WO2020011183A1 - Secure multiparty computation method, device, and system - Google Patents

Secure multiparty computation method, device, and system Download PDF

Info

Publication number
WO2020011183A1
WO2020011183A1 PCT/CN2019/095369 CN2019095369W WO2020011183A1 WO 2020011183 A1 WO2020011183 A1 WO 2020011183A1 CN 2019095369 W CN2019095369 W CN 2019095369W WO 2020011183 A1 WO2020011183 A1 WO 2020011183A1
Authority
WO
WIPO (PCT)
Prior art keywords
sub
initial
task
calculation
circuit
Prior art date
Application number
PCT/CN2019/095369
Other languages
French (fr)
Chinese (zh)
Inventor
谢翔
李升林
孙立林
Original Assignee
云图有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云图有限公司 filed Critical 云图有限公司
Publication of WO2020011183A1 publication Critical patent/WO2020011183A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/122Hardware reduction or efficient architectures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem

Definitions

  • the invention relates to the technical field of cryptography, and in particular, to a secure multi-party computing method, device and system.
  • Secure multiparty computing has been an active research direction in the field of cryptography.
  • Secure multi-party computing refers to the case where there is no trusted third party, multiple participants jointly calculate a function, so that all participants can calculate the calculation results, but will not disclose the input information of each party.
  • secure multiparty computing the most common and effective way is to use a encrypted circuit and inadvertent transmission.
  • the main idea of the encryption circuit is to represent the function that needs to be calculated as a logic circuit, and do the encryption operation for each logic gate one by one. Both the encryption and decryption operations in the prior art are performed locally, occupying local resources, and reducing the computing efficiency and the performance of the secure multi-party computing technology.
  • the main purpose of the embodiments of the present invention is to provide a secure multiparty computing method, device, and system to reduce local resource occupation, improve computing efficiency, and performance of the secure multiparty computing technology.
  • an embodiment of the present invention provides a secure multi-party computing method, including:
  • An embodiment of the present invention further provides a secure multi-party calculation method, including:
  • the calculation result is sent to the first secure multiparty computing device.
  • An embodiment of the present invention further provides a first secure multiparty computing device, including:
  • a label unit which is used to select multiple pairs of random numbers to form an input label and an auxiliary label
  • a first processing result unit configured to perform corresponding processing on a first function, an initial logic circuit, an input label, and an auxiliary label to obtain a first processing result
  • a first sending unit configured to send a first processing result to a first outsourced computing device; send an encryption circuit and a first sub-input tag to a second secure multiparty computing device;
  • a first receiving unit configured to receive an initial first sub-circuit generated by a first outsourced computing device according to a first processing result; and receive a calculation result from a second secure multiparty computing device;
  • An encryption circuit unit configured to process an initial first sub-circuit to obtain an encryption circuit
  • the first sub-input label unit is configured to obtain a first sub-input label according to the input data corresponding to the initial logic circuit and the input label.
  • An embodiment of the present invention further provides a second secure multiparty computing device, including:
  • a second receiving unit configured to receive the encryption circuit and the first sub-input tag from the first secure multi-party computing device; and receive the initial sub-computation result generated by the second outsourced computing device according to the second processing result;
  • a second sub-input label unit configured to obtain a second sub-input label according to the first sub-input label
  • a second processing result unit configured to perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result
  • a second sending unit configured to send the second processing result to the second outsourced computing device; and send the calculation result to the first secure multiparty computing device;
  • a calculation result unit is used to process the initial sub-calculation result to obtain a calculation result.
  • An embodiment of the present invention also provides a secure multiparty computing system, including:
  • the first secure multiparty computing device as described above;
  • the second secure multiparty computing device as described above.
  • An embodiment of the present invention further provides a computer device including a memory, a processor, and a computer program stored on the memory and executable on the processor.
  • the processor executes the program, the foregoing secure multi-party computing method is implemented (calculating from the first secure multi-party Device angle).
  • An embodiment of the present invention further provides a computer-readable storage medium having a computer program stored thereon.
  • the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the first secure multiparty computing device) are implemented.
  • An embodiment of the present invention further provides a computer device including a memory, a processor, and a computer program stored on the memory and executable on the processor.
  • the processor executes the program, the foregoing secure multi-party computing method is implemented (from the second secure multi-party computing method). Device angle).
  • An embodiment of the present invention also provides a computer-readable storage medium having a computer program stored thereon.
  • the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the second secure multiparty computing device) are implemented.
  • the secure multi-party computing method, device and system of the embodiments of the present invention can reduce the occupation of local resources, improve the computing efficiency and the performance of the secure multi-party computing technology.
  • FIG. 1 is a flowchart of a secure multiparty computing method (from the perspective of a first secure multiparty computing device) in an embodiment of the present invention
  • FIG. 2 is a specific flowchart of S103
  • FIG. 3 is a specific flowchart of S106
  • FIG. 4 is a specific flowchart of one embodiment of S301
  • FIG. 6 is a flowchart of a secure multiparty computing method (from the perspective of a second secure multiparty computing device) in an embodiment of the present invention
  • FIG. 7 is a specific flowchart of S603
  • FIG. 8 is a specific flowchart of S606
  • FIG. 9 is a specific flowchart of one embodiment of S801; FIG.
  • FIG. 10 is a specific flowchart of another embodiment of S801;
  • FIG. 11 is a structural block diagram of a first secure multiparty computing device in an embodiment of the present invention.
  • FIG. 12 is a structural block diagram of a second secure multiparty computing device in an embodiment of the present invention.
  • FIG. 13 is a structural block diagram of a secure multiparty computing system in an embodiment of the present invention.
  • FIG. 14 is a block diagram showing a structure of a computer device in the first embodiment of the present invention.
  • FIG. 15 is a structural block diagram of a computer device in a second embodiment of the present invention.
  • FIG. 1 is a flowchart of a secure multiparty computing method (from the perspective of a first secure multiparty computing device) in an embodiment of the present invention.
  • the secure multi-party calculation method includes:
  • S102 Select multiple pairs of random numbers to form an input label and an auxiliary label.
  • S104 Send the first processing result to the first outsourced computing device.
  • S105 Receive an initial first sub-circuit generated by the first outsourced computing device according to the first processing result.
  • S106 Process the initial first sub-circuit to obtain an encryption circuit.
  • S108 Send the encryption circuit and the first sub-input tag to a second secure multiparty computing device.
  • the execution subject of the secure multiparty computing method shown in FIG. 1 may be a first secure multiparty computing device.
  • the secure multi-party calculation method (from the perspective of the first secure multi-party computing device) of the embodiment of the present invention first converts a calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input label and an auxiliary label , Processing the first function, the initial logic circuit, the input tag, and the auxiliary tag to obtain the first processing result, sending the first processing result to the first outsourced computing device, and then receiving the first outsourced computing device according to the first processing result Generate the initial first sub-circuit, process the initial first sub-circuit, obtain an encryption circuit, and then obtain the first sub-input label according to the input data and input label corresponding to the initial logic circuit, and then encrypt the circuit and the first sub-input label Sending to the second secure multi-party computing device and finally receiving the calculation result from the second secure multi-party computing device can reduce the local resource
  • each pair of random numbers in the input label corresponds to a first value and a second value of each input line of the initial logic circuit.
  • each line has only two values of 0 and 1 (the first value and the second value), and two 128-bit labels L 0 and L 1 can be selected.
  • the method of selecting tags can be divided into the following two categories:
  • the corresponding label is used for encryption to obtain an encryption circuit.
  • FIG. 2 is a specific flowchart of S103. As shown in FIG. 2, S103 specifically includes:
  • S201 Generate first input data according to an initial logic circuit, an input tag, and an auxiliary tag.
  • S202 Split the first input data into a plurality of first sub-input data according to a first preset policy.
  • S203 Generate each first sub-task according to the first function and each first sub-input data.
  • S104 specifically includes: allocating each first subtask to a plurality of first outsourced computing devices.
  • S105 specifically includes: receiving a plurality of initial first sub-circuits corresponding to each first sub-task.
  • FIG. 3 is a specific flowchart of S106. As shown in FIG. 3, S106 specifically includes:
  • S301 Select one of a plurality of initial first sub-circuits corresponding to each first sub-task as a first sub-circuit corresponding to each first sub-task.
  • S302 Integrate a first sub-circuit corresponding to each first sub-task to generate an encryption circuit.
  • FIG. 4 is a specific flowchart of one embodiment of S301. As shown in FIG. 4, S301 specifically includes:
  • S402 Count the number of initial first sub-circuits in each array corresponding to each first sub-task.
  • the first sub-task is redistributed to other outsourced computing devices for calculation.
  • FIG. 5 is a specific flowchart of another embodiment of S301. As shown in FIG. 5, S301 specifically includes:
  • S501 Generate each initial first sub-circuit corresponding to each first sub-task according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and a preset first safety parameter The calculation proves.
  • S501 specifically includes: generating a first common parameter according to a preset first security parameter; and according to each first subtask, each initial first subcircuit corresponding to each first subtask, and the first common Parameters, generating a calculation proof of each initial first sub-circuit corresponding to each first sub-task;
  • the first common parameter is generated according to the preset first safety parameter and the first function; according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter, generating A calculation proof of each initial first sub-circuit corresponding to each first sub-task.
  • the specific process of the secure multiparty computing method is as follows:
  • the first secure multiparty computing device converts the calculation function f (g, h) into an initial logic circuit C; where g is the input data of the first secure multiparty computing device and h is the input data of the second secure multiparty computing device.
  • the input data of the second secure multiparty computing device will not be leaked to the first secure multiparty computing device.
  • the first secure multi-party computing device generates first input data x according to the initial logic circuit C, the input tag, and the auxiliary tag.
  • the first secure multi-party computing device divides the first input data x into a plurality of first sub-input data x 1 , ..., x k according to a first preset policy.
  • T i is the i-th first subtask
  • Generation is the first function
  • x i is the i-th first sub-input data.
  • the first secure multi-party computing device allocates each first subtask to a plurality of first outsourced computing devices.
  • the first secure multi-party computing device receives m initial first sub-circuits R i1 , ..., R im corresponding to each first sub-task.
  • R im is the m-th initial first sub-circuit corresponding to the i-th first sub-task, and there are a total of k first sub-tasks.
  • the first secure multi-party computing device selects one of a plurality of initial first sub-circuits corresponding to each first sub-task as a first sub-circuit corresponding to each first sub-task.
  • the following two technical means can be adopted to select the first sub-circuit:
  • the first secure multi-party computing device assigns the initial first subcircuits of the same value corresponding to each first subtask to the same array, and counts the initial first subcircuits in each array corresponding to each first subtask. When the maximum number is greater than a preset value, an initial first sub-circuit in the array corresponding to the number is used as the first sub-circuit corresponding to each first sub-task.
  • First a secure multiparty computation means generates a first public parameter PP according to the preset first security parameter ⁇ 1 (PP 1 ⁇ ParamGen ( ⁇ 1)); or, according to a preset first and second security parameter [lambda] 1
  • a function Generation generates a first common parameter PP 1 (PP 1 ⁇ ParamGen ( ⁇ 1 , Generation)).
  • PP 1 ⁇ ParamGen ⁇ 1 , Generation
  • a calculation of each initial first sub-circuit corresponding to each first sub-task is generated Prove ⁇ 1 ( ⁇ 1 ⁇ GenProof (PP 1 , T i , Generation, R im )).
  • a first secure multiparty computation means based on the input data g and the initial input tag corresponding to the logic circuit, to give the first sub-input label (L g11, L g22, ... , L gn1n1), the encrypted sub-circuit and a first input
  • the tag is sent to a second secure multiparty computing device.
  • the first secure multiparty computing device receives a calculation result C (g, h) from the second secure multiparty computing device.
  • the secure multi-party calculation method (from the perspective of the first secure multi-party computing device) of the embodiment of the present invention first converts the calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input label and an auxiliary label, and combines the first function,
  • the initial logic circuit, input tags and auxiliary tags are processed accordingly to obtain the first processing result, the first processing result is sent to the first outsourced computing device, and then the initial first child generated by the first outsourced computing device according to the first processing result is received Circuit to process the initial first sub-circuit to obtain an encryption circuit, and then obtain a first sub-input label according to the input data and input label corresponding to the initial logic circuit, and send the encryption circuit and the first sub-input label to a second secure multiparty
  • the computing device finally receives the calculation result from the second secure multi-party computing device, which can reduce the occupation of local resources, improve the computing efficiency and the performance of the secure multi-party computing technology.
  • the secure multi-party calculation method includes:
  • S601 Receive an encryption circuit and a first sub-input tag from a first secure multiparty computing device.
  • S602 Obtain a second sub-input label according to the first sub-input label.
  • S603 Perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result.
  • S604 Send the second processing result to the second outsourced computing device.
  • S605 Receive an initial sub-calculation result generated by the second outsourced computing device according to the second processing result.
  • S607 Send the calculation result to the first secure multiparty computing device.
  • the execution subject of the secure multiparty computing method shown in FIG. 6 may be a second secure multiparty computing device.
  • the secure multiparty computing method (from the perspective of the second secure multiparty computing device) of the embodiment of the present invention first receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and then according to the first One sub-input tag obtains the second sub-input tag, processes the second function, the encryption circuit, the first sub-input tag, and the second sub-input tag accordingly to obtain a second processing result, and then sends the second processing result to the second
  • the outsourced computing device receives the initial sub-calculation result generated by the second outsourced computing device according to the second processing result, then processes the initial sub-calculation result to obtain the calculation result, and finally sends the calculation result to the first secure multi-party computing device, which can reduce Local resource occupation improves computing efficiency and performance of secure multi-party computing technology.
  • the second sub-input label may be obtained through an inadvertent transmission protocol.
  • FIG. 7 is a specific flowchart of S603. As shown in Figure 7, S603 specifically includes:
  • S701 Generate second input data according to the encryption circuit, the first sub-input label, and the second sub-input label.
  • S702 Split the second input data into a plurality of second sub-input data according to a second preset policy.
  • S703 Generate each second sub-task according to the second function and each second sub-input data.
  • S604 specifically includes: allocating each second subtask to a plurality of second outsourced computing devices.
  • S605 specifically includes: receiving a plurality of initial sub-computation results corresponding to each second sub-task.
  • FIG. 8 is a specific flowchart of S606. As shown in Figure 8, S606 specifically includes:
  • S801 Select one of a plurality of initial sub-computation results corresponding to each second sub-task as a sub-computation result corresponding to each second sub-task.
  • FIG. 9 is a specific flowchart of one embodiment of S801. As shown in Figure 9, S801 specifically includes:
  • FIG. 10 is a specific flowchart of another embodiment of S801. As shown in FIG. 10, S801 specifically includes:
  • each initial sub-computation result corresponding to each second sub-task According to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and a preset second safety parameter, calculation for generating each initial sub-computation result corresponding to each second sub-task prove.
  • S1001 specifically includes: generating a second common parameter according to a preset second security parameter; and according to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and the second common parameter To generate a calculation certificate for each initial sub-computation result corresponding to each second sub-task;
  • the second secure multiparty computing device receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and obtains the second sub-input tag (L h11 , L h22 , ..., L according to the first sub-input tag). hn1n1).
  • the second secure multi-party computing device generates the second input data y according to the encryption circuit C ', the first sub-input tag and the second sub-input tag.
  • the second secure multi-party computing device splits the second input data y into a plurality of second sub-input data y 1 , ..., y j according to a second preset strategy.
  • Q i is the i-th second subtask
  • Evaluation is the second function
  • y i is the i-th second sub-input data.
  • the second secure multi-party computing device allocates each second subtask to a plurality of second outsourced computing devices.
  • the second secure multiparty computation means for receiving each second sub-tasks corresponding to the sub initial calculations o U i1, ..., U io.
  • U io is the o-th initial sub-calculation result corresponding to the i-th second sub-task, and there are j second sub-tasks in total.
  • the second secure multi-party computing device selects one of a plurality of initial sub-computation results corresponding to each second sub-task as a sub-computation result corresponding to each second sub-task.
  • the following two technical methods can be used to select sub-calculation results:
  • the second secure multi-party computing device allocates the initial sub-computation results of the same value corresponding to each second sub-task to the same array, and counts the number of initial sub-computation results in each array corresponding to each second sub-task When the maximum number is greater than a preset value, an initial sub-computation result in an array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
  • Second secure multiparty computation means 2 generating a second security parameter according to a preset second common parameter [lambda] PP 2 (PP 2 ⁇ ParamGen ( ⁇ 2)); or, according to preset 2 and a second security parameter [lambda]
  • the two function Evaluation generates a second common parameter PP 2 (PP 2 ⁇ ParamGen ( ⁇ 2 , Evaluation)).
  • a calculation certificate for each initial sub-computation result corresponding to each second sub-task is generated ⁇ 2 ( ⁇ 2 ⁇ GenProof (PP 2 , Q i , Evaluation, U io )).
  • the second secure multi-party computing device integrates the sub-computation results U i corresponding to each second sub-task, generates a calculation result C (g, h), and sends the calculation result to the first secure multi-party computing device.
  • the secure multiparty computing method of the embodiment of the present invention (from the perspective of the second secure multiparty computing device) first receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and then obtains Two sub-input tags, correspondingly process the second function, the encryption circuit, the first sub-input tag, and the second sub-input tag to obtain the second processing result, and then send the second processing result to the second outsourcing computing device to receive the first
  • the two outsourced computing devices generate the initial sub-calculation results according to the second processing result, then process the initial sub-calculation results to obtain the calculation results, and finally send the calculation results to the first secure multi-party computing device, which can reduce the local resource occupation and improve the calculation. Efficiency and performance of multiparty computing technologies.
  • an embodiment of the present invention also provides a first secure multiparty computing device. Since the principle of solving the problem of the device is similar to the secure multiparty computing method (from the perspective of the first secure multiparty computing device), the implementation of the device You can refer to the implementation of the method, and the repetition is not repeated.
  • FIG. 11 is a structural block diagram of a first secure multiparty computing device in an embodiment of the present invention. As shown in FIG. 11, the first secure multi-party computing device includes:
  • a label unit which is used to select multiple pairs of random numbers to form an input label and an auxiliary label
  • a first processing result unit configured to perform corresponding processing on a first function, an initial logic circuit, an input label, and an auxiliary label to obtain a first processing result
  • a first sending unit configured to send a first processing result to a first outsourced computing device; send an encryption circuit and a first sub-input tag to a second secure multiparty computing device;
  • a first receiving unit configured to receive an initial first sub-circuit generated by a first outsourced computing device according to a first processing result; and receive a calculation result from a second secure multiparty computing device;
  • An encryption circuit unit configured to process an initial first sub-circuit to obtain an encryption circuit
  • the first sub-input label unit is configured to obtain a first sub-input label according to the input data corresponding to the initial logic circuit and the input label.
  • each pair of random numbers in the input label corresponds to a first value and a second value of each input line of the initial logic circuit.
  • the first processing result unit includes:
  • a first input data generating subunit configured to generate first input data according to an initial logic circuit, an input label, and an auxiliary label
  • a first input data splitting subunit configured to split the first input data into multiple first subinput data according to a first preset strategy
  • a first subtask subunit configured to generate each first subtask according to a first function and each first subinput data
  • the first sending unit is specifically configured to:
  • the first receiving unit is specifically configured to:
  • the encryption circuit unit includes:
  • a first selection subunit configured to select one of a plurality of initial first subcircuits corresponding to each first subtask as a first subcircuit corresponding to each first subtask;
  • the first integration unit is configured to integrate a first sub-circuit corresponding to each first sub-task to generate an encryption circuit.
  • the first selection subunit is specifically configured to:
  • an initial first sub-circuit in an array corresponding to the number is used as a first sub-circuit corresponding to each first sub-task.
  • the first selection subunit is specifically configured to:
  • each initial first sub-circuit corresponding to each first sub-task and a preset first safety parameter, a calculation of each initial first sub-circuit corresponding to each first sub-task is generated prove;
  • the initial first sub-circuit corresponding to the calculation verification is taken as the first sub-circuit corresponding to each first sub-task.
  • the first selection subunit is specifically configured to:
  • the first common parameter is generated according to the preset first safety parameter and the first function; according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter, generating A calculation proof of each initial first sub-circuit corresponding to each first sub-task.
  • the first secure multi-party computing device first converts a calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input tag and an auxiliary tag, and combines the first function, the initial logic circuit, the input tag, and an auxiliary tag.
  • the tag performs corresponding processing to obtain the first processing result, sends the first processing result to the first outsourced computing device, and then receives the initial first subcircuit generated by the first outsourced computing device according to the first processing result, and
  • the processing is performed to obtain an encryption circuit, and then the first sub-input tag is obtained according to the input data and input tags corresponding to the initial logic circuit, and the encryption circuit and the first sub-input tag are sent to a second secure multi-party computing device, and finally received from the second
  • the calculation result of the secure multi-party computing device can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
  • an embodiment of the present invention also provides a second secure multiparty computing device. Since the principle of solving the problem of the device is similar to the secure multiparty computing method (from the perspective of the second secure multiparty computing device), the implementation of the device You can refer to the implementation of the method, and the repetition is not repeated.
  • FIG. 12 is a structural block diagram of a second secure multiparty computing device in an embodiment of the present invention. As shown in FIG. 12, the second secure multi-party computing device includes:
  • a second receiving unit configured to receive the encryption circuit and the first sub-input tag from the first secure multi-party computing device; and receive the initial sub-computation result generated by the second outsourced computing device according to the second processing result;
  • a second sub-input label unit configured to obtain a second sub-input label according to the first sub-input label
  • a second processing result unit configured to perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result
  • a second sending unit configured to send the second processing result to the second outsourced computing device; and send the calculation result to the first secure multiparty computing device;
  • a calculation result unit is used to process the initial sub-calculation result to obtain a calculation result.
  • the second processing result unit includes:
  • a second input data generating subunit configured to generate second input data according to the encryption circuit, the first sub-input label, and the second sub-input label;
  • a second input data splitting subunit configured to split the second input data into multiple second subinput data according to a second preset strategy
  • a second subtask subunit configured to generate each second subtask according to a second function and each second subinput data
  • the second sending unit is specifically configured to:
  • the second receiving unit is specifically configured to:
  • the calculation result unit includes:
  • a second selection subunit configured to select one of a plurality of initial sub-calculation results corresponding to each second sub-task as a sub-calculation result corresponding to each second sub-task;
  • the second integration unit is configured to integrate sub-computation results corresponding to each second sub-task to generate a calculation result.
  • the second selection subunit is specifically configured to:
  • an initial sub-computation result in an array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
  • the second selection subunit is specifically configured to:
  • the initial sub-calculation result corresponding to the calculation proof is taken as the sub-calculation result corresponding to each second sub-task.
  • the second selection subunit is specifically configured to:
  • the second secure multiparty computing device first receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and then obtains the second sub-input tag according to the first sub-input tag, and The function, the encryption circuit, the first sub-input tag and the second sub-input tag are processed accordingly to obtain a second processing result, and then the second processing result is sent to a second outsourced computing device, and the second outsourced computing device is received according to the second processing The resulting initial sub-computation results are then processed to obtain the calculation results, and finally the calculation results are sent to the first secure multi-party computing device, which can reduce the local resource occupation, improve the calculation efficiency and the performance of the secure multi-party computing technology .
  • FIG. 13 is a structural block diagram of a secure multiparty computing system in an embodiment of the present invention.
  • the secure multiparty computing system includes a first secure multiparty computing device as described above, and a second secure multiparty computing device as described above.
  • Fig. 14 is a block diagram showing the structure of a computer device in the first embodiment of the present invention.
  • the computer device may specifically include a memory 1401, a processor 1402, a communication interface 1403, a data bus 1404, and a computer program stored in the memory 1401 and executable on the processor 1402.
  • the processor 1402 executes the computer program
  • the steps of implementing the secure multi-party computing method (from the perspective of the first secure multi-party computing device) described in any one of the foregoing embodiments are implemented. It is worth noting that this figure is exemplary; other types of structures can also be used to supplement or replace the structure to implement telecommunication functions or other functions.
  • the computer equipment of the embodiment of the present invention (from the perspective of the first secure multi-party computing device) first converts the calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input label and an auxiliary label, and the first function, the initial logic circuit, and the input
  • the tags and auxiliary tags are processed accordingly to obtain the first processing result, and the first processing result is sent to the first outsourced computing device, and then the initial first sub-circuit generated by the first outsourced computing device according to the first processing result is received.
  • a sub-circuit is processed to obtain an encryption circuit, and then the first sub-input tag is obtained according to the input data and input tags corresponding to the initial logic circuit, and the encryption circuit and the first sub-input tag are sent to a second secure multi-party computing device, and finally received
  • the calculation result from the second secure multi-party computing device can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
  • An embodiment of the present invention further provides a computer-readable storage medium having a computer program stored thereon.
  • the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the first secure multiparty computing device) are implemented.
  • the computer-readable storage medium of the embodiment of the present invention first converts a calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input tag and an auxiliary tag, and processes the first function, the initial logic circuit, the input tag, and the auxiliary tag accordingly.
  • a first processing result send the first processing result to a first outsourced computing device, and then receive an initial first sub-circuit generated by the first outsourced computing device according to the first processing result, and process the initial first sub-circuit to obtain
  • the encryption circuit then obtains the first sub-input tag according to the input data and input tag corresponding to the initial logic circuit, sends the encryption circuit and the first sub-input tag to the second secure multiparty computing device, and finally receives the second secure multiparty computing device
  • the calculation results can reduce the local resource occupation, improve the calculation efficiency and the performance of the secure multi-party computing technology.
  • FIG. 15 is a structural block diagram of a computer device in a second embodiment of the present invention.
  • the computer device may specifically include a memory 1501, a processor 1502, a communication interface 1503, a data bus 1504, and a computer program stored in the memory 1501 and executable on the processor 1502.
  • the processor 1502 executes the computer program
  • the steps of realizing the secure multi-party computing method (from the perspective of the second secure multi-party computing device) described in any one of the foregoing embodiments are implemented. It is worth noting that this figure is exemplary; other types of structures can also be used to supplement or replace the structure to implement telecommunication functions or other functions.
  • the computer device first receives an encryption circuit and a first sub-input tag from a first secure multi-party computing device, and then obtains a second sub-input tag according to the first sub-input tag.
  • the second function, the encryption circuit, and the first The sub-input tag and the second sub-input tag are processed accordingly to obtain a second processing result, and then the second processing result is sent to the second outsourced computing device, and the initial sub-calculation result generated by the second outsourced computing device according to the second processing result is received Then, the initial sub-computation result is processed to obtain the calculation result, and finally the calculation result is sent to the first secure multi-party computing device, which can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
  • An embodiment of the present invention also provides a computer-readable storage medium having a computer program stored thereon.
  • the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the second secure multiparty computing device) are implemented.
  • the computer-readable storage medium of the embodiment of the present invention first receives an encryption circuit and a first sub-input tag from a first secure multi-party computing device, and then obtains a second sub-input tag according to the first sub-input tag, and converts the second function and the encryption circuit.
  • the first sub-input tag and the second sub-input tag are processed accordingly to obtain a second processing result, and then the second processing result is sent to a second outsourced computing device, and an initial generated by the second outsourced computing device according to the second processing result is received Sub-computing results, then processing the initial sub-computing results to obtain the computing results, and finally sending the computing results to the first secure multi-party computing device, which can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
  • the embodiments of the present invention may be provided as a method, a system, or a computer program product. Therefore, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Moreover, the present invention may take the form of a computer program product implemented on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.
  • computer-usable storage media including, but not limited to, disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing device to work in a specific manner such that the instructions stored in the computer-readable memory produce a manufactured article including an instruction device, the instructions
  • the device implements the functions specified in one or more flowcharts and / or one or more blocks of the block diagram.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device, so that a series of steps can be performed on the computer or other programmable device to produce a computer-implemented process, which can be executed on the computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more flowcharts and / or one or more blocks of the block diagrams.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A secure multiparty computation method, device, and system. The secure multiparty computation method comprises: converting a computation function into an initial logic circuit (S101); selecting multiple pairs of random number so as to form an input label and an auxiliary label (S102); processing a first function, the initial logic circuit, the input label, and the auxiliary label correspondingly, so as to obtain a first processing result (S103); sending the first processing result to a first outsourced computation device (S104); receiving an initial first sub-circuit generated by the first outsourced computation device according to the first processing result (S105); processing the initial first sub-circuit so as to obtain an encrypted circuit (S106); obtaining a first sub-input label according to input data corresponding to the initial logic circuit and the input label (S107); sending the encrypted circuit and the first sub-input label to a second secure multiparty computation device (S108); and receiving a computation result from the second secure multiparty computation device (S109). According to the method, fewer local resources are occupied, and the computation efficiency and the performance of the secure multiparty computation technology are improved.

Description

安全多方计算方法、装置及系统Safe multi-party calculation method, device and system 技术领域Technical field
本发明涉及密码学技术领域,具体地,涉及一种安全多方计算方法、装置及系统。The invention relates to the technical field of cryptography, and in particular, to a secure multi-party computing method, device and system.
背景技术Background technique
安全多方计算一直是密码学领域很活跃的研究方向。安全多方计算是指在没有可信第三方的情形下,多个参与方共同计算一个函数,使得所有参与方能算出计算结果,但是不会泄露每一方的输入的信息。在安全多方计算中,最常用、最有效的方式是采用加密电路(garbled circuit)和不经意传输。Secure multiparty computing has been an active research direction in the field of cryptography. Secure multi-party computing refers to the case where there is no trusted third party, multiple participants jointly calculate a function, so that all participants can calculate the calculation results, but will not disclose the input information of each party. In secure multiparty computing, the most common and effective way is to use a encrypted circuit and inadvertent transmission.
加密电路的主要思想是将需要计算的函数表示成逻辑电路,针对每一个逻辑门逐个做加密操作。现有技术中的加密操作和解密操作均是在本地进行,占用了本地的资源,降低了计算效率和安全多方计算技术的性能。The main idea of the encryption circuit is to represent the function that needs to be calculated as a logic circuit, and do the encryption operation for each logic gate one by one. Both the encryption and decryption operations in the prior art are performed locally, occupying local resources, and reducing the computing efficiency and the performance of the secure multi-party computing technology.
发明内容Summary of the invention
本发明实施例的主要目的在于提供一种安全多方计算方法、装置及系统,以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The main purpose of the embodiments of the present invention is to provide a secure multiparty computing method, device, and system to reduce local resource occupation, improve computing efficiency, and performance of the secure multiparty computing technology.
为了实现上述目的,本发明实施例提供一种安全多方计算方法,包括:In order to achieve the foregoing objective, an embodiment of the present invention provides a secure multi-party computing method, including:
将计算函数转换为初始逻辑电路;Convert the calculation function into an initial logic circuit;
选取多对随机数组成输入标签和辅助标签;Select multiple pairs of random numbers to form input tags and auxiliary tags;
将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果;Process the first function, the initial logic circuit, the input label, and the auxiliary label accordingly to obtain a first processing result;
将第一处理结果发送至第一外包计算装置;Sending the first processing result to the first outsourced computing device;
接收第一外包计算装置根据第一处理结果生成的初始第一子电路;Receiving an initial first sub-circuit generated by a first outsourced computing device according to a first processing result;
对初始第一子电路进行处理,获得加密电路;Processing the initial first sub-circuit to obtain an encryption circuit;
根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签;Obtaining the first sub-input label according to the input data corresponding to the initial logic circuit and the input label;
将加密电路和第一子输入标签发送至第二安全多方计算装置;Sending the encryption circuit and the first sub-input tag to a second secure multiparty computing device;
接收来自第二安全多方计算装置的计算结果。Receive a calculation result from a second secure multiparty computing device.
本发明实施例还提供一种安全多方计算方法,包括:An embodiment of the present invention further provides a secure multi-party calculation method, including:
接收来自第一安全多方计算装置的加密电路和第一子输入标签;Receiving an encryption circuit and a first sub-input tag from a first secure multiparty computing device;
根据第一子输入标签获取第二子输入标签;Obtaining a second sub-input label according to the first sub-input label;
将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果;Perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result;
将第二处理结果发送至第二外包计算装置;Sending the second processing result to a second outsourced computing device;
接收第二外包计算装置根据第二处理结果生成的初始子计算结果;Receiving an initial sub-calculation result generated by the second outsourced computing device according to the second processing result;
对初始子计算结果进行处理,获得计算结果;Process the initial sub-calculation results to obtain the calculation results;
将计算结果发送至第一安全多方计算装置。The calculation result is sent to the first secure multiparty computing device.
本发明实施例还提供一种第一安全多方计算装置,包括:An embodiment of the present invention further provides a first secure multiparty computing device, including:
转换单元,用于将计算函数转换为初始逻辑电路;A conversion unit for converting a calculation function into an initial logic circuit;
标签单元,用于选取多对随机数组成输入标签和辅助标签;A label unit, which is used to select multiple pairs of random numbers to form an input label and an auxiliary label;
第一处理结果单元,用于将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果;A first processing result unit, configured to perform corresponding processing on a first function, an initial logic circuit, an input label, and an auxiliary label to obtain a first processing result;
第一发送单元,用于将第一处理结果发送至第一外包计算装置;将加密电路和第一子输入标签发送至第二安全多方计算装置;A first sending unit, configured to send a first processing result to a first outsourced computing device; send an encryption circuit and a first sub-input tag to a second secure multiparty computing device;
第一接收单元,用于接收第一外包计算装置根据第一处理结果生成的初始第一子电路;接收来自第二安全多方计算装置的计算结果;A first receiving unit, configured to receive an initial first sub-circuit generated by a first outsourced computing device according to a first processing result; and receive a calculation result from a second secure multiparty computing device;
加密电路单元,用于对初始第一子电路进行处理,获得加密电路;An encryption circuit unit, configured to process an initial first sub-circuit to obtain an encryption circuit;
第一子输入标签单元,用于根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签。The first sub-input label unit is configured to obtain a first sub-input label according to the input data corresponding to the initial logic circuit and the input label.
本发明实施例还提供一种第二安全多方计算装置,包括:An embodiment of the present invention further provides a second secure multiparty computing device, including:
第二接收单元,用于接收来自第一安全多方计算装置的加密电路和第一子输入标签;接收第二外包计算装置根据第二处理结果生成的初始子计算结果;A second receiving unit, configured to receive the encryption circuit and the first sub-input tag from the first secure multi-party computing device; and receive the initial sub-computation result generated by the second outsourced computing device according to the second processing result;
第二子输入标签单元,用于根据第一子输入标签获取第二子输入标签;A second sub-input label unit, configured to obtain a second sub-input label according to the first sub-input label;
第二处理结果单元,用于将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果;A second processing result unit, configured to perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result;
第二发送单元,用于将第二处理结果发送至第二外包计算装置;将计算结果发送至第一安全多方计算装置;A second sending unit, configured to send the second processing result to the second outsourced computing device; and send the calculation result to the first secure multiparty computing device;
计算结果单元,用于对初始子计算结果进行处理,获得计算结果。A calculation result unit is used to process the initial sub-calculation result to obtain a calculation result.
本发明实施例还提供一种安全多方计算系统,包括:An embodiment of the present invention also provides a secure multiparty computing system, including:
如上所述的第一安全多方计算装置;以及The first secure multiparty computing device as described above; and
如上所述的第二安全多方计算装置。The second secure multiparty computing device as described above.
本发明实施例还提供一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,处理器执行程序时实现上述安全多方计算方法(从第一安全多方计算装置角度)的步骤。An embodiment of the present invention further provides a computer device including a memory, a processor, and a computer program stored on the memory and executable on the processor. When the processor executes the program, the foregoing secure multi-party computing method is implemented (calculating from the first secure multi-party Device angle).
本发明实施例还提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行时实现上述安全多方计算方法(从第一安全多方计算装置角度)的步骤。An embodiment of the present invention further provides a computer-readable storage medium having a computer program stored thereon. When the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the first secure multiparty computing device) are implemented.
本发明实施例还提供一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,处理器执行程序时实现上述安全多方计算方法(从第二安全多方计算装置角度)的步骤。An embodiment of the present invention further provides a computer device including a memory, a processor, and a computer program stored on the memory and executable on the processor. When the processor executes the program, the foregoing secure multi-party computing method is implemented (from the second secure multi-party computing method). Device angle).
本发明实施例还提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行时实现上述安全多方计算方法(从第二安全多方计算装置角度)的步骤。An embodiment of the present invention also provides a computer-readable storage medium having a computer program stored thereon. When the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the second secure multiparty computing device) are implemented.
本发明实施例的安全多方计算方法、装置及系统可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The secure multi-party computing method, device and system of the embodiments of the present invention can reduce the occupation of local resources, improve the computing efficiency and the performance of the secure multi-party computing technology.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to explain the technical solutions in the embodiments of the present invention more clearly, the drawings used in the description of the embodiments are briefly introduced below. Obviously, the drawings in the following description are just some embodiments of the present invention. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without paying creative labor.
图1是本发明实施例中安全多方计算方法(从第一安全多方计算装置角度)的流程图;1 is a flowchart of a secure multiparty computing method (from the perspective of a first secure multiparty computing device) in an embodiment of the present invention;
图2是S103的具体流程图;FIG. 2 is a specific flowchart of S103;
图3是S106的具体流程图;FIG. 3 is a specific flowchart of S106;
图4是S301其中一个实施例的具体流程图;FIG. 4 is a specific flowchart of one embodiment of S301;
图5是S301另一个实施例的具体流程图;5 is a specific flowchart of another embodiment of S301;
图6是本发明实施例中安全多方计算方法(从第二安全多方计算装置角度)的流程图;6 is a flowchart of a secure multiparty computing method (from the perspective of a second secure multiparty computing device) in an embodiment of the present invention;
图7是S603的具体流程图;FIG. 7 is a specific flowchart of S603;
图8是S606的具体流程图;FIG. 8 is a specific flowchart of S606;
图9是S801其中一个实施例的具体流程图;FIG. 9 is a specific flowchart of one embodiment of S801; FIG.
图10是S801另一个实施例的具体流程图;FIG. 10 is a specific flowchart of another embodiment of S801;
图11是本发明实施例中第一安全多方计算装置的结构框图;11 is a structural block diagram of a first secure multiparty computing device in an embodiment of the present invention;
图12是本发明实施例中第二安全多方计算装置的结构框图;12 is a structural block diagram of a second secure multiparty computing device in an embodiment of the present invention;
图13是本发明实施例中安全多方计算系统的结构框图;13 is a structural block diagram of a secure multiparty computing system in an embodiment of the present invention;
图14是本发明第一实施例中计算机设备的结构框图;FIG. 14 is a block diagram showing a structure of a computer device in the first embodiment of the present invention; FIG.
图15是本发明第二实施例中计算机设备的结构框图。FIG. 15 is a structural block diagram of a computer device in a second embodiment of the present invention.
具体实施方式detailed description
为使本发明实施例的目的、技术方案和优点更加清楚明白,下面结合附图对本发明实施例做进一步详细说明。在此,本发明的示意性实施例及其说明用于解释本发明,但并不作为对本发明的限定。To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer and clearer, the embodiments of the present invention are described in further detail below with reference to the accompanying drawings. Here, the exemplary embodiments of the present invention and the description thereof are used to explain the present invention, but are not intended to limit the present invention.
图1是本发明实施例中安全多方计算方法(从第一安全多方计算装置角度)的流程图。如图1所示,安全多方计算方法包括:FIG. 1 is a flowchart of a secure multiparty computing method (from the perspective of a first secure multiparty computing device) in an embodiment of the present invention. As shown in Figure 1, the secure multi-party calculation method includes:
S101:将计算函数转换为初始逻辑电路。S101: Convert a calculation function into an initial logic circuit.
S102:选取多对随机数组成输入标签和辅助标签。S102: Select multiple pairs of random numbers to form an input label and an auxiliary label.
S103:将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果。S103: The first function, the initial logic circuit, the input label, and the auxiliary label are processed accordingly to obtain a first processing result.
S104:将第一处理结果发送至第一外包计算装置。S104: Send the first processing result to the first outsourced computing device.
S105:接收第一外包计算装置根据第一处理结果生成的初始第一子电路。S105: Receive an initial first sub-circuit generated by the first outsourced computing device according to the first processing result.
S106:对初始第一子电路进行处理,获得加密电路。S106: Process the initial first sub-circuit to obtain an encryption circuit.
S107:根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签。S107: Obtain a first sub-input label according to the input data and the input label corresponding to the initial logic circuit.
S108:将加密电路和第一子输入标签发送至第二安全多方计算装置。S108: Send the encryption circuit and the first sub-input tag to a second secure multiparty computing device.
S109:接收来自第二安全多方计算装置的计算结果。S109: Receive a calculation result from the second secure multiparty computing device.
图1所示的安全多方计算方法的执行主体可以为第一安全多方计算装置。由图1所示的流程可知,本发明实施例的安全多方计算方法(从第一安全多方计算装置角度)先将计算函数转换为初始逻辑电路,再选取多对随机数组成输入标签和辅助标签,将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果,将第一处理结果发送至第一外包计算装置,然后接收第一外包计算装置根据第一处理结果生成 的初始第一子电路,对初始第一子电路进行处理,获得加密电路,接着根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签,将加密电路和第一子输入标签发送至第二安全多方计算装置,最后接收来自第二安全多方计算装置的计算结果,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The execution subject of the secure multiparty computing method shown in FIG. 1 may be a first secure multiparty computing device. It can be known from the flow shown in FIG. 1 that the secure multi-party calculation method (from the perspective of the first secure multi-party computing device) of the embodiment of the present invention first converts a calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input label and an auxiliary label , Processing the first function, the initial logic circuit, the input tag, and the auxiliary tag to obtain the first processing result, sending the first processing result to the first outsourced computing device, and then receiving the first outsourced computing device according to the first processing result Generate the initial first sub-circuit, process the initial first sub-circuit, obtain an encryption circuit, and then obtain the first sub-input label according to the input data and input label corresponding to the initial logic circuit, and then encrypt the circuit and the first sub-input label Sending to the second secure multi-party computing device and finally receiving the calculation result from the second secure multi-party computing device can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
一实施例中,输入标签中的每对随机数均对应初始逻辑电路的每条输入线的第一取值和第二取值。In one embodiment, each pair of random numbers in the input label corresponds to a first value and a second value of each input line of the initial logic circuit.
在逻辑电路中,每条线只有0和1两种取值(第一取值和第二取值),可以选取两个128比特长的标签(label)L 0和L 1。根据不同的加密电路算法,可以将选取标签的方式分成以下两类: In the logic circuit, each line has only two values of 0 and 1 (the first value and the second value), and two 128-bit labels L 0 and L 1 can be selected. According to different encryption circuit algorithms, the method of selecting tags can be divided into the following two categories:
1、对于每一根线,随机选取一对128比特的随机数(L 0,L 1)分别代表0和1,每一根线都不一样。设共有n个输入线,此时输入标签(InputLabel)为InputLabel=[(L 01,L 11),...,(L 0n,L 1n)]。辅助标签(AuxLabel)为剩余其他的线上随机选取的其他标签。 1. For each line, randomly select a pair of 128-bit random numbers (L 0 , L 1 ) to represent 0 and 1, respectively, and each line is different. Assume that there are n input lines. At this time, the input label (InputLabel) is InputLabel = [(L 01 , L 11 ), ..., (L 0n , L 1n )]. AuxLabel is other labels randomly selected on the remaining lines.
2、对于每一根输入线,随机选取一对128比特的随机数(L0,L1)分别表示0和1,再通过输入线的标签逐步计算出其他剩余线的标签。此时辅助标签为空。2. For each input line, randomly select a pair of 128-bit random numbers (L0, L1) to represent 0 and 1, respectively, and then gradually calculate the labels of other remaining lines through the input line labels. The auxiliary label is empty at this time.
在选取标签之后,针对每一个逻辑电路的门,采用相应的标签进行加密,得到加密电路。After selecting a label, for each gate of the logic circuit, the corresponding label is used for encryption to obtain an encryption circuit.
图2是S103的具体流程图。如图2所示,S103具体包括:FIG. 2 is a specific flowchart of S103. As shown in FIG. 2, S103 specifically includes:
S201:根据初始逻辑电路、输入标签和辅助标签,生成第一输入数据。S201: Generate first input data according to an initial logic circuit, an input tag, and an auxiliary tag.
S202:将第一输入数据按照第一预设策略拆分为多个第一子输入数据。S202: Split the first input data into a plurality of first sub-input data according to a first preset policy.
S203:根据第一函数以及每一第一子输入数据生成每一第一子任务。S203: Generate each first sub-task according to the first function and each first sub-input data.
具体实施时,S104具体包括:将每个第一子任务均分配至多个第一外包计算装置。S105具体包括:接收每个第一子任务对应的多个初始第一子电路。In specific implementation, S104 specifically includes: allocating each first subtask to a plurality of first outsourced computing devices. S105 specifically includes: receiving a plurality of initial first sub-circuits corresponding to each first sub-task.
图3是S106的具体流程图。如图3所示,S106具体包括:FIG. 3 is a specific flowchart of S106. As shown in FIG. 3, S106 specifically includes:
S301:从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路。S301: Select one of a plurality of initial first sub-circuits corresponding to each first sub-task as a first sub-circuit corresponding to each first sub-task.
S302:整合每个第一子任务对应的第一子电路,生成加密电路。S302: Integrate a first sub-circuit corresponding to each first sub-task to generate an encryption circuit.
图4是S301其中一个实施例的具体流程图。如图4所示,S301具体包括:FIG. 4 is a specific flowchart of one embodiment of S301. As shown in FIG. 4, S301 specifically includes:
S401:将每个第一子任务对应的相同数值的初始第一子电路分配到同一个数组。S401: Assign the initial first sub-circuits of the same value corresponding to each first sub-task to the same array.
S402:统计每个第一子任务对应的每个数组中的初始第一子电路的数量。S402: Count the number of initial first sub-circuits in each array corresponding to each first sub-task.
S403:当最大的数量大于预设值时,将数量对应的数组中的一个初始第一子电路作为每个第一子任务对应的第一子电路。S403: When the maximum number is greater than a preset value, an initial first sub-circuit in an array corresponding to the number is used as a first sub-circuit corresponding to each first sub-task.
其中,当最大的数量小于预设值时,将该第一子任务重新分配至其他外包计算装置进行计算。Wherein, when the maximum number is less than a preset value, the first sub-task is redistributed to other outsourced computing devices for calculation.
图5是S301另一个实施例的具体流程图。如图5所示,S301具体包括:FIG. 5 is a specific flowchart of another embodiment of S301. As shown in FIG. 5, S301 specifically includes:
S501:根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和预设的第一安全参数,生成每个第一子任务对应的每个初始第一子电路的计算证明。S501: Generate each initial first sub-circuit corresponding to each first sub-task according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and a preset first safety parameter The calculation proves.
S502:当计算证明正确时,将计算证明对应的初始第一子电路作为每个第一子任务对应的第一子电路。S502: When the calculation proof is correct, the initial first sub-circuit corresponding to the calculation proof is taken as the first sub-circuit corresponding to each first sub-task.
一实施例中,S501具体包括:根据预设的第一安全参数生成第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;In an embodiment, S501 specifically includes: generating a first common parameter according to a preset first security parameter; and according to each first subtask, each initial first subcircuit corresponding to each first subtask, and the first common Parameters, generating a calculation proof of each initial first sub-circuit corresponding to each first sub-task;
或,根据预设的第一安全参数和第一函数生成第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明。Or, the first common parameter is generated according to the preset first safety parameter and the first function; according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter, generating A calculation proof of each initial first sub-circuit corresponding to each first sub-task.
安全多方计算方法(从第一安全多方计算装置角度)的具体流程如下:The specific process of the secure multiparty computing method (from the perspective of the first secure multiparty computing device) is as follows:
1、第一安全多方计算装置将计算函数f(g,h)转换为初始逻辑电路C;其中,g是第一安全多方计算装置的输入数据,h是第二安全多方计算装置的输入数据。其中,第二安全多方计算装置的输入数据不会泄露给第一安全多方计算装置。1. The first secure multiparty computing device converts the calculation function f (g, h) into an initial logic circuit C; where g is the input data of the first secure multiparty computing device and h is the input data of the second secure multiparty computing device. The input data of the second secure multiparty computing device will not be leaked to the first secure multiparty computing device.
2、第一安全多方计算装置选取多对随机数组成输入标签和辅助标签(AuxLabel)。设初始逻辑电路C共有n个输入线,此时输入标签(InputLabel)为InputLabel=[(L 01,L 11),...,(L 0n,L 1n)]。 2. The first secure multi-party computing device selects a plurality of pairs of random numbers to form an input label and an auxiliary label (AuxLabel). It is assumed that the initial logic circuit C has n input lines in total, and at this time, the input label (InputLabel) is InputLabel = [(L 01 , L 11 ), ..., (L 0n , L 1n )].
3、第一安全多方计算装置根据初始逻辑电路C、输入标签和辅助标签,生成第一输入数据x。3. The first secure multi-party computing device generates first input data x according to the initial logic circuit C, the input tag, and the auxiliary tag.
4、第一安全多方计算装置将第一输入数据x按照第一预设策略拆分为多个第一子输入数据x 1,...,x k4. The first secure multi-party computing device divides the first input data x into a plurality of first sub-input data x 1 , ..., x k according to a first preset policy.
5、第一安全多方计算装置根据第一函数以及每一第一子输入数据x i生成每一第一子任务T i=(Generation,x i)。其中,T i为第i个第一子任务,Generation为第一函数,x i为第i个第一子输入数据。 5. The first secure multi-party computing device generates each first subtask T i = (Generation, x i ) according to the first function and each first sub input data x i . Among them, T i is the i-th first subtask, Generation is the first function, and x i is the i-th first sub-input data.
6、第一安全多方计算装置将每个第一子任务均分配至多个第一外包计算装置。6. The first secure multi-party computing device allocates each first subtask to a plurality of first outsourced computing devices.
7、第一安全多方计算装置接收每个第一子任务对应的m个初始第一子电路R i1,...,R im。其中,R im为第i个第一子任务对应的第m个初始第一子电路,共有k个第一子任务。 7. The first secure multi-party computing device receives m initial first sub-circuits R i1 , ..., R im corresponding to each first sub-task. Among them, R im is the m-th initial first sub-circuit corresponding to the i-th first sub-task, and there are a total of k first sub-tasks.
8、第一安全多方计算装置从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路。具体实施时,可以采取以下两种技术手段选取第一子电路:8. The first secure multi-party computing device selects one of a plurality of initial first sub-circuits corresponding to each first sub-task as a first sub-circuit corresponding to each first sub-task. In specific implementation, the following two technical means can be adopted to select the first sub-circuit:
1.第一安全多方计算装置将每个第一子任务对应的相同数值的初始第一子电路分配到同一个数组,统计每个第一子任务对应的每个数组中的初始第一子电路的数量,当最大的数量大于预设值时,将数量对应的数组中的一个初始第一子电路作为每个第一子任务对应的第一子电路。1. The first secure multi-party computing device assigns the initial first subcircuits of the same value corresponding to each first subtask to the same array, and counts the initial first subcircuits in each array corresponding to each first subtask. When the maximum number is greater than a preset value, an initial first sub-circuit in the array corresponding to the number is used as the first sub-circuit corresponding to each first sub-task.
2.第一安全多方计算装置根据预设的第一安全参数λ 1生成第一公共参数PP 1(PP 1←ParamGen(λ 1));或,根据预设的第一安全参数λ 1和第一函数Generation生成第一公共参数PP 1(PP 1←ParamGen(λ 1,Generation))。根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和预设的第一安全参数,生成每个第一子任务对应的每个初始第一子电路的计算证明π 11←GenProof(PP 1,T i,Generation,R im))。当π 1正确时,π 1=1,将计算证明对应的初始第一子电路作为每个第一子任务对应的第一子电路R i。其中,R i为第i个第一子任务对应的第一子电路。当π 1不正确时,π 1=0,丢弃π 1对应的第一子电路,可以在短时间验证第一子电路是否正确。 2. First a secure multiparty computation means generates a first public parameter PP according to the preset first security parameter λ 1 (PP 1 ← ParamGen ( λ 1)); or, according to a preset first and second security parameter [lambda] 1 A function Generation generates a first common parameter PP 1 (PP 1 ← ParamGen (λ 1 , Generation)). According to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and a preset first safety parameter, a calculation of each initial first sub-circuit corresponding to each first sub-task is generated Prove π 11 ← GenProof (PP 1 , T i , Generation, R im )). When π 1 is correct, π 1 = 1, and the initial first sub-circuit corresponding to the calculation proof is taken as the first sub-circuit R i corresponding to each first sub-task. Wherein, R i is the first sub-circuit corresponding to the i-th first sub-task. When π 1 is incorrect, π 1 = 0, the first sub-circuit corresponding to π 1 is discarded, and it can be verified in a short time whether the first sub-circuit is correct.
9、第一安全多方计算装置整合每个第一子任务对应的第一子电路R i,生成加密电路C’=Generation(C,InputLabel,AuxLabel)。 9. The first secure multi-party computing device integrates the first sub-circuit R i corresponding to each first sub-task to generate an encryption circuit C ′ = Generation (C, InputLabel, AuxLabel).
10、第一安全多方计算装置根据初始逻辑电路对应的输入数据g以及输入标签,得到第一子输入标签(L g11,L g22,...,L gn1n1),将加密电路和第一子输入标签发送至第二安全多方计算装置。 10, a first secure multiparty computation means based on the input data g and the initial input tag corresponding to the logic circuit, to give the first sub-input label (L g11, L g22, ... , L gn1n1), the encrypted sub-circuit and a first input The tag is sent to a second secure multiparty computing device.
11、第一安全多方计算装置接收来自第二安全多方计算装置的计算结果C(g,h)。11. The first secure multiparty computing device receives a calculation result C (g, h) from the second secure multiparty computing device.
综上,本发明实施例的安全多方计算方法(从第一安全多方计算装置角度)先将计算函数转换为初始逻辑电路,再选取多对随机数组成输入标签和辅助标签,将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果,将第一处理结果发送至第一外包计算装置,然后接收第一外包计算装置根据第一处理结果生成的初始第一子电路,对初始第一子电路进行处理,获得加密电路,接着根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签,将加密电路和第一子输入标签发 送至第二安全多方计算装置,最后接收来自第二安全多方计算装置的计算结果,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。In summary, the secure multi-party calculation method (from the perspective of the first secure multi-party computing device) of the embodiment of the present invention first converts the calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input label and an auxiliary label, and combines the first function, The initial logic circuit, input tags and auxiliary tags are processed accordingly to obtain the first processing result, the first processing result is sent to the first outsourced computing device, and then the initial first child generated by the first outsourced computing device according to the first processing result is received Circuit to process the initial first sub-circuit to obtain an encryption circuit, and then obtain a first sub-input label according to the input data and input label corresponding to the initial logic circuit, and send the encryption circuit and the first sub-input label to a second secure multiparty The computing device finally receives the calculation result from the second secure multi-party computing device, which can reduce the occupation of local resources, improve the computing efficiency and the performance of the secure multi-party computing technology.
图6是本发明实施例中安全多方计算方法(从第二安全多方计算装置角度)的流程图。如图6所示,安全多方计算方法包括:6 is a flowchart of a secure multiparty computing method (from the perspective of a second secure multiparty computing device) in an embodiment of the present invention. As shown in Figure 6, the secure multi-party calculation method includes:
S601:接收来自第一安全多方计算装置的加密电路和第一子输入标签。S601: Receive an encryption circuit and a first sub-input tag from a first secure multiparty computing device.
S602:根据第一子输入标签获取第二子输入标签。S602: Obtain a second sub-input label according to the first sub-input label.
S603:将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果。S603: Perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result.
S604:将第二处理结果发送至第二外包计算装置。S604: Send the second processing result to the second outsourced computing device.
S605:接收第二外包计算装置根据第二处理结果生成的初始子计算结果。S605: Receive an initial sub-calculation result generated by the second outsourced computing device according to the second processing result.
S606:对初始子计算结果进行处理,获得计算结果。S606: Process the initial sub-calculation result to obtain a calculation result.
S607:将计算结果发送至第一安全多方计算装置。S607: Send the calculation result to the first secure multiparty computing device.
图6所示的安全多方计算方法的执行主体可以为第二安全多方计算装置。由图6所示的流程可知,本发明实施例的安全多方计算方法(从第二安全多方计算装置角度)先接收来自第一安全多方计算装置的加密电路和第一子输入标签,再根据第一子输入标签获取第二子输入标签,将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果,接着将第二处理结果发送至第二外包计算装置,接收第二外包计算装置根据第二处理结果生成的初始子计算结果,然后对初始子计算结果进行处理,获得计算结果,最后将计算结果发送至第一安全多方计算装置,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The execution subject of the secure multiparty computing method shown in FIG. 6 may be a second secure multiparty computing device. It can be known from the flow shown in FIG. 6 that the secure multiparty computing method (from the perspective of the second secure multiparty computing device) of the embodiment of the present invention first receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and then according to the first One sub-input tag obtains the second sub-input tag, processes the second function, the encryption circuit, the first sub-input tag, and the second sub-input tag accordingly to obtain a second processing result, and then sends the second processing result to the second The outsourced computing device receives the initial sub-calculation result generated by the second outsourced computing device according to the second processing result, then processes the initial sub-calculation result to obtain the calculation result, and finally sends the calculation result to the first secure multi-party computing device, which can reduce Local resource occupation improves computing efficiency and performance of secure multi-party computing technology.
在执行S602时,可以通过不经意传输协议获取第二子输入标签。When S602 is performed, the second sub-input label may be obtained through an inadvertent transmission protocol.
图7是S603的具体流程图。如图7所示,S603具体包括:FIG. 7 is a specific flowchart of S603. As shown in Figure 7, S603 specifically includes:
S701:根据加密电路、第一子输入标签和第二子输入标签,生成第二输入数据。S701: Generate second input data according to the encryption circuit, the first sub-input label, and the second sub-input label.
S702:将第二输入数据按照第二预设策略拆分为多个第二子输入数据。S702: Split the second input data into a plurality of second sub-input data according to a second preset policy.
S703:根据第二函数以及每一第二子输入数据生成每一第二子任务。S703: Generate each second sub-task according to the second function and each second sub-input data.
具体实施时,S604具体包括:将每个第二子任务均分配至多个第二外包计算装置。S605具体包括:接收每个第二子任务对应的多个初始子计算结果。In specific implementation, S604 specifically includes: allocating each second subtask to a plurality of second outsourced computing devices. S605 specifically includes: receiving a plurality of initial sub-computation results corresponding to each second sub-task.
图8是S606的具体流程图。如图8所示,S606具体包括:FIG. 8 is a specific flowchart of S606. As shown in Figure 8, S606 specifically includes:
S801:从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果。S801: Select one of a plurality of initial sub-computation results corresponding to each second sub-task as a sub-computation result corresponding to each second sub-task.
S802:整合每个第二子任务对应的子计算结果,生成计算结果。S802: Integrate sub-computation results corresponding to each second sub-task to generate a calculation result.
图9是S801其中一个实施例的具体流程图。如图9所示,S801具体包括:FIG. 9 is a specific flowchart of one embodiment of S801. As shown in Figure 9, S801 specifically includes:
S901:将每个第二子任务对应的相同数值的初始子计算结果分配到同一个数组。S901: Allocate the initial sub-computation result of the same value corresponding to each second sub-task to the same array.
S902:统计每个第二子任务对应的每个数组中的初始子计算结果的数量。S902: Count the number of initial sub-computation results in each array corresponding to each second sub-task.
S903:当最大的数量大于预设值时,将数量对应的数组中的一个初始子计算结果作为每个第二子任务对应的子计算结果。S903: When the maximum number is greater than a preset value, an initial sub-computation result in the array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
图10是S801另一个实施例的具体流程图。如图10所示,S801具体包括:FIG. 10 is a specific flowchart of another embodiment of S801. As shown in FIG. 10, S801 specifically includes:
S1001:根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和预设的第二安全参数,生成每个第二子任务对应的每个初始子计算结果的计算证明。S1001: According to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and a preset second safety parameter, calculation for generating each initial sub-computation result corresponding to each second sub-task prove.
S1002:当计算证明正确时,将计算证明对应的初始子计算结果作为每个第二子任务对应的子计算结果。S1002: When the calculation proves correct, the initial sub-calculation result corresponding to the calculation proof is used as the sub-calculation result corresponding to each second sub-task.
一实施例中,S1001具体包括:根据预设的第二安全参数生成第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;In an embodiment, S1001 specifically includes: generating a second common parameter according to a preset second security parameter; and according to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and the second common parameter To generate a calculation certificate for each initial sub-computation result corresponding to each second sub-task;
或,根据预设的第二安全参数和计算函数生成第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明。Or, generating a second common parameter according to a preset second security parameter and a calculation function; generating each second sub-task, each initial sub-computation result corresponding to each second sub-task, and the second common parameter, generating each A proof of calculation for each initial sub-computation result corresponding to the second sub-task.
安全多方计算方法(从第二安全多方计算装置角度)的具体流程如下:The specific process of the secure multiparty computing method (from the perspective of the second secure multiparty computing device) is as follows:
1、第二安全多方计算装置接收来自第一安全多方计算装置的加密电路和第一子输入标签,根据第一子输入标签获取第二子输入标签(L h11,L h22,...,L hn1n1)。 1. The second secure multiparty computing device receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and obtains the second sub-input tag (L h11 , L h22 , ..., L according to the first sub-input tag). hn1n1).
2、第二安全多方计算装置根据加密电路C’、第一子输入标签和第二子输入标签生成第二输入数据y。2. The second secure multi-party computing device generates the second input data y according to the encryption circuit C ', the first sub-input tag and the second sub-input tag.
3、第二安全多方计算装置将第二输入数据y按照第二预设策略拆分为多个第二子输入数据y 1,...,y j3. The second secure multi-party computing device splits the second input data y into a plurality of second sub-input data y 1 , ..., y j according to a second preset strategy.
4、第二安全多方计算装置根据第二函数以及每一第二子输入数据y i生成每一第二子任务Q i=(Evaluation,y i)。其中,Q i为第i个第二子任务,Evaluation为第二函数,y i为第i个第二子输入数据。 4. The second secure multi-party computing device generates each second sub-task Q i = (Evaluation, y i ) according to the second function and each second sub-input data y i . Among them, Q i is the i-th second subtask, Evaluation is the second function, and y i is the i-th second sub-input data.
5、第二安全多方计算装置将每个第二子任务均分配至多个第二外包计算装置。5. The second secure multi-party computing device allocates each second subtask to a plurality of second outsourced computing devices.
6、第二安全多方计算装置接收每个第二子任务对应的o个初始子计算结果U i1,...,U io。其中,U io为第i个第二子任务对应的第o个初始子计算结果,共有j个第二子任务。 6, the second secure multiparty computation means for receiving each second sub-tasks corresponding to the sub initial calculations o U i1, ..., U io. Among them, U io is the o-th initial sub-calculation result corresponding to the i-th second sub-task, and there are j second sub-tasks in total.
7、第二安全多方计算装置从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果。具体实施时,可以采取以下两种技术手段选取子计算结果:7. The second secure multi-party computing device selects one of a plurality of initial sub-computation results corresponding to each second sub-task as a sub-computation result corresponding to each second sub-task. In specific implementation, the following two technical methods can be used to select sub-calculation results:
1.第二安全多方计算装置将每个第二子任务对应的相同数值的初始子计算结果分配到同一个数组,统计每个第二子任务对应的每个数组中的初始子计算结果的数量,当最大的数量大于预设值时,将数量对应的数组中的一个初始子计算结果作为每个第二子任务对应的子计算结果。1. The second secure multi-party computing device allocates the initial sub-computation results of the same value corresponding to each second sub-task to the same array, and counts the number of initial sub-computation results in each array corresponding to each second sub-task When the maximum number is greater than a preset value, an initial sub-computation result in an array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
2.第二安全多方计算装置根据预设的第二安全参数λ 2生成第二公共参数PP 2(PP 2←ParamGen(λ 2));或,根据预设的第二安全参数λ 2和第二函数Evaluation生成第二公共参数PP 2(PP 2←ParamGen(λ 2,Evaluation))。根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和预设的第二安全参数,生成每个第二子任务对应的每个初始子计算结果的计算证明π 22←GenProof(PP 2,Q i,Evaluation,U io))。当π 2正确时,π 2=1,将计算证明对应的初始子计算结果作为每个第二子任务对应的子计算结果U i。其中,U i为第i个第二子任务对应的子计算结果。当π 2不正确时,π 2=0,丢弃π 2对应的子计算结果,可以在短时间验证子计算结果是否正确。 2. Second secure multiparty computation means 2 generating a second security parameter according to a preset second common parameter [lambda] PP 2 (PP 2 ← ParamGen ( λ 2)); or, according to preset 2 and a second security parameter [lambda] The two function Evaluation generates a second common parameter PP 2 (PP 2 ← ParamGen (λ 2 , Evaluation)). According to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and a preset second safety parameter, a calculation certificate for each initial sub-computation result corresponding to each second sub-task is generated π 22 ← GenProof (PP 2 , Q i , Evaluation, U io )). When correctly 2 π, π 2 = 1, the calculation shows the calculation results corresponding to the initial sub calculation result as U i corresponding to each of the second sub-subtask. Among them, U i is a sub-computation result corresponding to the i-th second sub-task. When π 2 is incorrect, π 2 = 0, and the sub-calculation result corresponding to π 2 is discarded, and the sub-calculation result can be verified in a short time.
8、第二安全多方计算装置整合每个第二子任务对应的子计算结果U i,生成计算结果C(g,h),将计算结果发送至第一安全多方计算装置。 8. The second secure multi-party computing device integrates the sub-computation results U i corresponding to each second sub-task, generates a calculation result C (g, h), and sends the calculation result to the first secure multi-party computing device.
综上,本发明实施例的安全多方计算方法(从第二安全多方计算装置角度)先接收来自第一安全多方计算装置的加密电路和第一子输入标签,再根据第一子输入标签获取第二子输入标签,将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果,接着将第二处理结果发送至第二外包计算装置,接收第二外包计算装置根据第二处理结果生成的初始子计算结果,然后对初始子计算结果进行处理,获得计算结果,最后将计算结果发送至第一安全多方计算装置,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。In summary, the secure multiparty computing method of the embodiment of the present invention (from the perspective of the second secure multiparty computing device) first receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and then obtains Two sub-input tags, correspondingly process the second function, the encryption circuit, the first sub-input tag, and the second sub-input tag to obtain the second processing result, and then send the second processing result to the second outsourcing computing device to receive the first The two outsourced computing devices generate the initial sub-calculation results according to the second processing result, then process the initial sub-calculation results to obtain the calculation results, and finally send the calculation results to the first secure multi-party computing device, which can reduce the local resource occupation and improve the calculation. Efficiency and performance of multiparty computing technologies.
基于同一发明构思,本发明实施例还提供了一种第一安全多方计算装置,由于该装置解决问题的原理与安全多方计算方法(从第一安全多方计算装置角度)相似,因此该装置的实施可以参见方法的实施,重复之处不再赘述。Based on the same inventive concept, an embodiment of the present invention also provides a first secure multiparty computing device. Since the principle of solving the problem of the device is similar to the secure multiparty computing method (from the perspective of the first secure multiparty computing device), the implementation of the device You can refer to the implementation of the method, and the repetition is not repeated.
图11是本发明实施例中第一安全多方计算装置的结构框图。如图11所示,第一安全多方计算装置包括:FIG. 11 is a structural block diagram of a first secure multiparty computing device in an embodiment of the present invention. As shown in FIG. 11, the first secure multi-party computing device includes:
转换单元,用于将计算函数转换为初始逻辑电路;A conversion unit for converting a calculation function into an initial logic circuit;
标签单元,用于选取多对随机数组成输入标签和辅助标签;A label unit, which is used to select multiple pairs of random numbers to form an input label and an auxiliary label;
第一处理结果单元,用于将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果;A first processing result unit, configured to perform corresponding processing on a first function, an initial logic circuit, an input label, and an auxiliary label to obtain a first processing result;
第一发送单元,用于将第一处理结果发送至第一外包计算装置;将加密电路和第一子输入标签发送至第二安全多方计算装置;A first sending unit, configured to send a first processing result to a first outsourced computing device; send an encryption circuit and a first sub-input tag to a second secure multiparty computing device;
第一接收单元,用于接收第一外包计算装置根据第一处理结果生成的初始第一子电路;接收来自第二安全多方计算装置的计算结果;A first receiving unit, configured to receive an initial first sub-circuit generated by a first outsourced computing device according to a first processing result; and receive a calculation result from a second secure multiparty computing device;
加密电路单元,用于对初始第一子电路进行处理,获得加密电路;An encryption circuit unit, configured to process an initial first sub-circuit to obtain an encryption circuit;
第一子输入标签单元,用于根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签。The first sub-input label unit is configured to obtain a first sub-input label according to the input data corresponding to the initial logic circuit and the input label.
在其中一种实施例中,输入标签中的每对随机数均对应初始逻辑电路的每条输入线的第一取值和第二取值。In one embodiment, each pair of random numbers in the input label corresponds to a first value and a second value of each input line of the initial logic circuit.
在其中一种实施例中,第一处理结果单元包括:In one embodiment, the first processing result unit includes:
第一输入数据生成子单元,用于根据初始逻辑电路、输入标签和辅助标签,生成第一输入数据;A first input data generating subunit, configured to generate first input data according to an initial logic circuit, an input label, and an auxiliary label;
第一输入数据拆分子单元,用于将第一输入数据按照第一预设策略拆分为多个第一子输入数据;A first input data splitting subunit, configured to split the first input data into multiple first subinput data according to a first preset strategy;
第一子任务子单元,用于根据第一函数以及每一第一子输入数据生成每一第一子任务;A first subtask subunit, configured to generate each first subtask according to a first function and each first subinput data;
第一发送单元具体用于:The first sending unit is specifically configured to:
将每个第一子任务均分配至多个第一外包计算装置;Allocating each first subtask to a plurality of first outsourced computing devices;
第一接收单元具体用于:The first receiving unit is specifically configured to:
接收每个第一子任务对应的多个初始第一子电路;Receiving a plurality of initial first sub-circuits corresponding to each first sub-task;
加密电路单元包括:The encryption circuit unit includes:
第一选取子单元,用于从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路;A first selection subunit, configured to select one of a plurality of initial first subcircuits corresponding to each first subtask as a first subcircuit corresponding to each first subtask;
第一整合单元,用于整合每个第一子任务对应的第一子电路,生成加密电路。The first integration unit is configured to integrate a first sub-circuit corresponding to each first sub-task to generate an encryption circuit.
在其中一种实施例中,第一选取子单元具体用于:In one embodiment, the first selection subunit is specifically configured to:
将每个第一子任务对应的相同数值的初始第一子电路分配到同一个数组;Assign the initial first sub-circuits of the same value corresponding to each first sub-task to the same array;
统计每个第一子任务对应的每个数组中的初始第一子电路的数量;Count the number of initial first sub-circuits in each array corresponding to each first sub-task;
当最大的数量大于预设值时,将数量对应的数组中的一个初始第一子电路作为每个第一子任务对应的第一子电路。When the maximum number is greater than a preset value, an initial first sub-circuit in an array corresponding to the number is used as a first sub-circuit corresponding to each first sub-task.
在其中一种实施例中,第一选取子单元具体用于:In one embodiment, the first selection subunit is specifically configured to:
根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和预设的第一安全参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;According to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and a preset first safety parameter, a calculation of each initial first sub-circuit corresponding to each first sub-task is generated prove;
当计算证明正确时,将计算证明对应的初始第一子电路作为每个第一子任务对应的第一子电路。When the calculation proves correct, the initial first sub-circuit corresponding to the calculation verification is taken as the first sub-circuit corresponding to each first sub-task.
在其中一种实施例中,第一选取子单元具体用于:In one embodiment, the first selection subunit is specifically configured to:
根据预设的第一安全参数生成第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;Generate a first common parameter according to a preset first safety parameter; generate each first sub-task according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter Corresponding proof of calculation of each initial first sub-circuit;
或,根据预设的第一安全参数和第一函数生成第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明。Or, the first common parameter is generated according to the preset first safety parameter and the first function; according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter, generating A calculation proof of each initial first sub-circuit corresponding to each first sub-task.
综上,本发明实施例的第一安全多方计算装置先将计算函数转换为初始逻辑电路,再选取多对随机数组成输入标签和辅助标签,将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果,将第一处理结果发送至第一外包计算装置,然后接收第一外包计算装置根据第一处理结果生成的初始第一子电路,对初始第一子电路进行处理,获得加密电路,接着根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签,将加密电路和第一子输入标签发送至第二安全多方计算装置,最后接收来自第二安全多方计算装置的计算结果,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。In summary, the first secure multi-party computing device according to the embodiment of the present invention first converts a calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input tag and an auxiliary tag, and combines the first function, the initial logic circuit, the input tag, and an auxiliary tag. The tag performs corresponding processing to obtain the first processing result, sends the first processing result to the first outsourced computing device, and then receives the initial first subcircuit generated by the first outsourced computing device according to the first processing result, and The processing is performed to obtain an encryption circuit, and then the first sub-input tag is obtained according to the input data and input tags corresponding to the initial logic circuit, and the encryption circuit and the first sub-input tag are sent to a second secure multi-party computing device, and finally received from the second The calculation result of the secure multi-party computing device can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
基于同一发明构思,本发明实施例还提供了一种第二安全多方计算装置,由于该装置解决问题的原理与安全多方计算方法(从第二安全多方计算装置角度)相似,因此该装置的实施可以参见方法的实施,重复之处不再赘述。Based on the same inventive concept, an embodiment of the present invention also provides a second secure multiparty computing device. Since the principle of solving the problem of the device is similar to the secure multiparty computing method (from the perspective of the second secure multiparty computing device), the implementation of the device You can refer to the implementation of the method, and the repetition is not repeated.
图12是本发明实施例中第二安全多方计算装置的结构框图。如图12所示,第二安全多方计算装置包括:FIG. 12 is a structural block diagram of a second secure multiparty computing device in an embodiment of the present invention. As shown in FIG. 12, the second secure multi-party computing device includes:
第二接收单元,用于接收来自第一安全多方计算装置的加密电路和第一子输入标签;接收第二外包计算装置根据第二处理结果生成的初始子计算结果;A second receiving unit, configured to receive the encryption circuit and the first sub-input tag from the first secure multi-party computing device; and receive the initial sub-computation result generated by the second outsourced computing device according to the second processing result;
第二子输入标签单元,用于根据第一子输入标签获取第二子输入标签;A second sub-input label unit, configured to obtain a second sub-input label according to the first sub-input label;
第二处理结果单元,用于将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果;A second processing result unit, configured to perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result;
第二发送单元,用于将第二处理结果发送至第二外包计算装置;将计算结果发送至第一安全多方计算装置;A second sending unit, configured to send the second processing result to the second outsourced computing device; and send the calculation result to the first secure multiparty computing device;
计算结果单元,用于对初始子计算结果进行处理,获得计算结果。A calculation result unit is used to process the initial sub-calculation result to obtain a calculation result.
在其中一种实施例中,第二处理结果单元包括:In one embodiment, the second processing result unit includes:
第二输入数据生成子单元,用于根据加密电路、第一子输入标签和第二子输入标签,生成第二输入数据;A second input data generating subunit, configured to generate second input data according to the encryption circuit, the first sub-input label, and the second sub-input label;
第二输入数据拆分子单元,用于将第二输入数据按照第二预设策略拆分为多个第二子输入数据;A second input data splitting subunit, configured to split the second input data into multiple second subinput data according to a second preset strategy;
第二子任务子单元,用于根据第二函数以及每一第二子输入数据生成每一第二子任务;A second subtask subunit, configured to generate each second subtask according to a second function and each second subinput data;
第二发送单元具体用于:The second sending unit is specifically configured to:
将每个第二子任务均分配至多个第二外包计算装置;Allocating each second subtask to multiple second outsourced computing devices;
第二接收单元具体用于:The second receiving unit is specifically configured to:
接收每个第二子任务对应的多个初始子计算结果;Receiving multiple initial sub-computation results corresponding to each second sub-task;
计算结果单元包括:The calculation result unit includes:
第二选取子单元,用于从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果;A second selection subunit, configured to select one of a plurality of initial sub-calculation results corresponding to each second sub-task as a sub-calculation result corresponding to each second sub-task;
第二整合单元,用于整合每个第二子任务对应的子计算结果,生成计算结果。The second integration unit is configured to integrate sub-computation results corresponding to each second sub-task to generate a calculation result.
在其中一种实施例中,第二选取子单元具体用于:In one embodiment, the second selection subunit is specifically configured to:
将每个第二子任务对应的相同数值的初始子计算结果分配到同一个数组;Assign the initial sub-computation result of the same value corresponding to each second sub-task to the same array;
统计每个第二子任务对应的每个数组中的初始子计算结果的数量;Count the number of initial sub-computation results in each array corresponding to each second sub-task;
当最大的数量大于预设值时,将数量对应的数组中的一个初始子计算结果作为每个第二子任务对应的子计算结果。When the maximum number is greater than a preset value, an initial sub-computation result in an array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
在其中一种实施例中,第二选取子单元具体用于:In one embodiment, the second selection subunit is specifically configured to:
根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和预设的第二安全参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;Generate a calculation certificate for each initial sub-computation result corresponding to each second sub-task according to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and a preset second safety parameter;
当计算证明正确时,将计算证明对应的初始子计算结果作为每个第二子任务对应的子计算结果。When the calculation proves correct, the initial sub-calculation result corresponding to the calculation proof is taken as the sub-calculation result corresponding to each second sub-task.
在其中一种实施例中,第二选取子单元具体用于:In one embodiment, the second selection subunit is specifically configured to:
根据预设的第二安全参数生成第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;Generate a second common parameter according to a preset second security parameter; and generate a corresponding second sub-task according to each second sub-task, each initial sub-calculation result corresponding to each second sub-task, and the second common parameter Calculation proof of the calculation result of each initial sub;
或,根据预设的第二安全参数和计算函数生成第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明。Or, generating a second common parameter according to a preset second security parameter and a calculation function; generating each second sub-task, each initial sub-computation result corresponding to each second sub-task, and the second common parameter, generating each A proof of calculation for each initial sub-computation result corresponding to the second sub-task.
综上,本发明实施例的第二安全多方计算装置先接收来自第一安全多方计算装置的加密电路和第一子输入标签,再根据第一子输入标签获取第二子输入标签,将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果,接着将第二处理结果发送至第二外包计算装置,接收第二外包计算装置根据第二处理结果生成的初始子计算结果,然后对初始子计算结果进行处理,获得计算结果,最后将计算结果发送至第一安全多方计算装置,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。In summary, the second secure multiparty computing device according to the embodiment of the present invention first receives the encryption circuit and the first sub-input tag from the first secure multiparty computing device, and then obtains the second sub-input tag according to the first sub-input tag, and The function, the encryption circuit, the first sub-input tag and the second sub-input tag are processed accordingly to obtain a second processing result, and then the second processing result is sent to a second outsourced computing device, and the second outsourced computing device is received according to the second processing The resulting initial sub-computation results are then processed to obtain the calculation results, and finally the calculation results are sent to the first secure multi-party computing device, which can reduce the local resource occupation, improve the calculation efficiency and the performance of the secure multi-party computing technology .
基于同一发明构思,本发明实施例还提供了一种安全多方计算系统。图13是本发明实施例中安全多方计算系统的结构框图。如图13所示,安全多方计算系统包括如上所述的第一安全多方计算装置,以及如上所述的第二安全多方计算装置。Based on the same inventive concept, an embodiment of the present invention further provides a secure multiparty computing system. FIG. 13 is a structural block diagram of a secure multiparty computing system in an embodiment of the present invention. As shown in FIG. 13, the secure multiparty computing system includes a first secure multiparty computing device as described above, and a second secure multiparty computing device as described above.
图14是本发明第一实施例中计算机设备的结构框图。如图14所示,该计算机设备具体可以包括存储器1401、处理器1402、通信接口1403、数据总线1404及存储在存储器1401上并可在处理器1402上运行的计算机程序,处理器1402执行计算机程序时实现上述任一实施例所描述的安全多方计算方法(从第一安全多方计算装置角度)的步骤。值得注意的是,该图是示例性的;还可以使用其他类型的结构,来补充或代替该结构,以实现电信功能或其他功能。Fig. 14 is a block diagram showing the structure of a computer device in the first embodiment of the present invention. As shown in FIG. 14, the computer device may specifically include a memory 1401, a processor 1402, a communication interface 1403, a data bus 1404, and a computer program stored in the memory 1401 and executable on the processor 1402. The processor 1402 executes the computer program The steps of implementing the secure multi-party computing method (from the perspective of the first secure multi-party computing device) described in any one of the foregoing embodiments are implemented. It is worth noting that this figure is exemplary; other types of structures can also be used to supplement or replace the structure to implement telecommunication functions or other functions.
本发明实施例的计算机设备(从第一安全多方计算装置角度)先将计算函数转换为初始逻辑电路,再选取多对随机数组成输入标签和辅助标签,将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果,将第一处理结果发送至第 一外包计算装置,然后接收第一外包计算装置根据第一处理结果生成的初始第一子电路,对初始第一子电路进行处理,获得加密电路,接着根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签,将加密电路和第一子输入标签发送至第二安全多方计算装置,最后接收来自第二安全多方计算装置的计算结果,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The computer equipment of the embodiment of the present invention (from the perspective of the first secure multi-party computing device) first converts the calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input label and an auxiliary label, and the first function, the initial logic circuit, and the input The tags and auxiliary tags are processed accordingly to obtain the first processing result, and the first processing result is sent to the first outsourced computing device, and then the initial first sub-circuit generated by the first outsourced computing device according to the first processing result is received. A sub-circuit is processed to obtain an encryption circuit, and then the first sub-input tag is obtained according to the input data and input tags corresponding to the initial logic circuit, and the encryption circuit and the first sub-input tag are sent to a second secure multi-party computing device, and finally received The calculation result from the second secure multi-party computing device can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
本发明实施例还提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行时实现上述安全多方计算方法(从第一安全多方计算装置角度)的步骤。An embodiment of the present invention further provides a computer-readable storage medium having a computer program stored thereon. When the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the first secure multiparty computing device) are implemented.
本发明实施例的计算机可读存储介质先将计算函数转换为初始逻辑电路,再选取多对随机数组成输入标签和辅助标签,将第一函数、初始逻辑电路、输入标签和辅助标签进行相应处理,获得第一处理结果,将第一处理结果发送至第一外包计算装置,然后接收第一外包计算装置根据第一处理结果生成的初始第一子电路,对初始第一子电路进行处理,获得加密电路,接着根据初始逻辑电路对应的输入数据以及输入标签,得到第一子输入标签,将加密电路和第一子输入标签发送至第二安全多方计算装置,最后接收来自第二安全多方计算装置的计算结果,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The computer-readable storage medium of the embodiment of the present invention first converts a calculation function into an initial logic circuit, and then selects a plurality of pairs of random numbers to form an input tag and an auxiliary tag, and processes the first function, the initial logic circuit, the input tag, and the auxiliary tag accordingly. To obtain a first processing result, send the first processing result to a first outsourced computing device, and then receive an initial first sub-circuit generated by the first outsourced computing device according to the first processing result, and process the initial first sub-circuit to obtain The encryption circuit then obtains the first sub-input tag according to the input data and input tag corresponding to the initial logic circuit, sends the encryption circuit and the first sub-input tag to the second secure multiparty computing device, and finally receives the second secure multiparty computing device The calculation results can reduce the local resource occupation, improve the calculation efficiency and the performance of the secure multi-party computing technology.
图15是本发明第二实施例中计算机设备的结构框图。如图15所示,该计算机设备具体可以包括存储器1501、处理器1502、通信接口1503、数据总线1504及存储在存储器1501上并可在处理器1502上运行的计算机程序,处理器1502执行计算机程序时实现上述任一实施例所描述的安全多方计算方法(从第二安全多方计算装置角度)的步骤。值得注意的是,该图是示例性的;还可以使用其他类型的结构,来补充或代替该结构,以实现电信功能或其他功能。FIG. 15 is a structural block diagram of a computer device in a second embodiment of the present invention. As shown in FIG. 15, the computer device may specifically include a memory 1501, a processor 1502, a communication interface 1503, a data bus 1504, and a computer program stored in the memory 1501 and executable on the processor 1502. The processor 1502 executes the computer program The steps of realizing the secure multi-party computing method (from the perspective of the second secure multi-party computing device) described in any one of the foregoing embodiments are implemented. It is worth noting that this figure is exemplary; other types of structures can also be used to supplement or replace the structure to implement telecommunication functions or other functions.
本发明实施例的计算机设备先接收来自第一安全多方计算装置的加密电路和第一子输入标签,再根据第一子输入标签获取第二子输入标签,将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果,接着将第二处理结果发送至第二外包计算装置,接收第二外包计算装置根据第二处理结果生成的初始子计算结果,然后对初始子计算结果进行处理,获得计算结果,最后将计算结果发送至第一安全多方计算装置,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The computer device according to the embodiment of the present invention first receives an encryption circuit and a first sub-input tag from a first secure multi-party computing device, and then obtains a second sub-input tag according to the first sub-input tag. The second function, the encryption circuit, and the first The sub-input tag and the second sub-input tag are processed accordingly to obtain a second processing result, and then the second processing result is sent to the second outsourced computing device, and the initial sub-calculation result generated by the second outsourced computing device according to the second processing result is received Then, the initial sub-computation result is processed to obtain the calculation result, and finally the calculation result is sent to the first secure multi-party computing device, which can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
本发明实施例还提供一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行时实现上述安全多方计算方法(从第二安全多方计算装置角度)的步骤。An embodiment of the present invention also provides a computer-readable storage medium having a computer program stored thereon. When the computer program is executed by a processor, the steps of the above-mentioned secure multiparty computing method (from the perspective of the second secure multiparty computing device) are implemented.
本发明实施例的计算机可读存储介质先接收来自第一安全多方计算装置的加密电路和第一子输入标签,再根据第一子输入标签获取第二子输入标签,将第二函数、加密电路、第一子输入标签和第二子输入标签进行相应处理,获得第二处理结果,接着将第二处理结果发送至第二外包计算装置,接收第二外包计算装置根据第二处理结果生成的初始子计算结果,然后对初始子计算结果进行处理,获得计算结果,最后将计算结果发送至第一安全多方计算装置,可以减少本地资源占用,提高计算效率和安全多方计算技术的性能。The computer-readable storage medium of the embodiment of the present invention first receives an encryption circuit and a first sub-input tag from a first secure multi-party computing device, and then obtains a second sub-input tag according to the first sub-input tag, and converts the second function and the encryption circuit. , The first sub-input tag and the second sub-input tag are processed accordingly to obtain a second processing result, and then the second processing result is sent to a second outsourced computing device, and an initial generated by the second outsourced computing device according to the second processing result is received Sub-computing results, then processing the initial sub-computing results to obtain the computing results, and finally sending the computing results to the first secure multi-party computing device, which can reduce the local resource occupation, improve the computing efficiency and the performance of the secure multi-party computing technology.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as a method, a system, or a computer program product. Therefore, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Moreover, the present invention may take the form of a computer program product implemented on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowcharts and / or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and / or block in the flowcharts and / or block diagrams, and combinations of processes and / or blocks in the flowcharts and / or block diagrams can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing device to produce a machine, so that the instructions generated by the processor of the computer or other programmable data processing device are used to generate instructions Means for implementing the functions specified in one or more flowcharts and / or one or more blocks of the block diagrams.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing device to work in a specific manner such that the instructions stored in the computer-readable memory produce a manufactured article including an instruction device, the instructions The device implements the functions specified in one or more flowcharts and / or one or more blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, so that a series of steps can be performed on the computer or other programmable device to produce a computer-implemented process, which can be executed on the computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more flowcharts and / or one or more blocks of the block diagrams.
本发明中应用了具体实施例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。The principle and implementation of the present invention are explained by applying specific embodiments in the present invention. The description of the above embodiments is only used to help understand the method of the present invention and its core ideas; meanwhile, for a person of ordinary skill in the art, The idea of the invention will change in both the specific implementation and the scope of application. In summary, the content of this description should not be construed as a limitation on the present invention.

Claims (27)

  1. 一种安全多方计算方法,其特征在于,包括:A secure multi-party calculation method is characterized in that it includes:
    将计算函数转换为初始逻辑电路;Convert the calculation function into an initial logic circuit;
    选取多对随机数组成输入标签和辅助标签;Select multiple pairs of random numbers to form input tags and auxiliary tags;
    将第一函数、所述初始逻辑电路、所述输入标签和所述辅助标签进行相应处理,获得第一处理结果;Perform corresponding processing on the first function, the initial logic circuit, the input label, and the auxiliary label to obtain a first processing result;
    将所述第一处理结果发送至第一外包计算装置;Sending the first processing result to a first outsourced computing device;
    接收第一外包计算装置根据所述第一处理结果生成的初始第一子电路;Receiving an initial first sub-circuit generated by a first outsourced computing device according to the first processing result;
    对所述初始第一子电路进行处理,获得加密电路;Processing the initial first sub-circuit to obtain an encryption circuit;
    根据所述初始逻辑电路对应的输入数据以及所述输入标签,得到第一子输入标签;Obtaining a first sub-input label according to the input data corresponding to the initial logic circuit and the input label;
    将所述加密电路和所述第一子输入标签发送至第二安全多方计算装置;Sending the encryption circuit and the first sub-input tag to a second secure multiparty computing device;
    接收来自所述第二安全多方计算装置的计算结果。Receiving a calculation result from the second secure multi-party computing device.
  2. 根据权利要求1所述的安全多方计算方法,其特征在于:The secure multi-party calculation method according to claim 1, characterized in that:
    所述输入标签中的每对随机数均对应所述初始逻辑电路的每条输入线的第一取值和第二取值。Each pair of random numbers in the input label corresponds to a first value and a second value of each input line of the initial logic circuit.
  3. 根据权利要求1所述的安全多方计算方法,其特征在于,将第一函数、所述初始逻辑电路、所述输入标签和所述辅助标签进行相应处理,获得第一处理结果,具体包括:The secure multi-party calculation method according to claim 1, wherein the first function, the initial logic circuit, the input label, and the auxiliary label are processed accordingly to obtain a first processing result, which specifically includes:
    根据所述初始逻辑电路、所述输入标签和所述辅助标签,生成第一输入数据;Generating first input data according to the initial logic circuit, the input label, and the auxiliary label;
    将所述第一输入数据按照第一预设策略拆分为多个第一子输入数据;Split the first input data into a plurality of first sub-input data according to a first preset strategy;
    根据所述第一函数以及每一第一子输入数据生成每一第一子任务;Generating each first sub-task according to the first function and each first sub-input data;
    将所述第一处理结果发送至第一外包计算装置,具体包括:Sending the first processing result to a first outsourced computing device specifically includes:
    将每个第一子任务均分配至多个第一外包计算装置;Allocating each first subtask to a plurality of first outsourced computing devices;
    接收第一外包计算装置根据所述第一处理结果生成的初始第一子电路,具体包括:The receiving an initial first sub-circuit generated by the first outsourced computing device according to the first processing result specifically includes:
    接收每个第一子任务对应的多个初始第一子电路;Receiving a plurality of initial first sub-circuits corresponding to each first sub-task;
    对所述初始第一子电路进行处理,获得加密电路,具体包括:Processing the initial first sub-circuit to obtain an encryption circuit specifically includes:
    从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路;Selecting one of the plurality of initial first sub-circuits corresponding to each first sub-task as the first sub-circuit corresponding to each first sub-task;
    整合每个第一子任务对应的第一子电路,生成加密电路。The first sub-circuit corresponding to each first sub-task is integrated to generate an encryption circuit.
  4. 根据权利要求3所述的安全多方计算方法,其特征在于,从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路,具体包括:The secure multiparty calculation method according to claim 3, wherein one of the plurality of initial first sub-circuits corresponding to each first sub-task is selected as the first sub-circuit corresponding to each first sub-task, and specifically include:
    将每个第一子任务对应的相同数值的初始第一子电路分配到同一个数组;Assign the initial first sub-circuits of the same value corresponding to each first sub-task to the same array;
    统计每个第一子任务对应的每个数组中的初始第一子电路的数量;Count the number of initial first sub-circuits in each array corresponding to each first sub-task;
    当最大的数量大于预设值时,将所述数量对应的数组中的一个初始第一子电路作为每个第一子任务对应的第一子电路。When the maximum number is greater than a preset value, an initial first sub-circuit in an array corresponding to the number is used as a first sub-circuit corresponding to each first sub-task.
  5. 根据权利要求3所述的安全多方计算方法,其特征在于,从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路,具体包括:The secure multiparty calculation method according to claim 3, wherein one of the plurality of initial first sub-circuits corresponding to each first sub-task is selected as the first sub-circuit corresponding to each first sub-task, and include:
    根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和预设的第一安全参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;According to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and a preset first safety parameter, a calculation of each initial first sub-circuit corresponding to each first sub-task is generated prove;
    当所述计算证明正确时,将所述计算证明对应的初始第一子电路作为每个第一子任务对应的第一子电路。When the calculation proves correct, the initial first sub-circuit corresponding to the calculation verification is taken as the first sub-circuit corresponding to each first sub-task.
  6. 根据权利要求5所述的安全多方计算方法,其特征在于,根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和预设的第一安全参数,生成每个第一子任务对应的每个初始第一子电路的计算证明,具体包括:The secure multi-party calculation method according to claim 5, characterized in that each of the first sub-tasks, each initial first sub-circuit corresponding to each first sub-task, and a preset first security parameter is used to generate each The calculation proof of each initial first sub-circuit corresponding to each of the first sub-tasks includes:
    根据所述预设的第一安全参数生成第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和所述第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;Generate a first common parameter according to the preset first security parameter; and generate each of the first common task according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter Calculation proof of each initial first sub-circuit corresponding to the first sub-task;
    或,根据所述预设的第一安全参数和所述第一函数生成所述第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和所述第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明。Or generating the first common parameter according to the preset first safety parameter and the first function; according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and The first common parameter generates a calculation certificate for each initial first sub-circuit corresponding to each first sub-task.
  7. 一种安全多方计算方法,其特征在于,包括:A secure multi-party calculation method is characterized in that it includes:
    接收来自第一安全多方计算装置的加密电路和第一子输入标签;Receiving an encryption circuit and a first sub-input tag from a first secure multiparty computing device;
    根据所述第一子输入标签获取第二子输入标签;Obtaining a second sub-input label according to the first sub-input label;
    将第二函数、所述加密电路、所述第一子输入标签和所述第二子输入标签进行相应处理,获得第二处理结果;Perform corresponding processing on the second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain a second processing result;
    将所述第二处理结果发送至第二外包计算装置;Sending the second processing result to a second outsourced computing device;
    接收第二外包计算装置根据所述第二处理结果生成的初始子计算结果;Receiving an initial sub-calculation result generated by the second outsourced computing device according to the second processing result;
    对所述初始子计算结果进行处理,获得计算结果;Processing the initial sub-calculation result to obtain a calculation result;
    将所述计算结果发送至所述第一安全多方计算装置。Sending the calculation result to the first secure multiparty computing device.
  8. 根据权利要求7所述的安全多方计算方法,其特征在于,将第二函数、所述加密电路、所述第一子输入标签和所述第二子输入标签进行相应处理,获得第二处理结果,具体包括:The secure multiparty calculation method according to claim 7, characterized in that the second function, the encryption circuit, the first sub-input label and the second sub-input label are processed accordingly to obtain a second processing result , Including:
    根据所述加密电路、所述第一子输入标签和所述第二子输入标签,生成第二输入数据;Generating second input data according to the encryption circuit, the first sub-input tag, and the second sub-input tag;
    将所述第二输入数据按照第二预设策略拆分为多个第二子输入数据;Split the second input data into a plurality of second sub-input data according to a second preset strategy;
    根据所述第二函数以及每一第二子输入数据生成每一第二子任务;Generating each second sub-task according to the second function and each second sub-input data;
    将所述第二处理结果发送至第二外包计算装置,具体包括:Sending the second processing result to a second outsourced computing device specifically includes:
    将每个第二子任务均分配至多个第二外包计算装置;Allocating each second subtask to multiple second outsourced computing devices;
    接收第二外包计算装置根据所述第二处理结果生成的初始子计算结果,具体包括:The receiving the initial sub-calculation result generated by the second outsourced computing device according to the second processing result specifically includes:
    接收每个第二子任务对应的多个初始子计算结果;Receiving multiple initial sub-computation results corresponding to each second sub-task;
    对所述初始子计算结果进行处理,获得计算结果,具体包括:Processing the initial sub-calculation result to obtain the calculation result, which specifically includes:
    从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果;Selecting one of a plurality of initial sub-computation results corresponding to each second sub-task as a sub-computation result corresponding to each second sub-task;
    整合每个第二子任务对应的子计算结果,生成计算结果。The sub-computation results corresponding to each second sub-task are integrated to generate a calculation result.
  9. 根据权利要求8所述的安全多方计算方法,其特征在于,从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果,具体包括:The secure multi-party calculation method according to claim 8, wherein selecting one of a plurality of initial sub-calculation results corresponding to each second sub-task as a sub-calculation result corresponding to each second sub-task specifically includes:
    将每个第二子任务对应的相同数值的初始子计算结果分配到同一个数组;Assign the initial sub-computation result of the same value corresponding to each second sub-task to the same array;
    统计每个第二子任务对应的每个数组中的初始子计算结果的数量;Count the number of initial sub-computation results in each array corresponding to each second sub-task;
    当最大的数量大于预设值时,将所述数量对应的数组中的一个初始子计算结果作为每个第二子任务对应的子计算结果。When the maximum number is greater than a preset value, an initial sub-computation result in an array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
  10. 根据权利要求8所述的安全多方计算方法,其特征在于,从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果,具体包括:The secure multi-party calculation method according to claim 8, wherein selecting one of a plurality of initial sub-calculation results corresponding to each second sub-task as a sub-calculation result corresponding to each second sub-task specifically includes:
    根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和预设的第二安全参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;Generate a calculation certificate for each initial sub-computation result corresponding to each second sub-task according to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and a preset second safety parameter;
    当所述计算证明正确时,将所述计算证明对应的初始子计算结果作为每个第二子任务对应的子计算结果。When the calculation proves correct, the initial sub-calculation result corresponding to the calculation proof is used as the sub-calculation result corresponding to each second sub-task.
  11. 根据权利要求10所述的安全多方计算方法,其特征在于,根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和预设的第二安全参数,生成每个第二子任务对应的每个初始子计算结果的计算证明,具体包括:The secure multi-party calculation method according to claim 10, wherein each of the second sub-tasks, each initial sub-calculation result corresponding to each second sub-task, and a preset second security parameter is used to generate The calculation proof of each initial sub-computation result corresponding to the second sub-task includes:
    根据所述预设的第二安全参数生成第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和所述第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;Generate a second common parameter according to the preset second security parameter; and generate each first sub-task Calculation proof of each initial sub-computation result corresponding to the two sub-tasks;
    或,根据所述预设的第二安全参数和所述计算函数生成所述第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和所述第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明。Or generating the second common parameter according to the preset second safety parameter and the calculation function; according to each second sub-task, each initial sub-calculation result corresponding to each second sub-task, and the The second common parameter generates a calculation certificate for each initial sub-computation result corresponding to each second sub-task.
  12. 一种第一安全多方计算装置,其特征在于,包括:A first secure multiparty computing device, comprising:
    转换单元,用于将计算函数转换为初始逻辑电路;A conversion unit for converting a calculation function into an initial logic circuit;
    标签单元,用于选取多对随机数组成输入标签和辅助标签;A label unit, which is used to select multiple pairs of random numbers to form an input label and an auxiliary label;
    第一处理结果单元,用于将第一函数、所述初始逻辑电路、所述输入标签和所述辅助标签进行相应处理,获得第一处理结果;A first processing result unit, configured to correspondingly process a first function, the initial logic circuit, the input label, and the auxiliary label to obtain a first processing result;
    第一发送单元,用于将所述第一处理结果发送至第一外包计算装置;将加密电路和第一子输入标签发送至第二安全多方计算装置;A first sending unit, configured to send the first processing result to a first outsourced computing device; send an encryption circuit and a first sub-input tag to a second secure multiparty computing device;
    第一接收单元,用于接收第一外包计算装置根据所述第一处理结果生成的初始第一子电路;接收来自所述第二安全多方计算装置的计算结果;A first receiving unit, configured to receive an initial first sub-circuit generated by a first outsourced computing device according to the first processing result; and receive a calculation result from the second secure multiparty computing device;
    加密电路单元,用于对所述初始第一子电路进行处理,获得所述加密电路;An encryption circuit unit, configured to process the initial first sub-circuit to obtain the encryption circuit;
    第一子输入标签单元,用于根据所述初始逻辑电路对应的输入数据以及所述输入标签,得到所述第一子输入标签。The first sub-input label unit is configured to obtain the first sub-input label according to input data corresponding to the initial logic circuit and the input label.
  13. 根据权利要求12所述的第一安全多方计算装置,其特征在于:The first secure multiparty computing device according to claim 12, characterized in that:
    所述输入标签中的每对随机数均对应所述初始逻辑电路的每条输入线的第一取值和第二取值。Each pair of random numbers in the input label corresponds to a first value and a second value of each input line of the initial logic circuit.
  14. 根据权利要求12所述的第一安全多方计算装置,其特征在于,The first secure multiparty computing device according to claim 12, characterized in that:
    所述第一处理结果单元包括:The first processing result unit includes:
    第一输入数据生成子单元,用于根据所述初始逻辑电路、所述输入标签和所述辅助标签,生成第一输入数据;A first input data generating subunit, configured to generate first input data according to the initial logic circuit, the input label, and the auxiliary label;
    第一输入数据拆分子单元,用于将所述第一输入数据按照第一预设策略拆分为多个第一子输入数据;A first input data splitting subunit, configured to split the first input data into multiple first subinput data according to a first preset strategy;
    第一子任务子单元,用于根据所述第一函数以及每一第一子输入数据生成每一第一子任务;A first subtask subunit, configured to generate each first subtask according to the first function and each first subinput data;
    所述第一发送单元具体用于:The first sending unit is specifically configured to:
    将每个第一子任务均分配至多个第一外包计算装置;Allocating each first subtask to a plurality of first outsourced computing devices;
    所述第一接收单元具体用于:The first receiving unit is specifically configured to:
    接收每个第一子任务对应的多个初始第一子电路;Receiving a plurality of initial first sub-circuits corresponding to each first sub-task;
    所述加密电路单元包括:The encryption circuit unit includes:
    第一选取子单元,用于从每个第一子任务对应的多个初始第一子电路中选取一个作为每个第一子任务对应的第一子电路;A first selection subunit, configured to select one of a plurality of initial first subcircuits corresponding to each first subtask as a first subcircuit corresponding to each first subtask;
    第一整合单元,用于整合每个第一子任务对应的第一子电路,生成加密电路。The first integration unit is configured to integrate a first sub-circuit corresponding to each first sub-task to generate an encryption circuit.
  15. 根据权利要求14所述的第一安全多方计算装置,其特征在于,所述第一选取子单元具体用于:The first secure multiparty computing device according to claim 14, wherein the first selection subunit is specifically configured to:
    将每个第一子任务对应的相同数值的初始第一子电路分配到同一个数组;Assign the initial first sub-circuits of the same value corresponding to each first sub-task to the same array;
    统计每个第一子任务对应的每个数组中的初始第一子电路的数量;Count the number of initial first sub-circuits in each array corresponding to each first sub-task;
    当最大的数量大于预设值时,将所述数量对应的数组中的一个初始第一子电路作为每个第一子任务对应的第一子电路。When the maximum number is greater than a preset value, an initial first sub-circuit in an array corresponding to the number is used as a first sub-circuit corresponding to each first sub-task.
  16. 根据权利要求14所述的第一安全多方计算装置,其特征在于,所述第一选取子单元具体用于:The first secure multiparty computing device according to claim 14, wherein the first selection subunit is specifically configured to:
    根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和预设的第一安全参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;According to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and a preset first safety parameter, a calculation of each initial first sub-circuit corresponding to each first sub-task is generated prove;
    当所述计算证明正确时,将所述计算证明对应的初始第一子电路作为每个第一子任务对应的第一子电路。When the calculation proves correct, the initial first sub-circuit corresponding to the calculation verification is taken as the first sub-circuit corresponding to each first sub-task.
  17. 根据权利要求16所述的第一安全多方计算装置,其特征在于,所述第一选取子单元具体用于:The first secure multiparty computing device according to claim 16, wherein the first selection subunit is specifically configured to:
    根据所述预设的第一安全参数生成第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和所述第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明;Generate a first common parameter according to the preset first security parameter; and generate each of the first common task according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and the first common parameter Calculation proof of each initial first sub-circuit corresponding to the first sub-task;
    或,根据所述预设的第一安全参数和所述第一函数生成所述第一公共参数;根据每个第一子任务、每个第一子任务对应的每个初始第一子电路和所述第一公共参数,生成每个第一子任务对应的每个初始第一子电路的计算证明。Or generating the first common parameter according to the preset first safety parameter and the first function; according to each first sub-task, each initial first sub-circuit corresponding to each first sub-task, and The first common parameter generates a calculation certificate for each initial first sub-circuit corresponding to each first sub-task.
  18. 一种第二安全多方计算装置,其特征在于,包括:A second secure multi-party computing device, comprising:
    第二接收单元,用于接收来自第一安全多方计算装置的加密电路和第一子输入标签;接收第二外包计算装置根据第二处理结果生成的初始子计算结果;A second receiving unit, configured to receive the encryption circuit and the first sub-input tag from the first secure multi-party computing device; and receive the initial sub-computation result generated by the second outsourced computing device according to the second processing result;
    第二子输入标签单元,用于根据所述第一子输入标签获取第二子输入标签;A second sub-input label unit, configured to obtain a second sub-input label according to the first sub-input label;
    第二处理结果单元,用于将第二函数、所述加密电路、所述第一子输入标签和所述第二子输入标签进行相应处理,获得所述第二处理结果;A second processing result unit, configured to perform corresponding processing on a second function, the encryption circuit, the first sub-input label, and the second sub-input label to obtain the second processing result;
    第二发送单元,用于将所述第二处理结果发送至第二外包计算装置;将计算结果发送至所述第一安全多方计算装置;A second sending unit, configured to send the second processing result to a second outsourced computing device; and send the calculation result to the first secure multiparty computing device;
    计算结果单元,用于对所述初始子计算结果进行处理,获得所述计算结果。A calculation result unit is configured to process the initial sub calculation result to obtain the calculation result.
  19. 根据权利要求18所述的第二安全多方计算装置,其特征在于,The second secure multiparty computing device according to claim 18, wherein:
    所述第二处理结果单元包括:The second processing result unit includes:
    第二输入数据生成子单元,用于根据所述加密电路、所述第一子输入标签和所述第二子输入标签,生成第二输入数据;A second input data generating subunit, configured to generate second input data according to the encryption circuit, the first sub-input label, and the second sub-input label;
    第二输入数据拆分子单元,用于将所述第二输入数据按照第二预设策略拆分为多个第二子输入数据;A second input data splitting subunit, configured to split the second input data into multiple second subinput data according to a second preset policy;
    第二子任务子单元,用于根据所述第二函数以及每一第二子输入数据生成每一第二子任务;A second subtask subunit, configured to generate each second subtask according to the second function and each second subinput data;
    所述第二发送单元具体用于:The second sending unit is specifically configured to:
    将每个第二子任务均分配至多个第二外包计算装置;Allocating each second subtask to multiple second outsourced computing devices;
    所述第二接收单元具体用于:The second receiving unit is specifically configured to:
    接收每个第二子任务对应的多个初始子计算结果;Receiving multiple initial sub-computation results corresponding to each second sub-task;
    所述计算结果单元包括:The calculation result unit includes:
    第二选取子单元,用于从每个第二子任务对应的多个初始子计算结果中选取一个作为每个第二子任务对应的子计算结果;A second selection subunit, configured to select one of a plurality of initial sub-calculation results corresponding to each second sub-task as a sub-calculation result corresponding to each second sub-task;
    第二整合单元,用于整合每个第二子任务对应的子计算结果,生成计算结果。The second integration unit is configured to integrate sub-computation results corresponding to each second sub-task to generate a calculation result.
  20. 根据权利要求19所述的第二安全多方计算装置,其特征在于,所述第二选取子单元具体用于:The second secure multiparty computing device according to claim 19, wherein the second selection subunit is specifically configured to:
    将每个第二子任务对应的相同数值的初始子计算结果分配到同一个数组;Assign the initial sub-computation result of the same value corresponding to each second sub-task to the same array;
    统计每个第二子任务对应的每个数组中的初始子计算结果的数量;Count the number of initial sub-computation results in each array corresponding to each second sub-task;
    当最大的数量大于预设值时,将所述数量对应的数组中的一个初始子计算结果作为每个第二子任务对应的子计算结果。When the maximum number is greater than a preset value, an initial sub-computation result in an array corresponding to the number is used as a sub-computation result corresponding to each second sub-task.
  21. 根据权利要求19所述的第二安全多方计算装置,其特征在于,所述第二选取子单元具体用于:The second secure multiparty computing device according to claim 19, wherein the second selection subunit is specifically configured to:
    根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和预设的第二安全参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;Generate a calculation certificate for each initial sub-computation result corresponding to each second sub-task according to each second sub-task, each initial sub-computation result corresponding to each second sub-task, and a preset second safety parameter;
    当所述计算证明正确时,将所述计算证明对应的初始子计算结果作为每个第二子任务对应的子计算结果。When the calculation proves correct, the initial sub-calculation result corresponding to the calculation proof is used as the sub-calculation result corresponding to each second sub-task.
  22. 根据权利要求21所述的第二安全多方计算装置,其特征在于,所述第二选取子单元具体用于:The second secure multiparty computing device according to claim 21, wherein the second selection subunit is specifically configured to:
    根据所述预设的第二安全参数生成第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和所述第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明;Generate a second common parameter according to the preset second security parameter; and generate each first sub-task Calculation proof of each initial sub-computation result corresponding to the two sub-tasks;
    或,根据所述预设的第二安全参数和所述计算函数生成所述第二公共参数;根据每个第二子任务、每个第二子任务对应的每个初始子计算结果和所述第二公共参数,生成每个第二子任务对应的每个初始子计算结果的计算证明。Or generating the second common parameter according to the preset second safety parameter and the calculation function; according to each second sub-task, each initial sub-calculation result corresponding to each second sub-task, and the The second common parameter generates a calculation certificate for each initial sub-computation result corresponding to each second sub-task.
  23. 一种安全多方计算系统,其特征在于,包括:A secure multiparty computing system, characterized in that it includes:
    权利要求12-17任一权利要求所述的第一安全多方计算装置;以及The first secure multiparty computing device according to any one of claims 12-17; and
    权利要求18-22任一权利要求所述的第二安全多方计算装置。The second secure multiparty computing device according to any one of claims 18-22.
  24. 一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现权利要求1至6任一权利要求所述的安全多方计算方法的步骤。A computer device includes a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein when the processor executes the program, any one of claims 1 to 6 is implemented. The steps of the secure multi-party calculation method described above.
  25. 一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现权利要求7至11任一权利要求所述的安全多方计算方法的步骤。A computer device includes a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein when the processor executes the program, any one of claims 7 to 11 is implemented. The steps of the secure multi-party calculation method described above.
  26. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现权利要求1至6任一权利要求所述的安全多方计算方法的步骤。A computer-readable storage medium having stored thereon a computer program, characterized in that when the computer program is executed by a processor, the steps of the secure multiparty computing method according to any one of claims 1 to 6 are implemented.
  27. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现权利要求7至11任一权利要求所述的安全多方计算方法的步骤。A computer-readable storage medium having stored thereon a computer program, characterized in that when the computer program is executed by a processor, the steps of the secure multi-party computing method according to any one of claims 7 to 11 are implemented.
PCT/CN2019/095369 2018-07-10 2019-07-10 Secure multiparty computation method, device, and system WO2020011183A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810750035.5 2018-07-10
CN201810750035.5A CN108809623B (en) 2018-07-10 2018-07-10 Secure multiparty computing method, device and system

Publications (1)

Publication Number Publication Date
WO2020011183A1 true WO2020011183A1 (en) 2020-01-16

Family

ID=64074656

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/095369 WO2020011183A1 (en) 2018-07-10 2019-07-10 Secure multiparty computation method, device, and system

Country Status (2)

Country Link
CN (1) CN108809623B (en)
WO (1) WO2020011183A1 (en)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108809623B (en) * 2018-07-10 2020-09-25 矩阵元技术(深圳)有限公司 Secure multiparty computing method, device and system
CN109558750B (en) * 2018-11-30 2021-11-02 北京八分量信息科技有限公司 Data processing system and method based on secure multi-party computing
CN109582737A (en) * 2018-11-30 2019-04-05 北京八分量信息科技有限公司 A kind of battery data management system and method based on multi-party computations
CN110162551B (en) * 2019-04-19 2020-08-14 阿里巴巴集团控股有限公司 Data processing method and device and electronic equipment
CN110333867B (en) * 2019-04-19 2023-09-01 矩阵元技术(深圳)有限公司 Multiparty secure computing data processing method, device and system
US10936605B2 (en) 2019-04-19 2021-03-02 Advanced New Technologies Co., Ltd. Providing oblivious data transfer between computing devices
WO2020223917A1 (en) * 2019-05-08 2020-11-12 云图有限公司 Method and apparatus for implementing secure multi-party computation, and computer device and storage medium
CN110166446B (en) * 2019-05-13 2021-10-22 矩阵元技术(深圳)有限公司 Method for realizing geographical weighted average center based on safe multi-party calculation
CN111563261A (en) * 2020-05-15 2020-08-21 支付宝(杭州)信息技术有限公司 Privacy protection multi-party computing method and system based on trusted execution environment
CN111628991B (en) * 2020-05-25 2021-12-28 安徽大学 General safety calculation method capable of resisting malicious adversaries
CN111737011B (en) * 2020-07-31 2021-01-29 支付宝(杭州)信息技术有限公司 Method and device for realizing secure multi-party computation
CN112995221B (en) * 2021-05-08 2021-07-23 浙江数秦科技有限公司 Safe multi-party calculation method for alliance chain
CN113992439B (en) * 2021-12-27 2022-05-06 支付宝(杭州)信息技术有限公司 Distributed multi-party secure computing system, method and node
CN116886411B (en) * 2023-08-08 2024-03-15 西南石油大学 Secure multiparty computing method based on anonymous authentication

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030018608A1 (en) * 1998-05-14 2003-01-23 Purdue Research Foundation, Inc. Method and system for secure computational outsourcing and disguise
CN1875569A (en) * 2003-11-03 2006-12-06 皇家飞利浦电子股份有限公司 Method and device for efficient multiparty multiplication
CN103067165A (en) * 2013-01-17 2013-04-24 广东数字证书认证中心有限公司 Outsourcing calculation method, device and server of public key system
US20130275752A1 (en) * 2012-04-17 2013-10-17 Futurewei Technologies, Inc. Method and system for secure multiparty cloud computation
CN104618332A (en) * 2014-12-30 2015-05-13 桂林电子科技大学 Secure two-party computation method and system based on symbol boundary value binary decision diagram
CN108809623A (en) * 2018-07-10 2018-11-13 矩阵元技术(深圳)有限公司 Multi-party computations method, apparatus and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9077539B2 (en) * 2011-03-09 2015-07-07 Microsoft Technology Licensing, Llc Server-aided multi-party protocols
CN106921491B (en) * 2017-02-17 2020-02-11 中国科学院信息工程研究所 Safe and efficient outsourcing calculation implementation method and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030018608A1 (en) * 1998-05-14 2003-01-23 Purdue Research Foundation, Inc. Method and system for secure computational outsourcing and disguise
CN1875569A (en) * 2003-11-03 2006-12-06 皇家飞利浦电子股份有限公司 Method and device for efficient multiparty multiplication
US20130275752A1 (en) * 2012-04-17 2013-10-17 Futurewei Technologies, Inc. Method and system for secure multiparty cloud computation
CN103067165A (en) * 2013-01-17 2013-04-24 广东数字证书认证中心有限公司 Outsourcing calculation method, device and server of public key system
CN104618332A (en) * 2014-12-30 2015-05-13 桂林电子科技大学 Secure two-party computation method and system based on symbol boundary value binary decision diagram
CN108809623A (en) * 2018-07-10 2018-11-13 矩阵元技术(深圳)有限公司 Multi-party computations method, apparatus and system

Also Published As

Publication number Publication date
CN108809623A (en) 2018-11-13
CN108809623B (en) 2020-09-25

Similar Documents

Publication Publication Date Title
WO2020011183A1 (en) Secure multiparty computation method, device, and system
CN111512589B (en) Method for fast secure multiparty inner product with SPDZ
CN110557245B (en) Method and system for SPDZ fault tolerant and secure multiparty computing
US11190496B2 (en) Fast oblivious transfers
US11323444B2 (en) Method for faster secure multiparty inner product computation with SPDZ
Schneider et al. GMW vs. Yao? Efficient secure two-party computation with low depth circuits
US20200259651A1 (en) Multi-party threshold authenticated encryption
CN111475854B (en) Collaborative computing method and system for protecting data privacy of two parties
JP2020515087A5 (en)
EP3304800B1 (en) Method for providing a space puzzle
CN108282334B (en) Multi-party key negotiation device, method and system based on block chain
JP6973868B2 (en) Secret calculation methods, devices, and programs
CN112052954B (en) Gradient lifting tree modeling method and device and terminal
CN113408001B (en) Method, device, equipment and storage medium for determining most value safely by multiple parties
CN114021198B (en) Method and device for determining common data for protecting data privacy
CN112385176A (en) Anonymous distribution and majority voting in a compromised environment
CN107888385B (en) RSA modulus generation method, RSA key generation method, computer device, and medium
US20210157955A1 (en) Bit decomposition secure computation apparatus, bit combining secure computation apparatus, method and program
WO2020169996A1 (en) Matrix-based cryptographic methods and apparatus
JPWO2017038761A1 (en) Secret calculation system, secret calculation device, and secret calculation method
JP6053983B2 (en) Cryptographic system, signature system, cryptographic program and signature program
Theodouli et al. Implementing private k-means clustering using a LWE-based cryptosystem
CN115248927A (en) Data processing method, device and system
WO2020011184A1 (en) Outsourced computing method and system
KR101271170B1 (en) Apparatus and method for performing high speed computation for generating secret key

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19834459

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19834459

Country of ref document: EP

Kind code of ref document: A1