A privacy protection method and system for online disease diagnosis data

By employing a dual-server model and homomorphic encryption technology, the problem of data leakage in online disease-assisted diagnosis systems has been solved, enabling secure data transmission and reliable verification of results, thereby improving computational efficiency and privacy protection.

CN117521131BActive Publication Date: 2026-06-23QINGHAI UNIVERSITY

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
QINGHAI UNIVERSITY
Filing Date
2023-11-03
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

In machine learning-based online disease diagnosis systems, patient personal information, medical diagnosis results, and machine learning models are easily leaked, leading to privacy and security risks.

Method used

A dual-server model is adopted, using homomorphic encryption to generate model and request encryption parameters. Prediction protocol processing is performed through a trusted end, a user end, and two cloud servers to ensure that data is transmitted and processed in an encrypted state. The consistency of the prediction results is verified by the user end to determine whether the data has been tampered with.

Benefits of technology

It improves the security of data transmission, protects patient privacy, reduces user interaction with the server, and enhances computational efficiency and the reliability of prediction results.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN117521131B_ABST
    Figure CN117521131B_ABST
Patent Text Reader

Abstract

The application relates to an online disease diagnosis data privacy protection method and system, which comprises the following steps: a trusted end generates model encryption parameters; a user end generates request encryption parameters; a model providing end generates a prediction model; the prediction model is encrypted by using the model encryption parameters to obtain a secret state prediction model; the user end generates request information, the request information is encrypted by using the request encryption parameters to obtain secret state request information; two cloud servers respectively execute a preset prediction protocol processing by using the secret state prediction model and the secret state request information to obtain two secret state prediction results; the two secret state prediction results are respectively decrypted by the user end, and the two decrypted secret state prediction results are verified to determine whether the two secret state prediction results are tampered with; in the whole prediction process, patient personal information, prediction results and machine learning model data are in an encrypted state, and the data security is improved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of computer information security technology, specifically to a method and system for protecting the privacy of online disease diagnosis data. Background Technology

[0002] With the development of machine learning and medical data analysis technologies, online disease-assisted diagnosis technology based on machine learning models has been widely applied. For example, a medical diagnostic service provider trains a diagnostic model using existing clinical data and then deploys it into an online disease-assisted diagnosis system. Users can then use this system to determine if they have a particular disease. Users simply submit a query request to the system, containing their symptom records. The system takes the user's symptom records as input, runs a classifier, and finally returns the classifier's output as the diagnostic result to the user.

[0003] However, deploying machine learning models in cloud computing environments to assist in disease diagnosis may raise data security concerns. On one hand, the machine learning models themselves contain data about historical medical records and patient personal information, which are trade secrets of medical institutions and involve patient privacy. This means that this data could potentially be exposed to cloud servers or other users. On the other hand, when users request diagnostic services, they provide data about their symptoms and physiological indicators; this data is also highly sensitive, and user data can easily be accessed by cloud servers and other users.

[0004] Therefore, when using cloud computing to provide machine learning-based medical diagnostic services, it may lead to the leakage of patient personal information, medical diagnostic results, and machine learning models to the platform or other users, posing risks to patient privacy and security. Summary of the Invention

[0005] To address the technical problems of data leakage, such as the leakage of patient personal information, medical diagnosis results, and machine learning models, which pose risks to patient privacy and security in existing technologies, this invention provides a method and system for protecting the privacy of online disease diagnosis data.

[0006] The technical solution of the present invention to solve the above-mentioned technical problems is as follows:

[0007] A method for protecting the privacy of online disease diagnosis data includes the following steps:

[0008] Generate model encryption parameters based on homomorphic encryption methods within a trusted endpoint;

[0009] Generate request encryption parameters on the user side based on homomorphic encryption method;

[0010] Generate predictive models based on machine learning methods within the model provider;

[0011] The prediction model is encrypted using the model encryption parameters within the model providing end to obtain a dense-state prediction model;

[0012] The request information is generated by the user client and encrypted using the request encryption parameters to obtain the encrypted request information.

[0013] A first dense state prediction result is obtained by performing a preset prediction protocol on the dense state prediction model and the dense state request information through a first cloud server; and a second dense state prediction result is obtained by performing a preset prediction protocol on the dense state prediction model and the dense state request information through a second cloud server.

[0014] The user terminal decrypts the first encrypted prediction result and the second encrypted prediction result respectively to obtain the first plaintext prediction result and the second plaintext prediction result. By verifying the consistency between the first plaintext prediction result and the second plaintext prediction result, it is determined whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with.

[0015] The beneficial effects of this invention are as follows: Employing a dual-server model, users only need to upload processed input data to two servers and wait for the servers to return the prediction results. No additional interaction with the servers is required, thus relieving user stress. Homomorphic encryption is used to process user input, making it invisible to the cloud server. Throughout the prediction process, patient information, prediction results, and machine learning models are all encrypted, improving the security of cloud diagnostic data.

[0016] Based on the above technical solution, the present invention can be further improved as follows.

[0017] Furthermore, the model encryption parameters include a first public-private key and a second public-private key.

[0018] Furthermore, when generating model encryption parameters based on homomorphic encryption methods within the trusted endpoint, the following steps are also included:

[0019] A first random number and a second random number are generated within the trusted endpoint; wherein the first random number and the second random number are both integers, and both the first random number and the second random number are within the plaintext fields of the first public-private key and the second public-private key;

[0020] Within the trusted terminal, hash operations are performed on the first random number and the second random number respectively to obtain the first hash value and the second hash value.

[0021] Furthermore, the prediction model is encrypted using the model encryption parameters within the model providing end to obtain a dense-state prediction model, including the following steps:

[0022] A first model random number and a second model random number are generated within the model providing end. Both the first model random number and the second model random number are integers, and both the first model random number and the second model random number are within the plaintext fields of the first public-private key and the second public-private key.

[0023] Based on the additive secret sharing method, the prediction model is encrypted and split using the first model random number to obtain the first sub-secret and the second sub-secret;

[0024] Based on the additive secret sharing method, the prediction model is encrypted and split using the second model random number to obtain the third sub-secret and the fourth sub-secret;

[0025] The first sub-secret is encrypted using the public key in the first public-private key, resulting in the first encrypted sub-secret;

[0026] Calculate the sum of the fourth sub-secret and the second hash value to obtain the first sum value;

[0027] The first sum value is encrypted using the public key in the first public-private key to obtain the fourth cryptographic sub-secret;

[0028] Calculate the sum of the second sub-secret and the first hash value to obtain the second sum value;

[0029] The second sum value is encrypted using the public key in the second public-private key to obtain the second cryptographic sub-secret;

[0030] The third sub-secret is encrypted using the public key in the second public-private key to obtain the third encrypted sub-secret; wherein, the first encrypted sub-secret, the second encrypted sub-secret, the third encrypted sub-secret, and the fourth encrypted sub-secret constitute the encrypted state prediction model.

[0031] Furthermore, the request encryption parameters include a third public / private key; generating request information through the user terminal and encrypting the request information using the request encryption parameters to obtain encrypted request information includes the following steps:

[0032] The request information is generated through the user terminal;

[0033] The request information is encrypted using the public key of the third public-private key to obtain the encrypted request information.

[0034] Further, the first secret state prediction result is obtained by performing a preset prediction protocol processing on the secret state prediction model and the secret state request information through the first cloud server; and the second secret state prediction result is obtained by performing a preset prediction protocol processing on the secret state prediction model and the secret state request information through the second cloud server, including the following steps:

[0035] Within the first cloud server, the first encrypted sub-secret is decrypted using the private key of the first public-private key, and the product of the decrypted first encrypted sub-secret and the encrypted request information is calculated to obtain the first encrypted calculation result; simultaneously, the fourth encrypted sub-secret is decrypted using the private key of the first public-private key, and the product of the decrypted fourth encrypted sub-secret and the encrypted request information is calculated to obtain the fourth encrypted calculation result.

[0036] Within the second cloud server, the second encrypted sub-secret is decrypted using the private key of the second public-private key, and the product of the decrypted second encrypted sub-secret and the encrypted request information is calculated to obtain the second encrypted calculation result; simultaneously, the third encrypted sub-secret is decrypted using the private key of the second public-private key, and the product of the decrypted third encrypted sub-secret and the encrypted request information is calculated to obtain the third encrypted calculation result;

[0037] The fourth secret state calculation result in the first cloud server is sent to the second cloud server; at the same time, the second secret state calculation result in the second cloud server is sent to the first cloud server.

[0038] Within the first cloud server, based on the homomorphic encryption algorithm, the product of the first encrypted state calculation result and the second encrypted state calculation result is calculated to obtain the first encrypted state blinding result; wherein, the first encrypted state blinding result is the first encrypted state prediction result;

[0039] Within the second cloud server, based on the homomorphic encryption algorithm, the product of the third encrypted state calculation result and the fourth encrypted state calculation result is calculated to obtain the second encrypted state blinding result; wherein, the second encrypted state blinding result is the second encrypted state prediction result.

[0040] Furthermore, by decrypting the first encrypted prediction result and the second encrypted prediction result through the user terminal respectively, the first plaintext prediction result and the second plaintext prediction result are obtained accordingly. The consistency between the first plaintext prediction result and the second plaintext prediction result is verified to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with, including the following steps:

[0041] Within the user terminal, the first encrypted state blinding result and the second encrypted state blinding result are decrypted using the private key of the third public-private key, respectively, to obtain the first plaintext blinding value and the second plaintext blinding value.

[0042] Within the user terminal, the first hash value is used to remove the blinded value of the first plaintext blinding value to obtain the first plaintext prediction result; the first hash value is used to remove the blinded value of the second plaintext blinding value to obtain the second plaintext prediction result.

[0043] When the first plaintext prediction result is consistent with the second plaintext prediction result, it is determined that the first secret state prediction result and / or the second secret state prediction result have not been tampered with; when the first plaintext prediction result is inconsistent with the second plaintext prediction result, it is determined that the first secret state prediction result and / or the second secret state prediction result have been tampered with.

[0044] Further, within the user terminal, the first hash value is used to remove the blinded value of the first plaintext blinding value to obtain a first plaintext prediction result; the first hash value is used to remove the blinded value of the second plaintext blinding value to obtain a second plaintext prediction result, including the following steps:

[0045] Calculate the product of the first hash value and the request information to obtain the first blinding value;

[0046] Calculate the product of the second hash value and the request information to obtain the second blinding value;

[0047] Subtracting the first blinding value from the first plaintext blinding value yields the first plaintext prediction result; subtracting the second blinding value from the second plaintext blinding value yields the second plaintext prediction result.

[0048] Furthermore, the homomorphic encryption method is specifically the Paillier encryption method.

[0049] To address the aforementioned technical problems, the present invention also provides a privacy protection system for online disease diagnosis data.

[0050] A privacy protection system for online disease diagnosis data includes a trusted terminal, a user terminal, a model provider terminal, a first cloud server, and a second cloud server;

[0051] The trusted terminal is used to generate model encryption parameters based on the homomorphic encryption method;

[0052] The user terminal is used to generate request encryption parameters based on the homomorphic encryption method;

[0053] The model provider is used to generate a prediction model based on machine learning methods; and to encrypt the prediction model using the model encryption parameters to obtain a dense-state prediction model.

[0054] The user terminal is also used to generate request information and encrypt the request information using the request encryption parameters to obtain encrypted request information;

[0055] The first cloud server is used to perform preset prediction protocol processing on the dense state prediction model and the dense state request information to obtain a first dense state prediction result;

[0056] The second cloud server is used to perform preset prediction protocol processing on the dense state prediction model and the dense state request information to obtain a second dense state prediction result;

[0057] The user terminal is further configured to decrypt the first encrypted prediction result and the second encrypted prediction result respectively to obtain the first plaintext prediction result and the second plaintext prediction result, and to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with by verifying the consistency between the first plaintext prediction result and the second plaintext prediction result. Attached Figure Description

[0058] Figure 1 This is a flowchart illustrating a method for protecting the privacy of online disease diagnosis data in an embodiment of the present invention.

[0059] Figure 2 This is a schematic diagram of the structure of an online disease diagnosis data privacy protection system according to an embodiment of the present invention. Detailed Implementation

[0060] The principles and features of the present invention are described below with reference to the accompanying drawings. The examples given are only for explaining the present invention and are not intended to limit the scope of the present invention.

[0061] The Paillier encryption in this invention is explained as follows:

[0062] Paillier encryption is a probabilistic public-key encryption algorithm invented by Paillier in 1999. It is based on the difficult problem of composite residues. This encryption algorithm is homomorphic, satisfying the homomorphism of addition and scalar multiplication.

[0063] like Figure 1 As shown, this embodiment provides a method for protecting the privacy of online disease diagnosis data, including the following steps:

[0064] S1. Generate model encryption parameters within a trusted endpoint based on homomorphic encryption;

[0065] Specifically, generating model encryption parameters based on homomorphic encryption within the trusted endpoint includes the following steps:

[0066] S101. Generate a first public-private key (PK1, SK1) and a second public-private key (PK2, SK2) within the trusted terminal based on a homomorphic encryption method; wherein, the model encryption parameters include the first public-private key (PK1, SK1) and the second public-private key (PK2, SK2); PK1 represents the public key of the first public-private key (PK1, SK1), and SK1 represents the private key of the first public-private key (PK1, SK1); PK2 represents the public key of the second public-private key (PK2, SK2), and SK2 represents the private key of the second public-private key (PK2, SK2); PK1 = (N1, g1), PK2 = (N2, g2), N1 and N2 represent the plaintext field corresponding to the first public-private key (PK1, SK1) and the plaintext field corresponding to the second public-private key (PK2, SK2), respectively, and g1 and g2 are both random numbers that satisfy the Paillier algorithm requirements in the homomorphic encryption method.

[0067] S102, the trusted terminal generates a first random number R1 and a second random number R2; wherein, the first random number R1 and the second random number are both integers, and the first random number R1 is within the plaintext domain of the first public-private key and the second public-private key, i.e., R1∈Z. N The second random number is within the plaintext domain of the first public-private key and the second public-private key, i.e., R2∈Z. N N represents the intersection of the plaintext fields corresponding to the first public-private key (PK1, SK1) and the plaintext fields corresponding to the second public-private key (PK2, SK2), and Z represents the intersection of the plaintext fields corresponding to the first public-private key (PK1, SK1) and the second public-private key (PK2, SK2). N Represents all integers in the plaintext field N;

[0068] S103, the trusted terminal performs hash operations on the first random number R1 and the second random number R2 respectively to obtain the first hash value a and the second hash value b.

[0069] The specific calculation formula is as follows:

[0070] a = H(R1), b = H(R2);

[0071] Where H(R1) represents the hash function corresponding to the first random number R1, and H(R2) represents the hash function corresponding to the second random number R2.

[0072] S2. Generate request encryption parameters on the user side based on homomorphic encryption method;

[0073] Specifically, the request encryption parameters are generated on the user's end based on a homomorphic encryption method. The specific steps are as follows: the user's end generates a third public-private key (PK key) based on a homomorphic encryption method. U SK U ), where PK U This represents the third public-private key (PK).U SK U ) public key, SK U This represents the third public-private key (PK). U SK U ) private key.

[0074] S3. Generate a prediction model based on machine learning methods within the model provider;

[0075] Specifically, the model provider generates the prediction model using w; w = (w1, w2, ..., w n The prediction model w contains multiple sub-models, w1, w2, ..., w n These represent the various sub-models in the prediction model W. Each sub-model can be represented by w. i Let represent , where i∈[1,n], and n represents the number of sub-models in the prediction model w.

[0076] S4. Encrypt the prediction model using the model encryption parameters in the model providing end to obtain the dense state prediction model.

[0077] Specifically, the prediction model is encrypted using the model encryption parameters within the model providing end to obtain a dense-state prediction model, including the following steps:

[0078] S401, The model provider generates two model random numbers; wherein, the two model random numbers are respectively the first model random number R. i And the second model random number R′ i The first model random number R i and the second model random number R′ i All are integers, and the first model's random number R i Within the plaintext domains of the first and second public / private keys, the second model random number R′ i Within the plaintext fields of the first public / private key and the second public / private key; specifically represented as R i ∈Z N , R′ i ∈Z N .

[0079] S402, Based on the additive secret sharing method, using the first model random number R i The prediction model is encrypted and split to obtain the first sub-secret. <w i >1 and the second child secret <w i >2; Two secret shares are generated based on additive secret sharing, and the two secret shares are represented as follows:

[0080] <w i >1=(wi -R i )mod N, <w i >2=R i ;

[0081] Here, mod represents the modulo operation.

[0082] S403, Based on the additive secret sharing method, using the random number R′ of the second model. i The prediction model is encrypted and split to obtain the third sub-secret. <w i >′1 and the fourth child's secret <w i >′2; the specific calculation formula is as follows:

[0083] <w i >′1=(w i -R′ i )mod N, <w i >′2=R′ i .

[0084] S404. Encrypt the first sub-secret using the public key PK1 in the first public-private key (PK1, SK1). <w i >1, obtain the secret of the first encryption sub-sub-secret The calculation formula is as follows:

[0085]

[0086] E( <w i >1) indicates that the first sub-secret <w i Encryption functions with a value greater than 1.

[0087] S405, Determine the fourth sub-secret. <w i The sum of >′2 and the second hash value b yields the first sum value;

[0088] The first sum is encrypted using the public key PK1 from the first public-private key (PK1, SK1). <w i >′2+b, we obtain the secret of the fourth encryption sub-sub-secret. The specific calculation formula is as follows:

[0089]

[0090] E( <w i >′2+b) represents the encryption function for the first sum value.

[0091] S406, Seeking the Secret of the Second Son <w i The sum of 2 and the first hash value a yields the second sum value;

[0092] The second sum is encrypted using the public key PK2 from the second public-private key (PK2, SK2). <w i >2+a, yielding the secret of the second encryption sub-sub-secret. The specific formula is expressed as follows:

[0093]

[0094] Among them, E( <w i >2+a) represents the encryption function for the second sum value.

[0095] S407. Encrypt the third sub-secret using the public key PK2 in the second public-private key (PK2, SK2). <w i >′1, obtain the secret of the third encryption sub-sub-secret The specific formula is expressed as follows:

[0096]

[0097] Among them, E( <w i >′1) represents the third child secret. <w i The encryption function of >′1.

[0098] S408, Secret of the first encryption sub-sub ... and the fourth cryptographic sub-secret It is assigned to the first cloud server.

[0099] S409, the second encryption sub-secret and the third cryptographic secret It is assigned to the second cloud server.

[0100] S5. Generate request information through the user terminal, and encrypt the request information using the request encryption parameters to obtain encrypted request information;

[0101] The process involves generating request information via the user's client and encrypting the request information using the request encryption parameters to obtain encrypted request information, including the following steps:

[0102] S501. The user terminal generates the request information x; wherein, the request information x includes multiple parameter information, namely multiple physical symptom information or indicators, etc., and the formula for representing the request information x is as follows:

[0103] x = (x1, x2, ..., x) n x1 represents the first parameter in request information x, x2 represents the second parameter in request information x, and x n This represents the nth parameter in the request information x; each parameter in x can be represented by x. i It means that, where x iThis represents the i-th parameter in the request information x; each parameter in the request information x corresponds one-to-one with multiple sub-models in the prediction model W, that is, the first sub-model w1 corresponds to the first parameter x1 in the request information x; the first sub-model W2 corresponds to the first parameter x2 in the request information x; the n-th sub-model w n The nth parameter x in the corresponding request information x n .

[0104] S502, using the third public / private key (PK) U SK U ) public key PK U Encrypt the request information x to obtain the encrypted request information; specifically, encrypt all parameters x in the request information x. i Encryption is performed, and each encrypted parameter x i Represented as

[0105] The specific formula is expressed as follows:

[0106] Wherein, E(x) i ) represents the parameter x i The encryption function.

[0107] S503. The encrypted request information x is sent to the first cloud server and the second cloud server respectively.

[0108] S6. A first dense state prediction result is obtained by performing a preset prediction protocol processing on the dense state prediction model and the dense state request information through a first cloud server; and a second dense state prediction result is obtained by performing a preset prediction protocol processing on the dense state prediction model and the dense state request information through a second cloud server.

[0109] Specifically, the first secret state prediction result is obtained by performing a preset prediction protocol processing on the secret state prediction model and the secret state request information through a first cloud server; and the second secret state prediction result is obtained by performing a preset prediction protocol processing on the secret state prediction model and the secret state request information through a second cloud server, including the following steps:

[0110] S601, the first cloud server uses the private key SK1 of the first public-private key (PK1, SK1) to decrypt the first encrypted sub-secret. And calculate the decrypted first encryption sub-secret. With the aforementioned secret request information The product of these two factors yields the result of the first dense state calculation.

[0111] S602, the first cloud server uses the private key SK1 of the first public-private key (PK1, SK1) to decrypt the fourth encrypted sub-secret. And calculate the decrypted fourth encryption sub-secret. With the aforementioned secret request information The product of these factors yields the result of the fourth dense state calculation.

[0112] S603, The second cloud server uses the private key SK2 of the second public-private key (PK2, SK2) to decrypt the second encrypted sub-secret. And calculate the decrypted second encryption sub-secret. With the aforementioned secret request information The product of these two factors yields the result of the second dense state calculation.

[0113] S604. The second cloud server uses the private key SK2 of the second public-private key (PK2, SK2) to decrypt the third encrypted sub-secret. And calculate the decrypted third encryption sub-secret. With the aforementioned secret request information The product of these factors yields the result of the third dense state calculation.

[0114] S605, The first cloud server will calculate the fourth secret state result. Send it to the second cloud server.

[0115] S606, The second cloud server will use the second secret state calculation result. Send it to the first cloud server.

[0116] S607. Based on the homomorphic encryption algorithm, calculate the result of the first encrypted state. The result of the second dense state calculation The product of these two values ​​yields the first dense-state blinding result.

[0117] S608. Based on the homomorphic encryption algorithm, calculate the result of the third encrypted state. The calculation result of the fourth dense state The product of these two values ​​yields the result of the second dense-state blinding.

[0118] For each The decryption yields the following formula:

[0119] in, express The decryption function.

[0120] For each The decryption yields the following formula:

[0121] express The decryption function.

[0122] Obtain the sub-secret of the plaintext state <w i >1. <w i >′2+b,i∈{1,n}.

[0123] Using the vector dot product formula w·x=w1x1+w2x2+…+w n x n The process involves multiplying each element of a vector and then summing the results. For a ciphertext vector and a plaintext vector, the inner product is calculated. Based on the homomorphism of the Paillier encryption algorithm, for a plaintext and a ciphertext, the multiplication on the plaintext can be equivalently calculated using the following formula:

[0124] Here, m1 and m2 represent two parameters in the decryption function.

[0125] Therefore, the equivalent calculation formula for decrypting each element in the vector is as follows:

[0126]

[0127] This transforms into a third public key PK. U The plaintext is encrypted, and then the addition is performed on the corresponding plaintext. According to the homomorphic encryption formula of the Paillier encryption algorithm, D(E(m1)E(m2))=m1+m2modn, the first cloud server needs to calculate:

[0128]

[0129]

[0130] Similarly, the second cloud server needs to perform calculations:

[0131]

[0132]

[0133] Using the additive homomorphism of Paillier's algorithm:

[0134]

[0135] This is equivalent to restoring the previous addition cipher sharing under ciphertext.

[0136] Specifically, the formula for calculating the first dense-state blinding result on the first cloud server is as follows:

[0137]

[0138] The formula for calculating the second dense-state blinding result on the second cloud server is as follows:

[0139]

[0140] S609, The first cloud server will blind the first dense state result. Send to the user terminal;

[0141] S610, The second cloud server will blind the second dense state result. Send to the user's client.

[0142] S7. The first encrypted prediction result and the second encrypted prediction result are decrypted by the user terminal to obtain the first plaintext prediction result and the second plaintext prediction result. The consistency between the first plaintext prediction result and the second plaintext prediction result is verified to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with.

[0143] Specifically, the user terminal decrypts the first encrypted prediction result and the second encrypted prediction result to obtain the corresponding first plaintext prediction result and second plaintext prediction result. The consistency between the first plaintext prediction result and the second plaintext prediction result is verified to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with. This includes the following steps:

[0144] S701, the user terminal uses the third public / private key (PK) U SK U ) private key SK U Decrypt the first dense state blinding result respectively and the results of the second dense-state blinding The corresponding first illiteracy value A and second illiteracy value B are obtained; the specific calculation formula is as follows:

[0145]

[0146]

[0147] The decryption function represents the result of the first dense-state blinding. This represents the decryption function for the blinding result of the second dense state.

[0148] S702, the user terminal uses the first hash value a to remove the blinding value of the first plaintext blinding value A to obtain a first plaintext prediction result; it uses the first hash value b to remove the blinding value of the second plaintext blinding value B to obtain a second plaintext prediction result; wherein, the two plaintext prediction results are the first plaintext prediction result and the second plaintext prediction result, respectively; wherein, the first hash value a used by the user terminal is obtained using a third public-private key (PK). U SK U ) private key SK U Decrypt the first ciphertext hash value The second hash value 'b' used by the user terminal is obtained using the third public-private key (PK). U SK U ) private key SK U Decrypt the second ciphertext hash value We obtain; and the first ciphertext hash value. The model provider uses a third public-private key (PK) U SK U ) public key PK U The first hash value 'a' is encrypted to obtain the second ciphertext hash value. The model provider uses a third public-private key (PK) U SK U ) public key PK U The second hash value b is obtained by encryption.

[0149] Specifically, the user terminal uses the first hash value a to remove the blinding value of the first plaintext blinding value A to obtain the first plaintext prediction result; and uses the first hash value b to remove the blinding value of the second plaintext blinding value B to obtain the second plaintext prediction result, including the following steps:

[0150] The first blinding value a is obtained by multiplying the first hash value a by the request information; the specific calculation formula is as follows:

[0151] The second hash value b is multiplied by the request information to obtain the second blinding value bx; the specific calculation formula is as follows:

[0152] Subtracting the first blinding value ax from the first plaintext blinding value A yields the first plaintext prediction result C. A The specific calculation formula is: C A =A-ax=wx.

[0153] Subtracting the second blinding value bx from the second plaintext blinding value B yields the second plaintext prediction result C. B The specific calculation formula is: CB =B-bx=wx.

[0154] S703, when the first plaintext prediction result C A Compared with the second plaintext prediction result C B If they are consistent, then it is determined that the first secret state prediction result and / or the second secret state prediction result have not been tampered with; when the first plaintext prediction result C... A Compared with the second plaintext prediction result C B If there is a discrepancy, then the prediction result of the first dense state and / or the prediction result of the second dense state are determined. Specifically, if C A =C B If the prediction is correct, it means that the first dense state prediction result and / or the second dense state prediction result have not been tampered with. Otherwise, the prediction result is unreliable, and it can also mean that the first dense state prediction result and / or the second dense state prediction result have been tampered with.

[0155] This invention employs a dual-server model, where users only need to upload processed input data to two servers and wait for the diagnostic results. No additional interaction with the servers is required, thus relieving user stress. By integrating Paillier homomorphic encryption and additive secret sharing technologies, compared to schemes using pure homomorphic encryption, it not only significantly improves computational efficiency but also provides excellent privacy protection for user input data and the machine learning model owned by the model provider. Throughout the prediction process, patient information, prediction results, and machine learning model data are all encrypted, enhancing the security of cloud diagnostics. Users can verify the prediction results through the client-side by simply removing the blinding factor from the results returned by both servers and comparing the two results to verify correctness, thus improving the reliability of the prediction results.

[0156] like Figure 2 As shown, in some other embodiments, a privacy protection system for online disease diagnosis data is also provided, including a trusted terminal, a user terminal, a model provider terminal, a first cloud server, and a second cloud server.

[0157] The trusted terminal is used to generate model encryption parameters based on a homomorphic encryption method; the user terminal is used to generate request encryption parameters based on a homomorphic encryption method; the model provider is used to generate a prediction model based on a machine learning method; and encrypt the prediction model using the model encryption parameters to obtain a secret prediction model; the user terminal is also used to generate request information and encrypt the request information using the request encryption parameters to obtain secret request information; the first cloud server is used to perform preset prediction protocol processing on the secret prediction model and the secret request information to obtain a first secret prediction result; the second cloud server is used to perform preset prediction protocol processing on the secret prediction model and the secret request information to obtain a second secret prediction result.

[0158] The user terminal is further configured to decrypt the first encrypted prediction result and the second encrypted prediction result respectively to obtain the first plaintext prediction result and the second plaintext prediction result, and to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with by verifying the consistency between the first plaintext prediction result and the second plaintext prediction result.

[0159] For doctors, this system provides a predictive result for reference, improving their judgment efficiency. Simultaneously, because the system employs verifiable privacy protection technology, it maximizes the protection of patient privacy, thereby enhancing the hospital's credibility. For patients, this system helps them better understand their health status, promptly identify potential health problems, and thus take effective preventative and treatment measures. Furthermore, because the system uses verifiable privacy protection methods, user privacy is well protected; users can confidently upload their health data for outcome prediction without worrying about privacy leaks.

[0160] The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., made within the concept and principles of the present invention should be included within the protection scope of the present invention.

Claims

1. A method for protecting the privacy of online disease diagnosis data, characterized in that, Includes the following steps: Generate model encryption parameters based on homomorphic encryption methods within a trusted endpoint; Generate request encryption parameters on the user side based on homomorphic encryption method; Generate predictive models based on machine learning methods within the model provider; The prediction model is encrypted using the model encryption parameters within the model providing end to obtain a dense-state prediction model; The request information is generated by the user client and encrypted using the request encryption parameters to obtain the encrypted request information. The first cloud server processes the dense state prediction model and the dense state request information using a preset prediction protocol to obtain the first dense state prediction result. The second cloud server processes the dense state prediction model and the dense state request information using a preset prediction protocol to obtain the second dense state prediction result. The user terminal decrypts the first encrypted prediction result and the second encrypted prediction result respectively to obtain the first plaintext prediction result and the second plaintext prediction result. By verifying the consistency between the first plaintext prediction result and the second plaintext prediction result, it is determined whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with. The model encryption parameters include a first public-private key and a second public-private key; When generating model encryption parameters based on homomorphic encryption methods within a trusted endpoint, the following steps are also included: A first random number and a second random number are generated within the trusted endpoint; wherein the first random number and the second random number are both integers, and both the first random number and the second random number are within the plaintext fields of the first public-private key and the second public-private key; Within the trusted terminal, hash operations are performed on the first random number and the second random number respectively to obtain the first hash value and the second hash value. The prediction model is encrypted using the model encryption parameters within the model provider to obtain a dense-state prediction model, including the following steps: A first model random number and a second model random number are generated within the model providing end. Both the first model random number and the second model random number are integers, and both the first model random number and the second model random number are within the plaintext fields of the first public-private key and the second public-private key. Based on the additive secret sharing method, the prediction model is encrypted and split using the first model random number to obtain the first sub-secret and the second sub-secret; Based on the additive secret sharing method, the prediction model is encrypted and split using the second model random number to obtain the third sub-secret and the fourth sub-secret; The first sub-secret is encrypted using the public key in the first public-private key, resulting in the first encrypted sub-secret; Calculate the sum of the fourth sub-secret and the second hash value to obtain the first sum value; The first sum value is encrypted using the public key in the first public-private key to obtain the fourth cryptographic sub-secret; Calculate the sum of the second sub-secret and the first hash value to obtain the second sum value; The second sum value is encrypted using the public key in the second public-private key to obtain the second cryptographic sub-secret; The third sub-secret is encrypted using the public key in the second public-private key to obtain the third encrypted sub-secret; wherein, the first encrypted sub-secret, the second encrypted sub-secret, the third encrypted sub-secret, and the fourth encrypted sub-secret constitute the encrypted state prediction model.

2. The method for protecting the privacy of online disease diagnosis data according to claim 1, characterized in that, The request encryption parameters include a third public / private key; the process involves generating request information via the user terminal and encrypting the request information using the request encryption parameters to obtain encrypted request information, including the following steps: The request information is generated through the user terminal; The request information is encrypted using the public key of the third public-private key to obtain the encrypted request information.

3. The method for protecting the privacy of online disease diagnosis data according to claim 2, characterized in that, The process involves processing the dense-state prediction model and the dense-state request information using a preset prediction protocol on a first cloud server to obtain a first dense-state prediction result; and processing the dense-state prediction model and the dense-state request information using a second cloud server to obtain a second dense-state prediction result, including the following steps: Within the first cloud server, the first encrypted sub-secret is decrypted using the private key of the first public-private key, and the product of the decrypted first encrypted sub-secret and the encrypted request information is calculated to obtain the first encrypted calculation result; simultaneously, the fourth encrypted sub-secret is decrypted using the private key of the first public-private key, and the product of the decrypted fourth encrypted sub-secret and the encrypted request information is calculated to obtain the fourth encrypted calculation result. Within the second cloud server, the second encrypted sub-secret is decrypted using the private key of the second public-private key, and the product of the decrypted second encrypted sub-secret and the encrypted request information is calculated to obtain the second encrypted calculation result; simultaneously, the third encrypted sub-secret is decrypted using the private key of the second public-private key, and the product of the decrypted third encrypted sub-secret and the encrypted request information is calculated to obtain the third encrypted calculation result; The fourth secret state calculation result in the first cloud server is sent to the second cloud server; at the same time, the second secret state calculation result in the second cloud server is sent to the first cloud server. Within the first cloud server, based on the homomorphic encryption algorithm, the product of the first encrypted state calculation result and the second encrypted state calculation result is calculated to obtain the first encrypted state blinding result; wherein, the first encrypted state blinding result is the first encrypted state prediction result; Within the second cloud server, based on the homomorphic encryption algorithm, the product of the third encrypted state calculation result and the fourth encrypted state calculation result is calculated to obtain the second encrypted state blinding result; wherein, the second encrypted state blinding result is the second encrypted state prediction result.

4. The method for protecting the privacy of online disease diagnosis data according to claim 3, characterized in that, The user terminal decrypts the first encrypted prediction result and the second encrypted prediction result to obtain the corresponding first plaintext prediction result and second plaintext prediction result. The consistency between the first plaintext prediction result and the second plaintext prediction result is verified to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with. This process includes the following steps: Within the user terminal, the first encrypted state blinding result and the second encrypted state blinding result are decrypted using the private key of the third public-private key, respectively, to obtain the first plaintext blinding value and the second plaintext blinding value. Within the user terminal, the first hash value is used to remove the blinded value of the first plaintext blinded value to obtain the first plaintext prediction result; The first hash value is used to remove the blinded value of the second plaintext blinded value to obtain the second plaintext prediction result; When the first plaintext prediction result is consistent with the second plaintext prediction result, it is determined that the first secret state prediction result and / or the second secret state prediction result have not been tampered with. When the first plaintext prediction result is inconsistent with the second plaintext prediction result, it is determined that the first secret state prediction result and / or the second secret state prediction result has been tampered with.

5. The method for protecting the privacy of online disease diagnosis data according to claim 4, characterized in that, Within the user terminal, the first hash value is used to remove the blinded value of the first plaintext blinding value to obtain a first plaintext prediction result; the first hash value is used to remove the blinded value of the second plaintext blinding value to obtain a second plaintext prediction result, including the following steps: Calculate the product of the first hash value and the request information to obtain the first blinding value; Calculate the product of the second hash value and the request information to obtain the second blinding value; Subtract the first blinding value from the first plaintext blinding value to obtain the first plaintext prediction result; Subtracting the second blinding value from the second plaintext blinding value yields the second plaintext prediction result.

6. The method for protecting the privacy of online disease diagnosis data according to any one of claims 1 to 5, characterized in that, The homomorphic encryption method is specifically the Paillier encryption method.

7. A privacy protection system for online disease diagnosis data, characterized in that, This includes the trusted end, the user end, the model provider end, the first cloud server, and the second cloud server; The trusted terminal is used to generate model encryption parameters based on the homomorphic encryption method; The user terminal is used to generate request encryption parameters based on the homomorphic encryption method; The model provider is used to generate a prediction model based on machine learning methods; and to encrypt the prediction model using the model encryption parameters to obtain a dense-state prediction model. The user terminal is also used to generate request information and encrypt the request information using the request encryption parameters to obtain encrypted request information; The first cloud server is used to perform preset prediction protocol processing on the dense state prediction model and the dense state request information to obtain a first dense state prediction result; The second cloud server is used to perform preset prediction protocol processing on the dense state prediction model and the dense state request information to obtain a second dense state prediction result; The user terminal is also used to decrypt the first encrypted prediction result and the second encrypted prediction result respectively to obtain the first plaintext prediction result and the second plaintext prediction result, and to determine whether the first encrypted prediction result and / or the second encrypted prediction result has been tampered with by verifying the consistency between the first plaintext prediction result and the second plaintext prediction result. The model encryption parameters include a first public-private key and a second public-private key; When generating model encryption parameters based on homomorphic encryption methods within a trusted endpoint, the following steps are also included: A first random number and a second random number are generated within the trusted endpoint; wherein the first random number and the second random number are both integers, and both the first random number and the second random number are within the plaintext fields of the first public-private key and the second public-private key; Within the trusted terminal, hash operations are performed on the first random number and the second random number respectively to obtain the first hash value and the second hash value. The prediction model is encrypted using the model encryption parameters within the model provider to obtain a dense-state prediction model, including the following steps: A first model random number and a second model random number are generated within the model providing end. Both the first model random number and the second model random number are integers, and both the first model random number and the second model random number are within the plaintext fields of the first public-private key and the second public-private key. Based on the additive secret sharing method, the prediction model is encrypted and split using the first model random number to obtain the first sub-secret and the second sub-secret; Based on the additive secret sharing method, the prediction model is encrypted and split using the second model random number to obtain the third sub-secret and the fourth sub-secret; The first sub-secret is encrypted using the public key in the first public-private key, resulting in the first encrypted sub-secret; Calculate the sum of the fourth sub-secret and the second hash value to obtain the first sum value; The first sum value is encrypted using the public key in the first public-private key to obtain the fourth cryptographic sub-secret; Calculate the sum of the second sub-secret and the first hash value to obtain the second sum value; The second sum value is encrypted using the public key in the second public-private key to obtain the second cryptographic sub-secret; The third sub-secret is encrypted using the public key in the second public-private key to obtain the third encrypted sub-secret; wherein, the first encrypted sub-secret, the second encrypted sub-secret, the third encrypted sub-secret, and the fourth encrypted sub-secret constitute the encrypted state prediction model.