| 摘要 |
The invention relates to a processing method, including the calculation of one function between a datum to be compared and a reference datum. The function can be written in the form of a sum of: a term that depends on the datum to be compared, a term that depends on the reference datum, and a polynomial, such that all the monomials of the polynomial include at least one coordinate of each datum. The method includes an initialization step including: generating masking data; scrambling reference data by means of a server unit on the basis of said masking data; and calculating, by means of a client unit, the term of the function that depends on the datum to be compared. The method also includes steps for executing the calculation of the function between the datum to be compared and the reference datum, indexed by an index c, during which: the client unit sends the coordinates of the datum to be compared to a secure component, which returns said datum, in a masked form, to said component; the client unit retrieves, from the server unit, the reference datum, indexed by the index c and scrambled by the masking data; and on the basis of the data obtained from the secure component and the server unit, the client unit calculates the sum of the term of the function that depends solely on the reference datum and the polynomial term and adds, to said sum, the term that depends on the datum to be compared, such as to obtain the result of the function. |
| 主权项 |
1. A method for secure processing of data, executed by a system (1) comprising a server-unit (10) holding N reference data (x1, . . . , xN), a client-unit (20) having a datum to be compared (y), and the index c of a datum of the base, and a secure component (30),
the method comprising calculation of a function (f) between the datum to be compared and at least one reference datum (xc) indexed by the index c, the function being of the type which can be expressed in the form of a sum:
of a term (f1) dependent only on the datum to be compared,of a term (f2) dependent only on the reference datum, andof a polynomial whereof the variables are the coordinates of the datum to be compared (y) and of the reference datum (xc) indexed by the index c, such that all the monomials of the polynomial comprise at least one coordinate of each datum, the method being characterized in that it comprises an initialisation step (1000) comprising:
generation (1100) of masking data by the server-unit (10), or jointly by the server-unit (10) and the secure component (30), such that masking data are held by the server-unit (10) and masking data are held by the secure component (30),integration (1200) of the secure component (30) into the client-unit (20),scrambling (1300) of reference data (x1, . . . , xN) by the server-unit from said masking data, andcalculation (1400), by the client-unit (20), of the term (f2) of the function dependent only on the datum (y) to be compared, and in that it further comprises steps for execution (2000) of calculation of the function between the datum (y) to be compared of the client-unit (20) and the reference datum (xc) indexed by the index c, during which:
the client-unit (20) sends (2100) the coordinates of the datum to be compared (y) to the secure component, which returns it masked from masking data which it holds,the client-unit retrieves (2200), from the server-unit, the reference datum indexed by the index c scrambled by the masking data, andfrom data obtained from the secure component and the server-unit, the client-unit calculates (2300) the sum of the term of the function dependent only on the reference datum and the polynomial term, and adds to said sum the term dependent only on the datum to be compared to obtain the result of the function. |
