CN113467752A - Division operation device, data processing system and method for private calculation - Google Patents

Abstract

The application relates to a division operation device, a data processing system and a method for private calculation. The division operation device includes: a first shifter configured to shift the dividend by a first fixed number of bits to the right to obtain an intermediate result; a multiplier configured to multiply the intermediate result and the main parameter to obtain a multiplication result; and a second shifter configured to shift the multiplication result by a second fixed bit number to the right. The quotient of the dividend and the divisor is determined based on the output result of the second shifter. When the divisor is the same as the divisor corresponding to the other dividend, the first fixed digit corresponding to the other dividend is used as the first fixed digit, and the second fixed digit corresponding to the other dividend is used as the second fixed digit. Therefore, the method is beneficial to improving the calculation speed, saving the hardware resource and being suitable for the division operation with large integer bit width, and the overall efficiency of pipeline processing of a plurality of division operation operations is improved through parameter multiplexing and module multiplexing.

Description

Division operation device, data processing system and method for private calculation

Technical Field

The application relates to the technical field of data security and privacy protection, in particular to a division operation device, a data processing system and a method for privacy calculation.

Background

With the development of application fields such as artificial intelligence and big data mining analysis, the demand for data volume is more and more increased. For example, training artificial intelligence application models requires the use of large amounts of training data with appropriate data labels or feature values. High quality data often comes from application data generated and accumulated in business activities. However, application data is often distributed among different organizations and individuals, for example, transaction data is distributed among various financial institutions and medical diagnosis data is distributed among various medical institutions. Application data across industries and domains is also dispersed, for example, social attribute data and e-commerce transaction data in the internet domain are controlled by different entities. As the importance of data ownership, user privacy, data security, and the like are more emphasized, and as the laws and regulations put more strict constraints and requirements on data collection processing, organizations or individuals who grasp application data are often unwilling or do not have appropriate means to collaborate with each other, so that it is difficult for the application data grasped by each organization or individual to work together. This dilemma in data sharing and collaborative collaboration is referred to as data islanding. In order to solve the problem of cross-industry and cross-organization data cooperation, particularly the key problems of privacy protection and data security, a federal learning concept is provided. The federated learning refers to each participant who owns data, and under the premise that protected private data is not shared and the own data is not transmitted to the outside, the relevant information of the model is exchanged in an encryption mode, so that the collaborative optimization of the federated learning model is realized. The federated learning can be divided into horizontal federated learning with large overlap in the data feature space and small overlap in the sample space, vertical federated learning with small overlap in the data feature space and large overlap in the sample space, and federated migration learning with small overlap in both the data feature space and the sample space according to the distribution conditions of the data feature space and the sample space of the training data.

In a related application scene of federal learning, each participant with data protects data security and user privacy through a privacy protection technology, for example, a homomorphic encryption method is adopted to encrypt original data, namely plaintext, and then encrypted secret data, namely ciphertext, is used for model training, gradient calculation, parameter calculation and the like. The homomorphic encryption method allows efficient operations such as algebraic operations directly on the ciphertext, such as addition and multiplication, and the result of computing the ciphertext directly is equivalent to the result of computing the plaintext after decryption, so that the computation is performed based on the public key and the ciphertext only without knowing the secret key. These data encryption techniques and cryptographic operation techniques are collectively referred to as privacy computations. Private computation requires the use of a large number of complex operator operations, including division operations of large integer bit widths. For example, one common homomorphic encryption method is the Paillier algorithm, the decryption computation of which requires a division operation on dividends and divisors with large integer bit widths, and the bit widths of the dividends and divisors may be 1024 bits, 2048 bits, 4096 bits, or more.

In the prior art, the division operation performed by the processor generally includes a table lookup method and an iteration method. The table lookup method requires that the division operation result is stored in advance, and is not suitable for complex application scenarios of privacy calculation and federal learning. The basic principle of the iterative method is that the next operation uses the result of the last operation. One digital iterative algorithm that does not recover the remainder is (sweet Robertson and tokher, SRT) algorithm, which obtains a quotient result of a fixed number of bits through addition and subtraction operations and shift operations at each iterative operation. For example, the SRT algorithm with the radix number of 4 obtains a quotient result of 2 bits through each iterative operation, and the SRT algorithm with the radix number of 8 obtains a quotient result of 3 bits through each iterative operation. Increasing the radix number can reduce the number of iterations but the radix number increases, which results in a more complicated calculation process for determining the quotient digit result in each iteration operation, and when the bit widths of the dividend and the divisor are large, the overall number of iterations of the SRT algorithm becomes too large and the iteration operation process is complicated, thus being not suitable for complicated application scenarios of privacy calculation and federal learning. Therefore, a division operation device, a data processing system and a method for private calculation are needed, which can cope with division operation of large integer bit width involved in private calculation and have better calculation speed and hardware resource utilization efficiency.

Disclosure of Invention

In order to solve the problem that division operation of large integer bit width involved in privacy calculation has good calculation speed and hardware resource utilization efficiency at the same time, the embodiment of the application provides the division operation device, the data processing system and the method for privacy calculation, so that the division operation of the large integer bit width has good calculation speed and hardware resource utilization efficiency at the same time in the complex application scenes of privacy calculation and federal learning.

In a first aspect, an embodiment of the present application provides a division operation apparatus. The division operation apparatus includes: a first shifter, wherein the first shifter is configured to shift the dividend to the right by a first fixed number of bits to obtain an intermediate result; a multiplier, wherein the multiplier is configured to multiply the intermediate result and a main parameter to obtain a multiplication result; and a second shifter, wherein the second shifter is configured to shift the multiplication result to the right by a second fixed bit number;

wherein a division result is determined according to an output result of the second shifter, the division result is a quotient of the dividend and the divisor, the division operation device stores the divisor, the first fixed bit number, and the second fixed bit number corresponding to another dividend, respectively, and the division operation device is further configured to: comparing the divisor to a divisor corresponding to the other dividend; and when the divisor is the same as the divisor corresponding to the other dividend, taking a first fixed digit corresponding to the other dividend as the first fixed digit, and taking a second fixed digit corresponding to the other dividend as the second fixed digit.

In the technical scheme described in the first aspect, the division operation of the integer division operation is simplified into the combination of the displacement operation of the fixed digit and the multiplication operation, so that the complex operations of iterative operation and quotient digit selection are saved, the calculation speed is improved, the hardware resources are saved, and the method is also suitable for the division operation of the large integer bit width. And the overall efficiency of pipelined processing of multiple division operations is improved through parameter multiplexing and module multiplexing.

According to a possible implementation manner of the technical solution of the first aspect, an embodiment of the present application further provides that the division operation apparatus further stores a bit width of a divisor corresponding to the another dividend, and the division operation apparatus is further configured to: when the divisor is different from the divisor corresponding to the other dividend, comparing the bit width of the divisor with the bit width of the divisor corresponding to the other dividend, wherein the bit width of the divisor is obtained by performing downward rounding operation on the logarithm of the divisor with the first parameter as the base; and when the bit width of the divisor is the same as the bit width of the divisor corresponding to the other dividend, taking a first fixed bit number corresponding to the other dividend as the first fixed bit number, and taking a second fixed bit number corresponding to the other dividend as the second fixed bit number. In this way, the overall efficiency of pipelined processing of multiple division operations is improved through parameter multiplexing and module multiplexing.

In a second aspect, an embodiment of the present application provides a method for division operation, where the method includes: calculating a main parameter according to a divisor, a first parameter, a second parameter and a bit width, wherein the bit width is determined according to the first parameter and the divisor; shifting the dividend to the right by a first fixed bit number to obtain an intermediate result, wherein the first fixed bit number is determined according to the first parameter, the bit width and a third parameter; multiplying the intermediate result and the main parameter to obtain a multiplication result; and shifting the multiplication result to the right by a second fixed digit, and adding a positive integer 1 to obtain a quotient of the dividend and the divisor, wherein the second fixed digit is determined according to the first parameter, the bit width, the second parameter and the third parameter, wherein the second parameter and the third parameter respectively vary according to a variation of the bit width, and the second parameter and the third parameter can be adjusted to adjust the precision of the division result.

In the technical scheme described in the second aspect, the division operation of the integer division operation is simplified into the combination of the displacement operation and the multiplication operation of the fixed digit, so that the complex operations of iterative operation and quotient digit selection are saved, the calculation speed is improved, the hardware resources are saved, and the method is also suitable for the division operation of the large integer bit width. And, it is achieved that the efficiency and accuracy of the overall calculation is improved by fine-tuning the second parameter and the third parameter.

According to a possible implementation manner of the technical solution of the second aspect, an embodiment of the present application further provides that the determining of the bit width according to the first parameter and the divisor includes: the bit width is obtained by rounding down the logarithm of the divisor based on the first parameter. The second parameter and the third parameter are respectively changed according to the change of the bit width, and the method comprises the following steps: when the change of the bit width of the divisor is within a preset range, the second parameter and the third parameter are respectively kept unchanged. In this way, the overall efficiency of pipelined processing of multiple division operations is improved through parameter multiplexing and module multiplexing.

In a third aspect, an embodiment of the present application provides a data processing system, where the data processing system is configured to process a first division operation, where the first division operation corresponds to a first dividend and a first divisor, and the data processing system includes: a first shifter, wherein the first shifter is configured to shift the first dividend to the right by a first fixed number of bits resulting in an intermediate result; a multiplier, wherein the multiplier is configured to multiply the intermediate result and a main parameter to obtain a multiplication result; a second shifter, wherein the second shifter is configured to shift the multiplication result to the right by a second fixed bit number, wherein a processing result of the first division operation is determined from an output result of the second shifter; a division module, wherein the division module stores a second divisor, and the second divisor corresponds to a second division operation; a bit width module, wherein the bit width module stores a second bit width, and the second bit width corresponds to the second divisor; a first fixed-bit module, wherein the first fixed-bit module comprises a first fixed-bit buffer that stores a first fixed bit of the second division operation; and a second fixed-bit module, wherein the second fixed-bit module includes a second fixed-bit buffer, and the second fixed-bit buffer stores a second fixed bit of the second division operation, and when the first divisor is the same as the second divisor, the first fixed-bit module sends the first fixed bit of the second division operation to the first shifter as the first fixed bit, and the second fixed-bit module sends the second fixed bit of the second division operation to the second shifter as the second fixed bit.

In the technical scheme described in the third aspect, the division operation of the integer division operation is simplified into the combination of the displacement operation and the multiplication operation of the fixed digit, so that the complex operations of iterative operation and quotient digit selection are saved, the calculation speed is improved, the hardware resources are saved, and the method is also suitable for the division operation of the large integer bit width. And the overall efficiency of pipelined processing of multiple division operations is improved through parameter multiplexing and module multiplexing.

According to a possible implementation manner of the technical solution of the third aspect, the embodiment of the present application further provides that the main parameter is determined according to the first parameter, the second parameter, the bit width of the first divisor, and the data processing system may adjust the precision of the first division operation by adjusting the second parameter. In this way, it is achieved that the efficiency and accuracy of the overall calculation is improved by fine tuning the second parameter.

Drawings

In order to explain the technical solutions in the embodiments or background art of the present application, the drawings used in the embodiments or background art of the present application will be described below.

Fig. 1 shows a schematic flow diagram of a division operation method provided in an embodiment of the present application.

Fig. 2 is a schematic flow chart illustrating a method for performing pipelined division on multiple batches of data based on the division method shown in fig. 1 according to an embodiment of the present application.

Fig. 3 shows a block diagram of a division operation apparatus according to an embodiment of the present application, which is used to implement the method for performing pipelined division operation on multiple batches of data shown in fig. 2.

Fig. 4 is a schematic structural diagram of a data processing system including the division operation apparatus shown in fig. 3 according to an embodiment of the present application.

Detailed Description

The embodiment of the application provides a division operation device, a data processing system and a method for privacy calculation, in order to solve the problem that division operation with large integer bit width involved in privacy calculation has good calculation speed and hardware resource utilization efficiency. The division operation apparatus includes: a first shifter, wherein the first shifter is configured to shift the dividend to the right by a first fixed number of bits to obtain an intermediate result; a multiplier, wherein the multiplier is configured to multiply the intermediate result and a main parameter to obtain a multiplication result; and a second shifter, wherein the second shifter is configured to shift the multiplication result to the right by a second fixed bit number; wherein a division result is determined according to an output result of the second shifter, the division result is a quotient of the dividend and the divisor, the division operation device stores the divisor, the first fixed bit number, and the second fixed bit number corresponding to another dividend, respectively, and the division operation device is further configured to: comparing the divisor to a divisor corresponding to the other dividend; and when the divisor is the same as the divisor corresponding to the other dividend, taking a first fixed digit corresponding to the other dividend as the first fixed digit, and taking a second fixed digit corresponding to the other dividend as the second fixed digit. Therefore, the division operation of the integer division operation is simplified into the combination of the displacement operation of the fixed digit and the multiplication operation, so that the complex operations of iterative operation and quotient digit selection are saved, the calculation speed is improved, the hardware resource is saved, and the method is also suitable for the division operation of the large integer bit width. And the overall efficiency of pipelined processing of multiple division operations is improved through parameter multiplexing and module multiplexing.

The embodiment of the application can be applied to the following application scenarios, including but not limited to federal learning, privacy computation, homomorphic encryption and decryption algorithm, Paillier decryption algorithm, division operation with large integer bit width, or any other application scenario requiring division operation for processing multiple batches of data in a high-speed and high-efficiency pipeline manner.

The embodiments of the present application may be modified and improved according to specific application environments, and are not limited herein.

In order to make the technical field of the present application better understand, embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.

Referring to fig. 1, fig. 1 is a schematic flow chart illustrating a division operation method according to an embodiment of the present disclosure. As shown in fig. 1, the method 100 of division includes the following steps.

Step S102: and calculating a main parameter U according to the divisor D, the first parameter R, the second parameter W and the bit width N, wherein the bit width N is determined according to the first parameter R and the divisor D.

The calculation of bit width N refers to the following formula (1), and the calculation of main parameter U refers to the following formula (2).

Here, it is assumed that the dividend is X and the divisor is D, and it is further assumed that the dividend X can be divided by the dividend D, that is, the result of performing the modulus operation on the dividend X by using the divisor D as a modulus is zero. In formula (1), the + -, (r) represents a rounding-down operation; n represents a bit width; d represents a divisor; r represents a first parameter. In formula (2), the + -represents a rounding-down operation; u represents a main parameter; r represents a first parameter; n represents the bit width and is determined according to formula (1); w represents a second parameter. Equation (1) means that bit width N is the sum of the rounding operation performed on the logarithm of divisor D based on first parameter R plus the positive integer 1. The formula (2) means that the main parameter U is the result of dividing the divisor D after the rounding operation is performed again with the first parameter R as the power base and (2N + W) as the power exponent. It should be understood that the first parameter R is generally fixed to an integer power of 2, for example the first parameter R may be 2 or 16 or 64. That is, for a given first parameter R, the bit width N is determined by the divisor D, and different divisors D may correspond to the same bit width N according to equation (1). For a given first parameter R, the main parameter U varies as the second parameter W varies, when the divisor D and the corresponding bit width N are determined.

It should be understood that the calculation of the main parameter U in equation (2) may be implemented by any suitable conventional technique. For example, the operation may be implemented by a Central Processing Unit (CPU) executing software layer operations. For another example, it can be realized by a combination of a shift register, a subtraction circuit, and a comparison circuit, and cyclic calculation. These may be adjusted according to actual needs, and are not specifically limited herein.

Step S104: the dividend X is shifted to the right by a first fixed bit number S1 to obtain an intermediate result Y, and the first fixed bit number S1 is determined according to the first parameter R, the bit width N, and the third parameter L.

The calculation of the first fixed position number S1 refers to equation (3).

S1＝log₂(R×(N-L)) (3)

In formula (3), S1 represents a first fixed number of bits; r represents a first parameter; n represents a bit width; l represents a third parameter. It should be appreciated that for a given first parameter R, when the divisor D and the corresponding bit width N are determined, then the first fixed number of bits S1 varies as the third parameter L varies.

Step S106: and multiplying the intermediate result Y and the main parameter U to obtain a multiplication result P.

The intermediate result Y is obtained by shifting the dividend X to the right by the first fixed bit number S1 in step S104, and the main parameter U is obtained by calculating according to the divisor D, the first parameter R, the second parameter W, and the bit width N in step S102.

Step S108: the multiplication result P is shifted to the right by a second fixed number S2, and then a positive integer 1 is added to obtain a quotient ANS, where the second fixed number S2 is determined according to the first parameter R, the bit width N, the second parameter W, and the third parameter L.

The calculation of the second fixed position number S2 refers to equation (4).

S2＝log₂(R×(N+W+L)) (4)

In formula (4), S2 represents the second fixed number of bits; r represents a first parameter; n represents a bit width; w represents a second parameter; l represents a third parameter. It should be appreciated that for a given first parameter R, when the divisor D and the corresponding bit width N are determined, then the second fixed number of bits S2 varies as the sum of the second parameter W and the third parameter L is added. The quotient ANS is the result of dividing the dividend X by the divisor D, and is the result of adding the positive integer 1 after shifting the multiplication result P obtained in step S106 to the right by the second fixed number S2.

With reference to steps S102 to S108, the result ANS of the integer division of the divisor D by the dividend X may sequentially shift the dividend X to the right by the first fixed number S1 to obtain an intermediate result Y, multiply the intermediate result Y with the main parameter U to obtain a multiplication result P, and shift the multiplication result P to the right by the second fixed number S2 plus the positive integer 1. That is, the calculation flow of the division operation in which the dividend X performs the integer division on the divisor D can be realized by two right shift operations and one multiplication operation, and an operation of adding a positive integer 1. Thus, the division operation method 100 shown in fig. 1 simplifies the division operation of the integer division operation into a combination of the displacement operation and the multiplication operation which mainly include fixed digits, so that multiple iterative operations are not required, and complex operations for determining quotient digit results in the iterative operations are not required, which is beneficial to improving the calculation speed and saving hardware resources. In addition, the simplified shift operation and multiplication operation can be applied to data with any bit width, the overall operation complexity is not particularly complicated due to large-bit-width data, and the overall calculation flow is not additionally provided with additional operation due to large-integer-bit-width data, so that the method is applicable to division operation of large integer bit width involved in privacy calculation. And if different dividends are suitable for the same divisor, the same main parameter can be suitable for the same divisor, which means that the calculation processes of division operations of respective integer division operations of the dividends suitable for the same divisor can multiplex the same main parameter, and can also multiplex the bit width, the first parameter, the second parameter and the third parameter, thereby being beneficial to improving the overall efficiency of pipeline processing of a plurality of division operations through parameter multiplexing and module multiplexing. And if the divisors corresponding to different dividends are determined to have the same bit width according to the formula (1), the bit width, the first parameter, the second parameter and the third parameter can be multiplexed, so that the same first fixed bit number and the same second fixed bit number can be multiplexed, namely, the respective divisors are only needed to be adopted in a multiplication link to calculate corresponding main parameters, and the overall efficiency of pipeline processing of a plurality of division operation operations is improved through parameter multiplexing and module multiplexing. And the first parameter R as a power base number determines a data bit width specification of a multiplication link, and the first parameter R can be flexibly configured according to actual needs, for example, according to an interface specification of a multiplication module or a multiplication circuit for large integer multiplication, so that the hardware implementation has more flexible adaptability. And the second parameter and the third parameter are used for determining the fixed number of the displacement operation and can be used for adjusting the error and the precision of the final calculation, so that the efficiency and the precision of the overall calculation can be improved by fine-tuning the second parameter and the third parameter.

Referring to fig. 2, fig. 2 is a schematic flow chart illustrating a method for performing pipelined division on multiple batches of data based on the division method shown in fig. 1 according to an embodiment of the present disclosure. As shown in FIG. 2, the multi-batch data division method 200 includes the following steps.

Step S202: and giving a first parameter R, receiving a plurality of dividends and a plurality of divisors corresponding to the dividends, and dividing paired dividends X and divisors D each time.

The multi-batch data division method 200 is used for pipelined processing of division of a plurality of dividends and corresponding divisors. Each batch means a pair of dividend and divisor, and the multi-batch data means a plurality of pairs of dividend and divisor. The operation following step S202 is for one batch of data or the paired dividend X and divisor D among multiple batches of data. It should be understood that referring to fig. 1 and 2, the first parameter R is generally fixed to an integer power of 2, for example, the first parameter R may be 2 or 16 or 64. The first parameter R can be flexibly configured according to actual needs, for example, according to interface specifications of a multiplication module or a multiplication circuit for large integer multiplication, so that more flexible adaptability in hardware implementation is achieved. For this purpose, a first parameter R may be given, for example, according to the interface specification of the multiplication circuit, and the given first parameter R is applicable to the received dividends and the divisors.

Step S204: and judging whether the divisor D is the same as the divisor of the last division operation in the divisor buffer. If the two are the same, step S214 is executed, and if the two are not the same, step S208 is executed.

The divisor buffer stores the divisor of the last division operation, and the divisor stored in the divisor buffer can be set to 0 when the initial operation is carried out or the divisor buffer is initialized. In step S204, if the divisor D is determined to be the same as the divisor of the previous division operation in the divisor buffer, step S214 is performed, and if the divisor D is determined to be different from the divisor of the previous division operation in the divisor buffer, step S206 is performed.

Step S206: the divisor buffer is updated with the divisor D.

In combination with step S204 and step S206, when it is determined in step S204 that the divisor D is not the same as the divisor of the previous division operation in the divisor buffer, step S206 is executed and the divisor buffer is updated, so that the updated divisor memory stores the divisor D of the current division operation. Thus, the multiplexing of the divisor can be realized, and the divisor buffer is updated only when the divisors are different.

Step S208: and calculating the bit width N according to the divisor D and judging whether the bit width N is the same as the bit width of the last division operation in the bit width buffer. If the two are the same, step S210 is executed, and if the two are not the same, step S212 is executed.

The bit width buffer stores the bit width of the last division operation, and the bit width stored in the bit width buffer can be set to 0 when the initial operation is performed or the bit width buffer is initialized. In step S208, the bit width N is calculated according to the given first parameter R and the divisor D with reference to the above formula (1), if the bit width N is determined to be the same as the bit width of the previous division operation in the bit width buffer, step S210 is performed, and if the bit width N is determined to be different from the bit width of the previous division operation in the bit width buffer, step S212 is performed. Thus, assuming that the divisor D is different from the divisor of the previous division operation, but according to the formula (1), it can be known that the bit width N corresponding to the divisor D is the same as the bit width of the previous division operation, that is, the bit width N is determined to be different in step S204 but the bit width N is determined to be the same in step S208, step S210 may be executed, and multiplexing of the bit width may also multiplex other parameters, which is beneficial to improving the overall efficiency of pipeline processing of multiple division operation operations through parameter multiplexing and module multiplexing.

Step S210: and calculating a main parameter U according to the divisor D and updating a main parameter buffer.

The main parameter buffer stores the main parameter of the last division operation, and the main parameter stored in the main parameter buffer can be set to 0 when the initial operation is performed or the main parameter buffer is initialized. As described above, if it is determined in step S204 to be different but determined in step S208 to be the same, step S210 is performed, which means that the divisor D is different from the divisor of the previous division, but the bit width N of the divisor D is the same as the bit width of the previous division. Thus, the main parameter U can be calculated according to the divisor D and the main parameter buffer can be updated by referring to the formula (2). But may multiplex bit widths, or may multiplex the second parameter and the third parameter. For example, in formula (2), only the divisor D of the current division operation is used, and the bit width N of the last division operation, the second parameter W, and the given first parameter R may be multiplexed. Therefore, when the divisor D is different but the bit width N is the same, only the new main parameter U can be calculated, which is beneficial to improving the overall efficiency of pipelined processing of a plurality of division operation operations through parameter multiplexing and module multiplexing. It should be appreciated that calculating the new principal parameter U may be accomplished using any suitable conventional technique. For example, it may be implemented by a CPU or suitable computing device executing software-layer operations. For another example, it can be realized by a combination of a shift register, a subtraction circuit, and a comparison circuit, and cyclic calculation. These may be adjusted according to actual needs, and are not specifically limited herein.

Step S212: and updating the bit width buffer by using the bit width N, calculating the main parameter U, the second parameter W and the third parameter L according to the divisor D, and updating the main parameter buffer, the second parameter buffer and the third parameter buffer respectively.

If it is determined not to be the same in step S204 and not to be the same in step S208, step S212 is executed. This means that the divisor D is not the same as the divisor of the previous division operation, and the bit width N of the divisor D is not the same as the bit width of the previous division operation. Thus, the main parameter U, the second parameter W, and the third parameter L of the division operation need to be updated according to the new divisor D and the new bit width N. The main parameter U can be calculated according to the divisor D, the given first parameter R, the second parameter W, and the bit width N, referring to equation (2).

It should be appreciated that in one possible implementation, the second parameter W and the third parameter L may vary with the variation of the bit width N when the divisor D and the bit width N are different from the divisor and the bit width N of the last division operation, respectively. That is, if the divisor D and bit width N of the current division operation are different from the divisor and bit width of the previous division operation, new second parameter W and third parameter L need to be calculated, and the second parameter buffer and third parameter buffer need to be updated. In another possible embodiment, it may be set that the change of the second parameter W and the third parameter L is triggered only when the change of the bit width N exceeds a certain range. That is, the second parameter W and the third parameter L each correspond to a plurality of bit widths, or each correspond to a bit width within a certain range. For example, the second parameter W may be set to be the same fixed value when the bit width N is between 1024 bits and 2048 bits. That is, if the bit width of the respective divisor of the multiple batches of data varies from 1024 bits to 2048 bits, the multiple batches of data are applicable to the same second parameter W, i.e., the second parameter buffer does not need to be updated. Similarly, the third parameter L may be set to correspond to a plurality of bit widths, or each to correspond to a range of bit widths. Therefore, by setting the second parameter and the third parameter to respectively correspond to a plurality of bit widths, the frequency of the second parameter and the third parameter changing along with the change of the bit widths can be reduced, and the overall efficiency of pipeline processing of a plurality of division operation operations can be improved through parameter multiplexing and module multiplexing.

Step S214: and calling the bit width N, the main parameter U, the second parameter W and the third parameter L which are respectively stored in the bit width buffer, the main parameter buffer, the second parameter buffer and the third parameter buffer, performing division operation between the dividend X and the divisor D, and outputting a division operation result ANS.

For one batch of data or paired dividend X and divisor D in multiple batches of data, by calling bit width N, main parameter U, second parameter W and third parameter L stored in the bit width buffer, main parameter buffer, second parameter buffer and third parameter buffer, referring to steps, formula (3) and formula (4) shown in fig. 1, a first fixed bit number S1 and a second fixed bit number S2 are calculated, shifting dividend X to the right by the first fixed bit number S1 to obtain an intermediate result Y, performing multiplication operation on the intermediate result Y and the main parameter U to obtain a multiplication result P, and shifting the multiplication result P to the right by the second fixed bit number S2 plus a positive integer 1 to obtain a division operation result.

It should be understood that if the divisor D is determined to be the same as the divisor of the previous division operation in step S204, the bit width N, the main parameter U, the second parameter W, and the third parameter L may be multiplexed, that is, S214 is directly executed after step S204 to directly call the bit width N, the main parameter U, the second parameter W, and the third parameter L used for the previous division operation for division operation. If it is determined in step S204 that the divisor D is not the same as the divisor of the previous division operation, but it is determined in step S208 that the bit width N of the divisor D is the same as the bit width of the previous division operation, step S210 may be executed to update the main parameter U, and then step S214 may be executed, so as to invoke the updated main parameter U and invoke the bit width N, the second parameter W, and the third parameter L used in the previous division operation to perform the division operation. If the divisor D is determined to be different from the divisor of the previous division in step S204, and the bit width N of the divisor D is determined to be different from the bit width of the previous division in step S208, step S214 is performed after step S212 is performed to update the main parameter U, the second parameter W, and the third parameter L. As described above, in step S212, in one possible implementation, the second parameter W and the third parameter L may be set to correspond to a plurality of bit widths or to a range of bit widths.

With reference to steps S202 to S214, the multi-batch data division method 200 shown in fig. 2 performs division on each batch of data by using the division method 100 shown in fig. 1, so that similar technical effects are obtained, including that a plurality of iterations are not required, and complex operations for determining quotient result in the iterations are not required, which is beneficial to improving calculation speed and saving hardware resources; the method is suitable for division operation of large integer bit width involved in privacy calculation. And whether the divisors are the same or not is judged firstly, and then whether the bit widths of the divisors are the same or not is judged to determine how to multiplex the parameters of the last division operation to complete the operation, so that the overall efficiency of pipeline processing of a plurality of division operation operations is improved through parameter multiplexing and module multiplexing. In a possible implementation manner, the second parameter and the third parameter may be set to correspond to a plurality of bit widths respectively or to correspond to a bit width within a certain range respectively, so as to further facilitate improving the overall efficiency of pipelined processing of a plurality of division operations through parameter multiplexing and module multiplexing.

Fig. 3 shows a block diagram of a division operation apparatus according to an embodiment of the present application, which is used to implement the method for performing pipelined division operation on multiple batches of data shown in fig. 2. As shown in fig. 3, the division device 300 receives the dividend X and the divisor D and outputs a division result ANS. The division operation apparatus 300 includes a first shifter 301, a multiplier 302, a second shifter 303, and an adder 304. The first shifter 301 is configured to shift the dividend X to the right by a first fixed number S1 to obtain an intermediate result Y, the multiplier 302 is configured to multiply the intermediate result Y and the main parameter U to obtain a multiplication result P, the second shifter 303 is configured to shift the multiplication result P to the right by a second fixed number S2, and the adder 304 is configured to add a positive integer 1 to an output result of the second shifter 303 to obtain a division result ANS, that is, a quotient obtained by dividing the dividend X and the divisor D. In this way, the flow of the division operation in which the dividend X performs the integer division on the divisor D can be realized by two right shift operations and one multiplication operation and the operation of adding the positive integer 1, and the pipeline processing is performed by the first shifter 301, the multiplier 302, the second shifter 303 and the adder 304 shown in fig. 3. The division operation apparatus 300 is used for pipeline processing of division operations of a plurality of dividends and corresponding divisors. Each batch means a pair of dividend and divisor, and the multi-batch data means a plurality of pairs of dividend and divisor. The dividend X and the divisor D shown in fig. 3 belong to the same batch, or the dividend X corresponds to the divisor D, or the dividend X and the divisor D are paired and used for the current division operation, so as to be distinguished from the division operations of other batches of data.

With continued reference to FIG. 3, the division device 300 further includes a first fixed number S1 module 340, a second fixed number S2 module 344, and a main parameter U module 314. The first shifter 301 is connected to the first fixed number S1 module 340 and shifts the dividend X to the right according to the first fixed number S1 provided by the first fixed number S1 module 340, and the second shifter 303 is connected to the second fixed number S2 module 344 and shifts the multiplication result P to the right according to the second fixed number S2 provided by the second fixed number S2 module 344. The first fixed number of bits S1 module 340 and the second fixed number of bits S2 module 344 are used to generate a first fixed number of bits S1 and a second fixed number of bits S2, respectively. The multiplier 302 is connected to the main parameter U module 314 and multiplies the intermediate result Y according to the main parameter U provided by the main parameter U module 314. The main parameter U module 314 is used to generate a main parameter U. Thus, the division result ANS obtained by dividing the dividend X by the divisor D can be determined through the first fixed number S1 module 340, the second fixed number S2 module 344, and the main parameter U module 314.

Referring to fig. 3, the division operation apparatus 300 further includes a divisor D module 310, a bit width N module 320, a first parameter R module 318, a second parameter W module 334, and a third parameter L module 330. The divisor D module 310 receives the divisor D and determines whether the divisor D is the same as the divisor of the previous division operation. The bit width N module 320 is coupled to the divisor D module 310. When the divisor D module 310 determines that the divisor D is different from the divisor of the previous division operation, the bit width N module 320 calculates the bit width N according to the divisor D and determines whether the bit width N is the same as the bit width of the previous division operation in the bit width buffer. The divisor D module 310 includes a divisor controller 311 and a divisor buffer 312. The divisor buffer 312 stores the divisor of the previous division operation, and may be set to an initial value of 0 or any suitable value. The divisor controller 311 is configured to compare the received divisor D with the divisor of the previous division operation stored in the divisor buffer 312 and determine whether the two are the same. If the divisor controller 311 determines that the divisor D is the same as the divisor of the previous division operation, which means that all the parameters can be multiplexed, the divisor D module 310 will send the result of the determination to the bit width N module 320 and the main parameter U module 314, and will keep the divisor buffer 312 unchanged. If the divisor D is determined by the divisor controller 311 to be different from the divisor of the previous division operation, which means that the bit width N needs to be calculated according to the formula (1) and the main parameter U needs to be calculated according to the formula (2), the divisor D module 310 will send the result determined to be different to the bit width N module 320 and the main parameter U module 314 together with the divisor D, and update the divisor buffer 312 with the divisor D. Thus, in the divisor D module 310, the divisor D is compared with the divisor of the previous division operation by the divisor controller 311 and the corresponding determination result is sent to the next-stage module, and the next-stage module, after obtaining the determination result that the divisor D is the same as the divisor of the previous division operation, can also correspondingly send an instruction to the next-stage module, so that the same main parameter can be multiplexed, and the bit width, the first parameter, the second parameter, and the third parameter can be multiplexed, thereby being beneficial to improving the overall efficiency of pipeline processing of multiple division operation operations by parameter multiplexing and module multiplexing.

Referring to fig. 3, the bit width N module 320 and the main parameter U module 314 are next modules relative to the divisor D module 310, and perform corresponding operations according to the determination result of the divisor D module 310. If the divisor D module 310 determines that the divisor D is the same as the divisor of the previous division operation, the bit width N module 320 and the main parameter U module 314 also perform a parameter multiplexing operation and indicate the parameter multiplexing to the next module. Bit-width N block 320 includes a bit-width controller 321 and a bit-width buffer 322. The bit width buffer 322 stores the bit width of the last division operation. The bit width controller 321 performs corresponding operations according to the determination result provided by the divisor D module 310. If the divisor D module 310 determines that the divisor D is the same as the divisor of the previous division operation, the bit width controller 321 instructs the next-stage module to multiplex the parameters and keep the bit width buffer 322 unchanged. If the divisor D is determined by the divisor D module 310 to be different from the divisor of the previous division operation, the bit width controller 321 receives the divisor D sent by the divisor D module 310, calculates the bit width N according to the divisor D, and determines whether the bit width N is the same as the bit width of the previous division operation stored in the bit width buffer 322. If the bit width controller 321 determines that the bit width N is the same as the bit width of the last division operation stored in the bit width buffer 322, this means that the divisor D is different from the divisor of the last division operation, but the bit width N of the divisor D is the same as the bit width of the last division operation, which means that the bit width, the second parameter, and the third parameter can be multiplexed and only a new main parameter needs to be calculated, and the bit width controller 321 instructs the next-stage module to perform parameter multiplexing and keep the bit width buffer 322 unchanged. If the bit width controller 321 determines that the bit width N is different from the bit width of the last division operation stored in the bit width buffer 322, the bit width buffer 322 is updated with the calculated bit width N, and the result determined to be different and the calculated bit width N are sent to the next stage module. The master parameter U-module 314 also includes a master parameter controller 315 and a master parameter buffer 316. The main parameter controller 315 is configured to receive an indication from the divisor D module 310 and perform a corresponding operation, and the main parameter buffer 316 stores the main parameter of the previous division operation. If the divisor D module 310 determines that the divisor D is the same as the divisor of the previous division, the main parameter controller 315 keeps the main parameter buffer 316 unchanged and sends the main parameter of the previous division to the multiplier 302. If the divisor D module 310 determines that the divisor D is not the same as the divisor of the previous division operation, it means that the main parameter U needs to be calculated according to the formula (2). In one possible embodiment, the main parameter U module 314 includes the necessary arithmetic circuitry or computational resources for calculating the main parameter U according to equation (2), for example, the main parameter controller 315 may have its own arithmetic function or otherwise provide a module with an arithmetic function. In another possible embodiment, the function of calculating the main parameter U according to the formula (2) may be performed by software or a central processing unit or the like located outside the division device 300, and the main parameter buffer 316 is used for storing the calculation result imported from the outside.

Referring to fig. 3, the bit width N module 320 is connected to the main parameter U module 314, the second parameter W module 334, and the third parameter L module 330. The second parameter W module 334 and the third parameter L module 330 are connected to a next-stage module with respect to the bit width N module 320, and perform corresponding operations according to the judgment result of the bit width N module 320. When the bit width N module 320 indicates parameter multiplexing, it means two possibilities, one is that the divisor D module 310 determines that the divisor D is the same as the divisor of the previous division operation, and the other is that the divisor D is different from the divisor of the previous division operation but the bit width N of the divisor D is the same as the bit width of the previous division operation. The second parameter W module 334 includes a second parameter controller 335 and a second parameter buffer 336, and the second parameter buffer 336 holds the second parameter of the previous division operation. When the bit width N block 320 indicates parameter multiplexing, the second parameter controller 335 leaves the second parameter buffer 336 unchanged and sends the second parameter of the previous division to the second fixed bit number S2 block 344 and the main parameter U block 314. The third parameter L module 330 includes a third parameter controller 331 and a third parameter buffer 332, where the third parameter buffer 332 stores the third parameter of the last division operation. When the bit width N block 320 indicates parameter multiplexing, the third parameter controller 331 keeps the third parameter buffer 332 unchanged and sends the third parameter of the previous division operation to the first fixed bit S1 block 340 and the second fixed bit S2 block 344. Thus, the divisor D module 310 controls the bit width N module 320 to perform parameter multiplexing, and the bit width N module 320 controls the second parameter W module 334 and the third parameter L module 330 to perform parameter multiplexing, thereby forming a two-stage parameter multiplexing mechanism. The division operation device 300 is used for processing a plurality of batches of data in a pipeline manner, each batch of data comprises a respective dividend and a corresponding divisor, the parameter multiplexing mechanism judges whether different dividends are applicable to the same divisor through the divisor D module 310 at the first stage, and if the same divisor is applicable, the divisor of the last division operation and other parameters are multiplexed, so that the calculation efficiency is improved. The parameter multiplexing mechanism further determines whether the same divisor is not applicable or not through the bit width N module 320 at the second stage. If the same bit width is applied, the bit width, the first parameter, the second parameter and the third parameter can be multiplexed, so that the same first fixed bit number and the same second fixed bit number can be multiplexed, namely, the corresponding main parameters are calculated only by adopting respective divisors in a multiplication link, and the overall efficiency of pipelined processing of multiple division operation operations is improved through parameter multiplexing and module multiplexing.

Referring to fig. 3, when the bit width N module 320 determines that the bit width N is different from the bit width of the last division operation stored in the bit width buffer 322, the second parameter controller 335 calculates the second parameter W according to the bit width N provided by the bit width N module 320 and compares the calculated second parameter W with the second parameter of the last division operation, and the third parameter controller 331 calculates the third parameter L according to the bit width N provided by the bit width N module 320 and compares the calculated third parameter L with the third parameter of the last division operation. As can be seen from the above equations (3) and (4), the second parameter W and the third parameter L are used to determine the fixed number of bits for the displacement operation, and can be used to adjust the error and accuracy of the final calculation. In one possible embodiment, when the divisor D and the bit width N are different from the divisor and the bit width N of the last division operation, respectively, the second parameter W and the third parameter L may be changed following the change of the bit width N. That is, if the divisor D and the bit width N of the current division operation are different from the divisor and the bit width N of the previous division operation, new second parameter W and third parameter L need to be calculated, and the second parameter buffer 336 and the third parameter buffer 332 need to be updated. In another possible embodiment, it may be set that the change of the second parameter W and the third parameter L is triggered only when the change of the bit width N exceeds a certain range. That is, the second parameter W and the third parameter L each correspond to a plurality of bit widths, or each correspond to a bit width within a certain range. For example, the second parameter W may be set to be the same fixed value when the bit width N is between 1024 bits and 2048 bits. That is, if the bit width of the respective divisor of the multiple batches of data varies from 1024 bits to 2048 bits, the multiple batches of data are applicable to the same second parameter W, i.e., the second parameter buffer 336 does not need to be updated. Similarly, the third parameter L may be set to correspond to a plurality of bit widths, or each to correspond to a range of bit widths. Therefore, by setting the second parameter and the third parameter to respectively correspond to a plurality of bit widths, the frequency of the second parameter and the third parameter changing along with the change of the bit widths can be reduced, and the overall efficiency of pipeline processing of a plurality of division operation operations can be improved through parameter multiplexing and module multiplexing.

Referring to fig. 3, the division device 300 further includes a first parameter R module 318, and the first parameter R module 318 includes a first parameter register 319. It should be understood that the first parameter R is generally fixed to an integer power of 2, for example the first parameter R may be 2 or 16 or 64. When the division device 300 is used to process multiple batches of data, the data can be applied to the same given first parameter R. The first parameter R as a power base number determines a data bit width specification of a multiplication link, and the first parameter R can be flexibly configured according to actual needs, for example, according to an interface specification of a multiplication module or a multiplication circuit for large integer multiplication, so that the hardware implementation has more flexible adaptability. The first parameter buffer 319 is used for storing a given first parameter R, and the first parameter R module 318 may receive a new first parameter from outside the division apparatus 300, or may be configured when the division apparatus 300 is initialized. The first parameter R module 318 is connected to the main parameter U module 314, the second parameter W module 334, and the third parameter L module 330, and sends the first parameter stored in the first parameter buffer 319 to the main parameter U module 314, the second parameter W module 334, and the third parameter L module 330.

Referring to fig. 3, the first fixed bit number S1 module 340 is connected to the bit width N module 320 and receives the bit width provided by the bit width N module 320, connected to the third parameter L module 330 and receives the third parameter provided by the third parameter L module 330, and connected to the first parameter R module 318 and receives the first parameter provided by the first parameter R module 318. As described above, the first parameter R module 318 provides a given first parameter R, which may be configured at initialization or externally. The first fixed-bit S1 module 340 includes a first fixed-bit controller 341 and a first fixed-bit buffer 342. the first fixed-bit buffer 342 holds the first fixed bit of the last division. As can be seen from equation (3) above, given the first parameter R, when the bit width and the third parameter can be multiplexed, the first fixed number of bits can also be multiplexed. While the third parameter can be necessarily multiplexed when the bit width can be multiplexed. Therefore, the first fixed-bit controller 341 may determine whether to multiplex the first fixed bit of the last division operation stored in the first fixed-bit buffer 342 according to the output of the third parameter L module 330, or directly determine according to the judgment result of the bit width N module 320. Specifically, when the bit-width N module 320 determines that the bit-width N is the same as the bit-width of the previous division operation stored in the bit-width buffer 322, which means that the first fixed bit number S1 module 340 may multiplex the first fixed bit number of the previous division operation, and when the bit-width N module 320 determines that the bit-width N is different from the bit-width of the previous division operation stored in the bit-width buffer 322, the first fixed bit controller 341 calculates a new first fixed bit number S1 according to formula (3) and updates the first fixed bit buffer 342.

Referring to fig. 3, the second fixed bit number S2 module 344 is connected to the bit width N module 320 and receives the bit width provided by the bit width N module 320, connected to the second parameter W module 334 and receives the second parameter provided by the second parameter W module 334, connected to the third parameter L module 330 and receives the third parameter provided by the third parameter L module 330, and connected to the first parameter R module 318 and receives the first parameter provided by the first parameter R module 318. The second fixed bit S2 module 344 includes a second fixed bit controller 345 and a second fixed bit buffer 346, wherein the second fixed bit buffer 345 holds the second fixed bit of the previous division. As can be seen from equation (4) above, given the first parameter R, when the bit width, the second parameter, and the third parameter can be multiplexed, the second fixed number of bits can also be multiplexed. And when the bit width can be multiplexed, the second parameter and the third parameter can be necessarily multiplexed. Therefore, the second fixed-bit controller 345 may determine whether to multiplex the second fixed-bit number of the last division operation stored in the second fixed-bit buffer 346 according to the output result of the second parameter W module 334 and the output of the third parameter L module 330, or directly according to the determination result of the bit width N module 320. Specifically, when the bit-width N module 320 determines that the bit-width N is the same as the bit-width of the previous division operation stored in the bit-width buffer 322, which means that the second fixed bit number S2 module 344 can multiplex the second fixed bit number of the previous division operation, and when the bit-width N module 320 determines that the bit-width N is different from the bit-width of the previous division operation stored in the bit-width buffer 322, the second fixed bit controller 345 calculates a new second fixed bit number S2 according to formula (4) and updates the second fixed bit buffer 346.

Referring to fig. 3, the two-stage parameter multiplexing mechanism respectively determines whether different dividends are applicable to the same divisor through the divisor D module 310 at the first stage, and further determines whether the same bit width is applicable to the same divisor through the bit width N module 320 at the second stage. The first parameter R module 318 is initialized or receives a given first parameter R from the outside, and other modules of the division apparatus 300 perform parameter multiplexing and module multiplexing around the two-stage parameter multiplexing mechanism, which is described below with reference to table 1.

TABLE 1

As shown in table 1, it is assumed that a plurality of dividends (X1, X2, X3, X4, X5) and corresponding divisors (D1, D1, D2, D3, D4) are sent to the division operation apparatus 300 as a plurality of batches of data to be processed, and the data are applied to the same given first parameter R. The dividend X1 and the divisor D1 are processed in batch 1, and assuming that batch 1 is initialized, the divisor D module 310, the bit width N module 320, the main parameter U module 314, the second parameter W module 334, and the third parameter L module 330 of the division apparatus 300 respectively update the registers in the modules, and the first fixed bit S1 module 340 and the second fixed bit S2 module 344 respectively update the first fixed bit and the second fixed bit. The dividend X2 and the divisor D1 are processed in batch 2, since the divisor D1 for batch 2 is the same as the divisor D1 for batch 1, so all parameters can be multiplexed, and the first fixed bit number S1 module 340 and the second fixed bit number S2 module 344 also multiplex the first fixed bit number and the second fixed bit number for batch 1, respectively. Processing dividends X3 and D2 in batch 3, the divisor D2 for batch 3 is different from the divisor D1 for batch 2, but the bit width N1 for the divisor D2 for batch 3 is the same as the bit width N1 for the divisor D1 for batch 2, so the divisor D module 310 updates the buffers in the modules, the main parameter U module 314 updates the buffers in the modules, but multiplexing other parameters, and the first fixed bit number S1 module 340 and the second fixed bit number S2 module 344 also multiplex the first fixed bit number and the second fixed bit number for batch 2, respectively. The dividend X4 and the divisor D3 are processed in batch 4, the divisor D3 of batch 4 is different from the divisor D2 of batch 3, and the bit width N2 of the divisor D3 of batch 4 is different from the bit width N1 of the divisor D2 of batch 3, so the divisor D module 310 updates the buffers in the module, the main parameter U module 314 updates the buffers in the module, but the bit width N2 is changed below the threshold value compared to the bit width N1 or the bit width N2 is within the range allowing multiplexing of the parameters, i.e., the second parameter and the third parameter can be multiplexed, and the first fixed bit number S1 module 340 and the second fixed bit number S2 module 344 update the first fixed bit number and the second fixed bit number, respectively. The dividend X5 and the divisor D4 are processed in batch 5, the divisor D4 of batch 5 is different from the divisor D3 of batch 4, the bit width N3 of the divisor D4 of batch 5 is different from the bit width N2 of the divisor D3 of batch 4, and the bit width N3 is above the threshold or the bit width N3 is beyond the range of allowing parameter multiplexing, so that the buffers in all modules are updated in batch 5, which is equivalent to the initialization operation performed in batch 1. It should be understood that the bulk update of batch 1 corresponds to an initialization operation, and the bulk update of batch 5 is triggered if the divisor and bit width of the present division operation are different from those of the previous division operation, and if the bit width changes beyond a range that allows the second parameter and the third parameter to be multiplexed. As described above, table 1 shows the parameter multiplexing and the module multiplexing in the case where the division device 300 processes a plurality of batches of data. The module marked as multiplexing in table 1 means that the parameter of the last division operation stored in the buffer in the module can be multiplexed in the calculation flow of the division operation of the batch of data, so that the overall calculation efficiency can be improved and the energy consumption can be saved. In the application scenario of the privacy calculation, the division operation apparatus 300 is used for a division operation with a large integer bit width, for example, in the Paillier decryption algorithm, and a plurality of dividends sent to the division operation apparatus 300 within a certain time period may generally apply to the same divisor, for example, the dividends are based on a plurality of ciphertext to be Paillier decrypted, and the divisor is based on a common public key of the plurality of ciphertext. Alternatively, different divisors may be used for the dividends, but there is a relationship between the different divisors, for example, the public key decrypted by Paillier may be expressed as a product of two prime numbers with the same length, and the divisors are based on the respective prime numbers that make up the public keys. Therefore, the divisors of the plurality of batches of data transmitted to the division operation device 300 are multiplexed, and the bit widths of the different divisors are often the same or have little variation. Through parameter multiplexing and module multiplexing of the division operation device 300, the characteristics that divisors and bit widths are the same or change slightly can be fully utilized, so that the overall efficiency of the flow-type processing of a plurality of division operation under the privacy calculation application scene is optimized.

Thus, the division operation of the division operation in the division operation apparatus 300 shown in fig. 3 is simplified to mainly include the combination of the shift operation and the multiplication operation of the fixed number, so that there is no need to perform multiple iterative operations, and there is no need to involve complex operations for determining the quotient result in the iterative operations, which is beneficial to improving the calculation speed and saving hardware resources. In addition, the simplified shift operation and multiplication operation can be applied to data with any bit width, the overall operation complexity is not particularly complicated due to large-bit-width data, and the overall calculation flow is not additionally provided with additional operation due to large-integer-bit-width data, so that the method is applicable to division operation of large integer bit width involved in privacy calculation. And if different dividends are suitable for the same divisor, the same main parameter can be suitable for the same divisor, which means that the calculation processes of division operations of respective integer division operations of the dividends suitable for the same divisor can multiplex the same main parameter, and can also multiplex the bit width, the first parameter, the second parameter and the third parameter, thereby being beneficial to improving the overall efficiency of pipeline processing of a plurality of division operations through parameter multiplexing and module multiplexing. And if the divisors corresponding to different dividends are determined to have the same bit width according to the formula (1), the bit width, the first parameter, the second parameter and the third parameter can be multiplexed, so that the same first fixed bit number and the same second fixed bit number can be multiplexed, namely, the respective divisors are only needed to be adopted in a multiplication link to calculate corresponding main parameters, and the overall efficiency of pipeline processing of a plurality of division operation operations is improved through parameter multiplexing and module multiplexing. And the first parameter R as a power base number determines a data bit width specification of a multiplication link, and the first parameter R can be flexibly configured according to actual needs, for example, according to an interface specification of a multiplication module or a multiplication circuit for large integer multiplication, so that the hardware implementation has more flexible adaptability. And the second parameter and the third parameter are used for determining the fixed number of the displacement operation and can be used for adjusting the error and the precision of the final calculation, so that the efficiency and the precision of the overall calculation can be improved by fine-tuning the second parameter and the third parameter.

Fig. 4 is a schematic structural diagram of a data processing system including the division operation apparatus shown in fig. 3 according to an embodiment of the present application. As shown in fig. 4, data processing system 400 includes a transceiver interface 401, a main memory 402, a main processor 403, and a division unit 410. The division device 410 has a structure similar to that of the division device 300 shown in fig. 3, and will not be described herein again, and the division device 410 is used for receiving dividends and divisors and outputting division results, i.e., quotients. Data processing system 400 also includes a number of modules for other arithmetic operations to accomplish specific algorithmic requirements in conjunction with division arithmetic device 410. For exemplary purposes only and not by way of limitation, data processing system 400 may include modular exponentiation means 420 for modular exponentiation operations, subtraction means 421 for subtraction operations, modular multiplication means 423 for modular multiplication operations, multiply-add means 424 for multiply-add operations, modular subtraction means 425 for modular subtraction operations, and modular exponentiation means 426 for modular exponentiation operations. It should be understood that the respective functions or structures of these arithmetic devices may be recombined or improved or adjusted. These may be adjusted according to actual requirements, and are not specifically limited herein. For example, one Paillier decryption algorithm includes performing a modular exponentiation operation, a subtraction operation, a division operation, and a modular multiplication operation in sequence. The division operation requires a public key as a divisor. The data processing system 400 may invoke the modular exponentiation means 420, the subtraction means 421, and the modular multiplication means 423 to perform the Paillier decryption algorithm in cooperation with the division means 410. For another example, another Paillier decryption algorithm includes performing a modular exponentiation operation, a division operation, a modular multiplication operation, a modular subtraction operation, a modular multiplication operation, a multiplication and addition operation, and a modular operation in sequence. The data processing system 400 may invoke the modular exponentiation means 420, the modular multiplication means 423, the modular subtraction means 425, the multiplication and addition means 424, and the modular extraction means 426 to perform the Paillier decryption algorithm in cooperation with the division means 410. Data processing system 400 may also include devices for performing other arithmetic operations, such as a Montgomery arithmetic device for Montgomery arithmetic operations, or any other suitable component. Data processing system 400 is used to pipeline data related to privacy computations. The transceiving interface 401 of the data processing system 400 is used for receiving data from the outside and outputting the result, and may be used for receiving ciphertext for Paillier decryption from the outside and outputting decrypted plaintext, for example. Main memory 402 and main processor 403 of data processing system 400 are used to coordinate the performance of specific algorithmic requirements. For example, main memory 402 may hold a configuration for initializing division device 410, a setting table including first parameters, and the like. The main processor 403 may be used to calculate the main parameter and import the calculated main parameter into a main parameter buffer inside the division unit 410, and may also be used to set the first parameter of the division unit 410.

In this way, the data processing system 400 includes the division operation device 410 and other components, so that the division operation device 410 can be utilized to optimize the overall efficiency of the hydrodynamic processing of multiple division operation operations, and the division operation operations with large integer bit widths have better calculation speed and hardware resource utilization efficiency simultaneously in the complex application scenarios of private calculation and federal learning.

The embodiments provided herein may be implemented in any one or combination of hardware, software, firmware, or solid state logic circuitry, and may be implemented in connection with signal processing, control, and/or application specific circuitry. Particular embodiments of the present application provide an apparatus or device that may include one or more processors (e.g., microprocessors, controllers, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs), etc.) that process various computer-executable instructions to control the operation of the apparatus or device. Particular embodiments of the present application provide an apparatus or device that can include a system bus or data transfer system that couples the various components together. A system bus can include any of a variety of different bus structures or combination of different bus structures, such as a memory bus or memory controller, a peripheral bus, a universal serial bus, and/or a processor or local bus that utilizes any of a variety of bus architectures. The devices or apparatuses provided in the embodiments of the present application may be provided separately, or may be part of a system, or may be part of other devices or apparatuses.

Particular embodiments provided herein may include or be combined with computer-readable storage media, such as one or more storage devices capable of providing non-transitory data storage. The computer-readable storage medium/storage device may be configured to store data, programmers and/or instructions that, when executed by a processor of an apparatus or device provided by embodiments of the present application, cause the apparatus or device to perform operations associated therewith. The computer-readable storage medium/storage device may include one or more of the following features: volatile, non-volatile, dynamic, static, read/write, read-only, random access, sequential access, location addressability, file addressability, and content addressability. In one or more exemplary embodiments, the computer-readable storage medium/storage device may be integrated into a device or apparatus provided in the embodiments of the present application or belong to a common system. The computer-readable storage medium/memory device may include optical, semiconductor, and/or magnetic memory devices, etc., and may also include Random Access Memory (RAM), flash memory, read-only memory (ROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), registers, a hard disk, a removable disk, a recordable and/or rewriteable Compact Disc (CD), a Digital Versatile Disc (DVD), a mass storage media device, or any other form of suitable storage media.

The above is an implementation manner of the embodiments of the present application, and it should be noted that the steps in the method described in the embodiments of the present application may be sequentially adjusted, combined, and deleted according to actual needs. In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments. It is to be understood that the embodiments of the present application and the structures shown in the drawings are not to be construed as particularly limiting the devices or systems concerned. In other embodiments of the present application, an apparatus or system may include more or fewer components than the specific embodiments and figures, or may combine certain components, or may separate certain components, or may have a different arrangement of components. Those skilled in the art will understand that various modifications and changes may be made in the arrangement, operation, and details of the methods and apparatus described in the specific embodiments without departing from the spirit and scope of the embodiments herein; without departing from the principles of embodiments of the present application, several improvements and modifications may be made, and such improvements and modifications are also considered to be within the scope of the present application.

Claims (20)

1. A division operation apparatus, comprising:

a first shifter, wherein the first shifter is configured to shift the dividend to the right by a first fixed number of bits to obtain an intermediate result;

a multiplier, wherein the multiplier is configured to multiply the intermediate result and a main parameter to obtain a multiplication result; and

a second shifter, wherein the second shifter is configured to shift the multiplication result to the right by a second fixed bit number;

wherein a division result is determined according to an output result of the second shifter, the division result being a quotient of the dividend and the divisor,

wherein the division operation device stores a divisor, a first fixed digit, and a second fixed digit corresponding to another dividend, respectively, and the division operation device is further configured to:

comparing the divisor to a divisor corresponding to the other dividend;

and when the divisor is the same as the divisor corresponding to the other dividend, taking a first fixed digit corresponding to the other dividend as the first fixed digit, and taking a second fixed digit corresponding to the other dividend as the second fixed digit.

2. The division operation apparatus of claim 1 wherein the division operation apparatus further holds a bit width of a divisor corresponding to the another dividend, the division operation apparatus further configured to:

when the divisor is different from the divisor corresponding to the other dividend, comparing the bit width of the divisor with the bit width of the divisor corresponding to the other dividend, wherein the bit width of the divisor is obtained by performing downward rounding operation on the logarithm of the divisor with the first parameter as the base;

and when the bit width of the divisor is the same as the bit width of the divisor corresponding to the other dividend, taking a first fixed bit number corresponding to the other dividend as the first fixed bit number, and taking a second fixed bit number corresponding to the other dividend as the second fixed bit number.

3. The division operation apparatus of claim 2, wherein the division operation apparatus is further configured to:

and when the bit width of the divisor is different from the bit width of the divisor corresponding to the other dividend, respectively calculating the first fixed bit number and the second fixed bit number according to the bit width of the divisor.

4. The division operation apparatus of claim 1 wherein the main parameter is determined according to a first parameter, a second parameter, a bit width of the divisor, and the divisor, wherein the bit width of the divisor is determined according to the first parameter and the divisor, wherein the first fixed bit is determined according to the first parameter, the bit width of the divisor, and a third parameter, and wherein the second fixed bit is determined according to the first parameter, the bit width of the divisor, the second parameter, and the third parameter.

5. The division device of claim 4 wherein the first parameter is determined according to an interface specification of a multiplication device with which the division device cooperates.

6. The apparatus of claim 5, wherein the bit width of the divisor is obtained by rounding down the logarithm of the divisor based on the first parameter.

7. The division operation apparatus as claimed in claim 6, wherein the second parameter and the third parameter are respectively changed in accordance with a change in bit width of the divisor.

8. The division operation apparatus as claimed in claim 7, wherein the second parameter and the third parameter are respectively changed according to a change in bit width of the divisor, comprising:

when the change of the bit width of the divisor is within a preset range, the second parameter and the third parameter are respectively kept unchanged.

9. The division device of claim 8 wherein the division device adjusts the precision of the division result by adjusting the second parameter and the third parameter.

10. The division operation apparatus according to any one of claims 1 to 9, further comprising an adder, wherein the adder is configured to perform a one-adding operation on the output result of the second shifter to obtain the division operation result.

11. A method of division, the method comprising:

calculating a main parameter according to a divisor, a first parameter, a second parameter and a bit width, wherein the bit width is determined according to the first parameter and the divisor;

shifting the dividend to the right by a first fixed bit number to obtain an intermediate result, wherein the first fixed bit number is determined according to the first parameter, the bit width and a third parameter;

multiplying the intermediate result and the main parameter to obtain a multiplication result; and

shifting the multiplication result to the right by a second fixed digit, and adding a positive integer 1 to obtain a quotient of the dividend and the divisor, wherein the second fixed digit is determined according to the first parameter, the bit width, the second parameter and the third parameter,

wherein the second parameter and the third parameter are respectively changed according to the change of the bit width, and the second parameter and the third parameter can be adjusted so as to adjust the precision of the division operation result.

12. The method of division as claimed in claim 11, wherein said bit width is determined from said first parameter and said divisor, comprising: the bit width is obtained by rounding down the logarithm of the divisor based on the first parameter.

13. The method of division according to claim 12, wherein said second parameter and said third parameter each vary according to a variation of said bit width, comprising:

when the change of the bit width of the divisor is within a preset range, the second parameter and the third parameter are respectively kept unchanged.

14. A method of division as claimed in any one of claims 11 to 13 wherein the first parameter is determined in accordance with the requirements of a large integer multiplication operation to which the result of the division is related.

15. A data processing system for processing a first division operation, the first division operation corresponding to a first dividend and a first divisor, the data processing system comprising:

a first shifter, wherein the first shifter is configured to shift the first dividend to the right by a first fixed number of bits resulting in an intermediate result;

a multiplier, wherein the multiplier is configured to multiply the intermediate result and a main parameter to obtain a multiplication result;

a second shifter, wherein the second shifter is configured to shift the multiplication result to the right by a second fixed bit number, wherein a processing result of the first division operation is determined from an output result of the second shifter;

a division module, wherein the division module stores a second divisor, and the second divisor corresponds to a second division operation;

a bit width module, wherein the bit width module stores a second bit width, and the second bit width corresponds to the second divisor;

a first fixed-bit module, wherein the first fixed-bit module comprises a first fixed-bit buffer that stores a first fixed bit of the second division operation; and

a second fixed-bit digital module, wherein the second fixed-bit digital module includes a second fixed-bit buffer that holds a second fixed bit of the second division operation,

when the first divisor is the same as the second divisor, the first fixed digit module sends the first fixed digit of the second division operation to the first shifter as the first fixed digit, and the second fixed digit module sends the second fixed digit of the second division operation to the second shifter as the second fixed digit.

16. The data processing system of claim 15, wherein the first fixed bit number module sends a first fixed bit number of the second division operation to the first shifter as the first fixed bit number and the second fixed bit number module sends a second fixed bit number of the second division operation to the second shifter as the second fixed bit number when the first divisor is different from the second divisor and the bit width of the first divisor is the same, wherein the bit width of the first divisor is obtained by rounding down the logarithm of the first divisor based on a preset first parameter.

17. The data processing system of claim 16, wherein the principal parameter is determined according to the first parameter, a second parameter, a bit width of the first divisor, and the first divisor, the data processing system being operable to adjust the precision of the first division operation by adjusting the second parameter.

18. The data processing system of claim 17, wherein when the first divisor is different from the second divisor and the bit width of the first divisor is different from the second bit width, the first fixed-bit digital module calculates a first fixed bit number for the first division operation based on the first parameter, the bit width of the first divisor, and a third parameter and replaces the first fixed bit number for the second division operation stored in the first fixed-bit buffer with the first fixed bit number for the first division operation, the second fixed-bit digital module calculates a second fixed bit number for the first division operation based on the first parameter, the divisor for the first bit width, the second parameter, and the third parameter and replaces the second fixed bit number for the second division operation stored in the second fixed-bit buffer with the second fixed bit number for the first division operation, the first fixed bit number of the first division operation is taken as the first fixed bit number, and the second fixed bit number of the first division operation is taken as the second fixed bit number.

19. The data processing system of claim 18, further comprising:

a second parameter module, wherein the second parameter module comprises a second parameter buffer that stores a second parameter of the second division operation; and

a third parameter module, wherein the third parameter module includes a third parameter buffer that stores a third parameter for the second division operation,

when the variation of the bit width of the first divisor relative to the second bit width is within a preset range, a second parameter of the second division operation is taken as the second parameter, a third parameter of the second division operation is taken as the third parameter,

when the bit width of the first divisor is changed beyond the preset range relative to the second bit width, the second parameter module calculates a second parameter of the first division operation and replaces the second parameter of the second division operation stored in the second parameter buffer with the second parameter of the first division operation, and the third parameter module calculates a third parameter of the first division operation and replaces the third parameter of the second division operation stored in the third parameter buffer with the third parameter of the first division operation.

20. The data processing system of any of claims 15 to 19, wherein the data processing system is for a Paillier decryption algorithm, the first division operation is based on the Paillier decryption algorithm, and the first divisor is based on a public key of the Paillier decryption algorithm.

Images