+

CN117251884B - Data verification method and device - Google Patents

Data verification method and device Download PDF

Info

Publication number
CN117251884B
CN117251884B CN202311221782.7A CN202311221782A CN117251884B CN 117251884 B CN117251884 B CN 117251884B CN 202311221782 A CN202311221782 A CN 202311221782A CN 117251884 B CN117251884 B CN 117251884B
Authority
CN
China
Prior art keywords
data
polynomial
class ring
coefficients
tampered
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311221782.7A
Other languages
Chinese (zh)
Other versions
CN117251884A (en
Inventor
张玉安
孙烁
胡伯良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Haitai Fangyuan High Technology Co Ltd
Original Assignee
Beijing Haitai Fangyuan High Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Haitai Fangyuan High Technology Co Ltd filed Critical Beijing Haitai Fangyuan High Technology Co Ltd
Priority to CN202311221782.7A priority Critical patent/CN117251884B/en
Publication of CN117251884A publication Critical patent/CN117251884A/en
Application granted granted Critical
Publication of CN117251884B publication Critical patent/CN117251884B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本申请公开了一种数据验证方法及装置,该方法包括第一设备获取待验证的第一数据,将第一数据映射至剩余类环得到第一多项式。其中,第一多项式的系数为0或1。第一设备可以对第一多项进行m次幂运算获得第二多项式,并将第二多项式的部分系数或全部系数作为第一数据的摘要,再根据第一数据的摘要验证第一数据是否被篡改。也就是说,第一数据的摘要是根据第一数据在所述剩余类环上对应的多项式获得的,由于多项式方幂运算效率较高,因此,采用该方法可以提高数据摘要的生成效率,在批量数据处理过程中,可以提高检验数据是否被篡改的效率。

The present application discloses a data verification method and device, which includes a first device acquiring first data to be verified, mapping the first data to a residual class ring to obtain a first polynomial. The coefficient of the first polynomial is 0 or 1. The first device can perform an m-th power operation on the first polynomial to obtain a second polynomial, and use some or all of the coefficients of the second polynomial as a summary of the first data, and then verify whether the first data has been tampered with based on the summary of the first data. In other words, the summary of the first data is obtained based on the polynomial corresponding to the first data on the residual class ring. Since the efficiency of polynomial power operation is relatively high, this method can improve the efficiency of generating data summaries, and in the process of batch data processing, it can improve the efficiency of checking whether the data has been tampered with.

Description

Data verification method and device
Technical Field
The present application relates to the field of information security technologies, and in particular, to a data verification method and apparatus.
Background
The data digest is input by taking data with any length as a function, and calculates the data with fixed length, and is usually applied to the fields of data signature, data integrity verification, encryption sensitive information and the like because the process of generating the data digest is an irreversible process. The data digest algorithm is also referred to as a hash (hash) algorithm, a hashing algorithm, or a hashing algorithm.
The main characteristic of the data digest algorithm is that the generated data digest cannot realize reverse decryption. The same data is processed using the same data summarization algorithm, and the obtained data summarization is the same. In practical application, different data are processed by using the same data summarization algorithm, and different data summarizations are usually obtained, so in the technical field of information security, the data summarization algorithm can be used for verifying whether the data are tampered.
In the prior art, a scheme for verifying whether data is tampered is generally to generate a data digest of the data according to a data digest algorithm. The scheme of verifying whether the data is tampered by using the data summarization algorithm generally uses the same data summarization algorithm to perform summarization calculation on the data twice, if the data summarizations of the front and back two times are the same, the data is not tampered, and if the data summarizations of the front and back two times are different, the data is tampered. However, the efficiency of checking data is low due to the low operation efficiency of the data summarization algorithm in the prior art.
Disclosure of Invention
The embodiment of the application provides a data verification method and device, which are used for improving the efficiency of generating a data abstract, thereby improving the efficiency of verifying data.
In a first aspect, an embodiment of the present application provides a method for determining a data summary, including acquiring first data. Mapping the first data to the remaining class ring to obtain a first polynomial, wherein each element on the remaining class ring is a polynomial, the coefficient contained in any polynomial is 0 and/or 1, and the first polynomial is an element on the remaining class ring. Performing m-th power operation on the first polynomial to obtain a second polynomial, wherein m is a positive integer greater than 1; a digest of the first data is determined based on the coefficients of the second polynomial. And verifying whether the first data is tampered according to the digest of the first data.
By adopting the method, the abstract of the first data is obtained according to the polynomial corresponding to the first data on the residual class ring, and the efficiency of the operation of the polynomial Fang Mi is higher, so that the generation efficiency of the data abstract can be improved, and the efficiency of checking whether the data is tampered can be improved in the batch data processing process.
In one possible design, the summary of the first data includes some or all of the coefficients of the second polynomial.
By adopting the design, partial or all coefficients of the second polynomial are used as the abstract of the data, so that the data operation efficiency can be improved on the premise of ensuring the complexity of the abstract of the data.
In one possible design, the elements on the remaining class ring are determined according to a third polynomial, the degree of the third polynomial is greater than or equal to the length of the first data, and the third polynomial is a product of the plurality of polynomials.
By adopting the design, the first equipment can determine the third polynomial according to the maximum value of the data length of the data to be processed, and then construct the residual class ring according to the third polynomial, so that the polynomials corresponding to the data to be processed are all elements on the residual class ring.
In one possible design, m is determined based on the order of the remaining class ring, and m is a positive integer greater than 1.
In one possible design, m satisfies:
m=2L mod R;
Wherein R is the order of the remaining class ring, L is any positive integer and 2 L > R.
With this design, m determined from the remaining class ring order can be used to maintain the homomorphism of exclusive or addition between digest values obtained from this m.
In a second aspect, an embodiment of the present application provides a data summary determining apparatus, including:
And the communication module is used for acquiring the first data.
The processing module is used for mapping the first data to the remaining class ring to obtain a first polynomial, each element on the remaining class ring is a polynomial, coefficients contained in any polynomial are 0 and/or 1, and the first polynomial is an element on the remaining class ring.
And the processing module is used for performing m-degree power operation on the first polynomial to obtain a second polynomial, wherein m is a positive integer greater than 1.
And the processing module is also used for determining the abstract of the first data according to the coefficients of the second polynomial.
And the processing module is also used for verifying whether the first data is tampered according to the abstract of the first data.
In one possible design, the summary of the first data includes some or all of the coefficients of the second polynomial.
In one possible design, the elements on the remaining class ring are determined according to a third polynomial, the degree of the third polynomial is greater than or equal to the length of the first data, and the third polynomial is a product of the plurality of polynomials.
In one possible design, m is determined based on the order of the remaining class ring, and m is a positive integer greater than 1.
In one possible design, m satisfies:
m=2L mod R;
Wherein R is the order of the remaining class ring, L is any positive integer and 2 L > R.
In a third aspect, embodiments of the present application further provide a computer readable storage medium, in which a computer program is stored, which when executed by a processor, implements the method of the first and second aspects and any one of the designs thereof.
In a fourth aspect, embodiments of the present application also provide an electronic device, including a memory and a processor, where the memory stores a computer program executable on the processor, and when the computer program is executed by the processor, causes the processor to implement the methods of the first aspect and the second aspect and any one of the designs thereof.
The technical effects of the second aspect to the fourth aspect and any one of the designs thereof may be referred to as the technical effects of the corresponding designs in the first aspect, and will not be described herein.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a method for determining a data summary according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a data summary determining apparatus according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
For the purpose of promoting an understanding of the principles and advantages of the application, reference will now be made in detail to the drawings, in which embodiments of the application are illustrated, some but not all of which are illustrated. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Next, a method of verifying data will be described in connection with the related art.
In the prior art, in the field of information security technology, a scheme for verifying whether data is tampered is generally to verify whether the data is tampered according to a data summarization algorithm. For example, to verify whether the transmitted data is tampered, the data sender may generate a data digest of the data according to a data digest algorithm, and send the data and the data digest to the data receiver, and the data receiver may generate the data digest of the data according to the same data digest algorithm after receiving the data. If the calculated data abstract is the same as the received data abstract, the data is not tampered, and if the two data abstracts are different, the data is tampered. Although it can verify whether the data is tampered or not by adopting the method, in practical application, a large amount of data is often required to be verified, and the operation efficiency of the data summarization algorithm in the prior art is low, so that the efficiency of verifying the data is low.
In order to solve the technical defects, the application provides a data summary determining method and a data summary determining device. In the method, first equipment acquires first data to be verified, and maps the first data to the remaining class ring to obtain a first polynomial. Wherein the coefficients of the first polynomial are 0 or 1. The first device may perform an m-th power operation on the first polynomial to obtain a second polynomial, and use a part of coefficients or all coefficients of the second polynomial as a digest of the first data, and verify whether the first data is tampered according to the digest of the first data. That is, the digest of the first data is obtained according to the corresponding polynomial of the first data on the remaining class ring, and the efficiency of checking whether the data is tampered or not can be improved by adopting the method because the polynomial Fang Mi has higher operation efficiency. The first data in the present application may be a message, or may be a data unit exchanged and transmitted in a network, or may be other data information, which is not specifically limited in the present application. In addition, the first device may be a computer system, or may be a device for executing the method shown in the present application in a data device, such as a processor or a processing module, where the present application is not specifically limited.
Fig. 1 is a flow chart of a method for determining a data summary according to an embodiment of the present invention. Taking the first device as an execution body as an example, the process may include the following steps:
S101, the first device acquires first data.
Specifically, the first data may be data to be verified whether or not it is tampered with. The first device may obtain the first data by receiving the first data from the other device. For example, the present application further includes a data usage device, where the data usage device needs to determine whether the first data is tampered with before using the first data, and the data usage device may send the first data to the first device and send a request for verifying the first data to the first device. Accordingly, the first device receives first data from the data-using device and a request to authenticate the first data.
The first data may also be data stored by the first device itself. For example, the first device verifies whether the data stored in itself is tampered with after receiving the verification request. It is understood that the first data is any data among the data stored by the first device itself.
S102, the first device maps the first data to the remaining class rings to obtain a first polynomial. Wherein each element on the remaining class ring is a polynomial, any one of the polynomials comprises coefficients of 0 and/or 1, and the first polynomial is an element on the remaining class ring.
Specifically, the first device may map the first data to a polynomial residue class ring featuring 2 to obtain a first polynomial. The first device may map the first data to define a value a within the value domain and convert the value a to a binary number. Or the first device may map the first data directly to the binary number a in the defined value domain. Since each element on the remaining polynomial ring is a polynomial, and each polynomial includes coefficients of 0 and/or 1, the coefficients of each polynomial may form a binary number, that is, a binary number may correspond to a polynomial. Therefore, a polynomial corresponding to the binary number a can be used as the first polynomial. For example, the first device may map the first data to 5 and convert 5 to binary number 101 (or the first device may map the first data to binary number 101), then the polynomial with the coefficient equal to binary number 101 is 1*x 2 +0 x+1 x 1, i.e., the first polynomial is x 2 +1.
In addition, in order to ensure that the polynomials corresponding to all the values in the defined value range are polynomials on the remaining class ring, the defined value range may be determined according to the maximum value of the data length.
For example, the maximum value of the defined value range may be represented as M, the maximum value of the data length may be represented as N, and the maximum value of the defined value range and the maximum value of the data length satisfy:
M=2N-1;
If the maximum value of the data length is 20 bits, the maximum value of the defined value range is 1048575. I.e. the defined value range is [0,1048575].
In one or more embodiments, the elements on the remaining class ring are determined according to a third polynomial, the degree of the third polynomial is greater than or equal to the length of the first data, and the third polynomial is a product of the plurality of polynomials.
In particular, a maximum value of the data length may be determined from the entire data before determining the data digest. In order to ensure that the polynomials corresponding to all the data are elements on the remaining class ring, the degree of the third polynomial used for constructing the remaining class ring is greater than or equal to the maximum value of the bit length of the data to be processed. In addition, to ensure the quality of the abstract, the third polynomial in the present application is the product of a plurality of polynomials, and the third polynomial cannot be the primitive irreducible polynomial in GF (2) domain.
Based on this embodiment, the first device may determine a third polynomial according to a maximum value of the bit length of the data to be processed, and construct the remaining class ring according to the third polynomial. And the polynomial obtained by taking the modulus of the third polynomial by the product of any polynomial on the remaining class ring is still the polynomial on the remaining class ring. Therefore, the polynomials corresponding to the data to be processed are all elements on the remaining class ring.
For example, if the maximum value of the data length of the data to be processed is 20 bits, the degree of the polynomial (i.e., the third polynomial) used to construct the remaining class ring may be 20 or more than 20. Taking the example that the degree of the polynomial (i.e., the third polynomial) constructing the remaining class ring is equal to 20, the plurality of polynomials may be selected such that the product of the plurality of polynomials is the third polynomial. For example, three polynomials with degree 5, 7, and 8, respectively, may be selected for determining the third polynomial. I.e. three polynomials can be expressed as:
f1(x)=x5+x2+1;
f2(x)=x7+x6+1;
f3(x)=x8+x4+x3+x2+1。
the three polynomials are multiplied to obtain a third polynomial. The third polynomial may be denoted as F (x), then the third polynomial is:
F(x)=x20+x19+x17+x15+x14+x13+x12+x3+1。
The first device may construct a remaining class ring according to the third polynomial, where the remaining class ring may be represented as Z 2 [ x ]/(F (x)), and the remaining class ring is:
Z2[x]/(F(x))=Z2[x]/(x20+x19+x17+x15+x14+x13+x12+x3+1).
The coefficients of the polynomials included on the remaining class rings are 0 or 1, and the degree is less than 20.
In addition, after the product of any two polynomials on the remaining class ring is subjected to the modulus of F (x), the obtained polynomials are all polynomials on the remaining class ring. For example, taking two polynomials on the remaining class ring, polynomial x 14 +1 and polynomial x 8 +x, multiplying the two polynomials can obtain polynomial x 22+x15+x8 +x, and modeling the polynomial F (x) to obtain polynomial x 18+x14+x12+x8+x5+x4+x3+x2 +1.
S103, the first device performs m-degree power operation on the first polynomial to obtain a second polynomial. Wherein m is a positive integer greater than 1.
Specifically, after mapping the first data into the first polynomial, the first device may perform an m-th power operation on the first polynomial to obtain the second polynomial. For example, the first polynomial may be denoted as a (x), the second polynomial may be denoted as H (x), and the third polynomial as F (x), then the first and second polynomials satisfy:
H(x)=A(x)m mod F(x)。
where mod is a modulo operation.
Further, if a polynomial obtained by performing an r-th power operation on one polynomial on the remaining class ring is equal to the polynomial obtained by performing a modulus operation on F (x), wherein r is an integer greater than 1, then the smallest r is called as the order of the polynomial on the remaining class ring. I.e., a (x) =a (x) r. The order on the remaining class ring is the least common multiple of the order of all polynomials on the remaining class ring.
In one or more embodiments, m may be determined based on the order of the remaining class rings. Wherein m is a positive integer greater than 1.
In one or more embodiments, if the order of the remaining class ring may be represented as R, then m and the order of the remaining class ring satisfy:
m=2L mod R。
Wherein L is any positive integer and 2 L > R.
In the application, m can make m times of the sum of any two polynomials on the remaining class ring equal to the sum of m times of the two polynomials. For example, any two polynomials on the remaining class ring may be represented as a (x) and B (x), then the polynomials a (x) and B (x) satisfy:
(A(x)+B(x))m=A(x)m+B(x)m
And S104, the first device determines the abstract of the first data according to the coefficients of the second polynomial.
Specifically, the first device may use the coefficients of the second polynomial as the digest of the first data.
In one or more embodiments, the summary of the first data includes some or all of the coefficients of the second polynomial.
Specifically, the digest of the first data may be a part of coefficients of the second polynomial, and the digest of the first data may also be all coefficients of the second polynomial. It can be understood that if a part of coefficients of the second polynomial are taken as the abstract of the first data, a rule for obtaining the abstract can be set according to the requirement of the user. For example, the preset rule for obtaining the digest may be to take the first 128 bits of data of the second polynomial as the digest of the first data. Or the 128 bits of data after the second plurality is taken as the abstract of the first data. In addition, the present application may acquire the partial coefficients of the second plurality of terms in other manners, which will not be described in detail herein.
Illustratively, taking the summary of the first data as a partial coefficient of the second polynomial as an example:
Still taking the above example as an example, the remaining class ring is denoted as Z 2 [ x ]/(F (x)), where F (x) =x 20+x19+x17+x15+x14+x13+x12+x3 +1, and the order of the remaining class ring is 1003935, then m=2 20 mod1003935 = 44641. The preset rule for obtaining the abstract is to take the first 12 bits of data of the coefficients of the second polynomial as the abstract of the first data. If the first polynomial is denoted as x, the second polynomial is:
x44641 mod F(x)=x19+x18+x16+x15+x14+x12+x11+x10+x9+x8+x5+x4+x2.
Namely:
1*x19+1*x18+0*x17+1*x16+1*x15+1*x14+0*x13+1*x12+1*x11+1*x10+1*x9+1*x8+0*x7+0*x6+1*x5+1*x4+0*x3+1*x2+0*x1+0*x0.
The coefficients of the second polynomial are 11011101111100110100, and the summary of the data is obtained as hash (x) = 110111011111 according to the preset rule.
For another example, if the first polynomial is x 5 +1, the second polynomial is:
(x5+1)44641mod F(x)=x18+x17+x16+x14+x11+x8+x7+x6+x5+x+1.
Namely:
0*x19+1*x18+1*x17+1*x16+0*x15+1*x14+0*x13+0*x12+1*x11+0*x10+0*x9+1*x8+1*x7+1*x6+1*x5+0*x4+0*x3+0*x2+1*x1+1*x0.
The coefficient of the second polynomial is 01110100100111100011, and the summary of the data is obtained according to the preset rule as hash (x 5 +1) = 011101001001.
If the first polynomial is x 5 +x+1, the second polynomial is:
(x5+x+1)44641mod F(x)=x19+x17+x15+x12+x10+x9+x7+x6+x4+x2+x+1.
Namely:
1*x19+0*x18+1*x17+0*x16+1*x15+0*x14+0*x13+1*x12+0*x11+1*x10+0*x9+0*x8+1*x7+1*x6+0*x5+1*x4+0*x3+1*x2+1*x1+1*x0.
The coefficient of the second polynomial is 10101001011011010111, and the summary of the data is obtained according to the preset rule as hash (x 5 +x+1) = 101010010110.
Easy to verify, 110111011111 # -011101001001 = 101010010110;
and x × (x 5+1)=x5 +x+1).
The mapping demonstrates, (x, "(x 5+1))44641=(x5+x+1)44641=x44641⊕(x5+1)44641, i.e., hash (x) < Hash > (x 5+1)=Hash(x5 + x + 1).
It can be understood that in the application, a plurality of data are mapped to the rest class ring, and partial coefficients of the second polynomial corresponding to the calculated square powers are used as the abstracts of the data, and the homomorphism of exclusive or addition is kept between the abstracts of the data. For example, the polynomial corresponding to data 1 may be expressed as a (x), the polynomial corresponding to data 2 may be expressed as B (x), and then hash (a (x) ×b (x))=hash (a (x)) _hash (B (x)).
Taking the summary of the first data as all coefficients of the second polynomial as an example:
when the first polynomial is x, the coefficient of the second polynomial corresponding to the data is 11011101111100110100, and the abstract of the data is
hash(x)=11011101111100110100;
When the first polynomial is x 5 +1, the coefficient of the second polynomial corresponding to the data is 01110100100111100011, and the summary of the data is
hash(x5+1)=01110100100111100011;
When the first polynomial is x 5 +x+1, the coefficient of the second polynomial corresponding to the data is 10101001011011010111, and the summary of the data is
hash(x5+x+1)=10101001011011010111。
Due to
11011101111100110100⊕01110100100111100011=10101001011011010111,
And x × (x 5+1)=x5 +x+1).
The second polynomial is still (x is (x 5+1))44641=(x5+x+1)44641=x44641⊕(x5+1)44641, and Hash (x)) Hash (x 5+1)=Hash(x5 +x+1) when all coefficients are output.
It can be understood that in the application, multiple data are mapped to the rest class ring, and all coefficients of the second polynomial corresponding to the calculated square power are used as the abstracts of the data, so that the homomorphism of exclusive or addition is maintained between the abstracts of the data.
S105, the first device verifies whether the first data is tampered according to the digest of the first data.
Specifically, the first device may obtain a standard digest of the first data before verifying whether the first data is tampered with. The method for obtaining the standard abstract is the same as the method for obtaining the abstract of the first data, namely the first data is processed by adopting the same method. The standard digest may be one in which the first device receives digests from other devices. For example, the application also includes a second device that sends the first data to the first device and also sends a standard digest for verifying whether the first data has been tampered with to the first device. Accordingly, the first device accepts the first data and the standard digest from the second device. The standard digest may also be a digest that the first device generated prior to generating the digest of the first data. For example, the first device may generate the standard digest from the first data when the first data is first obtained.
The first device may verify whether the first data is tampered by judging whether the digest of the first data is identical to the standard digest. If the digest of the first data is the same as the standard digest, the first data is not tampered, and if the digest of the first data is different from the standard digest, the first data is tampered.
As can be seen from step S103, the homomorphism of exclusive or addition is maintained between the data digests obtained according to the method provided by the present application. Therefore, when whether a large amount of data is tampered needs to be verified, whether the large amount of data is tampered can be rapidly verified according to the homomorphism of exclusive OR addition between the data digests.
For example, it is necessary to verify whether data 1, data 2, data 3, and data 4 are tampered with. The polynomial corresponding to the data 1 is A, the standard digest of the data 1 is hash (A), the polynomial corresponding to the data 2 is B, the standard digest of the data 2 is hash (B), the polynomial corresponding to the data 3 is C, the standard digest of the data 3 is hash (C), the polynomial corresponding to the data 4 is D, and the standard digest of the data 4 is hash (D). Since homomorphism of exclusive or addition is maintained between the data digests, the first device only needs to calculate digests of exclusive or data 1, data 2, data 3 and data 4, namely, hash (a, B, C, D), and verify whether the data 1, data 2, data 3 and data 4 are tampered by comparing whether the hash (a, B, C, D) is identical to the hash (a), the hash (B), the hash (C), the hash (D). If hash (A #, B #, C #, D) is the same as hash (A), hash (B), hash (C), and data 1, data 2, and data 3 are not tampered with. If the hash (a # -B # -D) is different from the hash (a # -hash (B) and the hash (C) hash (D), it means that at least one of the data 1, the data 2, and the data 3 is tampered.
Further, if at least one of the plurality of data is tampered with, the tampered data can be determined by reducing the exclusive-or data. Taking the above case as an example, if hash (a # -B # -C # -D) is different from hash (a) # hash (B) # hash (C) # hash (D), then digests of exclusive-or data 1 and data 2 (i.e., hash (a #, B)) can be calculated, and digests of exclusive-or data 3 and data 4 (i.e., hash (C # -D)) can be calculated. By comparing whether the hash (a × B)) is identical to the hash (a) × hash (B), it is verified whether the data 1 and the data 2 are tampered with. By comparing whether the hash (C (D)) is identical to the hash (C) and whether the data 3 and the data 4 are tampered is verified. If the hash (a, B)) is different from the hash (a), the fact that at least one of the data 1 and the data 2 is tampered is indicated, the digest of the data 1 and the digest of the data 2 can be calculated respectively and compared with the corresponding standard digest respectively, and tampered data can be determined.
It can be understood that the operand of calculating exclusive or of a plurality of data is smaller than that of calculating a plurality of data digests, and the number of times of calculating the data digests can be reduced by verifying whether the plurality of data are tampered in the mode, so that the efficiency of verifying whether the plurality of data are tampered can be improved by adopting the method.
Based on the above and the same conception, the present application provides a data query device. Fig. 2 is a schematic block diagram of a data intersection determining apparatus according to an embodiment of the present application. The apparatus comprises a processing module 201 and a communication module 202.
The communication module 202 is configured to obtain the first data.
The processing module 201 is configured to map the first data to the remaining class ring to obtain a first polynomial, where each element on the remaining class ring is a polynomial, and any polynomial includes coefficients of 0 and/or 1, and the first polynomial is an element on the remaining class ring. The processing module 201 is configured to perform an m-th power operation on the first polynomial to obtain a second polynomial, where m is a positive integer greater than 1. The processing module 201 is further configured to determine a digest of the first data according to the coefficients of the second polynomial. The processing module 201 is further configured to verify whether the first data is tampered according to the digest of the first data.
In one possible design, the summary of the first data includes some or all of the coefficients of the second polynomial.
In one possible design, the elements on the remaining class ring are determined according to a third polynomial, the degree of the third polynomial is greater than or equal to the length of the first data, and the third polynomial is a product of the plurality of polynomials.
In one possible design, m is determined based on the order of the remaining class ring, and m is a positive integer greater than 1.
In one possible design, m satisfies:
m=2L mod R;
Wherein R is the order of the remaining class ring, L is any positive integer and 2 L > R.
Fig. 3 shows a schematic structural diagram of an electronic device according to an embodiment of the present application.
The electronic device in an embodiment of the application may comprise a processor 301. Processor 301 is the control center of the device and may connect the various parts of the device using various interfaces and lines by running or executing instructions stored in memory 303 and invoking data stored in memory 303. Alternatively, the processor 301 may include one or more processing units, and the processor 301 may integrate an application processor and a modem processor, wherein the application processor primarily processes an operating system and application programs, etc., and the modem processor primarily processes wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 301. In some embodiments, processor 301 and memory 303 may be implemented on the same chip, or they may be implemented separately on separate chips in some embodiments.
The processor 301 may be a general purpose processor such as a central processing unit (Central Processing Unit, CPU), digital signal processor, application specific integrated circuit, field programmable gate array or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, which may implement or perform the methods, steps and logic blocks disclosed in embodiments of the application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be performed directly by a hardware processor or by a combination of hardware and software modules in the processor.
In an embodiment of the present application, the memory 303 stores instructions executable by the at least one processor 301, and the at least one processor 301, by executing the instructions stored in the memory 303, may be used to perform the method steps disclosed in the embodiment of the present application.
The memory 303 is used as a non-volatile computer-readable storage medium for storing non-volatile software programs, non-volatile computer-executable programs, and modules. The Memory 303 may include at least one type of storage medium, and may include, for example, flash Memory, a hard disk, a multimedia card, card Memory, random access Memory (Random Access Memory, RAM), static random access Memory (Static Random Access Memory, SRAM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read-Only Memory (ROM), charged erasable programmable Read-Only Memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ-Only Memory, EEPROM), magnetic Memory, magnetic disk, optical disk, and the like. Memory 303 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 303 in embodiments of the present application may also be circuitry or any other device capable of implementing a memory function for storing program instructions and/or data.
In the embodiment of the application, the device may further include a communication interface 302, and the electronic device may transmit data through the communication interface 302.
Alternatively, the processing module 201 and/or the communication module 202 shown in fig. 2 may be implemented by the processor 301 (or the processor 301 and the communication interface 302) shown in fig. 3, that is, the actions of the processing module 201 and/or the communication module 202 may be performed by the processor 301 (or the processor 301 and the communication interface 302).
Based on the same inventive concept, embodiments of the present application also provide a computer-readable storage medium in which instructions may be stored, which when run on a computer, cause the computer to perform the operational steps provided by the above-described method embodiments. The computer readable storage medium may be the memory 303 shown in fig. 3.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (8)

1.一种数据验证方法,其特征在于,所述方法包括:1. A data verification method, characterized in that the method comprises: 获取第一数据;Acquire first data; 根据所述第一数据对应的数值确定剩余类环上的第一多项式,所述剩余类环上的各个元素均为多项式,任一多项式包含的系数为0和/或1,所述第一多项式的系数对应所述数值的二进制数;Determine a first polynomial on a residue class ring according to the value corresponding to the first data, wherein each element on the residue class ring is a polynomial, coefficients of any polynomial are 0 and/or 1, and the coefficients of the first polynomial correspond to the binary number of the value; 对所述第一多项式进行m次幂运算获得第二多项式,m为大于1的正整数;Performing an m-th power operation on the first polynomial to obtain a second polynomial, where m is a positive integer greater than 1; 所述m是根据所述剩余类环的阶数确定的,所述m满足:The m is determined according to the order of the residual class ring, and the m satisfies: m=2L mod R;m = 2 L mod R; 其中,所述R为所述剩余类环的阶数,所述L为任意正整数且2L>R;Wherein, R is the order of the residue class ring, L is any positive integer and 2 L >R; 根据所述第二多项式的系数确定所述第一数据的摘要;determining a summary of the first data based on coefficients of the second polynomial; 根据所述第一数据的摘要验证所述第一数据是否被篡改。Verify whether the first data has been tampered with according to the digest of the first data. 2.如权利要求1所述的方法,其特征在于,所述第一数据的摘要包括所述第二多项式的部分或全部系数。2. The method of claim 1, wherein the summary of the first data comprises some or all coefficients of the second polynomial. 3.如权利要求1或2所述的方法,其特征在于,所述剩余类环是根据第三多项式确定的,所述第三多项式的次数大于或等于所述第一数据的长度,且所述第三多项式为多个多项式的乘积。3. The method according to claim 1 or 2 is characterized in that the residual class ring is determined based on a third polynomial, the degree of the third polynomial is greater than or equal to the length of the first data, and the third polynomial is the product of multiple polynomials. 4.一种数据验证装置,其特征在于,所述装置包括:4. A data verification device, characterized in that the device comprises: 通信模块,用于获取第一数据;A communication module, used for acquiring first data; 处理模块,用于根据所述第一数据对应的数值确定剩余类环上的第一多项式,所述剩余类环上的各个元素均为多项式,任一多项式包含的系数为0和/或1,所述第一多项式的系数对应于所述数值的二进制数;A processing module, configured to determine a first polynomial on a residue class ring according to a numerical value corresponding to the first data, wherein each element on the residue class ring is a polynomial, coefficients of any polynomial are 0 and/or 1, and the coefficients of the first polynomial correspond to the binary number of the numerical value; 所述处理模块,还用于对所述第一多项式进行m次幂运算获得第二多项式,m为大于1的正整数;The processing module is further used to perform an m-th power operation on the first polynomial to obtain a second polynomial, where m is a positive integer greater than 1; 所述m是根据所述剩余类环的阶数确定的,所述m满足:The m is determined according to the order of the residual class ring, and the m satisfies: m=2L mod R;m = 2 L mod R; 其中,所述R为所述剩余类环的阶数,所述L为任意正整数且2L>R;Wherein, R is the order of the residue class ring, L is any positive integer and 2 L >R; 所述处理模块,还用于根据所述第二多项式的系数确定所述第一数据的摘要;The processing module is further used to determine a summary of the first data according to coefficients of the second polynomial; 所述处理模块,还用于根据所述第一数据的摘要验证所述第一数据是否被篡改。The processing module is further used to verify whether the first data has been tampered with according to the summary of the first data. 5.如权利要求4所述的装置,其特征在于,所述第一数据的摘要包括所述第二多项式的部分或全部系数。5. The apparatus of claim 4, wherein the summary of the first data comprises part or all of the coefficients of the second polynomial. 6.如权利要求4或5所述的装置,其特征在于,所述剩余类环上的各个元素是根据第三多项式确定的,所述第三多项式的次数大于或等于所述第一数据的长度,且所述第三多项式为多个多项式的乘积。6. The device as described in claim 4 or 5 is characterized in that each element on the residue class ring is determined according to a third polynomial, the degree of the third polynomial is greater than or equal to the length of the first data, and the third polynomial is the product of multiple polynomials. 7.一种电子设备,其特征在于,所述电子设备包括处理器,所述处理器用于执行存储器中存储的计算机程序时实现如权利要求1-3中任一所述方法的步骤。7. An electronic device, characterized in that the electronic device comprises a processor, and the processor is used to implement the steps of any one of the methods as claimed in claims 1 to 3 when executing a computer program stored in a memory. 8.一种计算机可读存储介质,其特征在于,其存储有计算机程序,所述计算机程序被处理器执行时实现如权利要求1-3中任一所述方法的步骤。8. A computer-readable storage medium, characterized in that it stores a computer program, and when the computer program is executed by a processor, the steps of the method according to any one of claims 1 to 3 are implemented.
CN202311221782.7A 2023-09-21 2023-09-21 Data verification method and device Active CN117251884B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311221782.7A CN117251884B (en) 2023-09-21 2023-09-21 Data verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311221782.7A CN117251884B (en) 2023-09-21 2023-09-21 Data verification method and device

Publications (2)

Publication Number Publication Date
CN117251884A CN117251884A (en) 2023-12-19
CN117251884B true CN117251884B (en) 2025-01-24

Family

ID=89132569

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311221782.7A Active CN117251884B (en) 2023-09-21 2023-09-21 Data verification method and device

Country Status (1)

Country Link
CN (1) CN117251884B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116502266A (en) * 2023-04-24 2023-07-28 西安电子科技大学 Verification method for block chain supervision zero knowledge proof based on homomorphic encryption

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008203548A (en) * 2007-02-20 2008-09-04 Oki Electric Ind Co Ltd Key generating method using quadric hyperbolic curve group, decoding method, signature verification method, key stream generating method and device
JP5790286B2 (en) * 2011-08-12 2015-10-07 ソニー株式会社 Information processing apparatus, signature generation apparatus, information processing method, signature generation method, and program
US10505710B2 (en) * 2014-12-22 2019-12-10 Koninklijke Philips N.V. Electronic calculating device
US11956370B2 (en) * 2021-06-23 2024-04-09 Blackberry Limited Method and system for digital signatures utilizing multiplicative semigroups
CN114445215A (en) * 2022-01-22 2022-05-06 深圳市领存技术有限公司 Asset certification method, device, equipment and computer readable storage medium
CN115296817B (en) * 2022-08-03 2023-04-21 北京航空航天大学 Data access control method based on block chain technology and attribute encryption

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116502266A (en) * 2023-04-24 2023-07-28 西安电子科技大学 Verification method for block chain supervision zero knowledge proof based on homomorphic encryption

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种基于整数多项式环上的非对称全同态加密方案;孙霓刚等;《现代电子技术》;20200301;第43卷(第5期);第86-91页 *

Also Published As

Publication number Publication date
CN117251884A (en) 2023-12-19

Similar Documents

Publication Publication Date Title
US8472621B2 (en) Protection of a prime number generation for an RSA algorithm
CN112152785A (en) XMSS hardware accelerator based on SHA2 and SHA3 combination
US20080279373A1 (en) Method and System for Electronically Securing an Electronic Device Using Physically Unclonable Functions
CN112152792A (en) MTS-based mutually authenticated remote attestation
US9219602B2 (en) Method and system for securely computing a base point in direct anonymous attestation
CN111064583B (en) Threshold SM2 digital signature method and device, electronic equipment and storage medium
CN114661318A (en) Efficient post-quantum security software updates customized for resource constrained devices
US8275126B2 (en) Apparatus and method for hash cryptography
US8509429B2 (en) Protection of a prime number generation against side-channel attacks
Yuksel Universal hashing for ultra-low-power cryptographic hardware applications
CN110611568B (en) Dynamic encryption and decryption method, device and equipment based on multiple encryption and decryption algorithms
CN114817931A (en) Terminal security protection method, device, equipment and medium based on star chain of trust
CN113193962A (en) SM2 digital signature generation and verifier based on lightweight modular multiplication
CN109981671B (en) Data processing method based on encryption machine and encryption machine
WO2025039447A1 (en) Electronic voting method and apparatus, and storage medium and electronic device
Karageorgos et al. Chip-to-chip authentication method based on SRAM PUF and public key cryptography
CN112737778B (en) Digital signature generation and verification method and device, electronic device and storage medium
CN113721986B (en) A data compression method, device, electronic equipment and storage medium
WO2025108040A1 (en) Data verification method and apparatus, and device and medium
CN117251884B (en) Data verification method and device
CN107223322A (en) The method, apparatus and system of signature verification
CN113922943B (en) SBOX circuit, calculation method and electronic equipment
US11616994B2 (en) Embedding information in elliptic curve base point
CN110266478A (en) A kind of information processing method, electronic equipment
CN102057620A (en) Method and apparatus for generating a signature for a message and method and apparatus for verifying such a signature

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: No. 611, 6th Floor, No. 9 Shangdi 9th Street, Haidian District, Beijing 100085

Patentee after: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY Co.,Ltd.

Country or region after: China

Address before: 100094 1-2 / F, Block E, international software building, building 9, Zhongguancun Software Park, 8 Dongbeiwang West Road, Haidian District, Beijing

Patentee before: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY Co.,Ltd.

Country or region before: China

CP03 Change of name, title or address
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载