CN111783130B

CN111783130B - Data processing method and device for privacy protection and server

Info

Publication number: CN111783130B
Application number: CN202010919436.6A
Authority: CN
Inventors: 刘颖婷; 周俊; 陈超超; 王力
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2020-09-04
Filing date: 2020-09-04
Publication date: 2021-01-29
Anticipated expiration: 2040-09-04
Also published as: CN111783130A

Abstract

The specification provides a data processing method and device for privacy protection and a server. In one method embodiment, an addition fragment in secret sharing is converted into a multiplication fragment, and then high-precision initialization of a fast square root algorithm can be introduced into a floating-point square root reciprocal algorithm based on privacy protection, so that the number of iteration times of a subsequent Newton method based on privacy protection is reduced, the privacy of a user is protected, meanwhile, the algorithm efficiency is improved, and the processing performance of computing equipment is improved.

Description

Data processing method and device for privacy protection and server

Technical Field

The embodiment of the specification belongs to the technical field of privacy protection of cryptography, and particularly relates to a data processing method and device for privacy protection and a server.

Background

In the current data sharing application scenarios, shared data is generally provided by multiple participants, and the data is kept locally without aggregation of plaintext. When a plurality of participant data need to establish a model in a unified way, the output result output by the participants needs to be ensured to be private and invisible to other participants. Data sharing inevitably involves privacy disclosure, and currently common solutions include cryptography-based Multi-party security computing (MPC), where secret sharing is mainly used in the MPC field. At present, communication and cooperation among participants are needed while data privacy is protected, and overhead such as data calculation and mutual communication has a large influence on algorithm operation efficiency related in a model. Therefore, under the scene of privacy protection of multi-party participation calculation, how to protect data privacy and better improve algorithm efficiency are very important.

Disclosure of Invention

The present specification aims to provide a data processing method, an apparatus, and a server for privacy protection, which can efficiently implement computation processing of reciprocal square root of floating point number based on privacy protection, improve efficiency of a constructed model algorithm, and improve processing efficiency of computing equipment.

The data processing method, the device and the server for privacy protection provided by the embodiment of the specification are at least realized in the following ways:

a privacy-preserving data processing method, comprising:

determining a first fragment of data to be processed stored in a floating point mode by a first participant under secret sharing and a second fragment of data to be processed stored in a floating point mode by a second participant;

converting the addition fragment shared by the first party and the second party into a multiplication fragment;

determining a multiplication fragment of an initial value of an iteration estimation value locally calculated by a first party and a second party according to the multiplication fragment;

and according to the multiplication fragmentation of the initial value of the iteration estimation value, carrying out Newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection through the joint calculation of the first party and the second party to obtain the addition fragmentation of the reciprocal of the square root of the data to be processed.

A privacy-preserving data processing method, comprising:

the first participant stores a first fragment of the data to be processed under secret sharing in a floating point mode;

the method comprises the steps that a first party calculates preprocessing data used by a second party in a multiplication fragment through local calculation and secret sharing, and sends the preprocessing data to the second party to determine a result of converting an addition fragment shared by the first party and the second party into the multiplication fragment;

the first participant locally calculates the multiplication fragment of the initial value of the iteration estimation value by using the multiplication fragment of the first participant, so that the calculator performs Newton iteration processing of the reciprocal square root of the floating point number based on privacy protection through joint calculation of the first participant and the second participant according to the multiplication fragment of the initial value of the iteration estimation value;

and the first participant acquires a first addition fragment of the reciprocal square root of the data to be processed after Newton iteration processing of the reciprocal square root of the floating point number based on privacy protection.

A privacy-preserving data processing apparatus comprising:

the fragment determining module is used for determining a first fragment of the data to be processed under secret sharing, which is stored by a first participant in a floating point mode, and a second fragment of the data to be processed under secret sharing, which is stored by a second participant in a floating point mode;

the conversion module is used for converting the addition fragment shared by the first party and the second party into the multiplication fragment;

the initial module is used for determining the multiplication fragment of the initial value of the iteration estimation value locally calculated by the first party and the second party according to the multiplication fragment;

and the iteration calculation module is used for carrying out Newton iteration processing on the reciprocal of the square root of the floating point number based on privacy protection through the joint calculation of the first party and the second party according to the multiplication fragment of the initial value of the iteration estimation value to obtain the addition fragment of the reciprocal of the square root of the data to be processed.

A privacy-preserving data processing apparatus comprising:

the input module is used for acquiring a first fragment of the to-be-processed data stored by the first party in the form of floating point number under secret sharing and a second fragment of the to-be-processed data stored by the second party in the form of floating point number under secret sharing,

；

is an integer stored in the form of a floating point number;

the computing module is used for converting the addition fragment shared by the first party and the second party into the multiplication fragment; the multiplication fragment is also used for determining the multiplication fragment of the initial value of the iteration estimation value locally calculated by the first party and the second party according to the multiplication fragment; according to the multiplication fragment of the initial value of the iteration estimation value, Newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection is carried out through the joint calculation of the first party and the second party;

an output module for obtaining a first addition fragmentation of the reciprocal square root of the data to be processed

And second addition fragmentation

，

And

is a floating point number, and

。

a privacy-preserving data processing apparatus comprising:

the storage module is used for storing a first fragment of the data to be processed under secret sharing in a floating point number mode;

the multiplication conversion module is used for calculating preprocessing data used by a second party in the multiplication fragment through local calculation and secret sharing and sending the preprocessing data to the second party so as to determine a result of converting the addition fragment shared by the home terminal and the second party into the multiplication fragment;

the processing module is used for locally calculating the multiplication fragment of the initial value of the iteration estimation value by utilizing the multiplication fragment of the local end so that a calculator carries out Newton iteration processing of the reciprocal square root of the floating point number based on privacy protection through the combined calculation of a first participant and a second participant according to the multiplication fragment of the initial value of the iteration estimation value;

and the result fragmentation module is used for obtaining a first addition fragmentation of the reciprocal of the square root of the data to be processed after Newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection.

A privacy preserving server comprising: at least one processor and a memory for storing processor-executable instructions, which when executed by the processor perform the steps of any one of the method embodiments described herein.

A privacy preserving server comprising at least one processor and memory storing processor-executable instructions that, when executed by the processor, perform the steps of any one of the method embodiments of the present specification.

The privacy-protection-based data processing method, the privacy-protection-based data processing device and the privacy-protection-based data processing server can optimize a reciprocal square root algorithm of floating point numbers based on privacy protection. In the embodiment, when two parties jointly perform Newton method iterative computation, the addition fragment in secret sharing is converted into the multiplication fragment, and high-precision initialization of a fast square root algorithm is introduced into a floating-point number reciprocal square root algorithm based on privacy protection, so that the number of subsequent Newton method iterations based on privacy protection is reduced, the privacy of the participating parties is protected, meanwhile, the algorithm efficiency is improved, and the processing performance of computing equipment is improved.

Drawings

In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.

FIG. 1 is a schematic flow chart diagram of an embodiment of a privacy preserving data processing method provided herein;

FIG. 2 is a flow diagram illustrating an embodiment of a data processing method for privacy protection that may be applied to a single participant provided herein;

FIG. 3 is a block diagram of a hardware architecture of a privacy-preserving server to which embodiments of the present invention are applied;

FIG. 4 is a block diagram of an embodiment of a privacy preserving data processing apparatus provided herein;

FIG. 5 is a block diagram of another embodiment of a privacy-preserving data processing apparatus as provided herein;

fig. 6 is a block diagram of another embodiment of a privacy-preserving data processing apparatus provided in the present specification.

Detailed Description

In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step should fall within the scope of protection of the present specification.

Secret sharing is an important means of information security and data confidentiality, and plays a key role in the secure storage, transmission and legal utilization of important information and secret data. Secret sharing is an important means for solving privacy leakage and realizing privacy protection in cryptography-based Multi-party security computing (MPC). Secret sharing currently commonly used secret sharing schemes include the threshold secret sharing concept proposed by Shamir and Blakley, the basic idea being to divide the shared secret s into multiple shards (shares) that are respectively handed to different parties for storage. Secrets can only be recovered if more than a threshold number of participants merge their shares. For example, it suffices that only a certain number or more of server federation can reconstruct the shared secret, and any server less than the certain data cannot obtain any information of the secret. In a typical two-way polynomial secret sharing scheme based on lagrange interpolation, a secret polynomial f (x) s + tx is formed by a secret s and a random number t. Suppose that Alice and Bob secretly possess a pair of (x, f (x)) information, i.e. Alice possesses f (1) and Bob possesses f (2), respectively. When s needs to be restored, the two parties send own secrets to the other party, and either party can calculate s to be 2f (1) -f (2) by using a Lagrange interpolation method. If one party has only one piece of interpolated information, the secret s is usually not calculated.

Secret sharing may be used in privacy protected multiparty security computing. In specific application, input data of each participant is respectively split into shares and the shares are exchanged with each other. Then, each participant performs operation on a plurality of local shares, and each participant obtains a new share (a share of the operation result). And combining the new share of each participant to obtain an operation result.

The data processing scheme, device, equipment and the like of privacy protection described in the specification include implementation schemes requiring privacy protection in data storage, calculation, communication and the like. Privacy protection based algorithms often require the computation of the inverse square root of the data in data processing. Such as a parametric significance test based on privacy preserving logistic regression, a parametric significance test based on privacy preserving linear regression, some optimizers based on privacy preserving logistic regression, etc. And floating point number

The reciprocal square root of (a) is a fundamental operation that can be approximated using the fast square root algorithm. The conventional fast square root algorithm uses a Newton iteration method, and initialized values used in iteration are often not accurate enough, so that iteration with more rounds is needed to obtain a result with higher precision. And the more the number of iteration rounds, the lower the data calculation and communication efficiency. For this reason, some embodiments of the present specification may provide a privacy-protection data processing method in combination with multi-party computation, privacy protection, a fast square root algorithm, and the like, and may efficiently perform the computation processing of the reciprocal square root of the two-party floating point number in a data processing scenario in which multiple parties participate and privacy protection is required. The method is applied to the linear regression feature significance inspection based on privacy protection, the neural network based on privacy protection and the like, can effectively optimize the model algorithm, and improves the processing efficiency of the computing equipment.

Secret sharing is mainly to split original data into random numbers (secrets) and to complete calculation through the transmission of the random numbers among multiple parties. Each participant takes part of the original data, one or a few participants cannot restore the original data, and the true data can be restored only when the participants gather the respective data together. In the calculation, each participant can directly perform the calculation with its own local data and can exchange some data at an appropriate time (the exchanged data itself does not contain information about the original data). The result after the computation is finished can still be dispersed in a secret sharing manner among all the participants. When the final result is needed to be used, the data of each participant can be combined together to restore the real original data. Of course, the shards obtained by each participant in the secret sharing are different. For example, if one of the slices Sc is given to the participant C, this slice Sc may not be allocated to the other participants.

In some two-party security calculations based on a polynomial interpolation secret sharing scheme, there are direct calculation methods for addition and subtraction of a shared secret, and multiplication, division and modular operation can be realized by using some algorithms for conversion/conversion according to specific scenarios. Such as Secret Shared Matrix Multiplication (SMM), the two parties are invisible to the other party data in the calculation process, and the final Multiplication result is the sum of the calculation results of the two parties. Alternatively, the outputs may not be combined and remain in their respective participants.

Taking two parties as an example, Alice and Bob locally cut the secret (secret) into two shards (shares), one reserved for themselves and the other sent to the other, respectively. And generating preprocessing data (Beaver Triples), and respectively obtaining an intermediate result by Alice and Bob through multi-round parameter calculation and exchange. The preprocessed data (u0, v0, z0) and (u1, v1, z1) are generated, for example, by a semi-trusted service and sent to Alice and Bob, respectively. Semi-trusted means trusting that the server will not collaborate with Alice or Bob to steal the data, but not trust enough to give the original data to the server to do the operation. After Alice and Bob exchange shares of e = a-u and f = b-v, e and f are calculated, respectively. Wherein u = u0+ u1, i.e. the share of u is u0 and u1, and v = v0+ v1, i.e. the share of v is v0+ v 1. The party that needs to obtain the final result collects the intermediate results of Alice and Bob and adds the intermediate results to obtain the product of the two patches that Alice and Bob have. The above process may be a two-party joint calculation. Of course, other two-party joint calculation methods may also obtain the product of the shards by two-party calculation and exchange of random numbers or preprocessed data in multiple rounds without using an intermediate server, such as the semi-trusted server described above.

In one or more embodiments of the present description, a new privacy-preserving data processing method is provided, which optimizes a reciprocal square root algorithm based on privacy preservation. When the two parties jointly perform Newton method iterative computation, the addition fragment in secret sharing is converted into the multiplication fragment, and then high-precision initialization of a fast square root algorithm can be introduced into a square root reciprocal algorithm based on privacy protection, so that the subsequent iteration times based on the Newton method for privacy protection are reduced, and the algorithm efficiency is improved while the user privacy is protected.

The following describes an embodiment of the present specification with a specific implementation scenario based on secret sharing between two parties under privacy protection. In the application scenario of the embodiment, the first party a and the second party B respectively possess data

Two shards under secret sharing: (

，

) And may be stored on the computing device in the form of 64-bit floating point numbers. The first party A and the second party B jointly perform Newton method iterative computation

The inverse square root of (c). In the calculation process, through two times of secret sharing and one time of iterative calculation, the participator A and the participator B respectively obtain floating point numbers

By addition of the reciprocal square root of (a), (b), (c), (d), (

) Of the above. Therefore, the method of the embodiments of the present specification may also be referred to as an inverse square root algorithm for privacy protection (SNSI algorithm). The embodiments provided in this specification can convert the addition fragment under privacy protection into the multiplication fragment, and then perform a round of newton iteration based on privacy protection to restore the addition fragment. Then, other processes such as secret sharing operation can be performed on the addition fragment restored to the addition fragment. Specifically, fig. 1 is a schematic flowchart of an embodiment of a data processing method for privacy protection provided in this specification. Although the present specification provides method operational steps or devices, system configurations, etc., as illustrated in the following examples or figures, more or less operational steps or modular units may be included in the methods or devices, as may be conventional or may be part of the inventive subject matter, based on conventional or non-inventive considerations. In the case of steps or structures which do not logically have the necessary cause and effect relationship, the execution sequence of the steps or the module structure of the apparatus is not limited to the execution sequence or structure shown in the embodiment or the drawings in this specification. When the apparatus, server, system or end product of the method or system architecture is applied in an actual device, server, system or end product, the method or module architecture according to the embodiment or the drawings may be executed sequentially or executed in parallel (for example, in an environment of parallel processors or multi-thread processing, or even in an environment of distributed processing, server clustering, or implementation in combination with cloud computing or block chain technology).

Of course, the following description of the embodiments does not limit other scalable solutions obtained based on the embodiments of the present disclosure. Specifically, an embodiment of the method provided in this specification is shown in fig. 1, and may include:

s0: the method comprises the steps of determining a first fragment of data to be processed under secret sharing, wherein the first fragment is stored in a floating point mode by a first participant, and a second fragment is stored in a floating point mode by a second participant.

It will be understood by those skilled in the art that the first party and the second party are different parties for the convenience of describing and distinguishing the plurality of parties, and a party is not particularly limited.

In an application scenario of the reciprocal square root calculation of two-square floating point numbers, the first participant may store the data to be processed in the form of floating point numbers in its own (home) computing device

First shard under secret sharing

The second party may also store data in the form of floating point numbers in the local computing device

Second shard under secret sharing

Wherein, in the step (A),

. Therefore, the temperature of the molten metal is controlled,

and

for data to be processed

An additive shard under secret sharing.

And

the data to be processed by a third party can be specifically used

After processing, are generated and then distributed to the first and second participants, respectively. In this embodiment, data to be processed

Or may be an integer, such as a corresponding integer obtained by performing some conversion/mapping/encoding on the data to be processed. Under MPC, the secret sharing shards participating in the computation are integers on the ring (or finite field). Of course, in a computing device, slices may be stored as 64-bit floating point numbers, as well as 32-bit or 128-bit floating point numbers.

Suppose that the data owner has a pending data

Now will

The secret is shared to both parties a and B. Two parties respectively have floating point numbers

Two shards under secret sharing: (

，

) One of them. For ease of description, the shards owned by first participant A may be denoted as

The addition slice owned by the first participant B may be written as

. Wherein the content of the first and second substances,

(fragmentation)

，

Belong to a finite field

Or rings

). The two participants may each store the add slice on their respective computing devices in the form of 64-bit floating point numbers. Finite field

Representing a domain containing only a limited number of elements. Ring (C)

Referred to as galois ring, is a ring of finite number of elements.

S2: and converting the addition fragment shared by the first party and the second party in secret into the multiplication fragment.

Converting an additive shard of a first party and a second party under secret sharing into a multiplicative shard, such that

Wherein, in the step (A),

a locally generated random number for the first party. In particular, a pseudo-random number generator may be used to generate the random number. The process of converting the additive shards into multiplicative shards and said joint calculation may be processed by a third party at the site of the third partyThe processing device may include, in processing, communication/interaction processes involving a first party and a second party, such as a third party computing platform or server. Other embodiments can also be realized by mutual data calculation and interaction among the participants.

Generally, when data processing is required for secret sharing, one party sends own data to the other party, or sends the data to a third party (a calculator) together. The conversion of an add shard to a multiply shard may be implemented in some embodiments by computation and exchange using two parties, a and B. Specifically, the secret sharing matrix multiplication described above may be combined, the two parties are invisible to the counterpart data in the calculation process, and the final multiplication result is the sum of the calculation results of the two parties. In addition, the outputs may not be combined, but remain on their respective platforms. Specifically, the conversion may be realized by multiplication operation on the addition secret sharing (also referred to as multiplication operation under addition secret sharing).

For example, in a processing example of one embodiment, the first party A generates the random number locally using a pseudo-random number generator

And find

. The first party may further obtain

。

May be computed by the second party in conjunction with the first party secret sharing multiplication. Wherein the content of the first and second substances,

，

. First party A and second partyTwo parties B jointly calculate by secret sharing and multiplication

At this point the first party can be reached

The second party may be provided with

. Party A computation

And will be

And sent to the second party B. In the secret sharing process, generally, the first party cannot transmit alone

And

to another party. Second Party B computation

. At this time

。

And

can be used as data to be processed

A multiplication shard of.

S4: and determining the multiplication fragment of the initial value of the iteration estimation value locally calculated by the first party and the second party according to the multiplication fragment.

In this embodiment, the first party and the second party may locally calculate the multiplication slice of the initial value of the iterative estimation value by using their respective multiplication slices. The multiplication fragment of the initial value of the iteration estimation value of the algorithm with higher precision can be obtained by combining an algorithm (such as a fast square root algorithm) for solving the reciprocal square root and a mode of storing floating point numbers in computer equipment, so that the iteration times of the following Newton method based on privacy protection are reduced, the calculation speed of the computer equipment is increased, and the algorithm efficiency is improved while the user privacy is protected.

For example, when using the fast square root algorithm, the multiplicative slice of the initial value of the iterative estimate may be determined in the following manner:

the first party A may float the P bits

The stored value of (A) is read in a manner of storing a P-bit integer, and shifted by one bit to the right, and recorded as

P is the number of digits of a floating-point number;

calculating constant C

And reading according to the storage mode of the P-bit floating point number as the multiplication slice of the initial value of the iterative estimation value of the first party

；

The second party B floats the P-bit number

；

Calculating constant C

And reading according to the storage mode of the P-bit floating point number as the multiplication slice of the initial value of the iterative estimation value of the second party

。

In 64-bit floating point type data (64-bit floating point number), P is 64. The constant C may be 0x5fe6eb50C7b537a9 in data of 64-bit floating point type (64-bit floating point number). In some embodiments, the reading in the P-bit integer storage mode may mean that the data is read in the P-bit integer mode. In this embodiment, the shards shared by secrets are still integers and, when stored, are stored as floating point numbers with P bits. The floating point number of the P bits is regarded as an integer (fragment) from the whole body, and when the floating point number of the P bits is read, the floating point number of the P bits is an integer stored in the form of the floating point number of the P bits. P may be valued in terms of the number of bits of the data store. In a binary computer processing device, P may be 2 to the power of T, which is an integer greater than 5. Of course, in other embodiments, P may also take the value 3 or 4, i.e., data may be stored in the form of 8-bit or 16-bit floating point numbers. When P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9. The constant C is a more accurate value of an approximate value calculated in the newton iteration calculation obtained by calculation through a certain algorithm provided in this embodiment.

Taking the first party a as an example:

floating point number of 64 bits

Is read as a 64-bit integer and shifted to the right by one bit (divided by 2 and rounded down) to be recorded as

；

Calculate 0x5fe6eb50c7b537a9

And reading according to a storage mode of 64-bit floating point number, and recording as multiplication fragmentation of an initial value of the first participant iteration estimation value

。

Similarly, the second party B reads in the manner described above

Multiplication slicing that can derive an initial value for a second participant iteration estimate

。

It should be noted that 0x5fe6eb50c7b537a9 is a constant obtained on a computing device storing in the form of a 64-bit floating point number. The constant C has corresponding values in different computer floating point number storage modes or derivation algorithms, for example, the constant C corresponding to floating point type data on a 32-bit system may be 0x5f3759 df.

S6: and according to the multiplication fragmentation of the initial value of the iteration estimation value, carrying out Newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection through the joint calculation of the first party and the second party to obtain the addition fragmentation of the reciprocal of the square root of the data to be processed.

And the participants can respectively obtain the multiplication slicing of the initial value of the iteration estimation value. The multiplicative slice of the initial value of the iterative estimate usually belongs to the private data of the participant, which is kept locally by the participant. When the process of solving the inverse square root is carried out, joint calculation can be carried out through data calculation and interaction of the participants, or when the process of solving the inverse square root is carried out by a third party, joint calculation can be carried out through data calculation and interaction of the participants, and multiplication fragmentation of initial values of the respective iteration estimation values determined by the participants is determined. The Newton iterative process of calculating the reciprocal of the square root of a floating point number, as described in some embodiments herein, may refer to iterative calculation of the square root of a floating point number using Newton iterationReciprocal, some embodiments do not necessarily compute a slice of the reciprocal square root of a floating point number. One of the innovations of the scheme of the embodiment of the specification is that in some algorithms for calculating reciprocal square root in a privacy protection scene, an addition fragment in secret sharing is converted into a multiplication fragment, and high-precision initialization of a fast square root algorithm (a Newton iteration method is used in the fast square root algorithm) can be introduced, so that the number of iteration times of the following Newton method based on privacy protection is reduced, and the algorithm efficiency is improved while the user privacy is protected. On the other hand, Newton iteration processing of reciprocal square root of floating point number based on privacy protection can also enable two parties to obtain data to be processed respectively

One of the addition slices of the reciprocal square root

Or

. The addition fragmentation here may suffice

。

And

or may be an integer stored as a floating point number.

In a specific processing embodiment, an iteration initial value may be set

. Two participants may have the initial value of the iteration

. Embodiments of the present description may use a fast square root algorithm to calculate the inverse square root. In the fast square root calculationUsing the formula of Newton's iteration in the method

Wherein

Is as follows

And (5) performing secondary iteration. When in use

When the temperature of the water is higher than the set temperature,

i.e., represents the initial value of the iteration, and, correspondingly,

。

performing one iteration on the iteration initial value iteration Newton iteration formula to obtain:

(equation 1).

In the above equation 1, i.e. the number of subtractions

The calculation may be performed by a secret sharing by the first party a and the second party B. The second half of the subtraction, i.e. the number of subtractions

In (1),

and

stored by the first party a, local computation of the first party a may be implemented;

and

stored by the second party B, local computation by the second party B may be implemented. Therefore, the temperature of the molten metal is controlled,

can be regarded as

. Thus, is reduced by

The calculation may be performed by the first party a and the second party B performing another share of the secret. Thus, in the scheme of the embodiment of the present specification, two secret sharing multiplications are used in the newton iteration calculation process, which is 1 iteration in total, and the two parties can respectively obtain the data to be processed

One of two additive slices of the reciprocal square root. Suppose after iteration, the first add shard obtained by the first participant A is marked as

And the second addition fragment obtained by the second participant B is recorded as

. Adding and slicing

、

Can be simultaneously reacted with

And

integers which are stored as floating-point numbers as well as belonging to finite fields

Or rings

. At this time, the process of the present invention,

. Therefore, in another embodiment of the method, the obtaining the addition fragmentation of the inverse square root of the data to be processed includes:

obtaining the data to be processed

First addition slicing of the reciprocal square root of

And the data to be processed

Second addition slicing of the reciprocal square root of

，

And

is a floating point number, and

。

for convenience of describing and understanding the embodiments of the present specification, the following is about the slicing obtained based on equation 1

、

The process of (a) is schematically illustrated. Those skilled in the art can convert an addition slice into a multiplication slice based on the description above. Then the first party a and the second party B can translate equation 1 above into by computing a joint computation of the interaction with the data:

（Ma+Mb）-（Na+Nb）。

further, they were taken out of brackets and recombined to give (Ma-Na) + (Mb-Nb). Where Ma and Na are stored in the first party a and Mb and Nb are stored in the second party B. Let Ma-Na = Ca, Mb-Nb = Cb, so that the first party a can obtain a shard Ca (equivalent to a shard)

) The second participant B may obtain another sliced Cb (equivalent to

）。

Of course, a more efficient model in the secret sharing scenario can be established based on the above-mentioned operation of reciprocal square root of floating point number with higher efficiency. For example, the method can be applied to the significance inspection of linear regression characteristics based on privacy protection, the neural network based on privacy protection and the like, can effectively optimize a model algorithm, and improves the processing efficiency of computing equipment.

According to the data processing method for privacy protection, the addition fragment in the privacy sharing is converted into the multiplication fragment, the square root reciprocal algorithm based on privacy protection is optimized, high-precision initialization of the fast square root algorithm can be introduced into the square root reciprocal algorithm based on privacy protection, the number of subsequent iterations of Newton's method based on privacy protection is reduced, and the algorithm efficiency is improved while the user privacy is protected.

In the present specification, each embodiment of the method is described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. Reference is made to the description of the method embodiments.

It is understood that all or part of the steps of the method described in the above embodiments may be executed on a computing device of a certain participant or performed by computing and communication among multiple participants, may be executed by a server of a third party, or may be executed by a third server and one or more participants together (e.g., a platform used by the participants together). For example, the iterative computation in equation 1 may be performed on a server of a third party, and each participant computes a slice of the reciprocal square root through equation 1. Based on the foregoing description, the present specification also provides a privacy-preserving data processing method applicable to a single side of a participant. Of course, as can be seen from the foregoing description, a single participant, while processing, may include processes that interact with other participants or third party servers to implement conversion of additive shards into multiplicative shards, newtonian iterations, and so on. Specifically, as shown in fig. 2, the present specification provides another data processing method for privacy protection, which may include:

s20: the first participant stores a first fragment of the data to be processed under secret sharing in a floating point mode;

s22: the method comprises the steps that a first party calculates preprocessing data used by a second party in a multiplication fragment through local calculation and secret sharing, and sends the preprocessing data to the second party to determine a result of converting an addition fragment shared by the first party and the second party into the multiplication fragment;

s24: the first participant locally calculates the multiplication fragment of the initial value of the iteration estimation value by using the multiplication fragment of the first participant, so that the calculator performs Newton iteration processing of the reciprocal square root of the floating point number based on privacy protection through joint calculation of the first participant and the second participant according to the multiplication fragment of the initial value of the iteration estimation value;

s26: the first participant acquires a first adding fragment of the reciprocal square root of the data after Newton iteration processing of the reciprocal square root of the floating point number based on privacy protection.

Based on the foregoing description of the embodiment of the method, in another embodiment of the method, the first party calculates, through local calculation and secret sharing, pre-processing data used by the second party in the multiplicative fragmentation, and sends the pre-processing data to the second party to determine a result of converting the additive fragmentation under secret sharing between the first party and the second party into the multiplicative fragmentation, including:

first party generates random numbers locally using pseudo-random number generator

And find

And is calculated to obtain

Wherein, in the step (A),

；

data to be processed stored for a first participant

The first slice under the sharing of the secret,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

first party and second party jointly calculate through secret sharing and multiplication

The first party gets

The second party gets

；

First party computing

And will be

Sending to the second party to make the second party B calculate

At this time

。

Based on the foregoing description of the method embodiment, in another embodiment of the method, the first participant locally computing a multiplicative slice of an initial value of an iterative estimate using a multiplicative slice of the first participant comprises:

the first party floating point number P bit

Is read in a manner of storing a P-bit integer, andshift one position, is marked as

P is the number of digits of a floating-point number;

calculating constant C

。

Based on the description of the preceding method embodiment, in another embodiment of the method, where P is 2 to the power T, T is an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

Based on the foregoing description of the method embodiment, wherein the first participant obtains the first addition fragmentation of the reciprocal square root of the data to be processed through newton iteration calculation

Satisfy the requirement of

，

And

is a floating-point number, and is,

and carrying out Newton iterative computation for a second participant to obtain a second addition fragmentation of the reciprocal of the square root of the data to be processed.

According to the data processing method for privacy protection, the addition fragment in the privacy sharing is converted into the multiplication fragment, the floating-point square root reciprocal algorithm based on the privacy protection is optimized, high-precision initialization of the fast square root algorithm can be introduced into the square root reciprocal algorithm based on the privacy protection, the number of subsequent iterations of a Newton method based on the privacy protection is reduced, and the algorithm efficiency is improved while the user privacy is protected.

The method embodiments provided in the embodiments of the present specification may be executed in a handheld terminal, a computer terminal, a server cluster, a mobile terminal, a block chain system, a distributed network, or a similar computing device. The apparatus may include a system (including a distributed system), software (applications), modules, components, servers, clients, etc. that employ embodiments of the present description in conjunction with any necessary hardware for implementation. Taking a processing device running on a server as an example, fig. 3 is a hardware structure block diagram of a privacy-protected server to which an embodiment of the present invention is applied. As shown in fig. 3, the server 10 may include one or more (only one shown) processors 100 (the processors 100 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA), a memory 200 for storing data, and a transmission module 300 for communication functions. It will be understood by those skilled in the art that the structure shown in fig. 3 is merely an illustration and is not intended to limit the structure of the electronic device. For example, the server 10 may also include more or fewer components than shown in FIG. 3, and may also include other processing hardware, such as an internal bus, memory, database or multi-level cache, a display, or have other configurations than shown in FIG. 3, for example.

The memory 200 may be used to store software programs and modules of application software, and the processor 100 executes various functional applications and data processing by operating the software programs and modules stored in the memory 200. Memory 200 may include high speed random access memory and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, memory 200 may further include memory located remotely from processor 100, which may be connected to server 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The transmission module 300 is used for receiving or transmitting data via a network. Examples of such networks may include a blockchain private network of the server 10 or a network provided by the world wide web or a communications provider. In one example, the transmission module 300 includes a Network adapter (NIC) that can be connected to other Network devices through a base station so as to communicate with the internet. In one example, the transmission module 300 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.

Based on the above description of the embodiments of the data processing method for privacy protection, the present specification further provides a data processing apparatus for privacy protection. The apparatus may include systems (including distributed systems), software (applications), modules, components, servers, clients, etc. that use the methods described in the embodiments of the present specification in conjunction with any necessary apparatus to implement the hardware. Based on the same innovative conception, embodiments of the present specification provide an apparatus as described in the following embodiments. Since the implementation scheme of the apparatus for solving the problem is similar to that of the method, the specific implementation of the apparatus in the embodiment of the present specification may refer to the implementation of the foregoing method, and repeated details are not repeated. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.

Specifically, fig. 4 is a schematic block diagram of an embodiment of a data processing apparatus for privacy protection provided in this specification, and as shown in fig. 4, the apparatus may include:

the fragment determining module 40 may be configured to determine a first fragment of the to-be-processed data stored in the form of a floating point number by a first participant under secret sharing, and a second fragment of the to-be-processed data stored in the form of a floating point number by a second participant under secret sharing;

a conversion module 42, configured to convert the addition shard shared by the first party and the second party into the multiplication shard;

an initial module 44, configured to determine, according to the multiplication fragment, a multiplication fragment of an initial value of an iteration estimation value locally calculated by the first party and the second party;

the iteration calculating module 46 may be configured to perform newton iteration processing of the reciprocal square root of the floating point number based on privacy protection through joint calculation of the first party and the second party according to the multiplication fragment of the initial value of the iteration estimation value, so as to obtain an addition fragment of the reciprocal square root of the data to be processed.

Based on the foregoing description of the method embodiment, in another embodiment of the apparatus, the converting module 42 converts the addition shard shared by the first party and the second party into the multiplication shard includes:

And find

And is calculated to obtain

Wherein, in the step (A),

；

data to be processed stored for a first participant

The first slice under the sharing of the secret,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

The first party gets

The second party gets

；

First party computing

And will be

Sending the information to a second participant;

second party computing

At this time

。

Based on the foregoing description of the method embodiment, in another embodiment of the apparatus, the initial module 44 determines a multiplication slice of an initial value of the iteration estimation value locally computed by the first participant and the second participant according to the multiplication slice, including:

the first party floating point number P bit

P is the number of digits of a floating-point number;

calculating constant C

；

The second party floating point number P bit

；

Calculating constant C

。

Based on the description of the previous method embodiment, in another embodiment of the apparatus, where P is 2 to the power T, T is an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

Based on the foregoing description of the method embodiment, in another embodiment of the apparatus, the obtaining of the slice of the inverse square root of the data by the iterative computation module 46 includes:

obtaining the data to be processed

First addition slicing of the reciprocal square root of

And the data to be processed

Second addition slicing of the reciprocal square root of

，

And

is a floating point number, and

。

the method described in the foregoing may also be applied in another privacy-preserving data processing apparatus. The fragments of floating point numbers stored by the participants under secret sharing can be input, and the fragments of the reciprocal of the square root of the floating point numbers are output after calculation processing. Specifically, the present specification further provides another privacy-preserving data processing apparatus, as shown in fig. 5, which may include:

an input module 50, which may be used to obtain the data to be processed stored by the first participant in the form of floating point numbers

To-be-processed data stored in floating point number by first fragment and second participant under secret sharing

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

a calculation module 52, configured to convert an addition fragment shared by the first party and the second party in secret into a multiplication fragment; the multiplication fragment is also used for determining the multiplication fragment of the initial value of the iteration estimation value locally calculated by the first party and the second party according to the multiplication fragment; according to the multiplication fragment of the initial value of the iteration estimation value, Newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection is carried out through the joint calculation of the first party and the second party;

an output module 54, which can be used to obtain the data to be processed

First addition slicing of the reciprocal square root of

And second addition fragmentation

，

And

is a floating point number, and

。

based on the foregoing description of the method embodiments, this specification provides another embodiment of the apparatus, wherein determining the multiplicative slice for the initial value of the locally computed iterative estimate for the first participant and the second participant comprises:

the first party floating point number P bit

P is the number of digits of a floating-point number;

calculating constant C

；

The second party floating point number P bit

；

Calculating constant C

。

Based on the foregoing description of the method embodiment, this specification provides that in another embodiment of the apparatus, the calculating module 52 determines a multiplication slice of an initial value of the iteration estimation value locally calculated by the first participant and the second participant according to the multiplication slice, including:

And find

And is calculated to obtain

Wherein, in the step (A),

；

data to be processed stored for a first participant

The first slice under the sharing of the secret,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

integers stored in floating point form;

The first party gets

The second party gets

；

First party computing

And will be

Sending to the second party to make the second party B calculate

At this time

。

Based on the data processing method applicable to privacy protection of one-side participant, the present specification also provides another data processing apparatus applicable to privacy protection of a participant. The apparatus may be mechanically or electrically embodied with other processing devices of the participant, either directly or indirectly, or stored in the form of computer executable code in a storage medium of the participant to implement the corresponding functions. Specifically, the present specification further provides another privacy-preserving data processing apparatus, as shown in fig. 6, which may include:

the storage module 60 may store the first fragment of the to-be-processed data under secret sharing in the form of floating point number;

the multiplication conversion module 62 may be configured to calculate, through local calculation and secret sharing, pre-processed data used by the second party in the multiplication fragment, and send the pre-processed data to the second party, so as to determine that the addition fragment shared by the local end and the second party secret is converted into a result of the multiplication fragment;

the processing module 64 may locally calculate the multiplication fragment of the initial value of the iterative estimate value by using the multiplication fragment of the local end, so that the calculator performs newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection through joint calculation of the first party and the second party according to the multiplication fragment of the initial value of the iterative estimate value;

and the result fragmenting module 66 may be configured to obtain a first addition fragmentation of the inverse square root of the to-be-processed data after newton iteration processing of the inverse square root of the floating point number based on privacy protection.

The local terminal may be the data processing apparatus with privacy protection or a device including the data processing apparatus with privacy protection.

Based on the foregoing description of the method embodiment, in another embodiment of the apparatus provided in this specification, the calculating, through local calculation and secret sharing, pre-processed data used by a second party in a multiplication fragment, and sending the pre-processed data to the second party to determine a result of converting an addition fragment shared by a local terminal and the second party in secret into the multiplication fragment includes:

locally generating random numbers using a pseudo-random number generator

And find

And is calculated to obtain

Wherein, in the step (A),

；

to-be-processed data stored for local terminal

First score under secret sharingThe sheet is a sheet of a plastic material,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

and the second party jointly calculates through secret sharing multiplication

To obtain

The second party gets

；

Computing

And will be

Sending to the second party to make the second party calculate

At this time

。

Based on the foregoing description of the method embodiments, this specification provides that in another embodiment of the apparatus, the calculating, by the processing module, the multiplication fragment of the initial value of the iteration estimation value locally using the local multiplication fragment includes:

floating point number of P bit

P is the number of digits of a floating-point number;

calculating constant C

And reading according to the storage mode of P-bit floating point number as multiplication fragment of initial value of local iteration estimation value

。

Based on the foregoing description of the method embodiments, this specification provides another embodiment of the apparatus, where P is 2 to the power of T, and T is an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

Based on the foregoing description of the method embodiments, the present specification provides another embodiment of the apparatus, wherein the obtained data to be processed

First addition slicing of the reciprocal square root of

Satisfy the requirement of

，

And

is a floating-point number, and is,

obtaining the data to be processed for a second party

Second addition of the reciprocal square root of (a) is sliced.

It should be noted that the above-mentioned description of the apparatus according to the method embodiment may also include other implementation manners, and the specific implementation manner may refer to the description of the related method embodiment, which is not described in detail herein.

In the present specification, each embodiment of the apparatus is described in a progressive manner, and the same and similar parts among the embodiments are mutually referred to or described with reference to the corresponding method embodiment, and each embodiment focuses on the differences from the other embodiments. Reference is made to the description of the method embodiments. The specific details can be obtained according to the descriptions of the foregoing method embodiments, and all of them should fall within the scope of the implementation protected by this application, and no further description is given to implementation schemes of the embodiments one by one.

The data processing method or apparatus for privacy protection provided in the embodiment of the present specification may be implemented by a processor executing a corresponding program instruction in a computer, for example, implemented in a PC end using a C + + language of a Windows operating system, implemented based on a Linux system, or implemented in an intelligent terminal using Android and iOS system programming languages, or implemented in a server cluster, cloud processing/cloud computing, a block chain, and a processing logic based on quantum computing. Based on the description of the foregoing method embodiments, this specification further provides a privacy protection server. In one embodiment, the method may include: at least one processor and a memory for storing processor-executable instructions, the instructions when executed by the processor implementing the steps of the method of any one of the present descriptions. The privacy protection server may be specifically a third-party server/third-party platform, and may perform joint calculation with a participant participating in data calculation under the MPC.

Based on the description of the foregoing method embodiments, this specification also provides another privacy protection server. In one embodiment, the method may include: at least one processor and a memory for storing processor-executable instructions, the instructions when executed by the processor implementing the steps of the method of any one of the present descriptions. The privacy protection server can be specifically a participant participating in data calculation under the MPC, and can perform joint calculation with a third-party server/third-party platform and other participants.

The privacy protection server may comprise a device that uses any one of the method embodiments of the present description or incorporates any one of the apparatus embodiments of the present description in combination with necessary implementation hardware.

The storage medium may include a physical device for storing information, and generally, the information is digitized and then stored in a medium using an electric, magnetic, or optical method. The storage medium may include: devices that store information using electrical energy, such as various types of memory, e.g., RAM, ROM, etc.; devices that store information using magnetic energy, such as hard disks, floppy disks, tapes, core memories, bubble memories, and usb disks; devices that store information optically, such as CDs or DVDs. Of course, there are other ways of storing media that can be read, such as quantum memory, graphene memory, and so forth.

As mentioned above, for a specific implementation of the embodiment of the privacy protecting server, reference may be made to the description of the foregoing method embodiment. The description according to the method related embodiment may further include other embodiments, and the specific implementation may refer to the description of the corresponding method embodiment, which is not described in detail herein.

The foregoing description has been directed to specific embodiments of this disclosure. The embodiments described based on the above embodiments are extensible and still fall within the scope of implementations provided in the present specification. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the hardware + program class embodiment, since it is substantially similar to the method embodiment, the description is simple, and the relevant points can be referred to the partial description of the method embodiment.

The embodiments of this specification are not limited to the square root reciprocal calculation of 64-bit floating point numbers in a computer, the manner of matrix multiplication or multiplication on additive secret sharing that conforms to standard secret sharing, industry communications standards, standard programming languages, data storage rules, or the cases described in one or more embodiments of this specification. Certain industry standards, or implementations modified slightly from those described using custom modes or examples, may also achieve the same, equivalent, or similar, or other, contemplated implementations of the above-described examples. The embodiments using the modified or transformed data acquisition, storage, judgment, processing and the like can still fall within the scope of the alternative embodiments of the embodiments in this specification.

In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.

The server, the apparatus, and the module illustrated in the above embodiments may be implemented by a computer chip or an entity, or implemented by an article with certain functions. One typical implementation device is a server system. Of course, this application does not exclude that with future developments in computer technology, the computer implementing the functionality of the above described embodiments may be, for example, a personal computer, a laptop computer, a vehicle-mounted human-computer interaction device, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device or a combination of any of these devices.

Although one or more embodiments of the present description provide method operational steps as described in the embodiments or flowcharts, more or fewer operational steps may be included based on conventional or non-inventive approaches. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. When an actual apparatus or end product executes, it may execute sequentially or in parallel (e.g., parallel processors or multi-threaded environments, or even distributed data processing environments) according to the method shown in the embodiment or the figures. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the presence of additional identical or equivalent elements in a process, method, article, or apparatus that comprises the recited elements is not excluded. For example, if the terms first, second, etc. are used to denote names, they do not denote any particular order.

For convenience of description, the above devices are described as being divided into various modules by functions, and are described separately. Of course, when implementing one or more of the present description, the functions of each module may be implemented in one or more software and/or hardware, or a module implementing the same function may be implemented by a combination of multiple sub-modules or sub-units, etc. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage, graphene storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

As will be appreciated by one skilled in the art, one or more embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

One or more embodiments of the present description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. One or more embodiments of the specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment. In the description of the specification, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the specification. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.

The above description is merely exemplary of one or more embodiments of the present disclosure and is not intended to limit the scope of one or more embodiments of the present disclosure. Various modifications and alterations to one or more embodiments described herein will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement or the like made within the spirit and principle of the present specification should be included in the scope of the claims.

Claims

1. A privacy-preserving data processing method, comprising:

determining a first fragment of data to be processed stored in a floating point mode by a first participant under secret sharing and a second fragment of data to be processed stored in a floating point mode by a second participant; the first shard and the second shard are respectively adding shards of a first party and a second party of the data to be processed under secret sharing;

converting the addition fragment shared by the first party and the second party into a multiplication fragment; wherein, include: converting the addition fragment shared by the first party and the second party into a multiplication fragment by using the multiplication operation on the addition secret sharing;

2. The method of claim 1, wherein transforming the additive shard under secret sharing between the first party and the second party into the multiplicative shard comprises:

And find

And is calculated to obtain

Wherein, in the step (A),

；

data to be processed stored for a first participant

The first slice under the sharing of the secret,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

The first party gets

The second party gets

；

First party computing

And will be

Sending the information to a second participant;

second party computing

At this time

。

3. The method of claim 2, the determining a multiplicative slice of the initialized iterative estimate values computed locally by the first participant and the second participant from the multiplicative slice, comprising:

the first party floating point number P bit

P is the number of digits of a floating-point number;

calculating constant C

；

The second party floating point number P bit

；

Calculating constant C

。

4. The method of claim 3, wherein P is 2 to the power of T, T being an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

5. The method of claim 2, the obtaining the additive patches of the inverse square root of the data to be processed comprising:

obtaining the data to be processed

First addition slicing of the reciprocal square root of

And the data to be processed

Second addition slicing of the reciprocal square root of

，

And

is a floating point number, and

。

6. a privacy-preserving data processing method, comprising:

the first participant stores a first fragment of the data to be processed under secret sharing in a floating point mode; the first shard is an addition shard of the to-be-processed data stored by the first participant under secret sharing;

the method comprises the steps that a first party calculates preprocessing data used by a second party in a multiplication fragment through local calculation and secret sharing, and sends the preprocessing data to the second party to determine a result of converting an addition fragment shared by the first party and the second party into the multiplication fragment; the multiplication shards are obtained by converting the addition shards shared by the first party and the second party by using the multiplication operation on the addition secret sharing;

7. The method of claim 6, wherein the first party calculates pre-processed data used by the second party in the multiplicative shard through local calculation and secret sharing, and sends the pre-processed data to the second party to determine a result of converting the additive shard under secret sharing between the first party and the second party into the multiplicative shard, comprising:

And find

And is calculated to obtain

Wherein, in the step (A),

；

data to be processed stored for a first participant

The first slice under the sharing of the secret,

for the second partyStored data to be processed

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

The first party gets

The second party gets

；

First party computing

And will be

Sending to the second party to make the second party B calculate

At this time

。

8. The method of claim 7, the first party computing the multiplicative slice of the initial value of the iterative estimate locally using the multiplicative slice of the first party comprising:

the first party floating point number P bit

P is the number of digits of a floating-point number;

calculating constant C

。

9. The method of claim 8, wherein P is 2 to the power of T, T being an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

10. The method of claim 7, wherein the first party obtains the data to be processed

First addition slicing of the reciprocal square root of

Wherein, in the step (A),

，

and

is a floating-point number, and is,

obtaining the data for a second party

Second addition of the reciprocal square root of (a) is sliced.

11. A privacy-preserving data processing apparatus comprising:

the fragment determining module is used for determining a first fragment of the data to be processed under secret sharing, which is stored by a first participant in a floating point mode, and a second fragment of the data to be processed under secret sharing, which is stored by a second participant in a floating point mode; the first shard and the second shard are respectively adding shards of a first party and a second party of the data to be processed under secret sharing;

the conversion module is used for converting the addition fragment shared by the first party and the second party into the multiplication fragment; wherein, include: converting the addition fragment shared by the first party and the second party into a multiplication fragment by using the multiplication operation on the addition secret sharing;

12. The apparatus of claim 11, the translating module to translate the additive shard shared by the first party and the second party secret into the multiplicative shard comprises:

first partyLocally generating random numbers using a pseudo-random number generator

And find

And is calculated to obtain

Wherein, in the step (A),

；

data to be processed stored for a first participant

The first slice under the sharing of the secret,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

The first party gets

The second party gets

；

First party computing

And will be

Sending the information to a second participant;

second party computing

At this time

。

13. The apparatus of claim 12, the initialization module to determine a multiplication slice from the multiplication slices for a first participant and a second participant to locally compute an initialization value for an iteration estimate, comprising:

the first party floating point number P bit

P is the number of digits of a floating-point number;

calculating constant C

And reading according to the storage mode of the P-bit floating point number as a multiplication score of an initial value of the iterative estimation value of the first participantSheet

；

The second party floating point number P bit

；

Calculating constant C

。

14. The apparatus of claim 13, wherein P is 2 to the power of T, T being an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

15. The apparatus of claim 12, the iterative computation module to obtain an additive patch of the inverse square root of the data to be processed comprising:

obtaining the data to be processed

First addition slicing of the reciprocal square root of

And the data to be processed

Second addition slicing of the reciprocal square root of

，

And

is a floating point number, and

。

16. a privacy-preserving data processing apparatus comprising:

an input module for acquiring the data to be processed stored by the first participant in the form of floating point number

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

the computing module is used for converting the addition fragment shared by the first party and the second party into the multiplication fragment; the multiplication fragment is also used for determining the multiplication fragment of the initial value of the iteration estimation value locally calculated by the first party and the second party according to the multiplication fragment; according to the multiplication fragment of the initial value of the iteration estimation value, Newton iteration processing of the reciprocal of the square root of the floating point number based on privacy protection is carried out through the joint calculation of the first party and the second party; converting the addition fragment shared by the first party and the second party in secret into the multiplication fragment comprises the following steps: converting the addition fragment shared by the first party and the second party into a multiplication fragment by using the multiplication operation on the addition secret sharing;

And second addition fragmentation

，

And

is a floating point number, and

。

17. the apparatus of claim 16, wherein the computation module to determine from the multiplication slice an initial value of the iteration estimate computed locally by the first participant and the second participant comprises:

the first party floating point number P bit

P is the number of digits of a floating-point number;

calculating constant C

；

The second party floating point number P bit

；

Calculating constant C

。

18. A privacy-preserving data processing apparatus comprising:

the storage module is used for storing a first fragment of the data to be processed under secret sharing by a first participant in a floating point number mode; the first shard is an addition shard of the to-be-processed data stored by the first participant under secret sharing;

the multiplication conversion module is used for calculating preprocessing data used by a second party in the multiplication fragment through local calculation and secret sharing and sending the preprocessing data to the second party so as to determine a result of converting the addition fragment shared by the home terminal and the second party into the multiplication fragment; the multiplication shards are obtained by converting the addition shards shared by the first party and the second party by using the multiplication operation on the addition secret sharing;

19. The apparatus of claim 18, wherein the computing of the preprocessed data used by the second party in the multiplicative shard through the local computing and secret sharing and sending the preprocessed data to the second party determines a result of transforming the additive shard shared by the local and second parties secret into the multiplicative shard:

locally generating random numbers using a pseudo-random number generator

And find

And is calculated to obtain

Wherein, in the step (A),

；

to-be-processed data stored for local terminal

The first slice under the sharing of the secret,

data to be processed stored for a second party

A second slice under the sharing of the secret,

；

is an integer stored in the form of a floating point number;

and the second party jointly calculates through secret sharing multiplication

To obtain

The second party gets

；

Computing

And will be

Sending to the second party to make the second party calculate

At this time

。

20. The apparatus of claim 19, wherein the processing module locally computes the multiply sliced initial value of the iteration estimate using the local multiply sliced, comprises:

floating point number of P bit

P is the number of digits of a floating-point number;

calculating constant C

。

21. The apparatus of claim 20, wherein P is 2 to the power of T, T being an integer greater than 5; and when P takes a value of 5, the constant C takes a value of 0x5fe6eb50C7b537a 9.

22. The apparatus of claim 19, wherein the obtained data to be processed is

First addition slicing of the reciprocal square root of

Satisfy the requirement of

，

And

is a floating-point number, and is,

obtaining the data to be processed for a second party

Second addition of the reciprocal square root of (a) is sliced.

23. A privacy preserving server comprising: at least one processor and a memory for storing processor-executable instructions, the processor implementing the steps of the method of any one of claims 1-5 when executing the instructions.

24. A privacy protection server comprising at least one processor and memory storing processor-executable instructions that when executed by the processor implement the steps of the method of any one of claims 6-10.