CN113139205B

CN113139205B - Secure computing method, general computing engine, device for secure computing and secure computing system

Info

Publication number: CN113139205B
Application number: CN202110369562.3A
Authority: CN
Inventors: 王国赛; 张登辉; 李艺; 王一帆
Original assignee: Huakong Tsingjiao Information Technology Beijing Co Ltd
Current assignee: Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority date: 2021-04-06
Filing date: 2021-04-06
Publication date: 2022-02-01
Anticipated expiration: 2041-04-06
Also published as: CN113139205A

Abstract

The embodiment of the invention provides a secure computing method, a general computing engine, a device for secure computing and a secure computing system. The method comprises the following steps: obtaining a safe computing task, wherein the privacy computation in the safe computing task is realized based on an operator interface provided by the general computing engine; and executing the secure computing task, determining a target operator registered by a target computing engine in registered operators when executing the privacy computing realized by the operator interface, and executing the target operator by calling the target computing engine to finish the privacy computing, wherein the registered operators comprise preset operators registered by a preset computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment. The embodiment of the invention can improve the computing efficiency of the secure computing system and expand the application range of the secure computing system.

Description

Secure computing method, general computing engine, device for secure computing and secure computing system

Technical Field

The present invention relates to the field of computer technologies, and in particular, to a secure computing method, a general-purpose computing engine, a device for secure computing, and a secure computing system.

Background

MPC (Secure Muti-Party computing) is a theoretical framework proposed to solve the problem of cooperative computing among a group of untrusted participants under the premise of protecting private information and without a trusted third Party. The multi-party safe calculation can simultaneously ensure the input privacy and the calculation correctness, ensure that the input information of each party participating in the calculation is not exposed through a mathematical theory on the premise of no trusted third party, and simultaneously can obtain an accurate calculation result.

However, MPC-based secure computing systems require complex cryptographic operations and are computationally inefficient.

Disclosure of Invention

The embodiment of the invention provides a security computing method, a general computing engine, a device for security computing and a security computing system, which can improve the computing efficiency of the security computing system and expand the application range of the security computing system.

In order to solve the above problem, an embodiment of the present invention discloses a secure computing method, which is applied to a general-purpose computing engine, and the method includes:

obtaining a safe computing task, wherein the privacy computation in the safe computing task is realized based on an operator interface provided by the general computing engine;

and executing the secure computing task, determining a target operator registered by a target computing engine in registered operators when executing the privacy computing realized by the operator interface, and executing the target operator by calling the target computing engine to finish the privacy computing, wherein the registered operators comprise preset operators registered by a preset computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment.

Optionally, after determining the target operator registered by the target computing engine among the registered operators, the method further includes:

determining a protocol type of the target computing engine;

if the protocol type is a plaintext type, initiating a remote authentication challenge to the target computing engine;

receiving attestation information returned by the target computing engine to the remote authentication challenge;

if the certification information passes the verification, an encrypted channel is established with the target computing engine;

the invoking the target calculation engine to execute the target operator to complete the privacy calculation includes:

and calling the target calculation engine to execute the target operator to finish the privacy calculation through the encrypted channel.

Optionally, the invoking, by the encrypted channel, the target computation engine to execute the target operator to complete the privacy computation includes:

and sending an instruction for calling the target operator to the target computing engine through the encrypted channel, wherein the instruction carries data participating in the privacy computation so as to trigger the target computing engine to perform the privacy computation on the data by executing the target operator.

Optionally, the determining, among the registered operators, a target operator registered by the target computing engine includes:

determining candidate operators of which the calculation types are matched with the privacy calculation in the registered operators;

determining operator priorities of the candidate operators;

and determining a target operator registered by a target calculation engine in the candidate operators according to the operator priority.

Optionally, the determining, according to the operator priority, a target operator registered by a target computing engine among the candidate operators includes:

and determining the candidate operator with the highest operator priority as a target operator, or randomly selecting one of the at least two candidate operators with the same operator priority as the target operator if at least two candidate operators with the same operator priority exist, and determining a preset calculation engine to which the target operator belongs as a target calculation engine.

acquiring execution information of the target operator, wherein the execution information at least comprises any one of the following items: the execution state and the calculation efficiency of the target operator;

and updating the operator priority of the target operator in the registered operator according to the execution information of the target operator.

Optionally, the method further comprises:

receiving operator registration information of a preset operator sent by a preset calculation engine, wherein the operator registration information comprises a preset calculation engine name, an operator name and an operator priority;

and registering the preset operator in the general calculation engine according to the operator registration information.

Optionally, after the completing the privacy computation by invoking the target computation engine to execute the target operator, the method further includes:

and obtaining the calculation result of the privacy calculation returned by the target calculation engine.

Optionally, the preset computing engine is deployed in a cloud or a cluster.

In another aspect, an embodiment of the present invention discloses a general purpose computing engine, including:

the task acquisition module is used for acquiring a security computing task, and the privacy computing in the security computing task is realized based on an operator interface provided by the general computing engine;

and the task execution module is used for executing the secure computation task, when the privacy computation realized by the operator interface is executed, a target operator registered by a target computation engine is determined in a registered operator, the target computation engine is called to execute the target operator to complete the privacy computation, the registered operator comprises a preset operator registered by a preset computation engine, and the preset computation engine comprises a computation engine based on multi-party secure computation and a computation engine based on a trusted execution environment.

Optionally, the general purpose computing engine further comprises:

the protocol determining submodule is used for determining the protocol type of the target computing engine;

the remote authentication sub-module is used for initiating a remote authentication challenge to the target computing engine if the protocol type is a plaintext type;

the certification receiving submodule is used for receiving certification information returned by the target computing engine to the remote authentication challenge;

the channel establishing submodule is used for establishing an encrypted channel with the target computing engine if the certification information passes the verification;

the task execution module is specifically configured to invoke the target computation engine to execute the target operator through the encrypted channel to complete the privacy computation.

Optionally, the task execution module is specifically configured to send, to the target calculation engine through the encrypted channel, an instruction for invoking the target operator, where the instruction carries data participating in the privacy calculation, so as to trigger the target calculation engine to perform the privacy calculation on the data by executing the target operator.

Optionally, the general purpose computing engine further comprises:

the candidate determining module is used for determining candidate operators of which the calculation types are matched with the privacy calculation in the registered operators;

a priority determination module for determining operator priorities of the candidate operators;

and the target determining module is used for determining a target operator registered by the target computing engine in the candidate operators according to the operator priority.

Optionally, the target determining module is specifically configured to determine that a candidate operator with a highest operator priority is a target operator, or, if there are at least two candidate operators with the same operator priority, randomly select one of the at least two candidate operators with the same operator priority as the target operator, and determine that a preset computing engine to which the target operator belongs is a target computing engine.

Optionally, the general purpose computing engine further comprises:

an execution information obtaining module, configured to obtain execution information of the target operator, where the execution information at least includes any one of: the execution state and the calculation efficiency of the target operator;

and the priority updating module is used for updating the operator priority of the target operator in the registered operator according to the execution information of the target operator.

Optionally, the general purpose computing engine further comprises:

the system comprises a registration information receiving module, a calculation engine and a registration information sending module, wherein the registration information receiving module is used for receiving operator registration information of a preset operator sent by the preset calculation engine, and the operator registration information comprises a preset calculation engine name, an operator name and an operator priority;

and the operator registration module is used for registering the preset operator in the general calculation engine according to the operator registration information.

Optionally, the general purpose computing engine further comprises:

and the result acquisition module is used for acquiring the calculation result of the privacy calculation returned by the target calculation engine.

Optionally, the preset computing engine is deployed in a cloud or a cluster.

In yet another aspect, an embodiment of the present invention discloses an apparatus for secure computing, the apparatus being applied to a general-purpose computing engine, the apparatus comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs configured to be executed by one or more processors include instructions for:

Optionally, the device is also configured to execute the one or more programs by the one or more processors including instructions for:

determining a protocol type of the target computing engine;

determining operator priorities of the candidate operators;

Optionally, the preset computing engine is deployed in a cloud or a cluster.

In another aspect, an embodiment of the present invention discloses a secure computing system, where the secure computing system includes a general-purpose computing engine, a preset computing engine, and a user side;

the user side is used for sending a security computing task to the general computing engine, and privacy computing in the security computing task is realized based on an operator interface provided by the general computing engine;

the general calculation engine is used for acquiring a security calculation task sent by the user side, executing the security calculation task, determining a target operator registered by a target calculation engine in a registered operator when executing privacy calculation realized by the operator interface, and executing the target operator to complete the privacy calculation by calling the target calculation engine, wherein the registered operator comprises a preset operator registered by a preset calculation engine;

the preset computing engine is used for registering preset operators realized by the preset computing engine to the general computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment.

In yet another aspect, embodiments of the invention disclose a machine-readable medium having instructions stored thereon, which when executed by one or more processors, cause an apparatus to perform a secure computing method as described in one or more of the preceding.

The embodiment of the invention has the following advantages:

the embodiment of the invention adds the general-purpose computing engine in the safety computing system, and the general-purpose computing engine is used as an interface layer in the safety computing system and can be used for providing various operator interfaces. Based on an operator interface provided by a general computing engine, relevant codes of private computation in a safe computing task can be written. The general purpose computing engine can acquire a secure computing task and execute the secure computing task, and private computing in the secure computing task is realized based on an operator interface provided by the general purpose computing engine. And when executing the privacy calculation realized by the operator interface, determining a target operator registered by a target calculation engine in the registered operators, and executing the target operator by calling the target calculation engine to finish the privacy calculation. By the embodiment of the invention, a proper target operator can be dynamically selected for privacy computation in the security computation task in the process of executing the security computation task. For example, according to actual needs, a target operator of a target calculation engine with higher calculation efficiency may be selected, or a target operator of a target calculation engine with higher security may be selected, so as to meet the needs of different scenarios. The embodiment of the invention can not only improve the computing efficiency of the safety computing system, but also expand the application range of the safety computing system.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.

FIG. 1 is a flow chart of the steps of one embodiment of a secure computing method of the present invention;

FIG. 2 is a schematic diagram of a secure computing system framework of the present invention;

FIG. 3 is a block diagram of a general purpose computing engine embodiment of the present invention;

FIG. 4 is a block diagram of a secure computing system of the present invention;

FIG. 5 is a block diagram of an apparatus 800 for secure computing of the present invention;

fig. 6 is a schematic diagram of a server in some embodiments of the invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

Method embodiment

Referring to fig. 1, a flowchart illustrating steps of an embodiment of a secure computing method according to the present invention is shown, where the method is applicable to a general purpose computing engine, and the method specifically includes the following steps:

step 101, obtaining a secure computing task, wherein the privacy computing in the secure computing task is realized based on an operator interface provided by the general computing engine;

102, executing the secure computing task, determining a target operator registered by a target computing engine in a registered operator when executing the privacy computing realized by the operator interface, and executing the target operator by calling the target computing engine to complete the privacy computing, wherein the registered operator comprises a preset operator registered by a preset computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment.

In the embodiment of the present invention, the secure computing task may be a computer program code implemented by a preset programming language, and the secure computing system may implement a corresponding computing function by executing the computer program code. The secure computing task includes, but is not limited to: and data related operations such as data calculation, cleaning, analysis, model training, storage, database query and the like are realized. It is to be understood that embodiments of the present invention do not impose limitations on the specific types of secure computing tasks.

The embodiment of the invention adds the general-purpose computing engine in the safety computing system, and the general-purpose computing engine is used as an interface layer in the safety computing system and can be used for providing various operator interfaces. Based on an operator interface provided by a general computing engine, relevant codes of private computation in a safe computing task can be written.

In the embodiment of the present invention, an operator is simply an operator, which performs a certain operation or action, and corresponds to the operator, which is an object to be operated and is called an operand. For example, an addition operation may be referred to as an operator, a multiplication operation may be referred to as an operator, a division operation may be referred to as an operator, and so on. It will be appreciated that the operators are not limited to simple arithmetic operations, but may also include logical operations or other complex operations. An interface refers to a reference type that defines an agreement. Other types implement interfaces to ensure that they support certain operations. In the embodiment of the invention, the operation realized by the operator interface is provided by a preset calculation engine.

It should be noted that, the embodiment of the present invention does not limit the programming language of the operator interface provided by the general-purpose computing engine. For example, Python language, C/C + + language, Java language, etc. may be used.

In one example, a general purpose computing engine provides the following operator interfaces: add, the operator interface for implementing operations of private addition computations. The pp represents an operator space provided by the general-purpose computing engine, and all the operators registered in the general-purpose computing engine E are included in the operator space pp. As another example, an operator interface, pp, may also be included in the pp, which is used to implement operations of the privacy division calculation.

Add, based on the operator interface provided by the general purpose computing engine, the privacy addition computing code of Python can be written as follows: add (x, y), which represents the private addition of operands x and y. As another example, based on the operator interface pp.recipcal provided by the general-purpose computing engine, the privacy division calculation code of Python can be written as follows: predicate (x, y) indicates that operands x and y are divided privately.

In the embodiment of the invention, the privacy calculation refers to calculation without revealing original data in the calculation process. The privacy calculations may include any type of mathematical calculation, such as four arithmetic calculations (e.g., addition, subtraction, multiplication, division), logical calculations (e.g., and, or, xor calculations), model training, and the like.

A user may write private computing code using an operator interface provided by a general purpose computing engine. The privacy calculation code is different according to different application scenarios, for example, the privacy calculation code may be a code of a machine learning algorithm, or may be a privacy evaluation code.

In a specific implementation, the secure computation task may be provided by a user side, the general computation engine executes the secure computation task after acquiring the secure computation task sent by the user side, determines a target operator registered by a target computation engine in a registered operator when performing the privacy computation implemented by the operator interface, and executes the target operator by calling the target computation engine to complete the privacy computation.

In this embodiment of the present invention, different preset calculation engines may register respective preset operators with the general purpose calculation engine. The preset calculation engines can comprise calculation engines based on different safety calculation protocols, and different preset calculation engines can provide the same operator or different operators. Further, the preset calculation engine includes but is not limited to: a multi-party secure computing based compute engine (hereinafter MPC compute engine) and a trusted execution environment based compute engine (hereinafter TEE compute engine).

The MPC calculation engine performs the privacy calculation based on the multi-party secure calculation protocol, and the multi-party secure calculation protocol is not limited in the embodiment of the present invention, and may include, for example, a multi-party secure calculation protocol implemented based on technologies such as secret sharing, semi-homomorphism, and careless transmission.

The TEE computing engine performs privacy computation based on a TEE (Trusted Execution Environment), and can provide a security space for the Execution of data and codes on the basis of ensuring confidentiality and integrity through an area (enclosure) reserved in a Central Processing Unit (CPU). The TEE solution includes TPM (Trusted Platform Module) in Software aspect, and Intel SGX (Software Guard Extensions) in hardware aspect, ARM Trustzone, AMD PSP (Platform Security Processor) in hardware aspect, and the like.

SGX is an extension of the intel instruction set architecture, and can guarantee confidentiality and integrity of key code and data by providing an envelope, i.e., an encrypted trusted execution area in memory, on a computing platform. The TEE calculation engine in the embodiment of the invention is mainly described by taking an SGX calculation engine as an example, and application scenes of other types of TEE calculation engines can be referred to one another.

In one example, assume that the pre-configured compute engine includes an MPC compute engine and an SGX compute engine. The MPC calculation engine may provide operators of various calculation types such as an operator for performing private addition calculation, an operator for performing private subtraction calculation, an operator for performing private multiplication calculation, an operator for performing private division calculation, and the like, and register the operators of various calculation types it provides with the general-purpose calculation engine. Similarly, the SGX calculation engine may provide operators of various calculation types such as an operator for performing privacy addition calculation, an operator for performing privacy subtraction calculation, an operator for performing privacy multiplication calculation, and an operator for performing privacy division calculation, and register the operators of various calculation types provided by the SGX calculation engine with the general-purpose calculation engine.

Thus, the registered operators of the generic compute engine include the operators of the various compute types that the MPC compute engine registers for its provision, and the operators of the various compute types that the SGX compute engine registers for its provision.

In one example, assuming that the private computation included in the secure computation task is a private addition computation implemented through an operator interface provided by the general computation engine (e.g., pp.add), the target operator registered by the target computation engine is determined among the registered operators when the private addition computation is executed. For example, an operator of the private addition calculation registered by the MPC calculation engine may be determined as a target operator, and the private addition calculation is completed by calling the MPC calculation engine to execute the target operator; or, the private addition calculation operator registered by the SGX calculation engine may be determined as a target operator, and the SGX calculation engine is invoked to execute the target operator to complete the private addition calculation.

By the embodiment of the invention, a proper target operator can be dynamically selected for privacy computation in the security computation task in the process of executing the security computation task. For example, when the private computation to be performed is private addition computation, since the MPC computation engine can directly obtain the computation result based on the ciphertext of the segment, the computation efficiency is higher than that of the SGX computation engine, and therefore, the operator of the private addition computation registered by the MPC computation engine can be determined as the target operator. For another example, when the private calculation to be performed is a private division calculation, since the MPC calculation engine needs to obtain a result by means of iterative approximation, the SGX calculation engine can directly perform calculation on a plaintext, and when the SGX calculation engine performs the private division calculation, the calculation efficiency is higher than that of the MPC calculation engine, it can be determined that an operator of the private division calculation registered by the MPC calculation engine is a target operator.

Therefore, by adding the general-purpose computing engine in the secure computing system as an interface layer, the embodiment of the invention can dynamically select a more appropriate target operator of the target computing engine for the private computing in the secure computing task. For example, according to actual needs, a target operator of a target calculation engine with higher calculation efficiency may be selected, or a target operator of a target calculation engine with higher security may be selected, so as to meet the needs of different scenarios.

In an optional embodiment of the invention, the method may further comprise:

step S11, receiving operator registration information of a preset operator sent by a preset calculation engine, wherein the operator registration information comprises a preset calculation engine name, an operator name and an operator priority;

and step S12, registering the preset operator in the general calculation engine according to the operator registration information.

Each preset compute engine may register its implemented operators with the general purpose compute engine. The operator registration information includes, but is not limited to, a preset calculation engine name, an operator name, and an operator priority. The operator priority can be used as reference information when the general computing engine automatically selects the target operator. After the operator registration is completed, each preset calculation engine waits for the call of the general calculation engine.

In one example, the registration information is represented as operator (compute engine name, operator priority). It is assumed that the SGX calculation engine registers preset operators such as operator (S, add,3), operator (S, iterative, 1), and the like to the general calculation engine. Wherein S is the name of the SGX calculation engine; the add/recipcal is the operator name of a preset operator registered by the SGX calculation engine, the add is the operator calculated by privacy addition, and the recipcal is the operator calculated by privacy division; 3/1, the operator priority level of add operator of SGX computing engine is 3, and the operator priority level of recipcal operator of SGX computing engine is 1. In addition, the MPC calculation engine registers preset operators such as operator (M, add,1) and operator (M, recipient, 5) with the general-purpose calculation engine. Wherein M is the name of the MPC calculation engine; the add/recipcal is the operator name of a preset operator registered by the MPC calculation engine, the add is the operator calculated by privacy addition, and the recipcal is the operator calculated by privacy division; 1/5, 1 denotes the operator priority of the add operator of the MPC calculation engine as 1, and 5 denotes the operator priority of the recipcal operator of the MPC calculation engine as 5.

Wherein, the smaller the numerical value of the operator priority, the higher the priority is. In the above example, for private addition computation add, the operator priority of the add operator of the SGX compute engine is 3 and the operator priority of the add operator of the MPC compute engine is 1. Because the MPC calculation engine can directly obtain the calculation result based on the ciphertext of the fragment and has higher calculation efficiency than the SGX calculation engine, the operator priority of the add operator of the MPC calculation engine is higher than that of the SGX calculation engine. For the privacy division calculation, the operator priority of the receiptical operator of the SGX calculation engine is 1, and the operator priority of the receiptical operator of the MPC calculation engine is 5. Because the MPC calculation engine needs to obtain the result by means of iterative approximation, the SGX calculation engine can directly perform calculation on the plaintext, and the calculation efficiency of the SGX calculation engine is higher than that of the MPC calculation engine when performing privacy division calculation, the operator priority of the recipcal operator of the SGX calculation engine is higher than that of the MPC calculation engine.

In an optional embodiment of the present invention, the determining, among the registered operators, a target operator registered by the target computing engine may specifically include:

step S21, determining candidate operators with calculation types matched with the privacy calculation in the registered operators;

step S22, determining operator priority of the candidate operator;

and step S23, determining a target operator registered by the target calculation engine in the candidate operators according to the operator priority.

After receiving the security computing task, the general computing engine determines candidate operators of which the computing types are matched with the privacy computing from the registered operators in the process of executing the security computing task. In one example, the operator registration information of the registered operators in the general computation engine comprises operator names, and candidate operators with computation types matched with the private computation can be determined by inquiring the operator names.

For example, when performing private addition computation (pp.add) to a general compute engine interface implementation, the add operator registered by the SGX compute engine S and the add operator registered by the MPC compute engine M may be determined to be candidate operators by querying the registered query operator names. Then, the operator priority of each candidate operator is respectively determined, the operator priority of the add operator registered by the SGX calculation engine S is 3, and the operator priority of the add operator registered by the MPC calculation engine M is 1. Finally, since the operator priority of the add operator of the MPC calculation engine M is higher than that of the SGX calculation engine S, the add operator of the MPC calculation engine M can be determined as the target operator.

It should be noted that, in the embodiment of the present invention, there is no limitation on the types of the preset computing engines in the secure computing system, and there is no limitation on the number of each preset computing engine. For example, multiple SGX compute engines such as S1, S2, and S3 may be included, and multiple MPC compute engines such as M1, M2, and M3 may be included.

In an optional embodiment of the present invention, the determining, according to the operator priority, a target operator registered by a target computing engine among the candidate operators may specifically include:

In the embodiment of the present invention, it is preferable to determine the candidate operator with the highest operator priority as the target operator. If the generic computation engine cannot determine the operator priority of a certain candidate operator, or if there are at least two candidate operators with the same operator priority, the generic computation engine may randomly select one candidate operator as the target operator.

In an optional embodiment of the present invention, after determining the target operator registered by the target computing engine among the registered operators, the method may further include:

step S31, obtaining execution information of the target operator, where the execution information at least includes any one of the following items: the execution state and the calculation efficiency of the target operator;

and step S32, updating the operator priority of the target operator in the registered operator according to the execution information of the target operator.

And under the condition that the general calculation engine cannot determine the operator priority of a certain candidate operator or at least two candidate operators with the same operator priority exist, randomly selecting one candidate operator as a target operator by the general calculation engine. After the general purpose computing engine determines a target operator and calls the target operator, execution information of the target operator can be obtained, wherein the execution information includes but is not limited to execution state and computing efficiency of the target operator. The execution status may include, but is not limited to, execution success, execution failure, and the like.

The general calculation engine can automatically evaluate the operator priority of the target operator according to the execution information of the target operator, update the operator priority of the target operator in the registered operator, and use the updated operator priority in the next calculation so as to improve the real-time performance and the accuracy of the operator priority.

In an optional embodiment of the present invention, the preset computing engine may be deployed in a cloud or a cluster to implement cloud computing.

step S41, determining the protocol type of the target calculation engine;

step S42, if the protocol type is a plaintext type, initiating a remote authentication challenge to the target computing engine;

step S43, receiving the certification information returned by the target computing engine to the remote authentication challenge;

step S44, if the certification information passes the verification, an encryption channel is established with the target computing engine;

the invoking the target calculation engine to execute the target operator to complete the privacy calculation may specifically include: and calling the target calculation engine to execute the target operator to finish the privacy calculation through the encrypted channel.

After the general purpose compute engine determines a target operator of a target compute engine, a protocol type of the target compute engine is determined, and if the protocol type of the target compute engine is a plaintext type, for example, if the target compute engine is a TEE compute engine, a remote authentication challenge is initiated to the target compute engine. If the protocol type of the target computing engine is a ciphertext type, for example, if the target computing engine is an MPC computing engine, since the MPC computing engine performs computing on the ciphertext, the original data will not be leaked even if the computing data is stolen by a malicious user. Thus, when the target compute engine is an MPC compute engine, remote authentication may not be required. And the TEE calculation engine directly calculates on the plaintext, so that in order to avoid leakage of the original data, the embodiment of the invention carries out remote authentication on the target calculation engine of the plaintext type to ensure that the original data is only obtained by an authorized user and cannot be leaked.

The remote authentication is a hardware authentication technology of a non-trusted third party provided by the TEE, and hardware and software running at a far end or a cloud end can be guaranteed to be authentic and trusted through the technology and are not tampered by privileged systems such as an operating system. The technology can establish a trusted encryption channel under the condition that no trusted third party exists, and the security of data transmission is ensured. The MPC can ensure the safety of data transmission without remote authentication.

In the case where the target compute engine is a TEE compute engine, the general compute engine initiates a remote authentication challenge to the target compute engine, which generates attestation information using local hardware and returns to the challenger (general compute engine). If the certification information passes the verification of the general computing engine, the general computing engine and the target computing engine (TEE computing engine) can establish an encryption channel through key distribution and the like, and then the target computing engine can be called to execute the target operator through the encryption channel to complete the privacy computation.

In specific implementation, after receiving the security computation task, the general computation engine selects a corresponding target operator to implement according to the registered operators of each preset computation engine. Add, for private addition calculations pp.add, the generic compute engine may choose the MPC compute engine M to perform this operation and may directly call the add operator of the MPC compute engine M. For the privacy division calculation pp.recipcal, the general calculation engine can select the SGX calculation engine S to execute the operation, and initiate a remote authentication challenge to the SGX calculation engine S, after the SGX calculation engine S passes the remote authentication, establish an encryption channel with the SGX calculation engine S, complete data transmission by using the encryption channel, and then call a recipcal operator of the SGX calculation engine S.

Further, after the general-purpose computing engine receives operator registration information of the preset computing engine, whether remote authentication is needed or not can be judged according to the protocol type of the preset computing engine to be registered. For example, for a TEE computing engine, a remote authentication challenge may be issued to it, and its preset operators are only registered if it passes the remote authentication, otherwise the registration will fail.

In an optional embodiment of the present invention, the invoking, by the encrypted channel, the target calculation engine to execute the target operator to complete the privacy calculation may specifically include:

Before the general purpose computing engine calls the target operator of the target computing engine, the data transmission can be completed by using the encryption channel, and then the target operator of the target computing engine is called.

Or, an instruction for calling the target operator may be sent to the target computing engine through the encrypted channel, where the instruction carries data participating in the privacy computation, and data transmission is completed while the instruction is sent, so as to trigger the target computing engine to perform the privacy computation on the data by executing the target operator. Wherein the data participating in the privacy computation may include numerical values of operands participating in the privacy computation.

In an optional embodiment of the present invention, after the completing the privacy computation by invoking the target computation engine to execute the target operator, the method may further include: and obtaining the calculation result of the privacy calculation returned by the target calculation engine.

After receiving the security calculation task, the general calculation engine can automatically select a target operator according to the registered preset operators of each preset calculation engine to execute the privacy calculation in the security calculation task so as to complete the security calculation task, and return a calculation result.

In one example, the secure computing task includes a series of computing operations such as a privacy addition computation, a privacy division computation, and the like, and the general purpose computing engine executes the secure computing task after receiving the secure computing task. When the privacy addition calculation is executed, calling an add operator of the MPC calculation engine M to execute the privacy addition calculation, acquiring a privacy addition calculation result returned by the MPC calculation engine M, and continuing to execute the security calculation task based on the privacy addition calculation result.

Referring to FIG. 2, a secure computing system framework diagram of an embodiment of the invention is shown. As shown in fig. 2, the user side is a data owner or a calculation result demander. The general calculation engine is a scheduling party of the whole operation process and provides a uniform operator interface for the outside. Each preset computing engine (such as an MPC computing engine and an SGX computing engine) provides a specific implementation of an operator, is a final provider of computing power, and can run in a cloud or a cluster.

It should be noted that the secure computing system shown in fig. 2 may be configured with a default computing engine, and the general purpose computing engine may provide an interface layer for the default computing engine. The embodiment of the present invention does not limit the type of the default calculation engine, for example, the default calculation engine may be an MPC calculation engine. In this way, the system framework shown in fig. 2 can still ensure the performability of the entire secure computing task using the default computing engine in the absence of a TEE runtime environment in the secure computing system. On the basis of the default calculation engine, a preset calculation engine can be added to provide more efficient operator implementation. In addition, for MPC security calculation, the number of participants in MPC security calculation is not limited by the embodiments of the present invention. Either a four-party computation with universality or a two-party computation commonly used in privacy intersection. In addition, each preset calculation engine is not required to realize all operators, and only the realized preset operators are registered with the general-purpose engine. Therefore, the embodiment of the invention can fuse operators provided by different types of preset computing engines, so that the safety computing system has the advantages of the different types of preset computing engines, and the defect of using a single computing engine is avoided.

Whether the MPC technology or the TEE technology is adopted, the system framework shown in fig. 2 can utilize the characteristics of each technology to ensure the safety of data transmission and calculation while pursuing higher calculation efficiency.

In summary, the embodiment of the present invention adds a general purpose computing engine in the secure computing system, and the general purpose computing engine serves as an interface layer in the secure computing system and can be used to provide various operator interfaces. Based on an operator interface provided by a general computing engine, relevant codes of private computation in a safe computing task can be written. The general purpose computing engine can acquire a secure computing task and execute the secure computing task, and private computing in the secure computing task is realized based on an operator interface provided by the general purpose computing engine. And when executing the privacy calculation realized by the operator interface, determining a target operator registered by a target calculation engine in the registered operators, and executing the target operator by calling the target calculation engine to finish the privacy calculation. By the embodiment of the invention, a proper target operator can be dynamically selected for privacy computation in the security computation task in the process of executing the security computation task. For example, according to actual needs, a target operator of a target calculation engine with higher calculation efficiency may be selected, or a target operator of a target calculation engine with higher security may be selected, so as to meet the needs of different scenarios. The embodiment of the invention can not only improve the computing efficiency of the safety computing system, but also expand the application range of the safety computing system.

In addition, the safety calculation method provided by the embodiment of the invention has universality, including forward compatibility and backward compatibility. Backward compatibility, which means that existing compute engines can be directly adapted to the secure compute system of embodiments of the present invention. Forward compatibility means that a user side only needs to refer to an operator interface of the general safety calculation engine, the specific realization of an operator is transparent to the user, and the user operation is simplified. For example, if a computing engine provides a new, more efficient operator, the operator may also be registered with the general purpose computing engine, and the general purpose computing engine will automatically select the new operator the next time it is computed. It is transparent to the user code as to whether a new pre-configured calculation engine is added to the system and whether a new operator is used.

Furthermore, the embodiment of the invention provides a uniform API for users through an operator interface provided by a general computing engine. The user can conveniently transplant the existing code to the invented security computing system framework, so that the use cost of privacy computing can be reduced, and the application scene of the security computing system is enlarged.

It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the illustrated order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments of the present invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.

Device embodiment

Referring to fig. 3, a block diagram of a general computing engine according to an embodiment of the present invention is shown, where the general computing engine may specifically include:

a task obtaining module 301, configured to obtain a secure computation task, where privacy computation in the secure computation task is implemented based on an operator interface provided by the general computation engine;

and the task execution module 302 is configured to execute the secure computation task, determine a target operator registered by a target computation engine in a registered operator when performing the privacy computation implemented by the operator interface, and complete the privacy computation by calling the target computation engine to execute the target operator, where the registered operator includes a preset operator registered by a preset computation engine, and the preset computation engine includes a computation engine based on multi-party secure computation and a computation engine based on a trusted execution environment.

Optionally, the general purpose computing engine further comprises:

Optionally, the preset computing engine is deployed in a cloud or a cluster.

Referring to fig. 4, a block diagram of a secure computing system of an embodiment of the present invention is shown, where the secure computing system includes a user side 401, a general purpose computing engine 402, and a provisioning computing engine 403;

the user side 401 is configured to send a secure computing task to the general purpose computing engine, where privacy computation in the secure computing task is implemented based on an operator interface provided by the general purpose computing engine;

the general computation engine 402 is configured to obtain a security computation task sent by the user side, execute the security computation task, determine a target operator registered by a target computation engine in a registered operator when performing privacy computation implemented by the operator interface, and complete the privacy computation by calling the target computation engine to execute the target operator, where the registered operator includes a preset operator registered by a preset computation engine;

the preset computing engine 403 is configured to register preset operators implemented by the preset computing engine with the general-purpose computing engine, where the preset computing engine includes a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment.

The user end 401 is a data holder or a calculation result demander. The general computation engine 402 is a scheduling party of the whole operation process, and provides a uniform operator interface for the outside. Each preset computing engine 403 (e.g., MPC computing engine, SGX computing engine) provides a specific implementation of an operator, is a final provider of computing power, and can run in the cloud or in a cluster.

The embodiment of the invention does not limit the types and the number of the preset calculation engines.

For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.

The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.

With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.

An embodiment of the present invention provides an apparatus for secure computing, applied to a general-purpose computing engine, the apparatus including a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs configured to be executed by one or more processors include instructions for: obtaining a safe computing task, wherein the privacy computation in the safe computing task is realized based on an operator interface provided by the general computing engine; and executing the secure computing task, determining a target operator registered by a target computing engine in registered operators when executing the privacy computing realized by the operator interface, and executing the target operator by calling the target computing engine to finish the privacy computing, wherein the registered operators comprise preset operators registered by a preset computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment.

Fig. 5 is a block diagram illustrating an apparatus 800 for secure computing according to an example embodiment. For example, the apparatus 800 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, and the like.

Referring to fig. 5, the apparatus 800 may include one or more of the following components: processing component 802, memory 804, power component 806, multimedia component 808, audio component 810, input/output (I/O) interface 812, sensor component 814, and communication component 816.

The processing component 802 generally controls overall operation of the device 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing elements 802 may include one or more processors 820 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 802 can include one or more modules that facilitate interaction between the processing component 802 and other components. For example, the processing component 802 can include a multimedia module to facilitate interaction between the multimedia component 808 and the processing component 802.

The memory 804 is configured to store various types of data to support operation at the device 800. Examples of such data include instructions for any application or method operating on device 800, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 804 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

Power components 806 provide power to the various components of device 800. The power components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the apparatus 800.

The multimedia component 808 includes a screen that provides an output interface between the device 800 and a user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 808 includes a front facing camera and/or a rear facing camera. The front-facing camera and/or the rear-facing camera may receive external multimedia data when the device 800 is in an operating mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.

The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a Microphone (MIC) configured to receive external audio signals when the apparatus 800 is in an operational mode, such as a call mode, a recording mode, and a voice information processing mode. The received audio signals may further be stored in the memory 804 or transmitted via the communication component 816. In some embodiments, audio component 810 also includes a speaker for outputting audio signals.

The I/O interface 812 provides an interface between the processing component 802 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.

The sensor assembly 814 includes one or more sensors for providing various aspects of state assessment for the device 800. For example, the sensor assembly 814 may detect the open/closed state of the device 800, the relative positioning of the components, such as a display and keypad of the apparatus 800, the sensor assembly 814 may also detect a change in position of the apparatus 800 or a component of the apparatus 800, the presence or absence of user contact with the apparatus 800, orientation or acceleration/deceleration of the apparatus 800, and a change in temperature of the apparatus 800. Sensor assembly 814 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.

The communication component 816 is configured to facilitate communications between the apparatus 800 and other devices in a wired or wireless manner. The device 800 may access a wireless network based on a communication standard, such as WiFi, 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 816 receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 816 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on radio frequency information processing (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

In an exemplary embodiment, the apparatus 800 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described methods.

In an exemplary embodiment, a non-transitory computer-readable storage medium comprising instructions, such as the memory 804 comprising instructions, executable by the processor 820 of the device 800 to perform the above-described method is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.

Fig. 6 is a schematic diagram of a server in some embodiments of the invention. The server 1900 may vary widely by configuration or performance and may include one or more Central Processing Units (CPUs) 1922 (e.g., one or more processors) and memory 1932, one or more storage media 1930 (e.g., one or more mass storage devices) storing applications 1942 or data 1944. Memory 1932 and storage medium 1930 can be, among other things, transient or persistent storage. The program stored in the storage medium 1930 may include one or more modules (not shown), each of which may include a series of instructions operating on a server. Still further, a central processor 1922 may be provided in communication with the storage medium 1930 to execute a series of instruction operations in the storage medium 1930 on the server 1900.

The server 1900 may also include one or more power supplies 1926, one or more wired or wireless network interfaces 1950, one or more input-output interfaces 1958, one or more keyboards 1956, and/or one or more operating systems 1941, such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, etc.

A non-transitory computer readable storage medium in which instructions, when executed by a processor of an apparatus (server or terminal), enable the apparatus to perform the secure computing method shown in fig. 1.

A non-transitory computer readable storage medium in which instructions, when executed by a processor of an apparatus (server or terminal), enable the apparatus to perform a secure computing method, the method comprising: obtaining a safe computing task, wherein the privacy computation in the safe computing task is realized based on an operator interface provided by the general computing engine; and executing the secure computing task, determining a target operator registered by a target computing engine in registered operators when executing the privacy computing realized by the operator interface, and executing the target operator by calling the target computing engine to finish the privacy computing, wherein the registered operators comprise preset operators registered by a preset computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment.

Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This invention is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.

It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

The security computing method, the general computing engine and the device for security computing provided by the present invention are introduced in detail, and specific examples are applied in the text to explain the principle and the implementation of the present invention, and the description of the above embodiments is only used to help understand the method of the present invention and the core idea thereof; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims

1. A safe calculation method is characterized in that the safe calculation method is applied to a general calculation engine, the general calculation engine is used for providing various operator interfaces, and the operation realized by the operator interfaces is provided by a preset calculation engine; the method comprises the following steps:

executing the secure computing task, determining a target operator registered by a target computing engine in a registered operator when executing the privacy computing realized by the operator interface, and executing the target operator by calling the target computing engine to complete the privacy computing, wherein the registered operator comprises a preset operator registered by a preset computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment;

the method for determining the target operator registered by the target computing engine in the registered operators comprises the following steps:

determining operator priorities of the candidate operators;

2. The method of claim 1, wherein after determining the target operator registered by the target compute engine among the registered operators, the method further comprises:

determining a protocol type of the target computing engine;

3. The method of claim 2, wherein invoking the target computation engine to execute the target operator to complete the privacy computation through the encrypted channel comprises:

4. The method of claim 1, wherein determining a target operator among the candidate operators registered by a target compute engine according to the operator priority comprises:

5. The method of claim 1, wherein after determining the target operator registered by the target compute engine among the registered operators, the method further comprises:

6. The method of claim 1, further comprising:

7. The method of claim 1, wherein after the completion of the privacy computation by invoking the target computation engine to execute the target operator, the method further comprises:

8. The method of any one of claims 1 to 7, wherein the pre-configured compute engine is deployed in a cloud or cluster.

9. A general computation engine is characterized in that the general computation engine is used for providing various operator interfaces, and operations realized by the operator interfaces are provided by a preset computation engine; the general purpose computing engine includes:

the task execution module is used for executing the secure computation task, when the privacy computation realized by the operator interface is executed, a target operator registered by a target computation engine is determined in a registered operator, the target computation engine is called to execute the target operator to complete the privacy computation, the registered operator comprises a preset operator registered by a preset computation engine, and the preset computation engine comprises a computation engine based on multi-party secure computation and a computation engine based on a trusted execution environment;

the general purpose computing engine further comprises:

10. The general purpose computing engine of claim 9, further comprising:

11. The general purpose computing engine of claim 10, wherein the task execution module is specifically configured to send, to the target computing engine through the encrypted channel, an instruction for invoking the target operator, where the instruction carries data participating in the privacy computation, so as to trigger the target computing engine to perform the privacy computation on the data by executing the target operator.

12. The general purpose computing engine of claim 9, wherein the target determining module is specifically configured to determine that a candidate operator with a highest operator priority is a target operator, or, if there are at least two candidate operators with the same operator priority, randomly select one of the at least two candidate operators with the same operator priority as the target operator, and determine that a preset computing engine to which the target operator belongs is the target computing engine.

13. The general purpose computing engine of claim 9, further comprising:

14. The general purpose computing engine of claim 9, further comprising:

15. The general purpose computing engine of claim 9, further comprising:

16. The generic compute engine of any of claims 9 to 15, wherein the pre-configured compute engine is deployed in a cloud or cluster.

17. An apparatus for secure computing, wherein the apparatus is applied to a general purpose computing engine, the general purpose computing engine is used for providing various operator interfaces, and operations realized by the operator interfaces are provided by a preset computing engine; the apparatus comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors comprise instructions for performing the secure computing method of any of claims 1 to 8.

18. A safety computing system is characterized in that the safety computing system comprises a general computing engine, a preset computing engine and a user side, wherein the general computing engine is used for providing various operator interfaces, and the operation realized by the operator interfaces is provided by the preset computing engine;

the preset computing engine is used for registering preset operators realized by the preset computing engine to the general computing engine, and the preset computing engine comprises a computing engine based on multi-party secure computing and a computing engine based on a trusted execution environment;

the general calculation engine is further used for determining candidate operators of which the calculation types are matched with the privacy calculation in the registered operators; determining operator priorities of the candidate operators; and determining a target operator registered by a target calculation engine in the candidate operators according to the operator priority.

19. A machine-readable medium having stored thereon instructions, which when executed by one or more processors, cause an apparatus to perform the secure computing method of any of claims 1 to 8.