CN113821814A - Model file generation and analysis method, device, equipment and storage medium - Google Patents

Model file generation and analysis method, device, equipment and storage medium Download PDF

Info

Publication number
CN113821814A
CN113821814A CN202111158817.8A CN202111158817A CN113821814A CN 113821814 A CN113821814 A CN 113821814A CN 202111158817 A CN202111158817 A CN 202111158817A CN 113821814 A CN113821814 A CN 113821814A
Authority
CN
China
Prior art keywords
vector
data
model file
initial vector
device information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111158817.8A
Other languages
Chinese (zh)
Inventor
杨科
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Didi Infinity Technology and Development Co Ltd
Original Assignee
Beijing Didi Infinity Technology and Development Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Didi Infinity Technology and Development Co Ltd filed Critical Beijing Didi Infinity Technology and Development Co Ltd
Priority to CN202111158817.8A priority Critical patent/CN113821814A/en
Publication of CN113821814A publication Critical patent/CN113821814A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself

Abstract

Disclosed is a method for generating a model file for data, comprising: randomly generating an initial vector; acquiring equipment information of the terminal equipment loaded with the data; modifying the initial vector based on the device information to determine an offset vector; and generating a model file for the data based on the offset vector. A method, a device, equipment and a storage medium for analyzing the model file of the data are also disclosed.

Description

Model file generation and analysis method, device, equipment and storage medium
Technical Field
The present disclosure relates to the field of data security technologies, and in particular, to protection of a data model, and in particular, to a method, an apparatus, a device, and a storage medium for generating and parsing a model file.
Background
With the development of big data technology, the big data era has come, and data security draws more and more attention. During the use of data, it is necessary to fully secure the data and prevent the data from being stolen, so as to avoid damage to the service and economic loss.
Disclosure of Invention
The disclosure provides a method, a device, equipment, a storage medium and a computer program product for generating and analyzing a model file.
According to an aspect of the present disclosure, there is provided a method for generating a model file for data, including: randomly generating an initial vector; acquiring equipment information of the terminal equipment loaded with the data; modifying the initial vector based on the device information to determine an offset vector; and generating a model file for the data based on the offset vector.
According to an embodiment, the method further comprises: randomly generating an encryption key; wherein the modifying the initial vector based on the device information to determine an offset vector is modifying the initial vector based on the device information and the encryption key to determine an offset vector.
According to an embodiment, modifying the initial vector to determine an offset vector based on the device information comprises: generating a vector check code based on the device information and the initial vector; modifying at least one preset bit of the initial vector according to the vector check code; and determining the modified initial vector as the offset vector.
According to an embodiment, generating a vector check code based on the device information and the initial vector comprises: splicing the equipment information and the initial vector into a first check vector; and determining a cyclic redundancy check code of the first check vector as the vector check code.
According to an embodiment, modifying the initial vector to determine an offset vector based on the device information and the encryption key comprises: generating a vector check code based on the device information, the encryption key | and the initial vector; modifying at least one preset bit of the initial vector according to the vector check code; and determining the modified initial vector as the offset vector.
According to an embodiment, generating a vector check code based on the device information, the encryption key | and the initial vector comprises: concatenating the device information, the encryption key | and the initial vector into a second check vector; and determining a cyclic redundancy check code of the second check vector as the vector check code.
According to an embodiment, generating a model file for the data based on the offset vector comprises: updating encryption information for a model file for the data based on the offset vector.
According to an embodiment, the method further comprises: before randomly generating an initial vector, determining the loading times of the data through the model file, and randomly generating the initial vector if the loading times are more than 0.
According to an embodiment, the method further comprises: encrypting the data according to the encryption key and the initial vector.
According to an embodiment, the data is encrypted based on the AES method in accordance with the encryption key and the initial vector.
According to an embodiment, the method further comprises: storing the encryption key in a memory of the terminal device.
According to an embodiment, the device information comprises a MAC address of the terminal device.
According to another aspect of the present disclosure, there is provided a parsing method for a model file of data, including: obtaining an offset vector from a model file for data, the model file being generated by any of the methods described above; acquiring equipment information of the terminal equipment loaded with the model file; determining an initial vector based on the device information and the offset vector; and parsing the model file based on the initial vector.
According to an embodiment, the method further comprises: acquiring an encryption key from the terminal equipment; wherein the determining an initial vector based on the device information and the offset vector is determining an initial vector based on the device information, the encryption key, and the offset vector.
According to an embodiment, determining an initial vector based on the device information and the offset vector comprises: determining a vector check code according to at least one preset bit of the offset vector; and determining the initial vector based on the device information and a relationship between the initial vector and the vector check code; the relationship between the device information and the initial vector and the vector check code comprises that the vector check code is obtained by calculating a cyclic redundancy check code of a first check vector obtained by splicing the device information and the initial vector.
According to an embodiment, determining an initial vector based on the device information, the encryption key and the offset vector comprises: determining a vector check code based on at least one preset bit of the offset vector; and determining the initial vector based on the device information, the encryption key, and a relationship between the initial vector and the vector check code; wherein the relationship between the device information, the encryption key, and the initial vector and the vector check code comprises that the vector check code is obtained by calculating a cyclic redundancy check code of a second check vector spliced by the device information, the encryption key, and the initial vector.
According to an embodiment, the method further comprises: decrypting the data according to the encryption key and the initial vector.
According to another aspect of the present disclosure, there is provided a generation apparatus of a model file for data, including: a generation module configured to randomly generate an initial vector; the first acquisition module is configured to acquire the device information of the terminal device loaded with the data; a modification module configured to modify the initial vector based on the device information to determine an offset vector; and a model generation module configured to generate a model file for the data based on the offset vector.
According to another aspect of the present disclosure, there is provided an apparatus for parsing a model file for data, including: a second obtaining module configured to obtain an offset vector from a model file for data, the model file being generated by any one of the above-mentioned methods; the third acquisition module is configured to acquire the device information of the terminal device loaded with the model file; a determination module configured to determine an initial vector based on the device information and the offset vector; and a model parsing module configured to parse the model file based on the initial vector.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the above-described method.
According to another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the above method.
According to another aspect of the present disclosure, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the above-described method.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a schematic diagram of an application scenario according to an embodiment of the present disclosure;
FIG. 2 is a flow chart of a method of generating a model file for data according to an embodiment of the present disclosure;
FIG. 3 is a flow chart of a method of generating a model file for data according to another embodiment of the present disclosure;
FIG. 4 is an example process of generating a vector check code according to an embodiment of the disclosure;
FIG. 5 is an example process of generating a vector check code according to another embodiment of the present disclosure;
FIG. 6 is a flow diagram of a method of parsing a model file for data according to an embodiment of the present disclosure;
FIG. 7 is an example process of a parsing method for a model file of data according to an embodiment of the disclosure;
FIG. 8 is an example of secondary encryption and decryption of loaded data on a terminal device according to an embodiment of the disclosure;
FIG. 9 is a block diagram of an apparatus for generating a model file for data according to an embodiment of the present disclosure;
FIG. 10 is a block diagram of a parsing device for a model file of data according to an embodiment of the disclosure; and
FIG. 11 is a block diagram of an electronic device used to implement methods of embodiments of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Edge calculation refers to an arithmetic procedure that is performed using an edge zone close to a data source. Compared with the traditional cloud computing, the method has the characteristics of small delay, high real-time performance, small bandwidth occupation and the like. The edge computing terminal is a terminal device for edge computing, and the terminal device generally has a small volume and power, but has a strong computing power due to a special AI (Artificial Intelligence) acceleration chip. Therefore, the terminal equipment is convenient to deploy, has high computational power, and is very suitable for performing some data processing on the edge side, such as real-time video analysis.
Fig. 1 is a schematic diagram of an application scenario according to an embodiment of the present disclosure. As shown in fig. 1, 101 represents a centralized computing center with powerful computing capabilities, e.g., servers, cloud computing devices, etc. 102. 103 and 104 represent terminal devices communicatively connected to 101. In the architecture shown in fig. 1, 102, 103, and 104 may be any electronic device including, but not limited to, a personal computer, a personal data assistant PDA, a smart phone, a wearable device, and the like. The edge computation may be implemented using the terminal devices 102, 103, and 104, or edge computation terminals may be deployed on the terminal devices 102, 103, and 104 to implement the edge computation. The edge computing can effectively reduce the computing burden of the server or the cloud computing device 101, thereby improving the data computing capacity of the whole network.
Performing edge computations on a terminal device requires deploying an algorithmic model and corresponding programs on the terminal device, with the algorithmic model being the most valuable. Because of the production of the algorithm model, not only is a great deal of experience required, but also a large number of training sets of data are required. Taking images as an example, the number of images in the training set is generally counted in ten thousand. The sampling and labeling of the data set takes a lot of time and money, and finally a real practical algorithm model can be trained. In order to protect the produced algorithm model, the produced algorithm model needs to be encrypted.
The related model encryption method mainly comprises a method for encrypting by using the same key aiming at different terminal equipment, a method for encrypting by using different keys aiming at different terminal equipment and a method based on server authentication. The method of using the same key for encryption for different terminal devices is to encrypt a model using the same key on the server side (e.g., at device 101), where the encrypted model may run on a plurality of different terminal devices. The disadvantage of this method is that the algorithm model and the program can be copied arbitrarily between different terminal devices, which is not favorable for the protection of the model.
The method for encrypting different keys aiming at different terminal devices is to generate different algorithm models for each terminal device independently, and each encrypted model can only run on one terminal device uniquely. The disadvantage of this method is that the cost of generating different algorithm models for each terminal device and the cost of deployment are linearly increased in the case of a large number of terminal devices. Furthermore, when the model is upgraded remotely, different upgrade packages need to be issued for each terminal device, which is very high in cost. The method is only suitable for scenes with a small number of terminal devices.
Based on the server authentication method, the terminal equipment communicates with the server, and the server authenticates the terminal equipment at intervals. When using the algorithm model reasoning, depending on the authentication result, the algorithm model cannot operate if the authentication is not passed. The disadvantage of this approach is that it relies on a remote server, requiring server support, which equates to increased complexity and cost of using the algorithmic model.
The embodiment of the disclosure provides a model encryption method which does not depend on server authentication and can bind an algorithm model to be protected and a terminal device with each other.
FIG. 2 is a flow diagram of a method 200 of generating a model file for data according to an embodiment of the present disclosure. The method 200 for generating a model file for data can be applied to terminal devices (e.g., terminal devices 101, 102, and 103) to perform edge calculation on the terminal devices. As shown in fig. 2, the method 200 includes the steps of:
in step S210, an initial vector is randomly generated.
In step S220, device information of the terminal device loaded with the data is acquired.
In step S230, the initial vector is modified based on the device information to determine an offset vector.
In step S240, a model file for the data is generated based on the offset vector.
According to an embodiment, the model is encrypted using the AES (Advanced Encryption Standard) algorithm. The standard AES encryption bit width is 128 bits per block, and the key may be 128 bits, 192 bits or 256 bits, commonly referred to as AES-128, AES-192 or AES-256. Theoretically, the more bits of the key, the less easy it is to break, but at the same time, it may take longer calculation to break. In the embodiment of the present disclosure, the AES-128 algorithm is used for encryption.
Specifically, in step S210, the initial vector used in encryption is randomly acquired by the terminal device to which the model or data is to be loaded. In step S220, the acquired device information of the terminal device may include, but is not limited to, a MAC address of the terminal device. In step S230, the initial vector is modified based on the device information. In a specific embodiment, the values of a preset number of bits in the initial vector are modified, and these modified bits contain device information of the terminal device. In step S240, generating the model file for the data based on the offset vector may include updating encryption information in the model file for the data based on the offset vector. In particular embodiments, generating the model file for the data based on the offset vector may include writing the offset vector in a preset field of the model file.
The offset vector obtained according to the embodiment of the present disclosure may simultaneously include information of the randomly generated initial vector and device information of the terminal device, but the offset vector cannot be directly used for decrypting data, which may not only avoid leakage of the initial vector, but also bind the encryption and decryption processes with the terminal device, thereby avoiding the model file from being copied to different terminal devices. Therefore, according to the method for generating the model file for the data, which is disclosed by the embodiment of the disclosure, the safety performance of the model file can be effectively improved.
FIG. 3 is a flow diagram of a method 300 of generating a model file for data according to another embodiment of the present disclosure. As shown in fig. 3, the method 300 for generating a model file for data includes the following steps:
in step S310, an initial vector and an encryption key are randomly generated.
In step S320, data is encrypted according to the encryption key and the initial vector.
In step S330, device information of the terminal device loaded with the data is acquired.
In step S340, the initial vector is modified based on the device information to determine an offset vector.
In step S350, a model file for the data is generated based on the offset vector.
In this embodiment, the operations performed in step S330, step S340 and step S350 are the same as the operations performed in step S220, step S230 and step S240, and are not described again here.
With the current computing power, brute force cracking of data encrypted by AES is almost impossible. Thus, in embodiments of the present disclosure, the requirements may be met using AES-128. In addition, many existing hardware chips and software tools support AES, and the AES algorithm is used for encryption and decryption, so that the performance is very high.
The AES algorithm is a standardized method that generally includes the following steps: first, data to be encrypted is partitioned, and the data partitions are arranged in a matrix form. For example, each data chunk contains 128 bits, and is arranged in the form of a 4X4 matrix, each matrix element containing one byte (8 bits). Then, byte substitution, row shifting, column obfuscation, and round key addition operations are performed in sequence for each data partition, respectively. The byte replacement is to perform byte replacement on each matrix element in the data block matrix by using a preset matrix. The row shift is a cyclic adjustment for the position of the bytes of a preset row in the matrix. The column confusion is realized by matrix multiplication, and a data block matrix after row shifting is multiplied by a preset fixed matrix to obtain a confused state matrix. Round key addition is the bitwise exclusive-or operation of the encryption key for each round (i.e., the key for each data block matrix) with the data in the state matrix.
The various steps of the encryption operation described above may be combined differently. Common encryption modes for AES encryption include, for example, an ECB (Electronic Code Book) mode, a CBC (Cipher Block Chaining) mode, a CTR (Counter) mode, a CFB (Cipher Feedback) mode, or an OFB (Output Feedback) mode. The encryption mode may be selected based on encryption requirements, for example, in embodiments of the present disclosure, the CBC mode is selected for encryption. CBC mode is a mode in which each block of data is xor-ed with another selected block of data before being encrypted, thus effectively destroying the encrypted data. In general, to maintain the randomness of the selected data block, the ciphertext (encrypted data block) of the previous data block is selected in the CBC mode. For the first data block in CBC mode, an initial vector may be preset as the selected data block because there is no encryption result for the previous data block.
In the embodiment of the disclosure, the initial vector and the encryption key used for encrypting the data are randomly generated, so that the encryption algorithm can be effectively prevented from being cracked.
In the embodiment of the present disclosure, the method for encrypting data is not particularly limited, and the encryption method may be selected within the scope of the technical idea of the embodiment.
According to the embodiment of the disclosure, because a universal standardized data encryption method is adopted, the encryption speed is high, the security is high, and the data is not easy to crack. Meanwhile, aiming at the randomly generated initial vector, the initial vector is modified to avoid the acquisition and the leakage of the initial vector, and the safety of the encryption method is further improved. The initial vector is modified based on the equipment information of the terminal equipment, the model file and the terminal equipment can be bound with each other, data encryption and decryption are locally performed under the condition of not depending on a server, and edge calculation is arranged at a position adjacent to a data source, so that the overall safety is improved, the encryption (and decryption) speed is increased, and the system performance is improved.
According to an embodiment, modifying the initial vector based on the device information to determine the offset vector may comprise: the method includes generating a vector check code based on the device information and the initial vector, modifying at least one preset bit of the initial vector according to the vector check code, and determining the modified initial vector as an offset vector. In a specific embodiment, generating the vector check code based on the device information and the initial vector may include: and splicing the equipment information and the initial vector into a first check vector, and determining a cyclic redundancy check code of the first check vector as a vector check code. Fig. 4 is an example process of generating a vector check code according to an embodiment of the disclosure, which is described below in conjunction with fig. 4.
As shown in fig. 4, operation 401 performs a vector stitching operation that stitches and outputs the input vectors, including an initial vector (r) and device information (c), as a check vector (a first check vector). Operation 402 performs a check code generation operation that receives the check vector (c) and outputs a vector check code (c). Here, the method for generating the vector check code (r) may include any method capable of generating a check code, and the specific method for generating a check code is not limited by the embodiment of the present disclosure. In this example, a method of CRC (Cyclic Redundancy Check) is employed.
CRC methods generally include the steps of: specifically, the generating of the CRC vector check code includes: selecting a bit sequence used for performing modulo-2 division on data, taking the data to be verified as a dividend, taking the selected bit sequence as a divisor, performing modulo-2 division on the selected bit sequence and the divisor, and taking the obtained remainder as a vector check code. The number of bits of the vector check code can be set.
The implementation process of the CRC method is as follows:
Figure BDA0003289378070000091
for the character string needing to calculate the CRC check code, the following operations are carried out on each character:
crc=AddToCRC(B,crc)。
in this example, the vector check code is a byte containing 8 bits. It is easy to understand that when the vector check code is used to perform CRC check on data, the data to be checked and the preselected bit sequence are subjected to modulo-2 division, if the obtained remainder is the same as the vector check code, the check is passed, otherwise, the check fails.
Next, as shown in fig. 4, in operation 403, at least one preset bit in the initial vector (r) is modified based on the obtained vector check code. In a specific embodiment, the at least one preset bit may be arbitrarily selected, and the at least one preset bit may not be a continuous bit between the selected preset bits. In this example, the last byte at the end of the initial vector (r) is selected, containing 8 consecutive bits. In a specific embodiment, the method for modifying the at least one preset bit may also be a plurality of methods, for example, the method may be implemented based on a table lookup. In this example, an alternative method may be used, that is, each bit of the vector check code is substituted for each bit in the last byte of the initial vector (r), and the formed vector is output as the offset vector (c).
According to an embodiment of the present disclosure, it can be seen that a part of information of the original initial vector (r) is retained in the offset vector (c), for example, each bit of the offset vector (c) except for the last byte is equal to each corresponding bit of the initial vector (r). Meanwhile, the offset vector (c) does not contain information of all bits in the initial vector (r), that is, a specific value of the initial vector (r) cannot be known only through the offset vector (c).
In the embodiment of the disclosure, the randomly generated initial vector is not stored, and meanwhile, in the generated model file for the data, the value of the real initial vector is hidden by modifying the value of the preset bit of the initial vector, so that the security of the encryption and decryption processes for the algorithm model can be effectively ensured, and the performance of the model file is improved.
In the embodiment of the present disclosure, when the offset vector is generated, that is, in the process of generating the vector check code, the device information of the terminal device is used, that is, in the process of parsing the model file, the device information of the terminal device needs to be acquired to correctly parse and acquire the initial vector, and then the model file is parsed. However, the device information of a terminal device, such as the MAC address, is often specific to a terminal device, so that when the model file encrypted on a terminal device is copied to another terminal device, a correct initial vector cannot be obtained, and thus the parsing of the model file cannot be completed. Therefore, the embodiment of the present disclosure can prevent the model file from being copied and stolen, and can reliably secure the benefits of both the provider who provides the algorithm model and the customer who uses the algorithm model.
In an embodiment of the present disclosure, after the encryption key is randomly generated, modifying the initial vector based on the device information to determine the offset vector may further be: the initial vector is modified based on the device information and the encryption key to determine an offset vector.
According to an embodiment, modifying the initial vector to determine the offset vector based on the device information and the encryption key may include: generating a vector check code based on the device information, the encryption key | and the initial vector, and modifying at least one preset bit of the initial vector according to the vector check code; and determining the modified initial vector as an offset vector. In a specific embodiment, generating the vector check code based on the device information, the encryption key | and the initial vector may include: splicing the device information, the encryption key | and the initial vector into a second check vector, and determining a cyclic redundancy check code of the second check vector as a vector check code. Fig. 5 is an example process of generating a vector check code according to another embodiment of the present disclosure, which is described below in conjunction with fig. 5.
As shown in fig. 5, operation 501 performs a vector splicing operation that splices and outputs an input vector including an initial vector (r), device information (c), and an encryption key (c) as a check vector (second check vector). Operation 502 performs a check code generation operation that receives the check vector (c) and outputs a vector check code (c). Here, the method for generating the vector check code (r) may include any method capable of generating a check code, and the specific method for generating a check code is not limited by the embodiment of the present disclosure. Also, in this example, a CRC method may be employed.
Next, as shown in fig. 5, in operation 503, at least one preset bit in the initial vector (r) is modified based on the obtained vector check code. In a specific embodiment, the at least one preset bit may be arbitrarily selected, and the at least one preset bit may not be a continuous bit between the selected preset bits. In this example, the last byte at the end of the initial vector (r) is selected, containing 8 consecutive bits. In a specific embodiment, the method for modifying the at least one preset bit may also be a plurality of methods, for example, the method may be implemented based on a table lookup. In this example, an alternative method may be used, that is, each bit of the vector check code is substituted for each bit in the last byte of the initial vector (r), and the formed vector is output as the offset vector (c).
According to an embodiment of the present disclosure, it can be seen that a part of information of the original initial vector (r) is retained in the offset vector (c), for example, each bit of the offset vector (c) except for the last byte is equal to each corresponding bit of the initial vector (r). Meanwhile, the offset vector (c) does not contain information of all bits in the initial vector (r), that is, a specific value of the initial vector (r) cannot be known only through the offset vector (c).
In the embodiment of the disclosure, the randomly generated initial vector is not stored, and meanwhile, in the generated model file for the data, the value of the real initial vector is hidden by modifying the value of the preset bit of the initial vector, so that the security of the encryption and decryption processes of the algorithm model can be effectively guaranteed, and the performance of the model file is improved.
In the embodiment of the present disclosure, when generating the offset vector, that is, in the process of generating the vector check code, the device information of the terminal device and the randomly generated encryption key are used at the same time, that is, in the process of parsing the model file, it is necessary to obtain both the device information of the terminal device and the randomly generated encryption key to correctly parse and obtain the initial vector, and further parse the model file. In general, device information of a terminal device, such as a MAC address, is often unique to a terminal device. However, with the development of computer technology, there is a case where device information (for example, MAC addresses) is forged. The encryption key is randomly generated in the process of processing data by the previous terminal device, and the encryption key and the data are used together, so that the binding relationship between the generation and analysis processes of the model file and one terminal device can be ensured. Thus, when a model file generated on one terminal device is copied to another terminal device, a correct initial vector cannot be obtained, and thus parsing of the model file cannot be completed. Therefore, the embodiment of the disclosure can further prevent the model file from being copied and stolen, and can more reliably guarantee the benefits of both the provider providing the algorithm model and the customer using the algorithm model.
Fig. 6 is a flowchart of a method 600 for parsing a model file for data according to an embodiment of the present disclosure, for parsing a model file for data generated according to the method of the above-described embodiment. As shown in fig. 6, the parsing method 600 may include the following steps:
in step S610, an offset vector is acquired from the model file for the data.
In step S620, device information of the terminal device loaded with the model file is acquired.
In step S630, an initial vector is determined based on the device information and the offset vector.
In step S640, the model file is parsed based on the initial vector.
Specifically, in step S610, encryption information associated with the encryption processing of the data is stored in the model file. The encryption information may comprise a plurality of bytes of information. Table 1 shows one example of a model file according to an embodiment of the present disclosure.
Table 1 example of model files
Figure BDA0003289378070000131
As shown in Table 1, the model file may be divided into two parts. The first part is the first 20 bytes, which records (or stores) the model version information, encryption mode and offset vector, and the last byte of the first part stores the encryption information check code which can be used for checking to prevent the information of the first 19 bytes from being tampered privately. The second part is AES-encrypted data. The first 21 bytes store maximum operation times, model length and model check code, which is used to check whether the decrypted model is complete and correct, and the later bytes store model data. It will be readily appreciated that the arrangement of the various fields in the model file is not fixed and may be increased, decreased, and adjusted as desired.
The specific meaning of each field is as follows:
the model version is defined as 2 bytes, representing a version of the model data (i.e., data) whose value is incremented from 1, the specific value being determined by the version used by the provider of the algorithm model.
The offset vector DV is defined as 16 bytes for storing the offset vector, which can be used for the generation and parsing of the model file of data on the terminal device. As can be seen from the foregoing embodiments, the offset vector is modified based on the initial vector, and is written into a field of the model file after the offset vector is calculated. Additionally, according to other embodiments, the length of the offset vector may be other lengths, determined by the byte length of the randomly generated initial vector.
It should be noted that, when the terminal device loads data for the first time, the offset vector field should be empty, and after the model file generation method according to the above embodiment is run on the terminal device, the offset vector may be obtained and written into the corresponding field of the model file. When a field is empty, the value of the field is represented by "0".
The encryption scheme is defined as 1 byte, and indicates the maximum number of operations, the model length, the model check code, and the mode in which all data including the second half of table 1 is encrypted. As described in the foregoing embodiment, in the case of performing encryption using the AES encryption method, the encryption mode may be ECB, CBC, CTR, CFB, OFB, or the like, and different modes are represented using different field values.
The encrypted information check code is defined as 1 byte and is used for checking whether the first 19 bytes are tampered or not, and the safety of the model file is further improved.
The maximum number of runs is defined as 1 byte. Generally, when data is loaded on a terminal device for the first time, the maximum operation times represents the initial loading times of the data, and at this time, the data may be initially encrypted by a common encryption method. If the secondary encryption cannot be completed on the terminal equipment, the maximum operation times limit the loadable times of the data on the terminal equipment. After the maximum number of runs is reached, the data cannot be loaded continuously. For example, a maximum number of runs of 3 may be defined, the number of runs being reduced by one per load, so that the data is locked after 3 loads.
The length of the model is defined as 4 bytes, which represents the original length of the data, and the length of the field can be set according to actual conditions.
The model verification code is defined as 16 bytes for verification of data integrity for the data itself. For example, the integrity of the original data may be verified using MD5(MD5 Message-Digest Algorithm, MD5 Message Digest).
Model data is n bytes of data.
In embodiments of the present disclosure, the stored offset vector may be read from an offset vector field in the encrypted information portion of the model file.
In step S620, the same operations as those in step S220 and step S330 are performed, and are not described herein again.
Next, in step S630, an initial vector is determined based on the device information and the offset vector. Here, the initial vector is obtained by reverse-deriving from the relationship between the device information, the initial vector, and the offset vector, that is, the relationship in which the offset vector is determined based on the device information and the initial vector. In a specific embodiment, the initial vector may be obtained by reverse-estimating based on the inverse operation of the vector check code. Further, after the initial vector is obtained, in step S640, the data is decrypted using the initial vector.
According to the embodiment of the disclosure, the randomly generated initial vector can be obtained by reverse-deducing according to the offset vector and the device information, and then the data is decrypted, so that not only can the leakage of the initial vector be avoided, but also the encryption and decryption processes can be bound with the terminal device, and thus the model file is prevented from being copied to different terminal devices. Therefore, according to the analysis method for the model file of the data, the safety performance of the model file can be effectively improved.
Further, in other embodiments, the encryption key may be obtained from a memory of the terminal device, and the data may be decrypted according to the encryption key and the initial vector. In a specific embodiment, when data encrypted by AES is decrypted, it is equivalent to performing an inverse operation on each step of the encryption operation, which is also a standardized process, and this is not limited by the embodiment of the present disclosure.
According to an embodiment, determining the initial vector based on the device information and the offset vector may comprise: determining a vector check code according to at least one preset bit of the offset vector, and determining an initial vector based on the device information and a relationship between the initial vector and the vector check code. According to an embodiment, the relationship between the device information and the initial vector and the vector check code may include that the vector check code is obtained by calculating a cyclic redundancy check code of a first check vector resulting from concatenation of the device information and the initial vector.
Further, in other embodiments, after obtaining the encryption key from the memory of the terminal device, based on the device information and the offset vector, determining the initial vector may be: an initial vector is determined based on the device information, the encryption key, and the offset vector.
According to an embodiment, determining the initial vector based on the device information, the encryption key, and the offset vector may include: determining a vector check code based on at least one preset bit of the offset vector, and determining an initial vector based on the device information, the encryption key, and a relationship between the initial vector and the vector check code. According to an embodiment, the possible relationship between the device information, the encryption key and the initial vector and the vector check code comprises that the vector check code is obtained by calculating a cyclic redundancy check code of a second check vector spliced by the device information, the encryption key and the initial vector.
It is easily understood that the process of determining the initial vector in the embodiment is the reverse operation of the process of generating the offset vector in the foregoing embodiment, and is explained below with reference to fig. 7.
FIG. 7 is an example process of a parsing method for a model file of data according to an embodiment of the disclosure. As shown in fig. 7, operation 701 performs an operation of obtaining a vector offset code (r) from an offset vector (c). In this example, the corresponding bit is obtained from the last byte of the offset vector (v). Next, operation 702 performs an operation of extrapolating back to the initial vector (r). As shown in fig. 7, a process of generating a vector check code (r) based on the device information (c) and the initial vector (r), or a process of generating a vector check code (r) based on the device information (c), the encryption key (c), and the initial vector (r) is shown in a dotted line box. The above process is reversely deduced to obtain an initial vector (r).
In the embodiment of the present disclosure, the data initially loaded on the terminal device, for example, the algorithm model deployed on the terminal device, may be an initial model file, a fixed encryption mode is adopted, and the maximum number of operations allowed by the data in the case of incomplete secondary encryption is defined in the model file. And after the data is loaded on the terminal equipment, regenerating a new random key, and re-encrypting the data according to the equipment information on the terminal equipment. The parsing of the newly generated model file depends on the device information on the terminal device, so that the re-encrypted data can only be run on the terminal device. If the device is replaced by other devices, the decryption fails because the corresponding device information cannot be acquired, so that the algorithm model cannot run. This prevents the algorithmic model from being copied from device a to device B. The secondary encryption and decryption aiming at the data are finished on the terminal equipment, and the remote authentication is not dependent on a server, so that the steps of encryption and decryption are simplified, and the performance of encryption and decryption is enhanced.
Fig. 8 is an example of secondary encryption and decryption of loaded data on a terminal device according to an embodiment of the present disclosure. This example shows a specific process of loading data on a terminal device, which is described below in conjunction with fig. 8.
As shown in fig. 8, loading of data on the terminal device is started, and in step S810, verification is performed using the encrypted information check code, that is, using the 20 th byte to verify the attribute information (shown in table 1) in the first 19 bytes. In step S820, it is determined whether the check is passed. For example, for CRC check, it is determined whether the resulting remainder is equal to the encrypted information check code. If the result of the determination is no, it indicates that information in the previous 19 bytes is tampered, and the security of the data (i.e. the algorithm model) cannot be guaranteed, so that the loading of the data is stopped, i.e. the loading fails, as shown in step S821. If the result of the judgment is yes, the attribute information in the previous 19 bytes is not tampered, the security of the data can be ensured, and the following operation can be continued. Next, in step S830, the model file is queried again to determine whether the offset vector DV field is empty. According to the foregoing embodiment, each bit is represented by "0" when the DV field is null. If the determination result is yes, the process proceeds to step S835. In step S835, initial decryption of data is performed. In particular embodiments, the data may be decrypted according to the encryption mode given by the encryption mode field of the model file. The initial encryption is the encryption performed on the data by the service provider for the sake of copyright or data security, etc. The initial decryption is typically provided by the service provider with a specific decryption method. The initial encryption and decryption may employ any suitable method, for example, AES encryption/decryption, symmetric encryption/decryption, and combined encryption/decryption methods, etc., which are not limited by the embodiments of the disclosure. After the initial decryption, in step S840, the maximum number of runs is continuously obtained from the maximum number of runs field (shown in table 1) of the model file, and it is determined whether the remaining number of runs of the data is greater than 0 according to the obtained value. If the judgment result is yes, the data is not subjected to secondary encryption, and then a secondary encryption process aiming at the data is started. If the result of the determination is negative, it indicates that the encryption for the data may have been performed before, but the encryption has failed, as shown in step S841. The reason for the data encryption failure may be due to various software or hardware reasons, for example, when a randomly generated encryption key is stored, the encryption failure is caused by a write failure.
After the data is decrypted in the memory, a secondary encryption process for the data is started, and in step S850, an encryption key and an initial vector are randomly generated. In particular, the encryption key may be written to the terminal device memory. The encryption key may be stored in Flash memory or EEPROM, for example. The initial vector is retained in memory for subsequent processing. In step S860, the data is encrypted using the encryption key and the initial vector. In step S870, a vector check code is generated based on the device information, the initial vector, and/or the encryption key. In step S880, an offset vector is generated using the vector check code. For the specific operation process from step S860 to step S880, reference may be made to the foregoing embodiment, which is not described herein again.
Next, in step S890, the offset vector is written to the DV field of the model file, i.e., the model file is updated. In particular embodiments, generating a model file for the data based on the offset vector may include: the encryption information for the model file of the data is updated based on the offset vector. Further, updating the model file for the data further includes, in step S860, updating a corresponding field of the model file for the data, that is, an encryption mode field, based on the employed encryption mode when encrypting the data. After updating the offset vector field and the encryption mode field in the model file, the encryption information check code field may be updated in combination with 19 bytes consisting of the model version (2 bytes), the offset vector (16 bytes), and the encryption mode (1 byte). For example, a CRC check code for the 19 bytes is generated. According to the updated information of each field in the model file and the stored encryption key, the model file can be analyzed.
As shown in fig. 8, if in step S830, it is determined that the value of the DV field is not empty, i.e., the determination result is no, then it is indicated that the data has already proceeded and successfully completed the process of the secondary encryption, and the data (i.e., the algorithm model) is to be run, and the parsing method of the model file according to the foregoing embodiment is executed. As shown in fig. 8, in step S831, the initial vector is obtained by reverse-deriving mainly the reverse-deriving for the offset vector generation process of step S850 to step S880. Next, in step S832, the model file is parsed from the encryption key and the initial vector.
It should be noted that, in the parsing process of the model file, the maximum operation times, that is, the remaining loading times of the data, no longer need to be verified, but only the integrity of the data needs to be verified through the MD 5.
According to an embodiment of the present disclosure, data is first encrypted on the server and a maximum number of runs is specified in the model file. After the data is deployed on the terminal equipment, the terminal equipment analyzes the data into the memory, and re-encryption is performed for the second time according to the equipment information of each terminal equipment. The encrypted data needs to depend on the equipment information of the terminal equipment when being decrypted, so that the data is prevented from being copied to other terminal equipment and being stolen.
The embodiment of the disclosure also provides a device for generating the model file aiming at the data. Fig. 9 is a block diagram of a generation apparatus 90 for a model file of data according to an embodiment of the present disclosure. The generation apparatus 90 for a model file of data includes a generation module 91, a first acquisition module 92, a modification module 93, and a model generation module 94.
According to an embodiment, the generation module 91 is configured to randomly generate an initial vector. The first obtaining module 92 is configured to obtain device information of the terminal device loaded with the data. The modification module 93 is configured to modify the initial vector based on the device information to determine an offset vector. The model generation module 94 is configured to generate a model file for the data based on the offset vector.
The specific operations of the functional modules may be obtained by referring to the operation steps of the method 200 for generating a model file for data in the foregoing embodiment, which are not described herein again.
The embodiment of the disclosure also provides an analysis device for the model file of the data. Fig. 10 is a block diagram of a parsing apparatus 100 for a model file of data according to an embodiment of the present disclosure. The parsing apparatus 100 for a model file of data includes a second obtaining module 101, a third obtaining module 102, a determining module 103, and a model parsing module 104.
According to an embodiment, the second retrieving module 101 is configured to retrieve the offset vector from the model file for the data. The third obtaining module 102 is configured to obtain device information of the terminal device loaded with the model file. The determination module 103 is configured to determine an initial vector based on the device information and the offset vector. Model parsing module 104 is configured to parse the model file based on the initial vector.
The specific operations of the above functional modules may be obtained by referring to the operation steps of the analysis method 600 for a model file of data in the foregoing embodiment, which is not described herein again.
Embodiments of the present disclosure also provide an electronic device for use in the above-described various methods. FIG. 11 is a block diagram of an electronic device 11 used to implement methods of embodiments of the present disclosure. Electronic equipment is intended to represent various forms of digital computers, or various forms of mobile devices, or other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 11, the apparatus 110 includes a computing unit 111 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM)112 or a computer program loaded from a storage unit 118 into a Random Access Memory (RAM) 113. In the RAM 113, various programs and data required for the operation of the device 110 can also be stored. The calculation unit 111, the ROM 112, and the RAM 113 are connected to each other by a bus 114. An input/output (I/O) interface 115 is also connected to bus 114.
A number of components in device 110 are connected to I/O interface 115, including: an input unit 116 such as a keyboard, a mouse, and the like; an output unit 117 such as various types of displays, speakers, and the like; a storage unit 118, such as a magnetic disk, optical disk, or the like; and a communication unit 119 such as a network card, a modem, a wireless communication transceiver, and the like. The communication unit 119 allows the device 110 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The computing unit 111 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of the computing unit 111 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and the like. The calculation unit 111 performs the respective methods and processes described above.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel, sequentially, or in different orders, as long as the desired results of the technical solutions disclosed in the present disclosure can be achieved, and the present disclosure is not limited herein.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.
The TS1. a method for generating a model file for data, comprising:
randomly generating an initial vector;
acquiring equipment information of the terminal equipment loaded with the data;
modifying the initial vector based on the device information to determine an offset vector; and
a model file for the data is generated based on the offset vector.
Ts2. the method of TS1, further comprising:
randomly generating an encryption key;
wherein the modifying the initial vector based on the device information to determine an offset vector is modifying the initial vector based on the device information and the encryption key to determine an offset vector.
Ts3. the method of TS1, wherein modifying the initial vector to determine an offset vector based on the device information comprises:
generating a vector check code based on the device information and the initial vector;
modifying at least one preset bit of the initial vector according to the vector check code; and
determining the modified initial vector as the offset vector.
Ts4. the method of TS3, wherein generating a vector check code based on the device information and the initial vector comprises:
splicing the equipment information and the initial vector into a first check vector; and
and determining the cyclic redundancy check code of the first check vector as the vector check code.
Ts5. the method of TS2, wherein modifying the initial vector to determine an offset vector based on the device information and the encryption key comprises:
generating a vector check code based on the device information, the encryption key, and the initial vector;
modifying at least one preset bit of the initial vector according to the vector check code; and
determining the modified initial vector as the offset vector.
Ts6. the method of TS5, wherein generating a vector check code based on the device information, the encryption key, and the initial vector comprises:
concatenating the device information, the encryption key | and the initial vector into a second check vector; and
determining a cyclic redundancy check code of the second check vector as the vector check code.
Ts7. the method of TS1, wherein generating a model file for the data based on the offset vector comprises:
updating encryption information in a model file for the data based on the offset vector.
Ts8. the method of TS7, further comprising:
before randomly generating an initial vector, determining the loading times of the data through the model file, and randomly generating the initial vector if the loading times are more than 0.
Ts9. the method of TS2, further comprising:
encrypting the data according to the encryption key and the initial vector.
Ts10. the method according to TS9, wherein the data is encrypted based on the AES method according to the encryption key and the initial vector.
Ts11. the method of TS9, further comprising:
storing the encryption key in a memory of the terminal device.
Ts12. the method according to any of the TS 1-11, wherein the device information comprises a MAC address of the terminal device.
Ts13. a parsing method for a model file of data, comprising:
obtaining an offset vector from a model file for data, the model file generated by the method of any one of TS 1-12;
acquiring equipment information of the terminal equipment loaded with the model file;
determining an initial vector based on the device information and the offset vector; and
parsing the model file based on the initial vector.
Ts14. the method of TS13, further comprising:
acquiring an encryption key from the terminal equipment;
wherein the determining an initial vector based on the device information and the offset vector is determining an initial vector based on the device information, the encryption key, and the offset vector.
Ts15. the method of TS13, wherein: based on the device information and the offset vector, determining an initial vector comprises:
determining a vector check code according to at least one preset bit of the offset vector; and
determining the initial vector based on the device information and a relationship between the initial vector and the vector check code; wherein
The relationship between the device information and the initial vector and the vector check code comprises that the vector check code is obtained by calculating a cyclic redundancy check code of a first check vector obtained by splicing the device information and the initial vector.
The method of TS14, wherein the determining an initial vector based on the device information and the offset vector is determining an initial vector based on the device information, the encryption key, and the offset vector.
The method of TS16, wherein determining an initial vector based on the device information, the encryption key, and the offset vector comprises:
determining a vector check code based on at least one preset bit of the offset vector; and
determining the initial vector based on the device information, the encryption key, and a relationship between the initial vector and the vector check code; wherein
The relationship between the device information, the encryption key, and the initial vector and the vector check code includes that the vector check code is obtained by calculating a cyclic redundancy check code of a second check vector spliced by the device information, the encryption key, and the initial vector.
Ts18. the method of TS14, further comprising:
decrypting the data according to the encryption key and the initial vector.
Ts19. a generation apparatus of a model file for data, comprising:
a generation module configured to randomly generate an initial vector;
the first acquisition module is configured to acquire the device information of the terminal device loaded with the data;
a modification module configured to modify the initial vector based on the device information to determine an offset vector; and
a model generation module configured to generate a model file for the data based on the offset vector.
Ts20. a parsing apparatus for a model file of data, comprising:
a second obtaining module configured to obtain an offset vector from a model file for data, the model file being generated by the method of any one of TS 1-12;
the third acquisition module is configured to acquire the device information of the terminal device loaded with the model file;
a determination module configured to determine an initial vector based on the device information and the offset vector; and
a model parsing module configured to parse the model file based on the initial vector.
Ts21. an electronic device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of TS1-12 or TS 13-18.
Ts22. a non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method according to any one of TS1-12 or TS 13-18.
Ts23. a computer program product comprising a computer program which, when being executed by a processor, carries out the method according to any one of TS1-12 or TS 13-18.

Claims (10)

1. A method for generating a model file for data, comprising:
randomly generating an initial vector;
acquiring equipment information of the terminal equipment loaded with the data;
modifying the initial vector based on the device information to determine an offset vector; and
a model file for the data is generated based on the offset vector.
2. The method of claim 1, further comprising:
randomly generating an encryption key;
wherein the modifying the initial vector based on the device information to determine an offset vector is modifying the initial vector based on the device information and the encryption key to determine an offset vector.
3. The method of claim 1, wherein modifying the initial vector to determine an offset vector based on the device information comprises:
generating a vector check code based on the device information and the initial vector;
modifying at least one preset bit of the initial vector according to the vector check code; and
determining the modified initial vector as the offset vector.
4. The method of claim 3, wherein generating a vector check code based on the device information and the initial vector comprises:
splicing the equipment information and the initial vector into a first check vector; and
and determining the cyclic redundancy check code of the first check vector as the vector check code.
5. A method for parsing a model file for data, comprising:
obtaining an offset vector from a model file for data, the model file generated by the method of any one of claims 1-4;
acquiring equipment information of the terminal equipment loaded with the model file;
determining an initial vector based on the device information and the offset vector; and
parsing the model file based on the initial vector.
6. An apparatus for generating a model file for data, comprising:
a generation module configured to randomly generate an initial vector;
the first acquisition module is configured to acquire the device information of the terminal device loaded with the data;
a modification module configured to modify the initial vector based on the device information to determine an offset vector; and
a model generation module configured to generate a model file for the data based on the offset vector.
7. A parsing apparatus for a model file of data, comprising:
a second obtaining module configured to obtain an offset vector from a model file for data, the model file generated by the method of any one of claims 1-4;
the third acquisition module is configured to acquire the device information of the terminal device loaded with the model file;
a determination module configured to determine an initial vector based on the device information and the offset vector; and
a model parsing module configured to parse the model file based on the initial vector.
8. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-4 or 5.
9. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any of claims 1-4 or 5.
10. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1-4 or claim 5.
CN202111158817.8A 2021-09-30 2021-09-30 Model file generation and analysis method, device, equipment and storage medium Pending CN113821814A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111158817.8A CN113821814A (en) 2021-09-30 2021-09-30 Model file generation and analysis method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111158817.8A CN113821814A (en) 2021-09-30 2021-09-30 Model file generation and analysis method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN113821814A true CN113821814A (en) 2021-12-21

Family

ID=78919829

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111158817.8A Pending CN113821814A (en) 2021-09-30 2021-09-30 Model file generation and analysis method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113821814A (en)

Similar Documents

Publication Publication Date Title
US10778441B2 (en) Redactable document signatures
CN110689349B (en) Transaction hash value storage and searching method and device in blockchain
US20160094347A1 (en) Method and system for secure management of computer applications
CN107612683B (en) Encryption and decryption method, device, system, equipment and storage medium
CN110032876B (en) Method, node and storage medium for implementing privacy protection in block chain
US8681976B2 (en) System and method for device dependent and rate limited key generation
CN110061840A (en) Data ciphering method, device, computer equipment and storage medium
CN110033266B (en) Method, node and storage medium for implementing privacy protection in block chain
US8908859B2 (en) Cryptographic apparatus and memory system
CN111385084A (en) Key management method and device for digital assets and computer readable storage medium
CN110059497B (en) Method, node and storage medium for implementing privacy protection in block chain
CN109257176A (en) Decruption key segmentation and decryption method, device and medium based on SM2 algorithm
CN108880812A (en) The method and system of data encryption
CN108134673A (en) A kind of method and device for generating whitepack library file
WO2021129470A1 (en) Polynomial-based system and method for fully homomorphic encryption of binary data
CN108111622A (en) A kind of method, apparatus and system for downloading whitepack library file
US9594918B1 (en) Computer data protection using tunable key derivation function
CN110008737B (en) Method, node and storage medium for implementing privacy protection in block chain
US20200136801A1 (en) Apparatus and method for generating cryptographic algorithm, apparatus and method for encryption
KR101699176B1 (en) Hadoop Distributed File System Data Encryption and Decryption Method
US11139981B2 (en) Message authentication code (MAC) based compression and decompression
CN113821814A (en) Model file generation and analysis method, device, equipment and storage medium
CN116132041A (en) Key processing method and device, storage medium and electronic equipment
US11748521B2 (en) Privacy-enhanced computation via sequestered encryption
US20220318431A1 (en) Code-based signatures for secure programs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination