密码学真的很头疼,不过工程中用起来似乎很简单;
记录下同态加密相关的东西;
定义
“A way to delegate processing of your data, without giving away access to it.”
利用同态加密保护数据私密性的想法最早在1978年由Ron Rivest, Leonard Adleman, Michael Dertouzos等人提出,它的主要思想是通过具有同态性质的加密函数对数据进行加密,从而可以在不对数据进行解密的条件下对已加密的数据进行任何在可以在明文上进行的运算,也就是说,可以对加密后的信息进行一系列复杂的运算和分析而不影响其保密性。
同态分类
简单来说,对于加密算法E,
a) 如果满足 E(A)+E(B)=E(A+B), 我们将这种加密函数叫做加法同态;
b) 如果满足 E(A)×E(B)=E(A×B) ,我们将这种加密函数叫做乘法同态;
c) 如果一个加密函数同时满足加法同态和乘法同态,称为全同态加密
同态加密算法
- 乘法同态:RSA算法;
- 加法同态:Paillier算法;
- 全同态:Gentry算法;
开源实现
Paillier算法使用举例
The Paillier Cryptosystem is an additive cryptosystem. This means that given two ciphertexts, one can perform operations equivalent to adding the respective plaintexts. Additionally, Paillier Cryptosystem supports further computations:
- Encrypted integers can be added together
- Encrypted integers can be multiplied by an unencrypted integer
- Encrypted integers and unencrypted integers can be added together
package main
import (
"crypto/rand"
"fmt"
"math/big"
"github.com/roasbeef/go-go-gadget-paillier"
)
func main() {
// Generate a 128-bit private key.
privKey, _ := paillier.GenerateKey(rand.Reader, 128)
// Encrypt the number "15".
m15 := new(big.Int).SetInt64(15)
c15, _ := paillier.Encrypt(&privKey.PublicKey, m15.Bytes())
// Encrypt the number "20".
m20 := new(big.Int).SetInt64(20)
c20, _ := paillier.Encrypt(&privKey.PublicKey, m20.Bytes())
// Add the encrypted integers 15 and 20 together.
plusM16M20 := paillier.AddCipher(&privKey.PublicKey, c15, c20)
decryptedAddition, _ := paillier.Decrypt(privKey, plusM16M20)
fmt.Println("Result of 15+20 after decryption: ",
new(big.Int).SetBytes(decryptedAddition).String()) // 35!
// Add the encrypted integer 15 to plaintext constant 10.
plusE15and10 := paillier.Add(&privKey.PublicKey, c15, new(big.Int).SetInt64(10).Bytes())
decryptedAddition, _ = paillier.Decrypt(privKey, plusE15and10)
fmt.Println("Result of 15+10 after decryption: ",
new(big.Int).SetBytes(decryptedAddition).String()) // 25!
// Multiply the encrypted integer 15 by the plaintext constant 10.
mulE15and10 := paillier.Mul(&privKey.PublicKey, c15, new(big.Int).SetInt64(10).Bytes())
decryptedMul, _ := paillier.Decrypt(privKey, mulE15and10)
fmt.Println("Result of 15*10 after decryption: ",
new(big.Int).SetBytes(decryptedMul).String()) // 150!
}
运行结果:
Result of 15+20 after decryption: 35
Result of 15+10 after decryption: 25
Result of 15*10 after decryption: 150