step 312: The data queryer determines the target first pseudo-random number from the first business pseudo-random number based on the first pseudo-random number.
[0141] Step 314: The data querying party constructs a pseudo-random number to be queried based on the target first pseudo-random number and the first business pseudo-random number.
[0142] Step 316: The data querying party sends the pseudo-random number to be queried to the data provider.
[0143] Step 318: The data provider determines the target business data and the second business pseudo-random number corresponding to the target business data in the business data based on the pseudo-random number to be queried, and encrypts the target business data based on the second business pseudo-random number to obtain encrypted business data.
[0144] Step 320: The data provider sends the encrypted business data to the data queryer.
[0145] Step 322: The data querying party decrypts the encrypted business data based on the second pseudo-random number to obtain the query result.
[0146] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can use a pseudo-random number corresponding to its own data entry to query the corresponding data from the data provider. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0147] The following is in conjunction with the appendix Figure 4 Taking the application of the data processing method provided in this application in a banking business scenario as an example, the data processing method will be further explained. Among them, Figure 4 This application provides a flowchart illustrating a data processing method for a banking business scenario, which includes the following steps:
[0148] Step 402: Obtain at least one ID number to be queried and a pseudo-random number corresponding to each ID number to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number.
[0149] Step 404: Split the pseudo-random number corresponding to each ID number to be queried into a first pseudo-random number and a second pseudo-random number.
[0150] Step 406: Receive the first business pseudo-random number sent by the data provider, wherein the first business pseudo-random number is determined based on the first pseudo-random number corresponding to the banking business data.
[0151] Step 408: Based on the first pseudo-random number, determine the target first pseudo-random number from the first service pseudo-random number.
[0152] Step 410: Obtain a random business pseudo-random number from the first business pseudo-random number, and construct a pseudo-random number to be queried based on the random business pseudo-random number and the first pseudo-random number.
[0153] Step 412: Send the pseudo-random number to be queried to the data provider.
[0154] Step 414: Receive encrypted business data returned by the data provider based on the pseudo-random number to be queried.
[0155] Step 416: Decrypt the encrypted business data based on the second pseudo-random number to obtain information such as name, gender, age, height, and weight corresponding to each ID number to be queried.
[0156] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can use a pseudo-random number corresponding to its own data entry to query the corresponding data from the data provider. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0157] Corresponding to the above method embodiments, this application also provides data processing apparatus embodiments. Figure 5 A schematic diagram of the structure of a data processing apparatus according to an embodiment of this application is shown. Figure 5 As shown, this device is used by the data query party and includes:
[0158] The first acquisition module 502 is configured to acquire at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number;
[0159] The first receiving module 504 is configured to receive a first service pseudo-random number sent by the data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to the service data.
[0160] The construction module 506 is configured to construct a queried pseudo-random number based on the first pseudo-random number and the first business pseudo-random number, and send the queried pseudo-random number to the data provider;
[0161] The query module 508 is configured to receive encrypted business data returned by the data provider based on the pseudo-random number to be queried, and to obtain query results based on the encrypted business data, wherein the encrypted business data is determined based on the pseudo-random number to be queried and a second business pseudo-random number.
[0162] Optionally, the first acquisition module 502 is further configured to:
[0163] The pseudo-random number corresponding to each data to be queried is obtained based on a preset pseudo-random function.
[0164] Optionally, the building module 506 is further configured to:
[0165] Based on the first pseudo-random number, a target first pseudo-random number is determined from the first service pseudo-random number;
[0166] The pseudo-random number to be queried is constructed based on the target first pseudo-random number and the first business pseudo-random number.
[0167] Optionally, the building module 506 is further configured to:
[0168] Compare the first pseudo-random number with the first business pseudo-random number;
[0169] The target first pseudo-random number is determined based on the comparison results.
[0170] Optionally, the constructed module 506 is further configured as follows:
[0171] Obtain a random service pseudo-random number from the first service pseudo-random number;
[0172] The pseudo-random number to be queried is constructed based on the random business pseudo-random number and the target first pseudo-random number.
[0173] Optionally, the building module 506 is further configured to:
[0174] A reference first service pseudo-random number is determined based on the first pseudo-random number and the first service pseudo-random number;
[0175] Based on a preset quantity, a corresponding random service pseudo-random number is selected from the reference first service pseudo-random number.
[0176] Optionally, the query module 508 is further configured as follows:
[0177] Obtain target encrypted data to be queried from the encrypted business data, wherein the target encrypted data to be queried is determined based on the business data corresponding to the first pseudo-random number and the second business pseudo-random number;
[0178] The target encrypted data to be queried is decrypted based on the second pseudo-random number to obtain the query result.
[0179] Optionally, the query module 508 is further configured as follows:
[0180] Random encrypted data is determined from the encrypted business data;
[0181] The random encrypted data is deleted from the encrypted business data to obtain the target encrypted data to be queried.
[0182] Optionally, the query module 508 is further configured as follows:
[0183] Determine the target data to be queried from the data to be queried, and the target second pseudo-random number corresponding to the target data to be queried;
[0184] Based on the target second pseudo-random number, the encrypted business data is decrypted to obtain the query result corresponding to the target query data.
[0185] Optionally, the query module 508 is further configured as follows:
[0186] Identify the target data to be decrypted from the encrypted business data;
[0187] Based on the target second pseudo-random number, the target data to be decrypted is decrypted;
[0188] If decryption is successful, the query result for the target data to be queried is determined;
[0189] If decryption fails, the step of determining the target data to be decrypted in the encrypted business data is repeated.
[0190] The data processing apparatus provided in this application, applied to a data querying party, includes: a first acquisition module configured to acquire at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number; a first receiving module configured to receive a first service pseudo-random number sent by a data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to the service data; a construction module configured to construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider; and a query module configured to receive encrypted service data returned by the data provider based on the pseudo-random number to be queried, and obtain a query result based on the encrypted service data, wherein the encrypted service data is determined based on the pseudo-random number to be queried and the second service pseudo-random number.
[0191] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can use a pseudo-random number corresponding to its own data entry to query the corresponding data from the data provider. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0192] The above is an illustrative scheme of a data processing apparatus according to this embodiment. It should be noted that the technical solution of this data processing apparatus and the technical solution of the data processing method described above belong to the same concept. For details not described in detail in the technical solution of the data processing apparatus, please refer to the description of the technical solution of the data processing method described above.
[0193] See Figure 6 , Figure 6 A flowchart of another data processing method according to an embodiment of this application is shown. This data processing method is applied to a data provider and specifically includes the following steps:
[0194] Step 602: Obtain the business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes the first business pseudo-random number and the second business pseudo-random number.
[0195] Step 604: Send the first pseudo-random number corresponding to each business data to the data query party.
[0196] Step 606: Receive the pseudo-random number to be queried returned by the data query party based on the first business pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first business pseudo-random number.
[0197] Step 608: Based on the pseudo-random number to be queried, determine the target business data and the second business pseudo-random number corresponding to the target business data in the business data, encrypt the target business data, and obtain encrypted business data.
[0198] Step 610: Send the encrypted business data to the data query party.
[0199] Another data processing method provided in this application, applied to a data provider, includes: obtaining a business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes a first business pseudo-random number and a second business pseudo-random number; sending the first business pseudo-random number corresponding to each business data to a data querying party; receiving a query pseudo-random number returned by the data querying party based on the first business pseudo-random number, wherein the query pseudo-random number is determined based on the first pseudo-random number and the first business pseudo-random number; based on the query pseudo-random number, determining target business data and a second business pseudo-random number corresponding to the target business data in the business data, encrypting the target business data to obtain encrypted business data; and sending the encrypted business data to the data querying party.
[0200] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can use a pseudo-random number corresponding to its own data entry to query the corresponding data from the data provider. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0201] Corresponding to the above method embodiments, this application also provides data processing apparatus embodiments. Figure 7 A schematic diagram of another data processing apparatus provided in one embodiment of this application is shown. Figure 7 As shown, the device is used by a data provider and includes:
[0202] The second acquisition module 702 is configured to acquire a business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes a first business pseudo-random number and a second business pseudo-random number.
[0203] The first sending module 704 is configured to send the first business pseudo-random number corresponding to each business data to the data query party;
[0204] The second receiving module 706 is configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first service pseudo-random number.
[0205] The encryption module 708 is configured to determine, based on the pseudo-random number to be queried, target business data and a second pseudo-random number corresponding to the target business data in the business data, encrypt the target business data, and obtain encrypted business data.
[0206] The second sending module 710 is configured to send the encrypted service data to the data querying party.
[0207] Another data processing apparatus provided in this application, applied to a data provider, includes: a second acquisition module configured to acquire a business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes a first business pseudo-random number and a second business pseudo-random number; a first sending module configured to send the first business pseudo-random number corresponding to each business data to a data querying party; a second receiving module configured to receive a query pseudo-random number returned by the data querying party based on the first business pseudo-random number, wherein the query pseudo-random number is determined based on the first pseudo-random number and the first business pseudo-random number; an encryption module configured to determine target business data and a second business pseudo-random number corresponding to the target business data in the business data based on the query pseudo-random number, encrypt the target business data, and obtain encrypted business data; and a second sending module configured to send the encrypted business data to the data querying party.
[0208] One embodiment of this application enables a concealed query for multiple data entries in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can use a pseudo-random number corresponding to its own data entry to query the corresponding data from the data provider. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0209] The above is an illustrative scheme of another data processing device according to this embodiment. It should be noted that the technical solution of this data processing device and the technical solution of the data processing method described above belong to the same concept. For details not described in detail in the technical solution of the data processing device, please refer to the description of the technical solution of the data processing method described above.
[0210] Figure 8 The diagram illustrates a structural block diagram of a data processing system according to an embodiment of this application, including: a data query party 802 and a data provider 804;
[0211] The data querying party 802 is configured to obtain at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number;
[0212] The data provider 804 is configured to obtain the business pseudo-random number corresponding to each business data, and send the first business pseudo-random number corresponding to each business data to the data query party 802, wherein the business pseudo-random number includes the first business pseudo-random number and the second business pseudo-random number.
[0213] The data querying party 802 is also configured to receive the first service pseudo-random number sent by the data provider 804, construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider 804.
[0214] The data provider 804 is further configured to receive a query pseudo-random number returned by the data query party 802 based on the first business pseudo-random number, determine the target business data and the second business pseudo-random number corresponding to the target business data in the business data based on the query pseudo-random number, encrypt the target business data to obtain encrypted business data, and send the encrypted business data to the data query party 802.
[0215] The data querying party 802 is also configured to receive the encrypted business data returned by the data provider 804 based on the pseudo-random number to be queried, and to obtain query results based on the encrypted business data.
[0216] In this embodiment, a hidden query for multiple data entries is achieved in a single operation. By expanding the query scope to a certain number of data entries, the data queryer eliminates the need for the transmission and computation of all business data, thus reducing communication and computational overhead. The data queryer can retrieve corresponding data from the data provider based on the pseudo-random number corresponding to their data entry. The data queryer cannot obtain any information other than the corresponding data, and the data provider cannot know the business data being queried by the data queryer.
[0217] Figure 9 A structural block diagram of a computing device 900 according to an embodiment of this application is shown. The components of the computing device 900 include, but are not limited to, a memory 910 and a processor 920. The processor 920 is connected to the memory 910 via a bus 930, and a database 950 is used to store data.
[0218] The computing device 900 also includes an access device 940, which enables the computing device 900 to communicate via one or more networks 960. Examples of these networks include a Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the Internet. The access device 940 may include one or more of any type of wired or wireless network interface (e.g., a Network Interface Card (NIC)), such as an IEEE 802.11 Wireless Local Area Network (WLAN) interface, a Wi-MAX interface, an Ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a Bluetooth interface, a Near Field Communication (NFC) interface, and so on.
[0219] In one embodiment of this application, the aforementioned components of the computing device 900 and Figure 9 Other components, not shown, can also be connected to each other, for example, via a bus. It should be understood that... Figure 9 The block diagram of the computing device shown is for illustrative purposes only and is not intended to limit the scope of this application. Those skilled in the art can add or replace other components as needed.
[0220] The computing device 900 can be any type of stationary or mobile computing device, including mobile computers or mobile computing devices (e.g., tablet computers, personal digital assistants, laptop computers, notebook computers, netbooks, etc.), mobile phones (e.g., smartphones), wearable computing devices (e.g., smartwatches, smart glasses, etc.) or other types of mobile devices, or stationary computing devices such as desktop computers or PCs. The computing device 900 can also be a mobile or stationary server.
[0221] The processor 920 implements the data processing method when executing the computer instructions.
[0222] The above is an illustrative scheme of a computing device according to this embodiment. It should be noted that the technical solution of this computing device and the technical solution of the data processing method described above belong to the same concept. For details not described in detail in the technical solution of the computing device, please refer to the description of the technical solution of the data processing method described above.
[0223] An embodiment of this application also provides a computer-readable storage medium storing computer instructions that, when executed by a processor, implement the steps of the data processing method described above.
[0224] The above is an illustrative scheme of a computer-readable storage medium according to this embodiment. It should be noted that the technical solution of this storage medium and the technical solution of the data processing method described above belong to the same concept. For details not described in detail in the technical solution of the storage medium, please refer to the description of the technical solution of the data processing method described above.
[0225] The foregoing has described specific embodiments of this application. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims may be performed in a different order than that shown in the embodiments and may still achieve the desired results. Furthermore, the processes depicted in the drawings do not necessarily require the specific or sequential order shown to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
[0226] The computer instructions include computer program code, which may be in the form of source code, object code, executable file, or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording media, USB flash drive, portable hard drive, magnetic disk, optical disk, computer memory, read-only memory (ROM), random access memory (RAM), electrical carrier signals, telecommunication signals, and software distribution media, etc. It should be noted that the content included in the computer-readable medium may be appropriately added to or subtracted according to the requirements of legislation and patent practice in the jurisdiction. For example, in some jurisdictions, according to legislation and patent practice, computer-readable media may not include electrical carrier signals and telecommunication signals.
[0227] It should be noted that, for the sake of simplicity, the foregoing method embodiments are all described as a series of actions. However, those skilled in the art should understand that this application is not limited to the described order of actions, as some steps may be performed in other orders or simultaneously according to this application. Furthermore, those skilled in the art should also understand that the embodiments described in the specification are preferred embodiments, and the actions and modules involved are not necessarily essential to this application.
[0228] In the above embodiments, the descriptions of each embodiment have different focuses. For parts not described in detail in a certain embodiment, please refer to the relevant descriptions in other embodiments.
[0229] The preferred embodiments disclosed above are merely illustrative of this application. The optional embodiments do not exhaustively describe all details, nor do they limit the invention to the specific implementations described. Clearly, many modifications and variations can be made based on the content of this application. These embodiments are selected and specifically described in this application to better explain the principles and practical applications of this application, thereby enabling those skilled in the art to better understand and utilize this application. This application is limited only by the claims and their full scope and equivalents.
Claims
1. A data processing method, characterized by, Applied to the data query side, including: Obtain at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number; The first service pseudo-random number is sent by the data provider, wherein the first service pseudo-random number is the first pseudo-random number corresponding to the service data; A queried pseudo-random number is constructed based on the first pseudo-random number and the first service pseudo-random number, and the queried pseudo-random number is sent to the data provider; The system receives encrypted business data returned by the data provider based on the pseudo-random number to be queried, and obtains query results based on the encrypted business data. Obtaining query results based on the encrypted business data includes: obtaining target encrypted data to be queried from the encrypted business data; the target encrypted data to be queried is determined based on business data corresponding to a first target pseudo-random number and a second business pseudo-random number; determining the target data to be queried and a target second pseudo-random number corresponding to the target data to be queried from the data to be queried; decrypting the target encrypted data to be queried in the encrypted business data based on the second target pseudo-random number; and obtaining the query results corresponding to the target data to be queried. The encrypted business data is determined based on the pseudo-random number to be queried and the second business pseudo-random number, wherein the second business pseudo-random number is the same as the second pseudo-random number.
2. The method as described in claim 1, characterized in that, Obtain the pseudo-random number corresponding to each piece of data to be queried, including: The pseudo-random number corresponding to each data to be queried is obtained based on a preset pseudo-random function.
3. The method as described in claim 1, characterized in that, Based on the first pseudo-random number and the first business pseudo-random number, a pseudo-random number to be queried is constructed, including: Based on the first pseudo-random number, a target first pseudo-random number is determined from the first service pseudo-random number; The pseudo-random number to be queried is constructed based on the target first pseudo-random number and the first business pseudo-random number.
4. The method as described in claim 3, characterized in that, Based on the first pseudo-random number, determining the target first pseudo-random number from the first service pseudo-random number includes: Compare the first pseudo-random number with the first business pseudo-random number; The target first pseudo-random number is determined based on the comparison results.
5. The method as described in claim 3, characterized in that, Constructing the queried pseudo-random number based on the target first pseudo-random number and the first business pseudo-random number includes: Obtain a random service pseudo-random number from the first service pseudo-random number; The pseudo-random number to be queried is constructed based on the random business pseudo-random number and the target first pseudo-random number.
6. The method as described in claim 5, characterized in that, Obtaining a random service pseudo-random number from the first service pseudo-random number includes: A reference first service pseudo-random number is determined based on the first pseudo-random number and the first service pseudo-random number; Based on a preset quantity, a corresponding random service pseudo-random number is selected from the reference first service pseudo-random number.
7. The method as described in claim 1, characterized in that, Obtaining the target encrypted data to be queried from the encrypted business data includes: Random encrypted data is determined from the encrypted business data; The random encrypted data is deleted from the encrypted business data to obtain the target encrypted data to be queried.
8. The method as described in claim 1, characterized in that, Based on the target second pseudo-random number, the encrypted business data is decrypted to obtain the query results corresponding to the target query data, including: Identify the target data to be decrypted from the encrypted business data; Based on the target second pseudo-random number, the target data to be decrypted is decrypted; If decryption is successful, the query result for the target data to be queried is determined; If decryption fails, the step of determining the target data to be decrypted in the encrypted business data is repeated.
9. A data processing method, characterized in that, Applied to data providers, including: Obtain the business pseudo-random number corresponding to each business data, wherein the business pseudo-random number includes a first business pseudo-random number and a second business pseudo-random number, the second business pseudo-random number is the same as the second pseudo-random number, the second pseudo-random number is determined according to the pseudo-random number corresponding to the data to be queried provided by the data query party, and the pseudo-random number includes the second pseudo-random number; Send the first pseudo-random number corresponding to each business data to the data query party; Receive the pseudo-random number to be queried returned by the data query party based on the first business pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first business pseudo-random number; Based on the pseudo-random number to be queried, target business data and a second pseudo-random number corresponding to the target business data are determined in the business data, and the target business data is encrypted to obtain encrypted business data. The encrypted business data is sent to the data query party.
10. A data processing system, characterized in that, include: Data queryer and data provider; The data querying party is configured to obtain at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number; The data provider is configured to obtain a business pseudo-random number corresponding to each business data, and send a first business pseudo-random number corresponding to each business data to the data query party. The business pseudo-random number includes a first business pseudo-random number and a second business pseudo-random number, and the second business pseudo-random number is the same as the second pseudo-random number. The data querying party is further configured to receive the first service pseudo-random number sent by the data provider, construct a pseudo-random number to be queried based on the first pseudo-random number and the first service pseudo-random number, and send the pseudo-random number to be queried to the data provider; The data provider is further configured to receive a pseudo-random number to be queried returned by the data querying party based on the first business pseudo-random number, determine the target business data and the second business pseudo-random number corresponding to the target business data in the business data based on the pseudo-random number to be queried, encrypt the target business data to obtain encrypted business data, and send the encrypted business data to the data querying party. The data querying party is further configured to receive the encrypted business data returned by the data provider based on the pseudo-random number to be queried, and to obtain query results based on the encrypted business data. Obtaining query results based on the encrypted business data includes: obtaining target encrypted data to be queried from the encrypted business data, wherein the target encrypted data to be queried is determined based on business data corresponding to a first target pseudo-random number and a second business pseudo-random number; determining the target data to be queried and a target second pseudo-random number corresponding to the target data to be queried from the data to be queried; decrypting the target encrypted data to be queried in the encrypted business data based on the second target pseudo-random number; and obtaining the query results corresponding to the target data to be queried.
11. A data processing apparatus, characterized in that, Applied to the data query side, including: The first acquisition module is configured to acquire at least one piece of data to be queried and a pseudo-random number corresponding to each piece of data to be queried, wherein the pseudo-random number includes a first pseudo-random number and a second pseudo-random number; The first receiving module is configured to receive a first service pseudo-random number sent by the data provider, wherein the first service pseudo-random number is a first pseudo-random number corresponding to the service data. The construction module is configured to construct a queried pseudo-random number based on the first pseudo-random number and the first business pseudo-random number, and send the queried pseudo-random number to the data provider; The query module is configured to receive encrypted business data returned by the data provider based on the pseudo-random number to be queried, and to obtain query results based on the encrypted business data. Obtaining query results based on the encrypted business data includes: obtaining target encrypted data to be queried from the encrypted business data; the target encrypted data to be queried is determined based on business data corresponding to a first target pseudo-random number and a second business pseudo-random number; determining the target data to be queried and a target second pseudo-random number corresponding to the target data to be queried from the data to be queried; decrypting the target encrypted data to be queried in the encrypted business data based on the second target pseudo-random number; and obtaining the query results corresponding to the target data to be queried. The encrypted business data is determined based on the pseudo-random number to be queried and the second business pseudo-random number, wherein the second business pseudo-random number is the same as the second pseudo-random number.
12. A data processing apparatus, characterized in that, Applied to data providers, including: The second acquisition module is configured to acquire a pseudo-random number corresponding to each business data. The pseudo-random number includes a first pseudo-random number and a second pseudo-random number. The second pseudo-random number is the same as the second pseudo-random number. The second pseudo-random number is determined based on the pseudo-random number corresponding to the data to be queried provided by the data query party. The pseudo-random number includes the second pseudo-random number. The first sending module is configured to send the first pseudo-random number corresponding to each business data to the data query party; The second receiving module is configured to receive a pseudo-random number to be queried returned by the data querying party based on the first service pseudo-random number, wherein the pseudo-random number to be queried is determined based on the first pseudo-random number and the first service pseudo-random number. The encryption module is configured to determine, based on the pseudo-random number to be queried, target business data and a second pseudo-random number corresponding to the target business data in the business data, encrypt the target business data, and obtain encrypted business data. The second sending module is configured to send the encrypted service data to the data query party.
13. A computing device, comprising a memory, a processor, and computer instructions stored in the memory and executable on the processor, characterized in that, When the processor executes the computer instructions, it implements the steps of the method according to any one of claims 1-8 or 9.
14. A computer-readable storage medium storing computer instructions, characterized in that, When executed by a processor, the computer instructions implement the steps of the method according to any one of claims 1-8 or 9.