CN115801221A - Acceleration apparatus, computing system, and acceleration method - Google Patents

Acceleration apparatus, computing system, and acceleration method Download PDF

Info

Publication number
CN115801221A
CN115801221A CN202211241151.7A CN202211241151A CN115801221A CN 115801221 A CN115801221 A CN 115801221A CN 202211241151 A CN202211241151 A CN 202211241151A CN 115801221 A CN115801221 A CN 115801221A
Authority
CN
China
Prior art keywords
component
data
ciphertext
processing
acceleration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211241151.7A
Other languages
Chinese (zh)
Inventor
何倩雯
蒋佳立
邬贵明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Cloud Computing Ltd
Original Assignee
Alibaba Cloud Computing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Cloud Computing Ltd filed Critical Alibaba Cloud Computing Ltd
Priority to CN202211241151.7A priority Critical patent/CN115801221A/en
Publication of CN115801221A publication Critical patent/CN115801221A/en
Priority to PCT/CN2023/123473 priority patent/WO2024078428A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Abstract

The embodiment of the application provides an acceleration device, a computing system and an acceleration method. Wherein the acceleration apparatus includes: the device comprises a first storage component, a first acceleration component and a second acceleration component, wherein the first acceleration component and the second acceleration component are connected with the first storage component; the first storage component is connected with the first host processing component through a bus; the first storage component is used for storing a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component; the second acceleration component is used for acquiring a plurality of ciphertext data from the first storage component, and carrying out barrel division processing on the ciphertext data according to any characteristic to obtain a plurality of barrel division results; storing a plurality of barreled results to a first storage component; the first acceleration component is used for acquiring the plurality of barreled results from the first storage component; calculating ciphertext data in the same bucket result to obtain a ciphertext processing result; and storing the ciphertext processing results corresponding to the plurality of barrel dividing results to the first storage component. The technical scheme provided by the embodiment of the application improves the processing efficiency.

Description

Acceleration apparatus, computing system, and acceleration method
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to an accelerating device, a computing system and an accelerating method.
Background
With the development of scientific technology, data value is more and more emphasized, data fusion requirements often exist among different data providers, but due to the consideration of factors such as privacy protection, data among different data providers cannot be shared, and thus a data island is formed. In order to solve the problem of data islands, privacy calculation based on homomorphic encryption is carried out at present, and the method is intended to break the data islands, and utilizes multi-party data to carry out calculation, modeling and the like on the premise of not revealing data privacy.
Homomorphic encryption is an encryption algorithm with special natural attributes, data which is subjected to homomorphic encryption is processed to obtain output data, the output data is decrypted, the result of the output data is the same as the output result obtained by processing unencrypted original data in the same mode, namely, the calculation before decryption can be equivalent to the calculation after decryption, and the characteristic has important significance for protecting the data security.
In a practical application, a plurality of data providers have the same object, and in the case of different features, the following data joint processing needs exist: the data initiator performs homomorphic encryption on target data obtained by calculation based on the characteristic value of each object to obtain ciphertext data, and then provides the ciphertext data corresponding to the objects to the data receiver; the data receiver carries out barrel-dividing processing on the ciphertext data respectively corresponding to the plurality of objects according to different feature values aiming at each feature owned by the data receiver; and then the ciphertext data in each sub-bucket is calculated to obtain a ciphertext processing result, and the ciphertext processing result of each sub-bucket corresponding to each characteristic is returned to the data initiator, so that the data initiator can decrypt and obtain a plaintext processing result of each sub-bucket, and based on the plaintext processing result of each sub-bucket, subsequent processing operation can be performed, thereby realizing the purpose that the data initiator uses the characteristic of the data receiver to process data, and simultaneously protecting the data safety of both parties.
As can be seen from the above description, since it is necessary to perform sub-bucket on a plurality of ciphertext data and perform calculation processing on ciphertext data in each sub-bucket for each feature, the amount of operation is large, and processing efficiency is affected.
Disclosure of Invention
The embodiment of the application provides an acceleration device, a computing system and an acceleration method, which are used for solving the technical problem that the processing efficiency is influenced in the prior art.
In a first aspect, an embodiment of the present application provides an acceleration apparatus, including: the device comprises a first storage component, a first acceleration component and a second acceleration component, wherein the first acceleration component and the second acceleration component are connected with the first storage component; the first storage component is connected with the first host processing component through a bus;
the first storage component is used for storing a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component;
the second acceleration component is used for acquiring the plurality of ciphertext data from the first storage component, and performing barrel division processing on the plurality of ciphertext data according to any characteristic to obtain a plurality of barrel division results; storing the plurality of bucketized results to the first storage component;
the first acceleration component is used for acquiring the plurality of barreled results from the first storage component; calculating ciphertext data in the same bucket result to obtain a ciphertext processing result; respectively storing ciphertext processing results corresponding to the plurality of barrel dividing results to the first storage component;
the first storage component is used for providing ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component.
In a second aspect, an embodiment of the present application provides a computing system, including a first computing device and a second computing device, where the first computing device includes a first host processing component and an acceleration device as described in any one of the first aspect above;
the second computing device comprises a second host processing component and a second acceleration device; the second acceleration device comprises a second storage component and at least one third acceleration component; the second storage component is connected with the second host processing component through a bus;
the second storage component is used for storing a plurality of data to be processed sent by the second host processing component; the data to be processed is target data to be encrypted or a ciphertext processing result to be decrypted;
the third acceleration component is used for acquiring at least one piece of data to be processed from the second storage component; for any data to be processed, encrypting or decrypting the data to be processed to obtain a calculation processing result, and storing the calculation processing result in the second storage component;
the second host processing component is used for acquiring a calculation processing result corresponding to any data to be processed from the second storage component.
In a third aspect, an embodiment of the present application provides a computing device, including a host processing component, a host storage component, and an acceleration device as described in the first aspect above.
In a fourth aspect, an acceleration method is provided in an embodiment of the present application, and is applied to an acceleration device, where the acceleration device includes a first storage component, and a first acceleration component and a second acceleration component that are connected to the first storage component; the first storage component is connected with the first host processing component through a bus; the first storage component stores a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component; the method comprises the following steps:
obtaining the plurality of ciphertext data from the first storage component;
for any feature, carrying out barrel division processing on the plurality of ciphertext data to obtain a plurality of barrel division results;
storing the plurality of bucketing results to the first storage component; the first acceleration component is used for acquiring the plurality of barreled results from the first storage component; calculating ciphertext data in the same bucket dividing result to obtain a ciphertext processing result; respectively storing ciphertext processing results corresponding to the plurality of barrel dividing results to the first storage component; the first storage component is used for providing ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component.
The acceleration device provided by the embodiment of the application comprises a first storage component, a first acceleration component and a second acceleration component, wherein the first acceleration component and the second acceleration component are connected with the first storage component; the first storage component is connected with the first host processing component through a bus; the second acceleration component carries out barrel division processing, the first host processing component stores a plurality of ciphertext data in the first storage component, a plurality of characteristics can share the plurality of ciphertext data to carry out barrel division processing, then the first acceleration component obtains a barrel division result from the first storage component, and the ciphertext data in the same barrel division result is calculated to obtain a ciphertext processing result; the ciphertext processing result can be provided to the first host processing assembly through the first storage assembly, and the first host processing assembly only needs to perform data transmission once, so that barrel processing operation and calculation processing operation can be achieved by using the accelerating equipment, the operation amount of the host processing assembly is reduced, the processing efficiency is improved, the I/O overhead can be reduced, and the accelerating performance of the accelerating equipment is ensured.
These and other aspects of the present application will be more readily apparent from the following description of the embodiments.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a schematic diagram illustrating an embodiment of an acceleration apparatus provided herein;
FIG. 2 illustrates a schematic structural diagram of one embodiment of a second acceleration assembly provided herein;
FIG. 3 illustrates a schematic structural diagram of one embodiment of a first acceleration assembly provided herein;
FIG. 4 is a schematic structural diagram of an embodiment of a first arithmetic unit provided in the present application;
FIG. 5 is a schematic diagram illustrating an operation structure of a first operation unit in practical application according to an embodiment of the present application;
FIG. 6a is a schematic block diagram illustrating one embodiment of a computing system provided herein;
FIG. 6b is a schematic diagram illustrating an interaction scenario of the computing system provided in the present application in a practical application;
FIG. 7a is a schematic diagram illustrating an embodiment of a second acceleration device provided herein;
FIG. 7b illustrates a schematic structural diagram of one embodiment of a third acceleration assembly provided herein;
FIG. 8 is a flow chart illustrating one embodiment of an acceleration method provided herein;
FIG. 9 is a flow chart illustrating one embodiment of an acceleration method provided herein;
FIG. 10 is a block diagram illustrating one embodiment of a computing device provided herein.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
In some of the flows described in the specification and claims of this application and in the above-described figures, a number of operations are included that occur in a particular order, but it should be clearly understood that these operations may be performed out of order or in parallel as they occur herein, the number of operations, e.g., 101, 102, etc., merely being used to distinguish between various operations, and the number itself does not represent any order of performance. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different.
The technical solution of the embodiment of the present application may be applied to a multi-party data joint processing scenario, such as a multi-party joint modeling scenario, and the like, but the present application is not limited thereto.
As will be understood from the description in the background art, there is currently a need for joint processing of data: the data initiator calculates the obtained target data based on the characteristic value of each object, performs homomorphic encryption to obtain ciphertext data, and provides the ciphertext data corresponding to the plurality of objects to the data receiver; the data receiver carries out barrel-dividing processing on the ciphertext data respectively corresponding to the plurality of objects according to different feature values aiming at each feature owned by the data receiver; and then, the ciphertext data in each sub-bucket result is calculated to obtain a ciphertext processing result, the ciphertext processing result of each sub-bucket result corresponding to each characteristic is returned to the data initiator, the data initiator can decrypt and obtain a plaintext processing result of each sub-bucket result, and subsequent processing operation can be performed based on the plaintext processing result of each sub-bucket result.
In practical application, for example, the data joint processing requirement may exist in a scenario of performing multi-party joint modeling by using a federal learning manner, taking multi-party joint modeling as an example, where federal learning is a distributed machine learning manner, and can perform joint modeling by using multi-party data on the premise of protecting data privacy. The vertical federal learning is a commonly used federated learning mode, which means that feature data and label information of a sample object are distributed under different data providers to perform multiparty combined modeling, a plurality of data providers possess the same sample object, but different feature data, such as a data provider a and a data provider B possess the same user C, but the data provider a possesses academic data of the user C, and the data provider B possesses age data of the user C, wherein the academic data and the age data are feature data.
In a longitudinal federal learning mode, a decision tree model is a commonly used machine learning model, and the training of the decision tree model is mainly to find an optimal split point, where the split point is a specific value of certain feature data, for example, the tag data is that user C is a target group, and the split point may be that the age is less than 20 years old or that the age is less than 30 years old.
When training a decision tree model, the following method is generally adopted: the method comprises the steps that firstly, the active side determines gradient information corresponding to a model according to characteristic values and tag data of owned sample objects, then the gradient information is encrypted into ciphertext gradient information by using a homomorphic encryption mode and transmitted to the passive side, the passive side respectively calculates ciphertext gradient accumulated values of split spaces corresponding to each characteristic according to the ciphertext gradient information, and then the ciphertext gradient accumulated values are transmitted to the active side. The active side decrypts to obtain a gradient accumulated value, and the optimal splitting point can be finally determined according to the gradient accumulated values of the multiple characteristics. The method includes that a passive party needs to perform ciphertext accumulation on ciphertext gradient information obtained through homomorphic encryption, in order to improve training efficiency, a bucket dividing mode can be adopted, the passive party can divide the ciphertext gradient information corresponding to different sample objects into buckets according to characteristic values aiming at each piece of characteristic data, the ciphertext gradient information in each bucket dividing result is accumulated, a ciphertext gradient accumulated value corresponding to each bucket dividing result is sent to an active party, and the active party determines an optimal splitting point based on the ciphertext gradient accumulated values of each bucket dividing result.
As can be seen from the above description, the data receiver needs to perform the chunking for each feature and perform the corresponding calculation processing on the ciphertext gradient information in each chunking result, and because the calculation processing operations are usually completed by the processing components in the respective computing devices, the host processing component needs to perform the rest of the work, which results in a large amount of computation for the processing components, thereby affecting the processing performance and reducing the processing efficiency.
In order to improve the processing performance and the processing efficiency, the inventor finds in research that the cryptograph data obtained by encrypting with the homomorphic encryption algorithm is subjected to calculation processing, which essentially needs multiplication and addition of large integers to realize the processing and needs to consume more processing performance, so that a special accelerator can be used for calculating the cryptograph data to realize better processing performance, however, the inventor also finds that if the special accelerator is used, a host processing component is still required to perform barrel processing, the number of objects in practical application is often large, particularly in a combined modeling scene, a sample object is usually in the order of hundreds of thousands or even millions, the number of features is also very large, because barrel processing needs to be performed on each feature, a barrel result needs to be transmitted to the accelerator for each feature, and the data magnitude is: number of objects-number of features, which in turn introduces a large I/O overhead, causing an accelerated performance bottleneck.
Accordingly, the inventor has made a series of studies and proposed the technical solution of the present application, and an embodiment of the present application provides an acceleration apparatus, which is composed of a first storage component, a first acceleration component connected to the first storage component, and a second acceleration component; the first storage component is connected with the first host processing component through a bus; the second acceleration component carries out barrel division processing, the first host processing component only needs to send a plurality of ciphertext data corresponding to a plurality of objects once to be stored in the first storage component, a plurality of characteristics can share the plurality of ciphertext data to carry out barrel division processing, then the first acceleration component obtains a barrel division result from the first storage component, and carries out calculation processing on the ciphertext data in the same barrel division result to obtain a ciphertext processing result; the ciphertext processing result can be provided to the first host processing component through the first storage component, so that the host processing component only needs to perform data transmission once, the barrel processing and the calculation processing can be realized by utilizing the accelerating equipment, the calculation amount of the host processing component is reduced, the calculation processing operation is executed by utilizing the special accelerating equipment, the processing efficiency is improved, the I/O overhead of the accelerating equipment can be reduced, and the accelerating performance of the accelerating equipment is ensured.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Fig. 1 is a schematic structural diagram of an embodiment of an acceleration device according to an embodiment of the present disclosure, where the acceleration device may include a first storage component 101, and a first acceleration component 102 and a second acceleration component 103 respectively connected to the first storage component 101. The first storage component 101 and the first host processing component 100 are connected through a bus, and the bus type may be, for example, PCIE (peripheral component interconnect express, high speed serial computer extended bus standard), and of course, other high speed buses such as ethernet may also be used for interconnection, which is not limited in this application.
The acceleration device may be implemented by an Application Specific Integrated Circuit (ASIC) or a Field Programmable Gate Array (FPGA), or may also be implemented by a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a controller, a microcontroller, a microprocessor, or other Integrated Circuits (ICs), and the like, which is not limited in this application.
The acceleration device may be deployed in a first computing device that is in charge of conventional processing tasks and the like in the first computing device with respect to the acceleration device, a host device that may be referred to as the acceleration device, which may be, for example, a Central Processing Unit (CPU) or the like in the first computing device.
The first storage component 101 is configured to store a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component 100;
the second acceleration component 103 is configured to obtain multiple pieces of ciphertext data from the first storage component 101, and perform, for any feature, bucket partitioning on the multiple pieces of ciphertext data to obtain multiple bucket partitioning results; storing a plurality of barreled results to a first storage component 101;
the first acceleration component 102 is configured to obtain a plurality of bucketized results from the first storage component; calculating ciphertext data in the same bucket result to obtain a ciphertext processing result; respectively storing ciphertext processing results corresponding to the plurality of barrel dividing results into a first storage component;
the first storage component 101 is configured to provide ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component 100.
Each object may correspond to one ciphertext data, so that a plurality of objects correspond to a plurality of ciphertext data. The ciphertext data may be obtained by encrypting the target data by using a homomorphic encryption algorithm. In a practical application, such as a multi-party combined modeling scenario, the ciphertext data may refer to ciphertext gradient information, and is obtained by encrypting the gradient data by using a homomorphic encryption algorithm by a data initiator.
The first host processing component 100 may transmit a plurality of ciphertext data corresponding to a plurality of objects sent by the data sender to the first storage component 101 in the acceleration device for storage.
The first host processing component 100 may send corresponding indication information to the first storage component 101, the first acceleration component 102, and the second acceleration component 103 to initiate or trigger the respective components to perform corresponding operations. For example, after the first host processing component 100 stores a plurality of ciphertext data in the first storage component 101, the corresponding indication information may be sent to the second acceleration component 103, and the second acceleration component 103 may obtain the plurality of ciphertext data from the first storage component 101 based on the indication information. Of course, the first host processing component 100 may also notify the first storage component 101, the first acceleration component 102, and the second acceleration component 103 to start after receiving a plurality of ciphertext data sent by the data initiator, and the first storage component 101, the first acceleration component 102, and the second acceleration component 103 may trigger to execute respective operations in real time or periodically.
The second acceleration component 103 is responsible for the barrel dividing operation corresponding to each feature owned by the data receiver, and may perform barrel dividing processing on a plurality of ciphertext data for each feature to obtain a plurality of barrel dividing results corresponding to each feature. Then, the bucket dividing results corresponding to different characteristics may be stored in the first storage component 101, the second acceleration component 103 may further send a bucket dividing end notification to the first host processing component 100, and after the first host processing component 100 receives the bucket dividing end notification, the first acceleration component 102 may be notified to obtain a plurality of bucket dividing results, perform calculation processing, and the like.
Optionally, in order to improve the processing efficiency, the second acceleration component 103 may perform barrel processing on a plurality of ciphertext data respectively for a plurality of features in a parallel manner. The plurality of features may be notified by the first host processing component 100, and the like, the first host processing component 100 may divide the features to be processed into a plurality of groups, each group including the plurality of features, and after the bucket dividing operation corresponding to the plurality of features in any one group is finished, issue a plurality of features of another group.
After the first acceleration component 102 obtains a plurality of barrel division results from the first storage component 101, ciphertext data in the same barrel division result can be calculated to obtain a ciphertext processing result, and ciphertext processing results corresponding to the plurality of barrel division results are stored in the first storage component; optionally, the first acceleration component 102 may specifically perform computation processing on ciphertext data in the same partitioning result according to a target computation processing mode, and may determine a corresponding operation manner according to the target computation processing mode, specifically perform computation processing according to an operation manner corresponding to the target computation processing mode.
The target computing processing mode or the manner of operation may be signaled to the first acceleration component 102 by the first host processing component 100.
The target calculation processing mode may include ciphertext accumulation, ciphertext multiplication, ciphertext subtraction, and the like, for example, and in a multi-party combined modeling scenario, the target calculation processing mode may specifically refer to ciphertext accumulation.
The operation mode corresponding to the ciphertext accumulation may be a point addition operation, for example, in an ECC (Elliptic Curve Cryptography), the ciphertext accumulation means a point addition operation converted into two points on an Elliptic Curve. In a homomorphic encryption algorithm realized based on an elliptic curve, the point addition operation can be converted into arithmetic operations such as modular addition, modular multiplication and the like when being specifically executed.
After the first storage component 101 stores the ciphertext processing results corresponding to the plurality of chunking results, the first host processing component 100 may be notified, so that the first host processing component 100 may obtain the ciphertext processing results corresponding to the plurality of chunking results from the first storage component 100. Wherein, the first storage component can be realized by adopting an external memory with higher bandwidth, and the like.
The first host processing component 100 may send the ciphertext processing results corresponding to the plurality of sub-bucket results to the data initiator, so as to facilitate the data initiator to perform subsequent operations, for example, the data initiator may first decrypt to obtain plaintext processing results corresponding to the plurality of sub-bucket results corresponding to each feature, and then perform calculation processing on the plaintext processing results according to the target calculation processing mode; or the ciphertext processing results corresponding to the plurality of sub-bucket results corresponding to each feature may be calculated according to the target calculation processing mode, and then the processing results may be decrypted, and the like.
Through the accelerating device provided by the embodiment, the barrel dividing operation and the calculation processing operation can be executed by the accelerating device, and the host processing component only needs to transmit ciphertext data once and can be shared by a plurality of features to carry out the barrel dividing operation, so that the operation amount of the host processing component is reduced, the processing efficiency is improved, the I/O overhead can be reduced, and the accelerating performance of the accelerating device is ensured.
In some embodiments, as shown in fig. 1, the acceleration device may further include a bus interface 104, and the first computing device may be accessed by the bus interface 104 to implement the bus connection of the first acceleration component 102, the second acceleration component 103, and the first storage component 101 with the first host processing component 100 in the first computing device. The pluggable installation of the acceleration device in the first computing device can be realized by the bus interface 104.
In some embodiments, as shown in fig. 1, the acceleration device may further include a substrate 105, and the first storage component 101, the first acceleration component 102, and the second acceleration component 103 are soldered on the substrate 105 to electrically connect the first acceleration component 102 and the second acceleration component 103 with the first storage component 101, respectively.
The plurality of ciphertext data can be divided into a plurality of data intervals by carrying out barrel dividing processing on the plurality of ciphertext data, each data interval is similar to one barrel, and the ciphertext data contained in each data interval forms a barrel dividing result.
As an alternative, the second acceleration component 103 performs the barrel processing on the multiple pieces of ciphertext data for any feature, and obtaining multiple barrel results may include: and aiming at any characteristic, carrying out barrel division processing on the plurality of ciphertext data according to at least one characteristic value corresponding to the characteristic to obtain a plurality of barrel division results.
The partitioning operation may first partition the plurality of objects according to at least one feature value, and partition the plurality of objects respectively corresponding to the ciphertext data according to the partition results of the plurality of objects, so that the ciphertext data corresponding to the objects located in the same feature value interval are partitioned into the same partitioning result.
For example, if the object is a user and the characteristic is age, and the characteristic value includes 10 years, 20 years, and 30 years, the age can be divided into four age ranges of 0 to 10, 10 to 20, 20 to 30, and 30 to infinity (infinity) according to the 3 age values. According to the four age intervals, a plurality of users can be divided firstly and belonged to different age intervals, and then ciphertext data corresponding to the users in the same age area are divided into the same barrel, so that a plurality of barrel dividing results are obtained.
At least one feature value corresponding to each feature may be stored in the first storage component 100 by the first host processing component 100, and acquired from the first storage component 100 by the second acceleration component 103. Of course, since the data amount is small, the first host processing component 100 may directly send at least one feature value corresponding to each feature to the second acceleration component 103.
In addition, as another optional mode, the first storage component 101 is further configured to store bucket information that a plurality of objects sent by the first host processing component 100 correspond to different characteristics, respectively;
the second acceleration component 103 performs barrel division processing on the plurality of ciphertext data according to any feature, and obtaining a plurality of barrel division results includes: for any feature, determining barrel dividing information of the corresponding features of the plurality of objects; and dividing the ciphertext data corresponding to at least one object corresponding to the same sub-bucket information into the same sub-bucket so as to obtain a plurality of sub-buckets.
The bucket information may be, for example, a bucket identifier, which is used to uniquely identify a bucket, and may be implemented in the form of any one or more characters (such as a combination of numbers, letters, and the like), which is not limited in this application. The bucket information for the plurality of objects corresponding to different characteristics, respectively, may be determined by the first host processing component 100.
After the first host processing component 100 obtains the ciphertext data corresponding to each object, the first host processing component can combine a plurality of features owned by the data receiver, and for each feature, the plurality of objects can be divided according to at least one feature value corresponding to each feature, so that a feature value interval where each object is located can be determined, objects located in the same feature value interval are set to be the same sub-bucket information, and sub-bucket information corresponding to different feature value intervals is different. The first host processing component 100 may store the bucket information of each feature corresponding to each object in the first storage component 101, and the second acceleration component 103 may obtain the bucket information of each feature corresponding to a plurality of objects from the first storage component 101. Of course, since the data amount of the bucket information is small, the first host processing component 100 may also send the bucket information of the plurality of objects corresponding to different characteristics to the second acceleration component 103.
In some embodiments, as depicted in fig. 2, the second acceleration component 103 may include a data loading unit 201, a plurality of bucketing units 202, and a data storage unit 203.
A data loading unit 201, configured to obtain multiple pieces of ciphertext data from the first storage component 101, and provide the multiple pieces of ciphertext data to multiple barrel units, respectively; respectively distributing the characteristics to be processed for the plurality of barrel dividing units, and controlling the plurality of barrel dividing units to perform parallel processing on the distributed characteristics to be processed;
a barrel dividing unit 202, configured to perform barrel dividing processing on the multiple pieces of ciphertext data according to the characteristics allocated to the multiple pieces of ciphertext data, so as to obtain multiple barrel dividing results; sending the plurality of barrel dividing results to a storage unit;
and the data storage unit 203 is used for storing the plurality of barreling results sent by each barreling unit to the first storage component. The data storage unit may be implemented by a RAM (Random Access Memory).
Parallel processing of multiple features may be achieved by multiple binning units 202. Wherein, each barrel unit 202 can obtain at least one characteristic, and the at least one characteristic can perform barrel processing operation respectively according to a line processing mode.
Alternatively, each of the plurality of sub-bucket units 202 may be assigned a feature, and the first host processing component 100 may determine the number of features to be processed at a time in parallel according to the number of units of the plurality of sub-bucket units 202, which may be less than or equal to the number of units. The first host processing component 100 may select at least one feature according to the feature quantity, provide the sub-bucket information of the at least one feature corresponding to the plurality of objects to the acceleration device, so that the data loading unit 201 allocates the sub-bucket information of the at least one feature to the at least one sub-bucket unit 202 one by one, and each sub-bucket unit 202 may obtain the sub-bucket information of one feature, and further divide the ciphertext data corresponding to the at least one object corresponding to the same sub-bucket information into the same sub-bucket result for the allocated feature; of course, the first host processing component 100 may also select at least one feature according to the feature quantity, and provide at least one feature value corresponding to each of the at least one feature to the acceleration device, so that the data loading unit 201 allocates the at least one feature value corresponding to each of the at least one feature to at least one sub-bucket unit 202 one by one, and each sub-bucket unit 202 may obtain the at least one feature value of one feature, and then perform sub-bucket processing on the plurality of ciphertext data according to the at least one feature value corresponding to the feature allocated to the sub-bucket unit.
Since the calculation processing operation of the first acceleration component 101 on the ciphertext data is also large in operation amount, in order to further improve the processing efficiency and the acceleration performance, the first acceleration component 101 may include at least one first acceleration unit;
each first acceleration unit may be configured to obtain at least one partitioning result from the first storage component 101, and perform, for any partitioning result, calculation processing on multiple ciphertext data in the partitioning result according to a target calculation processing mode to obtain a ciphertext processing result; and storing the ciphertext processing result corresponding to any one bucket dividing result into the first storage component 101.
Alternatively, the first acceleration component 101 may be provided with a plurality of first acceleration units, so that the parallel processing capability, the processing efficiency and the acceleration performance can be improved.
In some embodiments, as shown in fig. 3, each of the first acceleration units may include a first control unit 301 and a plurality of first arithmetic units 302.
The first control unit 301 is configured to obtain at least one bucket dividing result from the first storage component 101; dispatching at least one of the bucketized results to at least one arithmetic unit 302;
the first arithmetic unit 302 is configured to perform, according to a target calculation processing mode, calculation processing on multiple ciphertext data in a sub-bucket result to obtain a ciphertext processing result, for any sub-bucket result assigned to the first arithmetic unit;
the first control unit 301 is configured to store a ciphertext processing result corresponding to any one of the barrel dividing results in the first storage component 101.
The parallel computing processing of a plurality of bucket dividing results can be realized through a plurality of first operation units 302, so that the processing efficiency is improved, and the acceleration performance is further ensured.
In some embodiments, as shown in fig. 3, each first acceleration unit 300 may further include a first storage unit 303;
the first operation unit 302 may be further configured to store a ciphertext processing result corresponding to any one of the sub-bucket results in the first storage unit 303;
the first control unit 301 may store the ciphertext processing result corresponding to any one of the sub-bucket results in the first storage component: the ciphertext processing result corresponding to any one of the bucket dividing results stored in the first storage unit 303 is stored in the first storage component 101.
In some embodiments, as shown in FIG. 3, each first acceleration unit 300 may further include a first load unit 304.
The first control unit 301 may specifically control the first load unit 304 to obtain at least one bucketing result from the first storage component 101.
Optionally, the first control unit 301 may perform a corresponding operation according to an instruction of the first host processing component 100, and therefore, in some embodiments, the first control unit 301 may be further configured to receive first control information sent by the first host processing component 100, and control the plurality of first arithmetic units 302, the first storage unit 303, and the first loading unit 304 to operate according to the first control information.
The first control information may include a first data total amount of at least one barrel result that needs to be obtained by the first acceleration unit 300, and a corresponding second data total amount after the at least one barrel result is subjected to calculation processing, and may further include a first storage address corresponding to the at least one barrel result that needs to be obtained, and a second storage address corresponding to at least one ciphertext processing result obtained after the at least one barrel result is subjected to calculation processing. The first control unit 301 may thus obtain at least one bucketizing result from the first storage component 101 according to the first total amount of data and the first storage address; and may control the first storage unit 303 to store the at least one ciphertext processing result to the first storage component 101 according to the second amount of data and the second storage address. Specifically, the first control unit 301 may specifically control the first load unit 304 to obtain at least one bucketing result from the first storage component 101 according to the first total amount of data and the first storage address.
The first control information may further include a target calculation processing mode or an operation method corresponding to the target calculation processing mode, and the first control unit 301 may notify the first operation unit 302 of the operation method corresponding to the first control information.
The first operation unit 302, for any one of the partitioned bucket results assigned thereto, performing calculation processing on a plurality of ciphertext data in the partitioned bucket result to obtain a ciphertext processing result includes: and aiming at any one sub-bucket result assigned to the sub-bucket, calculating a plurality of ciphertext data in the sub-bucket result according to an operation mode to obtain a ciphertext processing result.
In one or more embodiments, the operation manner corresponding to each target calculation mode may be configured with one or more corresponding operation instructions in advance, and the calculation processing on the plurality of ciphertext data in each partitioning result may be implemented by executing the one or more operation instructions.
In practical applications, each of the first arithmetic units 302 may be implemented by a programmable Processor (PC), which may store corresponding instructions to perform corresponding operations. In some embodiments, as shown in fig. 4, the first operation unit 302 may include a first storage subunit 401, a first parsing subunit 402, a first calculation subunit 403, and a first control subunit 404;
the first storage subunit 401 is configured to store one or more operation instructions corresponding to the target computing processing mode;
the first parsing subunit 402 is configured to parse one or more operation instructions;
the first control subunit 403 is configured to send calculation instruction information to the first calculation subunit 404 based on the analysis result of the first analysis unit;
a first calculating subunit 404, configured to perform calculation processing on the plurality of ciphertext data based on the calculation instruction information to obtain a ciphertext processing result.
The one or more operation instructions can be converted into corresponding calculation indication information after being analyzed so as to control the operation of the first calculation subunit.
Wherein, the first storage subunit can be implemented by using a RAM, etc.
In practical applications, the target calculation processing mode may be ciphertext accumulation, and the corresponding operation mode is a point addition operation. For example, the ciphertext data is encrypted by adopting a homomorphic encryption algorithm based on an elliptic curve, such as an EC-ELGamal semi-homomorphic acceleration algorithm. EC-ElGamal is one of ECC, and is realized by transplanting ElGamal onto an elliptic curve, and the main calculation is as follows: elliptic curve point addition, point subtraction, point multiplication, inverse modulo and discrete logarithm. While ElGamal is an asymmetric encryption algorithm based on Diffie-Hellman key exchange.
An EC-ELGamal semi-homomorphic encryption algorithm is used as an encryption formula, and the encryption formula is as follows:
Enc(P,m)=(C 1 =kG,C 2 =kP+mG)
wherein, P represents a public key, which is a point on an elliptic curve; g is a base point of the elliptic curve; k is a random number; m is plaintext data to be encrypted, i.e., target data, enc (P, m) represents ciphertext obtained by encryption, which is point-to-point data C 1 And C 2 And (4) forming.
The ciphertext addition formula is:
Enc(P,m 1 )+Enc(P,m 2 )
=(k 1 G,+k 2 G,(k 1 P+m 1 G)+(k 2 P+m 2 G))
the decryption formula is:
M=C 2 -sC 1
=mG
where M denotes the decryption result, s denotes the private key, and the private key multiplied by the base point is the public key, so sC1= s × kG = kP, and C2-sC1= mG.
It can be seen that encryption essentially requires the addition of the multiplication results of points on an elliptic curve and the multiplication results of points on two elliptic curves (point addition), ciphertext addition essentially is the point addition of an elliptic curve, and decryption requires the multiplication of points on an elliptic curve. The point multiplication essence line is composed of a scalar and a point, for example, the point multiplication kP includes a scalar k and a point P; the dot product operation mG includes a scalar m and a dot G.
While ciphertext addition means adding a plurality of ciphertext data, in some embodiments, the first calculating subunit 404, based on the calculation instruction information, performs calculation processing on the plurality of ciphertext data to obtain a ciphertext processing result, which may be: sequentially acquiring ciphertext data from the plurality of ciphertext data, performing point addition operation on the ciphertext data and a previous point addition result, determining whether the current accumulation frequency meets a preset frequency, if so, outputting a last point addition result as a ciphertext processing result, and if not, storing the point addition result into the first storage subunit 401. The first control unit may provide the plurality of ciphertext data to the first calculation subunit in the form of an input data stream.
In one implementation, the first storage subunit 401 may include a first instruction storage subunit, a first data storage subunit, and a first secondary number storage unit.
The first instruction storage unit is used for storing one or more operation instructions, the first data storage subunit is used for storing intermediate results in the calculation processing process, such as the previous dot-plus result, and the first time storage unit is used for storing preset times and the like.
Further, for a target calculation processing mode involving a dot product operation, the first storage subunit may further include a first scalar storage subunit for storing scalar data.
In an actual application, the operation diagram of the first operation unit 302 may be as shown in fig. 5, and the first instruction storage unit, the first analysis subunit, the first control subunit, the first data storage subunit, the first calculation subunit, the first sub-number storage subunit, and the first scalar storage subunit described in fig. 5 are described in detail above, and are not repeated here. As shown in connection with fig. 5, the first computing subunit may be provided with a base computing logic, which may include a first input a, a second input B, a third input C, and a fourth input D; the first input a may be from the input data stream or the first data storage subunit, the second input B, the third input C and the fourth input D may be from the first data storage subunit, although each input may be empty. Take the point addition operation corresponding to ciphertext accumulation as an example: ciphertext data acquired from an input data stream can enter a first input A, a previous point addition result is used as a second input B, a third input C and a fourth input D can be spaces, the first calculation subunit performs point addition, the first input A and the second input B perform point addition to acquire a point addition result, and the point addition result is stored in the first data storage subunit or is output as a ciphertext processing result.
In practical application of the embodiment of the application, the first computing device may be a computing device corresponding to a data receiving party responsible for computing the plurality of ciphertext data. The data initiator corresponds to the second computing device and is used for transmitting the ciphertext data and the like corresponding to the plurality of objects to the first computing device.
As shown in fig. 6a, embodiments of the present application also provide a computing system that may include a first computing device 60 and a second computing device 70.
The first computing device 60 may include the first host processing component 100 and the first acceleration device 601, and the specific structural implementation of the first acceleration device 601 may be described in any embodiment shown in fig. 1 to fig. 5, which is not repeated herein.
The second computing device 70 may include a second host processing component 700 and a second acceleration device 602.
That is, the second computing device 70 may also configure the second acceleration device 602 to implement acceleration processing of encryption or decryption operations, and so on, and therefore, the second acceleration device 602 may be configured to obtain a plurality of pieces of data to be processed, and encrypt or decrypt the data to be processed with respect to any piece of data to be processed, so as to obtain a result of the computing processing.
The data to be processed can be target data to be encrypted or a ciphertext processing result to be decrypted; accordingly, the calculation processing result may be ciphertext data or a plaintext processing result.
For the ciphertext data, the second host processing component 700 may obtain the ciphertext data corresponding to each of the plurality of objects from the second acceleration device 602 and send the ciphertext data to the first computing device 60.
For the plaintext processing result, the second host processing component 700 can obtain the plaintext processing result from the second acceleration device 602 and perform subsequent processing operations.
For example, in an actual application, the technical solution of the embodiment of the present application may be applied to a scenario of performing multi-party combined modeling by using a longitudinal federated learning manner, as shown in the interaction diagram shown in fig. 6b, the second acceleration device 602 in the second computing device 70 of the data initiator first encrypts gradient information corresponding to different sample objects to obtain ciphertext gradient information of a plurality of sample objects, where the gradient information is obtained by calculation using a decision tree model based on feature values and label data corresponding to the sample objects provided by the data initiator.
Then, the second acceleration device 602 sends the ciphertext gradient information of the plurality of sample objects to the second host processing component 700, and the second host processing component 700 sends the ciphertext gradient information of the plurality of sample objects to the first computing device 60 corresponding to the data receiving party.
After receiving the ciphertext gradient information of the plurality of sample objects, the first host processing component 100 in the first computing device 60 may send the ciphertext gradient information of the plurality of sample objects to the first acceleration device 601, where the first acceleration device 601 may first perform a barrel division process on the ciphertext gradient information of the plurality of sample objects according to different characteristics to obtain a plurality of barrel division results of each characteristic, and then may calculate ciphertext gradient accumulated values corresponding to the plurality of barrel division results of each characteristic, and then send the ciphertext gradient accumulated values corresponding to the plurality of barrel division results of each characteristic to the first host processing component 100; the first host processing component 100 then sends the ciphertext gradient accumulation values respectively corresponding to the plurality of sub-bucket results of each feature to the second computing device 70 of the data initiator.
The second host processing component 700 in the second computing device 70 receives the ciphertext gradient accumulation values corresponding to the plurality of barrel results of each feature, and may send the ciphertext gradient accumulation values to the second acceleration device 602.
The second acceleration device 602 may decrypt the feature to obtain gradient accumulated values corresponding to a plurality of the binned results of each feature, and then accumulate the gradient accumulated values of the plurality of the binned results of each feature to obtain a gradient accumulated value corresponding to the feature. Of course, the feature corresponding gradient accumulated value may be obtained by accumulating the ciphertext gradient accumulated values corresponding to the plurality of partial bucket results, and then decrypting the ciphertext gradient accumulated value corresponding to the feature to obtain the gradient accumulated value corresponding to the feature.
The second acceleration device 602 can send the gradient accumulation values corresponding to the respective plurality of features to the second host processing component 700.
The second host processing component 700 can determine an optimal split point of the decision tree model based on the gradient accumulation values corresponding to the plurality of features. And constructing a decision tree model according to the optimal split point.
The decision tree pattern may be an XGBoost (eXtreme Gradient Boosting) model or the like. Of course, other types of Decision Tree models are also possible, such as GBDT (Gradient Boosting Decision Tree), GBM (Gradient Boosting Machine), etc.
The gradient information may include a first order gradient and a second order gradient corresponding to each sample object, which are obtained by deriving a loss function of the decision tree model, and the feature values of the sample objects are input into the decision tree model, so as to obtain prediction data.
As can be seen from the above description, for the second computing device, when the data to be processed is target data to be encrypted, the target data may be gradient information corresponding to the decision tree model obtained by calculation based on the feature value and the tag data corresponding to the sample object provided by the data initiator;
under the condition that the data to be processed is the ciphertext processing result to be decrypted, the data to be processed can be the ciphertext processing result to be decrypted calculated according to any characteristic provided by a data receiver, wherein the ciphertext processing result to be decrypted can be a ciphertext gradient accumulated value, can be a ciphertext gradient accumulated value corresponding to each characteristic or a ciphertext gradient accumulated value corresponding to each barrel result, and the calculation processing result obtained by correspondingly decrypting the data to be processed is the gradient accumulated value.
A connection is established between first computing device 60 and second computing device 70 over a network. The network provides a medium for a communication link between first computing device 60 and second computing device 70. The network may include various connection types, such as wired, wireless, or fiber optic cables, among others. Optionally, the wireless connection mode may be implemented by a mobile network, and accordingly, the network format of the mobile network may be any one of 2G (GSM), 2.5G (GPRS), 3G (WCDMA, TD-SCDMA, CDMA2000, UTMS), 4G (LTE), 4G + (LTE +), 5G, wiMax, and the like. Alternatively, the communication connection may be established by bluetooth, wiFi, infrared or the like.
The first computing device 60 and the second computing device 70 may also include other components, such as an input/output interface, a display component, a communication component for implementing the communication connection, and a host storage component for storing computer instructions, so that the host processing component can call and execute corresponding operations, which is not described in detail herein.
As illustrated in fig. 7a, to further improve processing efficiency and speed performance, the second acceleration device may comprise a second storage element 701 and at least one third acceleration element 702; the second storage component 701 is connected with the second host processing component 700 through a bus;
the second storage component 701 is configured to store a plurality of to-be-processed data sent by the second host processing component 700; the data to be processed is target data to be encrypted or a ciphertext processing result to be decrypted;
the third acceleration component 702 is configured to obtain at least one piece of data to be processed from the second storage component; for any data to be processed, encrypting or decrypting the data to be processed to obtain a calculation processing result, and storing the calculation processing result in the second storage component 701;
the second host processing module 700 obtains a calculation result corresponding to any data to be processed from the second storage module 701.
Optionally, the second acceleration device may be provided with a plurality of third acceleration components 702, so that the parallel processing capability, the processing efficiency and the acceleration performance may be improved.
In some embodiments, as shown in fig. 7b, each third acceleration component 702 may include a second control unit 7021 and a plurality of second arithmetic units 7022;
the second control unit 7021 is configured to obtain at least one piece of data to be processed from the second storage component; dispatching at least one piece of data to be processed to at least one second arithmetic unit;
the second arithmetic unit 7022 is configured to encrypt or decrypt data to be processed, to obtain a calculation processing result, for any data to be processed assigned to the second arithmetic unit;
the second control unit 7021 is configured to store a calculation processing result corresponding to any data to be processed in the second storage component 701.
In some embodiments, each third acceleration component 702 can further include a second storage unit 7023; the second operation unit 7022 is further configured to store a calculation processing result corresponding to any data to be processed in the second storage unit 7023;
the second control unit 7021 storing the calculation processing result corresponding to any data to be processed to the second storage component 701 includes: the calculation processing result corresponding to any data to be processed stored in the second storage unit 7023 is stored in the second storage component 701.
In some embodiments, as shown in fig. 7b, each third acceleration component 702 may further comprise a second loading unit 7024. The second controlling unit 7021 may specifically control the second loading unit 7024 to obtain at least one piece of data to be processed from the second storage component 701.
In some embodiments, the second control unit 7021 is further configured to receive second control information sent by the second host processing assembly 700, and control the plurality of second operation units 7022 and the second storage unit 7023 to operate according to the second control information;
the second control unit 7021 is further configured to notify the second operation unit 7022 of a corresponding operation mode according to the second control information; the operation mode corresponding to encryption is point addition and point multiplication, and the operation mode corresponding to decryption is point multiplication.
The second control information may include a first data total amount of at least one to-be-processed data that needs to be acquired by the third acceleration component and a second data total amount corresponding to the at least one to-be-processed data after the at least one to-be-processed data is subjected to calculation processing, and may further include a first storage address corresponding to the at least one to-be-processed data that needs to be acquired and a second storage address corresponding to at least one calculation processing result obtained after the at least one to-be-processed data is subjected to calculation processing. Thus, the second control unit 7021 may specifically obtain at least one to-be-processed data from the second storage component 701 according to the first total data amount and the first storage address; and may control second storage unit 7023 to store at least one calculation processing result in second storage component 701 according to the second total amount of data and the second storage address. Specifically, the second control unit 7021 may specifically control the second loading unit 7024 to obtain at least one piece of data to be processed from the second storage component 701 according to the first total amount of data and the first storage address.
In addition, the second control information may further include an operation manner corresponding to encryption or decryption, and second control unit 7021 may specifically notify second operation unit 7022 of the corresponding operation manner according to the second control information;
the second operation unit 7022, for any one of the data to be processed assigned thereto, performing calculation processing on the data to be processed to obtain a calculation processing result includes: and processing the data to be processed according to the operation mode aiming at any data to be processed assigned to the data to be processed to obtain a calculation processing result.
The encryption or decryption corresponding operation mode may be configured with one or more corresponding operation instructions in advance, and the calculation processing of each to-be-processed data is realized by executing the one or more operation instructions. In some embodiments, the second operation unit 7022 may be implemented by a programmable Processor (PC), which may store corresponding instructions to perform corresponding operations, and the second operation unit 7022 may include a second storage subunit, a second parsing subunit, a second calculation subunit, and a second control subunit;
the second storage subunit is used for storing one or more operation instructions corresponding to encryption or decryption;
the second analysis subunit is used for analyzing one or more operation instructions;
the second control subunit is used for sending calculation indication information to the second calculation subunit based on the analysis result of the analysis unit;
and the second calculation subunit is used for performing calculation processing on the data to be processed based on the calculation indication information to obtain a calculation processing result.
The one or more operation instructions can be converted into corresponding calculation indication information after being analyzed so as to control the operation of the first calculation subunit.
Wherein, the second storage subunit can be implemented by using a RAM, etc.
In one implementation, the second storage subunit may include a second instruction storage subunit, a second data storage subunit, and a second secondary storage unit.
The second instruction storage unit is used for storing one or more operation instructions, the second data storage subunit is used for storing intermediate results in the calculation processing process, and the second time storage unit is used for storing preset times and the like.
Further, since the encryption operation involves a dot product operation, the second storage subunit may further include a first scalar storage subunit for storing scalar data.
It should be noted that the specific structural form of the second operation unit may be the same as the structure of the first operation unit 302 described in the corresponding embodiment, and therefore the specific implementation may be described in detail in the explanation of the first operation unit, and will not be repeated herein.
Through the technical scheme of the embodiment of the application, the processing efficiency of encryption or decryption operation in the second computing device and the processing efficiency of ciphertext accumulation operation in the first computing device can be improved, the operation amount of the host processing assembly can be reduced, the processing performance is improved, the acceleration performance is improved, and efficient and high-performance data combined processing is realized.
The first computing device and the second computing device may be physical machines, which may be physical machines providing cloud computing capabilities, and the like.
In addition, an acceleration method is further provided in an embodiment of the present application, where the method may be applied to an acceleration device as shown in fig. 1, where the acceleration device includes a first storage component, and a first acceleration component and a second acceleration component connected to the first storage component; the first storage component is connected with the first host processing component through a bus; the first storage component stores a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component; the specific structural implementation of the acceleration device may be described in detail in the corresponding embodiment, and details are not repeated here, and the method may be specifically executed by the second acceleration component in the acceleration device, as described in fig. 8, and the method may include the following steps:
801: a plurality of ciphertext data is obtained from a first storage component.
802: and aiming at any characteristic, carrying out barrel division processing on the plurality of ciphertext data to obtain a plurality of barrel division results.
803: and storing a plurality of barreled results to the first storage component.
The first acceleration component is used for acquiring a plurality of barreled results from the first storage component; calculating ciphertext data in the same bucket dividing result to obtain a ciphertext processing result; respectively storing ciphertext processing results corresponding to the plurality of barrel dividing results into a first storage component; the first storage component is used for providing ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component.
In addition, an acceleration method is further provided in an embodiment of the present application, where the method may be applied to an acceleration device as shown in fig. 1, where the acceleration device includes a first storage component, and a first acceleration component and a second acceleration component connected to the first storage component; the first storage component is connected with the first host processing component through a bus; the first storage component stores a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component; the specific structural implementation of the acceleration device may be described in detail in the corresponding embodiment, and details are not repeated here, and the method may be specifically executed by a first acceleration component in the acceleration device, as described in fig. 9, and the method may include the following steps:
901: a plurality of bucketing results are obtained from a first storage component.
The second acceleration component can acquire a plurality of ciphertext data from the first storage component, and for a plurality of characteristics, the plurality of ciphertext data are respectively subjected to barrel division to obtain the plurality of barrel division results.
902: and carrying out calculation processing on the ciphertext data in the same bucket result to obtain a ciphertext processing result.
903: and storing the ciphertext processing results corresponding to the plurality of barrel dividing results to the first storage component.
The first storage component is used for providing ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component.
It should be noted that, in the acceleration method described in the embodiment shown in fig. 8 and the acceleration method described in the embodiment shown in fig. 9, the specific manner of each step operation has been described in detail in the related apparatus embodiment, and will not be elaborated herein.
In addition, an embodiment of the present application further provides a computing device, as described in fig. 10, the computing device may include a host processing component 1001, a host storage component 1002, and an acceleration device 1003, where the acceleration device may adopt a structure described in any one of embodiments in fig. 1 to 5 or fig. 7a, and details of the structure are not repeated here.
The host storage component 1002 may store one or more computer instructions for the host processing component 1001 to call and execute to implement corresponding operations.
Of course, a computing device may also include other components as well, such as input/output interfaces, display components, communication components, and the like.
The input/output interface provides an interface between the processing components and peripheral interface modules, which may be output devices, input devices, etc. The communication component is configured to facilitate wired or wireless communication between the computing device and other devices, and the like.
The host processing component may include one or more processors executing computer instructions to perform all or part of the steps of the method described above. Of course, the host processing component may also be implemented as one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components configured to perform the above-described methods.
The host storage component is configured to store various types of data to support operations at the computing device. The host storage component may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
The acceleration device may be implemented using an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a controller, a microcontroller, a microprocessor, or other electronic components. The system can be connected with a host processing component in a bus mode and deployed in computing equipment in a hot plug mode.
The embodiment of the present application further provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a computer, the acceleration method of the embodiment shown in fig. 8 or fig. 9 may be implemented. The computer readable medium may be embodied in the computing device described in the above embodiments; or may exist separately without being assembled into the electronic device.
Embodiments of the present application further provide a computer program product, which includes a computer program carried on a computer-readable storage medium, and when the computer program is executed by a computer, the acceleration method as described in the embodiment shown in fig. 8 or fig. 9 may be implemented. In such embodiments, the computer program may be downloaded and installed from a network, and/or installed from a removable medium. The computer program, when executed by a processor, performs the various functions defined in the system of the present application.
It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment may be implemented by software plus a necessary general hardware platform, and may also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (14)

1. An acceleration apparatus, characterized by comprising: the device comprises a first storage component, a first acceleration component and a second acceleration component, wherein the first acceleration component and the second acceleration component are connected with the first storage component; the first storage component is connected with the first host processing component through a bus;
the first storage component is used for storing a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component;
the second acceleration component is used for acquiring the plurality of ciphertext data from the first storage component, and performing barrel division processing on the plurality of ciphertext data according to any characteristic to obtain a plurality of barrel division results; storing the plurality of bucketized results to the first storage component;
the first acceleration component is used for acquiring the plurality of barreled results from the first storage component; calculating ciphertext data in the same bucket dividing result to obtain a ciphertext processing result; respectively storing ciphertext processing results corresponding to the plurality of barrel dividing results to the first storage component;
the first storage component is used for providing ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component.
2. The apparatus of claim 1, wherein the second acceleration component performs, for any feature, a barrel processing on the plurality of ciphertext data, and wherein obtaining a plurality of barrel results comprises: for any feature, determining barrel information of the plurality of objects corresponding to the feature respectively; dividing ciphertext data respectively corresponding to at least one object corresponding to the same barrel dividing information into the same barrel dividing result so as to obtain a plurality of barrel dividing results; the method comprises the steps that a plurality of objects respectively correspond to barrel dividing information with different characteristics and are determined by a first host processing component;
the first storage component is further configured to store the bucket information, which is sent by the first host processing component and corresponds to different characteristics, of the plurality of objects.
3. The apparatus of claim 1, wherein the second acceleration component comprises a data loading unit, a plurality of bucketing units, and a data storage unit;
the data loading unit is used for acquiring the plurality of ciphertext data from the first storage component and respectively providing the plurality of ciphertext data to the plurality of barrel dividing units; the data loading unit is also used for respectively distributing the characteristics to be processed for the plurality of barrel dividing units and controlling the plurality of barrel dividing units to perform parallel processing on the distributed characteristics to be processed;
the barrel dividing unit is used for carrying out barrel dividing processing on the plurality of ciphertext data according to the characteristics distributed to the ciphertext data to obtain a plurality of barrel dividing results; sending the plurality of barrel dividing results to the storage unit;
the storage unit is used for storing a plurality of barreling results sent by each barreling unit to the first storage component.
4. The apparatus of claim 1, further comprising a base plate, the first storage assembly, the first acceleration assembly, and the second acceleration assembly being soldered on the base plate.
5. The apparatus of claim 1, wherein the first acceleration component comprises at least one first acceleration unit;
the first acceleration unit is used for acquiring at least one barrel dividing result from the first storage component, and calculating and processing a plurality of ciphertext data in the barrel dividing result according to a target calculation processing mode aiming at any barrel dividing result to acquire a ciphertext processing result; and storing the ciphertext processing result corresponding to any one bucket dividing result to the first storage component.
6. The apparatus according to claim 5, wherein the first acceleration unit comprises a first control unit and a plurality of first arithmetic units;
the first control unit is used for acquiring at least one barreling result from the first storage component; dispatching the at least one bucketized result to at least one arithmetic unit;
the first operation unit is used for calculating and processing a plurality of ciphertext data in the bucket dividing result according to a target calculation processing mode aiming at any bucket dividing result assigned to the first operation unit to obtain a ciphertext processing result;
the first control unit is used for storing a ciphertext processing result corresponding to any one bucket dividing result to the first storage component.
7. The apparatus of claim 6, wherein the first acceleration unit further comprises a first storage unit; the first operation unit is further configured to store a ciphertext processing result corresponding to any one of the bucket dividing results in the first storage unit;
the first control unit storing the ciphertext processing result corresponding to any one of the bucket dividing results to the first storage component comprises: and storing a ciphertext processing result corresponding to any one of the bucket dividing results stored in the first storage unit into the first storage component.
8. The apparatus according to claim 7, wherein the first control unit is further configured to receive first control information sent by the first host processing component, and control the plurality of first arithmetic units and the first storage unit to operate according to the first control information;
the first control unit is further configured to notify the first arithmetic unit of a corresponding arithmetic manner according to the first control information;
the first operation unit, aiming at any one of the partitioned bucket results, performing calculation processing on a plurality of ciphertext data in the partitioned bucket result to obtain a ciphertext processing result comprises: and processing a plurality of ciphertext data in the bucket dividing result according to the operation mode aiming at any bucket dividing result assigned to the bucket dividing result to obtain a ciphertext processing result.
9. The apparatus of claim 6, wherein the first arithmetic unit comprises a first storage subunit, a first parsing subunit, a first computation subunit, and a first control subunit;
the first storage subunit is used for storing one or more operation instructions corresponding to the target calculation processing mode;
the first analysis subunit is used for analyzing the one or more operation instructions;
the first control subunit is used for sending calculation indication information to the first calculation subunit based on the analysis result of the analysis unit;
and the first calculation subunit is configured to perform calculation processing on the plurality of ciphertext data based on the calculation instruction information to obtain a ciphertext processing result.
10. The apparatus according to claim 9, wherein the target computing processing mode is ciphertext accumulation, and the operation mode is a dot-and-add operation;
the first calculation subunit performs calculation processing on the plurality of ciphertext data based on the calculation instruction information to obtain a ciphertext processing result, and includes: and sequentially acquiring ciphertext data from the plurality of ciphertext data, performing point addition operation with a previous point addition result, determining whether the current accumulation frequency meets a preset frequency, if so, outputting the last point addition result as a ciphertext processing result, and if not, storing the point addition result into the first storage subunit.
11. A computing system comprising a first computing device and a second computing device, the first computing device comprising a first host processing component and an acceleration device of any of claims 1-10;
the second computing device comprises a second host processing component and a second acceleration device; the second acceleration device comprises a second storage component and at least one third acceleration component; the second storage component is connected with the second host processing component through a bus;
the second storage component is used for storing a plurality of data to be processed sent by the second host processing component; the data to be processed is target data to be encrypted or a ciphertext processing result to be decrypted;
the third acceleration component is used for acquiring at least one piece of data to be processed from the second storage component; for any data to be processed, encrypting or decrypting the data to be processed to obtain a calculation processing result, and storing the calculation processing result in the second storage component;
the second host processing component is used for acquiring a calculation processing result corresponding to any data to be processed from the second storage component.
12. The system according to claim 11, wherein when the data to be processed is target data to be encrypted, the target data is gradient information corresponding to a decision tree model obtained by calculation based on a feature value and label data corresponding to a sample object provided by a data initiator;
alternatively, the first and second liquid crystal display panels may be,
under the condition that the data to be processed is a ciphertext processing result to be decrypted, specifically, the data to be processed is a ciphertext processing result to be decrypted obtained by calculation aiming at any characteristic provided by a data receiver, and the calculation processing result corresponding to the ciphertext processing result is a gradient accumulated value; the second host processing component is further configured to determine an optimal split point of the decision tree model based on the gradient accumulation values corresponding to the plurality of features.
13. A computing device comprising a host processing component, a host storage component, and an acceleration device of any of claims 1-10.
14. The acceleration method is applied to acceleration equipment, and the acceleration equipment comprises a first storage component, a first acceleration component and a second acceleration component, wherein the first acceleration component and the second acceleration component are connected with the first storage component; the first storage component is connected with the first host processing component through a bus; the first storage component stores a plurality of ciphertext data corresponding to a plurality of objects sent by the first host processing component; the method comprises the following steps:
obtaining the plurality of ciphertext data from the first storage component;
for any feature, carrying out barrel division processing on the plurality of ciphertext data to obtain a plurality of barrel division results;
storing the plurality of bucketing results to the first storage component; the first acceleration component is used for acquiring the plurality of barreled results from the first storage component; calculating ciphertext data in the same bucket dividing result to obtain a ciphertext processing result; respectively storing ciphertext processing results corresponding to the plurality of barrel dividing results to the first storage component; the first storage component is used for providing ciphertext processing results corresponding to the plurality of barrel dividing results to the first host processing component.
CN202211241151.7A 2022-10-11 2022-10-11 Acceleration apparatus, computing system, and acceleration method Pending CN115801221A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202211241151.7A CN115801221A (en) 2022-10-11 2022-10-11 Acceleration apparatus, computing system, and acceleration method
PCT/CN2023/123473 WO2024078428A1 (en) 2022-10-11 2023-10-09 Acceleration device, computing system, and acceleration method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211241151.7A CN115801221A (en) 2022-10-11 2022-10-11 Acceleration apparatus, computing system, and acceleration method

Publications (1)

Publication Number Publication Date
CN115801221A true CN115801221A (en) 2023-03-14

Family

ID=85432823

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211241151.7A Pending CN115801221A (en) 2022-10-11 2022-10-11 Acceleration apparatus, computing system, and acceleration method

Country Status (2)

Country Link
CN (1) CN115801221A (en)
WO (1) WO2024078428A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024078428A1 (en) * 2022-10-11 2024-04-18 杭州阿里云飞天信息技术有限公司 Acceleration device, computing system, and acceleration method

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111464282B (en) * 2019-01-18 2024-04-26 百度在线网络技术(北京)有限公司 Homomorphic encryption-based data processing method and device
CN112751852B (en) * 2020-12-29 2022-10-11 平安普惠企业管理有限公司 Data transmission method and related equipment
CN112989368B (en) * 2021-02-07 2022-05-17 支付宝(杭州)信息技术有限公司 Method and device for processing private data by combining multiple parties
CN114039785B (en) * 2021-11-10 2024-02-27 奇安信科技集团股份有限公司 Data encryption, decryption and processing methods, devices, equipment and storage medium
CN115801220A (en) * 2022-10-11 2023-03-14 阿里云计算有限公司 Acceleration apparatus, computing system, and acceleration method
CN115801221A (en) * 2022-10-11 2023-03-14 阿里云计算有限公司 Acceleration apparatus, computing system, and acceleration method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024078428A1 (en) * 2022-10-11 2024-04-18 杭州阿里云飞天信息技术有限公司 Acceleration device, computing system, and acceleration method

Also Published As

Publication number Publication date
WO2024078428A1 (en) 2024-04-18

Similar Documents

Publication Publication Date Title
CN108809623B (en) Secure multiparty computing method, device and system
CN115801220A (en) Acceleration apparatus, computing system, and acceleration method
CN110750801A (en) Data processing method, data processing device, computer equipment and storage medium
CN112070222B (en) Processing device, accelerator and method for federal learning
CN112732297B (en) Method and device for updating federal learning model, electronic equipment and storage medium
US20200044832A1 (en) System and method for quantum resistant public key encryption
CN111680307A (en) Distributed data encryption method and device, cloud storage server and storage medium
CN112910639A (en) Quantum encryption service transmission method under multi-domain scene and related equipment
CN111555880B (en) Data collision method and device, storage medium and electronic equipment
CN110378128A (en) Data ciphering method, device and terminal device
WO2024078428A1 (en) Acceleration device, computing system, and acceleration method
Taha et al. An improved security schema for mobile cloud computing using hybrid cryptographic algorithms
JP2023114996A (en) Correlation coefficient acquisition method, apparatus, electronic device and storage medium
CN109428876B (en) Handshake connection method and device
CN112949866A (en) Poisson regression model training method and device, electronic equipment and storage medium
CN115795522B (en) Multi-core concurrent high-speed cryptographic engine data processing method and device
CN114726524B (en) Target data sorting method and device, electronic equipment and storage medium
CN115022012B (en) Data transmission method, device, system, equipment and storage medium
CN110570309A (en) Method and system for replacing leader of blockchain network
CN115909560A (en) Data encryption method, data decryption method and door lock system
CN113452513B (en) Key distribution method, device and system
CN111224921A (en) Secure transmission method and secure transmission system
CN108768994A (en) Data matching method, device and computer readable storage medium
CN110708154B (en) Virtual machine migration method, system, terminal and storage medium
CN111931204A (en) Encryption and de-duplication storage method and terminal equipment for distributed system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination