WO2020211074A1 - Multi-party secure computing data processing method, apparatus and system - Google Patents

Multi-party secure computing data processing method, apparatus and system Download PDF

Info

Publication number
WO2020211074A1
WO2020211074A1 PCT/CN2019/083425 CN2019083425W WO2020211074A1 WO 2020211074 A1 WO2020211074 A1 WO 2020211074A1 CN 2019083425 W CN2019083425 W CN 2019083425W WO 2020211074 A1 WO2020211074 A1 WO 2020211074A1
Authority
WO
WIPO (PCT)
Prior art keywords
party
party security
intermediate code
source code
algorithm
Prior art date
Application number
PCT/CN2019/083425
Other languages
French (fr)
Chinese (zh)
Inventor
陈元丰
李升林
王嘉兴
孙立林
Original Assignee
云图有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云图有限公司 filed Critical 云图有限公司
Priority to PCT/CN2019/083425 priority Critical patent/WO2020211074A1/en
Publication of WO2020211074A1 publication Critical patent/WO2020211074A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating

Definitions

  • the present invention relates to the technical field of computer data processing, and in particular, to a method, device and system for multi-party secure computing data processing.
  • Multi-party security calculations are usually implemented based on Boolean circuits.
  • the developer first writes the algorithm to realize the multi-party security calculation in a certain scenario, then uses the circuit compiler to compile the written algorithm into a Boolean circuit file, and then uses the virtual machine to parse and execute the Boolean circuit file.
  • Boolean circuit file does not have the so-called LOOP ⁇ IF-ELSE ⁇ CALL Function and other characteristics, it is necessary to expand all the loops, functions, IF-ELSE and other statements used in the algorithm source code, so that the Boolean circuit file generated after compilation is very large. Conducive to transmission, storage, execution and other operations.
  • current circuit compilers correspond to specific programming languages, and the algorithm types are usually high-level languages oriented to specific fields, there are some differences and limitations with mainstream high-level languages. Therefore, developers also need to learn the grammatical details of this language, which brings a lot of inconvenience to developers.
  • the purpose of the embodiments of this specification is to provide a multi-party secure computing data processing method, device, and system, which can improve the simplicity of generating source code data of multi-party secure computing algorithms and the efficiency of subsequent compilation and execution processing.
  • This manual provides a multi-party secure computing data processing method, device and system, which are implemented in the following ways:
  • a multi-party secure computing data processing method including:
  • Multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
  • the compiling processing of the source code data of the multi-party security algorithm includes:
  • the LLVM compiler is used to compile and process the source code data of the multi-party security algorithm.
  • the parsing and execution processing of the intermediate code file includes:
  • a JIT compiler is used to parse and execute the intermediate code file.
  • the embodiment of this specification also provides a multi-party secure computing data processing device, the device includes:
  • the source code data generation module is used to generate the multi-party security algorithm source code data of the target application scenario based on the pre-built multi-party security calculation library, the multi-party security calculation library including the Boolean circuit functional components written based on the preset language;
  • the intermediate code generation module is used to compile and process the source data of the multi-party security algorithm to obtain an intermediate code file
  • the analysis execution module is configured to perform analysis and execution processing on the intermediate code file to obtain the execution result of the target application scenario.
  • the intermediate code generation module is further configured to use an LLVM compiler to compile and process the source code data of the multi-party security algorithm.
  • the analysis execution module is further configured to use a JIT compiler to analyze and execute the intermediate code file to obtain an execution result.
  • the embodiment of the present specification also provides a multi-party secure computing data processing device, including a processor and a memory for storing executable instructions of the processor, the instructions being executed by the processor include the following steps:
  • Multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
  • the embodiments of the present specification also provide a multi-party secure computing data processing system.
  • the multi-party secure computing data processing system includes at least one processor and a memory storing computer-executable instructions. When the processor executes the instructions, Implement the steps of the method described in any one of the above embodiments.
  • the embodiments of this specification also provide a multi-party secure computing data processing system, the system includes a multi-party secure computing library, an algorithm generation module, and an LLVM compiler, wherein:
  • the multi-party safe operation library includes Boolean circuit function components written based on a preset language
  • the algorithm generating module is used to generate the source code data of the multi-party security algorithm based on the Boolean circuit functional components in the multi-party security operation library;
  • the LLVM compiler is used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
  • system further includes a JIT compiler, and the JIT compiler is used to analyze and execute the intermediate code file to obtain an execution result.
  • the multi-party secure computing data processing method, device, and system provided by one or more embodiments of this specification can be based on a pre-built multi-party secure computing library to easily and conveniently implement multi-party secure algorithm writing.
  • the multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process.
  • the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
  • FIG. 1 is a schematic flowchart of an embodiment of a method for processing multi-party secure computing data provided in this specification
  • FIG. 2 is a schematic flowchart of another embodiment of a multi-party secure computing data processing method provided in this specification
  • FIG. 3 is a schematic diagram of the module structure of an embodiment of a multi-party secure computing data processing device provided in this specification;
  • Fig. 4 is a schematic structural diagram of a multi-party secure computing data processing system in an embodiment provided in this specification.
  • multi-party security calculations are usually implemented based on Boolean circuits.
  • the developer writes algorithms for realizing multi-party security calculations in a certain scenario, then uses a specific circuit compiler to compile the written algorithms into Boolean circuit files, and then parses and executes the Boolean circuit files to obtain the execution results.
  • the current Boolean circuit files compiled by the circuit compiler are very large, which is not conducive to operations such as transmission, storage, and execution, and the algorithm source code compilation language type of the circuit compiler is relatively single, which is not conducive to large-scale promotion.
  • the embodiments of this specification provide a multi-party secure computing data processing method, which can simply and conveniently implement the writing of multi-party secure algorithms based on a pre-built multi-party secure computing library.
  • the multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process.
  • the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
  • FIG. 1 is a schematic flowchart of an embodiment of the method for processing multi-party secure computing data provided in this specification.
  • this specification provides method operation steps or device structures as shown in the following embodiments or drawings, the method or device may include more or fewer operation steps after partial combination based on conventional or no creative labor. Or modular unit.
  • steps or structures where there is no necessary causal relationship logically the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the embodiments of this specification or the drawings.
  • the method may include:
  • S202 Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security calculation library, the multi-party security calculation library including a Boolean circuit function component written based on a preset language.
  • the multi-party security algorithm source code data may be generated based on a pre-built multi-party security algorithm library, which may include Boolean circuit functional components written based on a preset language.
  • the Boolean circuit function corresponding to the multi-party security calculation can be written in a preset type of development language in advance, and then the compiled program is packaged to obtain a series of Boolean circuit function components to form a multi-party security calculation library ( Integer library).
  • the preset types of development languages may include mainstream development languages such as C, C++, Java, Python, etc., and may also be other development languages in specific fields. Table 1 shows the operators that can be supported by part of the multi-party security operation library.
  • users can choose the type of development language for writing algorithm source code according to their own needs, and then can use the Integer library to write multi-party secure computing algorithms in the target application scenario.
  • the language type for generating the source code data of the multi-party security algorithm can be mainstream development languages such as C, C++, Java, Python, etc., or other development languages in specific fields.
  • the user can call the Boolean circuit functional components in the multi-party safe operation library to complete the logical calculation of the corresponding function.
  • the multi-party safe operation library can feedback the operation result after the operation is completed. Therefore, based on the multi-party secure computing library, users can easily and conveniently write multi-party secure computing algorithms. Moreover, the written algorithm source code does not need to be converted into a Boolean circuit file for execution, thereby further improving the convenience of subsequent data compilation and execution processing.
  • S204 Compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
  • the Boolean circuit function corresponding to the multi-party secure calculation has been encapsulated in the Integer library, and the algorithm source code written based on the Integer library does not need to be compiled into a circuit file for execution by means of a circuit compiler.
  • the user can select a compiler according to the language type of the algorithm source code and performance requirements, etc., to compile and process the multi-party security algorithm source code data.
  • FIG. 2 shows a schematic diagram of a data processing flow of a multi-party security algorithm in another or more embodiments provided in this specification. As shown in Figure 2, preferably, in an embodiment of this specification, the following methods can be used to compile and process the source code data of the multi-party security algorithm:
  • S2040 Use an LLVM compiler to compile and process the source code data of the multi-party security algorithm.
  • the LLVM compiler (Low Level Virtual Machine, underlying virtual machine) can be used to perform operations such as lexical analysis, syntax analysis, semantic analysis, and execution optimization on the multi-party security algorithm source code data to generate LLVM intermediate code data, that is, LLVM IR data.
  • the LLVM compiler can be used to compile and optimize algorithms written in any programming language, so that the programming language of the algorithm source code is no longer limited to a specific programming language, facilitating the large-scale promotion of multi-party secure computing.
  • the LLVM compiler can also be used to optimize the algorithm source code, which can further improve the executable of the optimized data.
  • the LLVM compiler can first perform lexical analysis, syntax analysis, and semantic analysis on the source data of multi-party security algorithms, complete error handling and language optimization. Then, the above-mentioned processed algorithm data can be compiled, optimized and converted, such as code simplification and static single assignment. In specific implementation, you can also use the optimization framework of LLVM to set the optimization method yourself according to actual needs. After the LLVM compiler compiles the source code data of the multi-party security algorithm, it can generate an intermediate code (IR) file corresponding to the LLVM, and the LLVM compiler can return the generated LLVM IR file.
  • IR intermediate code
  • the final intermediate code file obtained can be much smaller than the Boolean circuit file, and the obtained intermediate code data is more convenient for execution and processing .
  • S206 Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
  • the intermediate code data can be further parsed and executed through a virtual machine to obtain the execution result of the target application scenario.
  • the intermediate code file can be parsed and executed in the following manner:
  • the JIT compiler can call the JIT compiler with multi-party security input data as parameters to execute the algorithm functions in the LLVM IR file.
  • the JIT compiler can parse the LLVM IR file to ensure the correctness of the LLVM IR file format. If there is an error in the analysis, the LLVM IR file may not be retrieved, or there may be a problem with the LLVM IR file itself. Correspondingly, the result error information can be feedback to the customer.
  • the JIT compiler can find the algorithm function to be executed by the user according to the entered multi-party security input data, and perform dynamic compilation and linking. Specifically, the algorithm function can be compiled into binary, and then linked into executable code for execution. The JIT compiler executes the linked function and returns the result to the user.
  • JIT compiler when an algorithm function is executed for the first time, the function can be compiled into machine language, and internal storage will be carried out at the same time; when the algorithm function is executed again, the compiled machine can be directly executed Language.
  • JIT compiler can greatly improve the efficiency of analysis and execution.
  • the solution provided by the above-mentioned embodiments of this specification uses the Integer library encapsulated with the Boolean circuit function to write the algorithm source code, and further uses the code optimization technology of LLVM, so that the final intermediate code file obtained is much smaller than the Boolean circuit file and is easier to execute deal with.
  • users can choose a familiar language to implement multi-party security algorithms in any scenario according to their own familiarity with the development language, which further improves the ease of writing algorithm source code.
  • the multi-party secure computing data processing method can be based on a pre-built multi-party secure computing library to easily and conveniently implement multi-party secure algorithm writing.
  • the multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process.
  • the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
  • one or more embodiments of this specification also provide a multi-party secure computing data processing device.
  • the described devices may include systems, software (applications), modules, components, servers, etc. that use the methods described in the embodiments of this specification, combined with necessary implementation hardware devices.
  • the devices in one or more embodiments provided in the embodiments of this specification are as described in the following embodiments. Since the implementation scheme of the device to solve the problem is similar to the method, the implementation of the specific device in the embodiment of this specification can refer to the implementation of the foregoing method, and the repetition will not be repeated.
  • the term "unit” or "module” can be a combination of software and/or hardware that implements predetermined functions.
  • FIG. 3 shows a schematic diagram of the module structure of an embodiment of a multi-party secure computing data processing device provided in the specification. As shown in FIG. 3, the device may include:
  • the source code data generation module 102 can be used to generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security calculation library, which includes a Boolean circuit functional component written based on a preset language;
  • the intermediate code generation module 104 may be used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file;
  • the analysis execution module 106 may be used to perform analysis and execution processing on the intermediate code file to obtain the execution result of the target application scenario.
  • Using the solution provided by the foregoing embodiment can avoid the process of performing circuit compilation processing on the algorithm source code, and the intermediate code file obtained after compilation is much smaller than the Boolean circuit file, which can further improve the subsequent data transmission and execution efficiency.
  • the intermediate code generation module 104 may also be used to compile and process the source code data of the multi-party security algorithm by using an LLVM compiler.
  • Utilizing the solutions provided by the foregoing embodiments can further improve the ease of writing algorithm source code and the executable of the intermediate code obtained after compilation.
  • the analysis execution module 106 may also be used to analyze and execute the intermediate code file by using a JIT compiler to obtain an execution result.
  • Utilizing the solutions provided by the foregoing embodiments can further improve the efficiency of analysis execution.
  • the above-mentioned device may also include other implementation manners according to the description of the method embodiment.
  • specific implementation manners reference may be made to the description of the related method embodiments, which will not be repeated here.
  • the multi-party secure computing data processing device can implement the compilation of multi-party secure algorithms simply and conveniently based on a pre-built multi-party secure computing library.
  • the multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process.
  • the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
  • this specification also provides a multi-party secure computing data processing device, including a processor and a memory storing processor-executable instructions. When the instructions are executed by the processor, the implementation includes the following steps:
  • Multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
  • the storage medium may include a physical device for storing information, and the information is usually digitized and then stored in an electric, magnetic, or optical medium.
  • the storage medium may include: devices that use electrical energy to store information, such as various types of memory, such as RAM, ROM, etc.; devices that use magnetic energy to store information, such as hard disks, floppy disks, magnetic tapes, magnetic core memory, bubble memory, U disk; a device that uses optical means to store information, such as CD or DVD.
  • devices that use electrical energy to store information such as various types of memory, such as RAM, ROM, etc.
  • devices that use magnetic energy to store information such as hard disks, floppy disks, magnetic tapes, magnetic core memory, bubble memory, U disk
  • a device that uses optical means to store information such as CD or DVD.
  • quantum memory graphene memory, and so on.
  • the above-mentioned device may also include other implementation manners according to the description of the method embodiment.
  • specific implementation manners reference may be made to the description of the related method embodiments, which will not be repeated here.
  • the multi-party secure computing data processing device described in the foregoing embodiment can simply and conveniently implement the writing of multi-party secure algorithms based on a pre-built multi-party secure computing library.
  • the multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process.
  • the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
  • the system can be a single multi-party secure computing data processing system, or it can be applied to multiple computer data processing systems.
  • the system can be a single server, or it can include server clusters, systems (including distributed systems), software (applications), and one or more of the methods described in this specification or one or more embodiments of the device.
  • the multi-party secure computing data processing system may include at least one processor and a memory storing computer-executable instructions.
  • the processor implements the steps of the method in any one or more of the foregoing embodiments when executing the instructions.
  • Fig. 4 shows a schematic structural diagram of a multi-party secure computing data processing system provided by one or more embodiments of this specification.
  • the system may include a multi-party secure computing library, a source code data generation module, and an LLVM compiler.
  • the multi-party safe operation library may include Boolean circuit function components written based on a preset language
  • the algorithm generation module may be used to generate multi-party security algorithm source code data based on the Boolean circuit functional components in the multi-party security operation library;
  • the LLVM compiler may be used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
  • the Boolean circuit functions corresponding to multi-party secure computing can be written in a development language in advance and then packaged in the Integer library.
  • the development language can include mainstream development languages such as C, C++, Java, Python, or other development languages in specific fields.
  • users can choose the type of development language for writing algorithm source code according to their needs, and then use the Integer library to write multi-party secure computing algorithms in the target application scenario.
  • users can call the circuit function operating components in the multi-party safe operation library to complete the calculation of the corresponding logic function.
  • the multi-party safe operation library can feedback the operation result after the operation is completed. Thereby, it is simple and convenient to realize the programming of multi-party secure calculation algorithms.
  • the LLVM compiler can be used to compile the source data of the multi-party security algorithm.
  • the LLVM compiler (Low Level Virtual Machine, underlying virtual machine) can perform operations such as lexical analysis, syntax analysis, semantic analysis, and optimization of the source code data of the multi-party security algorithm to generate LLVM intermediate code data.
  • the LLVM compiler can be used to compile and optimize algorithms written in any programming language, so that the programming language of the algorithm source code is no longer limited to the programming language of a specific field, which is convenient for the large-scale promotion of multi-party secure computing.
  • the LLVM compiler can also be used to optimize the algorithm source code, which can further improve the executable of the optimized data.
  • the system may further include a JIT compiler, and the JIT compiler may be used to analyze and execute the intermediate code file to obtain the execution result.
  • a JIT compiler can be used to parse and execute the intermediate code file. Users can use multi-party security input data as parameters to call JIT to execute algorithm functions in LLVM IR files. After the JIT compiler retrieves the LLVM IR file, it can parse the LLVM IR file first to ensure the correctness of the LLVM IR file format. If the file format is correct, the JIT compiler can find the algorithm function to be executed by the user according to the input multi-party security input data, and perform dynamic compilation and linking. Specifically, the algorithm function can be compiled into binary, and then linked into executable code for execution. The JIT compiler executes the linked function and can return the result to the user.
  • the system provided by the above-mentioned embodiment of this specification uses the Integer library encapsulated with the Boolean circuit function to write the algorithm source code, and further uses the code optimization technology of LLVM to make the final intermediate code file much smaller than the Boolean circuit file, and the intermediate code file It is easier to perform processing.
  • the LLVM compiler can adapt to any source code writing language, which can further improve the simplicity of algorithm writing.
  • the multi-party secure computing data processing system described in the foregoing embodiment can simply and conveniently implement the writing of multi-party secure algorithms based on a pre-built multi-party secure computing library.
  • the multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process.
  • the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
  • the device or system described above in this specification may also include other implementation manners based on the description of the related method embodiments.
  • specific implementation manners refer to the description of the method embodiments, which will not be repeated here.
  • the various embodiments in this specification are described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other, and each embodiment focuses on the differences from other embodiments.
  • the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiments.
  • a typical implementation device is a computer.
  • the computer may be, for example, a personal computer, a laptop computer, a vehicle-mounted human-computer interaction device, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, and a tablet.
  • Computers, wearable devices, or any combination of these devices may be specifically implemented by computer chips or entities, or implemented by products with certain functions.
  • the computer may be, for example, a personal computer, a laptop computer, a vehicle-mounted human-computer interaction device, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, and a tablet.
  • the functions are divided into various modules and described separately.
  • the function of each module can be realized in the same one or more software and/or hardware, or the module that realizes the same function can be realized by a combination of multiple sub-modules or sub-units, etc. .
  • the device embodiments described above are merely illustrative, for example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or integrated To another system, or some features can be ignored, or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • controllers in addition to implementing the controller in a purely computer-readable program code manner, it is entirely possible to program the method steps to make the controller use logic gates, switches, application specific integrated circuits, programmable logic controllers and embedded The same function can be realized in the form of a microcontroller, etc. Therefore, such a controller can be regarded as a hardware component, and the devices included in the controller for realizing various functions can also be regarded as a structure within the hardware component. Or even, the device for realizing various functions can be regarded as both a software module for realizing the method and a structure within a hardware component.
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
  • the computing device includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • processors CPU
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • one or more embodiments of this specification can be provided as a method, a system, or a computer program product. Therefore, one or more embodiments of this specification may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, one or more embodiments of this specification may adopt a computer program implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes. The form of the product.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • One or more embodiments of this specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules.
  • program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types.
  • One or more embodiments of this specification can also be practiced in distributed computing environments. In these distributed computing environments, tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.

Abstract

Disclosed in embodiments of the present description are a multi-party secure computing data processing method, apparatus, and system. The method comprises: generating multi-party secure algorithm source code data of a target application scenario on the basis of a pre-built multi-party secure operation library, the multi-party secure operation library comprising a Boolean circuit functional component written on the basis of a preset language; compiling the multi-party secure algorithm source code data to obtain an intermediate code file; and performing analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario. The use of various embodiments of the present description may improve the simplicity of generating multi-party secure computing algorithm source code data and the efficiency of subsequent compilation and execution processing.

Description

一种多方安全计算数据处理方法、装置及系统Multi-party safe calculation data processing method, device and system 技术领域Technical field
本发明涉及计算机数据处理技术领域,特别地,涉及一种多方安全计算数据处理方法、装置及系统。The present invention relates to the technical field of computer data processing, and in particular, to a method, device and system for multi-party secure computing data processing.
背景技术Background technique
多方安全计算通常是基于布尔电路来实现的。先由开发者为实现某个场景下的多方安全计算进行算法编写,再使用电路编译器把所编写的算法编译为布尔电路文件,再利用虚拟机去解析执行该布尔电路文件。Multi-party security calculations are usually implemented based on Boolean circuits. The developer first writes the algorithm to realize the multi-party security calculation in a certain scenario, then uses the circuit compiler to compile the written algorithm into a Boolean circuit file, and then uses the virtual machine to parse and execute the Boolean circuit file.
由于布尔电路文件没有所谓的LOOP\IF-ELSE\CALL Function等特性,需要把算法源码中使用的循环、函数、IF-ELSE等语句全部展开,使得经过编译后产生的布尔电路文件非常大,不利于传输、存储、执行等操作。此外,由于目前电路编译器都对应特定的编写语言,且算法类型通常为面向特定领域的类高级语言,跟主流的高级语言有一些差异和限制。所以开发者还需要学习这一门语言的语法细节,从而给开发者带来诸多的不方便。Since the Boolean circuit file does not have the so-called LOOP\IF-ELSE\CALL Function and other characteristics, it is necessary to expand all the loops, functions, IF-ELSE and other statements used in the algorithm source code, so that the Boolean circuit file generated after compilation is very large. Conducive to transmission, storage, execution and other operations. In addition, since current circuit compilers correspond to specific programming languages, and the algorithm types are usually high-level languages oriented to specific fields, there are some differences and limitations with mainstream high-level languages. Therefore, developers also need to learn the grammatical details of this language, which brings a lot of inconvenience to developers.
发明内容Summary of the invention
本说明书实施例的目的在于提供一种多方安全计算数据处理方法、装置及系统,可以提高多方安全计算算法源码数据生成的简便性以及后续编译执行处理的高效性。The purpose of the embodiments of this specification is to provide a multi-party secure computing data processing method, device, and system, which can improve the simplicity of generating source code data of multi-party secure computing algorithms and the efficiency of subsequent compilation and execution processing.
本说明书提供一种多方安全计算数据处理方法、装置及系统是包括如下方式实现的:This manual provides a multi-party secure computing data processing method, device and system, which are implemented in the following ways:
一种多方安全计算数据处理方法,包括:A multi-party secure computing data processing method, including:
基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
对所述多方安全算法源码数据进行编译处理,获得中间代码文件;Compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
本说明书提供的所述方法的另一个实施例中,所述对所述多方安全算法源码数据 进行编译处理,包括:In another embodiment of the method provided in this specification, the compiling processing of the source code data of the multi-party security algorithm includes:
利用LLVM编译器对所述多方安全算法源码数据进行编译处理。The LLVM compiler is used to compile and process the source code data of the multi-party security algorithm.
本说明书提供的所述方法的另一个实施例中,所述对所述中间代码文件进行解析执行处理,包括:In another embodiment of the method provided in this specification, the parsing and execution processing of the intermediate code file includes:
利用JIT编译器对所述中间代码文件进行解析执行处理。A JIT compiler is used to parse and execute the intermediate code file.
另一方面,本说明书实施例还提供一种多方安全计算数据处理装置,所述装置包括:On the other hand, the embodiment of this specification also provides a multi-party secure computing data processing device, the device includes:
源码数据生成模块,用于基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;The source code data generation module is used to generate the multi-party security algorithm source code data of the target application scenario based on the pre-built multi-party security calculation library, the multi-party security calculation library including the Boolean circuit functional components written based on the preset language;
中间代码生成模块,用于对所述多方安全算法源码数据进行编译处理,获得中间代码文件;The intermediate code generation module is used to compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
解析执行模块,用于对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。The analysis execution module is configured to perform analysis and execution processing on the intermediate code file to obtain the execution result of the target application scenario.
本说明书提供的所述装置的另一个实施例中,所述中间代码生成模块还用于利用LLVM编译器对所述多方安全算法源码数据进行编译处理。In another embodiment of the device provided in this specification, the intermediate code generation module is further configured to use an LLVM compiler to compile and process the source code data of the multi-party security algorithm.
本说明书提供的所述装置的另一个实施例中,所述解析执行模块还用于利用JIT编译器对所述中间代码文件进行解析执行处理,获得执行结果。In another embodiment of the device provided in this specification, the analysis execution module is further configured to use a JIT compiler to analyze and execute the intermediate code file to obtain an execution result.
另一方面,本说明书实施例还提供一种多方安全计算数据处理设备,包括处理器及用于存储处理器可执行指令的存储器,所述指令被所述处理器执行时实现包括以下步骤:On the other hand, the embodiment of the present specification also provides a multi-party secure computing data processing device, including a processor and a memory for storing executable instructions of the processor, the instructions being executed by the processor include the following steps:
基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
对所述多方安全算法源码数据进行编译处理,获得中间代码文件;Compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
另一方面,本说明书实施例还提供一种多方安全计算数据处理系统,所述多方安全计算数据处理系统包括至少一个处理器以及存储计算机可执行指令的存储器,所述处理器执行所述指令时实现上述任意一个实施例所述方法的步骤。On the other hand, the embodiments of the present specification also provide a multi-party secure computing data processing system. The multi-party secure computing data processing system includes at least one processor and a memory storing computer-executable instructions. When the processor executes the instructions, Implement the steps of the method described in any one of the above embodiments.
另一方面,本说明书实施例还提供一种多方安全计算数据处理系统,所述系统包 括多方安全运算库、算法生成模块以及LLVM编译器,其中,On the other hand, the embodiments of this specification also provide a multi-party secure computing data processing system, the system includes a multi-party secure computing library, an algorithm generation module, and an LLVM compiler, wherein:
所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;The multi-party safe operation library includes Boolean circuit function components written based on a preset language;
所述算法生成模块用于基于所述多方安全运算库中的布尔电路功能组件生成多方安全算法源码数据;The algorithm generating module is used to generate the source code data of the multi-party security algorithm based on the Boolean circuit functional components in the multi-party security operation library;
所述LLVM编译器用于对所述多方安全算法源码数据进行编译处理,获得中间代码文件。The LLVM compiler is used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
本说明书提供的所述系统的另一个实施例中,所述系统还包括JIT编译器,所述JIT编译器用于对所述中间代码文件进行解析执行处理,获得执行结果。In another embodiment of the system provided in this specification, the system further includes a JIT compiler, and the JIT compiler is used to analyze and execute the intermediate code file to obtain an execution result.
本说明书一个或多个实施例提供的多方安全计算数据处理方法、装置及系统,可以基于预先构建的多方安全运算库来简单方便的实现多方安全算法的编写。所述多方安全运算库中封装有预先编写好的布尔电路功能实现程序,从而可以将复杂的逻辑计算在算法编写过程中借助多方安全运算库来完成,避免了将算法源码再进行电路编译处理的过程。且通过利用多方安全运算库,还可以使得算法源码编译后获得的中间代码文件远小于布尔电路文件,进一步提高后续数据传输以及执行效率。The multi-party secure computing data processing method, device, and system provided by one or more embodiments of this specification can be based on a pre-built multi-party secure computing library to easily and conveniently implement multi-party secure algorithm writing. The multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process. And by using a multi-party secure computing library, the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
附图说明Description of the drawings
为了更清楚地说明本说明书实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本说明书中记载的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。在附图中:In order to more clearly explain the technical solutions in the embodiments of this specification or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the drawings in the following description are only These are some embodiments described in this specification. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without creative labor. In the attached picture:
图1为本说明书提供的一种多方安全计算数据处理方法实施例的流程示意图;FIG. 1 is a schematic flowchart of an embodiment of a method for processing multi-party secure computing data provided in this specification;
图2为本说明书提供的另一种多方安全计算数据处理方法实施例的流程示意图;FIG. 2 is a schematic flowchart of another embodiment of a multi-party secure computing data processing method provided in this specification;
图3为本说明书提供的一种多方安全计算数据处理装置实施例的模块结构示意图;3 is a schematic diagram of the module structure of an embodiment of a multi-party secure computing data processing device provided in this specification;
图4为本说明书提供的一个实施例中的多方安全计算数据处理系统的结构示意图。Fig. 4 is a schematic structural diagram of a multi-party secure computing data processing system in an embodiment provided in this specification.
具体实施方式detailed description
为了使本技术领域的人员更好地理解本说明书中的技术方案,下面将结合本说明 书一个或多个实施例中的附图,对本说明书一个或多个实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅是说明书一部分实施例,而不是全部的实施例。基于说明书一个或多个实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本说明书实施例方案保护的范围。In order to enable those skilled in the art to better understand the technical solutions in this specification, the following will make clear and complete the technical solutions in one or more embodiments of this specification in conjunction with the drawings in one or more embodiments of this specification. It is obvious that the described embodiments are only a part of the embodiments in the specification, rather than all the embodiments. Based on one or more embodiments of the specification, all other embodiments obtained by a person of ordinary skill in the art without creative work shall fall within the protection scope of the embodiment scheme of this specification.
目前多方安全计算通常是基于布尔电路来实现的。先由开发者为实现某个场景下的多方安全计算进行算法编写,再使用特定的电路编译器把所编写的算法编译为布尔电路文件,再解析执行该布尔电路文件,获得执行结果。但目前通过电路编译器编译后的布尔电路文件非常大,不利于传输、存储、执行等操作,且电路编译器对的算法源码编写语言类型较为单一,不利于大规模推广。At present, multi-party security calculations are usually implemented based on Boolean circuits. First, the developer writes algorithms for realizing multi-party security calculations in a certain scenario, then uses a specific circuit compiler to compile the written algorithms into Boolean circuit files, and then parses and executes the Boolean circuit files to obtain the execution results. However, the current Boolean circuit files compiled by the circuit compiler are very large, which is not conducive to operations such as transmission, storage, and execution, and the algorithm source code compilation language type of the circuit compiler is relatively single, which is not conducive to large-scale promotion.
相应的,本说明书实施例提供了一种多方安全计算数据处理方法,可以基于预先构建的多方安全运算库来简单方便的实现多方安全算法的编写。所述多方安全运算库中封装有预先编写好的布尔电路功能实现程序,从而可以将复杂的逻辑计算在算法编写过程中借助多方安全运算库来完成,避免了将算法源码再进行电路编译处理的过程。且通过利用多方安全运算库,还可以使得算法源码编译后获得的中间代码文件远小于布尔电路文件,进一步提高后续数据传输以及执行效率。Correspondingly, the embodiments of this specification provide a multi-party secure computing data processing method, which can simply and conveniently implement the writing of multi-party secure algorithms based on a pre-built multi-party secure computing library. The multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process. And by using a multi-party secure computing library, the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
本说明书一个或多个实施例提供一种多方安全计算数据处理方法。图1是本说明书提供的所述一种多方安全计算数据处理方法实施例流程示意图。虽然本说明书提供了如下述实施例或附图所示的方法操作步骤或装置结构,但基于常规或者无需创造性的劳动在所述方法或装置中可以包括更多或者部分合并后更少的操作步骤或模块单元。在逻辑性上不存在必要因果关系的步骤或结构中,这些步骤的执行顺序或装置的模块结构不限于本说明书实施例或附图所示的执行顺序或模块结构。所述的方法或模块结构的在实际中的装置、服务器或终端产品应用时,可以按照实施例或者附图所示的方法或模块结构进行顺序执行或者并行执行(例如并行处理器或者多线程处理的环境、甚至包括分布式处理、服务器集群的实施环境)。One or more embodiments of this specification provide a multi-party secure computing data processing method. Fig. 1 is a schematic flowchart of an embodiment of the method for processing multi-party secure computing data provided in this specification. Although this specification provides method operation steps or device structures as shown in the following embodiments or drawings, the method or device may include more or fewer operation steps after partial combination based on conventional or no creative labor. Or modular unit. In steps or structures where there is no necessary causal relationship logically, the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the embodiments of this specification or the drawings. When the described method or module structure is applied to an actual device, server or terminal product, it can be executed sequentially or in parallel according to the method or module structure shown in the embodiments or drawings (for example, parallel processor or multi-threaded processing). Environment, even including distributed processing, server cluster implementation environment).
具体的一个实施例如图1所示,本说明书提供的多方安全计算数据处理方法的一个实施例中,所述方法可以包括:A specific embodiment is shown in Fig. 1. In an embodiment of the multi-party secure computing data processing method provided in this specification, the method may include:
S202:基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件。S202: Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security calculation library, the multi-party security calculation library including a Boolean circuit function component written based on a preset language.
可以基于预先构建的多方安全运算库生成多方安全算法源码数据,所述多方安全 运算库可以包括基于预设语言编写的布尔电路功能组件。The multi-party security algorithm source code data may be generated based on a pre-built multi-party security algorithm library, which may include Boolean circuit functional components written based on a preset language.
一些实施方式中,可以预先将多方安全计算对应的布尔电路功能使用预设类型的开发语言编写,然后,将编写后的程序进行封装,获得一系列的布尔电路功能组件,形成多方安全运算库(Integer库)。所述预设类型的开发语言可以包括C、C++、Java、Python等主流开发语言,也可以为其他的特定领域的开发语言。表1给出了部分多方安全运算库可以支持的运算符。In some embodiments, the Boolean circuit function corresponding to the multi-party security calculation can be written in a preset type of development language in advance, and then the compiled program is packaged to obtain a series of Boolean circuit function components to form a multi-party security calculation library ( Integer library). The preset types of development languages may include mainstream development languages such as C, C++, Java, Python, etc., and may also be other development languages in specific fields. Table 1 shows the operators that can be supported by part of the multi-party security operation library.
表1多方安全运算库支持的运算符Table 1 Operators supported by the multi-party safe operation library
Figure PCTCN2019083425-appb-000001
Figure PCTCN2019083425-appb-000001
实际应用场景中,用户可以根据自身需要选择编写算法源码的开发语言类型,然后,可以借助Integer库来编写目标应用场景下的多方安全计算算法。生成多方安全算法源码数据的语言类型可以为C、C++、Java、Python等主流开发语言,也可以为其他的特定领域的开发语言。In actual application scenarios, users can choose the type of development language for writing algorithm source code according to their own needs, and then can use the Integer library to write multi-party secure computing algorithms in the target application scenario. The language type for generating the source code data of the multi-party security algorithm can be mainstream development languages such as C, C++, Java, Python, etc., or other development languages in specific fields.
用户在编写算法源码的过程中,可以调取多方安全运算库中的布尔电路功能组件来完成相应函数的逻辑计算,多方安全运算库在运算完成后,可以将运算结果进行反馈。从而基于多方安全运算库,用户可以简单方便的实现多方安全计算算法的编写。且编写的算法源码后续无需再转换为布尔电路文件来执行,从而进一步提高后续数据编译以及执行处理的简便性。In the process of writing the algorithm source code, the user can call the Boolean circuit functional components in the multi-party safe operation library to complete the logical calculation of the corresponding function. The multi-party safe operation library can feedback the operation result after the operation is completed. Therefore, based on the multi-party secure computing library, users can easily and conveniently write multi-party secure computing algorithms. Moreover, the written algorithm source code does not need to be converted into a Boolean circuit file for execution, thereby further improving the convenience of subsequent data compilation and execution processing.
S204:对所述多方安全算法源码数据进行编译处理,获得中间代码文件。S204: Compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
由上述实施例的内容可知,多方安全计算对应的布尔电路功能已经封装到Integer库中,基于Integer库编写的算法源码无需再借助电路编译器编译为电路文件来执行。相应的,本说明书的一些实施例中,用户可以根据编写算法源码的语言类型以及性能需求等选择编译器,以对所述多方安全算法源码数据进行编译处理。It can be seen from the content of the foregoing embodiments that the Boolean circuit function corresponding to the multi-party secure calculation has been encapsulated in the Integer library, and the algorithm source code written based on the Integer library does not need to be compiled into a circuit file for execution by means of a circuit compiler. Correspondingly, in some embodiments of this specification, the user can select a compiler according to the language type of the algorithm source code and performance requirements, etc., to compile and process the multi-party security algorithm source code data.
图2表示本说明书提供的另一个或者多个实施例的多方安全算法数据处理流程示意图。如图2所示,优选的,本说明书的一个实施例中,可以采用下述方式对多方安全算法源码数据进行编译处理:FIG. 2 shows a schematic diagram of a data processing flow of a multi-party security algorithm in another or more embodiments provided in this specification. As shown in Figure 2, preferably, in an embodiment of this specification, the following methods can be used to compile and process the source code data of the multi-party security algorithm:
S2040:利用LLVM编译器对所述多方安全算法源码数据进行编译处理。S2040: Use an LLVM compiler to compile and process the source code data of the multi-party security algorithm.
可以利用LLVM编译器(Low Level Virtual Machine,底层虚拟机)对所述多方安全算法源码数据进行词法分析、语法分析、语义分析、执行优化等操作,生成LLVM中间代码数据,即LLVM IR数据。The LLVM compiler (Low Level Virtual Machine, underlying virtual machine) can be used to perform operations such as lexical analysis, syntax analysis, semantic analysis, and execution optimization on the multi-party security algorithm source code data to generate LLVM intermediate code data, that is, LLVM IR data.
LLVM编译器可以用于编译优化以任意程序语言编写的算法,从而可以使得算法源码的编写语言不再局限于特定的编写语言,便于多方安全计算的大规模推广。同时,还可以利用LLVM编译器对算法源码进行优化处理,从而可以进一步提高优化处理后的数据的可执行性。The LLVM compiler can be used to compile and optimize algorithms written in any programming language, so that the programming language of the algorithm source code is no longer limited to a specific programming language, facilitating the large-scale promotion of multi-party secure computing. At the same time, the LLVM compiler can also be used to optimize the algorithm source code, which can further improve the executable of the optimized data.
LLVM编译器可以先对多方安全算法源码数据进行词法分析、语法分析、语义分析,完成错误处理以及语言优化。然后,可以对上述处理后的算法数据进行代码化简、静态单赋值等编译优化和转换。具体实施时,也可以利用LLVM的优化框架,根据 实际需要自行设定优化方式。LLVM编译器对所述多方安全算法源码数据进行编译完成后,可以生成LLVM对应的中间代码(IR)文件,LLVM编译器可以将生成的LLVM IR文件返回。The LLVM compiler can first perform lexical analysis, syntax analysis, and semantic analysis on the source data of multi-party security algorithms, complete error handling and language optimization. Then, the above-mentioned processed algorithm data can be compiled, optimized and converted, such as code simplification and static single assignment. In specific implementation, you can also use the optimization framework of LLVM to set the optimization method yourself according to actual needs. After the LLVM compiler compiles the source code data of the multi-party security algorithm, it can generate an intermediate code (IR) file corresponding to the LLVM, and the LLVM compiler can return the generated LLVM IR file.
通过利用封装有布尔电路功能的Integer库编写算法源码,并进一步利用LLVM的语法分析以及代码优化技术,可以使得最终获得的中间代码文件远小于布尔电路文件,且获得的中间代码数据更便于执行处理。By using the Integer library encapsulated with Boolean circuit functions to write the algorithm source code, and further using LLVM's syntax analysis and code optimization technology, the final intermediate code file obtained can be much smaller than the Boolean circuit file, and the obtained intermediate code data is more convenient for execution and processing .
S206:对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。S206: Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
可以进一步通过虚拟机对所述中间代码数据进行解析执行,获得所述目标应用场景的执行结果。如图2所示,优选的,本说明书的一个实施例中,可以采用下述方式对所述中间代码文件进行解析执行处理:The intermediate code data can be further parsed and executed through a virtual machine to obtain the execution result of the target application scenario. As shown in Figure 2, preferably, in an embodiment of this specification, the intermediate code file can be parsed and executed in the following manner:
S2060:利用JIT编译器对所述中间代码文件进行解析执行处理。S2060: Use a JIT compiler to parse and execute the intermediate code file.
用户可以使用多方安全输入数据作为参数调用JIT编译器,以执行LLVM IR文件中的算法函数。JIT编译器获取LLVM IR文件后,可以对LLVM IR文件进行解析,以确保LLVM IR文件格式的正确性。如果,解析出错,可能调取的不是LLVM IR文件,或者LLVM IR文件本身出现了问题。相应的,可以向客户反馈结果出错信息。Users can call the JIT compiler with multi-party security input data as parameters to execute the algorithm functions in the LLVM IR file. After obtaining the LLVM IR file, the JIT compiler can parse the LLVM IR file to ensure the correctness of the LLVM IR file format. If there is an error in the analysis, the LLVM IR file may not be retrieved, or there may be a problem with the LLVM IR file itself. Correspondingly, the result error information can be feedback to the customer.
若未出错,JIT编译器可以根据输入的多方安全输入数据找到用户要执行的算法函数,并进行动态编译和链接。具体的,可以将该算法函数编译成二进制,然后链接成可执行代码,进行执行。JIT编译器执行链接完的函数,返回结果给用户。If there is no error, the JIT compiler can find the algorithm function to be executed by the user according to the entered multi-party security input data, and perform dynamic compilation and linking. Specifically, the algorithm function can be compiled into binary, and then linked into executable code for execution. The JIT compiler executes the linked function and returns the result to the user.
JIT编译器执行过程中,当第一次执行某算法函数时,可以将该函数编译成机器语言,并同时会进行内部存储;当再次执行该算法函数时,则可以直接执行已编译好的机器语言。从而利用JIT编译器可以大幅度提高解析执行的效率。During the execution of the JIT compiler, when an algorithm function is executed for the first time, the function can be compiled into machine language, and internal storage will be carried out at the same time; when the algorithm function is executed again, the compiled machine can be directly executed Language. Thus the use of JIT compiler can greatly improve the efficiency of analysis and execution.
本说明书上述实施例提供的方案,通过利用封装有布尔电路功能的Integer库编写算法源码,并进一步利用LLVM的代码优化技术,可以使得最终获得的中间代码文件远小于布尔电路文件,且更便于执行处理。同时,用户还可以根据自身对开发语言的熟悉程度,选择熟悉的语言实现任意场景下的多方安全算法,进一步提高了算法源码编写的简便性。The solution provided by the above-mentioned embodiments of this specification uses the Integer library encapsulated with the Boolean circuit function to write the algorithm source code, and further uses the code optimization technology of LLVM, so that the final intermediate code file obtained is much smaller than the Boolean circuit file and is easier to execute deal with. At the same time, users can choose a familiar language to implement multi-party security algorithms in any scenario according to their own familiarity with the development language, which further improves the ease of writing algorithm source code.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部 分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。具体的可以参照前述相关处理相关实施例的描述,在此不做一一赘述。The various embodiments in this specification are described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other, and each embodiment focuses on the differences from other embodiments. For details, reference may be made to the description of the foregoing related processing related embodiments, which will not be repeated here.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims may be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown to achieve the desired result. In certain embodiments, multitasking and parallel processing are also possible or may be advantageous.
本说明书一个或多个实施例提供的多方安全计算数据处理方法,可以基于预先构建的多方安全运算库来简单方便的实现多方安全算法的编写。所述多方安全运算库中封装有预先编写好的布尔电路功能实现程序,从而可以将复杂的逻辑计算在算法编写过程中借助多方安全运算库来完成,避免了将算法源码再进行电路编译处理的过程。且通过利用多方安全运算库,还可以使得算法源码编译后获得的中间代码文件远小于布尔电路文件,进一步提高后续数据传输以及执行效率。The multi-party secure computing data processing method provided by one or more embodiments of this specification can be based on a pre-built multi-party secure computing library to easily and conveniently implement multi-party secure algorithm writing. The multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process. And by using a multi-party secure computing library, the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
基于上述所述的多方安全计算数据处理方法,本说明书一个或多个实施例还提供一种多方安全计算数据处理装置。所述的装置可以包括使用了本说明书实施例所述方法的系统、软件(应用)、模块、组件、服务器等并结合必要的实施硬件的装置。基于同一创新构思,本说明书实施例提供的一个或多个实施例中的装置如下面的实施例所述。由于装置解决问题的实现方案与方法相似,因此本说明书实施例具体的装置的实施可以参见前述方法的实施,重复之处不再赘述。以下所使用的,术语“单元”或者“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。具体的,图3表示说明书提供的一种多方安全计算数据处理装置实施例的模块结构示意图,如图3所示,所述装置可以包括:Based on the aforementioned multi-party secure computing data processing method, one or more embodiments of this specification also provide a multi-party secure computing data processing device. The described devices may include systems, software (applications), modules, components, servers, etc. that use the methods described in the embodiments of this specification, combined with necessary implementation hardware devices. Based on the same innovative concept, the devices in one or more embodiments provided in the embodiments of this specification are as described in the following embodiments. Since the implementation scheme of the device to solve the problem is similar to the method, the implementation of the specific device in the embodiment of this specification can refer to the implementation of the foregoing method, and the repetition will not be repeated. As used below, the term "unit" or "module" can be a combination of software and/or hardware that implements predetermined functions. Although the devices described in the following embodiments are preferably implemented by software, hardware or a combination of software and hardware is also possible and conceived. Specifically, FIG. 3 shows a schematic diagram of the module structure of an embodiment of a multi-party secure computing data processing device provided in the specification. As shown in FIG. 3, the device may include:
源码数据生成模块102,可以用于基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;The source code data generation module 102 can be used to generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security calculation library, which includes a Boolean circuit functional component written based on a preset language;
中间代码生成模块104,可以用于对所述多方安全算法源码数据进行编译处理,获得中间代码文件;The intermediate code generation module 104 may be used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file;
解析执行模块106,可以用于对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。The analysis execution module 106 may be used to perform analysis and execution processing on the intermediate code file to obtain the execution result of the target application scenario.
利用上述实施例提供的方案,可以避免将算法源码再进行电路编译处理的过程,且编译后获得的中间代码文件远小于布尔电路文件,可以进一步提高后续数据传输以及执行效率。Using the solution provided by the foregoing embodiment can avoid the process of performing circuit compilation processing on the algorithm source code, and the intermediate code file obtained after compilation is much smaller than the Boolean circuit file, which can further improve the subsequent data transmission and execution efficiency.
本说明书的另一个实施例中,所述中间代码生成模块104还可以用于利用LLVM编译器对所述多方安全算法源码数据进行编译处理。In another embodiment of this specification, the intermediate code generation module 104 may also be used to compile and process the source code data of the multi-party security algorithm by using an LLVM compiler.
利用上述实施例提供的方案,可以进一步提高算法源码编写的简便性以及编译后获得的中间代码的可执行性。Utilizing the solutions provided by the foregoing embodiments can further improve the ease of writing algorithm source code and the executable of the intermediate code obtained after compilation.
本说明书的另一个实施例中,所述解析执行模块106还可以用于利用JIT编译器对所述中间代码文件进行解析执行处理,获得执行结果。In another embodiment of the present specification, the analysis execution module 106 may also be used to analyze and execute the intermediate code file by using a JIT compiler to obtain an execution result.
利用上述实施例提供的方案,可以进一步提高解析执行的效率。Utilizing the solutions provided by the foregoing embodiments can further improve the efficiency of analysis execution.
需要说明的,上述所述的装置根据方法实施例的描述还可以包括其他的实施方式。具体的实现方式可以参照相关方法实施例的描述,在此不作一一赘述。It should be noted that the above-mentioned device may also include other implementation manners according to the description of the method embodiment. For specific implementation manners, reference may be made to the description of the related method embodiments, which will not be repeated here.
本说明书一个或多个实施例提供的多方安全计算数据处理装置,可以基于预先构建的多方安全运算库来简单方便的实现多方安全算法的编写。所述多方安全运算库中封装有预先编写好的布尔电路功能实现程序,从而可以将复杂的逻辑计算在算法编写过程中借助多方安全运算库来完成,避免了将算法源码再进行电路编译处理的过程。且通过利用多方安全运算库,还可以使得算法源码编译后获得的中间代码文件远小于布尔电路文件,进一步提高后续数据传输以及执行效率。The multi-party secure computing data processing device provided by one or more embodiments of this specification can implement the compilation of multi-party secure algorithms simply and conveniently based on a pre-built multi-party secure computing library. The multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process. And by using a multi-party secure computing library, the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
本说明书提供的上述实施例所述的方法或装置可以通过计算机程序实现业务逻辑并记录在存储介质上,所述的存储介质可以计算机读取并执行,实现本说明书实施例所描述方案的效果。因此,本说明书还提供一种多方安全计算数据处理设备,包括处理器及存储处理器可执行指令的存储器,所述指令被所述处理器执行时实现包括以下步骤:The method or device described in the foregoing embodiment provided in this specification can implement business logic through a computer program and record it on a storage medium, and the storage medium can be read and executed by a computer to achieve the effects of the solution described in the embodiment of this specification. Therefore, this specification also provides a multi-party secure computing data processing device, including a processor and a memory storing processor-executable instructions. When the instructions are executed by the processor, the implementation includes the following steps:
基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
对所述多方安全算法源码数据进行编译处理,获得中间代码文件;Compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
所述存储介质可以包括用于存储信息的物理装置,通常是将信息数字化后再以利用电、磁或者光学等方式的媒体加以存储。所述存储介质有可以包括:利用电能方式存储信息的装置如,各式存储器,如RAM、ROM等;利用磁能方式存储信息的装置如,硬盘、软盘、磁带、磁芯存储器、磁泡存储器、U盘;利用光学方式存储信息的装置如,CD或DVD。当然,还有其他方式的可读存储介质,例如量子存储器、石墨烯存储器等等。The storage medium may include a physical device for storing information, and the information is usually digitized and then stored in an electric, magnetic, or optical medium. The storage medium may include: devices that use electrical energy to store information, such as various types of memory, such as RAM, ROM, etc.; devices that use magnetic energy to store information, such as hard disks, floppy disks, magnetic tapes, magnetic core memory, bubble memory, U disk; a device that uses optical means to store information, such as CD or DVD. Of course, there are other ways of readable storage media, such as quantum memory, graphene memory, and so on.
需要说明的,上述所述的设备根据方法实施例的描述还可以包括其他的实施方式。具体的实现方式可以参照相关方法实施例的描述,在此不作一一赘述。It should be noted that the above-mentioned device may also include other implementation manners according to the description of the method embodiment. For specific implementation manners, reference may be made to the description of the related method embodiments, which will not be repeated here.
上述实施例所述的多方安全计算数据处理设备,可以基于预先构建的多方安全运算库来简单方便的实现多方安全算法的编写。所述多方安全运算库中封装有预先编写好的布尔电路功能实现程序,从而可以将复杂的逻辑计算在算法编写过程中借助多方安全运算库来完成,避免了将算法源码再进行电路编译处理的过程。且通过利用多方安全运算库,还可以使得算法源码编译后获得的中间代码文件远小于布尔电路文件,进一步提高后续数据传输以及执行效率。The multi-party secure computing data processing device described in the foregoing embodiment can simply and conveniently implement the writing of multi-party secure algorithms based on a pre-built multi-party secure computing library. The multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process. And by using a multi-party secure computing library, the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
本说明书还提供一种多方安全计算数据处理系统,所述系统可以为单独的多方安全计算数据处理系统,也可以应用在多种计算机数据处理系统中。所述的系统可以为单独的服务器,也可以包括使用了本说明书的一个或多个所述方法或一个或多个实施例装置的服务器集群、系统(包括分布式系统)、软件(应用)、实际操作装置、逻辑门电路装置、量子计算机等并结合必要的实施硬件的终端装置。所述多方安全计算数据处理系统可以包括至少一个处理器以及存储计算机可执行指令的存储器,所述处理器执行所述指令时实现上述任意一个或者多个实施例中所述方法的步骤。This specification also provides a multi-party secure computing data processing system. The system can be a single multi-party secure computing data processing system, or it can be applied to multiple computer data processing systems. The system can be a single server, or it can include server clusters, systems (including distributed systems), software (applications), and one or more of the methods described in this specification or one or more embodiments of the device. The actual operation device, logic gate circuit device, quantum computer, etc., combined with the terminal device necessary to implement the hardware. The multi-party secure computing data processing system may include at least one processor and a memory storing computer-executable instructions. The processor implements the steps of the method in any one or more of the foregoing embodiments when executing the instructions.
图4表示本说明书一个或者多个实施例提供的多方安全计算数据处理系统的结构示意图。如图4所示,所述系统可以包括多方安全运算库、源码数据生成模块、LLVM编译器。Fig. 4 shows a schematic structural diagram of a multi-party secure computing data processing system provided by one or more embodiments of this specification. As shown in Fig. 4, the system may include a multi-party secure computing library, a source code data generation module, and an LLVM compiler.
所述多方安全运算库可以包括基于预设语言编写的布尔电路功能组件;The multi-party safe operation library may include Boolean circuit function components written based on a preset language;
所述算法生成模块可以用于基于所述多方安全运算库中的布尔电路功能组件生成多方安全算法源码数据;The algorithm generation module may be used to generate multi-party security algorithm source code data based on the Boolean circuit functional components in the multi-party security operation library;
所述LLVM编译器可以用于对所述多方安全算法源码数据进行编译处理,获得中间代码文件。The LLVM compiler may be used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
可以预先将多方安全计算对应的布尔电路功能利用开发语言编写后,封装到Integer库中,开发语言可以包括C、C++、Java、Python等主流开发语言,也可以为其他的特定领域的开发语言。The Boolean circuit functions corresponding to multi-party secure computing can be written in a development language in advance and then packaged in the Integer library. The development language can include mainstream development languages such as C, C++, Java, Python, or other development languages in specific fields.
实际应用场景中,用户可以根据自身需要选择编写算法源码的开发语言类型,然后,借助Integer库来编写目标应用场景下的多方安全计算算法。用户在编写算法源码的过程中,可以调取多方安全运算库中的电路功能运行组件来完成相应的逻辑函数的计算,多方安全运算库在运算完成后,可以将运算结果进行反馈。从而简单方便的实现多方安全计算算法的编写。In actual application scenarios, users can choose the type of development language for writing algorithm source code according to their needs, and then use the Integer library to write multi-party secure computing algorithms in the target application scenario. In the process of writing algorithm source code, users can call the circuit function operating components in the multi-party safe operation library to complete the calculation of the corresponding logic function. The multi-party safe operation library can feedback the operation result after the operation is completed. Thereby, it is simple and convenient to realize the programming of multi-party secure calculation algorithms.
然后,可以利用LLVM编译器来对编写的多方安全算法源码数据进行编译处理。LLVM编译器(Low Level Virtual Machine,底层虚拟机)可以对所述多方安全算法源码数据词法分析、语法分析、语义分析、执行优化等操作,生成LLVM中间代码数据。Then, the LLVM compiler can be used to compile the source data of the multi-party security algorithm. The LLVM compiler (Low Level Virtual Machine, underlying virtual machine) can perform operations such as lexical analysis, syntax analysis, semantic analysis, and optimization of the source code data of the multi-party security algorithm to generate LLVM intermediate code data.
LLVM编译器可以用于编译优化以任意程序语言编写的算法,从而可以使得算法源码的编写语言不再局限于特定领域的编写语言,便于多方安全计算的大规模推广。同时,还可以利用LLVM编译器对算法源码进行优化处理,从而可以进一步提高优化处理后的数据的可执行性。The LLVM compiler can be used to compile and optimize algorithms written in any programming language, so that the programming language of the algorithm source code is no longer limited to the programming language of a specific field, which is convenient for the large-scale promotion of multi-party secure computing. At the same time, the LLVM compiler can also be used to optimize the algorithm source code, which can further improve the executable of the optimized data.
如图4所示,本说明书的另一个实施例中,所述系统还可以包括JIT编译器,所述JIT编译器可以用于对所述中间代码文件进行解析执行处理,获得执行结果。As shown in FIG. 4, in another embodiment of the present specification, the system may further include a JIT compiler, and the JIT compiler may be used to analyze and execute the intermediate code file to obtain the execution result.
可以利用JIT编译器对所述中间代码文件进行解析执行处理。用户可以使用多方安全输入数据作为参数调用JIT执行LLVM IR文件中的算法函数。JIT编译器调取LLVM IR文件后,可以先对LLVM IR文件进行解析,以确保LLVM IR文件格式的正确性。若文件格式正确,JIT编译器可以根据输入的多方安全输入数据找到用户要执行的算法函数,并进行动态编译和链接。具体的,可以将该算法函数编译成二进制,然后链接成可执行代码,进行执行。JIT编译器执行链接完的函数,可以返回结果给用户。A JIT compiler can be used to parse and execute the intermediate code file. Users can use multi-party security input data as parameters to call JIT to execute algorithm functions in LLVM IR files. After the JIT compiler retrieves the LLVM IR file, it can parse the LLVM IR file first to ensure the correctness of the LLVM IR file format. If the file format is correct, the JIT compiler can find the algorithm function to be executed by the user according to the input multi-party security input data, and perform dynamic compilation and linking. Specifically, the algorithm function can be compiled into binary, and then linked into executable code for execution. The JIT compiler executes the linked function and can return the result to the user.
本说明书上述实施例提供的系统,通过利用封装有布尔电路功能的Integer库编写算法源码,并进一步利用LLVM的代码优化技术,可以使得最终获得的中间代码 文件远小于布尔电路文件,且中间代码文件更便于执行处理。另外,LLVM编译器可以适应任意的源码编写语言,从而可以进一步提高算法编写的简便性。The system provided by the above-mentioned embodiment of this specification uses the Integer library encapsulated with the Boolean circuit function to write the algorithm source code, and further uses the code optimization technology of LLVM to make the final intermediate code file much smaller than the Boolean circuit file, and the intermediate code file It is easier to perform processing. In addition, the LLVM compiler can adapt to any source code writing language, which can further improve the simplicity of algorithm writing.
需要说明的,上述所述的系统根据方法或者装置实施例的描述还可以包括其他的实施方式,具体的实现方式可以参照相关方法实施例的描述,在此不作一一赘述。It should be noted that the above-mentioned system may also include other implementation manners based on the description of the method or device embodiment. For the specific implementation manner, reference may be made to the description of the relevant method embodiment, which will not be repeated here.
上述实施例所述的多方安全计算数据处理系统,可以基于预先构建的多方安全运算库来简单方便的实现多方安全算法的编写。所述多方安全运算库中封装有预先编写好的布尔电路功能实现程序,从而可以将复杂的逻辑计算在算法编写过程中借助多方安全运算库来完成,避免了将算法源码再进行电路编译处理的过程。且通过利用多方安全运算库,还可以使得算法源码编译后获得的中间代码文件远小于布尔电路文件,进一步提高后续数据传输以及执行效率。The multi-party secure computing data processing system described in the foregoing embodiment can simply and conveniently implement the writing of multi-party secure algorithms based on a pre-built multi-party secure computing library. The multi-party safe operation library is encapsulated with a pre-written Boolean circuit function implementation program, so that complex logic calculations can be completed with the help of the multi-party safe operation library during the algorithm writing process, avoiding the algorithm source code and circuit compilation processing process. And by using a multi-party secure computing library, the intermediate code file obtained after the algorithm source code is compiled is much smaller than the Boolean circuit file, which further improves the subsequent data transmission and execution efficiency.
需要说明的是,本说明书上述所述的装置或者系统根据相关方法实施例的描述还可以包括其他的实施方式,具体的实现方式可以参照方法实施例的描述,在此不作一一赘述。本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于硬件+程序类、存储介质+程序实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。It should be noted that the device or system described above in this specification may also include other implementation manners based on the description of the related method embodiments. For specific implementation manners, refer to the description of the method embodiments, which will not be repeated here. The various embodiments in this specification are described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the hardware+program and storage medium+program embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiments.
尽管本说明书实施例内容中提到的IR文件解析、函数执行等获取、定义、交互、计算、判断等操作和数据描述,但是,本说明书实施例并不局限于必须是符合标准数据模型/模板或本说明书实施例所描述的情况。某些行业标准或者使用自定义方式或实施例描述的实施基础上略加修改后的实施方案也可以实现上述实施例相同、等同或相近、或变形后可预料的实施效果。应用这些修改或变形后的数据获取、存储、判断、处理方式等获取的实施例,仍然可以属于本说明书的可选实施方案范围之内。Although the IR file analysis, function execution and other operations and data description mentioned in the content of the embodiments of this specification, such as acquisition, definition, interaction, calculation, judgment, etc., are not limited to the embodiments of this specification that must conform to the standard data model/template. Or the situation described in the embodiment of this specification. Certain industry standards or implementations described in custom methods or examples with slight modifications can also achieve the same, equivalent or similar implementation effects of the foregoing examples, or predictable implementation effects after modification. The examples obtained by applying these modified or deformed data acquisition, storage, judgment, processing methods, etc., may still fall within the scope of the optional implementation solutions of this specification.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims may be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown to achieve the desired result. In certain embodiments, multitasking and parallel processing are also possible or may be advantageous.
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现, 或者由具有某种功能的产品来实现。一种典型的实现设备为计算机。具体的,计算机例如可以为个人计算机、膝上型计算机、车载人机交互设备、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任何设备的组合。The systems, devices, modules, or units explained in the foregoing embodiments may be specifically implemented by computer chips or entities, or implemented by products with certain functions. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a vehicle-mounted human-computer interaction device, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, and a tablet. Computers, wearable devices, or any combination of these devices.
为了描述的方便,描述以上装置时以功能分为各种模块分别描述。当然,在实施本说明书一个或多个时可以把各模块的功能在同一个或多个软件和/或硬件中实现,也可以将实现同一功能的模块由多个子模块或子单元的组合实现等。以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。For the convenience of description, when describing the above device, the functions are divided into various modules and described separately. Of course, when implementing one or more of this specification, the function of each module can be realized in the same one or more software and/or hardware, or the module that realizes the same function can be realized by a combination of multiple sub-modules or sub-units, etc. . The device embodiments described above are merely illustrative, for example, the division of the units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or integrated To another system, or some features can be ignored, or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
本领域技术人员也知道,除了以纯计算机可读程序代码方式实现控制器以外,完全可以通过将方法步骤进行逻辑编程来使得控制器以逻辑门、开关、专用集成电路、可编程逻辑控制器和嵌入微控制器等的形式来实现相同功能。因此这种控制器可以被认为是一种硬件部件,而对其内部包括的用于实现各种功能的装置也可以视为硬件部件内的结构。或者甚至,可以将用于实现各种功能的装置视为既可以是实现方法的软件模块又可以是硬件部件内的结构。Those skilled in the art also know that in addition to implementing the controller in a purely computer-readable program code manner, it is entirely possible to program the method steps to make the controller use logic gates, switches, application specific integrated circuits, programmable logic controllers and embedded The same function can be realized in the form of a microcontroller, etc. Therefore, such a controller can be regarded as a hardware component, and the devices included in the controller for realizing various functions can also be regarded as a structure within the hardware component. Or even, the device for realizing various functions can be regarded as both a software module for realizing the method and a structure within a hardware component.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowcharts and/or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device. The device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment. The instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, the computing device includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法或者设备中还存在另外的相同要素。It should also be noted that the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, product or equipment including a series of elements not only includes those elements, but also includes Other elements that are not explicitly listed, or include elements inherent to this process, method, commodity, or equipment. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other same elements in the process, method, or device that includes the element.
本领域技术人员应明白,本说明书一个或多个实施例可提供为方法、系统或计算机程序产品。因此,本说明书一个或多个实施例可采用完全硬件实施例、完全软件实施例或结合软件和硬件方面的实施例的形式。而且,本说明书一个或多个实施例可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that one or more embodiments of this specification can be provided as a method, a system, or a computer program product. Therefore, one or more embodiments of this specification may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, one or more embodiments of this specification may adopt a computer program implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes. The form of the product.
本说明书一个或多个实施例可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、对象、组件、数据结构等等。也可以在分布式计算环境中实践本本说明书一个或多个实施例,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。在分布式计算环境中,程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。One or more embodiments of this specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types. One or more embodiments of this specification can also be practiced in distributed computing environments. In these distributed computing environments, tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于系统实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本说明书的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述并不必须针对的是相同的实施例或示 例。而且,描述的具体特征、结构、材料或者特点可以在任一个或多个实施例或示例中以合适的方式结合。此外,在不相互矛盾的情况下,本领域的技术人员可以将本说明书中描述的不同实施例或示例以及不同实施例或示例的特征进行结合和组合。The various embodiments in this specification are described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the system embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiment. In the description of this specification, descriptions with reference to the terms "one embodiment", "some embodiments", "examples", "specific examples", or "some examples" etc. mean specific features described in conjunction with the embodiment or example , Structure, materials or features are included in at least one embodiment or example in this specification. In this specification, the schematic representations of the above-mentioned terms do not necessarily refer to the same embodiment or example. Moreover, the described specific features, structures, materials or characteristics can be combined in any one or more embodiments or examples in a suitable manner. In addition, those skilled in the art can combine and combine the different embodiments or examples and the characteristics of the different embodiments or examples described in this specification without contradicting each other.
以上所述仅为本说明书的实施例而已,并不用于限制本说明书。对于本领域技术人员来说,本说明书可以有各种更改和变化。凡在本说明书的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本说明书的权利要求范围之内。The above descriptions are only examples of this specification and are not intended to limit this specification. For those skilled in the art, this specification can have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this specification shall be included in the scope of the claims of this specification.

Claims (10)

  1. 一种多方安全计算数据处理方法,其特征在于,包括:A multi-party secure computing data processing method, characterized in that it comprises:
    基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
    对所述多方安全算法源码数据进行编译处理,获得中间代码文件;Compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
    对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
  2. 根据权利要求1所述的方法,其特征在于,所述对所述多方安全算法源码数据进行编译处理,包括:The method according to claim 1, wherein said compiling and processing said multi-party security algorithm source code data comprises:
    利用LLVM编译器对所述多方安全算法源码数据进行编译处理。The LLVM compiler is used to compile and process the source code data of the multi-party security algorithm.
  3. 根据权利要求1或2所述的方法,其特征在于,所述对所述中间代码文件进行解析执行处理,包括:The method according to claim 1 or 2, wherein the parsing and executing processing of the intermediate code file comprises:
    利用JIT编译器对所述中间代码文件进行解析执行处理。A JIT compiler is used to parse and execute the intermediate code file.
  4. 一种多方安全计算数据处理装置,其特征在于,所述装置包括:A multi-party secure computing data processing device, characterized in that the device includes:
    源码数据生成模块,用于基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;The source code data generation module is used to generate the multi-party security algorithm source code data of the target application scenario based on the pre-built multi-party security calculation library, the multi-party security calculation library including the Boolean circuit functional components written based on the preset language;
    中间代码生成模块,用于对所述多方安全算法源码数据进行编译处理,获得中间代码文件;The intermediate code generation module is used to compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
    解析执行模块,用于对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。The analysis execution module is configured to perform analysis and execution processing on the intermediate code file to obtain the execution result of the target application scenario.
  5. 根据权利要求4所述的装置,其特征在于,所述中间代码生成模块还用于利用LLVM编译器对所述多方安全算法源码数据进行编译处理。The device according to claim 4, wherein the intermediate code generation module is further configured to use an LLVM compiler to compile and process the source code data of the multi-party security algorithm.
  6. 根据权利要求4或5所述的装置,其特征在于,所述解析执行模块还用于利用JIT编译器对所述中间代码文件进行解析执行处理,获得执行结果。The device according to claim 4 or 5, wherein the analysis execution module is further configured to use a JIT compiler to analyze and execute the intermediate code file to obtain an execution result.
  7. 一种多方安全计算数据处理设备,其特征在于,包括处理器及用于存储处理器可执行指令的存储器,所述指令被所述处理器执行时实现包括以下步骤:A multi-party secure computing data processing device, which is characterized by comprising a processor and a memory for storing executable instructions of the processor, the instructions being executed by the processor including the following steps:
    基于预先构建的多方安全运算库生成目标应用场景的多方安全算法源码数据,所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;Generate multi-party security algorithm source code data of the target application scenario based on a pre-built multi-party security computing library, the multi-party security computing library including Boolean circuit functional components written based on a preset language;
    对所述多方安全算法源码数据进行编译处理,获得中间代码文件;Compile and process the source data of the multi-party security algorithm to obtain an intermediate code file;
    对所述中间代码文件进行解析执行处理,获得所述目标应用场景的执行结果。Perform analysis and execution processing on the intermediate code file to obtain an execution result of the target application scenario.
  8. 一种多方安全计算数据处理系统,其特征在于,所述多方安全计算数据处理系统包括至少一个处理器以及存储计算机可执行指令的存储器,所述处理器执行所述指令时实现所述权利要求1-3任一项所述方法的步骤。A multi-party secure computing data processing system, wherein the multi-party secure computing data processing system includes at least one processor and a memory storing computer executable instructions, and the processor implements the claim 1 when the instructions are executed. -3 Steps of any of the methods.
  9. 一种多方安全计算数据处理系统,其特征在于,所述系统包括多方安全运算库、算法生成模块以及LLVM编译器,其中,A multi-party secure computing data processing system, characterized in that the system includes a multi-party secure computing library, an algorithm generation module and an LLVM compiler, wherein,
    所述多方安全运算库包括基于预设语言编写的布尔电路功能组件;The multi-party safe operation library includes Boolean circuit function components written based on a preset language;
    所述算法生成模块用于基于所述多方安全运算库中的布尔电路功能组件生成多方安全算法源码数据;The algorithm generating module is used to generate the source code data of the multi-party security algorithm based on the Boolean circuit functional components in the multi-party security operation library;
    所述LLVM编译器用于对所述多方安全算法源码数据进行编译处理,获得中间代码文件。The LLVM compiler is used to compile and process the source code data of the multi-party security algorithm to obtain an intermediate code file.
  10. 根据权利要求9所述的系统,其特征在于,所述系统还包括JIT编译器,所述JIT编译器用于对所述中间代码文件进行解析执行处理,获得执行结果。The system according to claim 9, wherein the system further comprises a JIT compiler, and the JIT compiler is used to analyze and execute the intermediate code file to obtain an execution result.
PCT/CN2019/083425 2019-04-19 2019-04-19 Multi-party secure computing data processing method, apparatus and system WO2020211074A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/083425 WO2020211074A1 (en) 2019-04-19 2019-04-19 Multi-party secure computing data processing method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/083425 WO2020211074A1 (en) 2019-04-19 2019-04-19 Multi-party secure computing data processing method, apparatus and system

Publications (1)

Publication Number Publication Date
WO2020211074A1 true WO2020211074A1 (en) 2020-10-22

Family

ID=72837972

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/083425 WO2020211074A1 (en) 2019-04-19 2019-04-19 Multi-party secure computing data processing method, apparatus and system

Country Status (1)

Country Link
WO (1) WO2020211074A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112364390A (en) * 2021-01-15 2021-02-12 华控清交信息科技(北京)有限公司 Data processing method and device and data processing device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106933610A (en) * 2015-12-30 2017-07-07 北京金山安全软件有限公司 Application program installation package generation method and device and electronic equipment
CN109558750A (en) * 2018-11-30 2019-04-02 北京八分量信息科技有限公司 A kind of data processing system and method based on multi-party computations

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106933610A (en) * 2015-12-30 2017-07-07 北京金山安全软件有限公司 Application program installation package generation method and device and electronic equipment
CN109558750A (en) * 2018-11-30 2019-04-02 北京八分量信息科技有限公司 A kind of data processing system and method based on multi-party computations

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112364390A (en) * 2021-01-15 2021-02-12 华控清交信息科技(北京)有限公司 Data processing method and device and data processing device

Similar Documents

Publication Publication Date Title
Khammassi et al. OpenQL: A portable quantum programming framework for quantum accelerators
US8191042B2 (en) Continuation based declarative definition and composition
JP7324831B2 (en) DEPLOYMENT METHOD, DEPLOYMENT DEVICE AND ELECTRONIC DEVICE OF OPERATORS IN DEEP LEARNING FRAMEWORK
US9977663B2 (en) Technologies for optimizing sparse matrix code with field-programmable gate arrays
Ozik et al. The ReLogo agent-based modeling language
Çetinkaya et al. Model continuity in discrete event simulation: A framework for model-driven development of simulation models
CN111198868A (en) Intelligent sub-database real-time data migration method and device
US10241767B2 (en) Distributed function generation with shared structures
CN110333867B (en) Multiparty secure computing data processing method, device and system
US9875088B2 (en) Optimized compiling of a template function
Nguyen et al. Enabling pulse-level programming, compilation, and execution in xacc
CN110781126A (en) FPGA heterogeneous acceleration realization method, system, terminal and storage medium of TensorFlow
US20220172044A1 (en) Method, electronic device, and computer program product for deploying machine learning model
WO2020211074A1 (en) Multi-party secure computing data processing method, apparatus and system
Nahas et al. Choosing appropriate programming language to implement software for real-time resource-constrained embedded systems
Li et al. J2M: a Java to MapReduce translator for cloud computing
US20110271261A1 (en) Modifiable high-level intermediate representation of source code
Zhang et al. SNC: A cloud service platform for symbolic-numeric computation using just-in-time compilation
WO2022035476A1 (en) Representing asynchronous state machine in intermediate code
CN112988139A (en) Method and device for developing event processing file
Takizawa et al. Xevolver for performance tuning of C programs
Varsha et al. A Review of Existing Approaches to Increase the Computational Speed of the Python
CN113260976A (en) Techniques for scheduling instructions in compiled source code
Gotti et al. A Model Driven approach for multi-platform execution of interactive UIS designed with IFML
US11782732B1 (en) Language agnostic pipeline packager for machine learning

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19924681

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19924681

Country of ref document: EP

Kind code of ref document: A1