CN111538582A - Homomorphic encryption unloading method based on Intel QAT - Google Patents

Homomorphic encryption unloading method based on Intel QAT Download PDF

Info

Publication number
CN111538582A
CN111538582A CN202010338077.5A CN202010338077A CN111538582A CN 111538582 A CN111538582 A CN 111538582A CN 202010338077 A CN202010338077 A CN 202010338077A CN 111538582 A CN111538582 A CN 111538582A
Authority
CN
China
Prior art keywords
qat
homomorphic encryption
encryption
coroutine
task
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010338077.5A
Other languages
Chinese (zh)
Inventor
华蓓
周慧凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Science and Technology of China USTC
Original Assignee
University of Science and Technology of China USTC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Science and Technology of China USTC filed Critical University of Science and Technology of China USTC
Priority to CN202010338077.5A priority Critical patent/CN111538582A/en
Publication of CN111538582A publication Critical patent/CN111538582A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/485Task life-cycle, e.g. stopping, restarting, resuming execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/38Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
    • G06F7/48Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
    • G06F7/544Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices for evaluating functions by calculation
    • G06F7/552Powers or roots, e.g. Pythagorean sums
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/545Interprogram communication where tasks reside in different layers, e.g. user- and kernel-space

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Mathematical Optimization (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a homomorphic encryption unloading method based on Intel QAT, which realizes high-efficiency QAT asynchronous unloading of encryption tasks by packaging each homomorphic encryption process into a corotation, enhances the concurrency of the homomorphic encryption unloading process of a system, improves the throughput of the system, and further reduces the delay of single homomorphic encryption by a mode of submitting irrelevant large digital-analog power operation tasks through a nested corotation. For the heterogeneous system composed of the CPU and the QAT, the asynchronous mode also avoids invalid blocking of the CPU, so that the CPU can do more operations, and finally, the computing power of the CPU and the QAT is fully applied.

Description

Homomorphic encryption unloading method based on Intel QAT
Technical Field
The invention relates to the technical field of cryptology homomorphic encryption, in particular to a homomorphic encryption unloading method based on Intel QAT.
Background
Qat (quickassist technology) is a specialized piece of acceleration hardware (ASIC) developed by Intel corporation for encryption/decryption tasks and compression/decompression tasks. The QAT encapsulates conventional encryption algorithms (e.g., RSA, AES, ECC algorithms) and conventional compression algorithms (e.g., Deflate algorithms) to provide a convenient and easy-to-use programming interface for invoking these algorithms. Currently, there are already fruitful efforts based on QAT, but most of these efforts are limited to the fields of conventional encryption and data compression. The QAT provides a large digital-analog power operation interface, and can be compatible with several mainstream semi-homomorphic encryption schemes based on the modular power operation, such as a Paillier encryption scheme, an ElGamal encryption scheme and the like. However, the interface is only an unencapsulated low-level calling interface, and the work of realizing homomorphic encryption by using the interface is only realized by simple unloading at present, so that the efficiency is low, and asynchronous support on an application layer is not considered.
The most direct method of offloading encryption operations using QAT is to replace the encryption function in the encryption function library with a synchronous call to the QAT encryption operation interface, which is also an existing working method, so that the upper layer application needs almost no modification, but the performance of this offloading method is very low. This is because in a general software encryption scheme, the call to the encryption function is a synchronous blocking call, and by calling the CPU resource to perform encryption operation, neither the application layer software nor the encryption library can perform subsequent operations until the encryption blocking operation is completed. This design is reasonable in the case where only the CPU is involved in the computation, but results in serial execution of the CPU and QAT in the above-described offload mode, and the utilization of QAT is low. One possible solution is to open a large number of threads for synchronous calls, thereby increasing the load of the QAT and hiding the offload I/O overhead of each thread, which has been used in prior art. However, with the introduction of a large number of threads, the overhead of inter-thread switching increases dramatically, becoming an important factor limiting system performance.
Disclosure of Invention
The invention aims to provide a homomorphic encryption unloading method based on Intel QAT, which can realize high-efficiency asynchronous unloading of homomorphic encryption on QAT to overcome the defects of simple synchronous unloading, fully exert the computing power of a CPU and QAT, enhance the parallelism of homomorphic encryption tasks, shorten the running time delay of the homomorphic encryption tasks and improve the throughput of the homomorphic encryption of a system.
The purpose of the invention is realized by the following technical scheme:
a homomorphic encryption unloading method based on Intel QAT comprises the following steps:
the method comprises the steps that a software stack is set up above QAT user mode drivers, and the software stack comprises a QAT access layer, a homomorphic encryption library and an application layer from bottom to top;
each homomorphic encryption task is packaged into a coroutine in an application layer, the coroutine acquires data to be encrypted according to parameters, and then a homomorphic encryption library is called to realize homomorphic encryption of the application layer; the homomorphic encryption library is responsible for realizing a homomorphic encryption algorithm and calls a QAT access layer to carry out asynchronous submission of tasks; after the QAT access layer submits the encryption request through the asynchronous API, the corresponding protocol actively suspends the execution of the QAT access layer, and the application layer schedules the next homomorphic encryption task;
before the number of asynchronously submitted tasks reaches the upper limit which can be borne by the QAT instance, the application layer actively polls the QAT instance to obtain an encryption result; then, the QAT user mode drives to call a preset callback function; the callback function directly reenters the corresponding coroutine according to the coroutine handle associated with the encryption result, and continues to execute the subsequent processing process; and finishing the corresponding coroutine after the subsequent processing is finished.
According to the technical scheme provided by the invention, each homomorphic encryption task is packaged into a coroutine, asynchronous unloading of the encryption task is realized in a mode of submitting the encryption task by the coroutine, high-efficiency asynchronous unloading of a large batch of encryption tasks under the condition of extremely low scheduling overhead is realized by applying the coroutine mode, compared with a single-thread synchronous mode, all calculation power of QAT is exerted, and meanwhile, a CPU is not blocked by synchronously submitting QAT tasks; compared with a multi-thread synchronization mode, the method avoids the overhead generated by switching a large number of threads, ensures the high-efficiency utilization of QAT and reduces the occupation of a CPU; meanwhile, a polling method is used for obtaining task completion results instead of an interruption method, so that the problem that too high expenditure is caused due to the fact that a large amount of tasks are frequently trapped into a kernel when interrupted is avoided, and the polling is more efficient when the large amount of tasks are processed; in addition, the protocol handle preset to the callback function can conveniently re-enter the encryption task which is not completed before, and other processing after the encryption result is obtained is realized.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic diagram of a software stack of a homomorphic encryption uninstalling method based on an Intel QAT according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a task encapsulation and submission flow provided by an embodiment of the present invention;
FIG. 3 is a schematic diagram of a polling and asynchronous protocol reentry process according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a post-processing flow provided in the embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a homomorphic encryption unloading method based on Intel QAT, which comprises the steps of firstly, building a software stack above a QAT user state driver, wherein the software stack comprises a QAT access layer, a homomorphic encryption library and an application layer from bottom to top; then, the following three steps are performed:
the first step is as follows: and (5) encapsulating and submitting tasks.
Each homomorphic encryption task is packaged into a coroutine in an application layer, the coroutine acquires data to be encrypted according to parameters, and then a homomorphic encryption library is called to realize homomorphic encryption of the application layer; the homomorphic encryption library is responsible for realizing a homomorphic encryption algorithm and calls a QAT access layer to carry out asynchronous submission of tasks; after the QAT access layer submits the encryption request through the asynchronous API, the corresponding protocol actively suspends the execution of the QAT access layer, and the application layer schedules the next homomorphic encryption task.
If the corresponding homomorphic encryption task involves a plurality of times of irrelevant large digital-analog power operations in the co-project, before the last large digital-analog power operation, a new co-project is generated every time the large digital-analog power operation is encountered, the new co-project only packages the large digital-analog power operations to submit the QAT task, and the control right is returned to the original co-project after the QAT task is submitted by the new co-project. When multiple passes are involved in submitting QAT tasks in one encryption operation, these tasks need to be submitted to the QAT through the same QAT Instance (QAT instant).
In the embodiment of the invention, each homomorphic encryption task is packaged into a coroutine, and asynchronous unloading of the encryption task is realized in a way of submitting the encryption task by the coroutine. The coroutine is a user mode thread, and is scheduled in a cooperation mode, and the scheduling is also completed in a user mode, so that the expense of switching kernels is avoided, and the coroutine is smaller than the expense of the kernel mode thread. The main advantage of coroutine is that it can interrupt at any position, give way to CPU, schedule another coroutine to run, and can re-enter coroutine at any time, and directly continue to execute downwards from the last exit execution point. This feature allows coroutines to provide a natural asynchronous manner of invocation. Therefore, the invention realizes the high-efficiency asynchronous unloading of large-batch encryption tasks under the condition of extremely low scheduling overhead by applying the coroutine mode, and compared with the single-thread synchronous mode, the invention exerts the full calculation power of QAT, and simultaneously the CPU is not blocked by synchronously submitting QAT tasks; compared with a multithreading synchronization mode, the method avoids the overhead generated by switching a large number of threads, ensures the high-efficiency utilization of QAT and reduces the occupation of a CPU.
In the embodiment of the invention, optimization of embedding the coroutine in the coroutine is also adopted in consideration of single homomorphic encryption delay. According to a homomorphic encryption algorithm, one homomorphic encryption sometimes needs to carry out a plurality of times of large digital-to-analog exponentiation operations, namely, a plurality of times of QAT unloading. Two large digital-to-analog power operations are taken as an example to illustrate how embedding a coroutine in a coroutine reduces the delay of homomorphic encryption: in a simple scheme, two times of large digital-analog power operation are integrated in one coroutine/encryption task, a first large digital-analog power operation request is submitted through the coroutine, the coroutine is re-entered in a first polling callback to submit a second large digital-analog power operation request, and then homomorphic encryption can be completed in a second polling callback, so that two times of asynchronous unloading are completely serial; considering the concurrent submission of a large batch of encryption tasks, the delay of single encryption is obviously increased; in fact, however, there is no relation between two large digital-to-analog power operations of homomorphic encryption, and the two large digital-to-analog power operations can be realized in parallel; the two large digital-analog power operations are decoupled and are realized as two coroutines, wherein the first coroutine packages the submission of the first large digital-analog power operation, the second coroutine packages the submission of the second large digital-analog power operation and the subsequent treatment of the whole homomorphic encryption, and the two coroutines are sequentially submitted; the time delay of single homomorphic encryption can be effectively reduced by the parallel processing of two times of large digital-to-analog power operations; the reason why the QAT task submitted in the two co-processes needs to be submitted to the same QAT instance is to ensure that the first modular exponentiation result is obtained when post-processing is performed after the second modular exponentiation result is obtained, so that the final encryption result can be obtained by using the results of the two modular exponentiations in the post-processing process of the second modular exponentiation; this is because the operating mechanism of the QAT always obtains the result first from the task submitted first in the same QAT instance, and if the task is submitted through different QAT instances, the result obtained first from the task submitted first cannot be guaranteed, which results in the situation that the result obtained first from the modular exponentiation is not obtained when the post-processing is required to integrate the modular exponentiation results twice after the second modular exponentiation result is obtained. And the same can be done when more than two uncorrelated large digital-analog exponentiations are needed for one homomorphic encryption.
Second step, polling and asynchronous protocol reentry
Before the number of asynchronously submitted tasks reaches the upper limit which can be borne by the QAT instance, the application layer actively polls the QAT instance to obtain an encryption result; then, the QAT user mode drives to call a preset callback function; and the callback function directly reenters the corresponding coroutine according to the coroutine handle associated with the encryption result and continues to execute the subsequent processing process. And finishing the corresponding coroutine after the subsequent processing is finished.
In the embodiment of the invention, the polling method is used for acquiring the task completion result instead of the interrupt method, so that the high overhead caused by the frequent trapping of a kernel when a large batch of tasks are interrupted is avoided, and the polling is more efficient when the large batch of tasks are processed.
And thirdly, post-treatment.
The subsequent processing includes the subsequent processing associated with each layer in the software stack, which is the conversion and data wrapping of the encrypted data type for the QAT access layer, the further encryption process processing for the homomorphic encryption library, and the subsequent processing including writing the encrypted data for the application layer.
In the embodiment of the invention, the protocol handle preset to the callback function can conveniently re-enter the encryption task which is not completed before, and other processing after the encryption result is obtained is realized.
For the purpose of facilitating understanding, the present invention will be further described with reference to the accompanying drawings and specific examples.
In this example, a Paillier homomorphic encryption scheme is taken as an example to illustrate a homomorphic encryption offload method based on Intel QAT.
Firstly, the following software stack is built: above QAT user mode drive, the software stack is divided into three layers from bottom to top, namely a QAT access layer, a homomorphic encryption library and an application layer; the QAT access layer is responsible for interacting with the QAT drive to realize data format conversion, data encapsulation and submission request; the homomorphic encryption library is responsible for realizing a homomorphic encryption algorithm and calling a QAT access layer to carry out asynchronous submission of a QAT task; the application layer packages each homomorphic encryption task into a coroutine fiber and calls an interface provided by the homomorphic encryption library to realize the homomorphic encryption requirement of the application layer.
FIG. 1 shows the software stack required for the homomorphic encryption offload method based on Intel QAT of the present invention. Software stack is driven in QAT user state
Figure BDA0002467366070000051
On the top of the above-mentioned material,from bottom to top QAT access layers respectively
Figure BDA0002467366070000052
Homomorphic encryption library
Figure BDA0002467366070000053
And an application layer
Figure BDA0002467366070000054
Homomorphic encryption library in this example
Figure BDA0002467366070000055
The Paillier encryption logic needs to be implemented, and the application layer
Figure BDA0002467366070000056
A Paillier encryption method is required to be applied to homomorphic encryption of a large amount of data; the line segment with an arrow in the figure represents the calling relationship between the layers in the software stack, and the solid line and the dotted line are used for distinguishing an encryption task 1 and an encryption task 2 in the application layer (the encryption requirement of the application layer is encapsulated into an encryption task 1 and an encryption task 2 … …, and an encryption task n); application layer in the figure
Figure BDA0002467366070000057
First calling a homomorphic encryption library
Figure BDA0002467366070000058
Homomorphic encryption library
Figure BDA0002467366070000059
Submitting an encryption request to a QAT access layer
Figure BDA00024673660700000510
Last QAT Access layer
Figure BDA00024673660700000511
Offloading encryption tasks to QAT user state drivers through QAT APIs
Figure BDA00024673660700000512
On the basis of the established software stack, the homomorphic encryption unloading method based on the Intel QAT specifically comprises the following steps:
the first step is as follows: task encapsulation and submission
Fig. 2 shows a schematic diagram of task encapsulation and submission flows, in which the line segments with arrows represent each small process in the flow (fig. 3 and 4 are the same), and the solid line and the dotted line represent two different encryption tasks/protocols: the flow of encryption task 1/protocol 1 and encryption task 2/protocol 2 (the same applies to fig. 4). In this example, the application layer
Figure BDA00024673660700000513
The need is to encrypt large volumes of data with the Paillier homomorphic encryption method. The following explains the processing flow by taking the encryption task 1 as an example.
Firstly, packaging a Paillier encryption task 1 into a coroutine 1 process ①, wherein the coroutine comprises three steps of reading plaintext data according to parameters and calling a homomorphic encryption library
Figure BDA0002467366070000061
The API encrypts the data and writes the ciphertext data to the designated location. The coroutine is then invoked.
Coroutine 1 starts to call a homomorphic encryption library after reading plaintext data
Figure BDA0002467366070000062
The API performs a data encryption process ②. in this example, the libhcs library is selected as the homomorphic encryption library
Figure BDA0002467366070000063
To implement the basic Paillier encryption logic. libhcs homomorphic encryption library
Figure BDA0002467366070000064
Realizing large number operation based on GMP library, and replacing the calling of the large number operation interface of the GMP library with the calling of the QAT access layer
Figure BDA0002467366070000065
The correlation call of (2). Considering that the Paillier homomorphic encryption process involves two times of uncorrelated large digital-analog power operations, a new coroutine is additionally started in the coroutine 1 to specially submit the operation when the first large digital-analog power operation is encountered, the new coroutine returns to the coroutine 1 after the submission is completed, and the second large digital-analog power operation is continuously submitted in the coroutine 1.
Homomorphic encryption library
Figure BDA0002467366070000066
Submitting an encryption request to a QAT access layer through a correlation call
Figure BDA0002467366070000067
③. the libhcs library calls the GMP library to realize large number correlation operation, all the data inside the library is stored in the mpz _ t format in GMP, the mpz _ t format needs to be converted into the CpaFlatBuffer format accepted by QAT drive through the correlation function provided by GMP, and finally the task is asynchronously unloaded to the QAT user state driving process ④ in the non-blocking encryption API mode through the large digital-to-analog power operation interface cpaCyLnModExp of QAT, and the subsequent QAT user state driving process
Figure BDA0002467366070000068
Submitting a request to a QAT instance
Figure BDA0002467366070000069
By QAT instance
Figure BDA00024673660700000610
Encryption engine with QAT hardware, namely QAT
Figure BDA00024673660700000611
Interaction is carried out, and the handle of the current coroutine 1 is required to be taken as a callback function parameter to be transmitted to the cpaCyLnModExp when the cpaCyLnModExp interface is called. Asynchronously submitting large digital-to-analog power tasks to QAT user state driver
Figure BDA00024673660700000612
Thereafter, coroutine 1 immediately suspends its execution by a related call(pause the current coroutine), return control to the application layer
Figure BDA00024673660700000613
Process ⑤ continues to submit the next encrypted task/coroutine, encrypted task 2/coroutine 2 (call to next coroutine).
The second step is that: polling and asynchronous protocol reentry
FIG. 3 is a schematic diagram of a polling and asynchronous protocol reentry flow, in which the left is a polling process for polling QAT instances at a certain frequency; and the right side is the process of asynchronous program reentry, and the ready program is reentered after the completion. Preferably, in this example, after each 10 homomorphic encryption tasks are submitted, at the application layer
Figure BDA00024673660700000614
User state driven by QAT
Figure BDA00024673660700000615
Interface of middle icp _ sal _ CyPollInstance to corresponding QAT instance
Figure BDA00024673660700000616
Polling the new encryption results process ⑥ when a poll finds a QAT instance
Figure BDA00024673660700000617
In the presence of a new response, i.e., a large digital-to-analog exponentiation result, the QAT user state drives
Figure BDA00024673660700000618
A callback function procedure ⑦ pre-passed to the cpaCyLnModExp interface is called, and the corresponding protocol handle is passed to the callback function, and the ready protocol procedure ⑧ is re-entered in the callback function.
The third step: post-treatment
FIG. 4 is a schematic diagram of a post-processing flow. The post-processing flow of each coroutine is the same, and coroutine 1 is taken as an example. When protocol 1 is re-entered, protocol 1 will be at the QAT access level
Figure BDA0002467366070000071
Awakened ⑨, when the QAT operation result has been obtained in protocol 1, and subsequent operations can be performed
Figure BDA0002467366070000072
In the method, the operation result in the CpaFlatBuffer format is converted into mpz _ t format again and returned to the homomorphic encryption library
Figure BDA0002467366070000073
The process ⑩ in libhcs takes two times of large-digital-analog power operation as an example, if coroutine 1 encapsulates the first time of large-digital-analog power operation in Paillier encryption, all post-processing of coroutine 1 is completed, if coroutine 1 encapsulates the whole homomorphic encryption task, namely submits the second time of large-digital-analog power operation in Paillier encryption, the result of the first time of modular power operation is obtained when the result of the second time of modular power operation is obtained, and the homomorphic encryption library
Figure BDA0002467366070000074
The integration of the two operation results can be realized to obtain the final result of Paillier encryption, and at the moment, the homomorphic encryption library
Figure BDA0002467366070000075
The post-processing is completed, after which the application layer needs to be entered
Figure BDA0002467366070000076
Process for producing a metal oxide
Figure BDA0002467366070000077
Performing an application layer
Figure BDA0002467366070000078
And (4) post-treatment. Application layer
Figure BDA0002467366070000079
When the post-processing is executed, the ciphertext result is obtained, and all that is needed is to write the ciphertext into the appointed memory position. Until all post-processing is completed, coroutine 1 will controlUser-mode driver returned to call callback function
Figure BDA00024673660700000710
And (5) ending the current coroutine, and continuing to process the next polling result, namely starting the reentry and post-processing process of the coroutine 2.
In the embodiment, the high-efficiency QAT asynchronous unloading of the encryption task is realized by encapsulating each Paillier encryption process into one co-program by the homomorphic encryption unloading method based on the Intel QAT, the concurrency of the homomorphic encryption unloading process of the system is enhanced, the system throughput is improved, and meanwhile, the delay of single homomorphic encryption is further reduced by a mode of submitting irrelevant large digital-analog power operation tasks by a nested co-program. For the heterogeneous system composed of the CPU and the QAT, the asynchronous mode also avoids invalid blocking of the CPU, so that the CPU can do more operations, and finally, the computing power of the CPU and the QAT is fully applied.
Through the above description of the embodiments, those skilled in the art can clearly understand that the above embodiments are implemented by software plus QAT dedicated hardware. With this understanding, the technical solutions of the embodiments can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.), and includes several instructions for enabling a computer device (which can be a personal computer, a server, or a network device, etc.) to execute the methods according to the embodiments of the present invention.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (3)

1. A homomorphic encryption unloading method based on Intel QAT is characterized by comprising the following steps:
the method comprises the steps that a software stack is set up above QAT user mode drivers, and the software stack comprises a QAT access layer, a homomorphic encryption library and an application layer from bottom to top;
each homomorphic encryption task is packaged into a coroutine in an application layer, the coroutine acquires data to be encrypted according to parameters, and then a homomorphic encryption library is called to realize homomorphic encryption of the application layer; the homomorphic encryption library is responsible for realizing a homomorphic encryption algorithm and calls a QAT access layer to carry out asynchronous submission of tasks; after the QAT access layer submits the encryption request through the asynchronous API, the corresponding protocol actively suspends the execution of the QAT access layer, and the application layer schedules the next homomorphic encryption task;
before the number of asynchronously submitted tasks reaches the upper limit which can be borne by the QAT instance, the application layer actively polls the QAT instance to obtain an encryption result; then, the QAT user mode drives to call a preset callback function; the callback function directly reenters the corresponding coroutine according to the coroutine handle associated with the encryption result, and continues to execute the subsequent processing process; and finishing the corresponding coroutine after the subsequent processing is finished.
2. The Intel QAT-based homomorphic encryption offload method of claim 1,
if the corresponding homomorphic encryption task involves a plurality of times of irrelevant large digital-analog power operations in the co-project, before the last large digital-analog power operation, a new co-project is generated every time the large digital-analog power operation is encountered, the new co-project only packages the large digital-analog power operations to submit the QAT task, and the control right is returned to the original co-project after the QAT task is submitted by the new co-project.
3. The method of claim 1, wherein the post-processing comprises post-processing associated with each layer of the software stack, for the QAT access layer, conversion and data wrapping of the encrypted data type, for the homomorphic encryption library, further encryption process processing, and for the application layer, post-processing including writing the encrypted data.
CN202010338077.5A 2020-04-26 2020-04-26 Homomorphic encryption unloading method based on Intel QAT Pending CN111538582A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010338077.5A CN111538582A (en) 2020-04-26 2020-04-26 Homomorphic encryption unloading method based on Intel QAT

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010338077.5A CN111538582A (en) 2020-04-26 2020-04-26 Homomorphic encryption unloading method based on Intel QAT

Publications (1)

Publication Number Publication Date
CN111538582A true CN111538582A (en) 2020-08-14

Family

ID=71978953

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010338077.5A Pending CN111538582A (en) 2020-04-26 2020-04-26 Homomorphic encryption unloading method based on Intel QAT

Country Status (1)

Country Link
CN (1) CN111538582A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338629A (en) * 2020-09-25 2022-04-12 北京金山云网络技术有限公司 Data processing method, device, equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425934A (en) * 2013-07-31 2013-12-04 北京华易互动科技有限公司 Homomorphic decryption storage method based on MySQL database
CN107786580A (en) * 2017-12-12 2018-03-09 南京航空航天大学 Paillier encryption methods based on cloud computing platform
US20180294950A1 (en) * 2017-04-11 2018-10-11 The Governing Council Of The University Of Toronto Homomorphic Processing Unit (HPU) for Accelerating Secure Computations under Homomorphic Encryption
US20190384638A1 (en) * 2018-06-15 2019-12-19 EMC IP Holding Company LLC Method, device and computer program product for data processing
CN111190569A (en) * 2019-12-30 2020-05-22 中国科学技术大学 Homomorphic encryption unloading method based on Intel QAT

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103425934A (en) * 2013-07-31 2013-12-04 北京华易互动科技有限公司 Homomorphic decryption storage method based on MySQL database
US20180294950A1 (en) * 2017-04-11 2018-10-11 The Governing Council Of The University Of Toronto Homomorphic Processing Unit (HPU) for Accelerating Secure Computations under Homomorphic Encryption
CN107786580A (en) * 2017-12-12 2018-03-09 南京航空航天大学 Paillier encryption methods based on cloud computing platform
US20190384638A1 (en) * 2018-06-15 2019-12-19 EMC IP Holding Company LLC Method, device and computer program product for data processing
CN111190569A (en) * 2019-12-30 2020-05-22 中国科学技术大学 Homomorphic encryption unloading method based on Intel QAT

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘瑶: "基于CryptDB的加密数据访问及操作的性能优化的研究", 《中国优秀博硕士学位论文全文数据库(硕士) 信息科技辑》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338629A (en) * 2020-09-25 2022-04-12 北京金山云网络技术有限公司 Data processing method, device, equipment and medium

Similar Documents

Publication Publication Date Title
CN111190569B (en) Homomorphic encryption unloading method based on Intel QAT
JP7028745B2 (en) Heterogeneous Accelerator for High Efficiency Learning Systems
CN105760237B (en) A kind of means of communication based on association's journey mechanism
US10242420B2 (en) Preemptive context switching of processes on an accelerated processing device (APD) based on time quanta
US8963933B2 (en) Method for urgency-based preemption of a process
US7366814B2 (en) Heterogeneous multiprocessor system and OS configuration method thereof
CN111538582A (en) Homomorphic encryption unloading method based on Intel QAT
WO2015146104A1 (en) Virtual machine system, control method therfor, and control program recording medium therefor
JP2011013852A (en) Information processor and parallel operation control method
CN112114967B (en) GPU resource reservation method based on service priority
Ciobanu The Events Priority in the nMPRA and Consumption of Resources Analysis on the FPGA.
US20060100986A1 (en) Task switching
JP2001282560A (en) Virtual computer control method, its performing device and recording medium recording its processing program
JP2000215071A (en) Virtual computer system
CN110716791A (en) Real-time virtualization system and execution method thereof
JPH06230985A (en) Task control circuit and microprocessor
US20230393889A1 (en) Multi-core processor, multi-core processor processing method, and related device
EP3502887B1 (en) Interrupt handling for multiple virtual machines
JPH0433130A (en) Multi-chip constituting method
JPH04335441A (en) Command immediate answer property securing system
JPH064306A (en) Method for dividing interruption processing
TW202301137A (en) Image signal processor and image processing system
JP2001331331A (en) Unique process multithread operating system
JPH02176832A (en) Microcomputer
JPH0462093B2 (en)

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200814