CN116366342A - Privacy calculation method and system - Google Patents

Privacy calculation method and system Download PDF

Info

Publication number
CN116366342A
CN116366342A CN202310342857.0A CN202310342857A CN116366342A CN 116366342 A CN116366342 A CN 116366342A CN 202310342857 A CN202310342857 A CN 202310342857A CN 116366342 A CN116366342 A CN 116366342A
Authority
CN
China
Prior art keywords
calculation
platform
ciphertext
holder
plaintext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310342857.0A
Other languages
Chinese (zh)
Inventor
陈勇
沈红丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yinmang Shanghai Technology Co ltd
Original Assignee
Yinmang Shanghai Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yinmang Shanghai Technology Co ltd filed Critical Yinmang Shanghai Technology Co ltd
Priority to CN202310342857.0A priority Critical patent/CN116366342A/en
Publication of CN116366342A publication Critical patent/CN116366342A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a privacy computing method and a privacy computing system, comprising the following steps: a privacy computing platform and a number of data holders; the privacy computing platform includes: the platform data transceiver, the scheduler, the platform computing engine and the platform cache layer; the data holder includes: the system comprises a holder data transceiver, a resolver, a holder computing engine and a holder cache layer. The beneficial effects of the invention are as follows: and the efficiency of privacy calculation is improved. The computing initiator is provided with the analyzer to analyze the computing instruction, so that the load of the privacy computing platform is greatly reduced. The data holder can directly adopt plaintext calculation, and compared with the mode of uploading the ciphertext and calculating by a privacy calculating platform, the calculation efficiency is remarkably improved. The data holder participates in primary calculation, the data volume needing to be encrypted is greatly reduced, only the result after calculation is uploaded by encryption, the data transmission efficiency is high, excessive data transmission is not involved, and the safety performance is good.

Description

Privacy calculation method and system
Technical Field
The invention relates to the field of private data processing, in particular to a privacy calculation method and a system.
Background
Privacy calculations are a technique to securely calculate a commitment function without the computing participants sharing the respective data and without a trusted third party. Through a secure algorithm and protocol, the data in the plaintext form is encrypted or converted by the computing party and then provided for other parties, and the data in the plaintext form of other parties cannot be contacted by other computing parties, so that the security of the data of each party is ensured.
The traditional privacy computing system adopts a privacy computing platform as a trusted platform, and data of each data holder are called for computing. In the conventional privacy computing process, the data holder only provides data, and the privacy computing platform invokes the data of the data holder to perform computing. The data volume is larger, the transmission time is long, and the calculation efficiency is affected.
If the data transmitted by the data holding direction privacy computing platform is not encrypted, the risk of hijacking and disclosure exists. In order to ensure the security in the data transmission process, the data holder needs to encrypt the data called by the privacy computing platform, and the encryption of a large amount of data occupies the larger performance of the data holder. The main data acquired by the privacy computing platform are ciphertext data, and the ciphertext computing is far slower than the plaintext computing, so that a large amount of ciphertext data are computed, more performances of the privacy computing platform are occupied, and meanwhile, the computing efficiency is low.
Disclosure of Invention
The present invention is directed to a privacy computing method and system, which solve the above-mentioned problems in the prior art.
In order to achieve the above purpose, the present invention provides the following technical solutions:
a privacy computing method is applied to a privacy computing system, and the privacy computing system comprises: a privacy computing platform and a number of data holders; the privacy computing platform includes: the platform data transceiver, the scheduler, the platform computing engine and the platform cache layer; the data holder includes: the data transceiver of the holder, the resolver, the calculation engine of the holder and the buffer layer of the holder; the holder computing engine and the platform computing engine both comprise a plaintext computing engine and a ciphertext computing engine; the platform cache layer and the holder cache layer are respectively provided with a plaintext cache and a ciphertext cache which are respectively called by a plaintext calculation engine and a ciphertext calculation engine to calculate;
a privacy computing method comprising the steps of:
step 1, a parser parses a computation request into specific plaintext computation instructions and ciphertext computation instructions corresponding to each data holder and a privacy computation platform, and the plaintext computation instructions and ciphertext computation instructions parsed in the parsing process of the parser and executed by a local holder computation engine are synchronously computed by the local holder computation engine;
step 2, the holder data receiver sends the preliminary calculation result calculated by the local holder calculation engine and the specific plaintext calculation instructions and ciphertext calculation instructions of other data holders and privacy calculation platforms except the calculation request initiator which are analyzed by the analyzer to the platform data receiver;
step 3, the dispatcher distributes the specific plaintext calculation instruction and ciphertext calculation instruction to each corresponding data holder;
step 4, each data holder executes the received plaintext calculation instruction and ciphertext calculation instruction and uploads the calculation result to the privacy calculation platform;
and 5, executing final calculation by a platform calculation engine of the privacy calculation platform, and feeding back a calculation result to a calculation request initiator.
As a further scheme of the invention: in step 2, the holder data transceiver also transmits the unresolved calculation request to the platform data transceiver at the same time, and the privacy calculation platform performs backup of the calculation request for audit of calculation security.
As a further scheme of the invention: in step 5, the platform data transceiver receives data information sent by all data holders, and stores a plaintext calculation result and a ciphertext settlement result of the preliminary calculation result into a plaintext buffer and a ciphertext buffer of a platform buffer respectively, and the platform calculation engine calls the plaintext buffer and the ciphertext buffer of the platform buffer to carry out final calculation; the holder cache layer of the calculation request initiator converts the ciphertext into plaintext so as to obtain a calculation result.
As a further scheme of the invention: the data holder's calculation results are all converted into ciphertext before uploading to the privacy computing platform.
As a further scheme of the invention: the platform cache layer and the holder cache layer perform conversion between ciphertext and plaintext.
As a further scheme of the invention: in step 1, a plaintext calculation instruction and a ciphertext calculation instruction which are analyzed by an analyzer contain a data holder identifier and a plaintext ciphertext instruction identification identifier;
in step 3, the dispatcher does not identify specific plaintext calculation instructions and ciphertext calculation instructions, and distributes the plaintext calculation instructions and ciphertext calculation instructions only by identifying the data holder identification.
In step 4, the holder computing engine recognizes the plaintext and ciphertext instruction recognition mark so as to instruct the corresponding plaintext computing engine or ciphertext computing engine to perform computation;
in step 5, the platform computing engine recognizes the plaintext and ciphertext instruction recognition identifier so as to instruct the corresponding plaintext computing engine or ciphertext computing engine to perform computation.
A privacy computing system, comprising: a privacy computing platform and a number of data holders;
the privacy computing platform includes: the platform data transceiver, the scheduler, the platform computing engine and the platform cache layer; the data holder includes: the data transceiver of the holder, the resolver, the calculation engine of the holder and the buffer layer of the holder;
the holder computing engine and the platform computing engine both comprise a plaintext computing engine and a ciphertext computing engine; the platform cache layer and the holder cache layer are respectively provided with a plaintext cache and a ciphertext cache which are respectively called by a plaintext calculation engine and a ciphertext calculation engine to calculate; the platform data transceiver and the holder data transceiver are both used for receiving and transmitting data; the parser parses the computation request into specific plaintext computation instructions and ciphertext computation instructions corresponding to the respective data holders and the privacy computation platform; the dispatcher distributes the specific plaintext calculation instruction and ciphertext calculation instruction to corresponding data holders;
the method comprises the steps that in the resolving process of a resolver, a clear text calculation instruction and a ciphertext calculation instruction which are resolved and need to be executed by a local holder calculation engine are synchronously calculated by the local holder calculation engine;
the holder data receiver sends the preliminary calculation result calculated by the local holder calculation engine and specific plaintext calculation instructions and ciphertext calculation instructions of other data holders and privacy calculation platforms except the calculation request initiator which are analyzed by the analyzer to the platform data receiver;
the privacy computing platform obtains the plaintext computing results and the ciphertext settlement results of the computation engines of the owners of all the data owners and stores the plaintext computing results and the ciphertext settlement results into a plaintext cache and a ciphertext cache of a platform cache layer respectively; and the platform computing engine calls a plaintext buffer and a ciphertext buffer of the platform buffer layer to carry out final computation, and feeds back a computation result to a computation request initiator.
As a further scheme of the invention: the holder data transceiver also transmits the unresolved calculation request to the platform data transceiver at the same time, and the privacy calculation platform performs backup of the calculation request for audit of calculation security.
As a further scheme of the invention: the platform cache layer and the holder cache layer perform conversion between ciphertext and plaintext.
As a further scheme of the invention: the plaintext calculation instruction and the ciphertext calculation instruction analyzed by the analyzer contain a data holder identifier and a plaintext ciphertext instruction identification identifier;
the dispatcher does not identify specific plaintext calculation instructions and ciphertext calculation instructions, and distributes the plaintext calculation instructions and ciphertext calculation instructions only by identifying the identification of the data holder;
the platform computing engine and the holder computing engine recognize the plaintext and ciphertext instruction recognition identifiers.
The invention has the advantages that: and the efficiency of privacy calculation is improved. The computing initiator is provided with the analyzer to analyze the computing instructions, so that the load of the privacy computing platform is greatly reduced, the performance requirement on the privacy computing platform is reduced, and more privacy computing services can be supported under the condition of the same performance.
The computing initiator firstly completes the preliminary computation which can be processed by the computing initiator, and then communicates the computing requirement to the privacy computing platform. The interaction flow is reduced, the privacy computing platform is not required to return specific computing demands, and meanwhile, the problem that the privacy computing platform waits for a long time due to the fact that the computing amount of a computing initiator is large is avoided. Helping to save performance of the privacy computing platform.
Compared with the traditional pure ciphertext calculation mode, the plaintext calculation mode has the advantages that calculation time is shortened, and calculation time and calculation performance are saved. Under the condition that data interaction leakage does not exist, a plaintext calculation mode is adopted as much as possible, and the calculation efficiency is improved.
And each calculation instruction is calculated by the data holder respectively, so that the calculation efficiency is greatly improved compared with the mode of uniformly carrying out all calculation by the privacy calculation platform. In addition, the data holder can directly adopt plaintext calculation when calculating the original data, so that the calculation efficiency is remarkably improved compared with the mode of converting ciphertext to upload and calculating by a privacy calculation platform. The data holder participates in primary calculation, the data volume needing to be encrypted is greatly reduced, only the result after calculation is uploaded by encryption, the data transmission efficiency is high, excessive data transmission is not involved, and the safety performance is good.
When calculating the calculation sent by the initiator, an unresolved calculation request, a preliminary calculation result of the calculation initiator and an resolved specific calculation instruction are synchronously sent. The unresolved computing requests are backed up on the private computing platform to facilitate subsequent auditing. And all specific calculation instructions are not required to be stored, and the calculation requests which are not analyzed are stored, so that the auditing is convenient, and the auditing task quantity is reduced.
Other features and advantages of the present invention will be disclosed in the following detailed description of the invention and the accompanying drawings.
Drawings
FIG. 1 is a block diagram of the architecture of a privacy computing system of the present invention;
FIG. 2 is a block diagram of the data holder of the privacy computing system of FIG. 1;
FIG. 3 is a block diagram of the privacy computing platform of the privacy computing system of FIG. 1;
fig. 4 is a flow chart of privacy calculations of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1 to 4, a privacy computing system includes: a privacy computing platform and a number of data holders.
The privacy computing platform includes: the platform data transceiver, the scheduler, the platform computing engine and the platform cache layer.
The data holder includes: the system comprises a holder data transceiver, a resolver, a holder computing engine and a holder cache layer.
The holder computing engine and the platform computing engine each include a plaintext computing engine and a ciphertext computing engine. The platform cache layer and the holder cache layer are respectively provided with a plaintext cache and a ciphertext cache which are respectively called by a plaintext calculation engine and a ciphertext calculation engine to calculate. Specifically, the platform cache layer and the holder cache layer perform conversion between ciphertext and plaintext. The platform data transceiver and the holder data transceiver are both used for receiving and transmitting data. The parser parses the computation request into specific plaintext computation instructions and ciphertext computation instructions corresponding to the respective data holders and the privacy computation platform. The dispatcher distributes the specific plaintext calculation instructions and ciphertext calculation instructions to the corresponding respective data holders.
As a specific embodiment, the plaintext calculation instruction and the ciphertext calculation instruction which are analyzed in the process of analyzing by the analyzer and need to be executed by the local holding party calculation engine are synchronously calculated by the local holding party calculation engine.
The holder data receiver sends the preliminary calculation result calculated by the local holder calculation engine and specific plaintext calculation instructions and ciphertext calculation instructions of other data holders and privacy calculation platforms except the calculation request initiator which are analyzed by the analyzer to the platform data receiver. As a specific embodiment, the holder data transceiver also sends the unresolved calculation request to the platform data transceiver at the same time, and the privacy calculation platform performs backup of the calculation request for audit of calculation security. The holder data receiver sends the preliminary calculation result, the plaintext calculation instruction and the ciphertext calculation instruction and the unresolved calculation request to the platform data receiver at the same time. The unresolved computing request, i.e., the original computing request, is used to backup on the private computing platform to facilitate the audit of computing security.
The synchronous sending of the calculation results does not require the privacy calculation platform to re-invoke the holder calculation engine of the calculation initiator for calculation. The interactive flow is reduced.
The plaintext calculation instruction and the ciphertext calculation instruction which are analyzed by the analyzer contain a data holder identification and a plaintext ciphertext instruction identification. The dispatcher does not identify specific plaintext calculation instructions and ciphertext calculation instructions, and distributes the plaintext calculation instructions and ciphertext calculation instructions only by identifying the data holder identification. The platform computing engine and the holder computing engine recognize the plaintext and ciphertext instruction recognition identifiers. The privacy computing platform does not need to set a parser, and the parsing instruction only sets a scheduler. Instead of identifying specific computing instructions, the scheduler simply performs the allocation of computing tasks. The computing initiator is provided with the analyzer to analyze the computing instructions, so that the load of the privacy computing platform is greatly reduced, the performance requirement on the privacy computing platform is reduced, and more privacy computing services can be supported under the condition of the same performance.
Compared with the traditional pure ciphertext calculation mode, the plaintext calculation mode adopts a mode of paralleling plaintext calculation instructions and ciphertext calculation instructions, so that calculation time is shortened, and calculation time and calculation performance are saved.
The privacy computing platform obtains the plaintext computing results and the ciphertext settlement results of the computation engines of the data holders and stores the plaintext computing results and the ciphertext settlement results in a plaintext cache and a ciphertext cache of the platform cache layer respectively. And the platform computing engine calls a plaintext buffer and a ciphertext buffer of the platform buffer layer to carry out final computation, and feeds back a computation result to a computation request initiator.
A privacy computing method comprising the steps of:
step 1, a parser parses a computation request into specific plaintext computation instructions and ciphertext computation instructions corresponding to each data holder and a privacy computation platform, and the plaintext computation instructions and ciphertext computation instructions parsed in the parsing process of the parser and executed by a local holder computation engine are synchronously computed by the local holder computation engine;
step 2, the holder data receiver sends the preliminary calculation result calculated by the local holder calculation engine and the specific plaintext calculation instructions and ciphertext calculation instructions of other data holders and privacy calculation platforms except the calculation request initiator which are analyzed by the analyzer to the platform data receiver;
step 3, the dispatcher distributes the specific plaintext calculation instruction and ciphertext calculation instruction to each corresponding data holder;
step 4, each data holder executes the received plaintext calculation instruction and ciphertext calculation instruction and uploads the calculation result to the privacy calculation platform;
and 5, executing final calculation by a platform calculation engine of the privacy calculation platform, and feeding back a calculation result to a calculation request initiator.
As a specific implementation manner, in step 2, the holder data transceiver also sends the unresolved calculation request to the platform data transceiver at the same time, and the privacy calculation platform performs backup of the calculation request for audit of calculation security.
In step 5, the platform data transceiver receives data information sent by all data holders, and stores the plaintext calculation result and the ciphertext settlement result of the preliminary calculation result into the plaintext buffer and the ciphertext buffer of the platform buffer respectively, and the platform calculation engine calls the plaintext buffer and the ciphertext buffer of the platform buffer to perform final calculation; the holder cache layer of the calculation request initiator converts the ciphertext into plaintext so as to obtain a calculation result.
As a specific embodiment, the data holder's calculation results are all converted into ciphertext before uploading to the privacy computing platform.
As a specific embodiment, the platform caching layer and the holder caching layer perform the conversion between ciphertext and plaintext.
In step 1, the plaintext calculation instruction and the ciphertext calculation instruction that are parsed by the parser include a data holder identifier and a plaintext ciphertext instruction identification identifier;
in step 3, the dispatcher does not identify specific plaintext calculation instructions and ciphertext calculation instructions, and distributes the plaintext calculation instructions and ciphertext calculation instructions only by identifying the data holder identification.
In step 4, the holder computing engine recognizes the plaintext and ciphertext instruction recognition mark so as to instruct the corresponding plaintext computing engine or ciphertext computing engine to perform computation;
in step 5, the platform computing engine recognizes the plaintext and ciphertext instruction recognition identifier so as to instruct the corresponding plaintext computing engine or ciphertext computing engine to perform computation.
To facilitate an understanding of the privacy computing methods and systems of the present application, the following is illustrated with one specific computing requirement. For example, calculating the difference between the maximum and minimum values of some type of index.
The computing initiator parses the computing request into specific plaintext computing instructions and ciphertext computing instructions for each data holder and privacy computing platform for the parser.
The calculation request is parsed into the following calculation instructions.
A first calculation instruction, wherein each data holder respectively reads the database and screens the data meeting the index of the type from the database; wherein the instruction is calculated by a plaintext calculation engine of the holder calculation engine.
A second calculation instruction, wherein each data holder respectively acquires a maximum value and a minimum value from the screened data which accords with the index; the instruction is computed by a plaintext computation engine of the holder computation engine. The first calculation instruction and the second calculation instruction are both analyzed into plaintext instructions, the instructions do not involve the uploading of data, and each data holder only performs calculation by himself;
a third calculation instruction, combining the maximum value and the minimum value of each data holder, which meet the index of the category, into a temporary data set; the computation is performed by a platform computing engine of the privacy computing platform. The instruction is parsed into ciphertext calculation instructions. The privacy computing platform receives the maximum value ciphertext and the minimum value ciphertext uploaded by each data holder and combines the maximum value ciphertext and the minimum value ciphertext into a temporary data set.
And fourth calculation instructions to obtain the maximum value and the minimum value from the temporary dataset. The instructions are also parsed into ciphertext computing instructions that are computed by the platform computing engine of the privacy computing platform.
And fifth calculation instructions for calculating a difference between the maximum value and the minimum value. The instructions are also parsed into ciphertext computing instructions that are computed by the platform computing engine of the privacy computing platform.
And the privacy computing platform transmits the ciphertext data of the computing result to the computing initiator. Decryption of the ciphertext data is performed by the computing initiator to obtain a final computing result.
For example, four data holders, which calculate the obtained maximum and minimum values as (100, 1), (200, 20), (50, 10), (150, 50) from the first to fourth data holders, respectively. The temporary data set is (100, 1, 200,20, 50,10, 150, 50) and the maximum and minimum values determined from the temporary data set are (200, 1), respectively. The difference between the maximum and minimum values of a certain class of indicators is 200-1=199.
For example, the first data holder is the initiator of the calculation request. When the parser parses the locally related computing task (the first computing instruction and the second computing instruction), the local holder computing engine is arranged to perform computation to obtain the above preliminary computing result (100, 1).
The first data holder will calculate the preliminary calculation result (100, 1), all the calculation instructions resolved as described above, and the calculation request not resolved (calculate the difference between the maximum and minimum values of some kind of index). Three kinds of data are sent to the privacy computing platform. The method includes receiving by a platform data transceiver of a privacy computing platform.
The privacy computing platform stores unresolved computing requests for audit needs. While the scheduler of the privacy computing platform sends the computing instructions to the second data holder, the third data holder, and the fourth data holder. The privacy computing platform then stores the preliminary computation results (100, 1) of the first data holder to the platform cache layer. The privacy computing platform then waits to receive preliminary computing results of the second data holder, the third data holder, and the fourth data holder.
After the privacy computing platform obtains the preliminary calculation results of all the data holders, a temporary data set (100, 1, 200,20, 50,10, 150, 50) is constructed, and a maximum value and a minimum value are determined to be (200, 1), respectively, from the temporary data set. And then performing a difference calculation of the maximum value and the minimum value. I.e. 200-1 to determine the difference as 199. The privacy computing platform feeds back the difference 199 to the first data holder. The first data holder obtains the data and then decrypts the data.
Based on the specifics of the calculation process. The first through fourth data holders calculate to obtain maximum and minimum values of (100, 1), (200, 20), (50, 10), (150, 50) through their plaintext calculation engines. And the buffer layer of the holder respectively converts the plaintext and the ciphertext. I.e. the data (100, 1), (200, 20), (50, 10), (150, 50) to which they belong are converted into ciphertext. And the privacy computing platform receives the ciphertext and stores the ciphertext into a ciphertext cache of the platform cache layer. And the ciphertext engine of the privacy computing platform calls a ciphertext buffer to carry out the component of the temporary data set, the determination of the maximum value and the minimum value and the calculation of the difference value between the maximum value and the minimum value.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present disclosure describes embodiments, not every embodiment is provided with a separate embodiment, and that this description is provided for clarity only, and that the disclosure is not limited to the embodiments described in detail below, and that the embodiments described in the examples may be combined as appropriate to form other embodiments that will be apparent to those skilled in the art.

Claims (10)

1. A method of privacy computing, characterized by being applied to a privacy computing system, the privacy computing system comprising: a privacy computing platform and a number of data holders; the privacy computing platform includes: the platform data transceiver, the scheduler, the platform computing engine and the platform cache layer; the data holder includes: the data transceiver of the holder, the resolver, the calculation engine of the holder and the buffer layer of the holder; the holder computing engine and the platform computing engine both comprise a plaintext computing engine and a ciphertext computing engine; the platform cache layer and the holder cache layer are respectively provided with a plaintext cache and a ciphertext cache which are respectively called by a plaintext calculation engine and a ciphertext calculation engine to calculate;
the privacy calculating method comprises the following steps:
step 1, the parser parses a computation request into a specific plaintext computation instruction and ciphertext computation instruction corresponding to each data holder and the privacy computation platform, and the local holder computation engine synchronously computes the plaintext computation instruction and ciphertext computation instruction which are parsed in the parsing process of the parser and need to be executed by the local holder computation engine;
step 2, the holder data transceiver transmits the preliminary calculation result calculated by the holder calculation engine locally and the specific plaintext calculation instructions and ciphertext calculation instructions of the data holder and the privacy calculation platform which are analyzed by the analyzer except for a calculation request initiator to the platform data transceiver;
step 3, the dispatcher distributes specific plaintext calculation instructions and ciphertext calculation instructions to corresponding data holders;
step 4, each data holder executes the received plaintext calculation instruction and ciphertext calculation instruction and uploads the calculation result to the privacy calculation platform;
and step 5, the platform computing engine of the privacy computing platform executes final computation and feeds back a computation result to a computation request initiator.
2. A privacy computing method as defined in claim 1, wherein,
in step 2, the holder data transceiver also transmits the unresolved calculation request to the platform data transceiver at the same time, and the privacy calculation platform performs backup of the calculation request for audit of calculation security.
3. A privacy computing method as defined in claim 1, wherein,
in step 5, the platform data transceiver receives all data information sent by the data holder, and stores the plaintext calculation result and the ciphertext settlement result of the preliminary calculation result into the plaintext buffer and the ciphertext buffer of the platform buffer respectively, and the platform calculation engine calls the plaintext buffer and the ciphertext buffer of the platform buffer to perform final calculation; the holder cache layer of the calculation request initiator converts the ciphertext into plaintext so as to obtain a calculation result.
4. A privacy computing method as defined in claim 1, wherein,
the results of the data holder's calculations are all converted into ciphertext prior to uploading to the privacy computing platform.
5. A privacy computing method as defined in claim 4, wherein,
the platform caching layer and the holder caching layer perform conversion between ciphertext and plaintext.
6. A privacy computing method as defined in claim 1, wherein,
in step 1, the plaintext calculation instruction and the ciphertext calculation instruction analyzed by the analyzer contain a data holder identifier and a plaintext ciphertext instruction identification identifier;
in step 3, the dispatcher does not identify specific plaintext calculation instructions and ciphertext calculation instructions, and distributes the plaintext calculation instructions and ciphertext calculation instructions only by identifying the identity of the data holder.
In step 4, the holder computing engine recognizes the plaintext and ciphertext instruction recognition mark so as to instruct the corresponding plaintext computing engine or ciphertext computing engine to perform computation;
in step 5, the platform computing engine recognizes the plaintext and ciphertext instruction recognition identifier so as to instruct the corresponding plaintext computing engine or ciphertext computing engine to perform computation.
7. A privacy computing system, comprising: a privacy computing platform and a number of data holders;
wherein the privacy computing platform comprises: the platform data transceiver, the scheduler, the platform computing engine and the platform cache layer; the data holder includes: the data transceiver of the holder, the resolver, the calculation engine of the holder and the buffer layer of the holder;
the holder computing engine and the platform computing engine both comprise a plaintext computing engine and a ciphertext computing engine; the platform cache layer and the holder cache layer are respectively provided with a plaintext cache and a ciphertext cache which are respectively called by a plaintext calculation engine and a ciphertext calculation engine to calculate; the platform data transceiver and the holder data transceiver are both used for receiving and transmitting data; the parser parses a computation request into specific plaintext computation instructions and ciphertext computation instructions corresponding to each of the data holders and the privacy computation platform; the dispatcher distributes specific plaintext calculation instructions and ciphertext calculation instructions to corresponding data holders;
the method comprises the steps that in the resolving process of the resolver, a clear text calculation instruction and a ciphertext calculation instruction which are resolved and need to be executed by the local holding side calculation engine are synchronously calculated by the local holding side calculation engine;
the holder data receiver sends the preliminary calculation result calculated by the holder calculation engine locally and the specific plaintext calculation instructions and ciphertext calculation instructions of the data holder and the privacy calculation platform except the calculation request initiator which are analyzed by the analyzer to the platform data receiver;
the privacy computing platform acquires a plaintext computing result and a ciphertext settlement result of the computing engine of each data holder and stores the plaintext computing result and the ciphertext settlement result into a plaintext cache and a ciphertext cache of the platform cache layer respectively; and the platform calculation engine calls the plaintext buffer memory and the ciphertext buffer memory of the platform buffer layer to carry out final calculation, and feeds back a calculation result to a calculation request initiator.
8. A private computing system according to claim 7,
and the holder data transceiver also transmits the unresolved calculation request to the platform data transceiver at the same time, and the privacy calculation platform performs backup of the calculation request for audit of calculation security.
9. A private computing system according to claim 7,
the platform caching layer and the holder caching layer perform conversion between ciphertext and plaintext.
10. A private computing system according to claim 7,
the plaintext calculation instruction and the ciphertext calculation instruction analyzed by the analyzer contain the data holder identification and the plaintext and ciphertext instruction identification;
the dispatcher does not recognize specific plaintext calculation instructions and ciphertext calculation instructions, and distributes the plaintext calculation instructions and ciphertext calculation instructions only by recognizing the data holder identification;
the platform computing engine and the holder computing engine identify plaintext and ciphertext instruction identification.
CN202310342857.0A 2023-04-03 2023-04-03 Privacy calculation method and system Pending CN116366342A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310342857.0A CN116366342A (en) 2023-04-03 2023-04-03 Privacy calculation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310342857.0A CN116366342A (en) 2023-04-03 2023-04-03 Privacy calculation method and system

Publications (1)

Publication Number Publication Date
CN116366342A true CN116366342A (en) 2023-06-30

Family

ID=86937733

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310342857.0A Pending CN116366342A (en) 2023-04-03 2023-04-03 Privacy calculation method and system

Country Status (1)

Country Link
CN (1) CN116366342A (en)

Similar Documents

Publication Publication Date Title
CN108123800B (en) Key management method, key management device, computer equipment and storage medium
CN112182644B (en) Data processing method and device and electronic equipment
CN110740103A (en) Service request processing method and device, computer equipment and storage medium
CN111277549B (en) Security service method and system adopting block chain
CN110009201B (en) Electric power data link system and method based on block chain technology
CN106657216B (en) Serial number generation method and device
CN111625593A (en) Data processing method and device based on block chain and computer equipment
CN116455559B (en) Implementation method and device of soft and hard collaboration high-speed password equipment and electronic equipment
CN111638948A (en) Multi-channel high-availability big data real-time decision making system and decision making method
CN113282462A (en) Information processing method applied to block chain and big data platform
CN111478775A (en) Interactive aggregated signature method, equipment and storage medium
CN112512038A (en) Method and device for generating session key, electronic equipment and readable storage medium
CN116521634B (en) Method, system, electronic equipment and storage medium for processing call ticket data service
CN116366342A (en) Privacy calculation method and system
CN115113821B (en) 5G big data power calculation service system based on quantum encryption
CN115510366A (en) Business message pushing method and device, computer equipment and storage medium
CN112261121B (en) Message processing method and device
CN111597156B (en) Civil aviation data processing method and device, electronic equipment and storage medium
CN116781764A (en) Long-connection task execution method and device and related equipment
CN114666411A (en) Request processing method, device, server, storage medium and product
CN111581673B (en) SAP electronic signature method and system
CN114338833A (en) Cross-heterogeneous protocol cooperative transmission method, system, terminal equipment and storage medium
CN113364869A (en) Block chain message transmission method, equipment and storage medium
CN107483210B (en) Data verification method and system
CN117521092B (en) Block chain data reflow processing method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination