Search

US-12621121-B2 - Data management method and apparatus using homomorphic encryption lookup table

US12621121B2US 12621121 B2US12621121 B2US 12621121B2US-12621121-B2

Abstract

Disclosed is a data management method and apparatus. The data management method includes: obtaining a hash value of a key by using a predetermined hash function for each of a plurality of data in which the key matches a data value, sorting the plurality of data in which the key is changed to the hash value of the key based on the obtained hash value, classifying the plurality of sorted data into a plurality of groups according to a predetermined criterion; encoding the plurality of data classified into the plurality of groups, and generating a lookup table based on a predetermined hash value included in each of the plurality of classified groups.

Inventors

  • Junbum SHIN
  • Jung Woo Kim
  • Sumin Lee
  • Seewoo Lee

Assignees

  • CRYPTO LAB INC.

Dates

Publication Date
20260505
Application Date
20231103
Priority Date
20221107

Claims (16)

  1. 1 . A data management method comprising: obtaining a hash value of a key by using a predetermined hash function for each of a plurality of data in which the key matches a data value; sorting the plurality of data in which the key is changed to the hash value of the key based on the obtained hash value; classifying the plurality of sorted data into a plurality of groups according to a predetermined criterion; encoding the plurality of data classified into the plurality of groups; and generating a lookup table based on a predetermined hash value included in each of the plurality of classified groups, after generating the lookup table, receiving a data retrieval query from an external apparatus; obtaining a hash value of the data retrieval query from the received data retrieval query by using the predetermined hash function; encoding the obtained hash value of the data retrieval query; and obtaining a corresponding data value based on the encoded hash value of the data retrieval query, wherein in the obtaining of the data value, one of the plurality of groups is determined based on the obtained hash value of the data retrieval query and the hash values of the keys included in the lookup table.
  2. 2 . The data management method as claimed in claim 1 , further comprising encrypting the plurality of encoded data.
  3. 3 . The data management method as claimed in claim 1 , wherein in the classifying of the plurality of sorted data into the plurality of groups, the plurality of data are classified based on the hash value or the number of hash values.
  4. 4 . The data management method as claimed in claim 1 , a homomorphic ciphertext file being configured to store a plurality of homomorphic ciphertexts in a plurality of slots, wherein in the encoding, bits of a hash value of each of the plurality of data are divided into a predetermined number, and the divided bits are allocated to each slot of the plurality of slots.
  5. 5 . The data management method as claimed in claim 1 , wherein in the generating of the lookup table, obtaining a first hash value included in a last position within a preset group among the plurality of groups, obtaining a second hash value included in a foremost position within a group next to the preset group, and generating the lookup table including any one of the obtained first hash value and the obtained second hash value.
  6. 6 . The data management method as claimed in claim 1 , a homomorphic ciphertext file being configured to store a plurality of homomorphic ciphertexts in a plurality of slots, wherein in the obtaining of the data value, bits of the hash value of the data retrieval query are divided into a predetermined number, the divided bits are allocated to each slot of the plurality of slots, and bits of a slot to which the hash value of the data retrieval query is allocated are compared with bits of a slot to which the hash value of each of the plurality of data included in a determined group is allocated by using a homomorphic encryption comparison operation on a slot-by-slot basis.
  7. 7 . The data management method as claimed in claim 6 , wherein in the obtaining of the data value, in a case where the bits of the slot to which the hash value of the data retrieval query is allocated coincide with the bits of the slot to which the hash value of the data included in the determined group is allocated, a comparison result value of 1 is obtained, and in a case where an AND operation result value obtained by performing an AND operation on the comparison result value obtained from each slot is 1 , the data value is obtained by multiplying a data value matching the hash value of the key by the AND operation result value.
  8. 8 . An electronic apparatus comprising: a communication interface; and a processor, wherein the processor is configured to obtain a hash value of a key by using a predetermined hash function for each of a plurality of data in which the key matches a data value, sort the plurality of data in which the key is changed to the hash value of the key based on the obtained hash value, classify the plurality of sorted data into a plurality of groups according to a predetermined criterion, encode the plurality of data classified into the plurality of groups, and generate a lookup table based on a predetermined hash value included in each of the plurality of classified groups, the processor is configured to control the communication interface to receive a data retrieval query from an external apparatus, after generating the lookup table, obtain a hash value of the data retrieval query from the received data retrieval query by using the predetermined hash function, encode the obtained hash value of the data retrieval query, and obtain a corresponding data value based on the encoded hash value of the data retrieval query, wherein the processor is configured to determine one of the plurality of groups based on the obtained hash value of the data retrieval query and the hash values of the keys included in the lookup table.
  9. 9 . The electronic apparatus as claimed in claim 8 , wherein the processor is configured to encrypt the plurality of encoded data.
  10. 10 . The electronic apparatus as claimed in claim 8 , wherein the processor is configured to classify the plurality of data based on the hash value or the number of hash values.
  11. 11 . The electronic apparatus as claimed in claim 8 , a homomorphic ciphertext file being configured to store a plurality of homomorphic ciphertexts in a plurality of slots, and wherein the processor is configured to divide bits of a hash value of each of the plurality of data into a predetermined number and allocate the divided bits to each slot of the plurality of slots.
  12. 12 . The electronic apparatus as claimed in claim 8 , wherein the processor is configured to obtain a first hash value included in a last position within a preset group among the plurality of groups, to obtain a second hash value included in a foremost position within a group next to the preset group, and to generate the lookup table including any one of the obtained first hash value and the obtained second hash value.
  13. 13 . The electronic apparatus as claimed in claim 8 , a homomorphic ciphertext file being configured to store a plurality of homomorphic ciphertexts in a plurality of slots, and wherein the processor is configured to divide bits of the hash value of the data retrieval query into a predetermined number, allocate the divided bits to each slot of the plurality of slots, and compare bits of a slot to which the hash value of the data retrieval query is allocated with bits of a slot to which the hash value of each of the plurality of data included in a determined group is allocated by using a homomorphic encryption comparison operation on a slot-by-slot basis.
  14. 14 . The electronic apparatus as claimed in claim 13 , wherein the processor is configured to obtain a comparison result value of 1 in a case where the bits of the slot to which the hash value of the data retrieval query is allocated coincide with the bits of the slot to which the hash value of the data included in the determined group is allocated, and is configured to obtain the data value by multiplying a data value matching the hash value of the key by an AND operation result value in a case where the AND operation result value obtained by performing an AND operation on the comparison result value obtained from each slot is 1.
  15. 15 . A non-transitory computer-readable recording medium which includes a program for executing a method for data management wherein the method includes: obtaining a hash value of a key by using a predetermined hash function for each of a plurality of data in which the key matches a data value; sorting the plurality of data in which the key is changed to the hash value of the key based on the obtained hash value; classifying the plurality of sorted data into a plurality of groups according to a predetermined criterion; encoding the plurality of data classified into the plurality of groups; and generating a lookup table based on a predetermined hash value included in each of the plurality of classified groups, after generating the lookup table, receiving a data retrieval query from an external apparatus; obtaining a hash value of the data retrieval query from the received data retrieval query by using the predetermined hash function; encoding the obtained hash value of the data retrieval query; and obtaining a corresponding data value based on the encoded hash value of the data retrieval query, wherein in the obtaining of the data value, one of the plurality of groups is determined based on the obtained hash value of the data retrieval query and the hash values of the keys included in the lookup table.
  16. 16 . The non-transitory computer-readable recording medium as claimed in claim 15 , wherein in the classifying of the plurality of sorted data into the plurality of groups, the plurality of data are classified based on the hash value or the number of hash values.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS The present application claims priority to Korean Patent Application No. 10-2022-0147353 filed on Nov. 7, 2022, and Korean Patent Application No. 10-2022-0174208 filed on Dec. 13, 2022, the disclosures of all of which are incorporated herein by reference in their entirety. BACKGROUND Field Apparatuses and methods consistent with the disclosure relate to a data management method and apparatus, and more particularly, to a data management method and apparatus using a homomorphic encryption lookup table for easily retrieving data corresponding to a query. Description of the Related Art There is an increasing demand for collecting and managing data scattered in various information providing organizations using an integrated database management system. For information protection, the system may manage an encrypted database by using a method such as homomorphic encryption. In general, a decryption process for whole data is required to retrieve data according to a client's request. However, there is a problem in that data decrypted for retrieval may be exposed to external risks. A homomorphic encryption technology may be applied to enable data retrieval in an encrypted state to protect data from external risks. However, a retrieval method using an existing homomorphically encrypted lookup table has difficulty in reducing a retrievable range while guaranteeing safety of 128-bit or more. In addition, the retrieval method using the homomorphically encrypted lookup table has a problem in that a retrieval time linearly increases as the number of records in the lookup table increases. SUMMARY The disclosure provides a data management method and apparatus using a homomorphic encryption lookup table for quickly retrieving encrypted data regardless of a type of an encrypted query. According to an embodiment of the disclosure, a data management method includes: obtaining a hash value of a key by using a predetermined hash function for each of a plurality of data in which the key matches a data value; sorting the plurality of data in which the key is changed to the hash value of the key based on the obtained hash value; classifying the plurality of sorted data into a plurality of groups according to a predetermined criterion; encoding the plurality of data classified into the plurality of groups; and generating a lookup table based on a predetermined hash value included in each of the plurality of classified groups. The data management method may further include encrypting the plurality of encoded data. In the classifying of the plurality of sorted data into the plurality of groups, the plurality of data may be classified based on the hash value or the number of hash values. In the encoding, bits of a hash value of each of the plurality of data may be divided into a predetermined number, and the divided bits may be allocated to each slot. In the generating of the lookup table, obtaining a first hash value included in the last position within a preset group among the plurality of groups, obtaining a second hash value included in the foremost position within a group next to the preset group, and generating the lookup table including any one of the obtained first hash value and the obtained second hash value. The data management method may further include: receiving a data retrieval query from an external apparatus; obtaining a hash value of the retrieval query from the received retrieval query by using the predetermined hash function; encoding the obtained hash value of the retrieval query; and obtaining a corresponding data value based on the encoded hash value of the retrieval query. In the obtaining of the data value, one of the plurality of groups may be determined based on the obtained hash value of the retrieval query and the hash values of the keys included in the lookup table. In the obtaining of the data value, bits of the hash value of the retrieval query may be divided into a predetermined number, the divided bits may be allocated to each slot, and bits of a slot to which the hash value of the retrieval query is allocated may be compared with bits of a slot to which the hash value of each of the plurality of data included in the determined group is allocated by using a homomorphic encryption comparison operation on a slot-by-slot basis. In the obtaining of the data value, in a case where the bits of the slot to which the hash value of the retrieval query is allocated coincide with the bits of the slot to which the hash value of the data included in the determined group is allocated, a comparison result value of 1 may be obtained, and in a case where an AND operation result value obtained by performing an AND operation on the comparison result value obtained from each slot is 1, the data value may be obtained by multiplying a data value matching the hash value of the data by the AND operation result value. According to an embodiment of the disclosure, an electronic apparatus inc