CN101815081B - Distributed calculation logic comparison method - Google Patents
Distributed calculation logic comparison method Download PDFInfo
- Publication number
- CN101815081B CN101815081B CN 200910222920 CN200910222920A CN101815081B CN 101815081 B CN101815081 B CN 101815081B CN 200910222920 CN200910222920 CN 200910222920 CN 200910222920 A CN200910222920 A CN 200910222920A CN 101815081 B CN101815081 B CN 101815081B
- Authority
- CN
- China
- Prior art keywords
- bit
- shared
- share
- decomposition
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Complex Calculations (AREA)
Abstract
The invention discloses a distributed calculation logic comparison method, which belongs to the technical field of computer networks. The method of the invention comprises the following steps that: 1) each member cooperatively obtains a random number, share thereof and position decomposing share thereof; 2) each member adopts the random number share for scrambling the value to be decomposed and rebuilding the scrambled value, then, the rebuilt scrambled value carries out bit decomposition, and the decomposition is shared; 3) each member adopts the share of the random number bit decomposition for outputting the descrambled bit decomposition share of the scrambled value; and 4) the share form of the descrambled output data is decomposed into the bit share under a group of ordered group, each bit share carries out single logic comparison, a first different bit in a comparison result dictionary sequence is determined, and then, the final comparison result is determined according to the comparison result and the positioning information. Compared with the prior art, the invention has the advantages of high operation efficiency, small error probability, good safety performance and easy connection with hardware.
Description
Technical field:
The present invention relates to a kind ofly carry out safety ratio method for two or more members under the distributed condition, relate in particular to a kind of logic comparison method of Distributed Calculation, it can be widely applied in the theoretical research of Secure calculating, Distributed Calculation, fault-tolerant calculation agreement, and the application of the network environment of rising gradually, such as electronic voting, ecommerce, E-Government, private data library searching etc.; Belong to technical field of the computer network.
Background technology:
Along with the development of network technology and cryptological technique, a large amount of novel mode of doing business and organizational form have been emerged.Implement business EC (unite online expenditure, shopping at network and the auction of release such as U.S. ebay and paypal company, prominent domestic store, Jingdone district utilizes P2C technology realization online division with traditional business mode electronization.), E-Government realizes government affairs electronizations (as having tried out the electronic voting mode in U.S.'s general election in 2004,2008), data bank has been realized electronization of document storage etc., these novel account forms are to other field expansion, comprise bank, chain store, library, public database etc., so that people's lives are more convenient, greatly promoted social development with flourishing, and driven rapid development of economy.These numerous account forms have a very outstanding feature, have namely adopted distributed computing environment (DCE) and technology, on this basis, need to adopt co-operating account form to carry out data and process.
As the computer software that the algebraic operation that must have in the computer programming language, bit arithmetic, logical operation can be constructed incomparable complexity, under distributed environment, the realization of complicated calculations task is also as the same will be take these simple basic distributed arithmetics as the basis.In these computings, remove common algebraic operation (comprise add, subtract, multiplication and division etc.), logic relatively (greater than, equal, less than etc.) occupied very consequence.For the clearer importance of seeing that logic compares, the below does as example take ecommerce and is analyzed as follows: be not general, consider that two people in the network carry out a bid, one of them is the owner of commodity, another is the suitor of commodity, and the base number of a tender may be maintained secrecy.Before transaction, the two need to check whether both sides' charge satisfies certain relation, and for example, buyer's reserve price is greater than seller's charge, and the two can finish this transaction with seller's charge; Otherwise if the price that the buyer goes out is lower than seller's charge, this transaction terminates so, and the two needs to adjust respectively price separately and carry out the comparison of next time.
It is extremely important it is emphasized that the secret protection in the Distributed Calculation and calculating fairness.So-called secret protection refers to that the input of calculating participant is not leaked, calculates fairness and comprises the consistency of result of calculation, and the consistency that reaches computational process, guarantee not bring benefit because of a participant by unexpected termination computational activity.Based on above consideration, in the process of whole comparison, participate in the information that both sides relatively only know one's own side, and the other side's information is known nothing, after relatively finishing, participate in the resulting result of both sides relatively and only comprise both sides' magnitude relationship, and do not know the other side's definite information; Simultaneously, guarantee the confidentiality of computational process intermediate object program, and take precautions against the various attack that may exist, comprise distort, stop, eavesdropping etc.This big or small comparison problem not only appears at electronic transaction, and electronic voting in the electronic auction, can also be widely applied to and relates to size relatively in all electronic protocol, has wide market and application space.
Given this importance of problem has many researchers successively to study this problem, has wherein proposed many new research methods and concrete scheme.The earliest, Andrew Chi-Chih Yao has proposed hour comparison effective method of a kind of two numbers participating in comparing in the article " Protocols for Secure Computation " of nineteen eighty-two, the method is for participating in two numbers relatively when larger, and what efficient will be very is low.Thereafter, this problem has obtained many scholars' research, and Kun Peng etc. has provided three kinds of solutions to this problem, and so that solution satisfies stronger character simultaneously, but need the sub-protocol doing zero-knowledge proof and call other in these schemes, the complex nature of the problem is still very high.Given this, the present invention proposes a kind of new solution, this scheme can satisfy constant opinion complexity, this agreement will participate in two numbers relatively and carry out disassembly in the binary system, by thereby the bit that participates in number is relatively compared the result who obtains comparison, each bit that participates in simultaneously number relatively exists in a kind of shared mode, thereby each member is maintained secrecy.
The present invention is take another patent application as the basis, and this number of patent application is: 200810111190.9, and name is called " a kind of cryptography distributed calculating and step-by-step verification method with fault tolerance ".Wherein, relate to following prior aries:
Shamir is secret to be shared: secret the sharing of Shamir is the On Secret Sharing Schemes that a kind of linearity can be taken advantage of.
The secret multiplication agreement of sharing: the multiplication Computation Protocol of the multiplication agreement of using in the patent for proposing in our the last patent.
Implementation environment: each member utilizes a point-to-point channel with the fail safe improved to carry on an agreement.
A does disassembly in the binary system for integer
A wherein
i∈ 0,1},
And employing a=[a
0, a
1..., a
L-1]
2Represent this decomposable process.
Thought of the present invention is utilized each bit a of the shared computation integer a of integer a
iShare, what we supposed this shared use is the Shamir On Secret Sharing Schemes, then by each the bit a to integer a
isharedly calculate desired comparative result.
Summary of the invention:
The logic comparison method that the purpose of this invention is to provide a kind of Distributed Calculation.
Technical scheme of the present invention is:
A kind of logic comparison method of Distributed Calculation, wherein for certain numerical value a, every the participant that participate in to calculate has of this numerical value a to be shared, and the steps include:
1) each member works in coordination with and obtains sharing of a random number and shared and its decomposition;
2) each member adopts shared numerical value to be decomposed is shared of this random number to carry out scrambling, and reconstructs the numerical value after this scrambling;
3) each member carries out the position decomposition to the scrambling numerical value that reconstructs, and this decomposition is shared;
4) each member adopts sharing of this random digit decomposition to carry out exporting behind the descrambling to the position decomposition of scrambling numerical value is shared;
5) share the position that the shared form of descrambling being exported data is decomposed under one group of ordered group;
6) every bit is shared carried out independent logic relatively, and compared result keeps encrypted state;
7) in the lexcographical order of compared result first not identical bits position;
8) according to step 6) comparative result and step 7) locating information, by first not the size shared of the position at same bits place determine final comparative result.
Further, described step 1) be: each member adopts randomized technique to work in coordination with and obtains a random number and its decomposition, then the position of this random number and this random number is decomposed and share respectively.
Further, in the described method, to sharing and shared maintaining secrecy of decomposing of described random number.
Further, described secret form comprises: encryption, secret shared, data encoding.
Further, described method adopts distributed bit comparison and position algebraic operation method to carry out described descrambling.
Further, described ordered group comprises: binary system ordered group, q system ordered group, uncorrelated decomposition base ordered group.
Further, described method has adopted the parallel method for solving of " preceding paragraph with " and " preceding paragraph or " that every bit is shared to carry out independent logic comparison; Described " preceding paragraph with " refer to before the k position all " with " and computing, described " preceding paragraph or " refers to before the k position inclusive-OR operation of all.
Further, the described method parallel method for solving that adopts the bit carry to share is determined in the lexcographical order of described comparative result first not location of identical bits; Described bit bit method is: with two data x to be compared, and the k position x of y
k, y
kCarry out addition, if there is carry, then the result is 1, otherwise the result is 0.
Further, described step 8) in, adopt fully the traversal mode to determine final comparative result.
Characteristics of the present invention are, need to realize secret technology of sharing and collaborative algebraic operation to data in distributed computing environment (DCE), comprising: add, subtract, multiplication and division computing etc.Make data x, y ∈ Z, definition x, y ∈ Z, X=E (x) expression is secret share in to the sharing operation of data x, be about to data x and be transformed to data vector X, every member obtains the one-component (namely sharing) in this vector, to the restoring operation of data x, be about to vectorial X and be reduced to data x during x=D (X) expression secret is shared.For distributed algebraic operation, final result need to be implemented in the algebra homomorphism under secret the sharing:
Wherein,
The simple numerical computations such as representative adds, subtracts, multiplication and division computing,
Expression to adding of sharing, subtract, the corresponding Distributed Calculation agreement of multiplication and division computing.
The present invention is directed to existing many agreements and need to carry out numeric ratio problem, proposed a kind of new safe comparative approach based on the position decomposition, the method is still all having essential raising in fail safe on the computational efficiency.Usually, the various logic computing all can by " more than or equal to " algorithm development out, for example, less-than operation be " more than or equal to " the negating of computing.Therefore, the present invention will for " more than or equal to " computing carries out, but only needs simple logic can contain all other logical operations.
The present invention is in order to finish final logical operation, and the present invention has adopted the bit comparison technology under the distributed environment.Make x=[x
0, x
1..., x
L-1]
qWith y=[y
0, y
1..., y
L-1]
qBe the identical numerical value of two length (as be uneven in length, replenished by zero filling), q represents each component x
i, y
jThe ordered group at place, i wherein, j ∈ [0, l-1], each component after wherein decomposing is called position or unit.Then according to the definition of lexcographical order, logical relation can be expressed as follows:
In order to solve the logic comparison problem, the present invention has adopted the method that compares by turn, considers the secret sharing mode that adopts in the Distributed Calculation, at first needs to solve the problem of how to carry out the numerical value decomposition.In order to reach this purpose, the present invention proposes a kind of distributed security numerical value decomposition method:
For any number a, every the participant that participate in to calculate has of this numerical value a to be shared, and then finishes following computing:
The first step, each member adopts randomized technique to work in coordination with and obtains sharing of a random number and shared and its decomposition;
Second step, each member adopts shared numerical value to be decomposed is shared of this random number to carry out scrambling, and reconstructs the numerical value after this scrambling;
In the 3rd step, each member carries out the position to the scrambling numerical value that reconstructs and decomposes, and this decomposition is shared;
The 4th goes on foot, and each member adopts random digit to decompose and shares and carries out descrambling to the position decomposition of scrambling numerical value is shared, and data behind the descrambling are exported as algorithm.
A notable feature of the present invention is to adopt randomized technique, this randomized technique can produce random number and this random digit decomposed form simultaneously, and above-mentioned data can exist with a kind of secret form, and this secret form comprises encryption, secret shared, data encoding.
Another notable feature of the present invention has been to adopt the fail safe after the data scrambling technology guarantees data reconstruction, and this signal scrambling technique comprises and adopts random number that data are carried out algebraic operation, logical operation, coding processing etc.
Another notable feature of the present invention is to have adopted the data de-scrambling technology to restore former data, and this descrambling technology is the inverse process of above-mentioned signal scrambling technique, also will eliminate simultaneously because the impact that the change of data place codomain scope, data sharing form produces.
Another notable feature of the present invention is to have considered in the data de-scrambling technology the issuable data from overflow problem of magnitude relationship between random number and the data to be decomposed, and has adopted distributed bit comparison and a position algebraic operation method to solve.
Another notable feature of the present invention has been to adopt the secret of data to share form, has guaranteed the safety of input data, and lays a good foundation for the parallel processing of data calculating.
Decompose on the protocol basis in above-mentioned position of sharing based on secret, the present invention has realized a kind of distributed logic operation method based on lexcographical order, this logical operation can be represented that namely this relation comprises by certain " relation ": the expressions such as total order (line order), partial order, weak order.The method may further comprise the steps:
The first step is decomposed into one group of the next sharing of ordered group with the shared form of data to be compared (be descrambling after data);
Second step every bit is shared carry out independent logic relatively, and compared result keeps encrypted state;
The 3rd the step, in the lexcographical order of compared result first not identical bits position;
The 4th step, the locating information in the comparative result that obtains by second step and the 3rd step, by first not the shared size in position at same bits place determine final comparative result.
A notable feature of the present invention is to adopt the ordered group decomposition technique in the first step, refers to that the bits per inch certificate that obtains in minute solution vector after the data decomposition is comparable, and ordered group comprises: binary system, q system, uncorrelated decomposition base.This decomposition technique adopts method above-mentioned.
A notable feature of the present invention has been to adopt in the second step the parallel solution technique of " preceding paragraph with " and " preceding paragraph or ", realizes the distributed parallel computing between each member, has improved efficiency of algorithm.So-called " preceding paragraph with " and " preceding paragraph or " refer to the k position before all " with " and inclusive-OR operation, for example, x=[x
0, x
1..., x
L-1]
qIn the k item preceding paragraph be x
0∧ x
1∧ ... ∧ x
k
A notable feature of the present invention is to have adopted " bit carry " shared parallel solution technique in the 3rd step, realizes the distributed parallel computing between each member, has improved efficiency of algorithm.So-called " bit carry " refers to two data x to be compared, the k position x of y
k, y
kCarry out addition, if there is carry, then the result is 1, otherwise the result is 0.
A notable feature of the present invention is to have adopted a kind of mode that travels through fully in the 4th step, the information in avoiding revealing relatively, and final comparative result still is in shared state, to guarantee its confidentiality.This traversal mode is so that the opponent is unable to estimate out first the not definite position of identical bits and big or small gap of numerical value to be compared.
In order to achieve the above object, the several sub-protocol modules below the present invention has designed:
● random number and bit thereof are shared (Sloved-Bits)
This agreement is input not, its be output as that certain selected number is shared and the disassembly in the binary system of this number in each bit shared.
● random bit generates (RAN
2())
Had now method and can generate certain random integers in [1, p-1], wherein p is a large prime number, and we utilize the even distribution property of quadratic residue in RAN, so that this agreement is output as sharing of a random bit, this agreement does not need input.
● bit is (BIT-LT) relatively
This agreement be input as two integer x, each share in the disassembly in the binary system of y, if x>y, the sharing of this agreement output 1, otherwise the sharing of this agreement output 0.
● bit summation (BIT-ADD)
This agreement is input as two integer x, each share in the disassembly in the binary system of y, and it is output as in the disassembly in the binary system of integer x+y sharing of each.
● carry computation (CARRIES)
This agreement be input as two integer x, each share in the disassembly in the binary system of y, it is output as at computes integer x, each carry situation in the process of the add operation of y.
● prefix computation zero (PRE
Zero)
This agreement is the description for 01 kinds of forms of certain abstract computing, mainly is in order to calculate PRE
∧/ PRE
∨
● prefix computation and (PRE
∧/ PRE
∨)
This agreement is input as l bit a
1, a
2..., a
lShare, be output as
(i=1,2 ..., sharing l).
Good effect of the present invention:
The present invention is applicable to the synchronizing network situation, each member can be synchronous in synchronizing network realization transfer of data and renewal, thereby each member can be implemented in stages to the concurrent operation of data, after the computing of finishing last data, each member enters the computing in next stage simultaneously after exchanges data, like this can be so that each member's operational preservation consistency, improve the efficient of computing, reduce simultaneously the probability of makeing mistakes.
The present invention be applicable to two sides and in many ways the member calculate simultaneously, this calculates than present current distributed protocol, the efficient of calculating has obtained improving significantly, our calculating can reach the calculating effect of constant opinion.Difference according to the wheel efficient of distributed protocol, we are divided three classes distributed protocol: logarithm wheel agreement (agreement implementation time is the magnitude of the logarithm of input length), multinomial wheel agreement (agreement implementation time is certain linear polynomial time of input length) and constant wheel agreement.This agreement can realize that constant wheel calculates, like this so that our calculating can not rely on the length of input, and this point usually to be us wish to obtain very much.
Security of protocol among the present invention equally also is greatly improved, and this agreement can be resisted initiatively opponent's attack effectively.So-called initiatively opponent refers to that the opponent not only may obtain the operating intermediate data of agreement, and the execution that this opponent also might participation agreement simultaneously confuses other members that participate in execution by distorting data in the transmission and data falsification.The research of existing comparison agreement about a plurality of members all is for passive opponent, and our solution can detect initiatively opponent's attack, and just can interrupt the agreement implementation in case detect initiatively opponent's attack.
The present invention has used basic bit arithmetic, and bit arithmetic is very basic account form in the calculating field, and the research of its computational efficiency and this respect is extremely abundant and ripe, and this is so that our agreement is carried out is connected with hardware better.
The present invention is applicable to all multi-protocols in the existing Secure calculating, the method that we propose in agreement can be used as a module of other agreements and goes to carry out, this with in the many application scenarioss in Secure calculates the performance its important function, such as electronic voting, ecommerce etc.
Description of drawings:
Concern schematic diagram in the implementation of the present invention between each agreement.
Embodiment:
For the convenience of narrating, define first a function:
In this embodiment, we provide for known two integer x, and the linearity of y is shared [x]
p, [y]
p, we can calculate by progressively calling following program share [Comp (x, the y)] of functional value Comp (x, y)
pWe at first calculate [x]
B=[x
0]
p, [x
1]
p..., [x
L-1]
p[y]
B=[y
0]
p, [y
1]
p..., [y
L-1]
p, obtaining [x]
B[y]
BThe time, the BIT-LT agreement that provides below utilizing can obtain [Comp (x, y)]
p, we only need to do a reconstruct and can obtain Comp (x, y) like this, have so just finished the comparative result that we want.Concern that schematic diagram as shown in the figure in the implementation of the present invention between each agreement.
Obtain the disassembly in the binary system of this integer each the algorithm of sharing in order to construct one from certain integer shared, we have proposed following sub-protocol:
● random number and bit thereof are shared (SOLVED-BITS)
● random bit generates (RAN
2())
● bit is (BIT-LT) relatively
● bit summation (BIT-ADD)
● carry computation (CARRIES)
● prefix computation zero (PRE
Zero)
● prefix computation and (PRE
∧/ PRE
∨)
● share algebraic operation (see application number: 200810111190.9, name is called the patent application of " a kind of cryptography distributed calculating and step-by-step verification method with fault tolerance ")
● share reconstruct (see application number: 200810111190.9, name is called the patent application of " a kind of cryptography distributed calculating and step-by-step verification method with fault tolerance ")
● secret sharing (see application number: 200810111190.9, name is called the patent application of " a kind of cryptography distributed calculating and step-by-step verification method with fault tolerance ")
BITS position decomposition agreement is share [x] at known certain integer x
pCondition under, calculate in the binary representation of this integer each share [x]
B=([x
0]
p, [x
1]
p..., [x
L-1]
p), x wherein
0, x
1..., x
L-1Be the position of the binary representation of integer x, namely
Other sub-protocol is called in this agreement implementation, and we can progressively introduce the operation of each sub-protocol in the back.
Agreement is decomposed in the BITS position
1, is input as [a]
p, a ∈ F wherein
p
2、([b
0]
p,…,[b
l-1]
p,[b]
p)←SOLVED-BITS();
3、[a-b]
p←[a]
p-[b]
p;
4, c ← REVEAL ([a-b]
p), c ∈ F wherein
p
5, [d]
B← BIT-ADD (c, [b]
B), wherein [d]
B=([d
0]
p, [d
1]
p..., [d
l]
p);
6、[q]
p←BIT-LT(p,[d]
B);
7, (f
0, f
1..., f
L-1)=BITS (2
l-p), be positive integer 2
lThe disassembly in the binary system of-p;
8, for i=0,1 ..., l-1 parallel computation: [g
i]
p=f
i[q]
p
9、[g]
B=([g
0]
p,[g
1]
p,…,[g
l-1]
p);
10, [h]
B=BIT-ADD ([d]
p, [g]
p), wherein [h]
B=([h
0]
p, [h
1]
p..., [h
L+1]
p);
11、[a]
B=([h
0]
p,[h
1]
p,…,[h
l-1]
p);
12, output [a]
B
Called RAN in the SOLVED-BITS () agreement
2() agreement, this agreement is input not, and it is output as certain consistent random distribution bit a ∈, and { linearity of 0,1} is shared [a]
p, we use [a] in agreement
p← RAN
2().
In SOLVED-BITS () agreement, not input, it is output as secret the sharing of each bit linear binary number and this binary number of a l-1 bit at random.
SOLVED-BITS()
1, for i=0,1 ..., l-1 parallel computation: [b
i]
p← RAN
2();
2、[b]
B=([b
0]
p,[b
1]
p,…,[b
l-1]
p);
3、[c]
p←BIT-LT([b]
B,p);
4、c←REVEAL([c]
p);
If 5 c=0, algorithm is ended, otherwise the step below continuing;
6、
7, output ([b]
B, [b]
p).
We have utilized RAN in this agreement
p(), now about generating certain integer less than prime number p many methods have been arranged, here we directly use it as our part of agreement, are easy to utilize us the linear secret method of sharing above-mentioned to produce sharing of this integer after obtaining random integers.Here we utilize at multiplicative groups F
p *Quadratic residue element and quadratic non-residue element be random distribution always, and this property is so that the bit that our agreement obtains satisfies the condition of consistent random distribution, and this is the theoretical foundation of the key of this agreement.
RAN
2()
1、[a]
p←RAN
p();
2、[a
2modp]
p=MULT([a]
p,[a]
p);
3、a
2modp←REVEAL([a
2modp]
p);
If 4 a
2Modp=0, algorithm is ended, otherwise the step below continuing;
5、
6、[c]
p←(b
-1modp)[a]
p;
7、[d]
p←2
-1([c]
p+1);
8, output [d]
p
Because the thought of our whole agreement is to do bit arithmetic after integer being done disassembly in the binary system, therefore the following Prefix-OR that we provide processes this problem, wherein
This agreement be input as bit a
j(j=1,2 ..., linear secret sharing l) is output as b
i(i=1,2 ..., l) linear secret sharing.
Prefix-OR([b
1]
p,…,[b
l]
p)←PRE
∨([a
0]
p,[a
1]
p,…,[a
l]
p)
1, for i=1 ..., the λ parallel computation:
2, for i=1 ..., the λ parallel computation:
3、[f
1]
p=[x
1]
p;
4, for i=2 ..., λ parallel computation: [f
i]
p=[y
i]
p-[y
I-1]
p
5, for i=1 ..., λ, j=1 ..., λ parallel computation: [g
I, j]
p=MULT ([f
i]
p, [a
I, j]
p);
6, for j=1 ..., the λ parallel computation:
7, for j=1 ..., the λ parallel computation:
8, for i=1 ..., λ, j=1 ..., λ parallel computation: [s
I, j]
p=MULT ([f
i]
p, [b
, j]
p);
9, for i=1 ..., λ, j=1 ..., λ parallel computation: [b
I, j]
p=[s
I, j]
p+ [y
i]
p-[f
i]
p
The BIT-LT agreement can be at known two integer x, after the sharing of binary every bit of y, calculate function Comp (x, y) and share.
BIT-LT [c]
p=BIT-LT([a]
B,[b]
B)
1, for i=0 ..., l-1 parallel computation: [e
i]
p← XOR ([a
i]
p, [b
i]
p);
2、([f
l-1]
p,[f
l-2]
p,…,[f
0]
p)=PRE
∨([e
l-1]
p,[e
l-2]
p,…,[e
0]
p);
3、[g
l-1]
p=[f
l-1]
p;
4, for i=0 ..., l-2 parallel computation: [g
i]
p← [f
i]
p-[f
I+1]
p
5, for i=0 ..., l-1 parallel computation: [h
i]
p← MULT ([g
i]
p, [g
i]
p);
6、
7, output [h]
p
Bitwise Sum BIT-ADD is at known two integer a, shared [a] of each bit in the binary expansion of b
B, [b]
B, calculate each share of the binary digital expansion of an integer of integer a+b.
Bitwise Sum BIT-ADD[d]
B←BIT-ADD([a]
B,[b]
B)
1、([c
1]
p,[c
2]
p…,[c
l]
p)←CARRIES([a]
B,[b]
B);
2、[d
0]
p=[a
0]
p+[b
0]
p-2[c
1]
p;
3、[d
l]
p=[a
l]
p;
4, for i=0 ..., l-1 parallel computation: [d
i]
p=[a
i]
p+ [b
i]
p+ [c
i]
p-2[c
I+1]
p
5, output [d]
B=([d
0]
p, [d
1]
p..., [d
l]
p).
In the calculating of addition and multiplication, the situation of the carry that usually runs into, CARRIES has solved after known each decomposition, how to calculate rapidly the carry situation of each.
CARRIES
1, for i=0 ..., l-1 parallel computation: [s
i]
p=MULT ([a
i]
p, [b
i]
p);
2, for i=0 ..., l-1 parallel computation: [p
i]
p=[a
i]
p+ [b
i]
p-2[s
i]
p, [k
i]
p=1-[s
i]
p-[p
i]
p,
Make [e
i]
B=([s
i]
p, [p
i]
p, [k
i]
p), with [s
i]
p, [p
i]
p, [k
i]
pAs 3 bit strings e
iTwo of ∈ ∑ is shared;
3、([f
0]
B,[f
1]
B,…,[f
l-1]
B)=PRE。([e
0]
B,[e
1]
B,…,[e
l-1]
B);
4, for i=0 ..., l-1 makes ([s
i]
p, [p
i]
p, [k
i]
p)=[f
i]
B, each [f wherein
i]
BComprise sharing of 3 bits, i.e. s
i, p
i, k
iShare;
5, output [c]
B=([s
0]
p, [s
1]
p..., [s
L-1]
p).
CARRIES has solved the carry situation of calculating rapidly each after known each decomposition.UnboundedFan-In Carry Propagation then is devoted to solve the carry problem of transmission between a plurality of positions.
Unbounded Fan-In Carry Propagation
1、
2、([q
l-1]
p,[q
l-2]
p,…,[q
1]
p)=PRE
∧([p
l-1]
p,[p
l-2]
p,…,[p
1]
p);
3、[c
l]=[k
l];
4, for i=0,1 ..., l-1 parallel computation: [c
i]
p=[k
i]
p∧ [q
I+1]
p
5、
6、[a]
p=1-[b]
p-[c]
p。
After having had above-mentioned agreement, we will realize being easy to for more just becoming of two numbers.Given integer x, shared [x] of y
p, [y]
p, we can calculate integer x to utilize above-mentioned agreement, the sharing of each bit in the binary representation of y, and after obtaining the sharing of each bit, only need call BIT-LT can obtain the conclusion that we want.
Claims (6)
1. the logic comparison method of the Distributed Calculation in the computer network, wherein for certain numerical value a, every the participant that participates in calculating has of this numerical value a to be shared, and the steps include:
1) each member adopts that randomized technique is collaborative to obtain a random number and its decomposition, then the position of this random number and this random number is decomposed and shares respectively;
2) each member adopts shared numerical value to be decomposed is shared of this random number to carry out scrambling, and reconstructs the numerical value after this scrambling;
3) each member carries out the position decomposition to the scrambling numerical value that reconstructs, and this decomposition is shared;
4) each member adopts sharing of this random digit decomposition to carry out exporting behind the descrambling to the position decomposition of scrambling numerical value is shared; Wherein, adopt distributed bit comparison and position algebraic operation method to carry out described descrambling;
5) share the position that the shared form of descrambling being exported data is decomposed under one group of ordered group;
6) position is shared carry out independent logic relatively, and compared result keeps encrypted state;
7) in the lexcographical order of compared result first not identical bits position; Wherein, the parallel method for solving that adopts the bit carry to share is determined in the lexcographical order of described comparative result first not location of identical bits;
8) according to step 6) comparative result and step 7) locating information, adopt travel through fully mode by first not the size shared of the position at same bits place determine final comparative result.
2. the method for claim 1 is characterized in that sharing and shared maintaining secrecy of decomposing described random number.
3. method as claimed in claim 2 is characterized in that described secret form comprises: encryption, secret shared, data encoding.
4. the method for claim 1 is characterized in that described ordered group comprises: binary system ordered group, q system ordered group, uncorrelated decomposition base ordered group.
5. the method for claim 1 is characterized in that adopting the parallel method for solving contraposition of " preceding paragraph with " and " preceding paragraph or " to share and has carried out independent logic comparison; Described " preceding paragraph with " refers to before the k position AND operation of all, described " preceding paragraph or " refers to before the k position all inclusive-OR operation.
6. the method for claim 1 is characterized in that described bit bit method is: with two data x to be compared, and the k position x of y
k, y
kCarry out addition, if there is carry, then the result is 1, otherwise the result is 0.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910222920 CN101815081B (en) | 2008-11-27 | 2009-11-13 | Distributed calculation logic comparison method |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810180439.1 | 2008-11-27 | ||
| CN200810180439 | 2008-11-27 | ||
| CN 200910222920 CN101815081B (en) | 2008-11-27 | 2009-11-13 | Distributed calculation logic comparison method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101815081A CN101815081A (en) | 2010-08-25 |
| CN101815081B true CN101815081B (en) | 2013-04-03 |
Family
ID=42622196
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200910222920 Expired - Fee Related CN101815081B (en) | 2008-11-27 | 2009-11-13 | Distributed calculation logic comparison method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101815081B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112183757B (en) * | 2019-07-04 | 2023-10-27 | 创新先进技术有限公司 | Model training method, device and system |
| CN111371545B (en) * | 2020-05-27 | 2020-09-11 | 支付宝(杭州)信息技术有限公司 | Encryption method and system based on privacy protection |
| CN111523144B (en) * | 2020-07-03 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Method and device for performing secure operation aiming at private data of multiple parties |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325596A (en) * | 2007-11-13 | 2008-12-17 | 北京大学 | Cryptography distributed calculation and step-by-step verification method with fault-tolerant function |
-
2009
- 2009-11-13 CN CN 200910222920 patent/CN101815081B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325596A (en) * | 2007-11-13 | 2008-12-17 | 北京大学 | Cryptography distributed calculation and step-by-step verification method with fault-tolerant function |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101815081A (en) | 2010-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bonawitz et al. | Practical secure aggregation for privacy-preserving machine learning | |
| CN109951443B (en) | Set intersection calculation method and system for privacy protection in cloud environment | |
| Singh et al. | Implementation of text encryption using elliptic curve cryptography | |
| Atallah et al. | Securely outsourcing linear algebra computations | |
| Liu et al. | Privacy-preserving outsourced calculation toolkit in the cloud | |
| Koblitz | Algebraic aspects of cryptography | |
| Aliasgari et al. | Secure computation on floating point numbers | |
| Goryczka et al. | Secure multiparty aggregation with differential privacy: A comparative study | |
| Lempel | Cryptology in transition | |
| US20130339728A1 (en) | Secure product-sum combination system, computing apparatus, secure product-sum combination method and program therefor | |
| Catrina | Round-efficient protocols for secure multiparty fixed-point arithmetic | |
| CN114175569A (en) | System and method for adding and comparing integers encrypted with quasigroup operations in AES counter mode encryption | |
| Rahman et al. | MAKE: A matrix action key exchange | |
| Fang et al. | Privacy preserving linear regression modeling of distributed databases | |
| CN115333726A (en) | Fixed point number secure multiplication method based on vector space secret sharing | |
| CN101815081B (en) | Distributed calculation logic comparison method | |
| CN112580071B (en) | Data processing method and device | |
| Lu et al. | Quantum secure multi-party summation with graph state | |
| CN105119929A (en) | Safe mode index outsourcing method and system under single malicious cloud server | |
| CN107465508A (en) | A kind of method, system and the equipment of software and hardware combining construction true random number | |
| Deryabin et al. | Secure verifiable secret short sharing scheme for multi-cloud storage | |
| Catrina | Towards practical secure computation with floating-point numbers | |
| Veugen et al. | Secure integer division with a private divisor | |
| CN114358323A (en) | Third-party-based efficient Pearson coefficient calculation method in federated learning environment | |
| Ebrahimi et al. | Enhancing cold wallet security with native multi-signature schemes in centralized exchanges |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130403 Termination date: 20151113 |
|
| EXPY | Termination of patent right or utility model |