WO2021068445A1 - Data processing method and apparatus, computer device, and storage medium - Google Patents

Data processing method and apparatus, computer device, and storage medium Download PDF

Info

Publication number
WO2021068445A1
WO2021068445A1 PCT/CN2020/076141 CN2020076141W WO2021068445A1 WO 2021068445 A1 WO2021068445 A1 WO 2021068445A1 CN 2020076141 W CN2020076141 W CN 2020076141W WO 2021068445 A1 WO2021068445 A1 WO 2021068445A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
ciphertext
preset
processing
client
Prior art date
Application number
PCT/CN2020/076141
Other languages
French (fr)
Chinese (zh)
Inventor
唐虹刚
李升林
谢翔
孙立林
Original Assignee
云图技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云图技术有限公司 filed Critical 云图技术有限公司
Publication of WO2021068445A1 publication Critical patent/WO2021068445A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks

Definitions

  • This application relates to the field of artificial intelligence technology, and in particular to a data processing method, device, computer equipment, and storage medium.
  • the server can process the target data sent by the client according to the trained deep learning model to obtain the processing result.
  • the server can perform diagnosis processing on the medical image data sent by the client according to the trained diagnosis model, so as to obtain the diagnosis result.
  • the aforementioned medical image data may often involve user privacy, and the aforementioned methods are prone to leakage of user privacy data during specific data processing.
  • the embodiments of the present application provide a data processing method, device, computer equipment, and storage medium to provide a data processing method that can protect user privacy.
  • the embodiment of the application provides a data processing method, including: obtaining target data, encrypting the target data using a homomorphic encryption algorithm to obtain ciphertext data; sending a data processing request to a server, wherein the data processing request carries Ciphertext data:
  • the preset MPC protocol cooperate with the server to call the preset model to process the ciphertext data to obtain the ciphertext processing result.
  • the preset model is compatible with the preset MPC protocol and is used in the case of data encryption Perform preset processing on ciphertext data; obtain ciphertext processing results.
  • the method further includes: decrypting the ciphertext processing result to obtain the plaintext processing result.
  • the method further includes: obtaining a verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is correct; and the ciphertext processing result And the verification result is sent to the blockchain network for on-chain storage.
  • before/while/after sending the data processing request to the server it further includes: sending the resource data to the contract account of the blockchain network; correspondingly, sending the ciphertext processing result and the verification result to the district
  • the blockchain network performs on-chain storage, including: sending the ciphertext processing result and the verification result to the blockchain network for on-chain storage, so that the blockchain network can store the data in the contract account when the verification result is correct.
  • the resource data is sent to the server's account.
  • the target data includes at least one of the following: face image data, medical image data, and human body motion data.
  • the preset processing includes performing diagnostic processing on the medical image data.
  • the embodiment of the application provides a data processing method, including: receiving a data processing request sent by a client, wherein the data processing request carries ciphertext data, and the ciphertext data is processed by the client using a homomorphic encryption algorithm on the target data. Generated after encryption; in response to the data processing request, call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, where the preset model is compatible with the preset MPC protocol , Used to perform preset processing on ciphertext data in the case of data encryption; send the ciphertext processing result to the client.
  • the method further includes: uploading the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain.
  • the preset model is called according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, including: according to the preset MPC protocol and the volume in the preset model
  • the product operator performs a privacy convolution operation on the ciphertext data to obtain the ciphertext feature data; according to the preset MPC protocol and the activation operator in the preset model, it cooperates with the client to activate the ciphertext feature data to obtain The first activation data and the second activation data; according to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform the pooling operation on the first activation data and the second activation data to obtain the first pool Data and the second pooled data; According to the preset MPC protocol and the full connection operator in the preset model, cooperate with the client to perform the full connection operation on the first pooled data and the second pooled data to obtain the ciphertext Data processing.
  • the embodiment of the present application also provides a data processing method, including: a client obtains target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data; the client sends a data processing request to the server, where the data The processing request carries the ciphertext data; in response to the data processing request, the server and the client call the preset model according to the preset MPC protocol to process the ciphertext data, and obtain the ciphertext processing result, where the preset model is compatible with the preset
  • the MPC protocol is used to perform preset processing on ciphertext data in the case of data encryption; the server sends the ciphertext processing result to the client; the client decrypts the ciphertext processing result to obtain the plaintext processing result.
  • the embodiment of the present application also provides a data processing device, including: an encryption module for obtaining target data, and using a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data; a sending module for sending data to a server Processing request, where the data processing request carries ciphertext data; the processing module is used to process the ciphertext data according to the preset MPC protocol and cooperate with the server to call the preset model to obtain the ciphertext processing result, where the preset The model is compatible with the preset MPC protocol and is used to perform preset processing on the ciphertext data in the case of data encryption; the acquisition module is used to obtain the ciphertext processing result.
  • An embodiment of the present application further provides a computer device including a processor and a memory for storing executable instructions of the processor, and the processor implements the steps of the data processing method described in any of the foregoing embodiments when the processor executes the instructions.
  • the embodiments of the present application also provide a computer-readable storage medium on which computer instructions are stored, and when the instructions are executed, the steps of the data processing method described in any of the foregoing embodiments are implemented.
  • a data processing method is provided.
  • the client encrypts the obtained target data using a homomorphic encryption algorithm to obtain ciphertext data, and sends a data processing request carrying the ciphertext data to the server.
  • Set the MPC protocol cooperate with the server to call the preset model to process the ciphertext data, and obtain the ciphertext processing result.
  • the preset model is compatible with the preset MPC protocol, and is used to pre-encrypt the ciphertext data in the case of data encryption.
  • the target data is homomorphically encrypted to obtain the corresponding ciphertext data, so as to prevent the specific content of the target data from being leaked.
  • the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
  • Figure 1 shows a schematic diagram of an application scenario of a data processing method in some embodiments of the present application
  • Figure 2 shows a flowchart of a data processing method in some embodiments of the present application
  • Figure 3 shows a flowchart of a data processing method in some embodiments of the present application
  • Figure 4 shows a flowchart of a data processing method in some embodiments of the present application
  • Figure 5 shows a sequence diagram of a data processing method in some embodiments of the present application.
  • Fig. 6 shows a schematic diagram of a data processing device in some embodiments of the present application.
  • Fig. 7 shows a schematic diagram of a data processing device in some embodiments of the present application.
  • Fig. 8 shows a schematic diagram of a computer device in some embodiments of the present application.
  • FIG. 1 shows a schematic diagram of an application scenario of the data processing method in an embodiment of the present application.
  • the client can obtain target data.
  • the target data may be data to be processed.
  • the target data may include but is not limited to at least one of the following: face image data, medical image data, human body motion data, and so on.
  • the client can use the homomorphic encryption algorithm to encrypt the obtained target data to obtain ciphertext data.
  • the data encrypted by the homomorphic encryption algorithm is processed to obtain an output, and the output is decrypted. The result is the same as the output result obtained by processing the unencrypted original data in the same method.
  • the client can send a data processing request to the server.
  • the data processing request may carry ciphertext data corresponding to the target data.
  • the server may call a preset model according to a preset MPC (Secure Multi-Party Computation) protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result.
  • the preset model is on the server side.
  • the preset model can be compatible with the preset MPC protocol, and is used for preset processing of ciphertext data in the case of data encryption.
  • the preset MPC protocol can be used to implement the operations in the preset model when the input is ciphertext data, so as to complete the preset processing of the ciphertext data.
  • the preset model may include a trained preset deep learning model.
  • the preset model may be a trained convolutional neural network model.
  • the preset processing may include performing diagnosis processing on the ciphertext data obtained after homomorphic encryption of the medical image data.
  • the preset processing may include performing face recognition processing on the ciphertext data obtained after homomorphic encryption of the face image data.
  • the preset processing may include performing motion recognition processing on the ciphertext data obtained after homomorphic encryption of the human body motion data.
  • the server may send the ciphertext processing result to the client.
  • the public key and private key of homomorphic encryption are stored in the client. Among them, the public key is used to homomorphically encrypt the target data to obtain ciphertext data.
  • the private key is used to decrypt the received ciphertext processing result to obtain the plaintext processing result.
  • the server may send the transaction event data corresponding to the data processing request to the blockchain network for on-chain storage, so as to facilitate subsequent traceability and query.
  • the client After the client obtains the ciphertext processing result, the client can send the obtained ciphertext processing result to the blockchain network for storage on the chain.
  • the client may be a client of a medical institution.
  • the client can obtain the patient's medical image data (for example, X-ray film data).
  • the client can use the homomorphic encryption algorithm to encrypt the X-ray film data to obtain the ciphertext X-ray film data.
  • the client sends a diagnosis request to the medical optical film diagnosis server.
  • the diagnosis request carries ciphertext X-ray film data.
  • the server may be a medical optical film diagnosis server.
  • the medical light film diagnosis server calls the preset deep learning model according to the preset MPC protocol to cooperate with the client to perform preset processing on the ciphertext X-ray film data, thereby obtaining the ciphertext diagnosis result.
  • the medical optical film diagnosis server sends the ciphertext diagnosis result to the client.
  • the client decrypts the ciphertext diagnosis result, and obtains the plaintext diagnosis result of the X-ray film data.
  • the above-mentioned client can be a desktop computer, a notebook, a mobile phone terminal, a PDA, etc., as long as it is a device that can homomorphically encrypt the target data and cooperate with the server to perform preset processing on the ciphertext data.
  • This application is not limited.
  • the above-mentioned server can be a single server, a server cluster, or a cloud server, etc., as long as the equipment that can preset the ciphertext data according to the preset MPC protocol and preset model cooperates with the client Yes, the specific composition is not limited in this application.
  • Figure 2 shows a flowchart of a method in some embodiments of the present application, and the data processing method can be applied to the client.
  • this application provides method operation steps or device structures as shown in the following embodiments or drawings, the method or device may include more or less operation steps or module units based on conventional or no creative labor. .
  • the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the description of the embodiments of this application and the drawings.
  • the described method or module structure is applied to an actual device or terminal product, it can be executed sequentially or in parallel according to the method or module structure connection shown in the embodiments or drawings (for example, parallel processors or multi-threaded processing Environment, even distributed processing environment).
  • the data processing method may include the following steps:
  • Step S201 Obtain target data, and encrypt the target data using a homomorphic encryption algorithm to obtain ciphertext data.
  • the client can obtain the target data.
  • the target data is the data to be processed.
  • the client uses a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data.
  • the client can use a homomorphic encryption algorithm to generate a public key and a private key, and then use the public key to encrypt the target data to obtain ciphertext data.
  • Step S202 Send a data processing request to the server, where the data processing request carries ciphertext data.
  • the client can send a data processing request to the server.
  • the data processing request carries ciphertext data.
  • the data processing request may also carry the public key generated by the homomorphic encryption algorithm.
  • Step S203 According to the preset MPC protocol, cooperate with the server to call the preset model to process the ciphertext data, and obtain the ciphertext processing result.
  • the preset model is compatible with the preset MPC protocol and is used for data encryption.
  • the ciphertext data is pre-processed.
  • Step S204 Obtain the ciphertext processing result.
  • the client can process the ciphertext data according to the preset MPC protocol and cooperate with the server to call the preset model to obtain the ciphertext processing result.
  • the preset model can be compatible with the preset MPC protocol.
  • the preset model may be a trained deep learning model.
  • the deep learning model can be obtained by training using a large amount of plaintext data.
  • the floating-point data in the trained deep learning model is converted into integer data.
  • the preset MPC protocol can be used to implement various operations in the preset model when the input is ciphertext data, so as to realize the preset processing of ciphertext data. Get the ciphertext processing result on the server.
  • the server sends the ciphertext processing result to the client.
  • the target data is homomorphically encrypted to obtain the corresponding ciphertext data, so as to prevent the specific content of the target data from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
  • the target data may include but is not limited to at least one of the following: face image data, medical image data, and human body motion data.
  • the preset processing when the target data includes medical image data, the preset processing may include performing diagnosis processing on the medical image data.
  • the preset processing may include face recognition processing.
  • the preset processing includes motion recognition processing.
  • the client may decrypt the ciphertext processing result according to the private key generated by the homomorphic encryption algorithm to obtain the plaintext processing result.
  • the plaintext processing result of the target data can be revealed on the client.
  • the ciphertext processing result after decrypting the ciphertext processing result to obtain the plaintext processing result, it may further include: obtaining a verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is correct;
  • the document processing results and verification results are sent to the blockchain network for on-chain storage.
  • the client obtains the verification result of the plaintext processing result.
  • the verification result may be obtained after the business personnel verify the plaintext processing result.
  • the verification result can also be inferred by the application in the client based on the target data and the plaintext processing result.
  • the verification result is used to indicate whether the plaintext processing result is correct.
  • the client sends the verification result and the ciphertext processing result to the blockchain network for on-chain storage, which is convenient for subsequent query, traceability, billing, verification, etc.
  • sending the resource data to the contract account of the blockchain network before/while/after sending the data processing request to the server, it may also include: sending the resource data to the contract account of the blockchain network; correspondingly, sending the ciphertext processing result and the verification result
  • Sending to the blockchain network for on-chain storage may include: sending the ciphertext processing result and verification result to the blockchain network for on-chain storage, so that the blockchain network will confirm that the verification result is correct.
  • the resource data in the contract account is sent to the server's account.
  • the client can send the resource data of the data processing to the contract account of the blockchain network.
  • the resource data may be fees that need to be paid for data processing, such as currency or Bitcoin.
  • the blockchain network determines whether the verification result is correct. When it is determined that the verification result is correct, the blockchain network sends the resource data in the contract account to the server's account.
  • FIG. 3 shows a flowchart of a data processing method provided by an embodiment of the present application.
  • the foregoing data processing method may include the following steps:
  • Step S301 Receive a data processing request sent by the client, where the data processing request carries ciphertext data, and the ciphertext data is generated by the client after encrypting the target data using a homomorphic encryption algorithm.
  • the client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data.
  • the client sends a data processing request to the server.
  • the target data is the data to be processed.
  • the client uses a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data.
  • the client can use a homomorphic encryption algorithm to generate a public key and a private key, and then use the public key to encrypt the target data to obtain ciphertext data.
  • the data processing request carries ciphertext data corresponding to the target data.
  • the data processing request may also carry the public key generated by the homomorphic encryption algorithm.
  • the server receives the data processing request sent by the client.
  • Step S302 In response to the data processing request, call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, where the preset model is compatible with the preset MPC protocol, Used to perform preset processing on ciphertext data in the case of data encryption.
  • Step S303 Send the ciphertext processing result to the client.
  • the server may call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result.
  • the preset model can be compatible with the preset MPC protocol.
  • the preset model may be a trained deep learning model.
  • the deep learning model can be obtained by training using a large amount of plaintext data.
  • the floating-point data in the trained deep learning model is converted into integer data.
  • the preset MPC protocol can be used to implement various operations in the preset model when the input is ciphertext data, so as to realize preset processing of ciphertext data and obtain ciphertext processing on the server side. result.
  • the server may send the ciphertext processing result to the client.
  • the client can decrypt the ciphertext processing result according to the private key obtained by the homomorphic encryption algorithm to obtain the plaintext processing result of the target data.
  • the target data is homomorphically encrypted to obtain the corresponding ciphertext data, so as to prevent the specific content of the target data from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
  • the target data may include but is not limited to at least one of the following: face image data, medical image data, and human body motion data.
  • the preset processing when the target data includes medical image data, the preset processing may include performing diagnosis processing on the medical image data.
  • the preset processing may include face recognition processing.
  • the preset processing includes motion recognition processing.
  • after obtaining the ciphertext processing result it may further include: uploading the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain.
  • the transaction event data corresponding to the data processing request can be uploaded to the blockchain network for on-chain storage.
  • the transaction event data may include data related to calculations performed by the server in response to the data processing request.
  • the transaction event data is uploaded to the blockchain network for on-chain storage, which is convenient for subsequent query and backtracking.
  • calling the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result may include: according to the preset MPC protocol and the preset model The convolution operator in the ciphertext data performs a private convolution operation to obtain the ciphertext feature data; according to the preset MPC protocol and the activation operator in the preset model, the ciphertext feature data is activated in cooperation with the client Operate to obtain the first activation data and the second activation data; according to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform the pooling operation on the first activation data and the second activation data to obtain The first pooled data and the second pooled data; according to the preset MPC protocol and the fully connected operator in the preset model, cooperate with the client to perform the fully connected operation on the first pooled data and the second pooled data, Obtain ciphertext processing data.
  • the preset model may be a trained convolutional neural network model.
  • Convolutional neural network models generally include: convolutional layer, excitation layer, pooling layer and fully connected layer.
  • the number of each layer can be one or more.
  • the convolution layer may include a convolution operator for extracting features of the data.
  • the excitation layer can include activation operators to add nonlinear factors to simulate more subtle changes.
  • the pooling layer may include a pooling operator, which is used to compress the input features.
  • the feature map is reduced and the network calculation complexity is simplified.
  • the feature compression is performed to extract the main features.
  • the fully connected layer may include a fully connected operator, which is used to connect all the features, send the output value to the classifier, and obtain the processing result.
  • the server invokes the convolution operator in the preset model to perform a private convolution operation on the ciphertext data according to the preset MPC protocol to obtain the ciphertext feature data.
  • the plaintext feature data obtained after decrypting the ciphertext feature data obtained by performing the privacy convolution operation on the ciphertext data is the same as the feature data obtained by directly performing the plaintext convolution operation on the plaintext data.
  • homomorphic encryption allows operations to be performed on the ciphertext, and the corresponding operations will be mapped to the plaintext.
  • the homomorphic encryption can be refined into the following two homomorphic encryption algorithms:
  • the convolution operation on the plaintext data is to multiply the corresponding elements in the plaintext data matrix and the convolution operator matrix and then sum them.
  • the convolution operation on the ciphertext data is obtained by multiplying the powers of the corresponding elements of the convolution operator matrix of the elements in the ciphertext data matrix.
  • a 3 ⁇ 3 is a plaintext data matrix
  • C 3 ⁇ 3 is a convolution operator matrix
  • a 3 ⁇ 3 is a ciphertext data matrix.
  • the plaintext convolution operation and privacy convolution operation are as follows:
  • the server can call the activation operator in the preset model according to the preset MPC protocol, and cooperate with the client to activate the ciphertext feature data to obtain the first activation data and the second activation data.
  • the first activation data is held by the server
  • the second activation data is held by the client.
  • the server performs a homomorphic encryption to secret sharing operation on the ciphertext feature data to obtain the first ciphertext data and the second ciphertext data.
  • the server sends the first ciphertext data to the client.
  • the client decrypts the first ciphertext data to obtain the first plaintext data.
  • the server converts the activation operator into a Boolean circuit and obtains the truth table of each circuit gate of the Boolean circuit. Then the server selects two evenly distributed strings as labels for each door, which are used to represent 0 or 1 respectively. After that, the server randomly generates a first random number, and generates a first label according to the second ciphertext data and the first random number. After replacing the truth table with the first label as input, the server obtains the label table. For each circuit gate, the server uses the tag table to encrypt, and generates a first encryption circuit (GC, Garbled Circuit). The server sends the first encrypted circuit to the client. The client performs an inadvertent transfer (OT, Oblivious Transfer) to the first plaintext data to obtain the second label.
  • OT inadvertent transfer
  • the client decrypts the first encryption circuit according to the second tag to obtain activation data.
  • Activation data also belongs to feature data, which is used to characterize features after adding nonlinear factors, and can simulate more subtle feature changes. Then, since the subsequent pooling operation is implemented through secure multi-party computing, the activation data can be secretly shared, so that the first activation data can be obtained on the server side and the second activation data can be obtained on the client side.
  • the activation data is the sum of the first activation data and the second activation data. That is, the server and the client perform secure multi-party calculation on the ciphertext feature data according to the preset MPC protocol and activation operator to obtain the first activation data and the second activation data.
  • the server After the server obtains the first activation data and the client obtains the second activation data, the server calls the pooling operator in the preset model according to the preset MPC protocol, and cooperates with the client to compare the first activation data and the second activation data Perform a pooling operation to obtain the first pooled data and the second pooled data.
  • the first pooled data can be held by the server.
  • the second pooled data can be held by the client.
  • the server converts the pooling operator into a Boolean circuit.
  • the server randomly generates a second random number.
  • the server generates a third label according to the first activation function and the random number.
  • the server replaces the truth table of the Boolean circuit with the third label as an input to obtain a label table.
  • the server encrypts each gate of the Boolean circuit using the tag table to generate a second encryption circuit.
  • the server sends the second encryption circuit to the client.
  • the client inadvertently transmits the second activation data to obtain the fourth tag.
  • the client uses the fourth tag to decrypt the second encryption circuit to obtain pooled data.
  • Pooled data also belongs to feature data, which is the feature data obtained after the feature is compressed, which can characterize the main feature. After that, since the subsequent full connection operation is realized through secure multi-party computing, the pooled data can be secretly shared, so that the server side obtains the first pooled data and the client side obtains the second pooled data.
  • the pooled data is the sum of the first pooled data and the second pooled data. That is, the server and the client can perform secure multi-party calculation on the first activation data and the second activation data according to the preset MPC protocol and pooling operator to obtain the first pooling data and the second pooling data.
  • the server After the server obtains the first pooled data and the client obtains the second pooled data, the server performs a secret sharing to homomorphic encryption operation on the first pooled data, and the client performs secret sharing to homomorphic encryption on the second pooled data Operation, get pooled data on the server side. Then the obtained pooled data is flattened into a one-dimensional array. The server multiplies each element in the one-dimensional array with the weight value on the connection line (that is, the element in the fully connected operator), adds and outputs the result to obtain the ciphertext processing result.
  • the server cooperates with the client to perform a full connection operation on the first pooled data and the second pooled data according to the preset MPC protocol and the full connection operator in the preset model to obtain the ciphertext processing data.
  • the server sends the obtained ciphertext processing result to the client.
  • the client uses the private key of the homomorphic encryption algorithm to decrypt the ciphertext processing result to obtain the plaintext processing result of the target data.
  • the preset model includes a convolutional layer, a pooling layer, an excitation layer, and a fully connected layer as an example for description, but the application is not limited to this.
  • the data processing method in the embodiment of the present application is applicable to the case where the preset model includes multiple convolutional layers, multiple pooling layers, multiple excitation layers, or multiple fully connected layers.
  • the server and the client call the convolution operator, activation operator, pooling operator, and fully connected operator in the preset model according to the preset MPC protocol to secure the ciphertext data.
  • Multi-party calculations obtain the ciphertext processing result of the ciphertext data, and realize the processing or reasoning of the ciphertext data through the preset model when the input is ciphertext, which can effectively protect the user's data privacy.
  • FIG. 4 shows a flowchart of a data processing method provided in an embodiment of the present application. As shown in Figure 4, the method may include:
  • step S401 the client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data.
  • the client can obtain the target data.
  • the target data is the data to be processed.
  • the client uses a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data.
  • the client can use a homomorphic encryption algorithm to generate a public key and a private key, and then use the public key to encrypt the target data to obtain ciphertext data.
  • Step S402 The client sends a data processing request to the server, where the data processing request carries ciphertext data.
  • the client can send a data processing request to the server.
  • the data processing request carries ciphertext data.
  • the data processing request may also carry the public key generated by the homomorphic encryption algorithm.
  • Step S403 in response to the data processing request, the server and the client call the preset model to process the ciphertext data according to the preset MPC protocol, and obtain the ciphertext processing result, where the preset model is compatible with the preset MPC protocol for In the case of data encryption, the ciphertext data is pre-processed.
  • the server may call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result.
  • the preset model can be compatible with the preset MPC protocol.
  • the preset model may be a trained deep learning model.
  • the deep learning model can be obtained by training using a large amount of plaintext data.
  • the floating-point data in the trained deep learning model is converted into integer data.
  • the preset MPC protocol can be used to implement various operations in the preset model when the input is ciphertext data, so as to realize preset processing of ciphertext data and obtain ciphertext processing on the server side. result.
  • step S404 the server sends the ciphertext processing result to the client.
  • Step S405 The client decrypts the ciphertext processing result to obtain the plaintext processing result of the target data.
  • the server may send the ciphertext processing result to the client.
  • the client can decrypt the ciphertext processing result according to the private key obtained by the homomorphic encryption algorithm to obtain the plaintext processing result of the target data.
  • the ciphertext data is obtained by homomorphic encryption of the target data, which is convenient for subsequent direct processing of the ciphertext data.
  • the server calls the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, which realizes the processing of the data when the input is ciphertext data, which can effectively protect the data privacy.
  • the target data may include but is not limited to at least one of the following: face image data, medical image data, and human body motion data.
  • the preset processing when the target data includes medical image data, the preset processing may include performing diagnosis processing on the medical image data.
  • the preset processing may include face recognition processing.
  • the preset processing includes motion recognition processing.
  • the server may further include: the server uploads the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain.
  • the server calls the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, which may include: according to the preset MPC protocol and the preset The convolution operator in the model performs a private convolution operation on the ciphertext data to obtain the ciphertext feature data; according to the preset MPC protocol and the activation operator in the preset model, it cooperates with the client to perform the ciphertext feature data Activate the operation to obtain the first activation data and the second activation data; according to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform the pooling operation on the first activation data and the second activation data, Obtain the first pooled data and the second pooled data; according to the preset MPC protocol and the fully connected operator in the preset model, cooperate with the client to perform the fully connected operation on the first pooled data and the second pooled data , Get the ciprtext data
  • the server calls
  • the client may further include: the client obtains the verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is Correct; the client sends the ciphertext processing result and verification result to the blockchain network for storage on the chain.
  • the client before/while/after the client sends a data processing request to the server, it may also include: the client sends resource data to the contract account of the blockchain network; correspondingly, the client sends After the ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage, it can also include: the blockchain network determines whether the verification result is correct; in the case where the verification result is determined to be correct, the blockchain network transfers the contract The resource data in the account is sent to the server's account.
  • Fig. 5 shows a sequence diagram of the data processing method in this specific embodiment. As shown in Figure 5, the data processing method may include the following steps:
  • Step 1 The client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain the ciphertext data corresponding to the target data;
  • Step 2 The client sends a data processing request to the server, where the data processing request carries ciphertext data;
  • Step 3 The client mortgages the fee to the contract account of the blockchain network
  • Step 4 The server invokes the convolution operator in the preset model to perform a private convolution operation on the ciphertext data according to the preset MPC protocol to obtain the ciphertext feature data;
  • Step 5 The server and the client call the activation operator in the preset model according to the preset MPC protocol to perform secure multi-party calculation of the ciphertext feature data, and obtain the first activation data on the server side and the second activation data on the client side. ;
  • Step 6 The server and the client call the pooling operator in the preset model according to the preset MPC protocol to perform secure multi-party calculations on the first activation data and the second activation data, and obtain the first pooled data on the server side, and The client gets the second pooled data;
  • Step 7 the server and the client call the full connection operator in the preset model according to the preset MPC protocol to perform the full connection operation on the first pooled data and the second pooled data, and obtain the ciphertext processing result on the server side;
  • Step 8 The server sends the ciphertext processing result to the client;
  • Step 9 The server sends the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain;
  • Step 10 The client uses the private key of the homomorphic encryption algorithm to decrypt the ciphertext processing result to obtain the plaintext processing result of the target data;
  • Step 11 The client obtains the verification result, where the verification result is used to indicate whether the plaintext processing result of the target data is correct;
  • Step 12 The client sends the plaintext processing result and the verification result to the blockchain network for storage on the chain;
  • Step 13 The blockchain network determines whether the verification result is correct
  • Step 14 When it is determined that the verification result is correct, the blockchain network transfers the fees in the contract account to the server's account;
  • Step 15 In the case where it is determined that the verification result is incorrect, the blockchain network transfers the fees in the contract account to the client's account.
  • the ciphertext data is obtained by homomorphic encryption of the target data, which is convenient for subsequent direct processing of the ciphertext data.
  • the server and the client call the convolution operator, activation operator, pooling operator and fully connected operator in the preset model according to the preset MPC protocol, and perform preset processing on the ciphertext data to obtain the ciphertext of the target data
  • the processing result realizes the processing of the data when the input is ciphertext data, which can effectively protect data privacy.
  • the server sends the data corresponding to this transaction event to the blockchain network for storage on the chain, so as to facilitate subsequent query, retrieval, verification, etc.
  • the server sends the ciphertext processing result to the client, and the client decrypts the ciphertext processing result to obtain the plaintext processing result of the target data.
  • the client obtains the verification result of the plaintext processing result, and sends the ciphertext processing result and the verification result to the blockchain network for on-chain storage, which can further protect the privacy of the processing result and facilitate subsequent queries and backtracking.
  • the blockchain network determines that the verification result is correct, the cost of the client's mortgage in the contract account is transferred to the server's account.
  • the blockchain network determines that the verification result is wrong, the cost of the client's mortgage to the contract account is returned to the client's account. In this way, the billing and clearing problem of the business can be effectively solved.
  • an embodiment of the present application also provides a data processing device, as described in the following embodiment. Since the problem-solving principle of the data processing device is similar to that of the data processing method, the implementation of the data processing device can refer to the implementation of the data processing method, and the repetition will not be repeated.
  • the term "unit” or "module” can be a combination of software and/or hardware that implements a predetermined function.
  • the devices described in the following embodiments are preferably implemented by software, implementation by hardware or a combination of software and hardware is also possible and conceived.
  • Fig. 6 is a structural block diagram of a data processing device according to an embodiment of the present application. As shown in Fig. 6, it includes: an encryption module 601, a sending module 602, a processing module 603, and an obtaining module 604. The structure is described below.
  • the encryption module 601 is used to obtain target data, and encrypt the target data using a homomorphic encryption algorithm to obtain ciphertext data.
  • the sending module 602 is configured to send a data processing request to the server, where the data processing request carries ciphertext data.
  • the processing module 603 is used to process the ciphertext data according to the preset MPC protocol and cooperate with the server to call the preset model to obtain the ciphertext processing result.
  • the preset model is compatible with the preset MPC protocol and is used in the case of data encryption. Perform preset processing on the ciphertext data below.
  • the obtaining module 604 is used to obtain the ciphertext processing result.
  • the data processing device may further include a decryption module, and the decryption module may be used to: after obtaining the ciphertext processing result, decrypt the ciphertext processing result to obtain the plaintext processing result.
  • the data processing device may further include an on-chain module, and the on-chain module may be used to: after decrypting the ciphertext processing result to obtain the plaintext processing result, obtain the verification result of the plaintext processing result, where, The verification result is used to indicate whether the plaintext processing result is correct; the ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage.
  • the on-chain module may be used to: after decrypting the ciphertext processing result to obtain the plaintext processing result, obtain the verification result of the plaintext processing result, where, The verification result is used to indicate whether the plaintext processing result is correct; the ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage.
  • the sending module can also be used to send resource data to the contract account of the blockchain network before/while/after sending the data processing request to the server; correspondingly, the on-chain module can be specific Used to: send the ciphertext processing result and the verification result to the blockchain network for on-chain storage, so that the blockchain network sends the resource data in the contract account to the account of the server when the verification result is determined to be correct in.
  • the target data includes at least one of the following: face image data, medical image data, and human body motion data.
  • the preset processing includes performing diagnostic processing on the medical image data.
  • an embodiment of the present application also provides a data processing device, as described in the following embodiment. Since the problem-solving principle of the data processing device is similar to that of the data processing method, the implementation of the data processing device can refer to the implementation of the data processing method, and the repetition will not be repeated.
  • the term "unit” or "module” can be a combination of software and/or hardware that implements a predetermined function.
  • the devices described in the following embodiments are preferably implemented by software, implementation by hardware or a combination of software and hardware is also possible and conceived.
  • Fig. 7 is a structural block diagram of a data processing device according to an embodiment of the present application. As shown in Fig. 7, it includes: a receiving module 701, a processing module 702, and a sending module 703. The structure is described below.
  • the receiving module 701 is configured to receive a data processing request sent by a client, where the data processing request carries ciphertext data, and the ciphertext data is generated by the client after encrypting target data using a homomorphic encryption algorithm.
  • the processing module 702 is configured to respond to the data processing request and call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, wherein the preset model is compatible with the preset MPC
  • the protocol is used to perform preset processing on ciphertext data in the case of data encryption.
  • the sending module 703 is used to send the ciphertext processing result to the client.
  • the data processing device further includes an on-chain module, where the on-chain module is specifically configured to: after obtaining the ciphertext processing result, upload transaction event data corresponding to the data processing request to the blockchain network for processing On-chain storage.
  • the processing module may be specifically configured to: perform a private convolution operation on the ciphertext data according to the preset MPC protocol and the convolution operator in the preset model to obtain the ciphertext feature data; Set the MPC protocol and the activation operator in the preset model to cooperate with the client to activate the ciphertext feature data to obtain the first activation data and the second activation data; according to the preset MPC protocol and the preset model
  • the pooling operator cooperates with the client to perform pooling operations on the first activation data and the second activation data to obtain the first pooled data and the second pooled data; according to the preset MPC protocol and the preset model
  • the connection operator cooperates with the client to perform a full connection operation on the first pooled data and the second pooled data to obtain the ciphertext processing data.
  • the embodiments of the present application achieve the following technical effects: by homomorphically encrypting the target data, the corresponding ciphertext data is obtained, and the specific content of the target data is prevented from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
  • the embodiment of the present application also provides a computer device.
  • the computer device may specifically include an input device 81 and a processor. 82.
  • Memory 83 is used to store processor executable instructions.
  • the processor 82 implements the steps of the data processing method described in any of the foregoing embodiments when executing the instructions.
  • the input device may specifically be one of the main devices for information exchange between the user and the computer system.
  • the input device may include a keyboard, a mouse, a camera, a scanner, a light pen, a handwriting input board, a voice input device, etc.; the input device is used to input raw data and programs for processing these numbers into the computer.
  • the input device can also obtain and receive data transmitted from other modules, units, and devices.
  • the processor can be implemented in any suitable way.
  • the processor may take the form of a microprocessor or a processor and a computer readable medium, logic gates, switches, application specific integrated circuits ( Application Specific Integrated Circuit, ASIC), programmable logic controller and embedded microcontroller form, etc.
  • the memory may specifically be a memory device used to store information in modern information technology.
  • the memory can include multiple levels. In a digital system, as long as it can store binary data, it can be a memory; in an integrated circuit, a circuit with a storage function without a physical form is also called a memory, such as RAM, FIFO, etc.; In the system, storage devices in physical form are also called memory, such as memory sticks, TF cards, and so on.
  • the embodiment of the present application also provides a computer storage medium based on a data processing method, the computer storage medium stores computer program instructions, and when the computer program instructions are executed, the data processing method described in any of the above embodiments is implemented A step of.
  • the above-mentioned storage medium includes, but is not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read-Only Memory, ROM), cache (Cache), and hard disk (Hard Disk Drive, HDD). Or memory card (Memory Card).
  • the memory can be used to store computer program instructions.
  • the network communication unit may be an interface set up in accordance with a standard stipulated by the communication protocol and used for network connection communication.
  • modules or steps of the embodiments of the present application described above can be implemented by a general computing device, and they can be concentrated on a single computing device or distributed among multiple computing devices.
  • they can be implemented by the program code executable by the computing device, so that they can be stored in the storage device for execution by the computing device, and in some cases, they can be different from here
  • the steps shown or described are performed in the order of, or they are respectively fabricated into individual integrated circuit modules, or multiple modules or steps of them are fabricated into a single integrated circuit module to achieve. In this way, the embodiments of the present application are not limited to any specific combination of hardware and software.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Biophysics (AREA)
  • Biomedical Technology (AREA)
  • Molecular Biology (AREA)
  • Evolutionary Computation (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

A data processing method and apparatus, a computer device, and a storage medium. The method comprises: acquiring target data, and encrypting the target data using a homomorphic encryption algorithm to obtain ciphertext data (S201); sending a data processing request to a server, wherein the data processing request carries the ciphertext data (S202); invoking a preset model according to a preset MPC protocol in cooperation with the server so as to process the ciphertext data to obtain a ciphertext processing result (S203), wherein the preset model is compatible with the preset MPC protocol and is used for performing preset processing on the ciphertext data when the data is encrypted; and acquiring the ciphertext processing result (S204). By means of the method, when an input is ciphertext data, the data can be processed, thereby being able to effectively protect data privacy.

Description

数据处理方法、装置、计算机设备和存储介质Data processing method, device, computer equipment and storage medium
本申请要求2019年10月11日递交的申请号为201910962649.4、发明名称为“数据处理方法、装置、计算机设备和存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed on October 11, 2019 with the application number 201910962649.4 and the title of the invention "data processing method, device, computer equipment and storage medium", the entire content of which is incorporated into this application by reference .
技术领域Technical field
本申请涉及人工智能技术领域,特别涉及一种数据处理方法、装置、计算机设备和存储介质。This application relates to the field of artificial intelligence technology, and in particular to a data processing method, device, computer equipment, and storage medium.
背景技术Background technique
在一些应用场景下,服务器可以根据训练好的深度学习模型对客户端发送的目标数据进行处理,以得到处理结果。例如,服务器可以根据训练好的诊断模型对客户端发送的医疗影像数据进行诊断处理,从而得到诊断结果。其中,上述医疗影像数据往往可能会涉及到用户隐私,上述方法在进行具体数据处理的过程中容易出现用户隐私数据的泄露。In some application scenarios, the server can process the target data sent by the client according to the trained deep learning model to obtain the processing result. For example, the server can perform diagnosis processing on the medical image data sent by the client according to the trained diagnosis model, so as to obtain the diagnosis result. Among them, the aforementioned medical image data may often involve user privacy, and the aforementioned methods are prone to leakage of user privacy data during specific data processing.
因此,亟需一种能够在保护用户数据隐私的情况下对数据进行处理的方法。Therefore, there is an urgent need for a method that can process data while protecting user data privacy.
发明内容Summary of the invention
本申请实施例提供了一种数据处理方法、装置、计算机设备和存储介质,以提供一种能够保护用户隐私的数据处理方法。The embodiments of the present application provide a data processing method, device, computer equipment, and storage medium to provide a data processing method that can protect user privacy.
本申请实施例提供了一种数据处理方法,包括:获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据;向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据;根据预设的MPC协议,配合服务器调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理;获取密文处理结果。The embodiment of the application provides a data processing method, including: obtaining target data, encrypting the target data using a homomorphic encryption algorithm to obtain ciphertext data; sending a data processing request to a server, wherein the data processing request carries Ciphertext data: According to the preset MPC protocol, cooperate with the server to call the preset model to process the ciphertext data to obtain the ciphertext processing result. The preset model is compatible with the preset MPC protocol and is used in the case of data encryption Perform preset processing on ciphertext data; obtain ciphertext processing results.
在一个实施例中,在获取密文处理结果之后,还包括:对密文处理结果进行解密,得到明文处理结果。In one embodiment, after obtaining the ciphertext processing result, the method further includes: decrypting the ciphertext processing result to obtain the plaintext processing result.
在一个实施例中,在对密文处理结果进行解密,得到明文处理结果之后,还包括:获取明文处理结果的验证结果,其中,验证结果用于表明明文处理结果是否正确;将密文处理结果和验证结果发送至区块链网络进行上链存储。In one embodiment, after decrypting the ciphertext processing result to obtain the plaintext processing result, the method further includes: obtaining a verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is correct; and the ciphertext processing result And the verification result is sent to the blockchain network for on-chain storage.
在一个实施例中,在向服务器发送数据处理请求之前/同时/之后,还包括:将资源数据发送至区块链网络的合约账户中;相应的,将密文处理结果和验证结果发送至区块链网络进行上链存储,包括:将密文处理结果和验证结果发送至区块链网络进行上链存储,以使得区块链网络在确定验证结果为正确的情况下,将合约账户中的资源数据发送至服务器的账户中。In one embodiment, before/while/after sending the data processing request to the server, it further includes: sending the resource data to the contract account of the blockchain network; correspondingly, sending the ciphertext processing result and the verification result to the district The blockchain network performs on-chain storage, including: sending the ciphertext processing result and the verification result to the blockchain network for on-chain storage, so that the blockchain network can store the data in the contract account when the verification result is correct. The resource data is sent to the server's account.
在一个实施例中,目标数据包括以下至少之一:人脸图像数据、医疗影像数据和人体动作数据。In an embodiment, the target data includes at least one of the following: face image data, medical image data, and human body motion data.
在一个实施例中,在目标数据包括医疗影像数据时,预设处理包括对医疗影像数据进行诊断处理。In one embodiment, when the target data includes medical image data, the preset processing includes performing diagnostic processing on the medical image data.
本申请实施例提供了一种数据处理方法,包括:接收客户端发送的数据处理请求,其中,数据处理请求中携带有密文数据,密文数据由客户端利用同态加密算法对目标数据进行加密后生成;响应于数据处理请求,根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理;将密文处理结果发送至客户端。The embodiment of the application provides a data processing method, including: receiving a data processing request sent by a client, wherein the data processing request carries ciphertext data, and the ciphertext data is processed by the client using a homomorphic encryption algorithm on the target data. Generated after encryption; in response to the data processing request, call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, where the preset model is compatible with the preset MPC protocol , Used to perform preset processing on ciphertext data in the case of data encryption; send the ciphertext processing result to the client.
在一个实施例中,在得到密文处理结果之后,还包括:将数据处理请求对应的交易事件数据上传至区块链网络进行上链存储。In one embodiment, after obtaining the ciphertext processing result, the method further includes: uploading the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain.
在一个实施例中,根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,包括:根据预设的MPC协议和预设模型中的卷积算子,对密文数据执行隐私卷积操作,得到密文特征数据;根据预设的MPC协议和预设模型中的激活算子,与客户端配合对密文特征数据进行激活操作,得到第一激活数据和第二激活数据;根据预设的MPC协议和预设模型中的池化算子,与客户端配合对第一激活数据和第二激活数据进行池化操作,得到第一池化数据和第二池化数据;根据预设的MPC协议和预设模型中的全连接算子,与客户端配合对第一池化数据和第二池化数据进行全连接操作,得到密文处理数据。In one embodiment, the preset model is called according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, including: according to the preset MPC protocol and the volume in the preset model The product operator performs a privacy convolution operation on the ciphertext data to obtain the ciphertext feature data; according to the preset MPC protocol and the activation operator in the preset model, it cooperates with the client to activate the ciphertext feature data to obtain The first activation data and the second activation data; according to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform the pooling operation on the first activation data and the second activation data to obtain the first pool Data and the second pooled data; According to the preset MPC protocol and the full connection operator in the preset model, cooperate with the client to perform the full connection operation on the first pooled data and the second pooled data to obtain the ciphertext Data processing.
本申请实施例还提供了一种数据处理方法,包括:客户端获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据;客户端向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据;响应于数据处理请求,服务器与客户端根据预设的MPC协议调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理;服务器将密文处理结果发送至客户端;客户端对密文处理结果进行解密,得到明文处理结果。The embodiment of the present application also provides a data processing method, including: a client obtains target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data; the client sends a data processing request to the server, where the data The processing request carries the ciphertext data; in response to the data processing request, the server and the client call the preset model according to the preset MPC protocol to process the ciphertext data, and obtain the ciphertext processing result, where the preset model is compatible with the preset The MPC protocol is used to perform preset processing on ciphertext data in the case of data encryption; the server sends the ciphertext processing result to the client; the client decrypts the ciphertext processing result to obtain the plaintext processing result.
本申请实施例还提供了一种数据处理装置,包括:加密模块,用于获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据;发送模块,用于向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据;处理模块,用于根据预设的MPC协议,配合服务器调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理;获取模块,用于获取密文处理结果。The embodiment of the present application also provides a data processing device, including: an encryption module for obtaining target data, and using a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data; a sending module for sending data to a server Processing request, where the data processing request carries ciphertext data; the processing module is used to process the ciphertext data according to the preset MPC protocol and cooperate with the server to call the preset model to obtain the ciphertext processing result, where the preset The model is compatible with the preset MPC protocol and is used to perform preset processing on the ciphertext data in the case of data encryption; the acquisition module is used to obtain the ciphertext processing result.
本申请实施例还提供一种计算机设备,包括处理器以及用于存储处理器可执行指令的存储器,所述处理器执行所述指令时实现上述任意实施例中所述的数据处理方法的步骤。An embodiment of the present application further provides a computer device including a processor and a memory for storing executable instructions of the processor, and the processor implements the steps of the data processing method described in any of the foregoing embodiments when the processor executes the instructions.
本申请实施例还提供一种计算机可读存储介质,其上存储有计算机指令,所述指令被执行时实现上述任意实施例中所述的数据处理方法的步骤。The embodiments of the present application also provide a computer-readable storage medium on which computer instructions are stored, and when the instructions are executed, the steps of the data processing method described in any of the foregoing embodiments are implemented.
在本申请实施例中,提供了一种数据处理方法,客户端利用同态加密算法对获得的目标数据进行加密,得到密文数据,向服务器发送携带有密文数据的数据处理请求,根据预设的MPC协议,配合服务器调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理,获取密文处理结果。上述方案中,通过对目标数据进行同态加密,得到对应的密文数据,避免目标数据的具体内容遭到泄漏。进一步,客户端再根据预设的MPC协议,配合服务器调用能够兼容预设的MPC协议的预设模型对密文数据进行具体的预设处理,得到目标数据的密文处理结果。实现了能在目标数据加密的状态下,对目标数据进行具体处理,从而有效地保护了数据隐私。In the embodiment of this application, a data processing method is provided. The client encrypts the obtained target data using a homomorphic encryption algorithm to obtain ciphertext data, and sends a data processing request carrying the ciphertext data to the server. Set the MPC protocol, cooperate with the server to call the preset model to process the ciphertext data, and obtain the ciphertext processing result. The preset model is compatible with the preset MPC protocol, and is used to pre-encrypt the ciphertext data in the case of data encryption. Set up processing to obtain the ciphertext processing result. In the above solution, the target data is homomorphically encrypted to obtain the corresponding ciphertext data, so as to prevent the specific content of the target data from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
附图说明Description of the drawings
此处所说明的附图用来提供对本申请的进一步理解,构成本申请的一部分,并不构成对本申请的限定。在附图中:The drawings described here are used to provide a further understanding of the application, constitute a part of the application, and do not constitute a limitation to the application. In the attached picture:
图1示出了本申请一些实施例中的数据处理方法的应用场景示意图;Figure 1 shows a schematic diagram of an application scenario of a data processing method in some embodiments of the present application;
图2示出了本申请一些实施例中的数据处理方法的流程图;Figure 2 shows a flowchart of a data processing method in some embodiments of the present application;
图3示出了本申请一些实施例中的数据处理方法的流程图;Figure 3 shows a flowchart of a data processing method in some embodiments of the present application;
图4示出了本申请一些实施例中的数据处理方法的流程图;Figure 4 shows a flowchart of a data processing method in some embodiments of the present application;
图5示出了本申请一些实施例中的数据处理方法的顺序图;Figure 5 shows a sequence diagram of a data processing method in some embodiments of the present application;
图6示出了本申请一些实施例中的数据处理装置的示意图;Fig. 6 shows a schematic diagram of a data processing device in some embodiments of the present application;
图7示出了本申请一些实施例中的数据处理装置的示意图;Fig. 7 shows a schematic diagram of a data processing device in some embodiments of the present application;
图8示出了本申请一些实施例中的计算机设备的示意图。Fig. 8 shows a schematic diagram of a computer device in some embodiments of the present application.
具体实施方式Detailed ways
下面将参考若干示例性实施方式来描述本申请的原理和精神。应当理解,给出这些实施方式仅仅是为了使本领域技术人员能够更好地理解进而实现本申请,而并非以任何方式限制本申请的范围。相反,提供这些实施方式是为了使本申请公开更加透彻和完整,并且能够将本公开的范围完整地传达给本领域的技术人员。The principle and spirit of the present application will be described below with reference to several exemplary embodiments. It should be understood that these embodiments are only provided to enable those skilled in the art to better understand and then implement the application, but not to limit the scope of the application in any way. On the contrary, these embodiments are provided to make the disclosure of the present application more thorough and complete, and to fully convey the scope of the present disclosure to those skilled in the art.
本领域的技术人员知道,本申请的实施方式可以实现为一种系统、装置设备、方法或计算机程序产品。因此,本申请公开可以具体实现为以下形式,即:完全的硬件、完全的软件(包括固件、驻留软件、微代码等),或者硬件和软件结合的形式。Those skilled in the art know that the implementation manners of this application can be implemented as a system, apparatus, method, or computer program product. Therefore, the disclosure of the present application can be specifically implemented in the following forms, namely: complete hardware, complete software (including firmware, resident software, microcode, etc.), or a combination of hardware and software.
本申请一些实施例提供了一种数据处理方法,图1示出了本申请一实施例中的数据处理方法的应用场景示意图。如图1所示,客户端可以获取目标数据。其中,目标数据可以是待处理的数据。例如,目标数据可以包括但不限于以下至少之一:人脸图像数据、医疗影像数据、人体动作数据等。客户端可以利用同态加密算法对获得的目标数据进行加密,得到密文数据。其中,对经 过同态加密算法加密的数据进行处理得到一个输出,将这一输出进行解密,其结果与用同一方法处理未加密的原始数据得到的输出结果是一样的。Some embodiments of the present application provide a data processing method, and FIG. 1 shows a schematic diagram of an application scenario of the data processing method in an embodiment of the present application. As shown in Figure 1, the client can obtain target data. Among them, the target data may be data to be processed. For example, the target data may include but is not limited to at least one of the following: face image data, medical image data, human body motion data, and so on. The client can use the homomorphic encryption algorithm to encrypt the obtained target data to obtain ciphertext data. Among them, the data encrypted by the homomorphic encryption algorithm is processed to obtain an output, and the output is decrypted. The result is the same as the output result obtained by processing the unencrypted original data in the same method.
客户端可以向服务器发送数据处理请求。其中,数据处理请求中可以携带有目标数据对应的密文数据。服务器可以响应于数据处理请求,根据预设的MPC(Secure Multi-Party Computation,安全多方计算)协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果。其中,预设模型在服务器端。预设模型可以兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理。换句话说,预设的MPC协议可以用于在输入为密文数据的情况下实现预设模型中的操作,从而完成对密文数据的预设处理。其中,预设模型可以包括训练好的预设深度学习模型。例如,预设模型可以为训练好的卷积神经网络模型。在目标数据为医疗影像数据的情况下,预设处理可以包括在对医疗影像数据进行同态加密后得到的密文数据进行诊断处理。在目标数据为人脸图像数据的情况下,预设处理可以包括在对人脸图像数据进行同态加密后得到的密文数据进行人脸识别处理。在目标数据为人体动作数据的情况下,预设处理可以包括在对人体动作数据进行同态加密后得到的密文数据进行动作识别处理。The client can send a data processing request to the server. Among them, the data processing request may carry ciphertext data corresponding to the target data. In response to the data processing request, the server may call a preset model according to a preset MPC (Secure Multi-Party Computation) protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result. Among them, the preset model is on the server side. The preset model can be compatible with the preset MPC protocol, and is used for preset processing of ciphertext data in the case of data encryption. In other words, the preset MPC protocol can be used to implement the operations in the preset model when the input is ciphertext data, so as to complete the preset processing of the ciphertext data. Among them, the preset model may include a trained preset deep learning model. For example, the preset model may be a trained convolutional neural network model. In the case where the target data is medical image data, the preset processing may include performing diagnosis processing on the ciphertext data obtained after homomorphic encryption of the medical image data. In the case where the target data is face image data, the preset processing may include performing face recognition processing on the ciphertext data obtained after homomorphic encryption of the face image data. In the case where the target data is human body motion data, the preset processing may include performing motion recognition processing on the ciphertext data obtained after homomorphic encryption of the human body motion data.
在得到密文处理结果之后,服务器可以将密文处理结果发送至客户端。客户端中存储有同态加密的公钥和私钥。其中,公钥用于对目标数据进行同态加密,得到密文数据。私钥用于对接收到的密文处理结果进行解密,得到明文处理结果。After obtaining the ciphertext processing result, the server may send the ciphertext processing result to the client. The public key and private key of homomorphic encryption are stored in the client. Among them, the public key is used to homomorphically encrypt the target data to obtain ciphertext data. The private key is used to decrypt the received ciphertext processing result to obtain the plaintext processing result.
在得到密文处理结果之后,服务器可以将与所述数据处理请求对应的交易事件数据发送至区块链网络进行上链存储,以便于后续进行追溯和查询。在客户端获得密文处理结果之后,客户端可以将得到的密文处理结果发送至区块链网络进行上链存储。After obtaining the ciphertext processing result, the server may send the transaction event data corresponding to the data processing request to the blockchain network for on-chain storage, so as to facilitate subsequent traceability and query. After the client obtains the ciphertext processing result, the client can send the obtained ciphertext processing result to the blockchain network for storage on the chain.
下面举一个具体的应用场景为例进行说明。客户端可以为医疗机构的客户端。客户端可以获取患者的医疗影像数据(例如,X光片数据)。客户端可以利用同态加密算法对X光片数据进行加密,得到密文X光片数据。客户端向医疗光片诊断服务器发送诊断请求。其中,诊断请求中携带有密文X光片数据。服务器可以为医疗光片诊断服务器。医疗光片诊断服务器根据预设的MPC协议调用预设深度学习模型与客户端配合对密文X光片数据进行预设处理,从而得到密文诊断结果。医疗光片诊断服务器将密文诊断结果发送至客户端。客户端对密文诊断结果进行解密,得到X光片数据的明文诊断结果。Take a specific application scenario as an example for description. The client may be a client of a medical institution. The client can obtain the patient's medical image data (for example, X-ray film data). The client can use the homomorphic encryption algorithm to encrypt the X-ray film data to obtain the ciphertext X-ray film data. The client sends a diagnosis request to the medical optical film diagnosis server. Among them, the diagnosis request carries ciphertext X-ray film data. The server may be a medical optical film diagnosis server. The medical light film diagnosis server calls the preset deep learning model according to the preset MPC protocol to cooperate with the client to perform preset processing on the ciphertext X-ray film data, thereby obtaining the ciphertext diagnosis result. The medical optical film diagnosis server sends the ciphertext diagnosis result to the client. The client decrypts the ciphertext diagnosis result, and obtains the plaintext diagnosis result of the X-ray film data.
其中,上述客户端可以是台式电脑、笔记本、手机终端、PDA等,只要是可以对目标数据进行同态加密以及配合服务器对密文数据进行预设处理的设备都可以,对于客户端的呈现形成,本申请不作限定。上述服务器为可以是单一的服务器,也可以是服务器集群,或者是云服务器等都可以,只要可以根据预设的MPC协议和预设模型与客户端配合对密文数据进行预设处理的设备都可以,具体的组成形成本申请也不作限定。Among them, the above-mentioned client can be a desktop computer, a notebook, a mobile phone terminal, a PDA, etc., as long as it is a device that can homomorphically encrypt the target data and cooperate with the server to perform preset processing on the ciphertext data. This application is not limited. The above-mentioned server can be a single server, a server cluster, or a cloud server, etc., as long as the equipment that can preset the ciphertext data according to the preset MPC protocol and preset model cooperates with the client Yes, the specific composition is not limited in this application.
图2示出了本申请一些实施例中方法的流程图,该数据处理方法可以应用于客户端。虽然本申请提供了如下述实施例或附图所示的方法操作步骤或装置结构,但基于常规或者无需创造性的 劳动在所述方法或装置中可以包括更多或者更少的操作步骤或模块单元。在逻辑性上不存在必要因果关系的步骤或结构中,这些步骤的执行顺序或装置的模块结构不限于本申请实施例描述及附图所示的执行顺序或模块结构。所述的方法或模块结构的在实际中的装置或终端产品应用时,可以按照实施例或者附图所示的方法或模块结构连接进行顺序执行或者并行执行(例如并行处理器或者多线程处理的环境,甚至分布式处理环境)。Figure 2 shows a flowchart of a method in some embodiments of the present application, and the data processing method can be applied to the client. Although this application provides method operation steps or device structures as shown in the following embodiments or drawings, the method or device may include more or less operation steps or module units based on conventional or no creative labor. . In steps or structures where there is no necessary causal relationship logically, the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the description of the embodiments of this application and the drawings. When the described method or module structure is applied to an actual device or terminal product, it can be executed sequentially or in parallel according to the method or module structure connection shown in the embodiments or drawings (for example, parallel processors or multi-threaded processing Environment, even distributed processing environment).
具体地,如图2所示,本申请一些实施例提供的数据处理方法可以包括以下步骤:Specifically, as shown in FIG. 2, the data processing method provided by some embodiments of the present application may include the following steps:
步骤S201,获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据。Step S201: Obtain target data, and encrypt the target data using a homomorphic encryption algorithm to obtain ciphertext data.
客户端可以获取目标数据。其中,目标数据是待处理的数据。客户端利用同态加密算法对目标数据进行加密,得到密文数据。具体地,客户端可以利用同态加密算法生成公钥和私钥,然后利用公钥对目标数据进行加密,得到密文数据。The client can obtain the target data. Among them, the target data is the data to be processed. The client uses a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data. Specifically, the client can use a homomorphic encryption algorithm to generate a public key and a private key, and then use the public key to encrypt the target data to obtain ciphertext data.
步骤S202,向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据。Step S202: Send a data processing request to the server, where the data processing request carries ciphertext data.
客户端可以向服务器发送数据处理请求。其中,数据处理请求中携带有密文数据。在其他实施例中,数据处理请求中还可以携带有同态加密算法生成的公钥。The client can send a data processing request to the server. Among them, the data processing request carries ciphertext data. In other embodiments, the data processing request may also carry the public key generated by the homomorphic encryption algorithm.
步骤S203,根据预设的MPC协议,配合服务器调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理。Step S203: According to the preset MPC protocol, cooperate with the server to call the preset model to process the ciphertext data, and obtain the ciphertext processing result. The preset model is compatible with the preset MPC protocol and is used for data encryption. The ciphertext data is pre-processed.
步骤S204,获取密文处理结果。Step S204: Obtain the ciphertext processing result.
具体地,客户端可以根据预设的MPC协议,配合服务器调用预设模型对密文数据进行处理,得到密文处理结果。其中,预设模型可以兼容预设的MPC协议。预设模型可以是训练好的深度学习模型。其中,该深度学习模型可以是利用大量明文数据训练得到的。为了与预设的MPC协议兼容,将训练好的深度学习模型中的浮点型数据转化为整型数据。换句话说,预设的MPC协议可以用于在输入为密文数据的情况下实现预设模型中的各种操作,从而实现对密文数据的预设处理。在服务器得到密文处理结果。服务器将密文处理结果发送至客户端。Specifically, the client can process the ciphertext data according to the preset MPC protocol and cooperate with the server to call the preset model to obtain the ciphertext processing result. Among them, the preset model can be compatible with the preset MPC protocol. The preset model may be a trained deep learning model. Among them, the deep learning model can be obtained by training using a large amount of plaintext data. In order to be compatible with the preset MPC protocol, the floating-point data in the trained deep learning model is converted into integer data. In other words, the preset MPC protocol can be used to implement various operations in the preset model when the input is ciphertext data, so as to realize the preset processing of ciphertext data. Get the ciphertext processing result on the server. The server sends the ciphertext processing result to the client.
上述方案中,通过对目标数据进行同态加密,得到对应的密文数据,避免目标数据的具体内容遭到泄漏。进一步,客户端再根据预设的MPC协议,配合服务器调用能够兼容预设的MPC协议的预设模型对密文数据进行具体的预设处理,得到目标数据的密文处理结果。实现了能在目标数据加密的状态下,对目标数据进行具体处理,从而有效地保护了数据隐私。In the above solution, the target data is homomorphically encrypted to obtain the corresponding ciphertext data, so as to prevent the specific content of the target data from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
在本申请一些实施例中,目标数据可以包括但不限于以下至少之一:人脸图像数据、医疗影像数据和人体动作数据。在本申请一些实施例中,在目标数据包括医疗影像数据时,预设处理可以包括对医疗影像数据进行诊断处理。在目标数据包括人脸图像数据时,预设处理可以包括人脸识别处理。在目标数据包括人体动作数据时,预设处理包括动作识别处理。In some embodiments of the present application, the target data may include but is not limited to at least one of the following: face image data, medical image data, and human body motion data. In some embodiments of the present application, when the target data includes medical image data, the preset processing may include performing diagnosis processing on the medical image data. When the target data includes face image data, the preset processing may include face recognition processing. When the target data includes human body motion data, the preset processing includes motion recognition processing.
在本申请一些实施例中,在客户端获得密文处理结果之后,客户端可以根据同态加密算法生成的私钥对密文处理结果进行解密,得到明文处理结果。通过上述方式,可以在客户端揭示目标 数据的明文处理结果。In some embodiments of the present application, after the client obtains the ciphertext processing result, the client may decrypt the ciphertext processing result according to the private key generated by the homomorphic encryption algorithm to obtain the plaintext processing result. Through the above method, the plaintext processing result of the target data can be revealed on the client.
在本申请一些实施例中,在对密文处理结果进行解密,得到明文处理结果之后,还可以包括:获取明文处理结果的验证结果,其中,验证结果用于表明明文处理结果是否正确;将密文处理结果和验证结果发送至区块链网络进行上链存储。In some embodiments of the present application, after decrypting the ciphertext processing result to obtain the plaintext processing result, it may further include: obtaining a verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is correct; The document processing results and verification results are sent to the blockchain network for on-chain storage.
具体地,客户端在对密文处理结果进行解密得到明文处理结果之后,客户端获取明文处理结果的验证结果。其中,验证结果可以是业务人员对明文处理结果进行验证后得到的。验证结果也可以是由客户端中的应用程序根据目标数据和明文处理结果后推理得到的。验证结果用于表明明文处理结果是否正确。客户端将验证结果和密文处理结果发送至区块链网络进行上链存储,便于后续查询、追溯、计费、求证等。Specifically, after the client decrypts the ciphertext processing result to obtain the plaintext processing result, the client obtains the verification result of the plaintext processing result. Among them, the verification result may be obtained after the business personnel verify the plaintext processing result. The verification result can also be inferred by the application in the client based on the target data and the plaintext processing result. The verification result is used to indicate whether the plaintext processing result is correct. The client sends the verification result and the ciphertext processing result to the blockchain network for on-chain storage, which is convenient for subsequent query, traceability, billing, verification, etc.
在本申请一些实施例中,在向服务器发送数据处理请求之前/同时/之后,还可以包括:将资源数据发送至区块链网络的合约账户中;相应的,将密文处理结果和验证结果发送至区块链网络进行上链存储,可以包括:将密文处理结果和验证结果发送至区块链网络进行上链存储,以使得区块链网络在确定验证结果为正确的情况下,将合约账户中的资源数据发送至服务器的账户中。In some embodiments of the present application, before/while/after sending the data processing request to the server, it may also include: sending the resource data to the contract account of the blockchain network; correspondingly, sending the ciphertext processing result and the verification result Sending to the blockchain network for on-chain storage may include: sending the ciphertext processing result and verification result to the blockchain network for on-chain storage, so that the blockchain network will confirm that the verification result is correct. The resource data in the contract account is sent to the server's account.
具体地,在客户端向服务器发送数据处理请求之前/同时/之后,客户端可以将数据处理的资源数据发送至区块链网络的合约账户中。其中,资源数据可以是数据处理所需要支付的费用,例如,货币或者比特币等。在客户端将密文处理结果和验证结果发送至区块链网络进行上链存储之后,区块链网络确定验证结果是否为正确。在确定验证结果为正确的情况下,区块链网络将合约账户中的资源数据发送至服务器的账户中。通过上述方式,可以解决业务的计费清算的问题。Specifically, before/while/after the client sends a data processing request to the server, the client can send the resource data of the data processing to the contract account of the blockchain network. Among them, the resource data may be fees that need to be paid for data processing, such as currency or Bitcoin. After the client sends the ciphertext processing result and the verification result to the blockchain network for on-chain storage, the blockchain network determines whether the verification result is correct. When it is determined that the verification result is correct, the blockchain network sends the resource data in the contract account to the server's account. Through the above method, the problem of service billing and settlement can be solved.
本申请一些实施例还提供了一种数据处理方法,该数据处理方法可以应用于服务器端。图3示出了本申请实施例提供的数据处理方法的流程图。Some embodiments of the present application also provide a data processing method, which can be applied to the server side. Fig. 3 shows a flowchart of a data processing method provided by an embodiment of the present application.
如图3所示,上述数据处理方法可以包括以下步骤:As shown in Figure 3, the foregoing data processing method may include the following steps:
步骤S301,接收客户端发送的数据处理请求,其中,数据处理请求中携带有密文数据,密文数据由客户端利用同态加密算法对目标数据进行加密后生成。Step S301: Receive a data processing request sent by the client, where the data processing request carries ciphertext data, and the ciphertext data is generated by the client after encrypting the target data using a homomorphic encryption algorithm.
具体地,客户端获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据。客户端向服务器发送数据处理请求。其中,目标数据是待处理的数据。客户端利用同态加密算法对目标数据进行加密,得到密文数据。具体地,客户端可以利用同态加密算法生成公钥和私钥,然后利用公钥对目标数据进行加密,得到密文数据。其中,数据处理请求中携带有目标数据对应的密文数据。在其他实施例中,数据处理请求中还可以携带有同态加密算法生成的公钥。服务器接收客户端发送的数据处理请求。Specifically, the client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data. The client sends a data processing request to the server. Among them, the target data is the data to be processed. The client uses a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data. Specifically, the client can use a homomorphic encryption algorithm to generate a public key and a private key, and then use the public key to encrypt the target data to obtain ciphertext data. Wherein, the data processing request carries ciphertext data corresponding to the target data. In other embodiments, the data processing request may also carry the public key generated by the homomorphic encryption algorithm. The server receives the data processing request sent by the client.
步骤S302,响应于数据处理请求,根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理。Step S302: In response to the data processing request, call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, where the preset model is compatible with the preset MPC protocol, Used to perform preset processing on ciphertext data in the case of data encryption.
步骤S303,将密文处理结果发送至客户端。Step S303: Send the ciphertext processing result to the client.
具体地,服务器响应于接收到的数据处理请求,可以根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果。其中,预设模型可以兼容预设的MPC协议。预设模型可以是训练好的深度学习模型。其中,该深度学习模型可以是利用大量明文数据训练得到的。为了与预设的MPC协议兼容,将训练好的深度学习模型中的浮点型数据转化为整型数据。换句话说,预设的MPC协议可以用于在输入为密文数据的情况下实现预设模型中的各种操作,从而实现对密文数据的预设处理,并在服务器端得到密文处理结果。Specifically, in response to the received data processing request, the server may call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result. Among them, the preset model can be compatible with the preset MPC protocol. The preset model may be a trained deep learning model. Among them, the deep learning model can be obtained by training using a large amount of plaintext data. In order to be compatible with the preset MPC protocol, the floating-point data in the trained deep learning model is converted into integer data. In other words, the preset MPC protocol can be used to implement various operations in the preset model when the input is ciphertext data, so as to realize preset processing of ciphertext data and obtain ciphertext processing on the server side. result.
在服务器与客户端配合得到密文处理结果之后,服务器可以将密文处理结果发送至客户端。在一些实施例中,客户端可以根据同态加密算法得到的私钥对密文处理结果进行解密,得到目标数据的明文处理结果。After the server and the client cooperate to obtain the ciphertext processing result, the server may send the ciphertext processing result to the client. In some embodiments, the client can decrypt the ciphertext processing result according to the private key obtained by the homomorphic encryption algorithm to obtain the plaintext processing result of the target data.
上述方案中,通过对目标数据进行同态加密,得到对应的密文数据,避免目标数据的具体内容遭到泄漏。进一步,客户端再根据预设的MPC协议,配合服务器调用能够兼容预设的MPC协议的预设模型对密文数据进行具体的预设处理,得到目标数据的密文处理结果。实现了能在目标数据加密的状态下,对目标数据进行具体处理,从而有效地保护了数据隐私。In the above solution, the target data is homomorphically encrypted to obtain the corresponding ciphertext data, so as to prevent the specific content of the target data from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
在本申请一些实施例中,目标数据可以包括但不限于以下至少之一:人脸图像数据、医疗影像数据和人体动作数据。在本申请一些实施例中,在目标数据包括医疗影像数据时,预设处理可以包括对医疗影像数据进行诊断处理。在目标数据包括人脸图像数据时,预设处理可以包括人脸识别处理。在目标数据包括人体动作数据时,预设处理包括动作识别处理。In some embodiments of the present application, the target data may include but is not limited to at least one of the following: face image data, medical image data, and human body motion data. In some embodiments of the present application, when the target data includes medical image data, the preset processing may include performing diagnosis processing on the medical image data. When the target data includes face image data, the preset processing may include face recognition processing. When the target data includes human body motion data, the preset processing includes motion recognition processing.
在本申请一些实施例中,在得到密文处理结果之后,还可以包括:将数据处理请求对应的交易事件数据上传至区块链网络进行上链存储。In some embodiments of the present application, after obtaining the ciphertext processing result, it may further include: uploading the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain.
具体地,在服务器与客户端配合完成对密文数据的处理之后,可以将数据处理请求对应的交易事件数据上传至区块链网络进行上链存储。其中,交易事件数据可以包括服务器响应于数据处理请求所执行的计算相关的数据。通过上述方式,将交易事件数据上传至区块链网络进行上链存储,便于后续查询回溯。Specifically, after the server and the client cooperate to complete the processing of the ciphertext data, the transaction event data corresponding to the data processing request can be uploaded to the blockchain network for on-chain storage. The transaction event data may include data related to calculations performed by the server in response to the data processing request. Through the above method, the transaction event data is uploaded to the blockchain network for on-chain storage, which is convenient for subsequent query and backtracking.
在本申请一些实施例中,根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,可以包括:根据预设的MPC协议和预设模型中的卷积算子,对密文数据执行隐私卷积操作,得到密文特征数据;根据预设的MPC协议和预设模型中的激活算子,与客户端配合对密文特征数据进行激活操作,得到第一激活数据和第二激活数据;根据预设的MPC协议和预设模型中的池化算子,与客户端配合对第一激活数据和第二激活数据进行池化操作,得到第一池化数据和第二池化数据;根据预设的MPC协议和预设模型中的全连接算子,与客户端配合对第一池化数据和第二池化数据进行全连接操作,得到密文处理数据。In some embodiments of the present application, calling the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result may include: according to the preset MPC protocol and the preset model The convolution operator in the ciphertext data performs a private convolution operation to obtain the ciphertext feature data; according to the preset MPC protocol and the activation operator in the preset model, the ciphertext feature data is activated in cooperation with the client Operate to obtain the first activation data and the second activation data; according to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform the pooling operation on the first activation data and the second activation data to obtain The first pooled data and the second pooled data; according to the preset MPC protocol and the fully connected operator in the preset model, cooperate with the client to perform the fully connected operation on the first pooled data and the second pooled data, Obtain ciphertext processing data.
其中,预设模型可以为训练好的卷积神经网络模型。卷积神经网络模型一般可以包括:卷积层、激励层、池化层和全连接层。其中,每一层的数目可以为一个或多个。其中,卷积层可以包括卷积算子,用于提取数据的特征。激励层可以包括激活算子,用于加入非线性因素,以模拟更 细微的变化。池化层可以包括池化算子,用于对输入的特征进行压缩,一方面使特征图变小,简化网络计算复杂度,另一方面进行特征压缩,提取主要特征。全连接层可以包括全连接算子,用于连接所有的特征,将输出值送给分类器,得到处理结果。Among them, the preset model may be a trained convolutional neural network model. Convolutional neural network models generally include: convolutional layer, excitation layer, pooling layer and fully connected layer. Among them, the number of each layer can be one or more. Among them, the convolution layer may include a convolution operator for extracting features of the data. The excitation layer can include activation operators to add nonlinear factors to simulate more subtle changes. The pooling layer may include a pooling operator, which is used to compress the input features. On the one hand, the feature map is reduced and the network calculation complexity is simplified. On the other hand, the feature compression is performed to extract the main features. The fully connected layer may include a fully connected operator, which is used to connect all the features, send the output value to the classifier, and obtain the processing result.
具体地,服务器在接收到客户端发送的数据处理请求之后,根据预设的MPC协议调用预设模型中的卷积算子对密文数据进行隐私卷积操作,得到密文特征数据。其中,对密文数据进行隐私卷积操作后得到的密文特征数据进行解密后得到的明文特征数据与直接对明文数据进行明文卷积操作后得到的特征数据相同。Specifically, after receiving the data processing request sent by the client, the server invokes the convolution operator in the preset model to perform a private convolution operation on the ciphertext data according to the preset MPC protocol to obtain the ciphertext feature data. Among them, the plaintext feature data obtained after decrypting the ciphertext feature data obtained by performing the privacy convolution operation on the ciphertext data is the same as the feature data obtained by directly performing the plaintext convolution operation on the plaintext data.
其中,同态加密允许对密文执行操作,相应的操作将映射到明文,同态加密可以细化为以下两种同态加密算法:Among them, homomorphic encryption allows operations to be performed on the ciphertext, and the corresponding operations will be mapped to the plaintext. The homomorphic encryption can be refined into the following two homomorphic encryption algorithms:
1)同态加法1) Homomorphic addition
已知C1=Enc(m1),C2=Enc(m2),那么C1·C2=Enc(m1+m2);Given that C1=Enc(m1), C2=Enc(m2), then C1·C2=Enc(m1+m2);
2)同态乘法2) Homomorphic multiplication
已知C1=Enc(m1),t1,那么(C1) t1=Enc(m1·t1),这里也可以利用同态加法推导出来。 Given that C1=Enc(m1), t1, then (C1) t1 =Enc(m1·t1), which can also be derived by homomorphic addition.
对明文数据进行卷积操作是明文数据矩阵与卷积算子矩阵中的对应元素相乘后求和。对密文数据进行卷积操作是密文数据矩阵中的元素的卷积算子矩阵的对应元素的次方再相乘得到。示例性地,A 3×3为明文数据矩阵,C 3×3为卷积算子矩阵;a 3×3为密文数据矩阵。明文卷积操作和隐私卷积操作如下所示: The convolution operation on the plaintext data is to multiply the corresponding elements in the plaintext data matrix and the convolution operator matrix and then sum them. The convolution operation on the ciphertext data is obtained by multiplying the powers of the corresponding elements of the convolution operator matrix of the elements in the ciphertext data matrix. Exemplarily, A 3×3 is a plaintext data matrix, C 3×3 is a convolution operator matrix; a 3×3 is a ciphertext data matrix. The plaintext convolution operation and privacy convolution operation are as follows:
Figure PCTCN2020076141-appb-000001
Figure PCTCN2020076141-appb-000001
Figure PCTCN2020076141-appb-000002
Figure PCTCN2020076141-appb-000002
在得到密文特征数据之后,服务器可以根据预设的MPC协议调用预设模型中的激活算子,与客户端配合对密文特征数据进行激活操作,得到第一激活数据和第二激活数据。其中,第一激活数据由服务器端持有,第二激活数据由客户端持有。具体地,服务器端对密文特征数据执行同态加密转秘密共享操作,得到第一密文数据和第二密文数据。服务器将第一密文数据发送至客户端。客户端对第一密文数据进行解密,得到第一明文数据。服务器将激活算子转化为布尔电路,并得出该布尔电路每个电路门的真值表。然后服务器为每个门选择两个均匀分布的字符串作为标签,分别用来表示0或1。之后,服务器随机生成第一随机数,并根据第二密文数据和第一随机数生成第一标签。将第一标签作为输入替换真值表后,服务器获得标签表。对于每个电路门,服务器使用标签表进行加密,生成第一加密电路(GC,Garbled Circuit)。服务器将第一加密电路 发送至客户端。客户端对第一明文数据进行不经意传输(OT,Oblivious Transfer),得到第二标签。客户端根据第二标签对第一加密电路进行解密,得到激活数据。激活数据也属于特征数据,用于表征加入非线性因素之后的特征,可以模拟更细微的特征变化。然后,由于后续池化操作通过安全多方计算实现,因此可以对激活数据进行秘密共享,从而在服务器端得到第一激活数据,在客户端得到第二激活数据。激活数据为第一激活数据与第二激活数据之和。即,服务器与客户端根据预设的MPC协议和激活算子对密文特征数据进行安全多方计算,得到第一激活数据和第二激活数据。After obtaining the ciphertext feature data, the server can call the activation operator in the preset model according to the preset MPC protocol, and cooperate with the client to activate the ciphertext feature data to obtain the first activation data and the second activation data. Among them, the first activation data is held by the server, and the second activation data is held by the client. Specifically, the server performs a homomorphic encryption to secret sharing operation on the ciphertext feature data to obtain the first ciphertext data and the second ciphertext data. The server sends the first ciphertext data to the client. The client decrypts the first ciphertext data to obtain the first plaintext data. The server converts the activation operator into a Boolean circuit and obtains the truth table of each circuit gate of the Boolean circuit. Then the server selects two evenly distributed strings as labels for each door, which are used to represent 0 or 1 respectively. After that, the server randomly generates a first random number, and generates a first label according to the second ciphertext data and the first random number. After replacing the truth table with the first label as input, the server obtains the label table. For each circuit gate, the server uses the tag table to encrypt, and generates a first encryption circuit (GC, Garbled Circuit). The server sends the first encrypted circuit to the client. The client performs an inadvertent transfer (OT, Oblivious Transfer) to the first plaintext data to obtain the second label. The client decrypts the first encryption circuit according to the second tag to obtain activation data. Activation data also belongs to feature data, which is used to characterize features after adding nonlinear factors, and can simulate more subtle feature changes. Then, since the subsequent pooling operation is implemented through secure multi-party computing, the activation data can be secretly shared, so that the first activation data can be obtained on the server side and the second activation data can be obtained on the client side. The activation data is the sum of the first activation data and the second activation data. That is, the server and the client perform secure multi-party calculation on the ciphertext feature data according to the preset MPC protocol and activation operator to obtain the first activation data and the second activation data.
在服务器端得到第一激活数据且客户端得到第二激活数据之后,服务器根据预设的MPC协议调用预设模型中的池化算子,与客户端配合对第一激活数据和第二激活数据进行池化操作,得到第一池化数据和第二池化数据。其中,第一池化数据可以由服务器端持有。第二池化数据可以由客户端持有。具体地,服务器将池化算子转换为布尔电路。服务器随机生成第二随机数。服务器根据第一激活函数和随机数生成第三标签。服务器将第三标签作为输入替换布尔电路的真值表,得到标签表。服务器对布尔电路的每个门使用标签表进行加密,生成第二加密电路。服务器将第二加密电路发送至客户端。客户端对第二激活数据进行不经意传输,得到第四标签。客户端使用第四标签解密第二加密电路,得到池化数据。池化数据也属于特征数据,是对特征进行压缩后得到的特征数据,可以表征主要特征。之后,由于后续全连接操作通过安全多方计算实现,因此可以对池化数据进行秘密共享,使得服务器端获取第一池化数据,客户端获得第二池化数据。池化数据为第一池化数据与第二池化数据之和。即,服务器与客户端可以根据预设的MPC协议和池化算子对第一激活数据和第二激活数据进行安全多方计算,得到第一池化数据和第二池化数据。After the server obtains the first activation data and the client obtains the second activation data, the server calls the pooling operator in the preset model according to the preset MPC protocol, and cooperates with the client to compare the first activation data and the second activation data Perform a pooling operation to obtain the first pooled data and the second pooled data. Among them, the first pooled data can be held by the server. The second pooled data can be held by the client. Specifically, the server converts the pooling operator into a Boolean circuit. The server randomly generates a second random number. The server generates a third label according to the first activation function and the random number. The server replaces the truth table of the Boolean circuit with the third label as an input to obtain a label table. The server encrypts each gate of the Boolean circuit using the tag table to generate a second encryption circuit. The server sends the second encryption circuit to the client. The client inadvertently transmits the second activation data to obtain the fourth tag. The client uses the fourth tag to decrypt the second encryption circuit to obtain pooled data. Pooled data also belongs to feature data, which is the feature data obtained after the feature is compressed, which can characterize the main feature. After that, since the subsequent full connection operation is realized through secure multi-party computing, the pooled data can be secretly shared, so that the server side obtains the first pooled data and the client side obtains the second pooled data. The pooled data is the sum of the first pooled data and the second pooled data. That is, the server and the client can perform secure multi-party calculation on the first activation data and the second activation data according to the preset MPC protocol and pooling operator to obtain the first pooling data and the second pooling data.
在服务器获得第一池化数据且客户端获得第二池化数据之后,服务器对第一池化数据执行秘密共享转同态加密操作,客户端对第二池化数据执行秘密共享转同态加密操作,在服务器端得到池化数据。然后将得到的池化数据拍平为一维数组。服务器将一维数组中的每一个元素与连接线上的权重值(即,全连接算子中的元素)相乘后相加并输出,得到密文处理结果。即,服务端根据预设的MPC协议和预设模型中的全连接算子,与客户端配合对第一池化数据和第二池化数据进行全连接操作,得到密文处理数据。服务器将得到的密文处理结果发送至客户端。客户端利用同态加密算法的私钥对密文处理结果进行解密,得到目标数据的明文处理结果。After the server obtains the first pooled data and the client obtains the second pooled data, the server performs a secret sharing to homomorphic encryption operation on the first pooled data, and the client performs secret sharing to homomorphic encryption on the second pooled data Operation, get pooled data on the server side. Then the obtained pooled data is flattened into a one-dimensional array. The server multiplies each element in the one-dimensional array with the weight value on the connection line (that is, the element in the fully connected operator), adds and outputs the result to obtain the ciphertext processing result. That is, the server cooperates with the client to perform a full connection operation on the first pooled data and the second pooled data according to the preset MPC protocol and the full connection operator in the preset model to obtain the ciphertext processing data. The server sends the obtained ciphertext processing result to the client. The client uses the private key of the homomorphic encryption algorithm to decrypt the ciphertext processing result to obtain the plaintext processing result of the target data.
上述实施例中以预设模型中包含一个卷积层、一个池化层、一个激励层和一个全连接层为例进行说明,但本申请并不限于此。本申请实施例中的数据处理方法适用于预设模型包括多个卷积层、多个池化层、多个激励层或多个全连接层的情况。In the foregoing embodiment, the preset model includes a convolutional layer, a pooling layer, an excitation layer, and a fully connected layer as an example for description, but the application is not limited to this. The data processing method in the embodiment of the present application is applicable to the case where the preset model includes multiple convolutional layers, multiple pooling layers, multiple excitation layers, or multiple fully connected layers.
上述实施例的数据处理方法中,服务器和客户端根据预设的MPC协议,调用预设模型中的卷积算子、激活算子、池化算子和全连接算子对密文数据进行安全多方计算,得到密文数据的密文处理结果,实现了在输入为密文的情况下通过预设模型对密文数据进行处理或推理,可以有效保护用户的数据隐私。In the data processing method of the foregoing embodiment, the server and the client call the convolution operator, activation operator, pooling operator, and fully connected operator in the preset model according to the preset MPC protocol to secure the ciphertext data. Multi-party calculations obtain the ciphertext processing result of the ciphertext data, and realize the processing or reasoning of the ciphertext data through the preset model when the input is ciphertext, which can effectively protect the user's data privacy.
本申请一些实施例还提供了一种数据处理方法。图4示出了本申请实施例中提供的数据处理方法的流程图。如图4所示,该方法可以包括:Some embodiments of the application also provide a data processing method. Fig. 4 shows a flowchart of a data processing method provided in an embodiment of the present application. As shown in Figure 4, the method may include:
步骤S401,客户端获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据。In step S401, the client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data.
客户端可以获取目标数据。其中,目标数据是待处理的数据。客户端利用同态加密算法对目标数据进行加密,得到密文数据。具体地,客户端可以利用同态加密算法生成公钥和私钥,然后利用公钥对目标数据进行加密,得到密文数据。The client can obtain the target data. Among them, the target data is the data to be processed. The client uses a homomorphic encryption algorithm to encrypt the target data to obtain ciphertext data. Specifically, the client can use a homomorphic encryption algorithm to generate a public key and a private key, and then use the public key to encrypt the target data to obtain ciphertext data.
步骤S402,客户端向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据。Step S402: The client sends a data processing request to the server, where the data processing request carries ciphertext data.
客户端可以向服务器发送数据处理请求。其中,数据处理请求中携带有密文数据。在其他实施例中,数据处理请求中还可以携带有同态加密算法生成的公钥。The client can send a data processing request to the server. Among them, the data processing request carries ciphertext data. In other embodiments, the data processing request may also carry the public key generated by the homomorphic encryption algorithm.
步骤S403,响应于数据处理请求,服务器与客户端根据预设的MPC协议调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理。Step S403, in response to the data processing request, the server and the client call the preset model to process the ciphertext data according to the preset MPC protocol, and obtain the ciphertext processing result, where the preset model is compatible with the preset MPC protocol for In the case of data encryption, the ciphertext data is pre-processed.
具体地,服务器响应于接收到的数据处理请求,可以根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果。其中,预设模型可以兼容预设的MPC协议。预设模型可以是训练好的深度学习模型。其中,该深度学习模型可以是利用大量明文数据训练得到的。为了与预设的MPC协议兼容,将训练好的深度学习模型中的浮点型数据转化为整型数据。换句话说,预设的MPC协议可以用于在输入为密文数据的情况下实现预设模型中的各种操作,从而实现对密文数据的预设处理,并在服务器端得到密文处理结果。Specifically, in response to the received data processing request, the server may call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result. Among them, the preset model can be compatible with the preset MPC protocol. The preset model may be a trained deep learning model. Among them, the deep learning model can be obtained by training using a large amount of plaintext data. In order to be compatible with the preset MPC protocol, the floating-point data in the trained deep learning model is converted into integer data. In other words, the preset MPC protocol can be used to implement various operations in the preset model when the input is ciphertext data, so as to realize preset processing of ciphertext data and obtain ciphertext processing on the server side. result.
步骤S404,服务器将密文处理结果发送至客户端。In step S404, the server sends the ciphertext processing result to the client.
步骤S405,客户端对所述密文处理结果进行解密,得到目标数据的明文处理结果。Step S405: The client decrypts the ciphertext processing result to obtain the plaintext processing result of the target data.
在服务器与客户端配合得到密文处理结果之后,服务器可以将密文处理结果发送至客户端。在一些实施例中,客户端可以根据同态加密算法得到的私钥对密文处理结果进行解密,得到目标数据的明文处理结果。After the server and the client cooperate to obtain the ciphertext processing result, the server may send the ciphertext processing result to the client. In some embodiments, the client can decrypt the ciphertext processing result according to the private key obtained by the homomorphic encryption algorithm to obtain the plaintext processing result of the target data.
上述方案中,通过对目标数据进行同态加密,得到密文数据,便于后续直接对密文数据进行处理。服务器根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,实现了在输入为密文数据的情况下对数据进行处理,可以有效保护数据隐私。In the above solution, the ciphertext data is obtained by homomorphic encryption of the target data, which is convenient for subsequent direct processing of the ciphertext data. The server calls the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, which realizes the processing of the data when the input is ciphertext data, which can effectively protect the data privacy.
在本申请一些实施例中,目标数据可以包括但不限于以下至少之一:人脸图像数据、医疗影像数据和人体动作数据。在本申请一些实施例中,在目标数据包括医疗影像数据时,预设处理可以包括对医疗影像数据进行诊断处理。在目标数据包括人脸图像数据时,预设处理可以包括人脸识别处理。在目标数据包括人体动作数据时,预设处理包括动作识别处理。In some embodiments of the present application, the target data may include but is not limited to at least one of the following: face image data, medical image data, and human body motion data. In some embodiments of the present application, when the target data includes medical image data, the preset processing may include performing diagnosis processing on the medical image data. When the target data includes face image data, the preset processing may include face recognition processing. When the target data includes human body motion data, the preset processing includes motion recognition processing.
在本申请一些实施例中,在服务器得到密文处理结果之后,还可以包括:服务器将数据处理请求对应的交易事件数据上传至区块链网络进行上链存储。In some embodiments of the present application, after the server obtains the ciphertext processing result, it may further include: the server uploads the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain.
在本申请一些实施例中,服务器根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,可以包括:根据预设的MPC协议和预设模型中的卷积算子,对密文数据执行隐私卷积操作,得到密文特征数据;根据预设的MPC协议和预设模型中的激活算子,与客户端配合对密文特征数据进行激活操作,得到第一激活数据和第二激活数据;根据预设的MPC协议和预设模型中的池化算子,与客户端配合对第一激活数据和第二激活数据进行池化操作,得到第一池化数据和第二池化数据;根据预设的MPC协议和预设模型中的全连接算子,与客户端配合对第一池化数据和第二池化数据进行全连接操作,得到密文处理数据。In some embodiments of the present application, the server calls the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, which may include: according to the preset MPC protocol and the preset The convolution operator in the model performs a private convolution operation on the ciphertext data to obtain the ciphertext feature data; according to the preset MPC protocol and the activation operator in the preset model, it cooperates with the client to perform the ciphertext feature data Activate the operation to obtain the first activation data and the second activation data; according to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform the pooling operation on the first activation data and the second activation data, Obtain the first pooled data and the second pooled data; according to the preset MPC protocol and the fully connected operator in the preset model, cooperate with the client to perform the fully connected operation on the first pooled data and the second pooled data , Get the ciphertext processing data.
在本申请一些实施例中,在客户端对密文处理结果进行解密,得到明文处理结果之后,还可以包括:客户端获取明文处理结果的验证结果,其中,验证结果用于表明明文处理结果是否正确;客户端将密文处理结果和验证结果发送至区块链网络进行上链存储。In some embodiments of the present application, after the client decrypts the ciphertext processing result to obtain the plaintext processing result, it may further include: the client obtains the verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is Correct; the client sends the ciphertext processing result and verification result to the blockchain network for storage on the chain.
在本申请一些实施例中,在客户端向服务器发送数据处理请求之前/同时/之后,还可以包括:客户端将资源数据发送至区块链网络的合约账户中;相应的,在客户端将密文处理结果和验证结果发送至区块链网络进行上链存储之后,还可以包括:区块链网络确定验证结果是否为正确;在确定验证结果为正确的情况下,区块链网络将合约账户中的资源数据发送至服务器的账户中。In some embodiments of the present application, before/while/after the client sends a data processing request to the server, it may also include: the client sends resource data to the contract account of the blockchain network; correspondingly, the client sends After the ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage, it can also include: the blockchain network determines whether the verification result is correct; in the case where the verification result is determined to be correct, the blockchain network transfers the contract The resource data in the account is sent to the server's account.
下面结合一个具体实施例对上述方法进行说明,然而,值得注意的是,该具体实施例仅是为了更好地说明本申请,并不构成对本申请的不当限定。The above method will be described below in conjunction with a specific embodiment. However, it is worth noting that this specific embodiment is only for better describing the application, and does not constitute an improper limitation of the application.
图5示出了该具体实施例中的数据处理方法的顺序图。如图5所示,该数据处理方法可以包括以下步骤:Fig. 5 shows a sequence diagram of the data processing method in this specific embodiment. As shown in Figure 5, the data processing method may include the following steps:
步骤1,客户端获取目标数据,并利用同态加密算法对目标数据进行加密,得到目标数据对应的密文数据;Step 1. The client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain the ciphertext data corresponding to the target data;
步骤2,客户端向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据;Step 2: The client sends a data processing request to the server, where the data processing request carries ciphertext data;
步骤3,客户端将费用抵押至区块链网络的合约账户中;Step 3. The client mortgages the fee to the contract account of the blockchain network;
步骤4,服务器根据预设的MPC协议调用预设模型中的卷积算子对密文数据进行隐私卷积操作,得到密文特征数据;Step 4: The server invokes the convolution operator in the preset model to perform a private convolution operation on the ciphertext data according to the preset MPC protocol to obtain the ciphertext feature data;
步骤5,服务器和客户端根据预设的MPC协议调用预设模型中的激活算子对密文特征数据进行安全多方计算,在服务器端得到第一激活数据,并且在客户端得到第二激活数据;Step 5. The server and the client call the activation operator in the preset model according to the preset MPC protocol to perform secure multi-party calculation of the ciphertext feature data, and obtain the first activation data on the server side and the second activation data on the client side. ;
步骤6,服务器和客户端根据预设的MPC协议调用预设模型中的池化算子对第一激活数据和第二激活数据进行安全多方计算,在服务器端得到第一池化数据,并且在客户端得到第二池化数据;Step 6. The server and the client call the pooling operator in the preset model according to the preset MPC protocol to perform secure multi-party calculations on the first activation data and the second activation data, and obtain the first pooled data on the server side, and The client gets the second pooled data;
步骤7,服务器和客户端根据预设的MPC协议调用预设模型中的全连接算子对上述第一池化数据和第二池化数据进行全连接操作,在服务器端得到密文处理结果;Step 7, the server and the client call the full connection operator in the preset model according to the preset MPC protocol to perform the full connection operation on the first pooled data and the second pooled data, and obtain the ciphertext processing result on the server side;
步骤8,服务器将密文处理结果发送至客户端;Step 8. The server sends the ciphertext processing result to the client;
步骤9,服务器将与数据处理请求对应的交易事件数据发送至区块链网络进行上链存储;Step 9. The server sends the transaction event data corresponding to the data processing request to the blockchain network for storage on the chain;
步骤10,客户端利用同态加密算法的私钥对密文处理结果进行解密,得到目标数据的明文处理结果;Step 10: The client uses the private key of the homomorphic encryption algorithm to decrypt the ciphertext processing result to obtain the plaintext processing result of the target data;
步骤11,客户端获取验证结果,其中,验证结果用于表明目标数据的明文处理结果是否正确;Step 11. The client obtains the verification result, where the verification result is used to indicate whether the plaintext processing result of the target data is correct;
步骤12,客户端将明文处理结果和验证结果发送至区块链网络进行上链存储;Step 12. The client sends the plaintext processing result and the verification result to the blockchain network for storage on the chain;
步骤13,区块链网络确定验证结果是否为正确;Step 13. The blockchain network determines whether the verification result is correct;
步骤14,在确定验证结果为正确的情况下,区块链网络将合约账户中的费用转至服务器的账户中;Step 14. When it is determined that the verification result is correct, the blockchain network transfers the fees in the contract account to the server's account;
步骤15,在确定验证结果为不正确的情况下,区块链网络将合约账户中的费用转至客户端的账户中。Step 15. In the case where it is determined that the verification result is incorrect, the blockchain network transfers the fees in the contract account to the client's account.
上述实施例中的数据处理方法,通过对目标数据进行同态加密,得到密文数据,便于后续直接对密文数据进行处理。服务器和客户端根据预设的MPC协议调用预设模型中的卷积算子、激活算子、池化算子和全连接算子,对密文数据进行预设处理,得到目标数据的密文处理结果,实现了在输入为密文数据的情况下对数据进行处理,可以有效保护数据隐私。之后,服务器将此次交易事件对应的数据发送至区块链网络进行上链存储,以便于后续查询、检索、求证等。服务器将密文处理结果发送至客户端,客户端对密文处理结果进行解密,即可得到目标数据的明文处理结果。客户端获取明文处理结果的验证结果,并将密文处理结果和验证结果发送至区块链网络进行上链存储,可以进一步保护处理结果的隐私,而且便于后续进行查询和回溯。而且在区块链网络确定验证结果为正确的情况下,将客户端抵押至合约账户中的费用转至服务器的账户中。在区块链网络确定验证结果为错误的情况下,将客户端抵押至合约账户中的费用返回至客户端的账户。这样,可以有效解决业务的计费清算问题。In the data processing method in the foregoing embodiment, the ciphertext data is obtained by homomorphic encryption of the target data, which is convenient for subsequent direct processing of the ciphertext data. The server and the client call the convolution operator, activation operator, pooling operator and fully connected operator in the preset model according to the preset MPC protocol, and perform preset processing on the ciphertext data to obtain the ciphertext of the target data The processing result realizes the processing of the data when the input is ciphertext data, which can effectively protect data privacy. After that, the server sends the data corresponding to this transaction event to the blockchain network for storage on the chain, so as to facilitate subsequent query, retrieval, verification, etc. The server sends the ciphertext processing result to the client, and the client decrypts the ciphertext processing result to obtain the plaintext processing result of the target data. The client obtains the verification result of the plaintext processing result, and sends the ciphertext processing result and the verification result to the blockchain network for on-chain storage, which can further protect the privacy of the processing result and facilitate subsequent queries and backtracking. And in the case that the blockchain network determines that the verification result is correct, the cost of the client's mortgage in the contract account is transferred to the server's account. In the case that the blockchain network determines that the verification result is wrong, the cost of the client's mortgage to the contract account is returned to the client's account. In this way, the billing and clearing problem of the business can be effectively solved.
基于同一发明构思,本申请实施例中还提供了一种数据处理装置,如下面的实施例所述。由于数据处理装置解决问题的原理与数据处理方法相似,因此数据处理装置的实施可以参见数据处理方法的实施,重复之处不再赘述。以下所使用的,术语“单元”或者“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。图6是本申请实施例的数据处理装置的一种结构框图,如图6所示,包括:加密模块601、发送模块602、处理模块603和获取模块604,下面对该结构进行说明。Based on the same inventive concept, an embodiment of the present application also provides a data processing device, as described in the following embodiment. Since the problem-solving principle of the data processing device is similar to that of the data processing method, the implementation of the data processing device can refer to the implementation of the data processing method, and the repetition will not be repeated. As used below, the term "unit" or "module" can be a combination of software and/or hardware that implements a predetermined function. Although the devices described in the following embodiments are preferably implemented by software, implementation by hardware or a combination of software and hardware is also possible and conceived. Fig. 6 is a structural block diagram of a data processing device according to an embodiment of the present application. As shown in Fig. 6, it includes: an encryption module 601, a sending module 602, a processing module 603, and an obtaining module 604. The structure is described below.
加密模块601用于获取目标数据,并利用同态加密算法对目标数据进行加密,得到密文数据。The encryption module 601 is used to obtain target data, and encrypt the target data using a homomorphic encryption algorithm to obtain ciphertext data.
发送模块602用于向服务器发送数据处理请求,其中,数据处理请求中携带有密文数据。The sending module 602 is configured to send a data processing request to the server, where the data processing request carries ciphertext data.
处理模块603用于根据预设的MPC协议,配合服务器调用预设模型对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理。The processing module 603 is used to process the ciphertext data according to the preset MPC protocol and cooperate with the server to call the preset model to obtain the ciphertext processing result. The preset model is compatible with the preset MPC protocol and is used in the case of data encryption. Perform preset processing on the ciphertext data below.
获取模块604用于获取密文处理结果。The obtaining module 604 is used to obtain the ciphertext processing result.
在本申请一些实施例中,数据处理装置还可以包括解密模块,解密模块可以用于:在获取密文处理结果之后,对密文处理结果进行解密,得到明文处理结果。In some embodiments of the present application, the data processing device may further include a decryption module, and the decryption module may be used to: after obtaining the ciphertext processing result, decrypt the ciphertext processing result to obtain the plaintext processing result.
在本申请一些实施例中,数据处理装置还可以包括上链模块,上链模块可以用于:在对密文处理结果进行解密,得到明文处理结果之后,获取明文处理结果的验证结果,其中,验证结果用于表明明文处理结果是否正确;将密文处理结果和验证结果发送至区块链网络进行上链存储。In some embodiments of the present application, the data processing device may further include an on-chain module, and the on-chain module may be used to: after decrypting the ciphertext processing result to obtain the plaintext processing result, obtain the verification result of the plaintext processing result, where, The verification result is used to indicate whether the plaintext processing result is correct; the ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage.
在本申请一些实施例中,发送模块还可以用于:在向服务器发送数据处理请求之前/同时/之后,将资源数据发送至区块链网络的合约账户中;相应的,上链模块可以具体用于:将密文处理结果和验证结果发送至区块链网络进行上链存储,以使得区块链网络在确定验证结果为正确的情况下,将合约账户中的资源数据发送至服务器的账户中。In some embodiments of the present application, the sending module can also be used to send resource data to the contract account of the blockchain network before/while/after sending the data processing request to the server; correspondingly, the on-chain module can be specific Used to: send the ciphertext processing result and the verification result to the blockchain network for on-chain storage, so that the blockchain network sends the resource data in the contract account to the account of the server when the verification result is determined to be correct in.
在本申请一些实施例中,目标数据包括以下至少之一:人脸图像数据、医疗影像数据和人体动作数据。In some embodiments of the present application, the target data includes at least one of the following: face image data, medical image data, and human body motion data.
在本申请一些实施例中,在目标数据包括医疗影像数据时,预设处理包括对医疗影像数据进行诊断处理。In some embodiments of the present application, when the target data includes medical image data, the preset processing includes performing diagnostic processing on the medical image data.
基于同一发明构思,本申请实施例中还提供了一种数据处理装置,如下面的实施例所述。由于数据处理装置解决问题的原理与数据处理方法相似,因此数据处理装置的实施可以参见数据处理方法的实施,重复之处不再赘述。以下所使用的,术语“单元”或者“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。图7是本申请实施例的数据处理装置的一种结构框图,如图7所示,包括:接收模块701、处理模块702和发送模块703,下面对该结构进行说明。Based on the same inventive concept, an embodiment of the present application also provides a data processing device, as described in the following embodiment. Since the problem-solving principle of the data processing device is similar to that of the data processing method, the implementation of the data processing device can refer to the implementation of the data processing method, and the repetition will not be repeated. As used below, the term "unit" or "module" can be a combination of software and/or hardware that implements a predetermined function. Although the devices described in the following embodiments are preferably implemented by software, implementation by hardware or a combination of software and hardware is also possible and conceived. Fig. 7 is a structural block diagram of a data processing device according to an embodiment of the present application. As shown in Fig. 7, it includes: a receiving module 701, a processing module 702, and a sending module 703. The structure is described below.
接收模块701用于接收客户端发送的数据处理请求,其中,数据处理请求中携带有密文数据,密文数据由客户端利用同态加密算法对目标数据进行加密后生成。The receiving module 701 is configured to receive a data processing request sent by a client, where the data processing request carries ciphertext data, and the ciphertext data is generated by the client after encrypting target data using a homomorphic encryption algorithm.
处理模块702用于响应于数据处理请求,根据预设的MPC协议调用预设模型,以与客户端配合对密文数据进行处理,得到密文处理结果,其中,预设模型兼容预设的MPC协议,用于在数据加密的情况下对密文数据进行预设处理。The processing module 702 is configured to respond to the data processing request and call the preset model according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, wherein the preset model is compatible with the preset MPC The protocol is used to perform preset processing on ciphertext data in the case of data encryption.
发送模块703用于将密文处理结果发送至客户端。The sending module 703 is used to send the ciphertext processing result to the client.
在本申请一些实施例中,数据处理装置还包括上链模块,其中,上链模块具体用于:在得到密文处理结果之后,将数据处理请求对应的交易事件数据上传至区块链网络进行上链存储。In some embodiments of the present application, the data processing device further includes an on-chain module, where the on-chain module is specifically configured to: after obtaining the ciphertext processing result, upload transaction event data corresponding to the data processing request to the blockchain network for processing On-chain storage.
在本申请一些实施例中,处理模块可以具体用于:根据预设的MPC协议和预设模型中的卷积算子,对密文数据执行隐私卷积操作,得到密文特征数据;根据预设的MPC协议和预设模型中的激活算子,与客户端配合对密文特征数据进行激活操作,得到第一激活数据和第二激活数据;根据预设的MPC协议和预设模型中的池化算子,与客户端配合对第一激活数据和第二激活数据 进行池化操作,得到第一池化数据和第二池化数据;根据预设的MPC协议和预设模型中的全连接算子,与客户端配合对第一池化数据和第二池化数据进行全连接操作,得到密文处理数据。In some embodiments of the present application, the processing module may be specifically configured to: perform a private convolution operation on the ciphertext data according to the preset MPC protocol and the convolution operator in the preset model to obtain the ciphertext feature data; Set the MPC protocol and the activation operator in the preset model to cooperate with the client to activate the ciphertext feature data to obtain the first activation data and the second activation data; according to the preset MPC protocol and the preset model The pooling operator cooperates with the client to perform pooling operations on the first activation data and the second activation data to obtain the first pooled data and the second pooled data; according to the preset MPC protocol and the preset model The connection operator cooperates with the client to perform a full connection operation on the first pooled data and the second pooled data to obtain the ciphertext processing data.
从以上的描述中,可以看出,本申请实施例实现了如下技术效果:通过对目标数据进行同态加密,得到对应的密文数据,避免目标数据的具体内容遭到泄漏。进一步,客户端再根据预设的MPC协议,配合服务器调用能够兼容预设的MPC协议的预设模型对密文数据进行具体的预设处理,得到目标数据的密文处理结果。实现了能在目标数据加密的状态下,对目标数据进行具体处理,从而有效地保护了数据隐私。From the above description, it can be seen that the embodiments of the present application achieve the following technical effects: by homomorphically encrypting the target data, the corresponding ciphertext data is obtained, and the specific content of the target data is prevented from being leaked. Further, the client then performs specific preset processing on the ciphertext data according to the preset MPC protocol and cooperates with the server to call a preset model compatible with the preset MPC protocol to obtain the ciphertext processing result of the target data. Realize that the target data can be specifically processed in the state of target data encryption, thereby effectively protecting data privacy.
本申请实施方式还提供了一种计算机设备,具体可以参阅图8所示的基于本申请实施例提供的数据处理方法的计算机设备组成结构示意图,所述计算机设备具体可以包括输入设备81、处理器82、存储器83。其中,所述存储器83用于存储处理器可执行指令。所述处理器82执行所述指令时实现上述任意实施例中所述的数据处理方法的步骤。The embodiment of the present application also provides a computer device. For details, please refer to the schematic diagram of the structure of the computer device based on the data processing method provided by the embodiment of the present application shown in FIG. 8. The computer device may specifically include an input device 81 and a processor. 82. Memory 83. Wherein, the memory 83 is used to store processor executable instructions. The processor 82 implements the steps of the data processing method described in any of the foregoing embodiments when executing the instructions.
在本实施方式中,所述输入设备具体可以是用户和计算机系统之间进行信息交换的主要装置之一。所述输入设备可以包括键盘、鼠标、摄像头、扫描仪、光笔、手写输入板、语音输入装置等;输入设备用于把原始数据和处理这些数的程序输入到计算机中。所述输入设备还可以获取接收其他模块、单元、设备传输过来的数据。所述处理器可以按任何适当的方式实现。例如,处理器可以采取例如微处理器或处理器以及存储可由该(微)处理器执行的计算机可读程序代码(例如软件或固件)的计算机可读介质、逻辑门、开关、专用集成电路(Application Specific Integrated Circuit,ASIC)、可编程逻辑控制器和嵌入微控制器的形式等等。所述存储器具体可以是现代信息技术中用于保存信息的记忆设备。所述存储器可以包括多个层次,在数字系统中,只要能保存二进制数据的都可以是存储器;在集成电路中,一个没有实物形式的具有存储功能的电路也叫存储器,如RAM、FIFO等;在系统中,具有实物形式的存储设备也叫存储器,如内存条、TF卡等。In this embodiment, the input device may specifically be one of the main devices for information exchange between the user and the computer system. The input device may include a keyboard, a mouse, a camera, a scanner, a light pen, a handwriting input board, a voice input device, etc.; the input device is used to input raw data and programs for processing these numbers into the computer. The input device can also obtain and receive data transmitted from other modules, units, and devices. The processor can be implemented in any suitable way. For example, the processor may take the form of a microprocessor or a processor and a computer readable medium, logic gates, switches, application specific integrated circuits ( Application Specific Integrated Circuit, ASIC), programmable logic controller and embedded microcontroller form, etc. The memory may specifically be a memory device used to store information in modern information technology. The memory can include multiple levels. In a digital system, as long as it can store binary data, it can be a memory; in an integrated circuit, a circuit with a storage function without a physical form is also called a memory, such as RAM, FIFO, etc.; In the system, storage devices in physical form are also called memory, such as memory sticks, TF cards, and so on.
在本实施方式中,该计算机设备具体实现的功能和效果,可以与其它实施方式对照解释,在此不再赘述。In this embodiment, the specific functions and effects implemented by the computer device can be explained in comparison with other embodiments, and will not be repeated here.
本申请实施方式中还提供了一种基于数据处理方法的计算机存储介质,所述计算机存储介质存储有计算机程序指令,在所述计算机程序指令被执行时实现上述任意实施例中所述数据处理方法的步骤。The embodiment of the present application also provides a computer storage medium based on a data processing method, the computer storage medium stores computer program instructions, and when the computer program instructions are executed, the data processing method described in any of the above embodiments is implemented A step of.
在本实施方式中,上述存储介质包括但不限于随机存取存储器(Random Access Memory,RAM)、只读存储器(Read-Only Memory,ROM)、缓存(Cache)、硬盘(Hard Disk Drive,HDD)或者存储卡(Memory Card)。所述存储器可以用于存储计算机程序指令。网络通信单元可以是依照通信协议规定的标准设置的,用于进行网络连接通信的接口。In this embodiment, the above-mentioned storage medium includes, but is not limited to, random access memory (Random Access Memory, RAM), read-only memory (Read-Only Memory, ROM), cache (Cache), and hard disk (Hard Disk Drive, HDD). Or memory card (Memory Card). The memory can be used to store computer program instructions. The network communication unit may be an interface set up in accordance with a standard stipulated by the communication protocol and used for network connection communication.
在本实施方式中,该计算机存储介质存储的程序指令具体实现的功能和效果,可以与其它实施方式对照解释,在此不再赘述。In this embodiment, the specific functions and effects realized by the program instructions stored in the computer storage medium can be explained in comparison with other embodiments, and will not be repeated here.
显然,本领域的技术人员应该明白,上述的本申请实施例的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本申请实施例不限制于任何特定的硬件和软件结合。Obviously, those skilled in the art should understand that the modules or steps of the embodiments of the present application described above can be implemented by a general computing device, and they can be concentrated on a single computing device or distributed among multiple computing devices. Optionally, they can be implemented by the program code executable by the computing device, so that they can be stored in the storage device for execution by the computing device, and in some cases, they can be different from here The steps shown or described are performed in the order of, or they are respectively fabricated into individual integrated circuit modules, or multiple modules or steps of them are fabricated into a single integrated circuit module to achieve. In this way, the embodiments of the present application are not limited to any specific combination of hardware and software.
应该理解,以上描述是为了进行图示说明而不是为了进行限制。通过阅读上述描述,在所提供的示例之外的许多实施方式和许多应用对本领域技术人员来说都将是显而易见的。因此,本申请的范围不应该参照上述描述来确定,而是应该参照前述权利要求以及这些权利要求所拥有的等价物的全部范围来确定。It should be understood that the above description is for illustration and not for limitation. By reading the above description, many implementations and many applications beyond the examples provided will be obvious to those skilled in the art. Therefore, the scope of this application should not be determined with reference to the above description, but should be determined with reference to the foregoing claims and the full scope of equivalents possessed by these claims.
以上所述仅为本申请的优选实施例而已,并不用于限制本申请,对于本领域的技术人员来说,本申请实施例可以有各种更改和变化。凡在本申请的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。The foregoing descriptions are only preferred embodiments of the present application, and are not intended to limit the present application. For those skilled in the art, the embodiments of the present application may have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this application shall be included in the protection scope of this application.

Claims (13)

  1. 一种数据处理方法,其特征在于,包括:A data processing method, characterized in that it comprises:
    获取目标数据,并利用同态加密算法对所述目标数据进行加密,得到密文数据;Acquiring target data, and encrypting the target data using a homomorphic encryption algorithm to obtain ciphertext data;
    向服务器发送数据处理请求,其中,所述数据处理请求中携带有所述密文数据;Sending a data processing request to the server, where the data processing request carries the ciphertext data;
    根据预设的MPC协议,配合所述服务器调用预设模型对所述密文数据进行处理,得到密文处理结果,其中,所述预设模型兼容所述预设的MPC协议,用于在数据加密的情况下对所述密文数据进行预设处理;According to the preset MPC protocol, cooperate with the server to call a preset model to process the ciphertext data to obtain the ciphertext processing result, wherein the preset model is compatible with the preset MPC protocol, and is used for data Performing preset processing on the ciphertext data in the case of encryption;
    获取所述密文处理结果。Obtain the ciphertext processing result.
  2. 根据权利要求1所述的方法,其特征在于,在获取所述密文处理结果之后,还包括:The method according to claim 1, wherein after obtaining the ciphertext processing result, the method further comprises:
    对所述密文处理结果进行解密,得到明文处理结果。Decrypt the ciphertext processing result to obtain the plaintext processing result.
  3. 根据权利要求2所述的方法,其特征在于,在对所述密文处理结果进行解密,得到明文处理结果之后,还包括:The method according to claim 2, wherein after decrypting the ciphertext processing result to obtain the plaintext processing result, the method further comprises:
    获取所述明文处理结果的验证结果,其中,所述验证结果用于表明所述明文处理结果是否正确;Obtaining a verification result of the plaintext processing result, where the verification result is used to indicate whether the plaintext processing result is correct;
    将所述密文处理结果和所述验证结果发送至区块链网络进行上链存储。The ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage.
  4. 根据权利要求3所述的方法,其特征在于,在向服务器发送数据处理请求之前/同时/之后,还包括:The method according to claim 3, characterized in that, before/while/after sending the data processing request to the server, the method further comprises:
    将资源数据发送至所述区块链网络的合约账户中;Sending resource data to the contract account of the blockchain network;
    相应的,将所述密文处理结果和所述验证结果发送至区块链网络进行上链存储,包括:Correspondingly, sending the ciphertext processing result and the verification result to the blockchain network for on-chain storage includes:
    将所述密文处理结果和所述验证结果发送至区块链网络进行上链存储,以使得所述区块链网络在确定所述验证结果为正确的情况下,将所述合约账户中的资源数据发送至所述服务器的账户中。The ciphertext processing result and the verification result are sent to the blockchain network for on-chain storage, so that the blockchain network, when the verification result is determined to be correct, will be stored in the contract account The resource data is sent to the account of the server.
  5. 根据权利要求1所述的方法,其特征在于,所述目标数据包括以下至少之一:人脸图像数据、医疗影像数据和人体动作数据。The method according to claim 1, wherein the target data includes at least one of the following: face image data, medical image data, and human body motion data.
  6. 根据权利要求5所述的方法,其特征在于,在所述目标数据包括医疗影像数据时,所述预设处理包括对所述医疗影像数据进行诊断处理。The method according to claim 5, wherein when the target data includes medical image data, the preset processing includes performing diagnostic processing on the medical image data.
  7. 一种数据处理方法,其特征在于,包括:A data processing method, characterized in that it comprises:
    接收客户端发送的数据处理请求,其中,所述数据处理请求中携带有密文数据,所述密文数据由所述客户端利用同态加密算法对目标数据进行加密后生成;Receiving a data processing request sent by a client, where the data processing request carries ciphertext data, and the ciphertext data is generated by the client after encrypting target data using a homomorphic encryption algorithm;
    响应于所述数据处理请求,根据预设的MPC协议调用预设模型,以与所述客户端配合对所述密文数据进行处理,得到密文处理结果,其中,所述预设模型兼容所述预设的MPC协议,用于在数据加密的情况下对所述密文数据进行预设处理;In response to the data processing request, the preset model is called according to the preset MPC protocol to process the ciphertext data in cooperation with the client to obtain the ciphertext processing result, wherein the preset model is compatible with all The preset MPC protocol is used to perform preset processing on the ciphertext data in the case of data encryption;
    将所述密文处理结果发送至所述客户端。Sending the ciphertext processing result to the client.
  8. 根据权利要求7所述的方法,其特征在于,在得到密文处理结果之后,还包括:The method according to claim 7, characterized in that, after obtaining the ciphertext processing result, the method further comprises:
    将所述数据处理请求对应的交易事件数据上传至区块链网络进行上链存储。Upload the transaction event data corresponding to the data processing request to the blockchain network for on-chain storage.
  9. 根据权利要求7所述的方法,其特征在于,根据预设的MPC协议调用预设模型,以与所述客户端配合对所述密文数据进行处理,得到密文处理结果,包括:The method according to claim 7, wherein calling a preset model according to a preset MPC protocol to process the ciphertext data in cooperation with the client to obtain a ciphertext processing result, comprising:
    根据所述预设的MPC协议和所述预设模型中的卷积算子,对所述密文数据执行隐私卷积操作,得到密文特征数据;Performing a privacy convolution operation on the ciphertext data according to the preset MPC protocol and the convolution operator in the preset model to obtain ciphertext feature data;
    根据所述预设的MPC协议和所述预设模型中的激活算子,与所述客户端配合对所述密文特征数据进行激活操作,得到第一激活数据和第二激活数据;According to the preset MPC protocol and the activation operator in the preset model, cooperate with the client to perform an activation operation on the ciphertext feature data to obtain first activation data and second activation data;
    根据所述预设的MPC协议和所述预设模型中的池化算子,与所述客户端配合对所述第一激活数据和所述第二激活数据进行池化操作,得到第一池化数据和第二池化数据;According to the preset MPC protocol and the pooling operator in the preset model, cooperate with the client to perform a pooling operation on the first activation data and the second activation data to obtain the first pool Optimized data and second pooled data;
    根据所述预设的MPC协议和所述预设模型中的全连接算子,与所述客户端配合对所述第一池化数据和所述第二池化数据进行全连接操作,得到密文处理数据。According to the preset MPC protocol and the fully connected operator in the preset model, cooperate with the client to perform a fully connected operation on the first pooled data and the second pooled data to obtain a secret Text processing data.
  10. 一种数据处理方法,其特征在于,包括:A data processing method, characterized in that it comprises:
    客户端获取目标数据,并利用同态加密算法对所述目标数据进行加密,得到密文数据;The client obtains the target data, and encrypts the target data using a homomorphic encryption algorithm to obtain ciphertext data;
    所述客户端向服务器发送数据处理请求,其中,所述数据处理请求中携带有所述密文数据;The client sends a data processing request to the server, wherein the data processing request carries the ciphertext data;
    响应于所述数据处理请求,所述服务器与所述客户端根据预设的MPC协议调用预设模型对所述密文数据进行处理,得到密文处理结果,其中,所述预设模型兼容所述预设的MPC协议,用于在数据加密的情况下对所述密文数据进行预设处理;In response to the data processing request, the server and the client call a preset model to process the ciphertext data according to the preset MPC protocol to obtain the ciphertext processing result, wherein the preset model is compatible with all The preset MPC protocol is used to perform preset processing on the ciphertext data in the case of data encryption;
    所述服务器将所述密文处理结果发送至所述客户端;Sending the ciphertext processing result to the client by the server;
    所述客户端对所述密文处理结果进行解密,得到所述目标数据的明文处理结果。The client decrypts the ciphertext processing result to obtain the plaintext processing result of the target data.
  11. 一种数据处理装置,其特征在于,包括:A data processing device, characterized in that it comprises:
    加密模块,用于获取目标数据,并利用同态加密算法对所述目标数据进行加密,得到密文数据;The encryption module is used to obtain target data, and encrypt the target data using a homomorphic encryption algorithm to obtain ciphertext data;
    发送模块,用于向服务器发送数据处理请求,其中,所述数据处理请求中携带有所述密文数据;A sending module, configured to send a data processing request to the server, wherein the data processing request carries the ciphertext data;
    处理模块,用于根据预设的MPC协议,配合所述服务器调用预设模型对所述密文数据进行处理,得到密文处理结果,其中,所述预设模型兼容所述预设的MPC协议,用于在数据加密的情况下对所述密文数据进行预设处理;The processing module is configured to process the ciphertext data according to the preset MPC protocol and cooperate with the server to call a preset model to obtain the ciphertext processing result, wherein the preset model is compatible with the preset MPC protocol , Used to perform preset processing on the ciphertext data in the case of data encryption;
    获取模块,用于获取所述密文处理结果。The obtaining module is used to obtain the ciphertext processing result.
  12. 一种计算机设备,其特征在于,包括处理器以及用于存储处理器可执行指令的存储器,所述处理器执行所述指令时实现权利要求1至6中任一项所述方法的步骤。A computer device characterized by comprising a processor and a memory for storing executable instructions of the processor, and the processor implements the steps of the method according to any one of claims 1 to 6 when the processor executes the instructions.
  13. 一种计算机可读存储介质,其上存储有计算机指令,其特征在于,所述指令被执行时实现权利要求1至6中任一项所述方法的步骤。A computer-readable storage medium having computer instructions stored thereon, characterized in that, when the instructions are executed, the steps of the method according to any one of claims 1 to 6 are realized.
PCT/CN2020/076141 2019-10-11 2020-02-21 Data processing method and apparatus, computer device, and storage medium WO2021068445A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910962649.4 2019-10-11
CN201910962649.4A CN110765473A (en) 2019-10-11 2019-10-11 Data processing method, data processing device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
WO2021068445A1 true WO2021068445A1 (en) 2021-04-15

Family

ID=69331818

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/076141 WO2021068445A1 (en) 2019-10-11 2020-02-21 Data processing method and apparatus, computer device, and storage medium

Country Status (2)

Country Link
CN (1) CN110765473A (en)
WO (1) WO2021068445A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114826546A (en) * 2022-04-02 2022-07-29 支付宝(杭州)信息技术有限公司 Transaction data processing method and device
CN115270163A (en) * 2022-09-26 2022-11-01 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110765473A (en) * 2019-10-11 2020-02-07 矩阵元技术(深圳)有限公司 Data processing method, data processing device, computer equipment and storage medium
CN111404943B (en) * 2020-03-18 2021-10-26 腾讯科技(深圳)有限公司 Data processing method and device, electronic equipment and computer readable storage medium
WO2021184346A1 (en) * 2020-03-20 2021-09-23 云图技术有限公司 Private machine learning model generation and training methods, apparatus, and electronic device
CN111142876B (en) * 2020-04-02 2020-08-18 华控清交信息科技(北京)有限公司 Compiling processing method and device and compiling processing device
CN111565101A (en) * 2020-04-28 2020-08-21 上海物融智能科技有限公司 Processing method and device for computing task
WO2021223104A1 (en) * 2020-05-06 2021-11-11 云图技术有限公司 System testing method and apparatus
CN111538671B (en) * 2020-05-06 2023-06-16 矩阵元技术(深圳)有限公司 System testing method and device
CN111723390B (en) * 2020-06-28 2023-04-07 天津理工大学 Commercial data protection method and system based on supply chain management
CN112668748B (en) * 2020-09-16 2024-05-10 华控清交信息科技(北京)有限公司 Prediction method and device and electronic equipment
CN112615712B (en) * 2020-12-16 2023-03-24 百度在线网络技术(北京)有限公司 Data processing method, related device and computer program product
CN113810493A (en) * 2021-09-16 2021-12-17 中国电信股份有限公司 Translation method, system, device and storage medium
CN114301583B (en) * 2021-12-22 2023-10-24 阿里巴巴(中国)有限公司 Ciphertext compression method, ciphertext compression device, ciphertext compression equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070005594A1 (en) * 2005-06-30 2007-01-04 Binyamin Pinkas Secure keyword search system and method
CN104821942A (en) * 2015-04-22 2015-08-05 广州大学 Face recognition method and system
CN108776790A (en) * 2018-06-06 2018-11-09 海南大学 Face encryption recognition methods based on neural network under cloud environment
CN109690551A (en) * 2018-08-24 2019-04-26 区链通网络有限公司 Block chain data guard method, device, system and computer readable storage medium
CN110750801A (en) * 2019-10-11 2020-02-04 矩阵元技术(深圳)有限公司 Data processing method, data processing device, computer equipment and storage medium
CN110765473A (en) * 2019-10-11 2020-02-07 矩阵元技术(深圳)有限公司 Data processing method, data processing device, computer equipment and storage medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11210375B2 (en) * 2018-03-07 2021-12-28 Private Identity Llc Systems and methods for biometric processing with liveness
CN108683669B (en) * 2018-05-19 2021-09-17 深圳市图灵奇点智能科技有限公司 Data verification method and secure multi-party computing system
CN110011784B (en) * 2019-04-04 2021-06-08 东北大学 KNN classification service system and method supporting privacy protection
CN110084063B (en) * 2019-04-23 2022-07-15 中国科学技术大学 Gradient descent calculation method for protecting private data
CN110211683B (en) * 2019-05-30 2021-09-28 北京理工大学 Support vector machine medical data privacy training system based on block chain
CN110210245B (en) * 2019-05-30 2021-04-06 北京理工大学 Medical data using method based on privacy protection

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070005594A1 (en) * 2005-06-30 2007-01-04 Binyamin Pinkas Secure keyword search system and method
CN104821942A (en) * 2015-04-22 2015-08-05 广州大学 Face recognition method and system
CN108776790A (en) * 2018-06-06 2018-11-09 海南大学 Face encryption recognition methods based on neural network under cloud environment
CN109690551A (en) * 2018-08-24 2019-04-26 区链通网络有限公司 Block chain data guard method, device, system and computer readable storage medium
CN110750801A (en) * 2019-10-11 2020-02-04 矩阵元技术(深圳)有限公司 Data processing method, data processing device, computer equipment and storage medium
CN110765473A (en) * 2019-10-11 2020-02-07 矩阵元技术(深圳)有限公司 Data processing method, data processing device, computer equipment and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114826546A (en) * 2022-04-02 2022-07-29 支付宝(杭州)信息技术有限公司 Transaction data processing method and device
CN115270163A (en) * 2022-09-26 2022-11-01 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium
CN115270163B (en) * 2022-09-26 2023-01-24 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium

Also Published As

Publication number Publication date
CN110765473A (en) 2020-02-07

Similar Documents

Publication Publication Date Title
WO2021068445A1 (en) Data processing method and apparatus, computer device, and storage medium
WO2021068444A1 (en) Data processing method and device, computer apparatus, and storage medium
US11196541B2 (en) Secure machine learning analytics using homomorphic encryption
CN110915164B (en) Processing blockchain data based on smart contract operations performed in trusted execution environments
US20220092216A1 (en) Privacy-preserving machine learning in the three-server model
US9158925B2 (en) Server-aided private set intersection (PSI) with data transfer
US10951401B2 (en) Digital asset transfer system for secure digital asset transactions
Li et al. Distortion less secret image sharing scheme for Internet of Things system
US10885203B2 (en) Encrypted data exchange
Alemami et al. Cloud data security and various cryptographic algorithms
CN114039785B (en) Data encryption, decryption and processing methods, devices, equipment and storage medium
WO2022068355A1 (en) Encryption method and apparatus based on feature of information, device, and storage medium
TW202034181A (en) Voting system, method, and device
Preethi et al. A high secure medical image storing and sharing in cloud environment using hex code cryptography method—secure genius
Liu et al. Privacy-preserving collaborative analytics on medical time series data
Dharangan et al. Secure cloud-based E-health system using advanced encryption standard
Ibarrondo et al. Banners: Binarized neural networks with replicated secret sharing
US11569985B2 (en) Preserving inter-party data privacy in global data relationships
CN113055153B (en) Data encryption method, system and medium based on fully homomorphic encryption algorithm
CN108564330B (en) Information processing method and platform and computer readable medium
Hussain et al. Sharing is caring–design and demonstration of a data privacy tool for interorganizational transfer of data
CN116743376A (en) Multiparty secret sharing data privacy comparison method based on efficient ciphertext confusion technology
Santos et al. Enhancing medical data security on public cloud
CN114726580B (en) Data processing method and device
Narayana et al. Medical image cryptanalysis using adaptive, lightweight neural network based algorithm for IoT based secured cloud storage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20874626

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20874626

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 20874626

Country of ref document: EP

Kind code of ref document: A1