CN117435200B - Homomorphic encryption service code translation method, device, equipment and readable storage medium - Google Patents
Homomorphic encryption service code translation method, device, equipment and readable storage medium Download PDFInfo
- Publication number
- CN117435200B CN117435200B CN202311766116.1A CN202311766116A CN117435200B CN 117435200 B CN117435200 B CN 117435200B CN 202311766116 A CN202311766116 A CN 202311766116A CN 117435200 B CN117435200 B CN 117435200B
- Authority
- CN
- China
- Prior art keywords
- homomorphic encryption
- directed acyclic
- graph
- acyclic graph
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013519 translation Methods 0.000 title claims abstract description 61
- 238000000034 method Methods 0.000 title claims abstract description 55
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 220
- 238000004364 calculation method Methods 0.000 claims abstract description 82
- 230000014509 gene expression Effects 0.000 claims abstract description 47
- 238000005457 optimization Methods 0.000 claims abstract description 37
- 238000006243 chemical reaction Methods 0.000 claims description 18
- 230000001133 acceleration Effects 0.000 claims description 10
- 239000004567 concrete Substances 0.000 claims description 8
- HPTJABJPZMULFH-UHFFFAOYSA-N 12-[(Cyclohexylcarbamoyl)amino]dodecanoic acid Chemical compound OC(=O)CCCCCCCCCCCNC(=O)NC1CCCCC1 HPTJABJPZMULFH-UHFFFAOYSA-N 0.000 claims description 7
- 238000011161 development Methods 0.000 abstract description 6
- JEIPFZHSYJVQDO-UHFFFAOYSA-N iron(III) oxide Inorganic materials O=[Fe]O[Fe]=O JEIPFZHSYJVQDO-UHFFFAOYSA-N 0.000 description 8
- 230000008569 process Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 125000002015 acyclic group Chemical group 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000007667 floating Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012946 outsourcing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
Abstract
The invention discloses a homomorphic encryption service code translation method, a homomorphic encryption service code translation device, homomorphic encryption service code translation equipment and a computer readable storage medium, and relates to the technical field of information security, wherein the homomorphic encryption service code translation method comprises the following steps: acquiring a code to be translated, wherein the code to be translated is a code written by calculation logic in homomorphic encryption service in the form of a calculation expression; converting the code to be translated into a directed acyclic graph characterizing computational logic of a computational expression; obtaining an algorithm decision index value by traversing the directed acyclic graph, and determining a target homomorphic encryption algorithm to be called from various homomorphic encryption algorithm libraries according to the algorithm decision index value; optimizing the directed acyclic graph according to a preset optimization strategy, and calling a target homomorphic encryption algorithm according to the optimized directed acyclic graph to execute the calculation logic of the calculation expression. The invention provides a homomorphic encryption service code translation scheme, which improves the convenience of developing homomorphic encryption service codes by developers and improves the development efficiency.
Description
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a homomorphic encryption service code translation method, apparatus, device, and computer readable storage medium.
Background
Homomorphic encryption has a wide range of application fields, such as privacy protection, cloud computing, secure outsourcing computing, secure multiparty computing, and the like. Homomorphic encryption is a special encryption technique that allows computing operations to be performed in an encrypted state without first decrypting the data. This is important for data privacy protection and secure computing because it allows third parties such as cloud servers to perform computing tasks without having to access the plaintext data.
The homomorphic encryption algorithm library is a set of algorithms and tools for implementing homomorphic encryption, and provides functions of encryption, decryption, calculation and ciphertext operation. At present, the homomorphic encryption algorithm libraries are various, and when a developer develops program codes in homomorphic encryption services, if the developer does not know interface calling rules of the homomorphic encryption algorithm libraries and does not know the background of the homomorphic encryption technology, the development process is complex, and the development efficiency is low.
Disclosure of Invention
The invention mainly aims to provide a homomorphic encryption service code translation method, a homomorphic encryption service code translation device, homomorphic encryption service code translation equipment and a homomorphic encryption service code translation computer readable storage medium, and aims to provide a homomorphic encryption service code translation scheme, improve convenience of developing homomorphic encryption service codes of developers and improve development efficiency.
In order to achieve the above object, the present invention provides a homomorphic encryption service code translation method, comprising the steps of:
acquiring a code to be translated, wherein the code to be translated is written in the form of a calculation expression by calculation logic in homomorphic encryption service;
converting the code to be translated into a directed acyclic graph characterizing computational logic of the computational expression;
obtaining an algorithm decision index value by traversing the directed acyclic graph, and determining a target homomorphic encryption algorithm to be called from a preset homomorphic encryption algorithm library according to the algorithm decision index value;
optimizing the directed acyclic graph according to a preset optimization strategy, and calling the target homomorphic encryption algorithm according to the optimized directed acyclic graph to execute the calculation logic of the calculation expression.
Optionally, the step of converting the code to be translated into a directed acyclic graph characterizing computational logic of the computational expression comprises:
converting each object to be converted in the code to be translated into a graph node, wherein each object to be converted comprises each input data, each output data and each calculation operation;
And determining connection edges between the graph nodes according to the relation between the objects to be converted in the code to be translated, and obtaining the directed acyclic graph formed by the graph nodes and the connection edges.
Optionally, the algorithm decision index value includes a scene type, a security level, a multiplication depth of the directed acyclic graph, and a data type of a graph node of the homomorphic encryption service;
the step of determining the target homomorphic encryption algorithm to be called from various preset homomorphic encryption algorithm libraries according to the algorithm decision index value comprises the following steps:
determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth;
and determining an algorithm matched with the data type from the target homomorphic encryption algorithm library according to the data type of the graph node in the directed acyclic graph, and taking the algorithm as the target homomorphic encryption algorithm to be called.
Optionally, the step of determining a target homomorphic encryption algorithm library from the various homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth includes:
Determining a multiplication depth reference value according to the security level;
and determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the multiplication depth reference value, the scene type, the security level and the multiplication depth.
Optionally, the various homomorphic encryption algorithm libraries include a seal library, an OPENFHE library, a success library and a GPU accelerated version seal library, and the step of determining a target homomorphic encryption algorithm library from the various homomorphic encryption algorithm libraries according to the multiplication depth reference value, the scene type, the security level and the multiplication depth comprises:
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a time priority scene, determining the seal library as a target homomorphic encryption algorithm library;
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a precision priority scene, or if the multiplication depth is larger than the multiplication depth reference value, determining the OPENFHE library as a target homomorphic encryption algorithm library;
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a scene with CUDA GPU hardware resources, determining the GPU acceleration version seal library as a target homomorphic encryption algorithm library;
And if the scene type is homomorphic tfhe/fhe algorithm uint8 data type scene, determining the concrete library as a target homomorphic encryption algorithm library.
Optionally, the step of optimizing the directed acyclic graph according to a preset optimization strategy includes:
setting a reference size value of each graph node in the directed acyclic graph, wherein the reference size values of the graph nodes are the same;
traversing the directed acyclic graph, and updating the size value of each graph node according to the calculation logic in the directed acyclic graph to obtain the updated size value of each graph node;
and inserting the graph nodes of the scaling operation type into the directed acyclic graph according to the updated size values of the graph nodes.
Optionally, the step of inserting the graph nodes of the scaling operation type in the directed acyclic graph according to the updated size values of the respective graph nodes includes:
and if the updated size values of the two graph nodes serving as the left operation value and the right operation value of the first target graph node are different for the first target graph node of the addition or subtraction operation type in the directed acyclic graph, inserting the graph node of the scaling operation type into the directed acyclic graph, wherein the size values of the left operation value and the right operation value of the first target graph node are the same after inserting the graph node of the scaling operation type.
Optionally, the step of optimizing the directed acyclic graph according to a preset optimization strategy includes:
traversing the directed acyclic graph, and determining the level value corresponding to each graph node in the directed acyclic graph according to the calculation logic in the directed acyclic graph;
and if the horizontal values of the two graph nodes serving as the left operation value and the right operation value of the second target graph node are different, inserting the graph node of the analog-to-digital conversion operation type into the directed acyclic graph, wherein the horizontal values of the left operation value and the right operation value of the second target graph node are the same after inserting the graph node of the analog-to-digital conversion operation type.
Optionally, the step of optimizing the directed acyclic graph according to a preset optimization strategy includes:
the directed acyclic graph is adjusted according to the calculation logic of the directed acyclic graph by traversing the directed acyclic graph, wherein the multiplication depth of the adjusted directed acyclic graph is smaller than the multiplication depth of the directed acyclic graph before adjustment;
traversing a third target graph node containing plaintext operation in the directed acyclic graph, performing plaintext calculation on the third target graph node to obtain a calculation result, and updating the directed acyclic graph by adopting the calculation result; and/or the number of the groups of groups,
And for a fourth target graph node with the degree of emergence of 0 in the directed acyclic graph, changing the operation type corresponding to the fourth target graph node into an operation of a replacement type.
In order to achieve the above object, the present invention also provides a homomorphic encryption service code translation device, comprising:
the acquisition module is used for acquiring codes to be translated, wherein the codes to be translated are codes written by calculation logic in homomorphic encryption service in the form of calculation expressions;
a conversion module for converting the code to be translated into a directed acyclic graph characterizing computational logic of the computational expression;
the determining module is used for obtaining an algorithm decision index value by traversing the directed acyclic graph, and determining a target homomorphic encryption algorithm to be called from various homomorphic encryption algorithm libraries according to the algorithm decision index value;
and the execution module is used for optimizing the directed acyclic graph according to a preset optimization strategy, and calling the target homomorphic encryption algorithm according to the optimized directed acyclic graph so as to execute the calculation logic of the calculation expression.
To achieve the above object, the present invention also provides a homomorphic encryption service code translation device, comprising: the system comprises a memory, a processor and a homomorphic encryption service code translation program stored on the memory and capable of running on the processor, wherein the homomorphic encryption service code translation program realizes the steps of the homomorphic encryption service code translation method when being executed by the processor.
In addition, in order to achieve the above object, the present invention also proposes a computer-readable storage medium having stored thereon a homomorphic encrypted service code translation program which, when executed by a processor, implements the steps of the homomorphic encrypted service code translation method as described above.
In the embodiment of the invention, the code to be translated is obtained, namely the code written by the calculation logic in the homomorphic encryption service in the form of the calculation expression is obtained, the code to be translated is converted into the directed acyclic graph representing the calculation logic of the calculation expression, the algorithm decision index value is obtained by traversing the directed acyclic graph, the target homomorphic encryption algorithm to be called is determined from various preset homomorphic encryption algorithm libraries according to the algorithm decision index value, the target homomorphic encryption algorithm is optimized according to the preset optimization strategy, and the target homomorphic encryption algorithm is called according to the optimized directed acyclic graph to execute the calculation logic of the calculation expression, so that the translation method of the homomorphic encryption service code is realized, the code written by the calculation logic in the homomorphic encryption service in the form of any expression is supported to be translated into the program conforming to the homomorphic encryption algorithm library standard, and the convenience of developing the homomorphic encryption service code by a developer is improved, and the developer not having the homomorphic encryption background foundation can develop the homomorphic encryption service code conforming to the requirements.
Drawings
FIG. 1 is a schematic diagram of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for translating homomorphic encryption service codes according to a first embodiment of the present invention;
FIG. 3 is an exemplary diagram of a directed acyclic graph according to an embodiment of the invention;
FIG. 4 is a schematic diagram of a system framework according to an embodiment of the present invention;
FIG. 5 is an exemplary diagram of an optimization effect of a directed acyclic graph according to an embodiment of the invention;
FIG. 6 is an exemplary diagram of an optimization effect of another directed acyclic graph according to an embodiment of the invention;
fig. 7 is a schematic diagram of functional modules of a homomorphic encryption service code translation device according to a preferred embodiment of the invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Referring to fig. 1, fig. 1 is a schematic device structure of a hardware running environment according to an embodiment of the present invention.
It should be noted that, in the embodiment of the present invention, the homomorphic encryption service code translation device may be a device such as a personal computer, a server, a smart phone, etc., which is not limited herein.
As shown in fig. 1, the homomorphic encryption service code translation device may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a Display, an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a stable memory (non-volatile memory), such as a disk memory. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.
It will be appreciated by those skilled in the art that the device architecture shown in fig. 1 is not limiting of the homomorphic encrypted service code translation device, and may include more or fewer components than shown, or certain components may be combined, or a different arrangement of components.
As shown in fig. 1, an operating system, a network communication module, a user interface module, and a homomorphic encryption service code translation program may be included in a memory 1005, which is a computer storage medium. An operating system is a program that manages and controls the hardware and software resources of the device, supporting the execution of homomorphic encryption service code translation programs, as well as other software or programs. In the device shown in fig. 1, the user interface 1003 is mainly used for data communication with the client; the network interface 1004 is mainly used for establishing communication connection with a server; and the processor 1001 may be configured to call the homomorphic encryption service code translation program stored in the memory 1005 and execute the homomorphic encryption service code translation method in the following embodiments.
Based on the above structure, various embodiments of homomorphic encryption service code translation methods are presented.
Referring to fig. 2, fig. 2 is a flowchart of a first embodiment of the homomorphic encryption service code translation method according to the present invention.
The embodiments of the present invention provide embodiments of homomorphic encryption service code translation methods, it being noted that although a logical sequence is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in a different order than that illustrated herein. In this embodiment, the execution body of the homomorphic encryption service code translation method may be a personal computer, a server, a smart phone, or other devices, but is not limited thereto, and for convenience of description, the execution body is omitted from description of each embodiment. In this embodiment, the homomorphic encryption service code translation method includes steps S10 to S40:
step S10, a code to be translated is obtained, wherein the code to be translated is written in the form of a calculation expression by calculation logic in homomorphic encryption service.
Homomorphic encryption algorithm libraries are a set of algorithms and tools for implementing homomorphic encryption that provide the functions of encryption, decryption, computation, and ciphertext operations. Some common homomorphic encryption algorithm libraries include Microsoft SEAL library, OPENFHE library, and Concrete library. These algorithm libraries are typically developed by cryptography professionals and security researchers to ensure their security and performance. Currently, the code program in developing homomorphic encryption service by a developer is faced with some difficulties: interfaces of various homomorphic encryption algorithm libraries are difficult to understand, and a developer is required to have rich homomorphic encryption background foundation; the homomorphic encryption algorithm libraries are numerous and have different characteristics, and a developer is required to understand the different libraries; aiming at different data types, the homomorphic encryption algorithm library cannot automatically decide an optimal algorithm.
In this embodiment, a translation method is provided for the difficulties faced at present. Different algorithm libraries have different interfaces and parameter selection criteria, and a translator is required to automatically translate the program of a developer into a program conforming to the homomorphic encryption algorithm library criteria. The translation method of the embodiment, namely a translator, supports the translation of codes written by calculation logic in homomorphic encryption service in the form of any expression into programs conforming to the homomorphic encryption algorithm library standard, thereby improving the convenience of developing homomorphic encryption service codes by developers and enabling the developers without homomorphic encryption background basis to develop homomorphic encryption service codes conforming to requirements.
The code to be translated, i.e. the code to be translated, may be written in programming languages such as c++, python, etc., and the programming language of the code to be translated is not limited in this embodiment. The code to be translated is a code written by computing logic in homomorphic encryption service in the form of a computing expression, the computing expression can be any expression capable of representing the computing logic, for example, the sum of a and b of a secret state needs to be computed, the computing expression can be "a+b", the process of computing the sum of a and b in the homomorphic encryption algorithm is complex, the input parameters need to be complex when the algorithm for computing the addition operation is called in the homomorphic encryption algorithm library, and a developer does not need to understand interface parameters of a specific algorithm in the algorithm library, and only needs to write the code in the form of "a+b".
In a possible implementation manner, the homomorphic encryption service code translation method can be used as a callable program, and provides a calling interface for a developer, and after the developer writes the code to be translated, the developer calls the interface to transfer the code to be translated; the acquiring the code to be translated in this step may be acquiring the incoming code to be translated in response to an operation of the call interface. In other possible embodiments, the code to be translated may be obtained in other ways. In the present embodiment, the manner of acquiring the code to be translated is not limited.
Step S20, converting the code to be translated into a directed acyclic graph characterizing the computational logic of the computational expression.
After the code to be translated is obtained, the code to be translated is converted into a form of an directed acyclic graph characterizing the computational logic of the computational expression, in preparation for a subsequent translation step. The algorithm library decision and parameter optimization can be more conveniently carried out by converting the algorithm library decision into the form of the directed acyclic graph.
The converted directed acyclic graph may include each graph node and a connection edge between each graph node, where the graph node may be a data node or an operation type node, and an operation type of the operation type node may include addition, subtraction, multiplication, homomorphic scaling operation (rescale), homomorphic analog-to-digital conversion operation (modswitch), and so on.
There are many ways to convert the code to be translated into a directed acyclic graph, and the present embodiment is not limited thereto. For example, by reloading various operators, the operation logic in the code to be translated is analyzed, and the code to be translated is converted into the directed acyclic graph.
In a possible implementation manner, the step S20 includes S201 to S202:
step S201, converting each object to be converted in the code to be translated into a graph node, where each object to be converted includes each input data, each output data, and each computing operation.
In a specific embodiment, various constructors can be reloaded for the objects to be converted of different data types in the code to be translated, and the code to be translated can be automatically translated into corresponding graph nodes.
Step S202, determining a connection edge between each graph node according to the relationship between the objects to be converted in the code to be translated, so as to obtain a directed acyclic graph composed of each graph node and the connection edge.
In this embodiment, the code to be translated is supported to include a plurality of input data and a plurality of output data, and the same key pair is also supported to be used by a plurality of directed acyclic graphs.
For example, the code to be translated in the form of the computational expression "a+b+c" may be converted into a directed acyclic graph as shown in fig. 3. It should be noted that fig. 3 is only a simple example, and the calculation logic in the actual homomorphic encryption service will be more complex, and the converted directed acyclic graph will be more complex.
In a possible implementation manner, a special polynomial simulation interface can be provided for the complex functional expression, so that the method for converting the embodiment can be suitable for various complex business scenes, and the scenes comprise hidden inquiry, AI reasoning and the like. For example, for an expression "a < b", an interface may be provided that converts the expression to an expression of the type of operation supported by the homomorphic encryption algorithm, such as a combination of addition and subtraction operations, and then converts the converted expression to a directed acyclic graph.
Step S30, obtaining an algorithm decision index value by traversing the directed acyclic graph, and determining a target homomorphic encryption algorithm to be called from a preset homomorphic encryption algorithm library according to the algorithm decision index value.
Various optional homomorphic encryption algorithm libraries can be set in advance, decision indexes for deciding the homomorphic encryption algorithms can be set according to different characteristics of the homomorphic encryption algorithm libraries, such as application scenes, algorithm precision, algorithm time consumption and the like, different algorithm decision index values corresponding to the decision indexes are set, and the decision indexes are matched with different homomorphic encryption algorithms.
After the code to be translated is converted into the directed acyclic graph, the algorithm decision index value of the directed acyclic graph under each decision index can be obtained by traversing the directed acyclic graph, and then the homomorphic encryption algorithm matched with the decision index value is selected from various optional homomorphic encryption algorithm libraries according to the algorithm decision index value, and then the homomorphic encryption algorithm is determined as the homomorphic encryption algorithm to be called (hereinafter referred to as target homomorphic encryption algorithm to show distinction).
And S40, optimizing the directed acyclic graph according to a preset optimization strategy, and calling the target homomorphic encryption algorithm according to the optimized directed acyclic graph to execute the calculation logic of the calculation expression.
An optimization policy for optimizing the directed acyclic graph may be preset, the optimization policy may include a policy for modifying the directed acyclic graph that does not conform to homomorphic encryption computing logic such that the modified directed acyclic graph conforms to homomorphic encryption computing logic, and/or the optimization policy may include a policy for optimizing the directed acyclic graph to improve computing efficiency. In the present embodiment, the optimization strategy is not limited.
And optimizing the directed acyclic graph according to an optimization strategy, and then calling the determined target homomorphic encryption algorithm to be called according to the optimized directed acyclic graph, thereby completing the calculation logic for executing the calculation expression, namely, realizing the calculation logic in homomorphic encryption service.
In one possible implementation, the translation of homomorphic encrypted service codes may be implemented using a system framework as shown in FIG. 4. The system comprises a code analysis layer, a decision layer, a parameter optimization layer, a circuit optimization layer and a calling algorithm library layer, and further comprises a plurality of conventional modules: the system comprises a log system, a configuration system, a unit test framework and a performance statistics framework. The code analysis layer is used for analyzing the code to be translated and converting the code to be translated into a directed acyclic graph; after the directed acyclic graph is obtained, an algorithm using different homomorphic encryption algorithm libraries can be decided based on the directed acyclic graph at a decision layer; in a parameter tuning layer and a circuit optimizing layer, correspondingly optimizing a homomorphic encryption scene of the directed acyclic graph; and calling a target homomorphic encryption algorithm in an algorithm library layer according to the optimized directed acyclic graph to execute calculation logic of homomorphic encryption service.
In a possible implementation, at the last call algorithm library layer, considering that the concrete library is written in the Rust language, in the case that the code to be translated is written in the c++ language, a Rust language-based c++ language program linking method is provided:
1. An extern "C" key is used before the Rust language interface function declares, indicating that the function can provide a C language code call.
2. The Rust grammar Box is used for realizing the ownership of a memory in a Rust language program and a c++ language program by using a from_raw and Box, and the memory head address transmission is realized by using an i8 type pointer.
3. And operating the data of the rust language general type in the c++ program environment by using the struct type object pointer.
The method realizes that the rust homomorphic encryption library concrete is called by using the c++ language, and the method is specific and universal. And other libraries are written in c++, and are accessed according to interfaces.
In this embodiment, the code to be translated is obtained, that is, the code written by the calculation logic in the homomorphic encryption service in the form of the calculation expression is obtained, the code to be translated is converted into the directed acyclic graph representing the calculation logic of the calculation expression, then the algorithm decision index value is obtained by traversing the directed acyclic graph, the target homomorphic encryption algorithm to be called is determined from various preset homomorphic encryption algorithm libraries according to the algorithm decision index value, the target homomorphic encryption algorithm is optimized according to the preset optimization strategy, and the target homomorphic encryption algorithm is called according to the optimized directed acyclic graph, so that the calculation logic of the calculation expression is executed, the translation method of the homomorphic encryption service code is realized, the code written by the calculation logic in the homomorphic encryption service in the form of any expression is supported to be translated into the program conforming to the homomorphic encryption algorithm library standard, and therefore the convenience of developing the homomorphic encryption service code by a developer is improved, and the developer not having the homomorphic encryption background can develop the homomorphic encryption service code conforming to the requirements. Based on the homomorphic encryption service code translation method provided by the embodiment, the coding amount of a developer can be reduced by about 90%, an interface is easy to understand, a user does not need to understand which library is specifically used at the bottom layer, and a framework can automatically decide. For a con-crete library written in the Rust language, a framework c++ interface call may also be used.
Based on the above first embodiment, a second embodiment of the homomorphic encryption service code translation method of the present invention is provided, in this embodiment, in step S30, the step of determining, according to the algorithm decision index value, a target homomorphic encryption algorithm to be invoked from a preset various homomorphic encryption algorithm library includes S301 to S302:
step S301, determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth.
In this embodiment, the algorithm decision index value may include a scene type, a security level, a multiplication depth of the directed acyclic graph, and a data type of a graph node in the directed acyclic graph of the homomorphic encryption service. The scene types of homomorphic encryption service can be time priority scene, precision priority scene, scene with CUDA GPU hardware resource, and the like, and can be set with optional scene types in advance. The security level of the homomorphic encryption service indicates the degree of security required for the homomorphic encryption service, and may be 128 levels, 256 levels, or the like, for example. The number of the multiplication nodes in the branch, namely the multiplication depth of the directed acyclic graph, can be counted by traversing the directed acyclic graph to find the branch of the longest multiplication node path, and the multiplication nodes are the graph nodes of the multiplication operation type in the directed acyclic graph. In one possible implementation, the scene type and security level may be entered with the code to be translated when the translation program interface is invoked by the developer. The data types of each graph node in the directed acyclic graph can be obtained by traversing the directed acyclic graph, e.g., the data types can be integer, floating point, etc.
Different homomorphic encryption algorithm libraries are suitable for different scenes, different security levels and different multiplication depths, and the scene types, the security levels and the multiplication depths which are suitable for the homomorphic encryption algorithm libraries can be set in advance according to the actual conditions of the homomorphic encryption algorithm libraries.
After the scene type, the security level and the multiplication depth corresponding to the code to be translated are obtained, the homomorphic encryption algorithm library matched with the scene type, the security level and the multiplication depth can be determined as the homomorphic encryption algorithm library (hereinafter referred to as the target homomorphic encryption algorithm library for distinguishing) to be called from the homomorphic encryption algorithm libraries.
Step S302, determining an algorithm matched with the data type from the target homomorphic encryption algorithm library according to the data type of the graph node in the directed acyclic graph, and taking the algorithm as the target homomorphic encryption algorithm to be called.
The homomorphic encryption algorithm library comprises algorithms suitable for calculating data of different data types, and algorithms matched with the different data types can be preset.
After the target homomorphic encryption algorithm library is determined, according to the data type of the graph nodes in the directed acyclic graph, an algorithm matched with the data type can be determined from the homomorphic encryption algorithm library and used as the target homomorphic encryption algorithm to be called.
In a possible implementation, the various homomorphic encryption algorithm libraries may include a seal library, an OPENFHE library, a control library, and a GPU acceleration version seal library, where the GPU acceleration version seal library is modified by using a CUDA programming interface to achieve the purpose of acceleration on the GPU. Correspondingly, the step S301 includes S3011 to S3012:
step S3011, determining a multiplication depth reference value according to the security level.
The security level defines the multiplication depth that can be supported by different homomorphic encryption algorithm libraries, so in this embodiment, the multiplication depth reference value can be determined according to the security level, and then the proper homomorphic encryption algorithm library can be matched according to the multiplication depth reference value and the multiplication depth of the directed acyclic graph. In a possible embodiment, the correspondence between different security levels and the multiplication depth reference value may be set in advance, or a calculation manner of calculating the multiplication depth reference value according to the security level may be set in advance, and the manner of determining the multiplication depth reference value according to the security level is not limited in this embodiment.
In one possible embodiment, the multiplication depth reference value may be calculated according to the security level according to the following formula:
X=V N /scale-3
Wherein X is a multiplication depth reference value, V N For the total bits meeting the homomorphic N-level security standard, N is the security level, and scale is the reference size value of the graph node.
For example, in the case where the security level is 128 levels, the total bits meeting the homomorphic 128 level security standard is equal to 881, and the reference size value of the graph node is set to 60, the multiplication depth reference value is 881/60-3=11, where subtracting 3 refers to 3 depths to the input-output flow.
And step S3012, determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the multiplication depth reference value, the scene type, the security level and the multiplication depth.
In a possible embodiment, step S3012 includes S30121 to S30124:
and step S30121, if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a time priority scene, determining the seal library as a target homomorphic encryption algorithm library.
And step S30122, determining the OPENFHE library as a target homomorphic encryption algorithm library if the multiplication depth is less than or equal to the multiplication depth reference value and the scene type is a precision priority scene, or if the multiplication depth is greater than the multiplication depth reference value.
And step S30123, if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a scene with CUDA GPU hardware resources, determining the GPU acceleration version seal library as a target homomorphic encryption algorithm library.
Step S30124, if the scene type is homomorphic tfhe/fhe algorithm uint8 data type scene, determining the congrette library as a target homomorphic encryption algorithm library.
Illustratively, assume that the multiplication depth reference value is 11:
if the multiplication depth is less than or equal to 11 and the scene type is a time priority scene, automatically selecting a seal library, and if the data type is double, selecting a seal_ckks algorithm in the seal library, and if the data type is int64, selecting a seal_ bfv algorithm in the seal library;
if the multiplication depth is less than or equal to 11 and the scene type is a precision priority scene, or if the multiplication depth is more than 11, selecting an OPENFHE library, selecting an OPENFHE_ckks algorithm in the OPENFHE library under the condition that the data type is double, and selecting an OPENFHE_ bfv algorithm in the OPENFHE library under the condition that the data type is int 64;
if the multiplication depth is less than or equal to 11 and the scene type is a scene with CUDA GPU hardware resources, selecting a GPU acceleration version seal library, and having an operation acceleration effect of 10-100 times;
If the scene type is homomorphic tfhe/fhe algorithm uint8 data type scene, selecting a concrete library.
It can be appreciated that the above decision logic users are unaware and only pay attention to the simple computational expressions written.
In the embodiment, the target homomorphic encryption algorithm to be called is automatically determined according to the scene type, the security level, the multiplication depth of the directed acyclic graph and the data type of the graph node of the homomorphic encryption service, so that a developer does not need to adjust various parameters such as precision, noise, security and the like of homomorphic encryption, only needs to care about specific service flows, development convenience of the developer is greatly improved, and code development efficiency in the homomorphic encryption service scene is improved.
Based on the first and/or second embodiments described above, a third embodiment of the homomorphic encryption service code translation method of the present invention is provided. In this embodiment, a feasible implementation manner of an optimization strategy is provided, and the step of optimizing the directed acyclic graph according to a preset optimization strategy in step S40 includes steps S401 to S403:
step S401, setting a reference size value of each graph node in the directed acyclic graph, where the reference size values of each graph node are the same.
In the case that the target homomorphic encryption algorithm is the ckks algorithm or the bfv algorithm, the optimization can be performed on graph nodes of the addition or subtraction operation type in the directed acyclic graph so as to meet the constraint of addition and subtraction calculation in the homomorphic encryption algorithm.
A scale value may be set for each graph node in the directed acyclic graph, the scale value for each graph node being the same, for example, 60.
Step S402, traversing the directed acyclic graph, and updating the size values of the graph nodes according to the calculation logic in the directed acyclic graph to obtain updated size values of the graph nodes.
Some computing operations may cause the size values of the nodes to change, for example, multiplication operations may cause the size values of the nodes to accumulate, so that the size values of the nodes of each graph may be updated by traversing the directed acyclic graph according to the computing logic in the directed acyclic graph, thereby obtaining updated size values of the nodes of each graph (hereinafter referred to as updated size values to illustrate distinction). For example, for the directed acyclic graph converted by the calculation expression "a+b+c", including the graph nodes "a", "b", "++", and "c", it is assumed that the reference size value of each graph node is 60, and during traversal, the size value of the graph node "a" is updated to 120 according to the calculation logic of multiplying a by b.
Step S403, inserting the graph nodes of the scaling operation type into the directed acyclic graph according to the updated size values of the graph nodes.
After traversing the directed acyclic graph to calculate the updated size values of the graph nodes, if the updated size values of some graph nodes do not meet the requirements of the homomorphic encryption algorithm, then the graph nodes which do not meet the requirements of the homomorphic encryption algorithm can be found out by updating the size values, and the size values can be changed by inserting the graph nodes of the scaling operation type into the directed acyclic graph, so that the updated directed acyclic graph can meet the requirements of the homomorphic encryption algorithm.
For example, in one possible embodiment, step S403 includes S4031:
step S4031, for a first target graph node of the addition or subtraction operation type in the directed acyclic graph, inserting a graph node of the scaling operation type into the directed acyclic graph if the updated size values of two graph nodes, which are the left operation value and the right operation value of the first target graph node, are different, wherein the size values of the left operation value and the right operation value of the first target graph node are the same after inserting the graph node of the scaling operation type.
In the ckks algorithm or bfv algorithm scenario, the size values of the operation objects of the addition and subtraction operations need to be the same. In this regard, after obtaining the updated size values of the respective graph nodes, for the graph nodes of the addition or subtraction operation type (referred to as the first target graph node to show distinction) in the directed acyclic graph, it may be detected whether the updated size values of the two graph nodes of the left operation value and the right operation value of the first target graph node are the same, and if it is detected that the updated size values of the two graph nodes are different, the graph node of the scaling operation type is inserted in the directed acyclic graph, so that the size values of the left operation value and the right operation value of the first target graph node are the same after the graph node of the scaling operation type is inserted. There are many ways to insert the graph nodes of the scaling operation type, and the present embodiment is not limited thereto.
For example, in the above example, for the "+" graph node, it is detected whether the updated size values of the two graph nodes that are the left operation value and the right operation value are the same, that is, whether the updated size values of the two graph nodes of "x" and "c" are the same; since the size value of the "×image node is updated to 120 and the size value of the" c "image node is updated to 60, it is necessary to insert the image node of the scaling operation type; for example, a scaling operation type graph node may be inserted before the "c" graph node, and the size value of the "c" graph node is increased to 120, so that the size values of the left and right operational values of the "+" graph node are the same; for another example, a scaling operation type graph node may be inserted before the "+" graph node, and the size value of the "+" graph node is reduced to 60, so that the size values of the left operation value and the right operation value of the "+" first target graph node are the same.
In this embodiment, another possible implementation manner of the optimization strategy is also provided, and the step of optimizing the directed acyclic graph according to the preset optimization strategy in step S40 includes steps S404 to S405:
step S404, traversing the directed acyclic graph, and determining the level value corresponding to each graph node in the directed acyclic graph according to the calculation logic in the directed acyclic graph.
In the case that the target homomorphic encryption algorithm is the ckks algorithm or the bfv algorithm, the graph nodes of the multiplication operation type in the directed acyclic graph can be optimized to meet the constraint of multiplication calculation in the homomorphic encryption algorithm.
The level value (or referred to as level) corresponding to each graph node can be determined by traversing the directed acyclic graph according to the computational logic in the directed acyclic graph, and the principle is that as the number of multiplication operations increases, the level of the graph node increases accordingly. For example, for a directed acyclic graph converted from the calculation expression "a×b×c", including graph nodes "a", "b", "c", the first three graph nodes are traversed, the level of the first graph node is determined to be 1 according to the calculation logic of a times b, and the level of the graph node "c" is determined to be 0.
Step S405, for a second target graph node of the multiplication operation type in the directed acyclic graph, if the horizontal values of two graph nodes, which are the left operation value and the right operation value of the second target graph node, are different, inserting a graph node of the analog-to-digital conversion operation type in the directed acyclic graph, wherein the horizontal values of the left operation value and the right operation value of the second target graph node are the same after inserting the graph node of the analog-to-digital conversion operation type.
In the ckks algorithm or bfv algorithm scenario, multiplication operations need to be performed on the same layer of modular chain, that is, levels of operation objects of the multiplication operations need to be the same. In this regard, after the levels of the graph nodes are obtained, for the graph node of the multiplication operation type in the directed acyclic graph (referred to as the second target graph node to show distinction), whether the levels of the two graph nodes of the left operation value and the right operation value of the second target graph node are the same may be detected, and if the levels of the two graph nodes are detected to be different, the graph node of the analog-to-digital conversion operation type is inserted into the directed acyclic graph, so that the levels of the left operation value and the right operation value of the second target graph node are the same after the graph node of the analog-to-digital conversion operation type is inserted. There are many ways to insert the graph nodes of the analog-to-digital conversion operation type, and the present embodiment is not limited thereto.
For example, in the above example, for the second "x" graph node, it is detected whether the updated size values of the two graph nodes that are the left operation value and the right operation value are the same, that is, whether the levels of the two graph nodes that are the first "x" and "c" are the same; since the level of the first "# graph node is 1 and the level of the" c "-graph node is updated to 0, it is necessary to insert the graph node of the analog-to-digital conversion operation type; for example, a graph node of the type of analog-to-digital conversion operation may be inserted before a "c" graph node, increasing the level of the "c" graph node to 1, such that the level of the left and right operational values of the second "x" graph node are the same.
In this embodiment, another possible implementation manner of the optimization strategy is also provided, and the step of optimizing the directed acyclic graph according to the preset optimization strategy in step S40 includes step S406: and adjusting the directed acyclic graph according to the calculation logic of the directed acyclic graph by traversing the directed acyclic graph, wherein the multiplication depth of the adjusted directed acyclic graph is smaller than the multiplication depth of the directed acyclic graph before adjustment.
The rebalancing strategy of the integral multiplication of the directed acyclic graph is optimized, and the integral height of the multiplication of the directed acyclic graph is reduced by traversing the method for merging child nodes of the directed acyclic graph. Therefore, the requirement of operation on homomorphic encryption modular chain depth is reduced, and the operation complexity is further reduced. There are many ways to adjust the multiplication depth of the directed acyclic graph, and the present embodiment is not limited thereto. Illustratively, the directed acyclic graph as shown in FIG. 5 (a) can be adjusted to the directed acyclic graph as shown in FIG. 5 (b), thereby reducing the multiplication depth.
In this embodiment, another possible implementation manner of the optimization strategy is also provided, and the step of optimizing the directed acyclic graph according to the preset optimization strategy in step S40 includes step S407: and traversing a third target graph node containing plaintext operation in the directed acyclic graph, performing plaintext calculation on the third target graph node to obtain a calculation result, and updating the directed acyclic graph by adopting the calculation result.
In the directed acyclic graph traversal stage, plaintext nodes are operated, plaintext addition, subtraction and multiplication computation is directly used, so that the computation complexity can be reduced, and the directed acyclic graph shown in fig. 6 (b) can be obtained after the directed acyclic graph shown in fig. 6 (a) is subjected to plaintext computation.
In this embodiment, another possible implementation manner of the optimization strategy is also provided, and the step of optimizing the directed acyclic graph according to the preset optimization strategy in step S40 includes step S408: and for a fourth target graph node with the degree of 0 in the directed acyclic graph, namely a node without follow-up dependence, changing the operation type corresponding to the fourth target graph node into a replacement type (replace) operation, so that the assignment operation required to be performed in the original calculation process is changed into the replace operation, memory copying is reduced, and the memory use efficiency is optimized.
It should be noted that several possible implementations of the optimization strategy set forth in this embodiment may be implemented by selecting one or more of them according to actual needs, that is, the above several implementations may be implemented in combination.
In addition, an embodiment of the present invention further provides a homomorphic encrypted service code translation device, referring to fig. 7, where the homomorphic encrypted service code translation device includes:
the acquiring module 10 is configured to acquire a code to be translated, where the code to be translated is a code written by computing logic in homomorphic encryption service in the form of a computing expression;
a conversion module 20 for converting the code to be translated into a directed acyclic graph characterizing the computational logic of the computational expression;
the determining module 30 is configured to obtain an algorithm decision index value by traversing the directed acyclic graph, and determine a target homomorphic encryption algorithm to be invoked from a preset various homomorphic encryption algorithm libraries according to the algorithm decision index value;
and the execution module 40 is configured to optimize the directed acyclic graph according to a preset optimization policy, and call the target homomorphic encryption algorithm according to the optimized directed acyclic graph, so as to execute the calculation logic of the calculation expression.
In a possible embodiment, the conversion module 20 is further configured to:
converting each object to be converted in the code to be translated into a graph node, wherein each object to be converted comprises each input data, each output data and each calculation operation;
and determining connection edges between the graph nodes according to the relation between the objects to be converted in the code to be translated, and obtaining the directed acyclic graph formed by the graph nodes and the connection edges.
In a possible implementation manner, the algorithm decision index value comprises a scene type, a security level, a multiplication depth of the directed acyclic graph and a data type of a graph node of the homomorphic encryption service;
the determining module 30 is further configured to:
determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth;
and determining an algorithm matched with the data type from the target homomorphic encryption algorithm library according to the data type of the graph node in the directed acyclic graph, and taking the algorithm as the target homomorphic encryption algorithm to be called.
In a possible embodiment, the determining module 30 is further configured to:
Determining a multiplication depth reference value according to the security level;
and determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the multiplication depth reference value, the scene type, the security level and the multiplication depth.
In a possible implementation, the various homomorphic encryption algorithm libraries include a seal library, an OPENFHE library, a success library, and a GPU acceleration version seal library, and the determining module 30 is further configured to:
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a time priority scene, determining the seal library as a target homomorphic encryption algorithm library;
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a precision priority scene, or if the multiplication depth is larger than the multiplication depth reference value, determining the OPENFHE library as a target homomorphic encryption algorithm library;
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a scene with CUDA GPU hardware resources, determining the GPU acceleration version seal library as a target homomorphic encryption algorithm library;
and if the scene type is homomorphic tfhe/fhe algorithm uint8 data type scene, determining the concrete library as a target homomorphic encryption algorithm library.
In a possible implementation, the execution module 40 is further configured to:
setting a reference size value of each graph node in the directed acyclic graph, wherein the reference size values of the graph nodes are the same;
traversing the directed acyclic graph, and updating the size value of each graph node according to the calculation logic in the directed acyclic graph to obtain the updated size value of each graph node;
and inserting the graph nodes of the scaling operation type into the directed acyclic graph according to the updated size values of the graph nodes.
In a possible implementation, the execution module 40 is further configured to:
and if the updated size values of the two graph nodes serving as the left operation value and the right operation value of the first target graph node are different for the first target graph node of the addition or subtraction operation type in the directed acyclic graph, inserting the graph node of the scaling operation type into the directed acyclic graph, wherein the size values of the left operation value and the right operation value of the first target graph node are the same after inserting the graph node of the scaling operation type.
In a possible implementation, the execution module 40 is further configured to:
traversing the directed acyclic graph, and determining the level value corresponding to each graph node in the directed acyclic graph according to the calculation logic in the directed acyclic graph;
And if the horizontal values of the two graph nodes serving as the left operation value and the right operation value of the second target graph node are different, inserting the graph node of the analog-to-digital conversion operation type into the directed acyclic graph, wherein the horizontal values of the left operation value and the right operation value of the second target graph node are the same after inserting the graph node of the analog-to-digital conversion operation type.
In a possible implementation, the execution module 40 is further configured to:
the directed acyclic graph is adjusted according to the calculation logic of the directed acyclic graph by traversing the directed acyclic graph, wherein the multiplication depth of the adjusted directed acyclic graph is smaller than the multiplication depth of the directed acyclic graph before adjustment;
traversing a third target graph node containing plaintext operation in the directed acyclic graph, performing plaintext calculation on the third target graph node to obtain a calculation result, and updating the directed acyclic graph by adopting the calculation result; and/or the number of the groups of groups,
and for a fourth target graph node with the degree of emergence of 0 in the directed acyclic graph, changing the operation type corresponding to the fourth target graph node into an operation of a replacement type.
The expansion content of the specific implementation mode of the homomorphic encryption service code translation device is basically the same as that of each embodiment of the homomorphic encryption service code translation method, and the description is omitted herein.
In addition, the embodiment of the invention also provides a computer readable storage medium, wherein the storage medium stores a homomorphic encryption service code translation program, and the homomorphic encryption service code translation program realizes the steps of the homomorphic encryption service code translation method as follows when being executed by a processor.
Embodiments of the homomorphic encryption service code translation device and the computer readable storage medium of the present invention can refer to embodiments of the homomorphic encryption service code translation method of the present invention, and will not be described herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
Claims (10)
1. A homomorphic encryption service code translation method, characterized in that the homomorphic encryption service code translation method comprises the steps of:
acquiring a code to be translated, wherein the code to be translated is written in the form of a calculation expression by calculation logic in homomorphic encryption service;
converting the code to be translated into a directed acyclic graph characterizing computational logic of the computational expression;
obtaining an algorithm decision index value by traversing the directed acyclic graph, and determining a target homomorphic encryption algorithm to be called from a preset homomorphic encryption algorithm library according to the algorithm decision index value;
optimizing the directed acyclic graph according to a preset optimization strategy, and calling the target homomorphic encryption algorithm according to the optimized directed acyclic graph to execute the calculation logic of the calculation expression;
the algorithm decision index value comprises a scene type, a security level, a multiplication depth of the directed acyclic graph and a data type of a graph node of the homomorphic encryption service;
the step of determining the target homomorphic encryption algorithm to be called from various preset homomorphic encryption algorithm libraries according to the algorithm decision index value comprises the following steps:
Determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth;
determining an algorithm matched with the data type from the target homomorphic encryption algorithm library according to the data type of the graph node in the directed acyclic graph, and taking the algorithm as the target homomorphic encryption algorithm to be called;
wherein, the step of determining a target homomorphic encryption algorithm library from the various homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth comprises:
determining a multiplication depth reference value according to the security level;
and determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the multiplication depth reference value, the scene type, the security level and the multiplication depth.
2. The homomorphic encryption traffic code translation method according to claim 1, wherein the step of converting the code to be translated into a directed acyclic graph characterizing the computational logic of the computational expression comprises:
converting each object to be converted in the code to be translated into a graph node, wherein each object to be converted comprises each input data, each output data and each calculation operation;
And determining connection edges between the graph nodes according to the relation between the objects to be converted in the code to be translated, and obtaining the directed acyclic graph formed by the graph nodes and the connection edges.
3. The homomorphic encryption service code translation method according to claim 1, wherein the various homomorphic encryption algorithm libraries include a seal library, an OPENFHE library, a success library, and a GPU-accelerated version seal library, and wherein the step of determining a target homomorphic encryption algorithm library from the various homomorphic encryption algorithm libraries based on the multiplication depth reference value, the scene type, the security level, and the multiplication depth comprises:
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a time priority scene, determining the seal library as a target homomorphic encryption algorithm library;
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a precision priority scene, or if the multiplication depth is larger than the multiplication depth reference value, determining the OPENFHE library as a target homomorphic encryption algorithm library;
if the multiplication depth is smaller than or equal to the multiplication depth reference value and the scene type is a scene with CUDA GPU hardware resources, determining the GPU acceleration version seal library as a target homomorphic encryption algorithm library;
And if the scene type is homomorphic tfhe/fhe algorithm uint8 data type scene, determining the concrete library as a target homomorphic encryption algorithm library.
4. The homomorphic encryption service code translation method according to claim 1, wherein the optimizing the directed acyclic graph according to a preset optimization strategy comprises:
setting a reference size value of each graph node in the directed acyclic graph, wherein the reference size values of the graph nodes are the same;
traversing the directed acyclic graph, and updating the size value of each graph node according to the calculation logic in the directed acyclic graph to obtain the updated size value of each graph node;
and inserting the graph nodes of the scaling operation type into the directed acyclic graph according to the updated size values of the graph nodes.
5. The homomorphic encryption traffic code translation method according to claim 4, wherein the step of inserting the graph nodes of the scaling operation type in the directed acyclic graph according to the updated size values of the respective graph nodes comprises:
and if the updated size values of the two graph nodes serving as the left operation value and the right operation value of the first target graph node are different for the first target graph node of the addition or subtraction operation type in the directed acyclic graph, inserting the graph node of the scaling operation type into the directed acyclic graph, wherein the size values of the left operation value and the right operation value of the first target graph node are the same after inserting the graph node of the scaling operation type.
6. The homomorphic encryption service code translation method according to claim 1, wherein the optimizing the directed acyclic graph according to a preset optimization strategy comprises:
traversing the directed acyclic graph, and determining the level value corresponding to each graph node in the directed acyclic graph according to the calculation logic in the directed acyclic graph;
and if the horizontal values of the two graph nodes serving as the left operation value and the right operation value of the second target graph node are different, inserting the graph node of the analog-to-digital conversion operation type into the directed acyclic graph, wherein the horizontal values of the left operation value and the right operation value of the second target graph node are the same after inserting the graph node of the analog-to-digital conversion operation type.
7. The homomorphic encryption service code translation method according to claim 1, wherein the optimizing the directed acyclic graph according to a preset optimization strategy comprises:
the directed acyclic graph is adjusted according to the calculation logic of the directed acyclic graph by traversing the directed acyclic graph, wherein the multiplication depth of the adjusted directed acyclic graph is smaller than the multiplication depth of the directed acyclic graph before adjustment;
Traversing a third target graph node containing plaintext operation in the directed acyclic graph, performing plaintext calculation on the third target graph node to obtain a calculation result, and updating the directed acyclic graph by adopting the calculation result; and/or the number of the groups of groups,
and for a fourth target graph node with the degree of emergence of 0 in the directed acyclic graph, changing the operation type corresponding to the fourth target graph node into an operation of a replacement type.
8. A homomorphic encryption service code translation device, characterized in that the homomorphic encryption service code translation device comprises:
the acquisition module is used for acquiring codes to be translated, wherein the codes to be translated are codes written by calculation logic in homomorphic encryption service in the form of calculation expressions;
a conversion module for converting the code to be translated into a directed acyclic graph characterizing computational logic of the computational expression;
the determining module is used for obtaining an algorithm decision index value by traversing the directed acyclic graph, and determining a target homomorphic encryption algorithm to be called from various homomorphic encryption algorithm libraries according to the algorithm decision index value;
the execution module is used for optimizing the directed acyclic graph according to a preset optimization strategy, and calling the target homomorphic encryption algorithm according to the optimized directed acyclic graph so as to execute the calculation logic of the calculation expression;
Wherein the algorithm decision index value comprises a scene type, a security level, a multiplication depth of the directed acyclic graph and a data type of a graph node of the homomorphic encryption service, and the determining module is further configured to: determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth; determining an algorithm matched with the data type from the target homomorphic encryption algorithm library according to the data type of the graph node in the directed acyclic graph, and taking the algorithm as the target homomorphic encryption algorithm to be called;
the determining module is further configured to: determining a target homomorphic encryption algorithm library from the homomorphic encryption algorithm libraries according to the scene type, the security level and the multiplication depth; and determining an algorithm matched with the data type from the target homomorphic encryption algorithm library according to the data type of the graph node in the directed acyclic graph, and taking the algorithm as the target homomorphic encryption algorithm to be called.
9. A homomorphic encrypted service code translation device, characterized in that the homomorphic encrypted service code translation device comprises: memory, a processor and a homomorphic encryption service code translation program stored on the memory and executable on the processor, which homomorphic encryption service code translation program when executed by the processor implements the steps of the homomorphic encryption service code translation method of any one of claims 1 to 7.
10. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a homomorphic encrypted service code translation program, which when executed by a processor, implements the steps of the homomorphic encrypted service code translation method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311766116.1A CN117435200B (en) | 2023-12-21 | 2023-12-21 | Homomorphic encryption service code translation method, device, equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311766116.1A CN117435200B (en) | 2023-12-21 | 2023-12-21 | Homomorphic encryption service code translation method, device, equipment and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117435200A CN117435200A (en) | 2024-01-23 |
| CN117435200B true CN117435200B (en) | 2024-04-16 |
Family
ID=89555717
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311766116.1A Active CN117435200B (en) | 2023-12-21 | 2023-12-21 | Homomorphic encryption service code translation method, device, equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117435200B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112698921A (en) * | 2021-01-08 | 2021-04-23 | 腾讯科技(深圳)有限公司 | Logic code operation method and device, computer equipment and storage medium |
| WO2022062337A1 (en) * | 2020-09-28 | 2022-03-31 | 广州华多网络科技有限公司 | Method and device for data aggregation, terminal device, and computer-readable storage medium |
| KR20220094052A (en) * | 2020-12-28 | 2022-07-05 | 연세대학교 산학협력단 | IoT SERVICE PROVIDING METHOD BASED ON ADAPTIVE ENCRYPTION AND IoT APPARATUS |
| CN115276948A (en) * | 2022-07-20 | 2022-11-01 | 京信数据科技有限公司 | Homomorphic encryption calculation method and system |
| EP4099609A1 (en) * | 2021-06-04 | 2022-12-07 | Zama SAS | Computational network conversion for fully homomorphic evaluation |
| CN115580390A (en) * | 2022-08-24 | 2023-01-06 | 京信数据科技有限公司 | Multi-scene mode calculation method and system under safe multi-party calculation |
| CN116150795A (en) * | 2023-04-17 | 2023-05-23 | 粤港澳大湾区数字经济研究院(福田) | Homomorphic encryption-based data processing method, system and related equipment |
| CN116662941A (en) * | 2023-07-31 | 2023-08-29 | 腾讯科技(深圳)有限公司 | Information encryption method, device, computer equipment and storage medium |
| CN117061084A (en) * | 2023-08-15 | 2023-11-14 | 东北大学 | Efficient verifiable outsourcing calculation method based on isomorphic encryption |
-
2023
- 2023-12-21 CN CN202311766116.1A patent/CN117435200B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022062337A1 (en) * | 2020-09-28 | 2022-03-31 | 广州华多网络科技有限公司 | Method and device for data aggregation, terminal device, and computer-readable storage medium |
| KR20220094052A (en) * | 2020-12-28 | 2022-07-05 | 연세대학교 산학협력단 | IoT SERVICE PROVIDING METHOD BASED ON ADAPTIVE ENCRYPTION AND IoT APPARATUS |
| CN112698921A (en) * | 2021-01-08 | 2021-04-23 | 腾讯科技(深圳)有限公司 | Logic code operation method and device, computer equipment and storage medium |
| EP4099609A1 (en) * | 2021-06-04 | 2022-12-07 | Zama SAS | Computational network conversion for fully homomorphic evaluation |
| CN115276948A (en) * | 2022-07-20 | 2022-11-01 | 京信数据科技有限公司 | Homomorphic encryption calculation method and system |
| CN115580390A (en) * | 2022-08-24 | 2023-01-06 | 京信数据科技有限公司 | Multi-scene mode calculation method and system under safe multi-party calculation |
| CN116150795A (en) * | 2023-04-17 | 2023-05-23 | 粤港澳大湾区数字经济研究院(福田) | Homomorphic encryption-based data processing method, system and related equipment |
| CN116662941A (en) * | 2023-07-31 | 2023-08-29 | 腾讯科技(深圳)有限公司 | Information encryption method, device, computer equipment and storage medium |
| CN117061084A (en) * | 2023-08-15 | 2023-11-14 | 东北大学 | Efficient verifiable outsourcing calculation method based on isomorphic encryption |
Non-Patent Citations (1)
| Title |
|---|
| 基于符号EVBDD的安全多方计算;徐周波 等;计算机科学;20160415(第04期);第134-140页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117435200A (en) | 2024-01-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110609693B (en) | Code updating method and device based on data standardization and terminal equipment | |
| Huang et al. | A deep-reinforcement-learning-based approach to dynamic eMBB/URLLC multiplexing in 5G NR | |
| CN112104709B (en) | Intelligent contract processing method, device, medium and electronic equipment | |
| Aquilani et al. | Performance analysis at the software architectural design level | |
| CN109086215B (en) | Embedded software unit test case generation method and system | |
| US11934287B2 (en) | Method, electronic device and computer program product for processing data | |
| CN112286752A (en) | Algorithm verification method and system for federated learning heterogeneous processing system | |
| US8423980B1 (en) | Methods for handling inlined functions using sample profiles | |
| da Silva Pinheiro et al. | Performance prediction for supporting mobile applications’ offloading | |
| Cortellessa et al. | Automatic derivation of software performance models from case documents | |
| CN117435200B (en) | Homomorphic encryption service code translation method, device, equipment and readable storage medium | |
| US7603662B2 (en) | System and method for sensing types of local variables | |
| US20210041991A1 (en) | System and method for implementing a self service machine learning framework | |
| CN101884064A (en) | Information processing apparatus, information processing method, and computer program | |
| US8645758B2 (en) | Determining page faulting behavior of a memory operation | |
| Prihozhy et al. | Data dependences critical path evaluation at C/C++ system level description | |
| Prihozhy et al. | Evaluation of the parallelization potential for efficient multimedia implementations: dynamic evaluation of algorithm critical path | |
| US20210132922A1 (en) | Methods and systems for program optimization utilizing intelligent space exploration | |
| US7797692B1 (en) | Estimating a dominant resource used by a computer program | |
| CN116560668A (en) | Data processing apparatus and data processing method | |
| Zhang et al. | A distributed computation of the shortest path in large-scale road network | |
| US11853194B2 (en) | Systems and methods for universal system-to-system communication management and analysis | |
| Mendizabal et al. | Stochastic object-based graph grammars | |
| Barreto et al. | Apache Dynamic Update for Feedback Control of Computing Resources | |
| Jung et al. | Grid Job Builder-a workflow editor for computing grids |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |