WO2020223917A1 - Method and apparatus for implementing secure multi-party computation, and computer device and storage medium - Google Patents

Method and apparatus for implementing secure multi-party computation, and computer device and storage medium Download PDF

Info

Publication number
WO2020223917A1
WO2020223917A1 PCT/CN2019/085940 CN2019085940W WO2020223917A1 WO 2020223917 A1 WO2020223917 A1 WO 2020223917A1 CN 2019085940 W CN2019085940 W CN 2019085940W WO 2020223917 A1 WO2020223917 A1 WO 2020223917A1
Authority
WO
WIPO (PCT)
Prior art keywords
mpc
node
calculation
mpc node
proxy server
Prior art date
Application number
PCT/CN2019/085940
Other languages
French (fr)
Chinese (zh)
Inventor
黄高峰
李升林
孙立林
谢翔
Original Assignee
云图有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云图有限公司 filed Critical 云图有限公司
Priority to PCT/CN2019/085940 priority Critical patent/WO2020223917A1/en
Publication of WO2020223917A1 publication Critical patent/WO2020223917A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data

Definitions

  • This application relates to the technical field of secure multi-party computing, and in particular to a method, device, computer equipment, and storage medium for implementing secure multi-party computing.
  • Secure Multi-Party Computation means that in a distributed network, multiple users need to work together to complete a task, and each user holds some private data as input to the task, and they hope to complete it together The calculation of these data requires that each user cannot know any input information of other users except the calculation result.
  • Secure multi-party computing is to solve the problem of collaborative computing between a group of untrusted parties under the premise of protecting privacy. Secure multi-party computing must ensure the independence of input and the correctness of the calculation, while not leaking each input data to the participants. Other members of the calculation. Secure multi-party computing plays an important role in scenarios such as electronic elections, electronic voting, electronic auctions, secret sharing, and threshold signatures.
  • the embodiments of the present application provide a method for implementing secure multi-party computing to solve the problem of low task collaboration efficiency between nodes participating in computing in the prior art.
  • the embodiment of the present application provides a method for implementing secure multi-party computing, including: a proxy server receives a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and the proxy server is registered There are callback functions for each MPC node in multiple MPC nodes; in response to a calculation request, the proxy server sends a calculation request to each MPC node by calling the callback function of each MPC node; in the case where it is determined that each MPC node has received the calculation request, The proxy server sends a calculation start notification to each MPC node by calling the callback function of each MPC node, where the calculation start notification is used to instruct each MPC node to perform secure multi-party calculation.
  • the proxy server registers the callback function of each MPC node in the multiple MPC nodes, including: the proxy server receives a callback registration request sent by each MPC node in the multiple MPC nodes, and the callback registration request carries the corresponding MPC node User information and callback function, the user information is used to identify the corresponding MPC node; in response to the callback registration request, the proxy server registers the user information and the callback function of each MPC node among the multiple MPC nodes.
  • the user information includes at least one of the following: user ID, task ID, port ID, public key, and distribution password.
  • each MPC node performs secure multi-party calculation, including: in response to a calculation start notification, establishing a direct connection between each MPC node; each MPC node performs secure multi-party calculation according to a preset MPC protocol, where each MPC node Directly transfer intermediate data between calculations.
  • each MPC node executes secure multi-party computing, including: in response to the calculation start notification, each MPC node establishes an indirect connection through a proxy server; each MPC node performs secure multi-party computing according to a preset MPC protocol, where, Each MPC node forwards and calculates intermediate data through a proxy server.
  • the proxy server forwards the calculation intermediate data, including: the proxy server receives the encrypted calculation intermediate data sent by the second MPC node, where the encrypted calculation intermediate data is generated by the second MPC node according to the third MPC node
  • the second MPC node and the third MPC node are two MPC nodes among multiple MPC nodes; the proxy server encrypts the received data by calling the callback function of the third MPC node.
  • the latter calculation intermediate data is sent to the third MPC node, where the third MPC node decrypts the received calculation intermediate data according to its own private key to obtain the decrypted calculation intermediate data.
  • the method further includes: the proxy server receives the result distribution request sent by the fourth MPC node, where the fourth MPC node is the MPC node that obtains the calculation result among the MPC nodes ; In response to the result distribution request, the proxy server distributes the calculation result.
  • the method before the proxy server receives the result distribution request sent by the fourth MPC node, the method further includes: the fourth MPC node determines whether to distribute the obtained calculation result; after determining whether to distribute the obtained calculation result In this case, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result.
  • the proxy server receives data and/or requests sent by multiple MPC nodes via a firewall, and sends data and/or requests to multiple MPC nodes via the firewall.
  • the embodiment of the present application also provides a device for realizing secure multi-party computing, which is located in the proxy server, and includes: a receiving module for receiving a calculation request sent by a first MPC node, where the first MPC node is among multiple MPC nodes For one MPC node in the Proxy Server, the callback function of each MPC node in multiple MPC nodes is registered in the proxy server; the first callback module is used to send a calculation request to each MPC node by calling the callback function of each MPC node in response to a calculation request; The second callback module is used to send a calculation start notification to each MPC node by calling the callback function of each MPC node when it is determined that each MPC node has received the calculation request.
  • the calculation start notification is used to instruct each MPC node to execute Safe multi-party calculations.
  • An embodiment of the present application further provides a computer device including a processor and a memory for storing executable instructions of the processor, and the processor implements the method for implementing secure multi-party computing described in any of the foregoing embodiments when the processor executes the instructions A step of.
  • the embodiments of the present application also provide a computer-readable storage medium on which computer instructions are stored, which when executed, implement the steps of the method for implementing secure multi-party computing described in any of the foregoing embodiments.
  • a method for implementing secure multi-party computing is provided.
  • a proxy server registered with the callback function of each MPC node among multiple MPC nodes receives a calculation request, and in response to the calculation request, calls each MPC node's
  • the callback function sends a calculation request to each MPC node, and when it is determined that each MPC node has received the calculation request, the callback function of each MPC node is called to send a calculation start notification to each MPC node, so that each MPC node performs secure multi-party calculation.
  • the computing task coordination between the MPC nodes is performed through the proxy server, so that a more flexible and configurable way can be used to construct computing collaboration services, thereby achieving secure multi-party computing between MPC nodes, effectively improving the efficiency of task collaboration and Safe multi-party calculation efficiency.
  • the existing technical problems of low task collaboration efficiency and low computational efficiency of secure multi-party computing are solved, and the technical effects of effectively improving the efficiency and flexibility of task collaboration and improving the efficiency of secure multi-party computing are achieved.
  • FIG. 1 shows a schematic diagram of an application scenario of a method for implementing secure multi-party computing in an embodiment of the present application
  • FIG. 2 shows a schematic diagram of the system architecture of a method for implementing secure multi-party computing in an embodiment of the present application
  • FIG. 3 shows a flowchart of a method for implementing secure multi-party computing in an embodiment of the present application
  • FIG. 4 shows a sequence diagram of a method for implementing secure multi-party computing in an embodiment of the present application
  • FIG. 5 shows a sequence diagram of a method for implementing secure multi-party computing in an embodiment of the present application
  • FIG. 6 shows a schematic diagram of a device for implementing secure multi-party computing in an embodiment of the present application
  • Fig. 7 shows a schematic diagram of a computer device in an embodiment of the present application.
  • Fig. 1 shows a schematic diagram of an application scenario of the method.
  • a proxy server and multiple MPC nodes are schematically shown (in this application, the number of MPC nodes can be 2, 3, or more than 3, and Figure 1 only schematically shows 3 MPC nodes: MPC node 1, MPC node 2, and MPC node 3).
  • user callbacks of multiple MPC nodes are registered in the proxy server, and user callbacks include user information and callback functions.
  • the proxy server communicates with each MPC node.
  • the proxy server can receive the calculation request sent by any one of the multiple MPC nodes, and in response to the calculation request, send the calculation request to each MPC node by calling the callback function of each MPC node, and confirm that each MPC node successfully receives
  • a calculation start notification is sent to each MPC node by calling the callback function of each MPC node, and each MPC node performs a secure multi-party calculation in response to the calculation start notification.
  • the foregoing proxy server may be a single server, a server cluster, or a cloud server, etc., and the specific composition is not limited in this application.
  • the above-mentioned MPC node may be a desktop computer, a notebook, a mobile phone terminal, a PDA, etc., as long as it is a device that can communicate with a proxy server and has computing capabilities.
  • the present application does not limit the appearance and formation of the MPC node.
  • FIG. 2 shows a schematic diagram of a system architecture of a method for implementing secure multi-party computing in the implementation of this application.
  • MPC node 1 two MPC nodes are schematically shown: MPC node 1 and MPC node 2.
  • each MPC node may include MPC APP (application), MPC SDK (MPC software development kit), MPC CORE (MPC core), and Data Client/Service (data client/server).
  • MPC APP can receive secure multi-party computing requests input by users.
  • MPC SDK is used to provide computing task service interface for MPC APP to use, including registration callback, initiating invitation and other operations, which need to call data communication services provided by Data Client/Service.
  • MPC CORE is used to provide MPC protocol to achieve core computing tasks and perform secure multi-party computing.
  • Data Client/Service provides input and output data client or server capabilities, and acts as a communication entity for secure multi-party computing.
  • the firewall is used to provide reliable, safe and efficient application firewall services.
  • the proxy server is used to provide user registration services, process computing requests, negotiate secure multi-party computing, and can provide data channel agents, communicate with data clients through requests and callbacks, and provide computing collaboration services.
  • each MPC node has a data client, and the data client can communicate with the proxy server or the opposite MPC node.
  • the MPC node can use one of the following methods: proxy transmission mode and direct transmission mode.
  • proxy transmission mode the MPC node has the capability of a data client, which relies on the transfer service provided by the proxy server to send data, and then the proxy server sends the data to the opposite MPC node through a callback.
  • proxy transmission mode multiple MPC nodes can be in different networks, and the proxy service is equivalent to a public network proxy, providing data transfer to realize data exchange between MPC nodes.
  • the MPC node opens the data service, directly establishes a communication connection with the opposite MPC node, and can directly receive the intermediate calculation data sent by the opposite MPC node or directly send the intermediate calculation data to the opposite MPC node. It will not leak to a third-party proxy server, so data privacy is higher. In practical applications, one of these two transmission modes can be flexibly selected according to the actual situation.
  • FIG. 3 shows a flowchart of a method for implementing secure multi-party computing in an embodiment of the present application.
  • this application provides method operation steps or device structures as shown in the following embodiments or drawings, the method or device may include more or fewer operation steps or module units based on conventional or no creative labor. .
  • the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the description of the embodiments of this application and the drawings.
  • the described method or module structure is applied to an actual device or terminal product, it can be executed sequentially or in parallel according to the method or module structure connection shown in the embodiments or drawings (for example, parallel processor or multi-threaded processing Environment, even distributed processing environment).
  • the method for implementing secure multi-party computing may include the following steps:
  • Step 301 The proxy server receives a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and the proxy server registers a callback function of each MPC node among the multiple MPC nodes.
  • the proxy server is registered with the callback function of each of the multiple MPC nodes participating in the secure multi-party calculation.
  • the callback function may include but is not limited to at least one of the following: an invitation callback function, a preparation callback function, a data callback function, and a result callback function.
  • the proxy server may receive the calculation request sent by the first MPC node among the multiple MPC nodes.
  • the calculation request may be a calculation invitation request.
  • Step 302 In response to the calculation request, the proxy server sends the calculation request to each MPC node by calling the callback function of each MPC node.
  • the proxy server can send a calculation request to each MPC node including the first MPC node by invoking the invitation callback function of each MPC node, so as to invite each MPC node to participate in the secure multi-party Calculation.
  • Step 303 When it is determined that each MPC node has received the calculation request, the proxy server sends a calculation start notification to each MPC node by calling the callback function of each MPC node, where the calculation start notification is used to instruct each MPC node to perform secure multi-party Calculation.
  • the proxy server determines whether each MPC node has received the calculation request. Since the proxy server sends the calculation request by calling the callback function, the proxy server can determine whether each MPC node has received the calculation request according to whether the callback function is executed successfully. In the case where it is determined that each MPC node has received the calculation request, the proxy server may send a calculation start notification to each MPC node by calling the preparation callback function of each MPC node. The calculation start notification is used to inform that each MPC node is ready to start secure multi-party calculation. Each MPC node executes secure multi-party calculation in response to the calculation start notification.
  • a proxy server registered with the callback function of each MPC node among multiple MPC nodes receives a calculation request, and in response to the calculation request, calls the callback function of each MPC node to each MPC node.
  • Send a calculation request and when it is determined that each MPC node has received the calculation request, call the callback function of each MPC node to send a calculation start notification to each MPC node, so that each MPC node performs secure multi-party calculation.
  • the computing task coordination between the MPC nodes is performed through the proxy server, so that a more flexible and configurable way can be used to construct computing collaboration services, thereby achieving secure multi-party computing between MPC nodes, effectively improving the efficiency of task collaboration and Safe multi-party calculation efficiency.
  • the existing technical problems of low task collaboration efficiency and low computational efficiency of secure multi-party computing are solved, and the technical effects of effectively improving the efficiency and flexibility of task collaboration and improving the efficiency of secure multi-party computing are achieved.
  • the proxy server registering the callback function of each MPC node in the multiple MPC nodes may include: the proxy server receives the callback registration request sent by each MPC node in the multiple MPC nodes, and the callback registration request The user information and callback function of the corresponding MPC node are carried, and the user information is used to identify the corresponding MPC node; in response to the callback registration request, the proxy server registers the user information and the callback function of each MPC node among the multiple MPC nodes.
  • the user information may include at least one of the following: user ID, task ID, port ID, public key, and distribution password.
  • the proxy server can verify each MPC node according to the assigned password, and after the verification is passed, the user callback registration of the MPC node will be performed.
  • the callback function and user information of each MPC node can be registered in the proxy server, so that when the MPC node receives the calculation invitation, the calculation request and the calculation start notification are sent to each MPC node through the callback, so that each MPC node executes safely. Multi-party calculations.
  • each MPC node performs secure multi-party calculations, which may include: in response to the calculation start notification, between the MPC nodes Establish a direct connection; each MPC node executes secure multi-party calculations according to the preset MPC protocol, among which the intermediate data of calculation is directly transmitted between each MPC node.
  • secure multi-party calculations may include: in response to the calculation start notification, between the MPC nodes Establish a direct connection; each MPC node executes secure multi-party calculations according to the preset MPC protocol, among which the intermediate data of calculation is directly transmitted between each MPC node.
  • the connection information, service address, and port IP address of the opposite end are obtained, so as to facilitate subsequent direct transmission and calculation of intermediate data.
  • the intermediate calculation data is directly transmitted without forwarding through a proxy server, which can better protect data privacy.
  • each MPC node performing secure multi-party computing may include: in response to the calculation start notification, each MPC node establishes an indirect connection through a proxy server; each MPC node performs security according to a preset MPC protocol Multi-party calculations, where each MPC node forwards intermediate calculation data through a proxy server.
  • the proxy server provides the public network IP, so that multiple MPC nodes in different networks establish communication connections through the proxy server to realize internal and external network communication. It can also be used to monitor network quality, perform traffic monitoring, and bandwidth monitoring.
  • the proxy server forwarding the calculation intermediate data may include: the proxy server receives the encrypted calculation intermediate data sent by the second MPC node, where the encrypted calculation intermediate data is generated by the second MPC node It is obtained by encrypting the intermediate calculation data according to the public key of the third MPC node.
  • the second MPC node and the third MPC node are two of the multiple MPC nodes; the proxy server calls the callback function of the third MPC node
  • the received encrypted intermediate calculation data is sent to the third MPC node, where the third MPC node decrypts the received intermediate calculation data according to its own private key to obtain the decrypted intermediate calculation data.
  • the intermediate calculation data is encrypted and then forwarded, which can protect data privacy in the proxy transmission mode.
  • each MPC node After each MPC node performs a secure multi-party calculation, one of the MPC nodes generally obtains the calculation result. In order to distribute the calculation result to other MPC nodes, the calculation result can be distributed through a proxy server. Therefore, in some embodiments of the present application, after each MPC node executes the secure multi-party calculation, it may also include: the proxy server receives the result distribution request sent by the fourth MPC node, where the fourth MPC node is the acquisition in each MPC node The MPC node of the calculation result; in response to the result distribution request, the proxy server distributes the calculation result. Through the above method, the calculation result can be distributed through the proxy server.
  • the proxy server before the proxy server receives the result distribution request sent by the fourth MPC node, it may further include: the fourth MPC node determines whether to distribute the obtained calculation result; In the case of distributing the calculation result of, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result. Among them, the fourth MPC node can determine whether the obtained calculation result needs to be distributed according to the configuration file or code. In the case of determining that the obtained calculation result is to be distributed, the fourth MPC node sends a result distribution request to the proxy server. The calculation result is carried in the distribution request. Through the above method, whether to distribute the calculation result can be determined as needed.
  • the proxy server may receive data and/or requests sent by multiple MPC nodes via a firewall, and may send data and/or requests to multiple MPC nodes via the firewall.
  • FIG. 4 and FIG. 5 respectively show a sequence diagram of the method for implementing secure multiparty computing in the direct transmission mode and a sequence diagram of the method for implementing secure multiparty computing in the proxy transmission mode.
  • Two MPC nodes are shown as examples in both Fig. 4 and Fig. 5.
  • the method for implementing secure multi-party computing may include the following steps:
  • Step 1 MPC node 1 and MPC node 2 are pre-processed, and MPC APP loads related configurations, prepares the computing environment, and caches the Boolean circuit calculated by MPC, etc.;
  • Step 2 MPC node 1 and MPC node 2 respectively send user callback registration requests to the proxy server, and the proxy server responds to the user callback registration request and registers the user callbacks of MPC node 1 and MPC node 2 to the proxy server;
  • Step 3 MPC node 1 sends an MPC calculation invitation to the proxy server
  • Step 4 In response to the MPC calculation invitation, the proxy server sends an invitation callback to MPC node 1 and MPC node 2;
  • Step 5 The proxy server sends a preparation callback to the MPC node 1 and the MPC node 2 when it determines that all invitation callbacks are executed successfully;
  • Step 6 MPC node 1 and MPC node 2 establish a direct connection in response to preparing a callback, and perform MPC calculation. During the MPC calculation process, MPC node 1 and MPC node 2 directly transmit intermediate calculation data;
  • Step 7 After the MPC node 2 obtains the calculation result, if it is determined that the calculation result does not need to be distributed, execute step 9; if it is determined to send the calculation result to the MPC node 1, execute step 8;
  • Step 8 The MPC node 2 sends the calculation result to the proxy server, and the proxy server sends the calculation result to the MPC node 1 through the calculation result callback;
  • the method for implementing secure multiparty computing includes the following steps:
  • Step 1 MPC node 1 and MPC node 2 are pre-processed, and MPC APP loads related configurations, prepares the computing environment, and caches the Boolean circuit calculated by MPC, etc.;
  • Step 2 MPC node 1 and MPC node 2 respectively send user callback registration requests to the proxy server, and the proxy server responds to the user callback registration request and registers the user callbacks of MPC node 1 and MPC node 2 to the proxy server;
  • Step 3 MPC node 1 sends an MPC calculation invitation to the proxy server
  • Step 4 In response to the MPC calculation invitation, the proxy server sends an invitation callback to MPC node 1 and MPC node 2;
  • Step 5 The proxy server sends a preparation callback to the MPC node 1 and the MPC node 2 when it determines that all invitation callbacks are executed successfully;
  • MPC node 1 and MPC node 2 respond to the preparation of the callback, establish an indirect connection through the proxy server, and perform MPC calculation.
  • MPC node 1 and MPC node 2 transmit intermediate calculation data through proxy server forwarding.
  • the proxy server forwards the data through data callback.
  • the MPC node as the sender encrypts the data according to the public key of the MPC node as the receiver, and the data is received at the MPC node as the receiver After the data, decrypt it according to its own private key to obtain the decrypted data;
  • Step 7 After the MPC node 2 obtains the calculation result, if it is determined that the calculation result does not need to be distributed, execute step 9; if it is determined to send the calculation result to the MPC node 1, execute step 8;
  • Step 8 The MPC node 2 sends the calculation result to the proxy server, and the proxy server sends the calculation result to the MPC node 1 through the calculation result callback;
  • the secure multi-party computing method provided in this application can provide multiple ways to establish a communication network, including: public network, intranet, and intranet and public network combination, etc. ; It is also possible to build a reliable data transmission channel by providing firewall services on the channel.
  • This application is responsible for coordinating calculation tasks by setting up a proxy server, such as MPC node registration, calculation invitation, connection establishment, calculation process proxy, etc., which can simplify collaborative processing
  • the process enables the construction of computing collaboration services in a more flexible and configurable manner, provides customizable network configuration capabilities, makes computing scheduling and execution more efficient, thereby improving the efficiency of secure multi-party computing and ensuring data privacy.
  • an implementation device for secure multi-party computing is also provided in an embodiment of the present application, which is located in a proxy server, as described in the following embodiment. Since the problem-solving principle of the device for implementing secure multiparty computing is similar to the method for implementing secure multiparty computing, the implementation of the device for implementing secure multiparty computing can refer to the implementation of secure multiparty computing, and the repetition will not be repeated.
  • the term "unit” or "module” can be a combination of software and/or hardware that implements predetermined functions.
  • the devices described in the following embodiments are preferably implemented by software, hardware or a combination of software and hardware is also possible and conceived.
  • Fig. 6 is a structural block diagram of the device for implementing secure multi-party computing according to an embodiment of the present application. As shown in Fig. 6, it includes: a receiving module 601, a first callback module 602, and a second callback module 603. Description.
  • the receiving module 601 is configured to receive a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and a callback function of each MPC node among the multiple MPC nodes is registered in the proxy server.
  • the first callback module 602 is configured to send a calculation request to each MPC node by calling the callback function of each MPC node in response to the calculation request.
  • the second callback module 603 is used to send a calculation start notification to each MPC node by calling the callback function of each MPC node when it is determined that each MPC node has received the calculation request, wherein the calculation start notification is used to instruct each MPC node to execute Safe multi-party calculations.
  • the device for implementing secure multi-party computing may further include a registration module, the registration module is used to register the callback function of each MPC node of the multiple MPC nodes in the proxy server, and the registration module may be specifically used In: Receive a callback registration request sent by each MPC node in multiple MPC nodes, the callback registration request carries the user information and callback function of the corresponding MPC node, and the user information is used to identify the corresponding MPC node; in response to the callback registration request, User information and callback functions of each MPC node in each MPC node are registered.
  • a registration module is used to register the callback function of each MPC node of the multiple MPC nodes in the proxy server, and the registration module may be specifically used
  • Receive a callback registration request sent by each MPC node in multiple MPC nodes the callback registration request carries the user information and callback function of the corresponding MPC node, and the user information is used to identify the corresponding MPC node; in response to the callback
  • the user information may include at least one of the following: user ID, task ID, port ID, public key, and distribution password.
  • each MPC node performing secure multi-party computing may include: in response to a calculation start notification, establishing a direct connection between each MPC node; each MPC node performing secure multi-party computing according to a preset MPC protocol, where: Each MPC node directly transmits and calculates intermediate data.
  • each MPC node performing secure multi-party computing may include: in response to a calculation start notification, establishing an indirect connection between each MPC node through a proxy server; each MPC node performing secure multi-party computing according to a preset MPC protocol , Among them, each MPC node forwards and calculates intermediate data through a proxy server.
  • the device for implementing secure multi-party computing may further include a forwarding module for forwarding intermediate calculation data, and the forwarding module may be specifically configured to: receive the encrypted intermediate calculation data sent by the second MPC node, Among them, the encrypted intermediate calculation data is obtained by the second MPC node after encrypting the intermediate calculation data according to the public key of the third MPC node.
  • the second MPC node and the third MPC node are two of the multiple MPC nodes.
  • MPC node Send the received encrypted intermediate calculation data to the third MPC node by calling the callback function of the third MPC node, where the third MPC node decrypts the received intermediate calculation data according to its own private key, To obtain the decrypted intermediate data.
  • the device for implementing secure multi-party computing may further include a distribution module, which is specifically configured to: after each MPC node executes secure multi-party computing, receive a result distribution request sent by the fourth MPC node, where , The fourth MPC node is the MPC node that obtains the calculation result among the MPC nodes; in response to the result distribution request, the calculation result is distributed.
  • a distribution module which is specifically configured to: after each MPC node executes secure multi-party computing, receive a result distribution request sent by the fourth MPC node, where , The fourth MPC node is the MPC node that obtains the calculation result among the MPC nodes; in response to the result distribution request, the calculation result is distributed.
  • the fourth MPC node determines whether to distribute the obtained calculation result; in the case where it is determined to distribute the obtained calculation result Next, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result.
  • the device for implementing secure multi-party computing may receive data and/or requests sent by multiple MPC nodes via a firewall, and may send data and/or requests to multiple MPC nodes via the firewall.
  • the proxy server registered with the callback function of each MPC node among the multiple MPC nodes receives the calculation request, and in response to the calculation request, calls each MPC
  • the callback function of the node sends a calculation request to each MPC node.
  • the callback function of each MPC node is called to send a calculation start notification to each MPC node, so that each MPC node performs secure multi-party calculation .
  • the computing task coordination between the MPC nodes is performed through the proxy server, so that a more flexible and configurable way can be used to construct computing collaboration services, thereby achieving secure multi-party computing between MPC nodes, effectively improving the efficiency of task collaboration and Safe multi-party calculation efficiency.
  • the existing technical problems of low task collaboration efficiency and low computational efficiency of secure multi-party computing are solved, and the technical effects of effectively improving the efficiency and flexibility of task collaboration and improving the efficiency of secure multi-party computing are achieved.
  • the embodiment of the present application also provides a computer device.
  • the computer device may specifically include an input device 71 , Processor 72, memory 73.
  • the memory 73 is used to store processor executable instructions.
  • the processor 72 implements the steps of the method for implementing secure multi-party computing described in any of the foregoing embodiments when executing the instructions.
  • the input device may specifically be one of the main devices for information exchange between the user and the computer system.
  • the input device may include a keyboard, a mouse, a camera, a scanner, a light pen, a handwriting input board, a voice input device, etc.; the input device is used to input raw data and programs for processing these numbers into the computer.
  • the input device can also obtain and receive data transmitted from other modules, units, and devices.
  • the processor can be implemented in any suitable way.
  • the processor may take the form of a microprocessor or a processor and a computer-readable medium, logic gates, switches, application specific integrated circuits that store computer-readable program codes (such as software or firmware) executable by the (micro)processor ( Application Specific Integrated Circuit, ASIC), programmable logic controller and embedded microcontroller form, etc.
  • the memory may specifically be a memory device used to store information in modern information technology.
  • the memory can include multiple levels. In a digital system, as long as it can store binary data, it can be a memory; in an integrated circuit, a circuit with a storage function without a physical form is also called a memory, such as RAM, FIFO, etc.; In the system, storage devices in physical form are also called memory, such as memory sticks, TF cards, etc.
  • the embodiment of the present application also provides a computer storage medium based on a method for realizing secure multi-party computing.
  • the computer storage medium stores computer program instructions, and when the computer program instructions are executed, the computer program instructions described in any of the foregoing embodiments are implemented. Steps of the implementation method of secure multi-party computing.
  • the above-mentioned storage medium includes but is not limited to random access memory (Random Access Memory, RAM), read-only memory (Read-Only Memory, ROM), cache (Cache), and hard disk (Hard Disk Drive, HDD) Or memory card (Memory Card).
  • the memory can be used to store computer program instructions.
  • the network communication unit may be an interface set up in accordance with a standard stipulated by the communication protocol and used for network connection communication.
  • modules or steps of the embodiments of the present application described above can be implemented by a general computing device, and they can be concentrated on a single computing device or distributed among multiple computing devices.
  • they can be implemented with program codes executable by a computing device, so that they can be stored in a storage device for execution by the computing device, and in some cases, can be different from here
  • the steps shown or described are executed in the order of, or they are respectively fabricated into individual integrated circuit modules, or multiple modules or steps of them are fabricated into a single integrated circuit module to achieve. In this way, the embodiments of the present application are not limited to any specific hardware and software combination.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A method and apparatus for implementing secure multi-party computation, and a computer device and a storage medium. The method comprises: a proxy server receives a computation request sent by a first MPC node (S301), wherein the first MPC node is one of a plurality of MPC nodes, and a callback function of each of the plurality of MPC nodes is registered in the proxy server; in response to the computation request, the proxy server sends the computation request to each MPC node by calling the callback function of each MPC node (S302); in the case of determining that each MPC node receives the computation request, the proxy server sends a computation start notification to each MPC node by calling the callback function of each MPC node (S303), wherein the computation start notification is used for indicating each MPC node to execute the secure multi-party computation. According to the method, the secure multi-party computation cooperation service can be constructed in a more flexible and configurable manner, and the task cooperation efficiency and the computation efficiency are effectively improved.

Description

安全多方计算的实现方法、装置、计算机设备和存储介质Method, device, computer equipment and storage medium for realizing secure multi-party computing 技术领域Technical field
本申请涉及安全多方计算技术领域,特别涉及一种安全多方计算的实现方法、装置、计算机设备和存储介质。This application relates to the technical field of secure multi-party computing, and in particular to a method, device, computer equipment, and storage medium for implementing secure multi-party computing.
背景技术Background technique
安全多方计算(Secure Multi-Party Computation,MPC)是指在一个分布式网络中,多个用户需要共同协作完成一项任务,每个用户各自持有一些私密数据作为任务的输入,他们希望共同完成对这些数据的计算,同时要求每个用户除计算结果外均不能够获知其他用户的任何输入信息。安全多方计算是解决一组互不信任的参与方之间在保护隐私的前提下完成协同计算的问题,安全多方计算要确保输入的独立性,计算的正确性,同时不泄露各输入数据给参与计算的其他成员。安全多方计算在电子选举、电子投票、电子拍卖、秘密共享、门限签名等场景中有着重要的作用。Secure Multi-Party Computation (MPC) means that in a distributed network, multiple users need to work together to complete a task, and each user holds some private data as input to the task, and they hope to complete it together The calculation of these data requires that each user cannot know any input information of other users except the calculation result. Secure multi-party computing is to solve the problem of collaborative computing between a group of untrusted parties under the premise of protecting privacy. Secure multi-party computing must ensure the independence of input and the correctness of the calculation, while not leaking each input data to the participants. Other members of the calculation. Secure multi-party computing plays an important role in scenarios such as electronic elections, electronic voting, electronic auctions, secret sharing, and threshold signatures.
然而,目前的安全多方计算中参与计算的各节点之间的任务协作效率较低,从而导致计算效率低。However, the task collaboration efficiency between the nodes participating in the calculation in the current secure multi-party calculation is low, which results in low calculation efficiency.
针对上述问题,目前尚未提出有效的解决方案。In view of the above problems, no effective solutions have been proposed yet.
发明内容Summary of the invention
本申请实施例提供了一种安全多方计算的实现方法,以解决现有技术中参与计算的各节点之间的任务协作效率低的问题。The embodiments of the present application provide a method for implementing secure multi-party computing to solve the problem of low task collaboration efficiency between nodes participating in computing in the prior art.
本申请实施例提供了一种安全多方计算的实现方法,包括:代理服务器接收第一MPC节点发送的计算请求,其中,第一MPC节点为多个MPC节点中的一个MPC节点,代理服务器中注册有多个MPC节点中各MPC节点的回调函数;响应于计算请求,代理服务器通过调用各MPC节点的回调函数向各MPC节点发送计算请求;在确定各MPC节点均接收到计算请求的情况下,代理服务器通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,其中,计算开始通知用于指示各MPC节点执行安全多方计算。The embodiment of the present application provides a method for implementing secure multi-party computing, including: a proxy server receives a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and the proxy server is registered There are callback functions for each MPC node in multiple MPC nodes; in response to a calculation request, the proxy server sends a calculation request to each MPC node by calling the callback function of each MPC node; in the case where it is determined that each MPC node has received the calculation request, The proxy server sends a calculation start notification to each MPC node by calling the callback function of each MPC node, where the calculation start notification is used to instruct each MPC node to perform secure multi-party calculation.
在一个实施例中,代理服务器注册多个MPC节点中各MPC节点的回调函数,包括:代理服务器接收多个MPC节点中各MPC节点发送的回调注册请求,回调注册请求中携带有对应MPC节点的用户信息和回调函数,用户信息用于标识对应MPC节点;响应于回调注册请求,代理服务器对多个MPC节点中各MPC节点的用户信息和回调函数进行注册。In one embodiment, the proxy server registers the callback function of each MPC node in the multiple MPC nodes, including: the proxy server receives a callback registration request sent by each MPC node in the multiple MPC nodes, and the callback registration request carries the corresponding MPC node User information and callback function, the user information is used to identify the corresponding MPC node; in response to the callback registration request, the proxy server registers the user information and the callback function of each MPC node among the multiple MPC nodes.
在一个实施例中,用户信息包括以下至少之一:用户ID、任务ID、端口ID、公钥和分配密码。In one embodiment, the user information includes at least one of the following: user ID, task ID, port ID, public key, and distribution password.
在一个实施例中,各MPC节点执行安全多方计算,包括:响应于计算开始通知,各MPC节点之间建立直接连接;各MPC节点根据预设的MPC协议执行安全多方计算,其中,各MPC节点之间直接传输计算中间数据。In one embodiment, each MPC node performs secure multi-party calculation, including: in response to a calculation start notification, establishing a direct connection between each MPC node; each MPC node performs secure multi-party calculation according to a preset MPC protocol, where each MPC node Directly transfer intermediate data between calculations.
在一个实施例中,各MPC节点执行安全多方计算,包括:响应于计算开始通知,各MPC节点之间通过代理服务器建立间接连接;各MPC节点根据预设的MPC协议执行安全多方计算,其中,各MPC节点之间通过代理服务器转发计算中间数据。In one embodiment, each MPC node executes secure multi-party computing, including: in response to the calculation start notification, each MPC node establishes an indirect connection through a proxy server; each MPC node performs secure multi-party computing according to a preset MPC protocol, where, Each MPC node forwards and calculates intermediate data through a proxy server.
在一个实施例中,代理服务器转发计算中间数据,包括:代理服务器接收第二MPC节点发送的加密后的计算中间数据,其中,加密后的计算中间数据是由第二MPC节点根据第三MPC节点的公钥对计算中间数据进行加密后获得的,第二MPC节点和第三MPC节点是多个MPC节点中的两个MPC节点;代理服务器通过调用第三MPC节点的回调函数将接收到的加密后的计算中间数据发送至第三MPC节点,其中,第三MPC节点根据自身的私钥对接收到的计算中间数据进行解密,以获取解密后的计算中间数据。In one embodiment, the proxy server forwards the calculation intermediate data, including: the proxy server receives the encrypted calculation intermediate data sent by the second MPC node, where the encrypted calculation intermediate data is generated by the second MPC node according to the third MPC node The second MPC node and the third MPC node are two MPC nodes among multiple MPC nodes; the proxy server encrypts the received data by calling the callback function of the third MPC node. The latter calculation intermediate data is sent to the third MPC node, where the third MPC node decrypts the received calculation intermediate data according to its own private key to obtain the decrypted calculation intermediate data.
在一个实施例中,在各MPC节点执行安全多方计算之后,还包括:代理服务器接收第四MPC节点发送的结果分发请求,其中,第四MPC节点为各MPC节点中的获得计算结果的MPC节点;响应于结果分发请求,代理服务器对计算结果进行分发。In one embodiment, after each MPC node executes the secure multi-party calculation, the method further includes: the proxy server receives the result distribution request sent by the fourth MPC node, where the fourth MPC node is the MPC node that obtains the calculation result among the MPC nodes ; In response to the result distribution request, the proxy server distributes the calculation result.
在一个实施例中,在代理服务器接收第四MPC节点发送的结果分发请求之前,还包括:第四MPC节点确定是否要对获得的计算结果进行分发;在确定要对获得的计算结果进行分发的情况下,第四MPC节点向代理服务器发送结果分发请求,结果分发请求中携带有计算结果。In an embodiment, before the proxy server receives the result distribution request sent by the fourth MPC node, the method further includes: the fourth MPC node determines whether to distribute the obtained calculation result; after determining whether to distribute the obtained calculation result In this case, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result.
在一个实施例中,代理服务器经由防火墙接收多个MPC节点发送的数据和/或请求,并经由防火墙向多个MPC节点发送数据和/或请求。In one embodiment, the proxy server receives data and/or requests sent by multiple MPC nodes via a firewall, and sends data and/or requests to multiple MPC nodes via the firewall.
本申请实施例还提供了一种安全多方计算的实现装置,位于代理服务器中,包括:接收模块,用于接收第一MPC节点发送的计算请求,其中,第一MPC节点为多个MPC节点中的一个MPC节点,代理服务器中注册有多个MPC节点中各MPC节点的回调函数;第一回调模块,用于响应于计算请求,通过调用各MPC节点的回调函数向各MPC节点发送计算请求;第二回调模块,用于在确定各MPC节点均接收到计算请求的情况下,通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,其中,计算开始通知用于指示各MPC节点执行安全多方计算。The embodiment of the present application also provides a device for realizing secure multi-party computing, which is located in the proxy server, and includes: a receiving module for receiving a calculation request sent by a first MPC node, where the first MPC node is among multiple MPC nodes For one MPC node in the Proxy Server, the callback function of each MPC node in multiple MPC nodes is registered in the proxy server; the first callback module is used to send a calculation request to each MPC node by calling the callback function of each MPC node in response to a calculation request; The second callback module is used to send a calculation start notification to each MPC node by calling the callback function of each MPC node when it is determined that each MPC node has received the calculation request. The calculation start notification is used to instruct each MPC node to execute Safe multi-party calculations.
本申请实施例还提供一种计算机设备,包括处理器以及用于存储处理器可执行指令的存储器,所述处理器执行所述指令时实现上述任意实施例中所述的安全多方计算的实现方法的步骤。An embodiment of the present application further provides a computer device including a processor and a memory for storing executable instructions of the processor, and the processor implements the method for implementing secure multi-party computing described in any of the foregoing embodiments when the processor executes the instructions A step of.
本申请实施例还提供一种计算机可读存储介质,其上存储有计算机指令,所述指令被执行时实现上述任意实施例中所述的安全多方计算的实现方法的步骤。The embodiments of the present application also provide a computer-readable storage medium on which computer instructions are stored, which when executed, implement the steps of the method for implementing secure multi-party computing described in any of the foregoing embodiments.
在本申请实施例中,提供了一种安全多方计算的实现方法,通过注册有多个MPC节点中各MPC节点的回调函数的代理服务器接收计算请求,并响应于计算请求,调用各MPC节点的回调函数向各MPC节点发送计算请求,在确定各MPC节点均接收到计算请求的情况下,调用各MPC节点的回调函数向各MPC节点发送计算开始通知,使得各MPC节点执行安全多方计算。上述方案中,通过代理服务器在各MPC节点之间进行计算任务协调,使得可以采用更加灵活可配置的方式构建计算协作服务,从而实现各MPC节点之间的安全多方计算,有效提高任务协作效率以及安全多方计算效率。通过上述方案解决了现有的安全多方计算的任务协作效率低、计算效率低的技术问题,达到了有效提升任务协作的效率和灵活性以及提高安全多方计算的效率的技术效果。In the embodiment of the present application, a method for implementing secure multi-party computing is provided. A proxy server registered with the callback function of each MPC node among multiple MPC nodes receives a calculation request, and in response to the calculation request, calls each MPC node's The callback function sends a calculation request to each MPC node, and when it is determined that each MPC node has received the calculation request, the callback function of each MPC node is called to send a calculation start notification to each MPC node, so that each MPC node performs secure multi-party calculation. In the above solution, the computing task coordination between the MPC nodes is performed through the proxy server, so that a more flexible and configurable way can be used to construct computing collaboration services, thereby achieving secure multi-party computing between MPC nodes, effectively improving the efficiency of task collaboration and Safe multi-party calculation efficiency. Through the above-mentioned solution, the existing technical problems of low task collaboration efficiency and low computational efficiency of secure multi-party computing are solved, and the technical effects of effectively improving the efficiency and flexibility of task collaboration and improving the efficiency of secure multi-party computing are achieved.
附图说明Description of the drawings
此处所说明的附图用来提供对本申请的进一步理解,构成本申请的一部分,并不构成对本申请的限定。在附图中:The drawings described here are used to provide a further understanding of the application, constitute a part of the application, and do not constitute a limitation to the application. In the attached picture:
图1示出了本申请一实施例中的安全多方计算的实现方法的应用场景的示意图;FIG. 1 shows a schematic diagram of an application scenario of a method for implementing secure multi-party computing in an embodiment of the present application;
图2示出了本申请一实施例中的安全多方计算的实现方法的系统架构示意图;FIG. 2 shows a schematic diagram of the system architecture of a method for implementing secure multi-party computing in an embodiment of the present application;
图3示出了本申请一实施例中的安全多方计算的实现方法的流程图;FIG. 3 shows a flowchart of a method for implementing secure multi-party computing in an embodiment of the present application;
图4示出了本申请一实施例中的安全多方计算的实现方法的顺序图;FIG. 4 shows a sequence diagram of a method for implementing secure multi-party computing in an embodiment of the present application;
图5示出了本申请一实施例中的安全多方计算的实现方法的顺序图;FIG. 5 shows a sequence diagram of a method for implementing secure multi-party computing in an embodiment of the present application;
图6示出了本申请一实施例中的安全多方计算的实现装置的示意图;FIG. 6 shows a schematic diagram of a device for implementing secure multi-party computing in an embodiment of the present application;
图7示出了本申请一实施例中的计算机设备的示意图。Fig. 7 shows a schematic diagram of a computer device in an embodiment of the present application.
具体实施方式Detailed ways
下面将参考若干示例性实施方式来描述本申请的原理和精神。应当理解,给出这些实施方式仅仅是为了使本领域技术人员能够更好地理解进而实现本申请,而并非以任何方式限制本申请的范围。相反,提供这些实施方式是为了使本申请公开更加透彻和完整,并且 能够将本公开的范围完整地传达给本领域的技术人员。The principle and spirit of the present application will be described below with reference to several exemplary embodiments. It should be understood that these embodiments are only provided to enable those skilled in the art to better understand and then implement the application, but not to limit the scope of the application in any way. On the contrary, these embodiments are provided to make the disclosure of this application more thorough and complete, and to fully convey the scope of the disclosure to those skilled in the art.
本领域的技术人员知道,本申请的实施方式可以实现为一种系统、装置设备、方法或计算机程序产品。因此,本申请公开可以具体实现为以下形式,即:完全的硬件、完全的软件(包括固件、驻留软件、微代码等),或者硬件和软件结合的形式。Those skilled in the art know that the implementation manners of this application can be implemented as a system, apparatus, method, or computer program product. Therefore, the disclosure of the present application can be specifically implemented in the following forms, namely: complete hardware, complete software (including firmware, resident software, microcode, etc.), or a combination of hardware and software.
本申请实施例提供了一种安全多方计算的实现方法,图1示出了该实现方法的一种应用场景的示意图。在图1中,示意性地示出了代理服务器和多个MPC节点(本申请中,MPC节点的个数可以为2个、3个或3个以上,图1中仅示意性地示出3个MPC节点:MPC节点1、MPC节点2和MPC节点3)。如图1所示,代理服务器中注册有多个MPC节点的用户回调,用户回调包括用户信息和回调函数。代理服务器与各个MPC节点通信连接。代理服务器可以接收多个MPC节点中的任一个MPC节点发送的计算请求,并响应于该计算请求,通过调用各MPC节点的回调函数向各MPC节点发送计算请求,在确定各MPC节点均成功接收计算请求的情况下,通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,各MPC节点响应于计算开始通知进行安全多方计算。The embodiment of the present application provides a method for implementing secure multi-party computing. Fig. 1 shows a schematic diagram of an application scenario of the method. In Figure 1, a proxy server and multiple MPC nodes are schematically shown (in this application, the number of MPC nodes can be 2, 3, or more than 3, and Figure 1 only schematically shows 3 MPC nodes: MPC node 1, MPC node 2, and MPC node 3). As shown in Figure 1, user callbacks of multiple MPC nodes are registered in the proxy server, and user callbacks include user information and callback functions. The proxy server communicates with each MPC node. The proxy server can receive the calculation request sent by any one of the multiple MPC nodes, and in response to the calculation request, send the calculation request to each MPC node by calling the callback function of each MPC node, and confirm that each MPC node successfully receives In the case of a calculation request, a calculation start notification is sent to each MPC node by calling the callback function of each MPC node, and each MPC node performs a secure multi-party calculation in response to the calculation start notification.
其中,上述代理服务器可以是单一的服务器,也可以是服务器集群,或者是云服务器等都可以,具体的组成形成本申请不作限定。上述MPC节点可以是台式电脑、笔记本、手机终端、PDA等,只要是可以与代理服务器进行通信连接并具备计算能力的设备都可以,对于MPC节点的呈现形成,本申请也不作限定。The foregoing proxy server may be a single server, a server cluster, or a cloud server, etc., and the specific composition is not limited in this application. The above-mentioned MPC node may be a desktop computer, a notebook, a mobile phone terminal, a PDA, etc., as long as it is a device that can communicate with a proxy server and has computing capabilities. The present application does not limit the appearance and formation of the MPC node.
图2示出了本申请实施中的安全多方计算的实现方法的一种系统架构示意图。在图2中,示意性地示出了两个MPC节点:MPC节点1和MPC节点2。如图2所示,每个MPC节点可以包括MPC APP(应用程序)、MPC SDK(MPC软件开发工具包)、MPC CORE(MPC核心)和Data Client/Service(数据客户端/服务端)。其中,MPC APP可以接收用户输入的安全多方计算请求。MPC SDK用于提供计算任务业务接口给MPC APP使用,包括注册回调、发起邀请等操作,需要调用Data Client/Service提供的数据通信服务。MPC CORE用于提供MPC协议以实现核心计算任务,进行安全多方计算。Data Client/Service提供输入输出数据客户端或服务端的能力,起到安全多方计算的通信实体的作用。防火墙用于提供可靠、安全且高效的应用防火墙服务。代理服务器用于提供用户注册服务、处理计算请求、协商安全多方计算,并且能能够提供数据通道代理,通过请求和回调方式与数据客户端通信,并提供计算协作服务。FIG. 2 shows a schematic diagram of a system architecture of a method for implementing secure multi-party computing in the implementation of this application. In Fig. 2, two MPC nodes are schematically shown: MPC node 1 and MPC node 2. As shown in Figure 2, each MPC node may include MPC APP (application), MPC SDK (MPC software development kit), MPC CORE (MPC core), and Data Client/Service (data client/server). Among them, MPC APP can receive secure multi-party computing requests input by users. MPC SDK is used to provide computing task service interface for MPC APP to use, including registration callback, initiating invitation and other operations, which need to call data communication services provided by Data Client/Service. MPC CORE is used to provide MPC protocol to achieve core computing tasks and perform secure multi-party computing. Data Client/Service provides input and output data client or server capabilities, and acts as a communication entity for secure multi-party computing. The firewall is used to provide reliable, safe and efficient application firewall services. The proxy server is used to provide user registration services, process computing requests, negotiate secure multi-party computing, and can provide data channel agents, communicate with data clients through requests and callbacks, and provide computing collaboration services.
上述方案中,每个MPC节点都具备数据客户端,数据客户端可以与代理服务器或对端MPC节点进行通信。针对MPC计算中间数据传输方式,MPC节点可以采用以下方式 中的一种:代理传输模式和直接传输模式。其中,在代理传输模式下,MPC节点具备数据客户端的能力,其依赖于代理服务器提供的中转服务来发送数据,然后代理服务器通过回调将数据发送给对端MPC节点。在代理传输模式下,多个MPC节点可以处于不同的网络中,代理服务求相当于一个公网代理,提供数据中转以实现MPC节点之间的数据交换。由于在代理转发模式下计算中间数据发送到了代理服务器,因此可以考虑使用公私钥机制,使用作为接收方的MPC节点的公钥加密计算中间数据,然后再通过代理服务器转发消息,进一步保证计算数据的隐私性。在直接传输模式下,MPC节点开启了数据服务,直接与对端MPC节点建立通信连接,能够直接接收对端MPC节点发送过来的计算中间数据或直接向对端MPC节点发送计算中间数据,由于数据不会泄露给第三方的代理服务器,因此数据的隐私性更高。在实际应用中,可以根据实际情况灵活选用这两种传输方式中的一种。In the above solution, each MPC node has a data client, and the data client can communicate with the proxy server or the opposite MPC node. For the MPC calculation intermediate data transmission method, the MPC node can use one of the following methods: proxy transmission mode and direct transmission mode. Among them, in the proxy transmission mode, the MPC node has the capability of a data client, which relies on the transfer service provided by the proxy server to send data, and then the proxy server sends the data to the opposite MPC node through a callback. In the proxy transmission mode, multiple MPC nodes can be in different networks, and the proxy service is equivalent to a public network proxy, providing data transfer to realize data exchange between MPC nodes. Since the intermediate calculation data is sent to the proxy server in the proxy forwarding mode, you can consider using the public and private key mechanism to encrypt the calculation intermediate data using the public key of the MPC node as the receiver, and then forward the message through the proxy server to further ensure the calculation of the data Privacy. In the direct transmission mode, the MPC node opens the data service, directly establishes a communication connection with the opposite MPC node, and can directly receive the intermediate calculation data sent by the opposite MPC node or directly send the intermediate calculation data to the opposite MPC node. It will not leak to a third-party proxy server, so data privacy is higher. In practical applications, one of these two transmission modes can be flexibly selected according to the actual situation.
请参考图3,示出了本申请一实施例中安全多方计算的实现方法的流程图。虽然本申请提供了如下述实施例或附图所示的方法操作步骤或装置结构,但基于常规或者无需创造性的劳动在所述方法或装置中可以包括更多或者更少的操作步骤或模块单元。在逻辑性上不存在必要因果关系的步骤或结构中,这些步骤的执行顺序或装置的模块结构不限于本申请实施例描述及附图所示的执行顺序或模块结构。所述的方法或模块结构的在实际中的装置或终端产品应用时,可以按照实施例或者附图所示的方法或模块结构连接进行顺序执行或者并行执行(例如并行处理器或者多线程处理的环境,甚至分布式处理环境)。Please refer to FIG. 3, which shows a flowchart of a method for implementing secure multi-party computing in an embodiment of the present application. Although this application provides method operation steps or device structures as shown in the following embodiments or drawings, the method or device may include more or fewer operation steps or module units based on conventional or no creative labor. . In steps or structures where there is no necessary causal relationship logically, the execution order of these steps or the module structure of the device is not limited to the execution order or module structure shown in the description of the embodiments of this application and the drawings. When the described method or module structure is applied to an actual device or terminal product, it can be executed sequentially or in parallel according to the method or module structure connection shown in the embodiments or drawings (for example, parallel processor or multi-threaded processing Environment, even distributed processing environment).
具体地,如图3所示,本申请一种实施例提供的安全多方计算的实现方法可以包括以下步骤:Specifically, as shown in FIG. 3, the method for implementing secure multi-party computing provided by an embodiment of the present application may include the following steps:
步骤301,代理服务器接收第一MPC节点发送的计算请求,其中,第一MPC节点为多个MPC节点中的一个MPC节点,代理服务器中注册有多个MPC节点中各MPC节点的回调函数。Step 301: The proxy server receives a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and the proxy server registers a callback function of each MPC node among the multiple MPC nodes.
具体地,代理服务器中注册有参与安全多方计算的多个MPC节点中各节点的回调函数。其中,回调函数可以包括但不限于以下至少之一:邀请回调函数、准备回调函数、数据回调函数、结果回调函数。代理服务器可以接收多个MPC节点中的第一MPC节点发送的计算请求。该计算请求可以为计算邀请请求。Specifically, the proxy server is registered with the callback function of each of the multiple MPC nodes participating in the secure multi-party calculation. The callback function may include but is not limited to at least one of the following: an invitation callback function, a preparation callback function, a data callback function, and a result callback function. The proxy server may receive the calculation request sent by the first MPC node among the multiple MPC nodes. The calculation request may be a calculation invitation request.
步骤302,响应于计算请求,代理服务器通过调用各MPC节点的回调函数向各MPC节点发送计算请求。Step 302: In response to the calculation request, the proxy server sends the calculation request to each MPC node by calling the callback function of each MPC node.
具体地,在接收到计算请求后,代理服务器响应于该计算请求,可以通过调用各MPC节点的邀请回调函数向包括第一MPC节点的各MPC节点发送计算请求,以邀请各MPC 节点参与安全多方计算。Specifically, after receiving the calculation request, in response to the calculation request, the proxy server can send a calculation request to each MPC node including the first MPC node by invoking the invitation callback function of each MPC node, so as to invite each MPC node to participate in the secure multi-party Calculation.
步骤303,在确定各MPC节点均接收到计算请求的情况下,代理服务器通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,其中,计算开始通知用于指示各MPC节点执行安全多方计算。Step 303: When it is determined that each MPC node has received the calculation request, the proxy server sends a calculation start notification to each MPC node by calling the callback function of each MPC node, where the calculation start notification is used to instruct each MPC node to perform secure multi-party Calculation.
具体地,在向各MPC节点发送计算请求之后,代理服务器确定是否各MPC节点均接收到该计算请求。由于代理服务器是通过调用回调函数来发送计算请求的,所以代理服务器可以根据回调函数是否执行成功来确定各MPC节点是否均接收到该计算请求。在确定各MPC节点均接收到计算请求的情况下,代理服务器可以通过调用各MPC节点的准备回调函数向各MPC节点发送计算开始通知。该计算开始通知用于告知各MPC节点均准备就绪,可以开始安全多方计算。各MPC节点响应于计算开始通知,执行安全多方计算。Specifically, after sending the calculation request to each MPC node, the proxy server determines whether each MPC node has received the calculation request. Since the proxy server sends the calculation request by calling the callback function, the proxy server can determine whether each MPC node has received the calculation request according to whether the callback function is executed successfully. In the case where it is determined that each MPC node has received the calculation request, the proxy server may send a calculation start notification to each MPC node by calling the preparation callback function of each MPC node. The calculation start notification is used to inform that each MPC node is ready to start secure multi-party calculation. Each MPC node executes secure multi-party calculation in response to the calculation start notification.
上述实施例中的安全多方计算的实现方法,通过注册有多个MPC节点中各MPC节点的回调函数的代理服务器接收计算请求,并响应于计算请求,调用各MPC节点的回调函数向各MPC节点发送计算请求,在确定各MPC节点均接收到计算请求的情况下,调用各MPC节点的回调函数向各MPC节点发送计算开始通知,使得各MPC节点执行安全多方计算。上述方案中,通过代理服务器在各MPC节点之间进行计算任务协调,使得可以采用更加灵活可配置的方式构建计算协作服务,从而实现各MPC节点之间的安全多方计算,有效提高任务协作效率以及安全多方计算效率。通过上述方案解决了现有的安全多方计算的任务协作效率低、计算效率低的技术问题,达到了有效提升任务协作的效率和灵活性以及提高安全多方计算的效率的技术效果。In the implementation method of secure multi-party computing in the above embodiment, a proxy server registered with the callback function of each MPC node among multiple MPC nodes receives a calculation request, and in response to the calculation request, calls the callback function of each MPC node to each MPC node. Send a calculation request, and when it is determined that each MPC node has received the calculation request, call the callback function of each MPC node to send a calculation start notification to each MPC node, so that each MPC node performs secure multi-party calculation. In the above solution, the computing task coordination between the MPC nodes is performed through the proxy server, so that a more flexible and configurable way can be used to construct computing collaboration services, thereby achieving secure multi-party computing between MPC nodes, effectively improving the efficiency of task collaboration and Safe multi-party calculation efficiency. Through the above-mentioned solution, the existing technical problems of low task collaboration efficiency and low computational efficiency of secure multi-party computing are solved, and the technical effects of effectively improving the efficiency and flexibility of task collaboration and improving the efficiency of secure multi-party computing are achieved.
进一步地,在本申请一些实施例中,代理服务器注册多个MPC节点中各MPC节点的回调函数,可以包括:代理服务器接收多个MPC节点中各MPC节点发送的回调注册请求,回调注册请求中携带有对应MPC节点的用户信息和回调函数,用户信息用于标识对应MPC节点;响应于回调注册请求,代理服务器对多个MPC节点中各MPC节点的用户信息和回调函数进行注册。在本申请一些实施例中,用户信息可以包括以下至少之一:用户ID、任务ID、端口ID、公钥和分配密码。其中,代理服务器可以根据分配密码对各MPC节点进行验证,在验证通过后,才会对该MPC节点进行用户回调注册。通过上述方式,可以在代理服务器中注册各MPC节点的回调函数和用户信息,使得在MPC节点接收到计算邀请时通过回调向各MPC节点发送计算请求和计算开始通知,从而使得各MPC节点执行安全多方计算。Further, in some embodiments of the present application, the proxy server registering the callback function of each MPC node in the multiple MPC nodes may include: the proxy server receives the callback registration request sent by each MPC node in the multiple MPC nodes, and the callback registration request The user information and callback function of the corresponding MPC node are carried, and the user information is used to identify the corresponding MPC node; in response to the callback registration request, the proxy server registers the user information and the callback function of each MPC node among the multiple MPC nodes. In some embodiments of the present application, the user information may include at least one of the following: user ID, task ID, port ID, public key, and distribution password. Among them, the proxy server can verify each MPC node according to the assigned password, and after the verification is passed, the user callback registration of the MPC node will be performed. Through the above method, the callback function and user information of each MPC node can be registered in the proxy server, so that when the MPC node receives the calculation invitation, the calculation request and the calculation start notification are sent to each MPC node through the callback, so that each MPC node executes safely. Multi-party calculations.
考虑到各MPC节点之间可以通过直接传输模式来传输计算中间数据,因此,在本申 请一些实施例中,各MPC节点执行安全多方计算,可以包括:响应于计算开始通知,各MPC节点之间建立直接连接;各MPC节点根据预设的MPC协议执行安全多方计算,其中,各MPC节点之间直接传输计算中间数据。其中,各MPC节点之间建立直接连接时,获取对端的连接信息、服务地址和端口IP地址,以便于后续直接传输计算中间数据。通过上述方式,各MPC节点执行安全多方计算时,直接传输计算中间数据,无需通过代理服务器转发,可以更好地保护数据隐私。Considering that the intermediate calculation data can be transmitted between the MPC nodes through the direct transmission mode, therefore, in some embodiments of the present application, each MPC node performs secure multi-party calculations, which may include: in response to the calculation start notification, between the MPC nodes Establish a direct connection; each MPC node executes secure multi-party calculations according to the preset MPC protocol, among which the intermediate data of calculation is directly transmitted between each MPC node. Among them, when a direct connection is established between each MPC node, the connection information, service address, and port IP address of the opposite end are obtained, so as to facilitate subsequent direct transmission and calculation of intermediate data. Through the above method, when each MPC node performs secure multi-party calculation, the intermediate calculation data is directly transmitted without forwarding through a proxy server, which can better protect data privacy.
考虑到各MPC节点可能处于不同的网络,无法直接建立通信连接,因此,可以通过代理服务器转发计算中间数据,即可以通过代理传输模式来传输计算中间数据。因此,在本申请一些实施例中,各MPC节点执行安全多方计算,可以包括:响应于计算开始通知,各MPC节点之间通过代理服务器建立间接连接;各MPC节点根据预设的MPC协议执行安全多方计算,其中,各MPC节点之间通过代理服务器转发计算中间数据。其中,代理服务器提供公网IP,使得处于不同网络的多个MPC节点之间通过代理服务器建立通信连接,实现内外网通信,还可以用于监控网络质量、进行流量监控,带宽监控等。通过上述方式,可以使得处于不同网络的多个MPC节点之间通过代理服务器建立间接连接,从而实现处于不同网络中的多个MPC节点可以协作执行安全多方计算。Considering that each MPC node may be in a different network and cannot directly establish a communication connection, therefore, the intermediate calculation data can be forwarded through the proxy server, that is, the intermediate calculation data can be transmitted through the proxy transmission mode. Therefore, in some embodiments of the present application, each MPC node performing secure multi-party computing may include: in response to the calculation start notification, each MPC node establishes an indirect connection through a proxy server; each MPC node performs security according to a preset MPC protocol Multi-party calculations, where each MPC node forwards intermediate calculation data through a proxy server. Among them, the proxy server provides the public network IP, so that multiple MPC nodes in different networks establish communication connections through the proxy server to realize internal and external network communication. It can also be used to monitor network quality, perform traffic monitoring, and bandwidth monitoring. Through the above method, indirect connections can be established between multiple MPC nodes in different networks through a proxy server, so that multiple MPC nodes in different networks can cooperate to perform secure multi-party computing.
在代理转发模式下,计算中间数据通过代理服务器转发,为了保护数据隐私,可以对计算中间数据进行加密后再进行转发。因此,在本申请一些实施例中,代理服务器转发计算中间数据,可以包括:代理服务器接收第二MPC节点发送的加密后的计算中间数据,其中,加密后的计算中间数据是由第二MPC节点根据第三MPC节点的公钥对计算中间数据进行加密后获得的,第二MPC节点和第三MPC节点是多个MPC节点中的两个MPC节点;代理服务器通过调用第三MPC节点的回调函数将接收到的加密后的计算中间数据发送至第三MPC节点,其中,第三MPC节点根据自身的私钥对接收到的计算中间数据进行解密,以获取解密后的计算中间数据。通过上述方式,对计算中间数据进行加密后再进行转发,可以保护代理传输模式下的数据隐私。In the proxy forwarding mode, the intermediate calculation data is forwarded through the proxy server. To protect data privacy, the intermediate calculation data can be encrypted before forwarding. Therefore, in some embodiments of the present application, the proxy server forwarding the calculation intermediate data may include: the proxy server receives the encrypted calculation intermediate data sent by the second MPC node, where the encrypted calculation intermediate data is generated by the second MPC node It is obtained by encrypting the intermediate calculation data according to the public key of the third MPC node. The second MPC node and the third MPC node are two of the multiple MPC nodes; the proxy server calls the callback function of the third MPC node The received encrypted intermediate calculation data is sent to the third MPC node, where the third MPC node decrypts the received intermediate calculation data according to its own private key to obtain the decrypted intermediate calculation data. Through the above method, the intermediate calculation data is encrypted and then forwarded, which can protect data privacy in the proxy transmission mode.
在各MPC节点进行安全多方计算之后,一般由其中一个MPC节点获取计算结果,为了将计算结果分发给其他MPC节点,可以通过代理服务器分发计算结果。因此,在本申请一些实施例中,在各MPC节点执行安全多方计算之后,还可以包括:代理服务器接收第四MPC节点发送的结果分发请求,其中,第四MPC节点为各MPC节点中的获得计算结果的MPC节点;响应于结果分发请求,代理服务器对计算结果进行分发。通过上述方式,可以通过代理服务器对计算结果进行分发。After each MPC node performs a secure multi-party calculation, one of the MPC nodes generally obtains the calculation result. In order to distribute the calculation result to other MPC nodes, the calculation result can be distributed through a proxy server. Therefore, in some embodiments of the present application, after each MPC node executes the secure multi-party calculation, it may also include: the proxy server receives the result distribution request sent by the fourth MPC node, where the fourth MPC node is the acquisition in each MPC node The MPC node of the calculation result; in response to the result distribution request, the proxy server distributes the calculation result. Through the above method, the calculation result can be distributed through the proxy server.
进一步地,在本申请一些实施例中,在代理服务器接收第四MPC节点发送的结果分发请求之前,还可以包括:第四MPC节点确定是否要对获得的计算结果进行分发;在确定要对获得的计算结果进行分发的情况下,第四MPC节点向代理服务器发送结果分发请求,结果分发请求中携带有计算结果。其中,第四MPC节点可以根据配置文件或代码确定是否需要对获得的计算结果进行分发,在确定要对获得的计算结果进行分发的情况下,第四MPC节点向代理服务器发送结果分发请求,结果分发请求中携带有计算结果。通过上述方式,可以根据需要确定是否对计算结果进行分发。Further, in some embodiments of the present application, before the proxy server receives the result distribution request sent by the fourth MPC node, it may further include: the fourth MPC node determines whether to distribute the obtained calculation result; In the case of distributing the calculation result of, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result. Among them, the fourth MPC node can determine whether the obtained calculation result needs to be distributed according to the configuration file or code. In the case of determining that the obtained calculation result is to be distributed, the fourth MPC node sends a result distribution request to the proxy server. The calculation result is carried in the distribution request. Through the above method, whether to distribute the calculation result can be determined as needed.
为了保证数据通信的安全性,可以经由防火墙来发送或接收数据。因此,在本申请一些实施例中,代理服务器可以经由防火墙接收多个MPC节点发送的数据和/或请求,可以经由防火墙向多个MPC节点发送数据和/或请求。通过上述方式,可以提供可靠、安全且高效的应用防火墙服务,进一步保护数据隐私和数据安全性。To ensure the security of data communication, data can be sent or received via a firewall. Therefore, in some embodiments of the present application, the proxy server may receive data and/or requests sent by multiple MPC nodes via a firewall, and may send data and/or requests to multiple MPC nodes via the firewall. Through the above method, a reliable, safe and efficient application firewall service can be provided to further protect data privacy and data security.
下面结合两个具体实施例对上述方法进行说明,然而,值得注意的是,该具体实施例仅是为了更好地说明本申请,并不构成对本申请的不当限定。The above method will be described below in combination with two specific embodiments. However, it is worth noting that the specific embodiments are only for better describing the application, and do not constitute an improper limitation of the application.
请参考图4和图5,分别示出了直接传输模式下的安全多方计算实现方法的顺序图和代理传输模式下的安全多方计算实现方法的顺序图。在图4和图5中均示出两个MPC节点作为示例。Please refer to FIG. 4 and FIG. 5, which respectively show a sequence diagram of the method for implementing secure multiparty computing in the direct transmission mode and a sequence diagram of the method for implementing secure multiparty computing in the proxy transmission mode. Two MPC nodes are shown as examples in both Fig. 4 and Fig. 5.
如图4所示,安全多方计算实现方法可以包括以下步骤:As shown in Figure 4, the method for implementing secure multi-party computing may include the following steps:
步骤1,MPC节点1和MPC节点2进行预处理,主要由MPC APP载入相关的配置、准备好计算环境、缓存MPC计算的布尔电路等;Step 1. MPC node 1 and MPC node 2 are pre-processed, and MPC APP loads related configurations, prepares the computing environment, and caches the Boolean circuit calculated by MPC, etc.;
步骤2,MPC节点1和MPC节点2分别向代理服务器发送用户回调注册请求,代理服务器响应于用户回调注册请求,将MPC节点1和MPC节点2的用户回调注册到代理服务器中;Step 2: MPC node 1 and MPC node 2 respectively send user callback registration requests to the proxy server, and the proxy server responds to the user callback registration request and registers the user callbacks of MPC node 1 and MPC node 2 to the proxy server;
步骤3,MPC节点1向代理服务器发送MPC计算邀请;Step 3: MPC node 1 sends an MPC calculation invitation to the proxy server;
步骤4,代理服务器响应于MPC计算邀请,向MPC节点1和MPC节点2发送邀请回调;Step 4. In response to the MPC calculation invitation, the proxy server sends an invitation callback to MPC node 1 and MPC node 2;
步骤5,代理服务器在确定所有邀请回调均执行成功的情况下,向MPC节点1和MPC节点2发送准备回调;Step 5. The proxy server sends a preparation callback to the MPC node 1 and the MPC node 2 when it determines that all invitation callbacks are executed successfully;
步骤6,MPC节点1和MPC节点2响应于准备回调,建立直接连接,执行MPC计算,在MPC计算过程中,MPC节点1和MPC节点2之间直接传输计算中间数据;Step 6, MPC node 1 and MPC node 2 establish a direct connection in response to preparing a callback, and perform MPC calculation. During the MPC calculation process, MPC node 1 and MPC node 2 directly transmit intermediate calculation data;
步骤7,MPC节点2获得计算结果后,在确定不需分发计算结果的情况下,执行步骤 9;在确定要将计算结果发送至MPC节点1的情况下,执行步骤8;Step 7. After the MPC node 2 obtains the calculation result, if it is determined that the calculation result does not need to be distributed, execute step 9; if it is determined to send the calculation result to the MPC node 1, execute step 8;
步骤8,MPC节点2将计算结果发送至代理服务器,代理服务器通过计算结果回调将计算结果发送至MPC节点1;Step 8. The MPC node 2 sends the calculation result to the proxy server, and the proxy server sends the calculation result to the MPC node 1 through the calculation result callback;
步骤9,结束。Step 9, end.
如图5所示,安全多方计算实现方法包括以下步骤:As shown in Figure 5, the method for implementing secure multiparty computing includes the following steps:
步骤1,MPC节点1和MPC节点2进行预处理,主要由MPC APP载入相关的配置、准备好计算环境、缓存MPC计算的布尔电路等;Step 1. MPC node 1 and MPC node 2 are pre-processed, and MPC APP loads related configurations, prepares the computing environment, and caches the Boolean circuit calculated by MPC, etc.;
步骤2,MPC节点1和MPC节点2分别向代理服务器发送用户回调注册请求,代理服务器响应于用户回调注册请求,将MPC节点1和MPC节点2的用户回调注册到代理服务器中;Step 2: MPC node 1 and MPC node 2 respectively send user callback registration requests to the proxy server, and the proxy server responds to the user callback registration request and registers the user callbacks of MPC node 1 and MPC node 2 to the proxy server;
步骤3,MPC节点1向代理服务器发送MPC计算邀请;Step 3: MPC node 1 sends an MPC calculation invitation to the proxy server;
步骤4,代理服务器响应于MPC计算邀请,向MPC节点1和MPC节点2发送邀请回调;Step 4. In response to the MPC calculation invitation, the proxy server sends an invitation callback to MPC node 1 and MPC node 2;
步骤5,代理服务器在确定所有邀请回调均执行成功的情况下,向MPC节点1和MPC节点2发送准备回调;Step 5. The proxy server sends a preparation callback to the MPC node 1 and the MPC node 2 when it determines that all invitation callbacks are executed successfully;
步骤6,MPC节点1和MPC节点2响应于准备回调,通过代理服务器建立间接连接,执行MPC计算,在MPC计算过程中,MPC节点1和MPC节点2之间通过代理服务器转发来传输计算中间数据,其中,代理服务器通过数据回调来转发数据,在通过代理服务器转发数据之前,作为发送方的MPC节点根据作为接收方的MPC节点的公钥对数据进行加密,在作为接收方的MPC节点接收到数据之后,根据自身的私钥进行解密,以获取解密后的数据;Step 6, MPC node 1 and MPC node 2 respond to the preparation of the callback, establish an indirect connection through the proxy server, and perform MPC calculation. During the MPC calculation process, MPC node 1 and MPC node 2 transmit intermediate calculation data through proxy server forwarding. , Where the proxy server forwards the data through data callback. Before forwarding the data through the proxy server, the MPC node as the sender encrypts the data according to the public key of the MPC node as the receiver, and the data is received at the MPC node as the receiver After the data, decrypt it according to its own private key to obtain the decrypted data;
步骤7,MPC节点2获得计算结果后,在确定不需分发计算结果的情况下,执行步骤9;在确定要将计算结果发送至MPC节点1的情况下,执行步骤8;Step 7. After the MPC node 2 obtains the calculation result, if it is determined that the calculation result does not need to be distributed, execute step 9; if it is determined to send the calculation result to the MPC node 1, execute step 8;
步骤8,MPC节点2将计算结果发送至代理服务器,代理服务器通过计算结果回调将计算结果发送至MPC节点1;Step 8. The MPC node 2 sends the calculation result to the proxy server, and the proxy server sends the calculation result to the MPC node 1 through the calculation result callback;
步骤9,结束。Step 9, end.
由上述两个实施例中的安全多方计算的实现方法可知,本申请提供的安全多方计算方法可以提供多种方式建立通信网络,包括:公网方式、内网方式和内网公网结合等方式;还可以通过在通道之上提供防火墙服务来构建可靠数据传输通道,本申请通过设置代理服务器,负责协调计算任务,比如MPC节点注册、计算邀请、连接建立、计算过程代理等, 可以简化协作处理流程,使得可以采用更加灵活、可配置的方式构建计算协作服务,提供可定制的网络配置能力,使得计算调度和执行更加高效,从而提高安全多方计算效率,保证数据隐私。From the implementation methods of secure multi-party computing in the above two embodiments, it can be seen that the secure multi-party computing method provided in this application can provide multiple ways to establish a communication network, including: public network, intranet, and intranet and public network combination, etc. ; It is also possible to build a reliable data transmission channel by providing firewall services on the channel. This application is responsible for coordinating calculation tasks by setting up a proxy server, such as MPC node registration, calculation invitation, connection establishment, calculation process proxy, etc., which can simplify collaborative processing The process enables the construction of computing collaboration services in a more flexible and configurable manner, provides customizable network configuration capabilities, makes computing scheduling and execution more efficient, thereby improving the efficiency of secure multi-party computing and ensuring data privacy.
基于同一发明构思,本申请实施例中还提供了一种安全多方计算的实现装置,位于代理服务器中,如下面的实施例所述。由于安全多方计算的实现装置解决问题的原理与安全多方计算的实现方法相似,因此安全多方计算的实现装置的实施可以参见安全多方计算的实现方法的实施,重复之处不再赘述。以下所使用的,术语“单元”或者“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。图6是本申请实施例的安全多方计算的实现装置的一种结构框图,如图6所示,包括:接收模块601、第一回调模块602和第二回调模块603,下面对该结构进行说明。Based on the same inventive concept, an implementation device for secure multi-party computing is also provided in an embodiment of the present application, which is located in a proxy server, as described in the following embodiment. Since the problem-solving principle of the device for implementing secure multiparty computing is similar to the method for implementing secure multiparty computing, the implementation of the device for implementing secure multiparty computing can refer to the implementation of secure multiparty computing, and the repetition will not be repeated. As used below, the term "unit" or "module" can be a combination of software and/or hardware that implements predetermined functions. Although the devices described in the following embodiments are preferably implemented by software, hardware or a combination of software and hardware is also possible and conceived. Fig. 6 is a structural block diagram of the device for implementing secure multi-party computing according to an embodiment of the present application. As shown in Fig. 6, it includes: a receiving module 601, a first callback module 602, and a second callback module 603. Description.
接收模块601用于接收第一MPC节点发送的计算请求,其中,第一MPC节点为多个MPC节点中的一个MPC节点,代理服务器中注册有多个MPC节点中各MPC节点的回调函数。The receiving module 601 is configured to receive a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and a callback function of each MPC node among the multiple MPC nodes is registered in the proxy server.
第一回调模块602用于响应于计算请求,通过调用各MPC节点的回调函数向各MPC节点发送计算请求。The first callback module 602 is configured to send a calculation request to each MPC node by calling the callback function of each MPC node in response to the calculation request.
第二回调模块603用于在确定各MPC节点均接收到计算请求的情况下,通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,其中,计算开始通知用于指示各MPC节点执行安全多方计算。The second callback module 603 is used to send a calculation start notification to each MPC node by calling the callback function of each MPC node when it is determined that each MPC node has received the calculation request, wherein the calculation start notification is used to instruct each MPC node to execute Safe multi-party calculations.
在本申请一些实施例中,安全多方计算的实现装置还可以包括注册模块,所述注册模块用于在代理服务器中注册多个MPC节点中各MPC节点的回调函数,所述注册模块可以具体用于:接收多个MPC节点中各MPC节点发送的回调注册请求,回调注册请求中携带有对应MPC节点的用户信息和回调函数,用户信息用于标识对应MPC节点;响应于回调注册请求,对多个MPC节点中各MPC节点的用户信息和回调函数进行注册。In some embodiments of the present application, the device for implementing secure multi-party computing may further include a registration module, the registration module is used to register the callback function of each MPC node of the multiple MPC nodes in the proxy server, and the registration module may be specifically used In: Receive a callback registration request sent by each MPC node in multiple MPC nodes, the callback registration request carries the user information and callback function of the corresponding MPC node, and the user information is used to identify the corresponding MPC node; in response to the callback registration request, User information and callback functions of each MPC node in each MPC node are registered.
在本申请一些实施例中,用户信息可以包括以下至少之一:用户ID、任务ID、端口ID、公钥和分配密码。In some embodiments of the present application, the user information may include at least one of the following: user ID, task ID, port ID, public key, and distribution password.
在本申请一些实施例中,各MPC节点执行安全多方计算,可以包括:响应于计算开始通知,各MPC节点之间建立直接连接;各MPC节点根据预设的MPC协议执行安全多方计算,其中,各MPC节点之间直接传输计算中间数据。In some embodiments of the present application, each MPC node performing secure multi-party computing may include: in response to a calculation start notification, establishing a direct connection between each MPC node; each MPC node performing secure multi-party computing according to a preset MPC protocol, where: Each MPC node directly transmits and calculates intermediate data.
在本申请一些实施例中,各MPC节点执行安全多方计算,可以包括:响应于计算开 始通知,各MPC节点之间通过代理服务器建立间接连接;各MPC节点根据预设的MPC协议执行安全多方计算,其中,各MPC节点之间通过代理服务器转发计算中间数据。In some embodiments of the present application, each MPC node performing secure multi-party computing may include: in response to a calculation start notification, establishing an indirect connection between each MPC node through a proxy server; each MPC node performing secure multi-party computing according to a preset MPC protocol , Among them, each MPC node forwards and calculates intermediate data through a proxy server.
在本申请一些实施例中,安全多方计算的实现装置还可以包括转发模块,用于转发计算中间数据,所述转发模块可以具体用于:接收第二MPC节点发送的加密后的计算中间数据,其中,加密后的计算中间数据是由第二MPC节点根据第三MPC节点的公钥对计算中间数据进行加密后获得的,第二MPC节点和第三MPC节点是多个MPC节点中的两个MPC节点;通过调用第三MPC节点的回调函数将接收到的加密后的计算中间数据发送至第三MPC节点,其中,第三MPC节点根据自身的私钥对接收到的计算中间数据进行解密,以获取解密后的计算中间数据。In some embodiments of the present application, the device for implementing secure multi-party computing may further include a forwarding module for forwarding intermediate calculation data, and the forwarding module may be specifically configured to: receive the encrypted intermediate calculation data sent by the second MPC node, Among them, the encrypted intermediate calculation data is obtained by the second MPC node after encrypting the intermediate calculation data according to the public key of the third MPC node. The second MPC node and the third MPC node are two of the multiple MPC nodes. MPC node: Send the received encrypted intermediate calculation data to the third MPC node by calling the callback function of the third MPC node, where the third MPC node decrypts the received intermediate calculation data according to its own private key, To obtain the decrypted intermediate data.
在本申请一些实施例中,安全多方计算的实现装置还可以包括分发模块,所述分发模块具体用于:在各MPC节点执行安全多方计算之后,接收第四MPC节点发送的结果分发请求,其中,第四MPC节点为各MPC节点中的获得计算结果的MPC节点;响应于结果分发请求,对计算结果进行分发。In some embodiments of the present application, the device for implementing secure multi-party computing may further include a distribution module, which is specifically configured to: after each MPC node executes secure multi-party computing, receive a result distribution request sent by the fourth MPC node, where , The fourth MPC node is the MPC node that obtains the calculation result among the MPC nodes; in response to the result distribution request, the calculation result is distributed.
在本申请一些实施例中,在分发模块接收第四MPC节点发送的结果分发请求之前,第四MPC节点确定是否要对获得的计算结果进行分发;在确定要对获得的计算结果进行分发的情况下,第四MPC节点向代理服务器发送结果分发请求,结果分发请求中携带有计算结果。In some embodiments of the present application, before the distribution module receives the result distribution request sent by the fourth MPC node, the fourth MPC node determines whether to distribute the obtained calculation result; in the case where it is determined to distribute the obtained calculation result Next, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result.
在本申请一些实施例中,安全多方计算的实现装置可以经由防火墙接收多个MPC节点发送的数据和/或请求,可以经由防火墙向多个MPC节点发送数据和/或请求。In some embodiments of the present application, the device for implementing secure multi-party computing may receive data and/or requests sent by multiple MPC nodes via a firewall, and may send data and/or requests to multiple MPC nodes via the firewall.
从以上的描述中,可以看出,本申请实施例实现了如下技术效果:通过注册有多个MPC节点中各MPC节点的回调函数的代理服务器接收计算请求,并响应于计算请求,调用各MPC节点的回调函数向各MPC节点发送计算请求,在确定各MPC节点均接收到计算请求的情况下,调用各MPC节点的回调函数向各MPC节点发送计算开始通知,使得各MPC节点执行安全多方计算。上述方案中,通过代理服务器在各MPC节点之间进行计算任务协调,使得可以采用更加灵活可配置的方式构建计算协作服务,从而实现各MPC节点之间的安全多方计算,有效提高任务协作效率以及安全多方计算效率。通过上述方案解决了现有的安全多方计算的任务协作效率低、计算效率低的技术问题,达到了有效提升任务协作的效率和灵活性以及提高安全多方计算的效率的技术效果。From the above description, it can be seen that the embodiments of the present application achieve the following technical effects: the proxy server registered with the callback function of each MPC node among the multiple MPC nodes receives the calculation request, and in response to the calculation request, calls each MPC The callback function of the node sends a calculation request to each MPC node. When it is determined that each MPC node has received the calculation request, the callback function of each MPC node is called to send a calculation start notification to each MPC node, so that each MPC node performs secure multi-party calculation . In the above solution, the computing task coordination between the MPC nodes is performed through the proxy server, so that a more flexible and configurable way can be used to construct computing collaboration services, thereby achieving secure multi-party computing between MPC nodes, effectively improving the efficiency of task collaboration and Safe multi-party calculation efficiency. Through the above-mentioned solution, the existing technical problems of low task collaboration efficiency and low computational efficiency of secure multi-party computing are solved, and the technical effects of effectively improving the efficiency and flexibility of task collaboration and improving the efficiency of secure multi-party computing are achieved.
本申请实施方式还提供了一种计算机设备,具体可以参阅图7所示的基于本申请实施例提供的安全多方计算的实现方法的计算机设备组成结构示意图,所述计算机设备具体可 以包括输入设备71、处理器72、存储器73。其中,所述存储器73用于存储处理器可执行指令。所述处理器72执行所述指令时实现上述任意实施例中所述的安全多方计算的实现方法的步骤。The embodiment of the present application also provides a computer device. For details, please refer to the schematic diagram of the structure of a computer device based on the method for implementing secure multi-party computing provided by the embodiment of the present application shown in FIG. 7. The computer device may specifically include an input device 71 , Processor 72, memory 73. Wherein, the memory 73 is used to store processor executable instructions. The processor 72 implements the steps of the method for implementing secure multi-party computing described in any of the foregoing embodiments when executing the instructions.
在本实施方式中,所述输入设备具体可以是用户和计算机系统之间进行信息交换的主要装置之一。所述输入设备可以包括键盘、鼠标、摄像头、扫描仪、光笔、手写输入板、语音输入装置等;输入设备用于把原始数据和处理这些数的程序输入到计算机中。所述输入设备还可以获取接收其他模块、单元、设备传输过来的数据。所述处理器可以按任何适当的方式实现。例如,处理器可以采取例如微处理器或处理器以及存储可由该(微)处理器执行的计算机可读程序代码(例如软件或固件)的计算机可读介质、逻辑门、开关、专用集成电路(Application Specific Integrated Circuit,ASIC)、可编程逻辑控制器和嵌入微控制器的形式等等。所述存储器具体可以是现代信息技术中用于保存信息的记忆设备。所述存储器可以包括多个层次,在数字系统中,只要能保存二进制数据的都可以是存储器;在集成电路中,一个没有实物形式的具有存储功能的电路也叫存储器,如RAM、FIFO等;在系统中,具有实物形式的存储设备也叫存储器,如内存条、TF卡等。In this embodiment, the input device may specifically be one of the main devices for information exchange between the user and the computer system. The input device may include a keyboard, a mouse, a camera, a scanner, a light pen, a handwriting input board, a voice input device, etc.; the input device is used to input raw data and programs for processing these numbers into the computer. The input device can also obtain and receive data transmitted from other modules, units, and devices. The processor can be implemented in any suitable way. For example, the processor may take the form of a microprocessor or a processor and a computer-readable medium, logic gates, switches, application specific integrated circuits that store computer-readable program codes (such as software or firmware) executable by the (micro)processor ( Application Specific Integrated Circuit, ASIC), programmable logic controller and embedded microcontroller form, etc. The memory may specifically be a memory device used to store information in modern information technology. The memory can include multiple levels. In a digital system, as long as it can store binary data, it can be a memory; in an integrated circuit, a circuit with a storage function without a physical form is also called a memory, such as RAM, FIFO, etc.; In the system, storage devices in physical form are also called memory, such as memory sticks, TF cards, etc.
在本实施方式中,该计算机设备具体实现的功能和效果,可以与其它实施方式对照解释,在此不再赘述。In this embodiment, the specific functions and effects implemented by the computer device can be explained in comparison with other embodiments, and will not be repeated here.
本申请实施方式中还提供了一种基于安全多方计算的实现方法的计算机存储介质,所述计算机存储介质存储有计算机程序指令,在所述计算机程序指令被执行时实现上述任意实施例中所述安全多方计算的实现方法的步骤。The embodiment of the present application also provides a computer storage medium based on a method for realizing secure multi-party computing. The computer storage medium stores computer program instructions, and when the computer program instructions are executed, the computer program instructions described in any of the foregoing embodiments are implemented. Steps of the implementation method of secure multi-party computing.
在本实施方式中,上述存储介质包括但不限于随机存取存储器(Random Access Memory,RAM)、只读存储器(Read-Only Memory,ROM)、缓存(Cache)、硬盘(Hard Disk Drive,HDD)或者存储卡(Memory Card)。所述存储器可以用于存储计算机程序指令。网络通信单元可以是依照通信协议规定的标准设置的,用于进行网络连接通信的接口。In this embodiment, the above-mentioned storage medium includes but is not limited to random access memory (Random Access Memory, RAM), read-only memory (Read-Only Memory, ROM), cache (Cache), and hard disk (Hard Disk Drive, HDD) Or memory card (Memory Card). The memory can be used to store computer program instructions. The network communication unit may be an interface set up in accordance with a standard stipulated by the communication protocol and used for network connection communication.
在本实施方式中,该计算机存储介质存储的程序指令具体实现的功能和效果,可以与其它实施方式对照解释,在此不再赘述。In this embodiment, the specific functions and effects realized by the program instructions stored in the computer storage medium can be explained in comparison with other embodiments, and will not be repeated here.
显然,本领域的技术人员应该明白,上述的本申请实施例的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模 块或步骤制作成单个集成电路模块来实现。这样,本申请实施例不限制于任何特定的硬件和软件结合。Obviously, those skilled in the art should understand that the modules or steps of the embodiments of the present application described above can be implemented by a general computing device, and they can be concentrated on a single computing device or distributed among multiple computing devices. Optionally, they can be implemented with program codes executable by a computing device, so that they can be stored in a storage device for execution by the computing device, and in some cases, can be different from here The steps shown or described are executed in the order of, or they are respectively fabricated into individual integrated circuit modules, or multiple modules or steps of them are fabricated into a single integrated circuit module to achieve. In this way, the embodiments of the present application are not limited to any specific hardware and software combination.
应该理解,以上描述是为了进行图示说明而不是为了进行限制。通过阅读上述描述,在所提供的示例之外的许多实施方式和许多应用对本领域技术人员来说都将是显而易见的。因此,本申请的范围不应该参照上述描述来确定,而是应该参照前述权利要求以及这些权利要求所拥有的等价物的全部范围来确定。It should be understood that the above description is for illustration and not for limitation. By reading the above description, many implementations and many applications beyond the examples provided will be apparent to those skilled in the art. Therefore, the scope of this application should not be determined with reference to the above description, but should be determined with reference to the foregoing claims and the full range of equivalents possessed by these claims.
以上所述仅为本申请的优选实施例而已,并不用于限制本申请,对于本领域的技术人员来说,本申请实施例可以有各种更改和变化。凡在本申请的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。The foregoing descriptions are only preferred embodiments of the present application, and are not intended to limit the present application. For those skilled in the art, the embodiments of the present application may have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this application shall be included in the protection scope of this application.

Claims (12)

  1. 一种安全多方计算的实现方法,其特征在于,包括:A method for implementing secure multi-party computing, characterized in that it includes:
    代理服务器接收第一MPC节点发送的计算请求,其中,所述第一MPC节点为多个MPC节点中的一个MPC节点,所述代理服务器中注册有所述多个MPC节点中各MPC节点的回调函数;The proxy server receives the calculation request sent by the first MPC node, where the first MPC node is one of the multiple MPC nodes, and the proxy server is registered with the callback of each MPC node of the multiple MPC nodes function;
    响应于所述计算请求,所述代理服务器通过调用各MPC节点的回调函数向各MPC节点发送所述计算请求;In response to the calculation request, the proxy server sends the calculation request to each MPC node by calling the callback function of each MPC node;
    在确定所述各MPC节点均接收到所述计算请求的情况下,所述代理服务器通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,其中,所述计算开始通知用于指示所述各MPC节点执行安全多方计算。When it is determined that each MPC node has received the calculation request, the proxy server sends a calculation start notification to each MPC node by calling the callback function of each MPC node, wherein the calculation start notification is used to indicate Each MPC node described above performs secure multi-party computation.
  2. 根据权利要求1所述的方法,其特征在于,所述代理服务器注册所述多个MPC节点中各MPC节点的回调函数,包括:The method according to claim 1, wherein the proxy server registering the callback function of each of the multiple MPC nodes comprises:
    所述代理服务器接收所述多个MPC节点中各MPC节点发送的回调注册请求,所述回调注册请求中携带有对应MPC节点的用户信息和回调函数,所述用户信息用于标识对应MPC节点;The proxy server receives a callback registration request sent by each MPC node of the multiple MPC nodes, where the callback registration request carries user information and a callback function corresponding to the MPC node, and the user information is used to identify the corresponding MPC node;
    响应于所述回调注册请求,所述代理服务器对所述多个MPC节点中各MPC节点的用户信息和回调函数进行注册。In response to the callback registration request, the proxy server registers the user information and the callback function of each MPC node among the multiple MPC nodes.
  3. 根据权利要求2所述的方法,其特征在于,所述用户信息包括以下至少之一:用户ID、任务ID、端口ID、公钥和分配密码。The method according to claim 2, wherein the user information includes at least one of the following: user ID, task ID, port ID, public key, and distribution password.
  4. 根据权利要求1所述的方法,其特征在于,所述各MPC节点执行安全多方计算,包括:The method according to claim 1, wherein the execution of secure multi-party computation by each MPC node comprises:
    响应于所述计算开始通知,所述各MPC节点之间建立直接连接;In response to the calculation start notification, a direct connection is established between the MPC nodes;
    所述各MPC节点根据预设的MPC协议执行安全多方计算,其中,所述各MPC节点之间直接传输计算中间数据。Each MPC node executes secure multi-party calculation according to a preset MPC protocol, wherein the intermediate data for calculation is directly transmitted between each MPC node.
  5. 根据权利要求1所述的方法,其特征在于,所述各MPC节点执行安全多方计算,包括:The method according to claim 1, wherein the execution of secure multi-party computation by each MPC node comprises:
    响应于所述计算开始通知,所述各MPC节点之间通过所述代理服务器建立间接连接;In response to the calculation start notification, the MPC nodes establish an indirect connection through the proxy server;
    所述各MPC节点根据预设的MPC协议执行安全多方计算,其中,所述各MPC节点之间通过所述代理服务器转发计算中间数据。Each MPC node executes secure multi-party calculation according to a preset MPC protocol, wherein the intermediate data of calculation is forwarded between each MPC node through the proxy server.
  6. 根据权利要求5所述的方法,其特征在于,所述代理服务器转发计算中间数据,包括:The method according to claim 5, wherein the forwarding of intermediate calculation data by the proxy server comprises:
    所述代理服务器接收第二MPC节点发送的加密后的计算中间数据,其中,所述加密后的计算中间数据是由所述第二MPC节点根据第三MPC节点的公钥对计算中间数据进行加密后获得的,所述第二MPC节点和所述第三MPC节点是所述多个MPC节点中的两个MPC节点;The proxy server receives the encrypted intermediate calculation data sent by the second MPC node, where the encrypted intermediate calculation data is encrypted by the second MPC node according to the public key of the third MPC node Obtained later, the second MPC node and the third MPC node are two MPC nodes of the multiple MPC nodes;
    所述代理服务器通过调用所述第三MPC节点的回调函数将接收到的加密后的计算中间数据发送至所述第三MPC节点,其中,所述第三MPC节点根据自身的私钥对接收到的计算中间数据进行解密,以获取解密后的计算中间数据。The proxy server sends the received encrypted intermediate calculation data to the third MPC node by calling the callback function of the third MPC node, where the third MPC node receives the data according to its own private key pair The intermediate calculation data is decrypted to obtain the intermediate calculation data after decryption.
  7. 根据权利要求1所述的方法,其特征在于,在所述各MPC节点执行安全多方计算之后,还包括:The method according to claim 1, wherein after each MPC node executes secure multi-party calculation, the method further comprises:
    所述代理服务器接收第四MPC节点发送的结果分发请求,其中,所述第四MPC节点为所述各MPC节点中的获得计算结果的MPC节点;Receiving, by the proxy server, a result distribution request sent by a fourth MPC node, where the fourth MPC node is an MPC node that obtains a calculation result among the MPC nodes;
    响应于所述结果分发请求,所述代理服务器对所述计算结果进行分发。In response to the result distribution request, the proxy server distributes the calculation result.
  8. 根据权利要求7所述的方法,其特征在于,在所述代理服务器接收第四MPC节点发送的结果分发请求之前,还包括:The method according to claim 7, wherein before the proxy server receives the result distribution request sent by the fourth MPC node, the method further comprises:
    所述第四MPC节点确定是否要对获得的计算结果进行分发;The fourth MPC node determines whether to distribute the obtained calculation result;
    在确定要对获得的计算结果进行分发的情况下,所述第四MPC节点向所述代理服务器发送结果分发请求,所述结果分发请求中携带有所述计算结果。When it is determined that the obtained calculation result is to be distributed, the fourth MPC node sends a result distribution request to the proxy server, and the result distribution request carries the calculation result.
  9. 根据权利要求1至8中任一项所述的方法,其特征在于,所述代理服务器经由防火墙接收所述多个MPC节点发送的数据和/或请求,并经由所述防火墙向所述多个MPC节点发送数据和/或请求。The method according to any one of claims 1 to 8, wherein the proxy server receives data and/or requests sent by the multiple MPC nodes via a firewall, and sends the data and/or requests to the multiple MPC nodes via the firewall. The MPC node sends data and/or requests.
  10. 一种安全多方计算的实现装置,其特征在于,位于代理服务器中,包括:A device for realizing secure multi-party computing is characterized in that it is located in a proxy server and includes:
    接收模块,用于接收第一MPC节点发送的计算请求,其中,所述第一MPC节点为多个MPC节点中的一个MPC节点,所述代理服务器中注册有所述多个MPC节点中各MPC节点的回调函数;The receiving module is configured to receive a calculation request sent by a first MPC node, where the first MPC node is one MPC node among multiple MPC nodes, and each MPC of the multiple MPC nodes is registered in the proxy server The callback function of the node;
    第一回调模块,用于响应于所述计算请求,通过调用各MPC节点的回调函数向各MPC节点发送所述计算请求;The first callback module is configured to send the calculation request to each MPC node by calling the callback function of each MPC node in response to the calculation request;
    第二回调模块,用于在确定所述各MPC节点均接收到所述计算请求的情况下,通过调用各MPC节点的回调函数向各MPC节点发送计算开始通知,其中,所述计算开始 通知用于指示所述各MPC节点执行安全多方计算。The second callback module is configured to send a calculation start notification to each MPC node by calling the callback function of each MPC node when it is determined that each MPC node has received the calculation request, wherein the calculation start notification is used for Instruct each MPC node to perform secure multi-party computation.
  11. 一种计算机设备,其特征在于,包括处理器以及用于存储处理器可执行指令的存储器,所述处理器执行所述指令时实现权利要求1至9中任一项所述方法的步骤。A computer device, characterized by comprising a processor and a memory for storing executable instructions of the processor, the processor implementing the steps of the method in any one of claims 1 to 9 when the processor executes the instructions.
  12. 一种计算机可读存储介质,其上存储有计算机指令,其特征在于,所述指令被执行时实现权利要求1至9中任一项所述方法的步骤。A computer-readable storage medium having computer instructions stored thereon, characterized in that, when the instructions are executed, the steps of the method according to any one of claims 1 to 9 are realized.
PCT/CN2019/085940 2019-05-08 2019-05-08 Method and apparatus for implementing secure multi-party computation, and computer device and storage medium WO2020223917A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/085940 WO2020223917A1 (en) 2019-05-08 2019-05-08 Method and apparatus for implementing secure multi-party computation, and computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/085940 WO2020223917A1 (en) 2019-05-08 2019-05-08 Method and apparatus for implementing secure multi-party computation, and computer device and storage medium

Publications (1)

Publication Number Publication Date
WO2020223917A1 true WO2020223917A1 (en) 2020-11-12

Family

ID=73051256

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/085940 WO2020223917A1 (en) 2019-05-08 2019-05-08 Method and apparatus for implementing secure multi-party computation, and computer device and storage medium

Country Status (1)

Country Link
WO (1) WO2020223917A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013001021A1 (en) * 2011-06-28 2013-01-03 Nec Europe Ltd. Method and system for obtaining a result of a joint public function for a plurality of parties
US9449177B1 (en) * 2013-03-13 2016-09-20 Hrl Laboratories, Llc General protocol for proactively secure computation
CN108809623A (en) * 2018-07-10 2018-11-13 矩阵元技术(深圳)有限公司 Multi-party computations method, apparatus and system
CN109714165A (en) * 2019-02-28 2019-05-03 矩阵元技术(深圳)有限公司 The key management method and electronic equipment of each self-generating key components of client

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013001021A1 (en) * 2011-06-28 2013-01-03 Nec Europe Ltd. Method and system for obtaining a result of a joint public function for a plurality of parties
US9449177B1 (en) * 2013-03-13 2016-09-20 Hrl Laboratories, Llc General protocol for proactively secure computation
CN108809623A (en) * 2018-07-10 2018-11-13 矩阵元技术(深圳)有限公司 Multi-party computations method, apparatus and system
CN109714165A (en) * 2019-02-28 2019-05-03 矩阵元技术(深圳)有限公司 The key management method and electronic equipment of each self-generating key components of client

Similar Documents

Publication Publication Date Title
US10389694B2 (en) System and method for non-replayable communication sessions
CN103534975B (en) The security association for key management is found according to public-key cryptography
US20170149748A1 (en) Secure Group Messaging and Data Steaming
CN110175461A (en) Implementation method, device, computer equipment and the storage medium of multi-party computations
CN111404950B (en) Information sharing method and device based on block chain network and related equipment
MX2012015175A (en) System and method for secure messaging in a hybrid peer-to-peer net work.
CN109981576B (en) Key migration method and device
US10855846B1 (en) Encrypting multiple party calls
WO2024093426A1 (en) Federated machine learning-based model training method and apparatus
WO2020168546A1 (en) Secret key migration method and apparatus
CN109995739A (en) A kind of information transferring method, client, server and storage medium
WO2020237453A1 (en) Method and apparatus for implementing secure multi-party computation, computer device, and storage medium
US11470065B2 (en) Protection of private data using an enclave cluster
US10785025B1 (en) Synchronization of key management services with cloud services
US20240064143A1 (en) Methods, mediums, and systems for verifying devices in an encrypted messaging system
CN109391650B (en) Method and device for establishing session
CN111709053A (en) Operation method and operation device based on loose coupling transaction network
US10686844B2 (en) Trusted group identification code
WO2020223917A1 (en) Method and apparatus for implementing secure multi-party computation, and computer device and storage medium
US20220407689A1 (en) Key sharing for media frames using blockchain
CN110247960B (en) Method and device for realizing secure multi-party computation, computer equipment and storage medium
CN114286294A (en) Delivering notifications to mobile devices
KR101785385B1 (en) Method of managing network route and network entity enabling the method
US20210306442A1 (en) Adding or removing members from confederate rings
CN114765595B (en) Chat message display method, chat message sending device, electronic equipment and media

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19927673

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19927673

Country of ref document: EP

Kind code of ref document: A1