CN113992439A - Distributed multi-party secure computing system, method and node - Google Patents

Distributed multi-party secure computing system, method and node Download PDF

Info

Publication number
CN113992439A
CN113992439A CN202111608228.5A CN202111608228A CN113992439A CN 113992439 A CN113992439 A CN 113992439A CN 202111608228 A CN202111608228 A CN 202111608228A CN 113992439 A CN113992439 A CN 113992439A
Authority
CN
China
Prior art keywords
tee
computing
calculator
sub
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111608228.5A
Other languages
Chinese (zh)
Other versions
CN113992439B (en
Inventor
潘无穷
李婷婷
韦韬
张煜龙
段然
钱中天
李天一
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202111608228.5A priority Critical patent/CN113992439B/en
Publication of CN113992439A publication Critical patent/CN113992439A/en
Application granted granted Critical
Publication of CN113992439B publication Critical patent/CN113992439B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Multi Processors (AREA)

Abstract

The embodiment of the specification provides a distributed multi-party secure computing system and a distributed multi-party secure computing method. The system comprises at least two TEE computing parties, wherein different TEE computing parties are distributed with different computing tasks included in one-time multi-party security computing; each TEE calculator comprises at least one TEE node; and at least one TEE calculator comprises at least two TEE nodes; TEE nodes in different TEE calculation parties communicate through a multi-party security calculation protocol; at least two TEE nodes in the same TEE calculator respectively execute one sub-calculation task in the calculation tasks distributed by the same TEE calculator. The performance of multi-party secure computing can be improved.

Description

Distributed multi-party secure computing system, method and node
Technical Field
One or more embodiments of the present specification relate to electronic information technology, and more particularly, to a distributed multi-party secure computing system, method, and node.
Background
In multi-party Secure computing (MPC), a plurality of computing parties involved in computing can collectively complete a computing result based on data and an agreed basic algorithm without exposing own data, and send the final computing result to a data demand party.
The multi-party security calculation provides a secure calculation mode, and data leakage can be prevented. However, if a plurality of computing parties, such as 2 computing parties in a three-party security computing, are attacked by an attacker, the attacker can still recover the original data by combining the data of the attacked computing parties, so that the data is leaked, and the security is reduced.
Therefore, a more secure multi-party secure computing method is needed.
Disclosure of Invention
One or more embodiments of the present specification describe a distributed multi-party secure computing system, method, and TEE node that can improve the performance of multi-party secure computing.
A distributed multi-party secure computing system, the system comprising at least two TEE computing parties, different TEE computing parties being allocated different computing tasks included in one multi-party secure computation; wherein the content of the first and second substances,
each TEE calculator comprises at least one TEE node; and at least one TEE calculator comprises at least two TEE nodes;
TEE nodes in different TEE calculation parties communicate through a multi-party security calculation protocol;
at least two TEE nodes in the same TEE calculator respectively execute one sub-calculation task in the calculation tasks distributed by the same TEE calculator.
At least two TEE nodes in the same TEE calculator interact through a special channel.
At least two TEE nodes in the same TEE calculator interact privacy data used for sub-calculation tasks through a special channel.
The number of TEE nodes included in different TEE calculators is the same or not completely the same;
and/or the presence of a gas in the gas,
one TEE node is created with different TEE examples, different TEE calculators reuse the TEE node, and different TEE examples in the TEE node belong to different TEE calculators respectively;
and/or the presence of a gas in the gas,
the system utilizes at least one of a public network, a local area network and a PCI-E bus to carry out networking.
The TEE nodes in different TEE calculators execute the distributed sub-calculation tasks in a parallel and/or serial mode;
and/or the presence of a gas in the gas,
the TEE nodes in the same TEE calculator execute the distributed sub-calculation tasks in a parallel and/or serial mode.
In the same TEE calculator, a TEE node merges the calculation results of the sub-calculation tasks executed by the TEE nodes in the same TEE calculator to obtain the calculation result of the TEE calculator.
The number of TEE nodes included in different TEE calculators is the same and is more than 1;
the system further comprises: at least two computing groups, the same computing group comprising respective TEE nodes in different TEE calculators.
Wherein the TEE node comprises: a TEE chip, a TPM (trusted computing technology) chip, or a module with strong isolation and remote self-certification capability simulated by software.
According to a second aspect, there is provided a method for implementing distributed multi-party secure computing based on the system provided in the present specification, including:
each TEE calculator is assigned a calculation task; the computing task is one of N computing tasks, and the N computing tasks are obtained by performing task division on one-time multi-party security computing according to the number N of TEE computing parties;
dividing the calculation tasks distributed by the TEE calculator into T groups of sub-calculation tasks according to the number T of the TEE nodes included in the same TEE calculator;
in the same TEE calculator, T TEE nodes respectively execute T groups of sub-calculation tasks;
and obtaining the calculation result of the multi-party safety calculation by using each calculation result obtained by the N TEE calculation parties.
Wherein the T TEE nodes respectively execute T groups of sub-computation tasks, including:
private data used for the sub-computing tasks are interacted among any different TEE nodes in the T TEE nodes through a special channel;
and/or the presence of a gas in the gas,
the T TEE nodes in the same TEE calculator perform the assigned T sets of sub-compute tasks in a parallel and/or serial manner.
According to a third aspect, there is provided a method for implementing distributed multi-party secure computing based on the system provided in the present specification, wherein the method is applied to any one first TEE node included in any one first TEE computing party;
the method comprises the following steps:
the first TEE node obtains a sub-computation task corresponding to a first TEE calculator; wherein the sub-computation tasks are: after the computing task distributed to the first TEE computing party is divided into T groups of sub-computing tasks, one sub-computing task in the T groups of sub-computing tasks; wherein T is the number of TEE nodes included by the first TEE calculator;
the first TEE node calculates according to the obtained sub-calculation tasks;
the first TEE node provides a calculation result for calculating a calculation result of the first TEE calculator.
Wherein the first TEE node obtains a sub-computation task, including: the first TEE node obtains a sub-computation task through a special channel between the first TEE node and other TEE nodes in a first TEE calculator;
and/or the presence of a gas in the gas,
the first TEE node providing a calculation, comprising: the first TEE node sends the calculation result to other TEE nodes in the first TEE calculator through a special channel between the first TEE node and the other TEE nodes.
The method further comprises the following steps:
the first TEE node combines the calculation results of the sub-calculation tasks executed by each TEE node in the first TEE calculator to obtain the calculation result of the first TEE calculator, and the calculation result of the first TEE calculator is sent to the TEE nodes in other TEE calculators through an MPC protocol.
The method comprises the steps that a first TEE instance created in advance by a first TEE node executes processing of obtaining a sub-computing task corresponding to a first TEE computing party, computing according to the sub-computing task and providing a computing result in the first TEE computing party;
the method further comprises the following steps: executing other TEE instances created in advance by the first TEE node to obtain sub-computing tasks corresponding to other TEE computing parties, computing according to the sub-computing tasks and providing computing results in the other TEE computing parties.
According to a fourth aspect, there is provided a TEE node of the system provided in the above description, belonging to a first TEE calculator, the TEE node comprising:
an information receiving module configured to obtain a sub-computation task corresponding to a first TEE calculator; wherein the sub-computation tasks are: after the computing task distributed to the first TEE computing party is divided into T groups of sub-computing tasks, one sub-computing task in the T groups of sub-computing tasks; wherein T is the number of TEE nodes included by the first TEE calculator;
the task execution module is configured to perform calculation according to the obtained sub-calculation tasks;
a result providing module configured to provide a calculation result for calculating a calculation result of the first TEE calculator.
According to a fifth aspect, there is provided a computing device comprising a memory having stored therein executable code and a processor that, when executing the executable code, implements a method as described in any of the embodiments of the present specification.
In the distributed multi-party secure computing system, method and TEE node provided by the embodiments of the present specification, because the computing process of multi-party secure computing is performed by each TEE node, the security computing environment constructed based on the TEE can further improve the security of multi-party secure computing. Meanwhile, for the calculation of each party, a plurality of TEE nodes included in one TEE calculation party can share and complete the calculation of the same party, for example, the parallel calculation part in the calculation of the same party is completed, so that the distributed calculation processing can be realized, and the calculation speed is further improved.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present specification, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a diagram of multi-party security computation in the prior art.
Fig. 2 is a schematic diagram of a system architecture applied in one embodiment of the present specification.
FIG. 3 is a diagram of a system architecture to which one embodiment of the present description applies when employing three-party secure computing.
FIG. 4 is a schematic diagram of yet another system architecture to which one embodiment of the present description applies when employing three-party secure computing.
FIG. 5 is a schematic diagram of another system architecture to which one embodiment of the present description applies when employing three-party secure computing.
FIG. 6 is a schematic diagram of yet another system architecture for use with one embodiment of the present description when employing three-party secure computing.
FIG. 7 is a flow diagram of a distributed multi-party security computation method in one embodiment of the present description.
FIG. 8 is a flow diagram of a distributed multi-party security computation method in another embodiment of the present description.
FIG. 9 is a block diagram of a TEE node in a distributed multi-party secure computing system in accordance with another embodiment of the present disclosure.
Detailed Description
In the prior art, referring to fig. 1, each data owner providing raw data participates in multi-party secure computing as a computing party, and the method has low security and low computing speed. Therefore, the data owner is not used as a computing party to participate in multi-party security computing in the embodiment of the specification.
The scheme provided by the specification is described below with reference to the accompanying drawings.
To facilitate understanding of the present specification, a system architecture to which the present specification applies will be described first. Referring to fig. 2, an embodiment of the present specification proposes a distributed multi-party secure computing system, where the system includes at least two TEE computing parties, and different TEE computing parties are allocated with different computing tasks included in one multi-party secure computing; wherein the content of the first and second substances,
each TEE calculator comprises at least one TEE node; and at least one TEE calculator comprises at least two TEE nodes;
TEE nodes in different TEE calculation parties communicate through a multi-party security calculation protocol;
at least two TEE nodes in the same TEE calculator respectively complete one sub-calculation task in the calculation tasks distributed by the same TEE calculator.
The system architecture of the distributed multi-party secure computing system proposed by the embodiments of the present specification is described in detail below.
Referring to fig. 2, the system architecture mainly includes at least two TEE computing parties that need to perform multi-party security computation, each TEE computing party serving as one computing party in the multi-party security computation.
In the embodiments of the present specification, a computing task is part of a multi-party security computation. Different TEE computing parties perform different computing tasks, thereby completing a complete multi-party secure computation. For example, if one multiparty security calculation includes a multiplication of 6 parameters, the multiplication of 6 parameters may be divided into 3 multiplications of 2 parameters, where the 3 multiplications are divided into 3 calculation tasks, and the 3 multiplications may be respectively allocated to 3 TEE calculation parties. The results of the 3 multiplication operations may or may not be subsequently converged, and are determined according to requirements.
Next, the number of TEE calculators and the number of TEE nodes in the system architecture of the present specification are described.
In one aspect, the number of TEE computing parties is related to the protocol of multi-party secure computing. For example, the multiparty security computing protocol uses three computing parties for computing, and thus the system architecture of the present specification may include three TEE computing parties, and for example, the multiparty security computing protocol uses five computing parties for computing, and thus the system architecture of the present specification may include five TEE computing parties. Different TEE calculation parties need to communicate through an MPC protocol, and it can be understood that the different TEE calculation parties do not expose own data fragments mutually.
On the other hand, the number of TEE nodes included in each TEE calculator is related to the complexity of the task and/or the requirement of calculation speed, for example, 1, 2, 3, 4, or 5 TEE nodes may be included in one TEE calculator. It will be appreciated that a greater number of TEE nodes may be included in a TEE calculator when the complexity of the task is higher or the demand on computational speed is higher. Of course, in order to enable distributed computing, in the system architecture of the present specification shown in fig. 2, at least one TEE computing party includes at least two TEE nodes.
Therefore, in the system architecture of the present specification shown in fig. 2, because the computing process of the multi-party secure computing is executed by each TEE node, the security computing environment constructed based on the TEE can further improve the security of the multi-party secure computing, and implement trusted computing. Meanwhile, for the calculation of each party, a plurality of TEE nodes included in one TEE calculation party can share and complete the calculation of the same party, for example, the parallel calculation part in the calculation of the same party is completed, so that the distributed calculation processing can be realized, the dense calculation can be realized, and the calculation speed is further improved. Thus, the system shown in FIG. 2 provides a Trusted-Environment-based Cryptographic Computing (TECC) architecture.
TEE provides the ability to be strongly isolated and self-certified to remote locations. Wherein the strong isolation capability makes it impossible to destroy such as system administrator, privileged software, etc.; the remote self-certification capability is directed to the identity of the remote self-certified TEE (for example, one TEE node confirms whether another TEE node belongs to the same TEE calculator with itself), and an end-to-end security channel is directly established with the TEE node, so that data transmitted between the TEE node and the TEE node cannot be attacked by any intermediate link. Therefore, in the embodiment of the present specification, the two capabilities of the TEE are utilized to combine multiple TEE nodes into one TEE calculator, that is, multiple TEE nodes in one TEE calculator fulfill the role of the same party in multi-party security calculation.
In the system architecture of the present specification, at least two TEE nodes in the same TEE calculator interact through a dedicated channel, such as interacting private data for sub-computation tasks. It can be seen that private data cannot be interacted between different TEE computing parties, and in the same TEE computing party, the private data can be interacted through a dedicated channel.
Based on the architecture shown in fig. 2, in different service scenarios, there may be multiple system implementations, for example, any one or a combination of the following implementations may be included:
the implementation mode is one, symmetrical.
And the second implementation mode is an asymmetric mode.
And the third implementation mode is a multiplexing mode.
For implementation one, the symmetric equation: in the symmetric equation, the number of TEE nodes included in different TEE calculators is the same.
Referring to fig. 3, when the MPC protocol employs three-party secure computing, the system architecture of the present specification includes three TEE computing parties, namely TEE computing party a, TEE computing party B, and TEE computing party C. When the first implementation symmetry is adopted, the number of TEE nodes included in different TEE calculators is the same, and as shown in fig. 3, each TEE calculator may include 4 TEE nodes, such as TEE node a1, TEE node a2, TEE node A3, and TEE node a 4. As previously mentioned, the number of TEE nodes included in each TEE calculator may be designed according to the complexity of the task and the requirement for computational speed.
For implementation two, asymmetric: in the asymmetric, the number of TEE nodes included in different TEE calculators is not exactly the same.
Referring to fig. 4, when the MPC protocol employs three-party secure computing, the system architecture of the present specification includes three TEE computing parties, namely TEE computing party a, TEE computing party B, and TEE computing party C. When the asymmetric type of the second implementation manner is adopted, in the system architecture of the present specification, the number of TEE nodes included in different TEE calculators is different, as shown in fig. 4, a TEE calculator a includes 4 TEE nodes, a TEE calculator B includes 2 TEE nodes, and a TEE calculator C includes 1 TEE node. As previously mentioned, the number of TEE nodes included in each TEE calculator may be designed according to the complexity of the task corresponding to the TEE calculator and the requirement for calculation speed.
For the third implementation mode, the multiplexing mode: in the multiplexing scheme, different TEE calculators multiplex one TEE node and use different TEE instances in the one TEE node, respectively.
It is understood that in the system architecture of the present specification, in order to prevent each TEE calculator from exposing own data, one TEE node usually belongs to only one TEE calculator. In some embodiments of the present description, certain specific types of TEE nodes may provide multiple TEE environments and create multiple TEE instances, such as one TEE node implemented based on Intel's sgx (software guard extensions) technology. For the special type of TEE node, it may be set that multiple TEE instances created by the special type of TEE node all belong to the same TEE calculator, and of course, it may also be set that multiple TEE instances created by the special type of TEE node belong to different TEE calculators, that is, different TEE calculators reuse the special type of TEE node. Referring to fig. 5, for example, the TEE node X belongs to the above-mentioned special type TEE node, the TEE node X is created with 3 TEE instances, and TEE instance 1 belongs to TEE calculator a and is used as TEE node a2 in calculator a; TEE instance 2 belongs to TEE calculator B, serving as TEE node B2 in calculator B; TEE instance 3 belongs to TEE calculator C and serves as TEE node C3 in calculator C.
It is to be understood that the above three implementations may also be used in combination, for example, the second implementation is combined with the third implementation, that is, the number of TEE nodes included in different TEE calculation parties is different, and one of the TEE nodes is created with a plurality of instances, for example, 2 instances, respectively belonging to two TEE calculation parties, and the like.
The following describes communication channels used in communication between the TEE nodes, including:
communication channel 1: MPC protocol channels.
Referring to fig. 2-5, in the system architecture proposed in this specification, different TEE calculators need to communicate with each other using MPC protocol, and one TEE node in one TEE calculator cannot acquire data of one TEE node in another TEE calculator, for example, TEE node a1 in TEE calculator a communicates with TEE node B1 in TEE calculator B through MPC protocol, but TEE node a1 cannot acquire data fragments of TEE node B1.
Communication channel 2: dedicated channels between TEE nodes.
Referring to fig. 2 to 5, in the system architecture proposed in this specification, dedicated channels are used for communication between the TEE nodes in the same TEE calculator, so that, in the same TEE calculator, different TEE nodes such as TEE node B3 and TEE node B4 can interact through the dedicated channels between the TEEs, and thus, the processing efficiency can be further improved.
The following describes the manner of networking between the TEE nodes.
Referring to fig. 2 to 5, in the system architecture proposed in the present specification, the TEE nodes interact with each other through a network. The network may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The system architecture proposed in the present specification can be networked by using various types of networking modes such as a public network, a local area network, a PCI-E bus, and the like. For example, when networking is performed using a public network, different TEE nodes may be far apart, for example, the physical device of TEE node a3 and the physical device of TEE node B3 in fig. 3 may be located in different provinces, and connected using the public network; when a local area network is used for networking, different TEE nodes may be at a short distance, for example, all the TEE nodes in fig. 3 are uniformly distributed in the same local area network, and the TEE nodes communicate through the local area network; when networking is done using a PCI-E bus, for example, the various TEE nodes in FIG. 3 are connected and communicate through the PCI-E bus. Of course, various networking modes may also be used in combination, for example, a public network and a local area network networking mode are combined, for example, in fig. 3, a TEE node in a TEE calculator a is connected to a TEE node in a TEE calculator B through a public network, and performs communication of an MPC protocol, and meanwhile, in the same TEE calculator C, a TEE node C1 to a TEE node C4 are connected through a local area network and communicate.
Because the local area network or the PCI-E bus can be used for networking, the processing speed of the multi-party secure computing is greatly improved, and therefore, the computing efficiency of the multi-party secure computing is further improved by the system architecture provided by the specification.
It should be noted that in the system architectures shown in fig. 2 to fig. 5, different TEE computing parties are connected in a serial manner, but in an actual service implementation, different TEE computing parties may also be connected in a parallel manner, for example, TEE computing party a is connected to TEE computing party B and TEE computing party C at the same time, and a specific connection manner is determined according to an interaction requirement of the MPC protocol.
Meanwhile, in the system architectures shown in fig. 2 to 5, in the same TEE computing party, the TEE nodes are connected together in a serial manner, but in an actual service implementation, different TEE nodes in the same TEE computing party may also be connected in a parallel manner, for example, in the TEE computing party a, the TEE node a1 is simultaneously connected in parallel with the TEE node a2 and the TEE node A3, but the TEE node a2 is not connected with the TEE node A3, the TEE node A3 is connected to the TEE node a4, and the like, and the specific connection manner is determined according to a partition manner of tasks of the same computing party.
Based on the above connection method, a calculation method in the system configuration of the present specification will be described.
Calculation modes between different TEE calculators: each TEE node in a different TEE calculator performs the assigned sub-computation tasks in a parallel and/or serial manner. That is, serial computation and parallel computation can be flexibly used independently or in combination when different TEE computing parties perform respective computing tasks.
When different TEE computing parties execute respective computing tasks, parallel (no interaction) and/or serial (interaction is needed) computing can be performed among the TEE computing parties, and the parallel and serial computing is determined according to the requirements of the multi-party security computing. For example, referring to fig. 2, a respective first TEE node of TEE calculators 1 through N performs respective assigned sub-calculation tasks in parallel; then, serial calculation is performed, for example, one TEE node 12 in the TEE calculator 1 sends its calculation result L1 to one TEE node 22 in the TEE calculator 2 through an MPC protocol, one TEE node N2 in the TEE calculator N sends the calculation result LN to the TEE node 22 through the MPC protocol, and the TEE node 22 performs calculation according to the received calculation results L1 and LN, that is, completes the sub-calculation task to which the TEE node 22 is allocated. As can be seen,
the calculation modes of different TEE nodes in the same TEE calculator are as follows: the TEE nodes in the same TEE calculator execute the distributed sub-calculation tasks in a parallel and/or serial mode. That is to say, in the same TEE calculation party, when different TEE nodes execute respective sub-calculation tasks, serial calculation and parallel calculation can be flexibly and independently used or used in combination.
In the same TEE calculation party, when different TEE nodes execute respective sub-calculation tasks, parallel (no interaction) and/or serial (interaction through a dedicated channel is required) calculation can be performed among the TEE nodes, and the calculation is specifically determined according to the requirements of the multi-party safety calculation.
It should be noted that when the system architecture adopts the above-mentioned implementation manner, i.e. the symmetric equation, the calculation group can also be formed in the system. When the number of TEE nodes included in different TEE calculators is the same and the number of TEE nodes is greater than 1, the system further comprises: at least two computing groups, wherein each TEE node of different TEE computing parties is included in the same computing group.
In particular, because the number of TEE nodes included in different TEE calculators is the same, one TEE node can be sequentially selected from each TEE calculator in turn to be combined into a calculation group. Therefore, when the computing tasks need to be communicated among different TEE nodes in the same computing group, the MPC protocol can be used for data interaction in the same computing group.
For example, taking the structure shown in fig. 3 as an example to illustrate the grouping manner, referring to fig. 3 and fig. 6, a TEE node a1 selected from a TEE calculator a, a TEE node B1 selected from a TEE calculator B, and a TEE node C1 selected from a TEE calculator C are grouped into one group, which is denoted as calculation group 1; grouping a TEE node A2 selected from a TEE calculator A, a TEE node B2 selected from a TEE calculator B and a TEE node C2 selected from a TEE calculator C into a group, and marking as a calculation group 2; a TEE node A3 selected from the TEE calculator A, a TEE node B3 selected from the TEE calculator B and a TEE node C3 selected from the TEE calculator C are divided into a group, which is marked as a calculation group 3; TEE node a4 selected from TEE calculator a, TEE node B4 selected from TEE calculator B, and TEE node C4 selected from TEE calculator C are grouped into calculation group 4. Referring to fig. 6, in the same computing group, for example, TEE node a1 needs to interact with TEE node B1, then the MPC protocol may be used for the interaction. In the same TEE calculator, for example, TEE node a1 needs to interact with TEE node a2, then a dedicated channel may be used for the interaction.
In the embodiments of the present description, a TEE node may be a broad TEE node and is not limited to only a hardware TEE chip. For example, the following may be: a TEE chip, a TPM (trusted computing technology) chip, or a module with strong isolation and remote self-certification capability simulated by software.
The following describes a method for implementing distributed multi-party secure computing based on the system architecture provided in the embodiments of the present specification.
FIG. 7 is a flow diagram of a distributed multi-party security computation method in one embodiment of the present description. The method is applied to the system architecture proposed in the embodiments of the present specification. It is to be appreciated that the method can be performed by any apparatus, device, platform, cluster of devices having computing and processing capabilities. Referring to fig. 2 to 7, the method includes:
step 701: and performing task division on one multi-party safety calculation according to the number N of the TEE calculation parties to obtain N calculation tasks.
Step 703: the N computation tasks are distributed to the N TEE calculators, respectively.
Step 705: and dividing the calculation tasks distributed by the TEE calculator into T groups of sub-calculation tasks according to the number T of the TEE nodes included in the same TEE calculator.
Step 707: in the same TEE calculator, T TEE nodes respectively execute T groups of sub-calculation tasks.
Step 709: and obtaining the calculation result of the multi-party safety calculation by using each calculation result obtained by the N TEE calculation parties.
The process shown in fig. 7 will be described with reference to specific examples.
The process of step 701 may be performed by a data owner or other management device.
In step 705, according to the number T of TEE nodes included in the same TEE calculator, the calculation tasks allocated to the TEE calculator are divided into T groups of sub-calculation tasks, where T is a positive integer not less than 1.
In one embodiment of the present description, the process of step 705 may be performed by a TEE node in a TEE calculator. For example, referring to fig. 4, TEE node a1 receives a compute task corresponding to TEE calculator a, TEE node a1 divides the compute task into 4 sets of sub-compute tasks, TEE node a1 processes 1 set of sub-compute tasks therein, and the other 3 sets of sub-compute tasks are sent to TEE node a2 through TEE node a4, respectively. As previously described, when TEE node a1 communicates with TEE node a2 through TEE node a4, communications may be through dedicated channels between the TEE nodes.
In another embodiment of this specification, the data provider or other management device may execute the processing of this step 705 and distribute the processing to the corresponding TEE node.
Next, in step 707, in the same TEE calculator, the T TEE nodes respectively execute T groups of sub-computation tasks.
For steps 705 through 707, in the same TEE computation party, the respective TEE nodes may perform the assigned sub-computation tasks in a parallel and/or serial manner. When executed serially, data for sub-compute tasks, such as private data, may be interacted with between any of the different TEE nodes through dedicated channels.
For example, referring to fig. 4, the TEE calculator a includes 4 TEE nodes, so in step 707, the calculation tasks allocated to the TEE calculator a may be divided into 4 groups, the TEE node a1 to the TEE node a4 execute the 4 groups of sub-calculation tasks respectively in parallel, and the calculation results of the 4 groups of sub-calculation tasks are combined to obtain the final calculation result a of the TEE calculator a; the TEE calculator B comprises 2 TEE nodes, so that the calculation tasks distributed to the TEE calculator B can be divided into 2 groups, the TEE node B1 to the TEE node B2 execute the 2 groups of sub-calculation tasks respectively in parallel, and the calculation results of the 2 groups of sub-calculation tasks are merged, so that the final calculation result B of the TEE calculator B is obtained; the TEE calculator C includes only 1 TEE node, and the computation tasks assigned to TEE calculator C are performed by TEE node C1, resulting in the final computation result C of TEE calculator C.
In this step 707, in some service scenarios, the results of the T groups of sub-computation tasks in the same TEE computing party need to be merged, and the merging process may be performed by any one TEE node in the same TEE computing party, for example, referring to fig. 3, the TEE node a2 to the TEE node a4 send the settlement results of the respective computed sub-computation tasks to the TEE node a1, and the TEE node a1 merges the computation results of the 4 groups of sub-computation tasks.
Next, in step 709, the calculation results of the multi-party security calculation are obtained by using the calculation results obtained by the N TEE calculation parties.
For example, in some service scenarios, the calculation result a, the calculation result B, and the calculation result C are aggregated according to a multi-party security calculation protocol, so as to obtain a final calculation result of the multi-party security calculation.
As previously described, TEE calculator A, TEE, calculator B and TEE calculator C may communicate via the MPC protocol.
The system architecture proposed in the embodiments of the present specification, and a method for performing distributed multi-party secure computation based on the system architecture are described above.
From the perspective of any TEE node standing in the system architecture of the present specification, referring to fig. 8, a processing method of any TEE node (for convenience of description, denoted as a first TEE node included in a first TEE computing party) in distributed multi-party security computing includes the following steps:
step 801: the first TEE node obtains a sub-compute task corresponding to a first TEE calculator.
Wherein the sub-computation tasks are: after the computing task distributed to the first TEE computing party is divided into T groups of sub-computing tasks, one sub-computing task in the T groups of sub-computing tasks; wherein T is the number of TEE nodes included by the first TEE calculator.
Step 803: and the first TEE node carries out calculation according to the obtained sub-calculation tasks.
In one embodiment of the present specification, in step 803, the first TEE node may obtain, through a dedicated channel, the private data sent by other TEE nodes in the first TEE calculator, and perform its own sub-computation task based on the private data.
In an embodiment of this specification, after the first TEE node executes its own sub-computation task in step 803, a sub-computation result is obtained, where the sub-computation result is private data, but because of the dedicated channel, the first TEE node may send the sub-computation result to other TEE nodes in the first TEE calculator through the dedicated channel for execution of the sub-computation tasks of the other TEE nodes.
Step 805: the first TEE node provides a calculation result for calculating a calculation result of the first TEE calculator.
As mentioned above, information interaction between different TEE nodes in the same TEE calculator may be performed through a dedicated channel, and therefore, in an embodiment of the present specification, in step 801, the first TEE node obtains a sub-calculation task through a dedicated channel between the first TEE node and another TEE node in the first TEE calculator. In step 803, the first TEE node sends the calculation result to the other TEE nodes through the dedicated channel with the other TEE nodes in the first TEE calculator.
In the first TEE computing party, each TEE node performs the computation of each sub-computation task in a distributed manner, and the computation results need to be merged into the computation result of the first TEE computing party.
If the first TEE node has the capability of creating multiple TEE instances, then in one embodiment of the present specification, the above steps 801, 803 and 805 are performed by marking one TEE instance created by the first TEE node as the first TEE instance; meanwhile, other TEE instances created by the first TEE node execute the sub-computing tasks corresponding to other TEE computing parties acquired by the other TEE instances, and perform computing according to the sub-computing tasks and provide computing results in the other TEE computing parties.
In one embodiment of the present specification, a TEE node is provided, where the TEE node may be any one TEE node in a distributed multi-party secure computing system proposed in the present specification, belonging to a first TEE computing party, and referring to fig. 9, the TEE node 900 includes:
an information receiving module 901 configured to obtain a sub-computation task corresponding to a first TEE calculator; wherein the sub-computation tasks are: after the computing task distributed to the first TEE computing party is divided into T groups of sub-computing tasks, one sub-computing task in the T groups of sub-computing tasks; wherein T is the number of TEE nodes included by the first TEE calculator;
a task execution module 902 configured to perform computation according to the obtained sub-computation tasks;
a result providing module 903 configured to provide a calculation result for calculating a calculation result of the first TEE calculator.
In one embodiment of the present description, the information receiving module 901 is configured to perform the sub-computation task of obtaining through a dedicated channel with other TEE nodes in the first TEE calculator.
In one embodiment of the present description, the result providing module 903 is configured to perform sending of the calculation result to other TEE nodes in the first TEE calculator through a dedicated channel with the other TEE nodes.
In one embodiment of the present description, the result providing module 903 is further configured to perform: and combining the calculation results of the sub-calculation tasks executed by each TEE node in the first TEE calculator to obtain the calculation result of the first TEE calculator, and sending the calculation result of the first TEE calculator to the TEE nodes in other TEE calculators through an MPC protocol.
In one embodiment of the present description, the information receiving module 901, the task executing module 902, and the result providing module 903 belong to a module in a first TEE instance created by a first TEE node, the first TEE instance being one of multiple instances created by the first TEE node.
An embodiment of the present specification provides a computer-readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of any of the embodiments of the specification.
One embodiment of the present specification provides a computing device comprising a memory and a processor, the memory having stored therein executable code, the processor implementing a method in accordance with any one of the embodiments of the specification when executing the executable code.
It is to be understood that the illustrated construction of the embodiments herein is not to be construed as limiting the apparatus of the embodiments herein specifically. In other embodiments of the description, the apparatus may include more or fewer components than illustrated, or some components may be combined, some components may be separated, or a different arrangement of components may be used. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
For the information interaction, execution process and other contents between the modules in the above-mentioned apparatus and system, because the same concept is based on the embodiment of the method in this specification, specific contents may refer to the description in the embodiment of the method in this specification, and are not described herein again.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Those skilled in the art will recognize that, in one or more of the examples described above, the functions described in this disclosure may be implemented in hardware, software, hardware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium.
The above-mentioned embodiments, objects, technical solutions and advantages of the present invention are further described in detail, it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present invention should be included in the scope of the present invention.

Claims (16)

1. A distributed multi-party secure computing system, the system comprising at least two TEE computing parties, different TEE computing parties being allocated different computing tasks included in one multi-party secure computation; wherein the content of the first and second substances,
each TEE calculator comprises at least one TEE node; and at least one TEE calculator comprises at least two TEE nodes;
TEE nodes in different TEE calculation parties communicate through a multi-party security calculation protocol;
at least two TEE nodes in the same TEE calculator respectively execute one sub-calculation task in the calculation tasks distributed by the same TEE calculator.
2. The system of claim 1, wherein at least two TEE nodes in the same TEE calculator interact through a dedicated channel.
3. The system of claim 2, wherein at least two TEE nodes in the same TEE calculator interact private data for sub-computing tasks through a dedicated channel.
4. The system of claim 1, wherein,
the number of TEE nodes included in different TEE calculators is the same or not completely the same;
and/or the presence of a gas in the gas,
one TEE node is created with different TEE examples, different TEE calculators reuse the TEE node, and different TEE examples in the TEE node belong to different TEE calculators respectively;
and/or the presence of a gas in the gas,
the system utilizes at least one of a public network, a local area network and a PCI-E bus to carry out networking.
5. The system of claim 1, wherein TEE nodes in different TEE calculators perform assigned sub-computation tasks in a parallel and/or serial manner;
and/or the presence of a gas in the gas,
the TEE nodes in the same TEE calculator execute the distributed sub-calculation tasks in a parallel and/or serial mode.
6. The system of claim 1, wherein, in a same TEE calculator, a TEE node merges the results of computations of sub-computation tasks performed by each TEE node in the same TEE calculator to obtain the results of computations of the TEE calculator.
7. The system of claim 1, wherein the number of TEE nodes included in different TEE calculators is the same and is greater than 1;
the system further comprises: at least two computing groups, the same computing group comprising respective TEE nodes in different TEE calculators.
8. The system of claim 1, wherein the TEE node comprises: a TEE chip, a TPM (trusted computing technology) chip, or a module with strong isolation and remote self-certification capability simulated by software.
9. A method of implementing distributed multi-party secure computing based on the system of any one of claims 1 to 8, comprising:
each TEE calculator is assigned a calculation task; the computing task is one of N computing tasks, and the N computing tasks are obtained by performing task division on one-time multi-party security computing according to the number N of TEE computing parties;
dividing the calculation tasks distributed by the TEE calculator into T groups of sub-calculation tasks according to the number T of the TEE nodes included in the same TEE calculator;
in the same TEE calculator, T TEE nodes respectively execute T groups of sub-calculation tasks;
and obtaining the calculation result of the multi-party safety calculation by using each calculation result obtained by the N TEE calculation parties.
10. The method of claim 9, wherein the T TEE nodes each perform T sets of sub-computation tasks, comprising:
private data used for the sub-computing tasks are interacted among any different TEE nodes in the T TEE nodes through a special channel;
and/or the presence of a gas in the gas,
the T TEE nodes in the same TEE calculator perform the assigned T sets of sub-compute tasks in a parallel and/or serial manner.
11. A method of implementing distributed multi-party security computation based on the system of any of claims 1 to 8, wherein the method is applied to any one of the first TEE nodes included in any one of the first TEE computing parties;
the method comprises the following steps:
the first TEE node obtains a sub-computation task corresponding to a first TEE calculator; wherein the sub-computation tasks are: after the computing task distributed to the first TEE computing party is divided into T groups of sub-computing tasks, one sub-computing task in the T groups of sub-computing tasks; wherein T is the number of TEE nodes included by the first TEE calculator;
the first TEE node calculates according to the obtained sub-calculation tasks;
the first TEE node provides a calculation result for calculating a calculation result of the first TEE calculator.
12. The method of claim 11, wherein the first TEE node obtains a sub-computation task comprising: the first TEE node obtains a sub-computation task through a special channel between the first TEE node and other TEE nodes in a first TEE calculator;
and/or the presence of a gas in the gas,
the first TEE node providing a calculation, comprising: the first TEE node sends the calculation result to other TEE nodes in the first TEE calculator through a special channel between the first TEE node and the other TEE nodes.
13. The method of claim 11, further comprising:
the first TEE node combines the calculation results of the sub-calculation tasks executed by each TEE node in the first TEE calculator to obtain the calculation result of the first TEE calculator, and the calculation result of the first TEE calculator is sent to the TEE nodes in other TEE calculators through an MPC protocol.
14. The method of claim 11, wherein the first and second light sources are selected from the group consisting of,
the method comprises the steps that a first TEE instance created in advance by a first TEE node executes processing of obtaining a sub-computing task corresponding to a first TEE computing party, computing according to the sub-computing task and providing a computing result in the first TEE computing party;
the method further comprises the following steps: executing other TEE instances created in advance by the first TEE node to obtain sub-computing tasks corresponding to other TEE computing parties, computing according to the sub-computing tasks and providing computing results in the other TEE computing parties.
15. A TEE node based on the system of any of claims 1 to 8, belonging to a first TEE calculator, the TEE node comprising:
an information receiving module configured to obtain a sub-computation task corresponding to a first TEE calculator; wherein the sub-computation tasks are: after the computing task distributed to the first TEE computing party is divided into T groups of sub-computing tasks, one sub-computing task in the T groups of sub-computing tasks; wherein T is the number of TEE nodes included by the first TEE calculator;
the task execution module is configured to perform calculation according to the obtained sub-calculation tasks;
a result providing module configured to provide a calculation result for calculating a calculation result of the first TEE calculator.
16. A computing device comprising a memory having executable code stored therein and a processor that, when executing the executable code, implements the method of any of claims 9-14.
CN202111608228.5A 2021-12-27 2021-12-27 Distributed multi-party secure computing system, method and node Active CN113992439B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111608228.5A CN113992439B (en) 2021-12-27 2021-12-27 Distributed multi-party secure computing system, method and node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111608228.5A CN113992439B (en) 2021-12-27 2021-12-27 Distributed multi-party secure computing system, method and node

Publications (2)

Publication Number Publication Date
CN113992439A true CN113992439A (en) 2022-01-28
CN113992439B CN113992439B (en) 2022-05-06

Family

ID=79734445

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111608228.5A Active CN113992439B (en) 2021-12-27 2021-12-27 Distributed multi-party secure computing system, method and node

Country Status (1)

Country Link
CN (1) CN113992439B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160335440A1 (en) * 2015-05-11 2016-11-17 Government Of The United States, As Represented By The Secretary Of The Air Force Transferable Multiparty Computation
CN108809623A (en) * 2018-07-10 2018-11-13 矩阵元技术(深圳)有限公司 Multi-party computations method, apparatus and system
CN110278078A (en) * 2019-06-17 2019-09-24 矩阵元技术(深圳)有限公司 A kind of data processing method, apparatus and system
CN111027713A (en) * 2019-12-10 2020-04-17 支付宝(杭州)信息技术有限公司 Shared machine learning system and method
CN111061963A (en) * 2019-11-28 2020-04-24 支付宝(杭州)信息技术有限公司 Machine learning model training and predicting method and device based on multi-party safety calculation
CN111737011A (en) * 2020-07-31 2020-10-02 支付宝(杭州)信息技术有限公司 Method and device for realizing secure multi-party computation
CN111813544A (en) * 2020-06-19 2020-10-23 华控清交信息科技(北京)有限公司 Processing method and device of computing task, scheduling and management system and medium
CN112751665A (en) * 2019-10-30 2021-05-04 阿里巴巴集团控股有限公司 Secure multi-party computing method, device, system and storage medium
CN112799851A (en) * 2021-03-30 2021-05-14 华控清交信息科技(北京)有限公司 Data processing method and related device in multi-party security computing
US20210160074A1 (en) * 2019-11-27 2021-05-27 Visa International Service Association System and Method for Fair, Secure N-Party Computation Using At Least One Blockchain
CN112926051A (en) * 2021-03-25 2021-06-08 支付宝(杭州)信息技术有限公司 Multi-party security computing method and device
CN113541946A (en) * 2021-09-08 2021-10-22 华控清交信息科技(北京)有限公司 Multi-party security calculation method and device and electronic equipment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160335440A1 (en) * 2015-05-11 2016-11-17 Government Of The United States, As Represented By The Secretary Of The Air Force Transferable Multiparty Computation
CN108809623A (en) * 2018-07-10 2018-11-13 矩阵元技术(深圳)有限公司 Multi-party computations method, apparatus and system
CN110278078A (en) * 2019-06-17 2019-09-24 矩阵元技术(深圳)有限公司 A kind of data processing method, apparatus and system
CN112751665A (en) * 2019-10-30 2021-05-04 阿里巴巴集团控股有限公司 Secure multi-party computing method, device, system and storage medium
US20210160074A1 (en) * 2019-11-27 2021-05-27 Visa International Service Association System and Method for Fair, Secure N-Party Computation Using At Least One Blockchain
CN111061963A (en) * 2019-11-28 2020-04-24 支付宝(杭州)信息技术有限公司 Machine learning model training and predicting method and device based on multi-party safety calculation
CN111027713A (en) * 2019-12-10 2020-04-17 支付宝(杭州)信息技术有限公司 Shared machine learning system and method
CN111813544A (en) * 2020-06-19 2020-10-23 华控清交信息科技(北京)有限公司 Processing method and device of computing task, scheduling and management system and medium
CN111737011A (en) * 2020-07-31 2020-10-02 支付宝(杭州)信息技术有限公司 Method and device for realizing secure multi-party computation
CN112926051A (en) * 2021-03-25 2021-06-08 支付宝(杭州)信息技术有限公司 Multi-party security computing method and device
CN112799851A (en) * 2021-03-30 2021-05-14 华控清交信息科技(北京)有限公司 Data processing method and related device in multi-party security computing
CN113541946A (en) * 2021-09-08 2021-10-22 华控清交信息科技(北京)有限公司 Multi-party security calculation method and device and electronic equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
刘亮等: "基于TrustZone技术的微处理器芯片架构", 《电子设计工程》 *
马顺利等: "基于密秘共享的安全多方计算协议", 《青海师范大学学报(自然科学版)》 *

Also Published As

Publication number Publication date
CN113992439B (en) 2022-05-06

Similar Documents

Publication Publication Date Title
Yang et al. Distributed blockchain-based trusted multidomain collaboration for mobile edge computing in 5G and beyond
Byali et al. FLASH: fast and robust framework for privacy-preserving machine learning
CN108769150B (en) Data processing method and device of block chain network, cluster node and storage medium
CN108809623B (en) Secure multiparty computing method, device and system
KR102566892B1 (en) Blockchain consensus method, device and system
Patarasuk et al. Bandwidth optimal all-reduce algorithms for clusters of workstations
US8966273B2 (en) Lightweight group signature system and method with short signature
CN111934889B (en) Key generation method, signature and signature verification method, device, equipment and medium
CN112380565A (en) Secure multi-party computing method based on trusted hardware and block chain
CN111934890B (en) Key generation method, signature and signature verification method, device, equipment and medium
Mejri et al. A new group Diffie-Hellman key generation proposal for secure VANET communications
CN114548418A (en) Secret sharing-based transverse federal IV algorithm
CN115801220A (en) Acceleration apparatus, computing system, and acceleration method
CN114024960B (en) Multiparty security computing method, device, system, storage medium and equipment
CN114139197A (en) Proxy security multi-party computing method, system, processing equipment and storage medium
WO2024078428A1 (en) Acceleration device, computing system, and acceleration method
Geng et al. Smart markers in smart contracts: Enabling multiway branching and merging in blockchain for decentralized runtime verification
CN113992439B (en) Distributed multi-party secure computing system, method and node
US11782758B2 (en) Distributed computing system and method of operation thereof
Hakiri et al. A Blockchain architecture for SDN-enabled tamper-resistant IoT networks
CN1988463A (en) Method and system for large message broadcast
Hegde et al. Attaining god beyond honest majority with friends and foes
US11977930B2 (en) Distributed computer system using correctness proof for partial evaluations in determining consensus
CN115603890A (en) Privacy calculation device and privacy calculation method
Koti et al. Poster MPClan: Protocol Suite for Privacy-Conscious Computations

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant